| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "crypto/nss_util.h" | 5 #include "crypto/nss_util.h" |
| 6 | 6 |
| 7 #include <nss.h> | 7 #include <nss.h> |
| 8 #include <pk11pub.h> | 8 #include <pk11pub.h> |
| 9 #include <plarena.h> | 9 #include <plarena.h> |
| 10 #include <prerror.h> | 10 #include <prerror.h> |
| (...skipping 652 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 663 : tpm_token_enabled_for_nss_(false), | 663 : tpm_token_enabled_for_nss_(false), |
| 664 initializing_tpm_token_(false), | 664 initializing_tpm_token_(false), |
| 665 chaps_module_(nullptr), | 665 chaps_module_(nullptr), |
| 666 root_(nullptr) { | 666 root_(nullptr) { |
| 667 // It's safe to construct on any thread, since LazyInstance will prevent any | 667 // It's safe to construct on any thread, since LazyInstance will prevent any |
| 668 // other threads from accessing until the constructor is done. | 668 // other threads from accessing until the constructor is done. |
| 669 thread_checker_.DetachFromThread(); | 669 thread_checker_.DetachFromThread(); |
| 670 | 670 |
| 671 EnsureNSPRInit(); | 671 EnsureNSPRInit(); |
| 672 | 672 |
| 673 // We *must* have NSS >= 3.14.3. | 673 // We *must* have NSS >= 3.26 at compile time. |
| 674 static_assert( | 674 static_assert((NSS_VMAJOR == 3 && NSS_VMINOR >= 26) || (NSS_VMAJOR > 3), |
| 675 (NSS_VMAJOR == 3 && NSS_VMINOR == 14 && NSS_VPATCH >= 3) || | 675 "nss version check failed"); |
| 676 (NSS_VMAJOR == 3 && NSS_VMINOR > 14) || | |
| 677 (NSS_VMAJOR > 3), | |
| 678 "nss version check failed"); | |
| 679 // Also check the run-time NSS version. | 676 // Also check the run-time NSS version. |
| 680 // NSS_VersionCheck is a >= check, not strict equality. | 677 // NSS_VersionCheck is a >= check, not strict equality. |
| 681 if (!NSS_VersionCheck("3.14.3")) { | 678 if (!NSS_VersionCheck("3.26")) { |
| 682 LOG(FATAL) << "NSS_VersionCheck(\"3.14.3\") failed. NSS >= 3.14.3 is " | 679 LOG(FATAL) << "NSS_VersionCheck(\"3.26\") failed. NSS >= 3.26 is " |
| 683 "required. Please upgrade to the latest NSS, and if you " | 680 "required. Please upgrade to the latest NSS, and if you " |
| 684 "still get this error, contact your distribution " | 681 "still get this error, contact your distribution " |
| 685 "maintainer."; | 682 "maintainer."; |
| 686 } | 683 } |
| 687 | 684 |
| 688 SECStatus status = SECFailure; | 685 SECStatus status = SECFailure; |
| 689 base::FilePath database_dir = GetInitialConfigDirectory(); | 686 base::FilePath database_dir = GetInitialConfigDirectory(); |
| 690 if (!database_dir.empty()) { | 687 if (!database_dir.empty()) { |
| 691 // This duplicates the work which should have been done in | 688 // This duplicates the work which should have been done in |
| 692 // EarlySetupForNSSInit. However, this function is idempotent so | 689 // EarlySetupForNSSInit. However, this function is idempotent so |
| (...skipping 282 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 975 return time.ToInternalValue() - base::Time::UnixEpoch().ToInternalValue(); | 972 return time.ToInternalValue() - base::Time::UnixEpoch().ToInternalValue(); |
| 976 } | 973 } |
| 977 | 974 |
| 978 #if !defined(OS_CHROMEOS) | 975 #if !defined(OS_CHROMEOS) |
| 979 PK11SlotInfo* GetPersistentNSSKeySlot() { | 976 PK11SlotInfo* GetPersistentNSSKeySlot() { |
| 980 return g_nss_singleton.Get().GetPersistentNSSKeySlot(); | 977 return g_nss_singleton.Get().GetPersistentNSSKeySlot(); |
| 981 } | 978 } |
| 982 #endif | 979 #endif |
| 983 | 980 |
| 984 } // namespace crypto | 981 } // namespace crypto |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2721373002:
Uprev NSS requirement on Linux to 3.26 (Closed)
