diff options
author | rsleevi@chromium.org <rsleevi@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-02-28 22:13:00 +0000 |
---|---|---|
committer | rsleevi@chromium.org <rsleevi@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-02-28 22:13:00 +0000 |
commit | 2e70a8df3c5d63219ecd1ac9bbeac8e02773d4d9 (patch) | |
tree | 8244ad254061ff9abd0feeaf12785d28987c7ff1 /net/socket/nss_ssl_util.cc | |
parent | 983a106a5a7e25de3fc1a3ce27630d1c3ad57c8b (diff) | |
download | chromium_src-2e70a8df3c5d63219ecd1ac9bbeac8e02773d4d9.zip chromium_src-2e70a8df3c5d63219ecd1ac9bbeac8e02773d4d9.tar.gz chromium_src-2e70a8df3c5d63219ecd1ac9bbeac8e02773d4d9.tar.bz2 |
Support building NSS's libssl as a component
libssl is used both by net (as part of SSL) and part of content (as part
of WebRTC). Built in component mode, two copies get built in, with
independent global variables - thus causing the net/ initialization
functions to initialize the net.dll version, rather than the content.dll
version.
Make libssl build as a dll in component mode (roughly). Rather than using
a linker script like upstream, just export all the symbols.
BUG=webrtc:1390
TEST=component builds are happy
Review URL: https://chromiumcodereview.appspot.com/12383007
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@185342 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/socket/nss_ssl_util.cc')
-rw-r--r-- | net/socket/nss_ssl_util.cc | 26 |
1 files changed, 6 insertions, 20 deletions
diff --git a/net/socket/nss_ssl_util.cc b/net/socket/nss_ssl_util.cc index 462aee9..004f0ed 100644 --- a/net/socket/nss_ssl_util.cc +++ b/net/socket/nss_ssl_util.cc @@ -35,22 +35,8 @@ class NSSSSLInitSingleton { NSS_SetDomesticPolicy(); -#if defined(USE_SYSTEM_SSL) - // Use late binding to avoid scary but benign warning - // "Symbol `SSL_ImplementedCiphers' has different size in shared object, - // consider re-linking" - // TODO(wtc): Use the new SSL_GetImplementedCiphers and - // SSL_GetNumImplementedCiphers functions when we require NSS 3.12.6. - // See https://bugzilla.mozilla.org/show_bug.cgi?id=496993. - const PRUint16* pSSL_ImplementedCiphers = static_cast<const PRUint16*>( - dlsym(RTLD_DEFAULT, "SSL_ImplementedCiphers")); - if (pSSL_ImplementedCiphers == NULL) { - NOTREACHED() << "Can't get list of supported ciphers"; - return; - } -#else -#define pSSL_ImplementedCiphers SSL_ImplementedCiphers -#endif + const PRUint16* const ssl_ciphers = SSL_GetImplementedCiphers(); + const PRUint16 num_ciphers = SSL_GetNumImplementedCiphers(); // Disable ECDSA cipher suites on platforms that do not support ECDSA // signed certificates, as servers may use the presence of such @@ -62,14 +48,14 @@ class NSSSSLInitSingleton { #endif // Explicitly enable exactly those ciphers with keys of at least 80 bits - for (int i = 0; i < SSL_NumImplementedCiphers; i++) { + for (int i = 0; i < num_ciphers; i++) { SSLCipherSuiteInfo info; - if (SSL_GetCipherSuiteInfo(pSSL_ImplementedCiphers[i], &info, + if (SSL_GetCipherSuiteInfo(ssl_ciphers[i], &info, sizeof(info)) == SECSuccess) { - SSL_CipherPrefSetDefault(pSSL_ImplementedCiphers[i], + SSL_CipherPrefSetDefault(ssl_ciphers[i], (info.effectiveKeyBits >= 80)); if (info.authAlgorithm == ssl_auth_ecdsa && disableECDSA) - SSL_CipherPrefSetDefault(pSSL_ImplementedCiphers[i], PR_FALSE); + SSL_CipherPrefSetDefault(ssl_ciphers[i], PR_FALSE); } } |