From b43c97c9b09d545890942909d1a0a4102847430b Mon Sep 17 00:00:00 2001
From: "dkegel@google.com"
 <dkegel@google.com@0039d316-1c4b-4281-b951-d872f2087c98>
Date: Wed, 22 Oct 2008 19:50:58 +0000
Subject: Port SSLClientSocket to Linux Passes tests (once you enable them by
 removing DISABLED_). Probably want to add a mock https server so we can leave
 those tests enabled when we check in.

Had to add full duplex support to TCPClientSocket on Linux
to avoid kludgy plumbing issues.
Also had to add dummy implementation of
X509Certificate::~X509Certificate to prevent link error.

Rediffed to current trunk, addressed all review issues.

Review URL: http://codereview.chromium.org/4049

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@3751 0039d316-1c4b-4281-b951-d872f2087c98
---
 base/nss_init.cc | 13 +++++++++++++
 1 file changed, 13 insertions(+)

(limited to 'base/nss_init.cc')

diff --git a/base/nss_init.cc b/base/nss_init.cc
index c5c10c4..c8ba44b 100644
--- a/base/nss_init.cc
+++ b/base/nss_init.cc
@@ -6,6 +6,12 @@
 
 #include <nss.h>
 
+// Work around https://bugzilla.mozilla.org/show_bug.cgi?id=455424
+// until NSS 3.12.2 comes out and we update to it.
+#define Lock FOO_NSS_Lock
+#include <ssl.h>
+#undef Lock
+
 #include "base/logging.h"
 #include "base/singleton.h"
 
@@ -15,9 +21,16 @@ class NSSInitSingleton {
  public:
   NSSInitSingleton() {
     CHECK(NSS_NoDB_Init(".") == SECSuccess);
+    // Enable ciphers
+    NSS_SetDomesticPolicy();
+    // Enable SSL
+    SSL_OptionSetDefault(SSL_SECURITY, PR_TRUE);
   }
 
   ~NSSInitSingleton() {
+    // Have to clear the cache, or NSS_Shutdown fails with SEC_ERROR_BUSY
+    SSL_ClearSessionCache();
+
     SECStatus status = NSS_Shutdown();
     DCHECK(status == SECSuccess);
   }
-- 
cgit v1.1