| OLD | NEW |
|---|
| (Empty) |
| 1 Name: Network Security Services (NSS) | |
| 2 Short Name: nss | |
| 3 URL: http://www.mozilla.org/projects/security/pki/nss/ | |
| 4 Version: 3.21 | |
| 5 License: MPL 2 | |
| 6 License File: nss/COPYING | |
| 7 Security Critical: yes | |
| 8 | |
| 9 Description: | |
| 10 NSS 3.21 with NSPR 4.11 | |
| 11 | |
| 12 This copy of NSS has been customized for Chromium. NSPR is also put here | |
| 13 rather than in a separate directory to emphasize the fact that Chromium is | |
| 14 using NSPR strictly as an NSS dependency. | |
| 15 | |
| 16 We took a subset of NSS, omitting the SSL and SMIME libraries. | |
| 17 This NSS subset satisfies the dependencies of the NSS SSL library in | |
| 18 src/net/third_party/nss. Do NOT use this copy of NSS on platforms that | |
| 19 have NSS as system libraries, such as Linux. | |
| 20 | |
| 21 The source code was checked out from the mozilla.org CVS or hg repository using | |
| 22 the nspr-checkout.sh and nss-checkout.sh scripts in the scripts directory. | |
| 23 The current source code was checked out with the hg tag NSS_3_21_RTM | |
| 24 and the hg tag NSPR_4_11_RTM. | |
| 25 | |
| 26 Local Modifications: | |
| 27 | |
| 28 We made the following local changes to NSPR. | |
| 29 - patches/nspr-static.patch: to build NSPR as static libraries. See NSPR | |
| 30 bug 533014 (https://bugzilla.mozilla.org/show_bug.cgi?id=533014). | |
| 31 - patches/prcpucfg.h: added to the nspr/pr/include directory. | |
| 32 - patches/nspr-attach-as-system-thread.patch: attach a "foreign" thread | |
| 33 (a thread not created by NSPR) to NSPR as a "system" thread rather than | |
| 34 a "user" thread, which needs to terminate before PR_Cleanup can return. | |
| 35 (The "system" vs. "user" thread distinction comes from Java, and | |
| 36 ultimately from Solaris threads.) This is a workaround for | |
| 37 http://crbug.com/40663. | |
| 38 - patches/nspr-remove-io.patch: Remove IO operations in NSPR to allow NSS | |
| 39 to work in the sandbox. Do not initialize IO when initializing NSPR. | |
| 40 Windows version of NSPR also tried to use getaddrinfo to resolve hostname | |
| 41 in a SSL connection. By removing _PR_HAVE_GETADDRINFO this will force it | |
| 42 to use PR_GetHostByName. Removing _PR_INET6_PROBE will prevent it from | |
| 43 creating an IPv6 socket to probe if IPv6 is there. | |
| 44 DO NOT upstream this patch. | |
| 45 | |
| 46 We made the following local changes to NSS. | |
| 47 | |
| 48 Files Added: | |
| 49 - nss/lib/ckfw/builtins/certdata.c: a generated file. Do an upstream NSS | |
| 50 build and copy the generated certdata.c. | |
| 51 - nss/lib/freebl/nss_build_config_mac.h: a header that defines the target | |
| 52 arch specific configuration macros for lib/freebl on iOS and Mac OS X. | |
| 53 This works around the lack of support for the xcode_settings | |
| 54 GCC_PREPROCESSOR_DEFINITIONS[arch=foo] by the ninja GYP generator | |
| 55 (http://crbug.com/122592). | |
| 56 - nss/lib/freebl/mpi/mpi_arm_mac.c: a wrapper file for mpi_arm.c for iOS | |
| 57 and Mac OS X. This works around the inability to specify target arch | |
| 58 specific source files in Xcode. | |
| 59 | |
| 60 Patches Applied: | |
| 61 - patches/nss-remove-fortezza.patch: remove Fortezza certificate support | |
| 62 from PK11_ImportPublicKey. See NSS bug 668397 | |
| 63 (https://bugzilla.mozilla.org/show_bug.cgi?id=668397). | |
| 64 - patches/nss-urandom-abort.patch: call abort() if NSS cannot read from | |
| 65 /dev/urandom. See Chromium issue 244661 (http://crbug.com/244661). | |
| 66 - patches/nss-static.patch: to build NSS as static libraries and omit | |
| 67 libpkix (the new certification path validation library) and | |
| 68 softoken/legacydb (support for the old Berkeley DB databases). See NSS | |
| 69 bug 534471 (https://bugzilla.mozilla.org/show_bug.cgi?id=534471). | |
| 70 | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2078763002:
Delete bundled copy of NSS and replace with README. (Closed)
Base URL: https://chromium.googlesource.com/chromium/deps/nss@master