Index: base/nss_util.h |
diff --git a/base/nss_util.h b/base/nss_util.h |
index 94a81cbd233cba829562342ce743dd72e92a479b..a9a27091369644511d2922c346f95fff5fc07f9a 100644 |
--- a/base/nss_util.h |
+++ b/base/nss_util.h |
@@ -7,6 +7,10 @@ |
#include "base/basictypes.h" |
+#if defined(USE_NSS) |
+class Lock; |
+#endif // defined(USE_NSS) |
wtc
2010/06/21 22:40:53
Nit: two spaces before the comment. See the Style
davidben
2010/06/22 02:54:56
Done.
|
+ |
// This file specifically doesn't depend on any NSS or NSPR headers because it |
// is included by various (non-crypto) parts of chrome to call the |
// initialization functions. |
@@ -33,6 +37,30 @@ void OpenPersistentNSSDB(); |
// We use a int64 instead of PRTime here to avoid depending on NSPR headers. |
Time PRTimeToBaseTime(int64 prtime); |
+#if defined(USE_NSS) |
+// NSS has a bug which can cause a deadlock or stall in some cases when writing |
+// to the certDB. It also has a bug which causes concurrent key pair |
+// generations to scribble over each other. To work around this, we synchronize |
+// writes to the NSS databases with a global lock. The lock is hidden beneath a |
+// function for easy disabling when the bug is fixed. Callers should allow for |
+// it to return NULL in the future. |
+// |
+// See https://bugzilla.mozilla.org/show_bug.cgi?id=564011 |
+Lock* GetNSSWriteLock(); |
+ |
+// A helper class that acquires the NSS write Lock while the AutoNSSWriteLock |
+// is in scope. |
+class AutoNSSWriteLock { |
+ public: |
+ AutoNSSWriteLock(); |
+ ~AutoNSSWriteLock(); |
+ private: |
+ Lock *lock_; |
+ DISALLOW_COPY_AND_ASSIGN(AutoNSSWriteLock); |
+}; |
+ |
+#endif // defined(USE_NSS) |
davidben
2010/06/22 02:54:56
Also added a space here.
|
+ |
} // namespace base |
#endif // BASE_NSS_UTIL_H_ |