Chromium Code Reviews Chromium Code Reviews
Issue 206453002:
Introduce USE_OPENSSL_CERTS for certificate handling. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| Index: build/common.gypi |
| diff --git a/build/common.gypi b/build/common.gypi |
| index 0d39d941c7dc45f851270854b1b41f2e18f9fa0b..fa0c7ce3badc325bafd5322b6376e516ee79ab6b 100644 |
| --- a/build/common.gypi |
| +++ b/build/common.gypi |
| @@ -47,9 +47,16 @@ |
| # Whether we are using Views Toolkit |
| 'toolkit_views%': 0, |
| - # Use OpenSSL instead of NSS. Under development: see http://crbug.com/62803 |
| + # Use OpenSSL instead of NSS as underlying SSL protocol. |
|
wtc
2014/03/25 17:18:28
Nit: "protocol" should be changed to "implementati
haavardm
2014/03/26 12:25:18
Done.
haavardm
2014/03/26 12:25:18
Done.
|
| + # Certificate verification will in most cases be handled by the OS. |
| + # If openssl also is used for certificate verification, or the OS |
| + # uses OpenSSLL's struct X509 to represent certificates, |
|
wtc
2014/03/25 17:18:28
Typo: "OpenSSLL" has an extra L.
I think the "ope
haavardm
2014/03/26 12:25:18
Done.
|
| + # use_openssl_certs must be set. |
| 'use_openssl%': 0, |
| + # Typedef fX509Certificate::OSCertHandle to OpenSSL's struct X509*. |
|
wtc
2014/03/25 17:18:28
Remove the "f" before "X509Certificate".
haavardm
2014/03/26 12:25:18
Done.
|
| + 'use_openssl_certs%': 0, |
| + |
| # Disable viewport meta tag by default. |
| 'enable_viewport%': 0, |
| @@ -124,6 +131,7 @@ |
| 'use_ozone%': '<(use_ozone)', |
| 'embedded%': '<(embedded)', |
| 'use_openssl%': '<(use_openssl)', |
| + 'use_openssl_certs%': '<(use_openssl_certs)', |
| 'use_system_fontconfig%': '<(use_system_fontconfig)', |
| 'enable_viewport%': '<(enable_viewport)', |
| 'enable_hidpi%': '<(enable_hidpi)', |
| @@ -247,6 +255,7 @@ |
| 'use_clipboard_aurax11%': '<(use_clipboard_aurax11)', |
| 'embedded%': '<(embedded)', |
| 'use_openssl%': '<(use_openssl)', |
| + 'use_openssl_certs%': '<(use_openssl_certs)', |
| 'use_system_fontconfig%': '<(use_system_fontconfig)', |
| 'enable_viewport%': '<(enable_viewport)', |
| 'enable_hidpi%': '<(enable_hidpi)', |
| @@ -554,6 +563,14 @@ |
| 'use_nss%': 0, |
| }], |
| + # When OpenSSL is used for SSL and crypto on unix like systems, use |
|
wtc
2014/03/25 17:18:28
Nit: unix like => Unix-like
haavardm
2014/03/26 12:25:18
Done.
|
| + # OpenSSL's certificate definition. |
| + ['(OS=="linux" or OS=="freebsd" or OS=="openbsd" or OS=="solaris") and use_openssl==1', { |
| + 'use_openssl_certs%': 1, |
| + }, { |
| + 'use_openssl_certs%': 0, |
| + }], |
| + |
| # libudev usage. This currently only affects the content layer. |
| ['OS=="linux" and embedded==0', { |
| 'use_udev%': 1, |
| @@ -916,6 +933,7 @@ |
| 'use_cras%': '<(use_cras)', |
| 'use_mojo%': '<(use_mojo)', |
| 'use_openssl%': '<(use_openssl)', |
| + 'use_openssl_certs%': '<(use_openssl_certs)', |
| 'use_nss%': '<(use_nss)', |
| 'use_udev%': '<(use_udev)', |
| 'os_bsd%': '<(os_bsd)', |
| @@ -1538,6 +1556,7 @@ |
| # Always uses openssl. |
| 'use_openssl%': 1, |
| + 'use_openssl_certs%': 1, |
| 'proprietary_codecs%': '<(proprietary_codecs)', |
| 'safe_browsing%': 2, |
| @@ -2567,6 +2586,9 @@ |
| ['<(use_openssl)==1 or >(nacl_untrusted_build)==1', { |
| 'defines': ['USE_OPENSSL=1'], |
| }], |
| + ['<(use_openssl_certs)==1 or >(nacl_untrusted_build)==1', { |
| + 'defines': ['USE_OPENSSL_CERTS=1'], |
| + }], |
|
wtc
2014/03/25 17:18:28
It seems clearer to rewrite these two as follows:
haavardm
2014/03/26 12:25:18
Done.
|
| ['<(use_nss)==1 and >(nacl_untrusted_build)==0', { |
| 'defines': ['USE_NSS=1'], |
| }], |
