Fix for bug 399304 . Initialize cert trust and refcount locks early. r=relyea, nelson

4 files changed, 131 insertions, 10 deletions

diff --git a/security/coreconf/WINNT6.0.mk b/security/coreconf/WINNT6.0.mk
new file mode 100644
index 000000000..cc3618e0d
--- /dev/null
+++ b/security/coreconf/WINNT6.0.mk
@@ -0,0 +1,74 @@
+#
+# ***** BEGIN LICENSE BLOCK *****
+# Version: MPL 1.1/GPL 2.0/LGPL 2.1
+#
+# The contents of this file are subject to the Mozilla Public License Version
+# 1.1 (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+# http://www.mozilla.org/MPL/
+#
+# Software distributed under the License is distributed on an "AS IS" basis,
+# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+# for the specific language governing rights and limitations under the
+# License.
+#
+# The Original Code is the Netscape security libraries.
+#
+# The Initial Developer of the Original Code is
+# Netscape Communications Corporation.
+# Portions created by the Initial Developer are Copyright (C) 1994-2000
+# the Initial Developer. All Rights Reserved.
+#
+# Contributor(s):
+#    Robert Longson <longsonr@gmail.com>
+#
+# Alternatively, the contents of this file may be used under the terms of
+# either the GNU General Public License Version 2 or later (the "GPL"), or
+# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+# in which case the provisions of the GPL or the LGPL are applicable instead
+# of those above. If you wish to allow use of your version of this file only
+# under the terms of either the GPL or the LGPL, and not to allow others to
+# use your version of this file under the terms of the MPL, indicate your
+# decision by deleting the provisions above and replace them with the notice
+# and other provisions required by the GPL or the LGPL. If you do not delete
+# the provisions above, a recipient may use your version of this file under
+# the terms of any one of the MPL, the GPL or the LGPL.
+#
+# ***** END LICENSE BLOCK *****
+
+#
+# Config stuff for WINNT 6.0 (Windows Vista)
+#
+# This makefile defines the following variables:
+# OS_CFLAGS and OS_DLLFLAGS.
+
+include $(CORE_DEPTH)/coreconf/WIN32.mk
+
+ifeq ($(CPU_ARCH), x386)
+	OS_CFLAGS += -W3 -nologo
+	DEFINES += -D_X86_
+else 
+	ifeq ($(CPU_ARCH), MIPS)
+		#OS_CFLAGS += -W3 -nologo
+		#DEFINES += -D_MIPS_
+		OS_CFLAGS += -W3 -nologo
+	else 
+		ifeq ($(CPU_ARCH), ALPHA)
+			OS_CFLAGS += -W3 -nologo
+			DEFINES += -D_ALPHA_=1
+		endif
+	endif
+endif
+
+OS_DLLFLAGS += -nologo -DLL -SUBSYSTEM:WINDOWS
+ifndef MOZ_DEBUG_SYMBOLS
+	OS_DLLFLAGS += -PDB:NONE
+endif
+
+#
+# Win NT needs -GT so that fibers can work
+#
+OS_CFLAGS += -GT
+DEFINES += -DWINNT
+
+NSPR31_LIB_PREFIX = lib
diff --git a/security/nss/lib/certdb/certdb.c b/security/nss/lib/certdb/certdb.c
index f710db899..9fe447687 100644
--- a/security/nss/lib/certdb/certdb.c
+++ b/security/nss/lib/certdb/certdb.c
@@ -2740,11 +2740,7 @@ static PZLock *certRefCountLock = NULL;
 void
 CERT_LockCertRefCount(CERTCertificate *cert)
 {
-    if ( certRefCountLock == NULL ) {
-	nss_InitLock(&certRefCountLock, nssILockRefLock);
-	PORT_Assert(certRefCountLock != NULL);
-    }
-    
+    PORT_Assert(certRefCountLock != NULL);
     PZ_Lock(certRefCountLock);
     return;
 }
@@ -2777,15 +2773,57 @@ static PZLock *certTrustLock = NULL;
 void
 CERT_LockCertTrust(CERTCertificate *cert)
 {
-    if ( certTrustLock == NULL ) {
-	nss_InitLock(&certTrustLock, nssILockCertDB);
-	PORT_Assert(certTrustLock != NULL);
-    }
-    
+    PORT_Assert(certTrustLock != NULL);
     PZ_Lock(certTrustLock);
     return;
 }
 
+SECStatus
+cert_InitLocks(void)
+{
+    if ( certRefCountLock == NULL ) {
+        nss_InitLock(&certRefCountLock, nssILockRefLock);
+        PORT_Assert(certRefCountLock != NULL);
+        if (!certRefCountLock) {
+            return SECFailure;
+        }
+    }
+
+    if ( certTrustLock == NULL ) {
+        nss_InitLock(&certTrustLock, nssILockCertDB);
+        PORT_Assert(certTrustLock != NULL);
+        if (!certTrustLock) {
+            PZ_DestroyLock(certRefCountLock);
+            return SECFailure;
+        }
+    }    
+
+    return SECSuccess;
+}
+
+SECStatus
+cert_DestroyLocks(void)
+{
+    SECStatus rv = SECSuccess;
+
+    PORT_Assert(certRefCountLock != NULL);
+    if (certRefCountLock) {
+        PZ_DestroyLock(certRefCountLock);
+        certRefCountLock = NULL;
+    } else {
+        rv = SECFailure;
+    }
+
+    PORT_Assert(certTrustLock != NULL);
+    if (certTrustLock) {
+        PZ_DestroyLock(certTrustLock);
+        certTrustLock = NULL;
+    } else {
+        rv = SECFailure;
+    }
+    return rv;
+}
+
 /*
  * Free the cert trust lock
  */
diff --git a/security/nss/lib/certdb/certi.h b/security/nss/lib/certdb/certi.h
index 4a76191e8..5580a83e1 100644
--- a/security/nss/lib/certdb/certi.h
+++ b/security/nss/lib/certdb/certi.h
@@ -243,5 +243,9 @@ cert_FindDERCertBySubjectKeyID(SECItem *subjKeyID);
 /* return maximum length of AVA value based on its type OID tag. */
 extern int cert_AVAOidTagToMaxLen(SECOidTag tag);
 
+SECStatus cert_InitLocks(void);
+
+SECStatus cert_DestroyLocks(void);
+
 #endif /* _CERTI_H_ */
 
diff --git a/security/nss/lib/nss/nssinit.c b/security/nss/lib/nss/nssinit.c
index 13afd0715..0f3263dea 100644
--- a/security/nss/lib/nss/nssinit.c
+++ b/security/nss/lib/nss/nssinit.c
@@ -426,6 +426,10 @@ nss_Init(const char *configdir, const char *certPrefix, const char *keyPrefix,
     /* New option bits must not change the size of CERTCertificate. */
     PORT_Assert(sizeof(dummyCert.options) == sizeof(void *));
 
+    if (SECSuccess != cert_InitLocks()) {
+        return SECFailure;
+    }
+
     if (SECSuccess != InitCRLCache()) {
         return SECFailure;
     }
@@ -787,6 +791,7 @@ NSS_Shutdown(void)
     if (rv != SECSuccess) {
 	shutdownRV = SECFailure;
     }
+    cert_DestroyLocks();
     ShutdownCRLCache();
     OCSP_ShutdownCache();
     SECOID_Shutdown();