OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "crypto/nss_util.h" | 5 #include "crypto/nss_util.h" |
6 | 6 |
7 #include <nss.h> | 7 #include <nss.h> |
8 #include <pk11pub.h> | 8 #include <pk11pub.h> |
9 #include <plarena.h> | 9 #include <plarena.h> |
10 #include <prerror.h> | 10 #include <prerror.h> |
(...skipping 652 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
663 : tpm_token_enabled_for_nss_(false), | 663 : tpm_token_enabled_for_nss_(false), |
664 initializing_tpm_token_(false), | 664 initializing_tpm_token_(false), |
665 chaps_module_(nullptr), | 665 chaps_module_(nullptr), |
666 root_(nullptr) { | 666 root_(nullptr) { |
667 // It's safe to construct on any thread, since LazyInstance will prevent any | 667 // It's safe to construct on any thread, since LazyInstance will prevent any |
668 // other threads from accessing until the constructor is done. | 668 // other threads from accessing until the constructor is done. |
669 thread_checker_.DetachFromThread(); | 669 thread_checker_.DetachFromThread(); |
670 | 670 |
671 EnsureNSPRInit(); | 671 EnsureNSPRInit(); |
672 | 672 |
673 // We *must* have NSS >= 3.14.3. | 673 // We *must* have NSS >= 3.26 at compile time. |
674 static_assert( | 674 static_assert((NSS_VMAJOR == 3 && NSS_VMINOR >= 26) || (NSS_VMAJOR > 3), |
675 (NSS_VMAJOR == 3 && NSS_VMINOR == 14 && NSS_VPATCH >= 3) || | 675 "nss version check failed"); |
676 (NSS_VMAJOR == 3 && NSS_VMINOR > 14) || | |
677 (NSS_VMAJOR > 3), | |
678 "nss version check failed"); | |
679 // Also check the run-time NSS version. | 676 // Also check the run-time NSS version. |
680 // NSS_VersionCheck is a >= check, not strict equality. | 677 // NSS_VersionCheck is a >= check, not strict equality. |
681 if (!NSS_VersionCheck("3.14.3")) { | 678 if (!NSS_VersionCheck("3.26")) { |
682 LOG(FATAL) << "NSS_VersionCheck(\"3.14.3\") failed. NSS >= 3.14.3 is " | 679 LOG(FATAL) << "NSS_VersionCheck(\"3.26\") failed. NSS >= 3.26 is " |
683 "required. Please upgrade to the latest NSS, and if you " | 680 "required. Please upgrade to the latest NSS, and if you " |
684 "still get this error, contact your distribution " | 681 "still get this error, contact your distribution " |
685 "maintainer."; | 682 "maintainer."; |
686 } | 683 } |
687 | 684 |
688 SECStatus status = SECFailure; | 685 SECStatus status = SECFailure; |
689 base::FilePath database_dir = GetInitialConfigDirectory(); | 686 base::FilePath database_dir = GetInitialConfigDirectory(); |
690 if (!database_dir.empty()) { | 687 if (!database_dir.empty()) { |
691 // This duplicates the work which should have been done in | 688 // This duplicates the work which should have been done in |
692 // EarlySetupForNSSInit. However, this function is idempotent so | 689 // EarlySetupForNSSInit. However, this function is idempotent so |
(...skipping 282 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
975 return time.ToInternalValue() - base::Time::UnixEpoch().ToInternalValue(); | 972 return time.ToInternalValue() - base::Time::UnixEpoch().ToInternalValue(); |
976 } | 973 } |
977 | 974 |
978 #if !defined(OS_CHROMEOS) | 975 #if !defined(OS_CHROMEOS) |
979 PK11SlotInfo* GetPersistentNSSKeySlot() { | 976 PK11SlotInfo* GetPersistentNSSKeySlot() { |
980 return g_nss_singleton.Get().GetPersistentNSSKeySlot(); | 977 return g_nss_singleton.Get().GetPersistentNSSKeySlot(); |
981 } | 978 } |
982 #endif | 979 #endif |
983 | 980 |
984 } // namespace crypto | 981 } // namespace crypto |
OLD | NEW |