static CURLcode nss_init_core(struct SessionHandle *data, const char *cert_dir) { #ifdef HAVE_NSS_INITCONTEXT NSSInitParameters initparams; if(nss_context != NULL) return CURLE_OK; memset((void *) &initparams, '\0', sizeof(initparams)); initparams.length = sizeof(initparams); #else /* HAVE_NSS_INITCONTEXT */ SECStatus rv; if(NSS_IsInitialized()) return CURLE_OK; #endif if(cert_dir) { const bool use_sql = NSS_VersionCheck("3.12.0"); char *certpath = aprintf("%s%s", use_sql ? "sql:" : "", cert_dir); if(!certpath) return CURLE_OUT_OF_MEMORY; infof(data, "Initializing NSS with certpath: %s\n", certpath); #ifdef HAVE_NSS_INITCONTEXT nss_context = NSS_InitContext(certpath, "", "", "", &initparams, NSS_INIT_READONLY | NSS_INIT_PK11RELOAD); free(certpath); if(nss_context != NULL) return CURLE_OK; #else /* HAVE_NSS_INITCONTEXT */ rv = NSS_Initialize(certpath, "", "", "", NSS_INIT_READONLY); free(certpath); if(rv == SECSuccess) return CURLE_OK; #endif infof(data, "Unable to initialize NSS database\n"); } infof(data, "Initializing NSS with certpath: none\n"); #ifdef HAVE_NSS_INITCONTEXT nss_context = NSS_InitContext("", "", "", "", &initparams, NSS_INIT_READONLY | NSS_INIT_NOCERTDB | NSS_INIT_NOMODDB | NSS_INIT_FORCEOPEN | NSS_INIT_NOROOTINIT | NSS_INIT_OPTIMIZESPACE | NSS_INIT_PK11RELOAD); if(nss_context != NULL) return CURLE_OK; #else /* HAVE_NSS_INITCONTEXT */ if(NSS_NoDB_Init(NULL) == SECSuccess) return CURLE_OK; #endif infof(data, "Unable to initialize NSS\n"); return CURLE_SSL_CACERT_BADFILE; }
static int nss_hash_init(void **pctx, SECOidTag hash_alg) { PK11Context *ctx; /* we have to initialize NSS if not initialized alraedy */ #ifdef HAVE_NSS_INITCONTEXT if(!NSS_IsInitialized() && !nss_context) { static NSSInitParameters params; params.length = sizeof params; nss_context = NSS_InitContext("", "", "", "", ¶ms, NSS_INIT_READONLY | NSS_INIT_NOCERTDB | NSS_INIT_NOMODDB | NSS_INIT_FORCEOPEN | NSS_INIT_NOROOTINIT | NSS_INIT_OPTIMIZESPACE | NSS_INIT_PK11RELOAD); } #endif ctx = PK11_CreateDigestContext(hash_alg); if(!ctx) return /* failure */ 0; if(PK11_DigestBegin(ctx) != SECSuccess) { PK11_DestroyContext(ctx, PR_TRUE); return /* failure */ 0; } *pctx = ctx; return /* success */ 1; }
static void load_nss (GsdSmartcardManager *self) { GsdSmartcardManagerPrivate *priv = self->priv; NSSInitContext *context = NULL; /* The first field in the NSSInitParameters structure * is the size of the structure. NSS requires this, so * that it can change the size of the structure in future * versions of NSS in a detectable way */ NSSInitParameters parameters = { sizeof (parameters), }; static const guint32 flags = NSS_INIT_READONLY | NSS_INIT_FORCEOPEN | NSS_INIT_NOROOTINIT | NSS_INIT_OPTIMIZESPACE | NSS_INIT_PK11RELOAD; g_debug ("attempting to load NSS database '%s'", GSD_SMARTCARD_MANAGER_NSS_DB); PR_Init (PR_USER_THREAD, PR_PRIORITY_NORMAL, 0); context = NSS_InitContext (GSD_SMARTCARD_MANAGER_NSS_DB, "", "", SECMOD_DB, ¶meters, flags); if (context == NULL) { gsize error_message_size; char *error_message; error_message_size = PR_GetErrorTextLength (); if (error_message_size == 0) { g_debug ("NSS security system could not be initialized"); } else { error_message = g_alloca (error_message_size); PR_GetErrorText (error_message); g_debug ("NSS security system could not be initialized - %s", error_message); } priv->nss_context = NULL; return; } g_debug ("NSS database '%s' loaded", GSD_SMARTCARD_MANAGER_NSS_DB); priv->nss_context = context; }
static NSSInitContext *gtkhash_hash_lib_nss_init_context(void) { PRUint32 flags = NSS_INIT_READONLY | NSS_INIT_NOCERTDB | NSS_INIT_NOMODDB; return NSS_InitContext(NULL, "", "", "", NULL, flags); }