diff options
author | julien.pierre.boogz%sun.com <devnull@localhost> | 2007-11-10 04:26:12 +0000 |
---|---|---|
committer | julien.pierre.boogz%sun.com <devnull@localhost> | 2007-11-10 04:26:12 +0000 |
commit | bfcbb492e8dffb0223795e96cdbaf8bdb558e28f (patch) | |
tree | a9541e55acfe1054959fc601519745dd0b2b1843 | |
parent | bf7741f0139947aae8fcf3ca62e726176fe19e5a (diff) | |
parent | 07e8488f231ebfaff6d526d42c8dea3f9efe8ff8 (diff) | |
download | nss-hg-bfcbb492e8dffb0223795e96cdbaf8bdb558e28f.tar.gz |
Fix for bug 399304 . Initialize cert trust and refcount locks early. r=relyea, nelson
-rw-r--r-- | security/coreconf/WINNT6.0.mk | 74 | ||||
-rw-r--r-- | security/nss/lib/certdb/certdb.c | 58 | ||||
-rw-r--r-- | security/nss/lib/certdb/certi.h | 4 | ||||
-rw-r--r-- | security/nss/lib/nss/nssinit.c | 5 |
4 files changed, 131 insertions, 10 deletions
diff --git a/security/coreconf/WINNT6.0.mk b/security/coreconf/WINNT6.0.mk new file mode 100644 index 000000000..cc3618e0d --- /dev/null +++ b/security/coreconf/WINNT6.0.mk @@ -0,0 +1,74 @@ +# +# ***** BEGIN LICENSE BLOCK ***** +# Version: MPL 1.1/GPL 2.0/LGPL 2.1 +# +# The contents of this file are subject to the Mozilla Public License Version +# 1.1 (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# http://www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS IS" basis, +# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License +# for the specific language governing rights and limitations under the +# License. +# +# The Original Code is the Netscape security libraries. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 1994-2000 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# Robert Longson <longsonr@gmail.com> +# +# Alternatively, the contents of this file may be used under the terms of +# either the GNU General Public License Version 2 or later (the "GPL"), or +# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), +# in which case the provisions of the GPL or the LGPL are applicable instead +# of those above. If you wish to allow use of your version of this file only +# under the terms of either the GPL or the LGPL, and not to allow others to +# use your version of this file under the terms of the MPL, indicate your +# decision by deleting the provisions above and replace them with the notice +# and other provisions required by the GPL or the LGPL. If you do not delete +# the provisions above, a recipient may use your version of this file under +# the terms of any one of the MPL, the GPL or the LGPL. +# +# ***** END LICENSE BLOCK ***** + +# +# Config stuff for WINNT 6.0 (Windows Vista) +# +# This makefile defines the following variables: +# OS_CFLAGS and OS_DLLFLAGS. + +include $(CORE_DEPTH)/coreconf/WIN32.mk + +ifeq ($(CPU_ARCH), x386) + OS_CFLAGS += -W3 -nologo + DEFINES += -D_X86_ +else + ifeq ($(CPU_ARCH), MIPS) + #OS_CFLAGS += -W3 -nologo + #DEFINES += -D_MIPS_ + OS_CFLAGS += -W3 -nologo + else + ifeq ($(CPU_ARCH), ALPHA) + OS_CFLAGS += -W3 -nologo + DEFINES += -D_ALPHA_=1 + endif + endif +endif + +OS_DLLFLAGS += -nologo -DLL -SUBSYSTEM:WINDOWS +ifndef MOZ_DEBUG_SYMBOLS + OS_DLLFLAGS += -PDB:NONE +endif + +# +# Win NT needs -GT so that fibers can work +# +OS_CFLAGS += -GT +DEFINES += -DWINNT + +NSPR31_LIB_PREFIX = lib diff --git a/security/nss/lib/certdb/certdb.c b/security/nss/lib/certdb/certdb.c index f710db899..9fe447687 100644 --- a/security/nss/lib/certdb/certdb.c +++ b/security/nss/lib/certdb/certdb.c @@ -2740,11 +2740,7 @@ static PZLock *certRefCountLock = NULL; void CERT_LockCertRefCount(CERTCertificate *cert) { - if ( certRefCountLock == NULL ) { - nss_InitLock(&certRefCountLock, nssILockRefLock); - PORT_Assert(certRefCountLock != NULL); - } - + PORT_Assert(certRefCountLock != NULL); PZ_Lock(certRefCountLock); return; } @@ -2777,15 +2773,57 @@ static PZLock *certTrustLock = NULL; void CERT_LockCertTrust(CERTCertificate *cert) { - if ( certTrustLock == NULL ) { - nss_InitLock(&certTrustLock, nssILockCertDB); - PORT_Assert(certTrustLock != NULL); - } - + PORT_Assert(certTrustLock != NULL); PZ_Lock(certTrustLock); return; } +SECStatus +cert_InitLocks(void) +{ + if ( certRefCountLock == NULL ) { + nss_InitLock(&certRefCountLock, nssILockRefLock); + PORT_Assert(certRefCountLock != NULL); + if (!certRefCountLock) { + return SECFailure; + } + } + + if ( certTrustLock == NULL ) { + nss_InitLock(&certTrustLock, nssILockCertDB); + PORT_Assert(certTrustLock != NULL); + if (!certTrustLock) { + PZ_DestroyLock(certRefCountLock); + return SECFailure; + } + } + + return SECSuccess; +} + +SECStatus +cert_DestroyLocks(void) +{ + SECStatus rv = SECSuccess; + + PORT_Assert(certRefCountLock != NULL); + if (certRefCountLock) { + PZ_DestroyLock(certRefCountLock); + certRefCountLock = NULL; + } else { + rv = SECFailure; + } + + PORT_Assert(certTrustLock != NULL); + if (certTrustLock) { + PZ_DestroyLock(certTrustLock); + certTrustLock = NULL; + } else { + rv = SECFailure; + } + return rv; +} + /* * Free the cert trust lock */ diff --git a/security/nss/lib/certdb/certi.h b/security/nss/lib/certdb/certi.h index 4a76191e8..5580a83e1 100644 --- a/security/nss/lib/certdb/certi.h +++ b/security/nss/lib/certdb/certi.h @@ -243,5 +243,9 @@ cert_FindDERCertBySubjectKeyID(SECItem *subjKeyID); /* return maximum length of AVA value based on its type OID tag. */ extern int cert_AVAOidTagToMaxLen(SECOidTag tag); +SECStatus cert_InitLocks(void); + +SECStatus cert_DestroyLocks(void); + #endif /* _CERTI_H_ */ diff --git a/security/nss/lib/nss/nssinit.c b/security/nss/lib/nss/nssinit.c index 13afd0715..0f3263dea 100644 --- a/security/nss/lib/nss/nssinit.c +++ b/security/nss/lib/nss/nssinit.c @@ -426,6 +426,10 @@ nss_Init(const char *configdir, const char *certPrefix, const char *keyPrefix, /* New option bits must not change the size of CERTCertificate. */ PORT_Assert(sizeof(dummyCert.options) == sizeof(void *)); + if (SECSuccess != cert_InitLocks()) { + return SECFailure; + } + if (SECSuccess != InitCRLCache()) { return SECFailure; } @@ -787,6 +791,7 @@ NSS_Shutdown(void) if (rv != SECSuccess) { shutdownRV = SECFailure; } + cert_DestroyLocks(); ShutdownCRLCache(); OCSP_ShutdownCache(); SECOID_Shutdown(); |