From: Hans Petter Jansson Wolfgang Rosenauer Subject: use libnsssharedhelper if available at compile time (can be disabled by exporting MOZ_XRE_NO_NSSHELPER=1) References: diff --git a/config/autoconf.mk.in b/config/autoconf.mk.in --- a/config/autoconf.mk.in +++ b/config/autoconf.mk.in @@ -582,16 +582,20 @@ MOZ_ALSA_LIBS = @MOZ_ALSA_LIBS GLIB_CFLAGS = @GLIB_CFLAGS@ GLIB_LIBS = @GLIB_LIBS@ GLIB_GMODULE_LIBS = @GLIB_GMODULE_LIBS@ LIBIDL_CFLAGS = @LIBIDL_CFLAGS@ LIBIDL_LIBS = @LIBIDL_LIBS@ STATIC_LIBIDL = @STATIC_LIBIDL@ +MOZ_ENABLE_NSSHELPER = @MOZ_ENABLE_NSSHELPER@ +NSSHELPER_CFLAGS = @NSSHELPER_CFLAGS@ +NSSHELPER_LIBS = @NSSHELPER_LIBS@ + MOZ_NATIVE_MAKEDEPEND = @SYSTEM_MAKEDEPEND@ export CL_INCLUDES_PREFIX = @CL_INCLUDES_PREFIX@ MOZ_AUTO_DEPS = @MOZ_AUTO_DEPS@ COMPILER_DEPEND = @COMPILER_DEPEND@ MDDEPDIR := @MDDEPDIR@ CC_WRAPPER = @CC_WRAPPER@ diff --git a/configure.in b/configure.in --- a/configure.in +++ b/configure.in @@ -8507,16 +8507,31 @@ AC_SUBST(QCMS_LIBS) dnl ======================================================== dnl HarfBuzz dnl ======================================================== MOZ_HARFBUZZ_LIBS='$(DEPTH)/gfx/harfbuzz/src/$(LIB_PREFIX)mozharfbuzz.$(LIB_SUFFIX)' AC_SUBST(MOZ_HARFBUZZ_LIBS) dnl ======================================================== +dnl Check for nss-shared-helper +dnl ======================================================== + + PKG_CHECK_MODULES(NSSHELPER, nss-shared-helper, + [MOZ_ENABLE_NSSHELPER=1], + [MOZ_ENABLE_NSSHELPER=]) + +if test "$MOZ_ENABLE_NSSHELPER"; then + AC_DEFINE(MOZ_ENABLE_NSSHELPER) +fi +AC_SUBST(MOZ_ENABLE_NSSHELPER) +AC_SUBST(NSSHELPER_CFLAGS) +AC_SUBST(NSSHELPER_LIBS) + +dnl ======================================================== dnl OTS dnl ======================================================== MOZ_OTS_LIBS='$(DEPTH)/gfx/ots/src/$(LIB_PREFIX)mozots.$(LIB_SUFFIX)' AC_SUBST(MOZ_OTS_LIBS) dnl ======================================================== dnl disable xul dnl ======================================================== diff --git a/security/manager/ssl/src/Makefile.in b/security/manager/ssl/src/Makefile.in --- a/security/manager/ssl/src/Makefile.in +++ b/security/manager/ssl/src/Makefile.in @@ -114,19 +114,20 @@ CSRCS += md4.c EXTRA_DEPS = $(NSS_DEP_LIBS) DEFINES += -DNSS_ENABLE_ECC # Use local includes because they are inserted before INCLUDES # so that Mozilla's nss.h is used, not glibc's -LOCAL_INCLUDES += $(NSS_CFLAGS) +LOCAL_INCLUDES += $(NSS_CFLAGS) $(NSSHELPER_CFLAGS) EXTRA_DSO_LDOPTS += \ $(MOZ_UNICHARUTIL_LIBS) \ $(MOZ_COMPONENT_LIBS) \ $(MOZ_JS_LIBS) \ + $(NSSHELPER_LIBS) \ $(NSS_LIBS) \ $(NULL) include $(topsrcdir)/config/rules.mk diff --git a/security/manager/ssl/src/nsNSSComponent.cpp b/security/manager/ssl/src/nsNSSComponent.cpp --- a/security/manager/ssl/src/nsNSSComponent.cpp +++ b/security/manager/ssl/src/nsNSSComponent.cpp @@ -39,16 +39,23 @@ * use your version of this file under the terms of the MPL, indicate your * decision by deleting the provisions above and replace them with the notice * and other provisions required by the GPL or the LGPL. If you do not delete * the provisions above, a recipient may use your version of this file under * the terms of any one of the MPL, the GPL or the LGPL. * * ***** END LICENSE BLOCK ***** */ +#ifdef MOZ_ENABLE_NSSHELPER +#pragma GCC visibility push(default) +#include +#pragma GCC visibility pop +#include "prenv.h" +#endif + #include "nsNSSComponent.h" #include "nsNSSCallbacks.h" #include "nsNSSIOLayer.h" #include "nsSSLThread.h" #include "nsCertVerificationThread.h" #include "nsNetUtil.h" #include "nsAppDirectoryServiceDefs.h" @@ -1733,18 +1740,34 @@ nsNSSComponent::InitializeNSS(PRBool sho ConfigureInternalPKCS11Token(); // The NSS_INIT_NOROOTINIT flag turns off the loading of the root certs // module by NSS_Initialize because we will load it in InstallLoadableRoots // later. It also allows us to work around a bug in the system NSS in // Ubuntu 8.04, which loads any nonexistent "/libnssckbi.so" as // "/usr/lib/nss/libnssckbi.so". PRUint32 init_flags = NSS_INIT_NOROOTINIT | NSS_INIT_OPTIMIZESPACE; - SECStatus init_rv = ::NSS_Initialize(profileStr.get(), "", "", - SECMOD_DB, init_flags); + SECStatus init_rv = SECFailure; +#ifdef MOZ_ENABLE_NSSHELPER + if (PR_GetEnv("MOZ_XRE_NO_NSSHELPER")) { + init_rv = ::NSS_Initialize(profileStr.get(), "", "", + SECMOD_DB, init_flags); + } else { + init_rv = ::nsshelp_open_db ("mozilla-xul", profileStr.get(), init_flags); + + if (init_rv != SECSuccess) { + PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("can not init NSS using nsshelp_open_db in %s\n", profileStr.get())); + init_rv = ::NSS_Initialize(profileStr.get(), "", "", + SECMOD_DB, init_flags); + } + } +#else + init_rv = ::NSS_Initialize(profileStr.get(), "", "", + SECMOD_DB, init_flags); +#endif if (init_rv != SECSuccess) { PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("can not init NSS r/w in %s\n", profileStr.get())); if (supress_warning_preference) { which_nss_problem = problem_none; } else { diff --git a/toolkit/library/Makefile.in b/toolkit/library/Makefile.in --- a/toolkit/library/Makefile.in +++ b/toolkit/library/Makefile.in @@ -139,17 +139,17 @@ ifdef MOZ_DEBUG EXTRA_DSO_LDOPTS += -INCREMENTAL:NO endif endif EXTRA_DSO_LDOPTS += $(LIBS_DIR) $(EXTRA_DSO_LIBS) DEFINES += -DIMPL_XREAPI -EXTRA_DSO_LDOPTS += $(NSPR_LIBS) $(MOZALLOC_LIB) +EXTRA_DSO_LDOPTS += $(NSPR_LIBS) $(MOZALLOC_LIB) $(NSSHELPER_LIBS) ifeq ($(MOZ_WIDGET_TOOLKIT),cocoa) CXXFLAGS += $(TK_CFLAGS) OS_LIBS += \ -framework SystemConfiguration \ -framework QuickTime \ -framework IOKit \ -lcrypto \