2010-10-18 22:54:32 +00:00
|
|
|
diff -up ./mozilla/security/nss/lib/sysinit/nsssysinit.c.603313 ./mozilla/security/nss/lib/sysinit/nsssysinit.c
|
|
|
|
|
--- ./mozilla/security/nss/lib/sysinit/nsssysinit.c.603313 2010-10-15 13:57:42.719738316 -0700
|
|
|
|
|
+++ ./mozilla/security/nss/lib/sysinit/nsssysinit.c 2010-10-15 14:07:51.704637349 -0700
|
|
|
|
|
@@ -263,16 +263,26 @@ get_list(char *filename, char *stripped_
|
2010-07-31 16:51:45 +00:00
|
|
|
sysdb = getSystemDB();
|
|
|
|
|
userdb = getUserDB();
|
|
|
|
|
|
|
|
|
|
- /* Don't open root's user DB */
|
2010-10-18 22:54:32 +00:00
|
|
|
+ /* return a list of databases to open. First the system database */
|
2010-07-31 16:51:45 +00:00
|
|
|
+ if (sysdb) {
|
2010-10-18 22:54:32 +00:00
|
|
|
+ const char *readonly = userCanModifySystemDB() ? "" : "flags=readonly";
|
|
|
|
|
+ module_list[next++] = PR_smprintf(
|
|
|
|
|
+ "library= "
|
|
|
|
|
+ "module=\"NSS system database\" "
|
|
|
|
|
+ "parameters=\"configdir='sql:%s' tokenDescription='NSS system database' %s\" "
|
|
|
|
|
+ "NSS=\"trustOrder=80 %sflags=internal,critical\"",
|
|
|
|
|
+ sysdb, readonly, nssflags);
|
2010-07-31 16:51:45 +00:00
|
|
|
+ }
|
|
|
|
|
+
|
|
|
|
|
+ /* Next the user database, but not for root. */
|
|
|
|
|
if (userdb != NULL && !userIsRoot()) {
|
|
|
|
|
- /* return a list of databases to open. First the user Database */
|
|
|
|
|
module_list[next++] = PR_smprintf(
|
|
|
|
|
"library= "
|
|
|
|
|
"module=\"NSS User database\" "
|
2010-10-18 22:54:32 +00:00
|
|
|
"parameters=\"configdir='sql:%s' %s tokenDescription='NSS user database'\" "
|
|
|
|
|
- "NSS=\"trustOrder=75 %sflags=internal%s\"",
|
|
|
|
|
- userdb, stripped_parameters, nssflags,
|
|
|
|
|
- isFIPS ? ",FIPS" : "");
|
|
|
|
|
+ "NSS=\"trustOrder=75 %sflags=internal%s\"",
|
|
|
|
|
+ userdb, stripped_parameters, nssflags,
|
|
|
|
|
+ isFIPS ? ",FIPS" : "");
|
2010-07-31 16:51:45 +00:00
|
|
|
|
2010-10-18 22:54:32 +00:00
|
|
|
/* now open the user's defined PKCS #11 modules */
|
|
|
|
|
/* skip the local user DB entry */
|
|
|
|
|
@@ -281,41 +291,7 @@ get_list(char *filename, char *stripped_
|
|
|
|
|
"module=\"NSS User database\" "
|
|
|
|
|
"parameters=\"configdir='sql:%s' %s\" "
|
|
|
|
|
"NSS=\"flags=internal,moduleDBOnly,defaultModDB,skipFirst\"",
|
|
|
|
|
- userdb, stripped_parameters);
|
|
|
|
|
- }
|
|
|
|
|
-
|
2010-07-31 16:51:45 +00:00
|
|
|
-#if 0
|
|
|
|
|
- /* This doesn't actually work. If we register
|
|
|
|
|
- both this and the sysdb (in either order)
|
|
|
|
|
- then only one of them actually shows up */
|
|
|
|
|
-
|
|
|
|
|
- /* Using a NULL filename as a Boolean flag to
|
|
|
|
|
- * prevent registering both an application-defined
|
|
|
|
|
- * db and the system db. rhbz #546211.
|
|
|
|
|
- */
|
|
|
|
|
- PORT_Assert(filename);
|
|
|
|
|
- if (sysdb && PL_CompareStrings(filename, sysdb))
|
|
|
|
|
- filename = NULL;
|
|
|
|
|
- else if (userdb && PL_CompareStrings(filename, userdb))
|
|
|
|
|
- filename = NULL;
|
|
|
|
|
-
|
|
|
|
|
- if (filename && !userIsRoot()) {
|
|
|
|
|
- module_list[next++] = PR_smprintf(
|
|
|
|
|
- "library= "
|
|
|
|
|
- "module=\"NSS database\" "
|
|
|
|
|
- "parameters=\"configdir='sql:%s' tokenDescription='NSS database sql:%s'\" "
|
|
|
|
|
- "NSS=\"%sflags=internal\"",filename, filename, nssflags);
|
|
|
|
|
- }
|
|
|
|
|
-#endif
|
|
|
|
|
-
|
|
|
|
|
- /* now the system database (always read only unless it's root) */
|
|
|
|
|
- if (sysdb) {
|
|
|
|
|
- const char *readonly = userCanModifySystemDB() ? "" : "flags=readonly";
|
|
|
|
|
- module_list[next++] = PR_smprintf(
|
|
|
|
|
- "library= "
|
|
|
|
|
- "module=\"NSS system database\" "
|
|
|
|
|
- "parameters=\"configdir='sql:%s' tokenDescription='NSS system database' %s\" "
|
2010-10-18 22:54:32 +00:00
|
|
|
- "NSS=\"trustOrder=80 %sflags=internal,critical\"",sysdb, readonly, nssflags);
|
|
|
|
|
+ userdb, stripped_parameters);
|
|
|
|
|
}
|
2010-07-31 16:51:45 +00:00
|
|
|
|
2010-10-18 22:54:32 +00:00
|
|
|
/* that was the last module */
|
