| Index: crypto/BUILD.gn
|
| diff --git a/crypto/BUILD.gn b/crypto/BUILD.gn
|
| index 9f944e5b717febc133de2d56315026c2fa074988..cf8dd8dd9521cd82499a08f158b880725b455940 100644
|
| --- a/crypto/BUILD.gn
|
| +++ b/crypto/BUILD.gn
|
| @@ -136,9 +136,6 @@ component("crypto") {
|
| "ec_signature_creator_nss.cc",
|
| "encryptor_nss.cc",
|
| "hmac_nss.cc",
|
| - "nss_util.cc",
|
| - "nss_util.h",
|
| - "nss_util_internal.h",
|
| "rsa_private_key_nss.cc",
|
| "secure_hash_default.cc",
|
| "signature_creator_nss.cc",
|
| @@ -170,6 +167,16 @@ component("crypto") {
|
| ]
|
| }
|
|
|
| + # NSS is used for neither the internal crypto library nor the platform
|
| + # certificate library.
|
| + if (use_openssl && !use_nss_certs) {
|
| + sources -= [
|
| + "nss_util.cc",
|
| + "nss_util.h",
|
| + "nss_util_internal.h",
|
| + ]
|
| + }
|
| +
|
| defines = [ "CRYPTO_IMPLEMENTATION" ]
|
| }
|
|
|
| @@ -231,12 +238,14 @@ if (!is_win) {
|
| "symmetric_key_unittest.cc",
|
| ]
|
|
|
| - if (use_openssl || !is_linux) {
|
| - sources -= [ "rsa_private_key_nss_unittest.cc" ]
|
| + if (use_openssl && !use_nss_certs) {
|
| + # nss_util is built if NSS is used for either the internal crypto library
|
| + # or the platform certificate library.
|
| + sources -= [ "nss_util_unittest.cc" ]
|
| }
|
|
|
| if (use_openssl) {
|
| - sources -= [ "nss_util_unittest.cc" ]
|
| + sources -= [ "rsa_private_key_nss_unittest.cc" ]
|
| } else {
|
| sources -= [ "openssl_bio_string_unittest.cc" ]
|
| }
|
| @@ -287,7 +296,7 @@ source_set("test_support") {
|
| }
|
|
|
| config("platform_config") {
|
| - if (!use_openssl && is_clang) {
|
| + if ((!use_openssl || use_nss_certs) && is_clang) {
|
| # There is a broken header guard in /usr/include/nss/secmod.h:
|
| # https://bugzilla.mozilla.org/show_bug.cgi?id=884072
|
| cflags = [ "-Wno-header-guard" ]
|
| @@ -306,21 +315,26 @@ group("platform") {
|
| deps = [
|
| "//net/third_party/nss/ssl:libssl",
|
| ]
|
| + }
|
| +
|
| + # Link in NSS if it is used for either the internal crypto library
|
| + # (!use_openssl) or platform certificate library (use_nss_certs).
|
| + if (!use_openssl || use_nss_certs) {
|
| if (is_linux) {
|
| # On Linux, we use the system NSS (excepting SSL where we always use our
|
| # own).
|
| - #
|
| - # We always need our SSL header search path to come before the system one
|
| - # so our versions are used. The libssl target will add the search path we
|
| - # want, but according to GN's ordering rules, public_configs' search path
|
| - # will get applied before ones inherited from our dependencies.
|
| - # Therefore, we need to explicitly list our custom libssl's config here
|
| - # before the system one.
|
| - public_configs = [
|
| - ":platform_config",
|
| - "//net/third_party/nss/ssl:ssl_config",
|
| - "//third_party/nss:system_nss_no_ssl_config",
|
| - ]
|
| + public_configs = [ ":platform_config" ]
|
| + if (!use_openssl) {
|
| + # If using a bundled copy of NSS's SSL library, ensure the bundled SSL
|
| + # header search path comes before the system one so our versions are
|
| + # used. The libssl target will add the search path we want, but
|
| + # according to GN's ordering rules, public_configs' search path will get
|
| + # applied before ones inherited from our dependencies. Therefore, we
|
| + # need to explicitly list our custom libssl's config here before the
|
| + # system one.
|
| + public_configs += [ "//net/third_party/nss/ssl:ssl_config" ]
|
| + }
|
| + public_configs += [ "//third_party/nss:system_nss_no_ssl_config" ]
|
| } else {
|
| # Non-Linux platforms use the hermetic NSS from the tree.
|
| deps += [
|
|
|
Chromium Code Reviews
Issue 881213004:
Support building BoringSSL with NSS certificates. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master