Initialize an empty password for NSS databases (so that the databases...

base/nss_init.cc

 // Copyright (c) 2008 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "base/nss_init.h"
 
 #include <nss.h>
 #include <plarena.h>
 #include <prerror.h>
 #include <prinit.h>
 
 // Work around https://bugzilla.mozilla.org/show_bug.cgi?id=455424
 // until NSS 3.12.2 comes out and we update to it.
 #define Lock FOO_NSS_Lock
+#include <pk11pub.h>
 #include <secmod.h>
 #include <ssl.h>
 #undef Lock
 
 #include "base/file_util.h"
 #include "base/logging.h"
 #include "base/singleton.h"
 #include "base/string_util.h"
 
 namespace {
@@ skipping 46 matching lines @@
     }
     if (status != SECSuccess) {
       char buffer[513] = "Couldn't retrieve error";
       PRInt32 err_length = PR_GetErrorTextLength();
       if (err_length > 0 && static_cast<size_t>(err_length) < sizeof(buffer))
         PR_GetErrorText(buffer);
 
       NOTREACHED() << "Error initializing NSS: " << buffer;
     }
 
+    // If we haven't initialized the password for the NSS databases,
+    // initialize an empty-string password so that we don't need to
+    // log in.
+    PK11SlotInfo* slot = PK11_GetInternalKeySlot();
+    if (slot) {
+      if (PK11_NeedUserInit(slot))
+        PK11_InitPin(slot, NULL, NULL);
+      PK11_FreeSlot(slot);
+    }
+
     root_ = InitDefaultRootCerts();
 
     NSS_SetDomesticPolicy();
 
     // Explicitly enable exactly those ciphers with keys of at least 80 bits
     for (int i = 0; i < SSL_NumImplementedCiphers; i++) {
       SSLCipherSuiteInfo info;
       if (SSL_GetCipherSuiteInfo(SSL_ImplementedCiphers[i], &info,
                                  sizeof(info)) == SECSuccess) {
         SSL_CipherPrefSetDefault(SSL_ImplementedCiphers[i],
@@ skipping 35 matching lines @@
 
 }  // namespace
 
 namespace base {
 
 void EnsureNSSInit() {
   Singleton<NSSInitSingleton>::get();
 }
 
 }  // namespace base