Index: base/nss_util.cc |
diff --git a/base/nss_util.cc b/base/nss_util.cc |
index 580fb60a22c181ba5d8e3715e914475cd194dfe3..5e98e0b38aef9fbbed0324b3ddda7c44e56e5362 100644 |
--- a/base/nss_util.cc |
+++ b/base/nss_util.cc |
@@ -29,6 +29,7 @@ |
// use NSS for crypto or certificate verification, and we don't use the NSS |
// certificate and key databases. |
#if defined(USE_NSS) |
+#include "base/crypto/pk11_blocking_password_delegate.h" |
#include "base/environment.h" |
#include "base/lock.h" |
#include "base/scoped_ptr.h" |
@@ -69,6 +70,24 @@ FilePath GetInitialConfigDirectory() { |
#endif // defined(OS_CHROMEOS) |
} |
+// This callback for NSS forwards all requests to a caller-specified |
+// PK11BlockingPasswordDelegate object. |
+char* PK11PasswordFunc(PK11SlotInfo* slot, PRBool retry, void* arg) { |
+ base::PK11BlockingPasswordDelegate* delegate = |
+ reinterpret_cast<base::PK11BlockingPasswordDelegate*>(arg); |
+ if (delegate) { |
+ bool cancelled = false; |
+ std::string password = delegate->RequestPassword(PK11_GetTokenName(slot), |
+ retry != PR_FALSE, |
+ &cancelled); |
+ if (cancelled) |
+ return NULL; |
+ return PL_strdup(password.c_str()); |
wtc
2010/12/15 20:54:36
BUG: use PORT_Strdup instead of PL_strdup because
mattm
2011/01/12 01:22:07
Done.
|
+ } |
+ DLOG(ERROR) << "PK11 password requested with NULL arg"; |
+ return NULL; |
+} |
+ |
// NSS creates a local cache of the sqlite database if it detects that the |
// filesystem the database is on is much slower than the local disk. The |
// detection doesn't work with the latest versions of sqlite, such as 3.6.22 |
@@ -247,6 +266,8 @@ class NSSInitSingleton { |
} |
} |
+ PK11_SetPasswordFunc(PK11PasswordFunc); |
+ |
// If we haven't initialized the password for the NSS databases, |
// initialize an empty-string password so that we don't need to |
// log in. |