| Index: net/BUILD.gn
|
| diff --git a/net/BUILD.gn b/net/BUILD.gn
|
| index 76a5cf80ddd19abd68816d1b26439d28c93ee06a..7705add29afd46e9c4c1d2b5d25901ce5e4cb708 100644
|
| --- a/net/BUILD.gn
|
| +++ b/net/BUILD.gn
|
| @@ -192,11 +192,7 @@ component("net") {
|
| "cert/ct_objects_extractor_nss.cc",
|
| "cert/jwk_serializer_nss.cc",
|
| "cert/scoped_nss_types.h",
|
| - "cert/test_root_certs_nss.cc",
|
| "cert/x509_util_nss.cc",
|
| - "cert/x509_util_nss.h",
|
| - "ocsp/nss_ocsp.cc",
|
| - "ocsp/nss_ocsp.h",
|
| "quic/crypto/aead_base_decrypter_nss.cc",
|
| "quic/crypto/aead_base_encrypter_nss.cc",
|
| "quic/crypto/aes_128_gcm_12_decrypter_nss.cc",
|
| @@ -220,23 +216,6 @@ component("net") {
|
| "cert/nss_profile_filter_chromeos.h",
|
| ]
|
| }
|
| - if (is_linux) {
|
| - # These are always removed for non-Linux cases below.
|
| - sources -= [
|
| - "base/crypto_module_nss.cc",
|
| - "base/keygen_handler_nss.cc",
|
| - "cert/cert_database_nss.cc",
|
| - "cert/nss_cert_database.cc",
|
| - "cert/nss_cert_database.h",
|
| - "cert/x509_certificate_nss.cc",
|
| - "third_party/mozilla_security_manager/nsKeygenHandler.cpp",
|
| - "third_party/mozilla_security_manager/nsKeygenHandler.h",
|
| - "third_party/mozilla_security_manager/nsNSSCertificateDB.cpp",
|
| - "third_party/mozilla_security_manager/nsNSSCertificateDB.h",
|
| - "third_party/mozilla_security_manager/nsPKCS12Blob.cpp",
|
| - "third_party/mozilla_security_manager/nsPKCS12Blob.h",
|
| - ]
|
| - }
|
| if (is_ios) {
|
| # Always removed for !ios below.
|
| sources -= [
|
| @@ -247,9 +226,11 @@ component("net") {
|
| if (is_win) {
|
| sources -= [ "cert/sha256_legacy_support_nss_win.cc" ]
|
| }
|
| + if (!use_nss_certs && !is_ios) {
|
| + sources -= [ "cert/x509_util_nss.h" ]
|
| + }
|
| } else {
|
| sources -= [
|
| - "base/crypto_module_openssl.cc",
|
| "cert/ct_log_verifier_openssl.cc",
|
| "cert/ct_objects_extractor_openssl.cc",
|
| "cert/jwk_serializer_openssl.cc",
|
| @@ -272,6 +253,7 @@ component("net") {
|
| "socket/ssl_session_cache_openssl.cc",
|
| "socket/ssl_session_cache_openssl.h",
|
| "ssl/openssl_platform_key.h",
|
| + "ssl/openssl_platform_key_nss.cc",
|
| "ssl/openssl_ssl_util.cc",
|
| "ssl/openssl_ssl_util.h",
|
| ]
|
| @@ -288,6 +270,7 @@ component("net") {
|
|
|
| if (!use_openssl_certs) {
|
| sources -= [
|
| + "base/crypto_module_openssl.cc",
|
| "base/keygen_handler_openssl.cc",
|
| "base/openssl_private_key_store.h",
|
| "base/openssl_private_key_store_memory.cc",
|
| @@ -319,7 +302,9 @@ component("net") {
|
|
|
| if (is_linux) {
|
| configs += [ "//build/config/linux:libresolv" ]
|
| - } else {
|
| + }
|
| +
|
| + if (!use_nss_certs) {
|
| sources -= [
|
| "base/crypto_module_nss.cc",
|
| "base/keygen_handler_nss.cc",
|
| @@ -327,6 +312,8 @@ component("net") {
|
| "cert/nss_cert_database.cc",
|
| "cert/nss_cert_database.h",
|
| "cert/x509_certificate_nss.cc",
|
| + "ssl/client_cert_store_nss.cc",
|
| + "ssl/client_cert_store_nss.h",
|
| "third_party/mozilla_security_manager/nsKeygenHandler.cpp",
|
| "third_party/mozilla_security_manager/nsKeygenHandler.h",
|
| "third_party/mozilla_security_manager/nsNSSCertificateDB.cpp",
|
| @@ -334,29 +321,16 @@ component("net") {
|
| "third_party/mozilla_security_manager/nsPKCS12Blob.cpp",
|
| "third_party/mozilla_security_manager/nsPKCS12Blob.h",
|
| ]
|
| -
|
| - if (!is_ios && !use_openssl) {
|
| - # These files are part of the partial implementation of NSS on iOS so
|
| - # keep them in that case.
|
| - sources -= [
|
| - "cert/test_root_certs_nss.cc",
|
| - "ocsp/nss_ocsp.cc",
|
| - "ocsp/nss_ocsp.h",
|
| - ]
|
| - }
|
| - }
|
| -
|
| - if (!use_nss_certs) {
|
| - sources -= [
|
| - "ssl/client_cert_store_nss.cc",
|
| - "ssl/client_cert_store_nss.h",
|
| - ]
|
| if (!is_ios) {
|
| # These files are part of the partial implementation of NSS on iOS so
|
| # keep them in that case (even though use_nss_certs is not set).
|
| sources -= [
|
| "cert/cert_verify_proc_nss.cc",
|
| "cert/cert_verify_proc_nss.h",
|
| + "cert/test_root_certs_nss.cc",
|
| + "cert/x509_util_nss_certs.cc",
|
| + "ocsp/nss_ocsp.cc",
|
| + "ocsp/nss_ocsp.h",
|
| ]
|
| }
|
| if (is_chromeos) {
|
| @@ -366,6 +340,14 @@ component("net") {
|
| "ssl/client_cert_store_chromeos.h",
|
| ]
|
| }
|
| + if (use_openssl) {
|
| + sources -= [ "ssl/openssl_platform_key_nss.cc" ]
|
| + }
|
| + } else if (use_openssl) {
|
| + # client_cert_store_nss.c requires NSS_CmpCertChainWCANames from NSS's
|
| + # libssl, but our bundled copy is not built in OpenSSL ports. Pull that file
|
| + # in directly.
|
| + sources += [ "third_party/nss/ssl/cmpcert.c" ]
|
| }
|
|
|
| if (!enable_websockets) {
|
| @@ -458,8 +440,8 @@ component("net") {
|
| }
|
|
|
| if (is_ios) {
|
| - # Add back some sources that were otherwise filtered out. iOS additionally
|
| - # doesn't set USE_NSS but needs some of the files.
|
| + # Add back some sources that were otherwise filtered out. iOS needs some Mac
|
| + # files.
|
| set_sources_assignment_filter([])
|
| sources += [
|
| "base/net_util_mac.cc",
|
| @@ -467,13 +449,6 @@ component("net") {
|
| "base/network_change_notifier_mac.cc",
|
| "base/network_config_watcher_mac.cc",
|
| "base/platform_mime_util_mac.mm",
|
| - "cert/cert_verify_proc_nss.cc",
|
| - "cert/cert_verify_proc_nss.h",
|
| - "cert/test_root_certs_nss.cc",
|
| - "cert/x509_util_nss.cc",
|
| - "cert/x509_util_nss.h",
|
| - "ocsp/nss_ocsp.cc",
|
| - "ocsp/nss_ocsp.h",
|
| "proxy/proxy_resolver_mac.cc",
|
| "proxy/proxy_server_mac.cc",
|
| ]
|
|
|
Chromium Code Reviews
Issue 881213004:
Support building BoringSSL with NSS certificates. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master