From 6ecaf49cd229f3942ffd05c845ed35f08ad13f90 Mon Sep 17 00:00:00 2001 From: Moonchild Date: Thu, 10 Dec 2020 21:30:23 +0000 Subject: Build NSS using gyp files. Note: this doesn't build due to issues with trying to feed gcc flags to msvc. --- build/autoconf/nspr-build.m4 | 2 + config/external/nss/Makefile.in | 469 ----------------- config/external/nss/crmf/moz.build | 15 - config/external/nss/moz.build | 39 -- config/external/nss/nss.mk | 27 - config/external/nss/nss.symbols | 748 -------------------------- moz.build | 2 +- old-configure.in | 10 + python/mozbuild/mozbuild/frontend/emitter.py | 2 - security/generate_certdata.py | 11 + security/generate_mapfile.py | 54 ++ security/moz.build | 121 +++++ security/nss.symbols | 749 +++++++++++++++++++++++++++ 13 files changed, 948 insertions(+), 1301 deletions(-) delete mode 100644 config/external/nss/Makefile.in delete mode 100644 config/external/nss/crmf/moz.build delete mode 100644 config/external/nss/moz.build delete mode 100644 config/external/nss/nss.mk delete mode 100644 config/external/nss/nss.symbols create mode 100644 security/generate_certdata.py create mode 100644 security/generate_mapfile.py create mode 100644 security/moz.build create mode 100644 security/nss.symbols diff --git a/build/autoconf/nspr-build.m4 b/build/autoconf/nspr-build.m4 index b53fb4d37f..2858d1f2bd 100644 --- a/build/autoconf/nspr-build.m4 +++ b/build/autoconf/nspr-build.m4 @@ -138,6 +138,8 @@ if test -n "$NSPR_CFLAGS" -o -n "$NSPR_LIBS"; then , AC_MSG_ERROR([system NSPR does not support PR_UINT64 or including prtypes.h does not provide it])) CFLAGS=$_SAVE_CFLAGS + NSPR_INCLUDE_DIR=`echo ${NSPR_CFLAGS} | sed -e 's/.*-I\([^ ]*\).*/\1/'` + NSPR_LIB_DIR=`echo ${NSPR_LIBS} | sed -e 's/.*-L\([^ ]*\).*/\1/'` elif test -z "$JS_POSIX_NSPR"; then NSPR_INCLUDE_DIR="${DIST}/include/nspr" NSPR_CFLAGS="-I${NSPR_INCLUDE_DIR}" diff --git a/config/external/nss/Makefile.in b/config/external/nss/Makefile.in deleted file mode 100644 index 7289e57f4c..0000000000 --- a/config/external/nss/Makefile.in +++ /dev/null @@ -1,469 +0,0 @@ -# -# This Source Code Form is subject to the terms of the Mozilla Public -# License, v. 2.0. If a copy of the MPL was not distributed with this -# file, You can obtain one at http://mozilla.org/MPL/2.0/. - -CC_WRAPPER = -CXX_WRAPPER = - -default:: - -include $(topsrcdir)/config/makefiles/functions.mk - -NSS_LIBS = \ - nss3 \ - nssutil3 \ - smime3 \ - ssl3 \ - $(NULL) - -ifdef MOZ_FOLD_LIBS -NSS_DLLS = $(LIBRARY_NAME) -else -NSS_DLLS = $(NSS_LIBS) -endif - -NSS_EXTRA_DLLS = \ - nssckbi \ - softokn3 \ - $(NULL) - -ifndef NSS_DISABLE_DBM -NSS_EXTRA_DLLS += nssdbm3 -endif - -SDK_LIBS = crmf - -ifneq (,$(filter WINNT,$(OS_ARCH))) -SDK_LIBS += $(NSS_DLLS) -endif - -# Default -HAVE_FREEBL_LIBS = 1 - -# SunOS SPARC - -ifeq ($(OS_ARCH), SunOS) -ifneq (86,$(findstring 86,$(OS_TEST))) -ifdef HAVE_64BIT_BUILD -HAVE_FREEBL_LIBS = -HAVE_FREEBL_LIBS_64 = 1 -else -HAVE_FREEBL_LIBS = -HAVE_FREEBL_LIBS_32FPU = 1 -HAVE_FREEBL_LIBS_32INT64 = 1 -endif -endif -endif - -ifeq ($(OS_TARGET),Linux) -HAVE_FREEBL_LIBS = -HAVE_FREEBL_LIBS_PRIV = 1 -FREEBL_LOWHASH_FLAG = FREEBL_LOWHASH=1 -endif - -ifdef HAVE_FREEBL_LIBS -NSS_EXTRA_DLLS += freebl3 -endif -ifdef HAVE_FREEBL_LIBS_PRIV -NSS_EXTRA_DLLS += freeblpriv3 -endif -ifdef HAVE_FREEBL_LIBS_32INT32 -NSS_EXTRA_DLLS += freebl_32int_3 -endif -ifdef HAVE_FREEBL_LIBS_32FPU -NSS_EXTRA_DLLS += freebl_32fpu_3 -endif -ifdef HAVE_FREEBL_LIBS_32INT64 -NSS_EXTRA_DLLS += freebl_32int64_3 -endif -ifdef HAVE_FREEBL_LIBS_64 -NSS_EXTRA_DLLS += freebl_64int_3 -NSS_EXTRA_DLLS += freebl_64fpu_3 -endif - -# For all variables such as DLLFLAGS, that may contain $(DIST) -DIST := $(ABS_DIST) -# TODO: move this all to configure, but in Python -ifndef MOZ_BUILD_NSPR -NSPR_INCLUDE_DIR = $(firstword $(filter -I%,$(NSPR_CFLAGS))) -ifneq (,$(strip $(NSPR_INCLUDE_DIR))) -NSPR_INCLUDE_DIR := $(subst -I,,$(subst -I$(DIST),-I$(ABS_DIST),$(NSPR_INCLUDE_DIR))) -else -$(error Your NSPR CFLAGS are broken!) -endif -NSPR_LIB_DIR = $(firstword $(filter -L%,$(NSPR_LIBS))) -ifneq (,$(strip $(NSPR_LIB_DIR))) -NSPR_LIB_DIR := $(subst -L,,$(subst -L$(DIST),-L$(ABS_DIST),$(NSPR_LIB_DIR))) -else -$(error Your NSPR LDFLAGS are broken!) -endif -endif - -# To get debug symbols from NSS -export MOZ_DEBUG_SYMBOLS - -DEFAULT_GMAKE_FLAGS = -DEFAULT_GMAKE_FLAGS += CC='$(CC)' -DEFAULT_GMAKE_FLAGS += MT='$(MT)' -DEFAULT_GMAKE_FLAGS += LD='$(LD)' -DEFAULT_GMAKE_FLAGS += SOURCE_MD_DIR=$(ABS_DIST) -DEFAULT_GMAKE_FLAGS += SOURCE_MDHEADERS_DIR=$(NSPR_INCLUDE_DIR) -DEFAULT_GMAKE_FLAGS += DIST=$(ABS_DIST) -DEFAULT_GMAKE_FLAGS += NSPR_INCLUDE_DIR=$(NSPR_INCLUDE_DIR) -DEFAULT_GMAKE_FLAGS += NSPR_LIB_DIR=$(NSPR_LIB_DIR) -DEFAULT_GMAKE_FLAGS += MOZILLA_CLIENT=1 -DEFAULT_GMAKE_FLAGS += NO_MDUPDATE=1 -DEFAULT_GMAKE_FLAGS += NSS_ENABLE_ECC=1 -DEFAULT_GMAKE_FLAGS += NSS_ENABLE_TLS_1_3=1 -ifeq ($(OS_ARCH)_$(GNU_CC),WINNT_1) -DEFAULT_GMAKE_FLAGS += OS_DLLFLAGS='-static-libgcc' NSPR31_LIB_PREFIX=lib -endif -DEFAULT_GMAKE_FLAGS += SQLITE_LIB_NAME=mozsqlite3 -DEFAULT_GMAKE_FLAGS += SQLITE_LIB_DIR=$(ABS_DIST)/../db/sqlite3/src -DEFAULT_GMAKE_FLAGS += SQLITE_INCLUDE_DIR=$(ABS_DIST)/include -ifdef NSS_DISABLE_DBM -DEFAULT_GMAKE_FLAGS += NSS_DISABLE_DBM=1 -endif -# Hack to force NSS build system to use "normal" object directories -DEFAULT_GMAKE_FLAGS += topsrcdir='$(topsrcdir)' -# topsrcdir can't be expanded here because msys path mangling likes to break -# paths in that case. -DEFAULT_GMAKE_FLAGS += BUILD='$(MOZ_BUILD_ROOT)/security/$$(subst $$(topsrcdir)/security/,,$$(CURDIR))' -DEFAULT_GMAKE_FLAGS += BUILD_TREE='$$(BUILD)' OBJDIR='$$(BUILD)' DEPENDENCIES='$$(BUILD)/.deps' SINGLE_SHLIB_DIR='$$(BUILD)' -DEFAULT_GMAKE_FLAGS += SOURCE_XP_DIR=$(ABS_DIST) -ifndef MOZ_DEBUG -DEFAULT_GMAKE_FLAGS += BUILD_OPT=1 OPT_CODE_SIZE=1 -endif -ifdef GNU_CC -DEFAULT_GMAKE_FLAGS += NS_USE_GCC=1 -else -DEFAULT_GMAKE_FLAGS += NS_USE_GCC= -endif -ifdef USE_N32 -# It is not really necessary to specify USE_PTHREADS=1. USE_PTHREADS -# merely adds _PTH to coreconf's OBJDIR name. -DEFAULT_GMAKE_FLAGS += USE_N32=1 USE_PTHREADS=1 -endif -ifdef HAVE_64BIT_BUILD -DEFAULT_GMAKE_FLAGS += USE_64=1 -endif -ifeq ($(OS_ARCH),WINNT) -DEFAULT_GMAKE_FLAGS += OS_TARGET=WIN95 -ifdef MOZ_DEBUG -ifndef MOZ_NO_DEBUG_RTL -DEFAULT_GMAKE_FLAGS += USE_DEBUG_RTL=1 -endif -endif -endif # WINNT -ifeq ($(OS_ARCH),Darwin) -# Make nsinstall use absolute symlinks by default when building NSS -# for Mozilla on Mac OS X. (Bugzilla bug 193164) -ifndef NSDISTMODE -DEFAULT_GMAKE_FLAGS += NSDISTMODE=absolute_symlink -endif -ifdef MACOS_SDK_DIR -DEFAULT_GMAKE_FLAGS += MACOS_SDK_DIR=$(MACOS_SDK_DIR) -endif -endif - -# Turn off TLS compression support because it requires system zlib. -# See bug 580679 comment 18. -DEFAULT_GMAKE_FLAGS += NSS_SSL_ENABLE_ZLIB= - -# Disable building of the test programs in security/nss/lib/zlib -DEFAULT_GMAKE_FLAGS += PROGRAMS= - -# Disable creating .chk files. They will be generated from packager.mk -# When bug 681624 lands, we can replace CHECKLOC= with SKIP_SHLIBSIGN=1 -DEFAULT_GMAKE_FLAGS += CHECKLOC= - -ifdef CROSS_COMPILE - -DEFAULT_GMAKE_FLAGS += \ - NATIVE_CC='$(HOST_CC)' \ - CC='$(CC)' \ - CCC='$(CXX)' \ - AS='$(AS)' \ - AR='$(AR) $(AR_FLAGS:$@=$$@)' \ - RANLIB='$(RANLIB)' \ - RC='$(RC) $(RCFLAGS)' \ - OS_ARCH='$(OS_ARCH)' \ - OS_TEST='$(OS_TEST)' \ - CPU_ARCH='$(TARGET_CPU)' \ - $(NULL) - -# Android has pthreads integrated into -lc, so OS_PTHREAD is set to nothing -ifeq ($(OS_TARGET), Android) -DEFAULT_GMAKE_FLAGS += \ - OS_RELEASE='2.6' \ - OS_PTHREAD= \ - $(NULL) - -DEFAULT_GMAKE_FLAGS += ARCHFLAG='$(filter-out -W%,$(CFLAGS)) -DCHECK_FORK_GETPID $(addprefix -DANDROID_VERSION=,$(ANDROID_VERSION)) -include $(topsrcdir)/security/manager/android_stub.h' -endif -endif - -ifdef WRAP_LDFLAGS -NSS_EXTRA_LDFLAGS += $(WRAP_LDFLAGS) -endif - -# The SHARED_LIBS part is needed unconditionally on Android. It's not -# clear why this is the case, but see bug 1133073 (starting around -# comment #8) for context. -ifneq (,$(or $(MOZ_GLUE_WRAP_LDFLAGS), $(filter Android, $(OS_TARGET)))) -NSS_EXTRA_LDFLAGS += $(SHARED_LIBS:$(DEPTH)%=$(MOZ_BUILD_ROOT)%) $(MOZ_GLUE_WRAP_LDFLAGS) -endif - -ifneq (,$(NSS_EXTRA_LDFLAGS)) -DEFAULT_GMAKE_FLAGS += \ - LDFLAGS='$(LDFLAGS) $(NSS_EXTRA_LDFLAGS)' \ - DSO_LDOPTS='$(DSO_LDOPTS) $(LDFLAGS) $(NSS_EXTRA_LDFLAGS)' \ - $(NULL) -endif - -DEFAULT_GMAKE_FLAGS += FREEBL_NO_DEPEND=0 $(FREEBL_LOWHASH_FLAG) -DEFAULT_GMAKE_FLAGS += NSS_ALLOW_SSLKEYLOGFILE=1 - -ifdef MOZ_NO_WLZDEFS -DEFAULT_GMAKE_FLAGS += ZDEFS_FLAG= -endif -ifdef MOZ_CFLAGS_NSS -NSS_XCFLAGS += $(filter-out -W%,$(CFLAGS)) -DEFAULT_GMAKE_FLAGS += DARWIN_DYLIB_VERSIONS='-compatibility_version 1 -current_version 1 $(LDFLAGS)' -endif -ifeq (1_1,$(CLANG_CL)_$(MOZ_ASAN)) -XLDFLAGS := $(OS_LDFLAGS) -DEFAULT_GMAKE_FLAGS += XLDFLAGS='$(XLDFLAGS)' -endif - -DEFAULT_GMAKE_FLAGS += NSS_NO_PKCS11_BYPASS=1 - -# Put NSS headers directly under $(DIST)/include -DEFAULT_GMAKE_FLAGS += PUBLIC_EXPORT_DIR='$(ABS_DIST)/include/$$(MODULE)' -DEFAULT_GMAKE_FLAGS += SOURCE_XPHEADERS_DIR='$$(SOURCE_XP_DIR)/include/$$(MODULE)' -DEFAULT_GMAKE_FLAGS += MODULE_INCLUDES='$$(addprefix -I$$(SOURCE_XP_DIR)/include/,$$(REQUIRES))' - -# Work around NSS's MAKE_OBJDIR being racy. See bug #836220 -DEFAULT_GMAKE_FLAGS += MAKE_OBJDIR='$$(INSTALL) -D $$(OBJDIR)' - -# Work around NSS adding IMPORT_LIBRARY to TARGETS with no rule for -# it, creating race conditions. See bug #836220 -DEFAULT_GMAKE_FLAGS += TARGETS='$$(LIBRARY) $$(SHARED_LIBRARY) $$(PROGRAM)' - -ifdef MOZ_FOLD_LIBS_FLAGS -NSS_XCFLAGS += $(MOZ_FOLD_LIBS_FLAGS) -endif - -# Pass on the MSVC target arch from the main build system. -# Note this is case- and switch-character sensitive, while -# the MSVC option is not. -ifeq (WINNT,$(OS_TARGET)) -NSS_XCFLAGS += $(filter -arch:%,$(CFLAGS)) -endif - -# Enable short header experiment. Firefox only. -NSS_XCFLAGS += -DNSS_ENABLE_TLS13_SHORT_HEADERS - -# Export accumulated XCFLAGS to modify nss defaults. -DEFAULT_GMAKE_FLAGS += XCFLAGS='$(NSS_XCFLAGS)' - -NSS_SRCDIR = $(topsrcdir) - -NSS_DIRS = -ifndef MOZ_FOLD_LIBS -NSS_DIRS += nss/lib -else -ifndef NSS_DISABLE_DBM -NSS_DIRS += nss/lib/dbm -endif -endif -NSS_DIRS += \ - nss/cmd/lib \ - nss/cmd/shlibsign \ - $(NULL) - -ifdef ENABLE_TESTS -NSS_DIRS += \ - nss/cmd/certutil \ - nss/cmd/pk12util \ - nss/cmd/modutil \ - $(NULL) -endif - -ifneq (,$(filter %--build-id,$(LDFLAGS))) -DEFAULT_GMAKE_ENV = LDFLAGS=-Wl,--build-id -endif - -ifdef MOZ_FOLD_LIBS -# TODO: The following can be replaced by something simpler when bug 844880 -# is fixed. -# All static libraries required for nss, smime, ssl and nssutil. -# The strip is needed to remove potential linefeed characters, since they hang -# around in some cases on Windows. -NSS_STATIC_LIBS := $(strip $(shell $(MAKE) --no-print-directory -f $(srcdir)/nss.mk DEPTH='$(DEPTH)' topsrcdir='$(topsrcdir)' srcdir='$(srcdir)' echo-variable-libs)) -# Corresponding build directories -NSS_STATIC_DIRS := $(foreach lib,$(NSS_STATIC_LIBS),$(patsubst %/,%,$(dir $(lib)))) -NSS_DIRS += $(NSS_STATIC_DIRS) - -# TODO: The following can be replaced by something simpler when bug 844884 -# is fixed. -# Remaining nss/lib directories -NSS_DIRS += nss/lib/freebl nss/lib/softoken nss/lib/jar nss/lib/crmf nss/lib/ckfw - -DEFAULT_GMAKE_FLAGS += NSS_DISABLE_LIBPKIX=1 - -ifeq (WINNT,$(OS_TARGET)) -NSS_DIRS += nss/lib/zlib -endif -endif # MOZ_FOLD_LIBS - -# Filter-out $(LIBRARY_NAME) because it's already handled in config/rules.mk. -NSS_DIST_DLL_FILES := $(addprefix $(DIST)/lib/$(DLL_PREFIX),$(addsuffix $(DLL_SUFFIX),$(filter-out $(LIBRARY_NAME),$(NSS_DLLS)) $(NSS_EXTRA_DLLS))) -NSS_DIST_DLL_DEST := $(DIST)/bin -NSS_DIST_DLL_TARGET := target -INSTALL_TARGETS += NSS_DIST_DLL - -ifeq ($(OS_ARCH)_$(1), SunOS_softokn3) -# has to use copy mode on Solaris, see #665509 -$(DIST)/bin/$(DLL_PREFIX)softokn3$(DLL_SUFFIX): INSTALL := $(NSINSTALL) -t -endif - -NSS_SDK_LIB_FILES := \ - $(addprefix $(DIST)/lib/$(LIB_PREFIX),$(addsuffix .$(LIB_SUFFIX),$(SDK_LIBS))) \ - $(addprefix $(DIST)/bin/$(DLL_PREFIX),$(addsuffix $(DLL_SUFFIX),$(NSS_DLLS))) \ - $(NULL) -NSS_SDK_LIB_DEST := $(DIST)/sdk/lib -NSS_SDK_LIB_TARGET := target -INSTALL_TARGETS += NSS_SDK_LIB - -ifdef MOZ_FOLD_LIBS -# Add all static libraries for nss, smime, ssl and nssutil -STATIC_LIBS += $(addprefix $(DEPTH)/security/,$(NSS_STATIC_LIBS)) - -IMPORT_LIB_FILES = $(IMPORT_LIBRARY) -IMPORT_LIB_DEST ?= $(DIST)/lib -IMPORT_LIB_TARGET = target -INSTALL_TARGETS += IMPORT_LIB - -endif # MOZ_FOLD_LIBS - -include $(topsrcdir)/config/rules.mk - -ifeq (1,$(ALLOW_COMPILER_WARNINGS)) -DEFAULT_GMAKE_FLAGS += NSS_ENABLE_WERROR=0 -endif - -# Can't pass this in DEFAULT_GMAKE_FLAGS because that overrides -# definitions in NSS, so just export it into the sub-make's environment. -ifeq (WINNT_1,$(OS_TARGET)_$(MOZ_MEMORY)) -DLLFLAGS := -LIBPATH:$(ABS_DIST)/../mozglue/build -DEFAULTLIB:mozglue -export DLLFLAGS -endif - -ifdef MOZ_FOLD_LIBS -# Force the linker to include everything from the static libraries. -EXPAND_LIBS_EXEC += --extract - -$(SHARED_LIBRARY): $(addprefix $(DEPTH)/security/,$(NSS_STATIC_LIBS)) - -ifdef IMPORT_LIB_SUFFIX -IMPORT_PREFIX = $(LIB_PREFIX) -IMPORT_SUFFIX = .$(IMPORT_LIB_SUFFIX) -else -IMPORT_PREFIX = $(DLL_PREFIX) -IMPORT_SUFFIX = $(DLL_SUFFIX) -endif - -NSPR_IMPORT_LIBS = $(addprefix $(DIST)/lib/$(IMPORT_PREFIX),$(addsuffix $(IMPORT_SUFFIX),nspr4 plc4 plds4)) -SQLITE_IMPORT_LIB = $(DIST)/lib/$(IMPORT_PREFIX)mozsqlite3$(IMPORT_SUFFIX) - -# TODO: The following can be replaced by something simpler when bug 844884 -# is fixed. -# Associate target files with the rules that build them. -$(DIST)/lib/$(LIB_PREFIX)crmf.$(LIB_SUFFIX): libs-nss/lib/crmf -$(DIST)/lib/$(DLL_PREFIX)freebl3$(DLL_SUFFIX): libs-nss/lib/freebl -$(DIST)/lib/$(DLL_PREFIX)nssckbi$(DLL_SUFFIX): libs-nss/lib/ckfw -$(DIST)/lib/$(DLL_PREFIX)softokn3$(DLL_SUFFIX): libs-nss/lib/softoken -$(DIST)/lib/$(DLL_PREFIX)nssdbm3$(DLL_SUFFIX): libs-nss/lib/softoken -$(foreach lib,$(NSS_STATIC_LIBS),$(eval $(DEPTH)/security/$(lib): libs-$(patsubst %/,%,$(dir $(lib))))) - -# Create fake import libraries for the folded libraries, so that linking -# against them works both for the NSS build system (see dependencies below) -# and for the rest of the mozilla build system. -$(NSPR_IMPORT_LIBS) \ -$(SQLITE_IMPORT_LIB) \ -$(DIST)/lib/$(IMPORT_PREFIX)nssutil3$(IMPORT_SUFFIX) \ -$(DIST)/lib/$(IMPORT_PREFIX)ssl3$(IMPORT_SUFFIX) \ -$(DIST)/lib/$(IMPORT_PREFIX)smime3$(IMPORT_SUFFIX): $(DIST)/lib/$(IMPORT_PREFIX)nss3$(IMPORT_SUFFIX) -ifeq (WINNT,$(OS_TARGET)) - cp $< $@ -else - ln -sf $< $@ -endif - -# Interdependencies between nss sub-directories, and dependencies on NSPR/SQLite -libs-nss/lib/ckfw: libs-nss/lib/nss/../base $(NSPR_IMPORT_LIBS) -libs-nss/lib/softoken: $(NSPR_IMPORT_LIBS) $(SQLITE_IMPORT_LIB) -libs-nss/lib/softoken: libs-nss/lib/freebl -ifndef NSS_DISABLE_DBM -libs-nss/lib/softoken: libs-nss/lib/dbm -endif -libs-nss/lib/softoken: $(DIST)/lib/$(IMPORT_PREFIX)nssutil3$(IMPORT_SUFFIX) -libs-nss/lib/freebl: $(DIST)/lib/$(IMPORT_PREFIX)nssutil3$(IMPORT_SUFFIX) $(NSPR_IMPORT_LIBS) - -# For each directory where we build static libraries, force the NSS build system -# to only build static libraries. -$(addprefix libs-,$(NSS_STATIC_DIRS)): DEFAULT_GMAKE_FLAGS += SHARED_LIBRARY= IMPORT_LIBRARY= -else -$(STATIC_LIBS) $(NSS_DIST_DLL_FILES) $(NSS_SDK_LIB_FILES): libs-nss/lib -endif # MOZ_FOLD_LIBS - -ifeq ($(NSINSTALL_PY),$(NSINSTALL)) -DEFAULT_GMAKE_FLAGS += PYTHON='$(PYTHON)' -DEFAULT_GMAKE_FLAGS += NSINSTALL_PY='$(abspath $(topsrcdir)/config/nsinstall.py)' -DEFAULT_GMAKE_FLAGS += NSINSTALL='$$(PYTHON) $$(NSINSTALL_PY)' -else -DEFAULT_GMAKE_FLAGS += NSINSTALL='$(abspath $(NSINSTALL))' -endif -ifeq ($(OS_ARCH),WINNT) -DEFAULT_GMAKE_FLAGS += INSTALL='$$(NSINSTALL) -t' -endif -DEFAULT_GMAKE_FLAGS += $(EXTRA_GMAKE_FLAGS) - -$(addprefix libs-,$(NSS_DIRS)): libs-%: -# Work around NSS's export rule being racy when recursing for private_export -# See bug #836220. -$(addprefix export-,$(NSS_DIRS)): EXTRA_GMAKE_FLAGS = PRIVATE_EXPORTS= -$(addprefix export-,$(NSS_DIRS)): export-%: private_export-% -$(addprefix private_export-,$(NSS_DIRS)): EXTRA_GMAKE_FLAGS = -$(addprefix private_export-,$(NSS_DIRS)): private_export-%: - -$(foreach p,libs export private_export,$(addprefix $(p)-,$(NSS_DIRS))): - $(DEFAULT_GMAKE_ENV) $(MAKE) -C $(NSS_SRCDIR)/security/$* $(@:-$*=) $(DEFAULT_GMAKE_FLAGS) - -export:: $(addprefix export-,$(NSS_DIRS)) - -$(addprefix clean-,$(NSS_DIRS)): clean-%: - $(MAKE) -C $(NSS_SRCDIR)/security/$* $(DEFAULT_GMAKE_FLAGS) clean - -clean clobber clobber_all realclean distclean depend:: $(addprefix clean-,$(NSS_DIRS)) - -NSS_CMD_TARGETS := $(addprefix libs-,$(filter-out nss/cmd/lib,$(filter nss/cmd/%,$(NSS_DIRS)))) -target:: $(NSS_CMD_TARGETS) - -ifdef MOZ_FOLD_LIBS -$(NSS_CMD_TARGETS): $(addprefix $(DIST)/lib/$(IMPORT_PREFIX),$(addsuffix $(IMPORT_SUFFIX),$(NSS_LIBS))) -libs-nss/cmd/modutil: libs-nss/lib/jar -ifeq (WINNT,$(OS_TARGET)) -libs-nss/cmd/modutil: libs-nss/lib/zlib -endif -$(NSS_CMD_TARGETS): libs-nss/cmd/lib -else -$(NSS_CMD_TARGETS): libs-nss/lib libs-nss/cmd/lib -endif # MOZ_FOLD_LIBS - -# Work around NSS build system race condition creating certdata.c in -# security/nss/lib/ckfw/builtins. See bug #836220. -libs-nss/lib$(if $(MOZ_FOLD_LIBS),/ckfw): $(call mkdir_deps,$(DEPTH)/security/nss/lib/ckfw/builtins) - diff --git a/config/external/nss/crmf/moz.build b/config/external/nss/crmf/moz.build deleted file mode 100644 index 9a17c6b5ab..0000000000 --- a/config/external/nss/crmf/moz.build +++ /dev/null @@ -1,15 +0,0 @@ -# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*- -# This Source Code Form is subject to the terms of the Mozilla Public -# License, v. 2.0. If a copy of the MPL was not distributed with this -# file, You can obtain one at http://mozilla.org/MPL/2.0/. - -Library('crmf') - -USE_LIBS += [ - # The dependency on nss is not real, but is required to force the - # parent directory being built before this one. This has no - # practical effect on linkage, since the only thing linking crmf - # will need nss anyways. - 'nss', - 'static:/security/nss/lib/crmf/crmf', -] diff --git a/config/external/nss/moz.build b/config/external/nss/moz.build deleted file mode 100644 index ff1befc94c..0000000000 --- a/config/external/nss/moz.build +++ /dev/null @@ -1,39 +0,0 @@ -# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*- -# This Source Code Form is subject to the terms of the Mozilla Public -# License, v. 2.0. If a copy of the MPL was not distributed with this -# file, You can obtain one at http://mozilla.org/MPL/2.0/. - -DIRS += ['crmf'] - -if CONFIG['MOZ_FOLD_LIBS']: - GeckoSharedLibrary('nss', linkage=None) - # TODO: The library name can be changed when bug 845217 is fixed. - SHARED_LIBRARY_NAME = 'nss3' - - SDK_LIBRARY = True - - USE_LIBS += [ - 'nspr4', - 'plc4', - 'plds4', - ] - - OS_LIBS += CONFIG['REALTIME_LIBS'] - - SYMBOLS_FILE = 'nss.symbols' -else: - Library('nss') - USE_LIBS += [ - '/security/nss/lib/nss/nss3', - '/security/nss/lib/smime/smime3', - '/security/nss/lib/ssl/ssl3', - '/security/nss/lib/util/nssutil3', - ] - -USE_LIBS += ['sqlite'] - -# XXX: We should fix these warnings. -ALLOW_COMPILER_WARNINGS = True - -if CONFIG['NSS_EXTRA_SYMBOLS_FILE']: - DEFINES['NSS_EXTRA_SYMBOLS_FILE'] = CONFIG['NSS_EXTRA_SYMBOLS_FILE'] diff --git a/config/external/nss/nss.mk b/config/external/nss/nss.mk deleted file mode 100644 index 38d234a0b9..0000000000 --- a/config/external/nss/nss.mk +++ /dev/null @@ -1,27 +0,0 @@ -# This Source Code Form is subject to the terms of the Mozilla Public -# License, v. 2.0. If a copy of the MPL was not distributed with this -# file, You can obtain one at http://mozilla.org/MPL/2.0/. - -include $(DEPTH)/config/autoconf.mk - -include $(topsrcdir)/config/config.mk - -dirs := - -define add_dirs -SHARED_LIBRARY_DIRS := -include $(topsrcdir)/security/$(1)/config.mk -dirs += $$(addprefix $(1)/,$$(SHARED_LIBRARY_DIRS)) $(1) -endef -$(foreach dir,util nss ssl smime,$(eval $(call add_dirs,nss/lib/$(dir)))) - -libs := -define add_lib -LIBRARY_NAME := -include $(topsrcdir)/security/$(1)/manifest.mn -libs += $$(addprefix $(1)/,$(LIB_PREFIX)$$(LIBRARY_NAME).$(LIB_SUFFIX)) -endef -$(foreach dir,$(dirs),$(eval $(call add_lib,$(dir)))) - -echo-variable-%: - @echo $($*) diff --git a/config/external/nss/nss.symbols b/config/external/nss/nss.symbols deleted file mode 100644 index 83f5dc524c..0000000000 --- a/config/external/nss/nss.symbols +++ /dev/null @@ -1,748 +0,0 @@ -# This Source Code Form is subject to the terms of the Mozilla Public -# License, v. 2.0. If a copy of the MPL was not distributed with this -# file, You can obtain one at http://mozilla.org/MPL/2.0/. - -#ifndef XP_WIN -# NSPR, unlike NSS, exports symbols with symbol visibility (Unix) or __declspec -# (Windows). When using a linker script, however, we need to explicitly -# specify that NSPR's symbols should be globally visible. Otherwise, NSPR's -# exported symbols would be hidden. -# .def files on Windows don't allow wildcards, of course, which is why this is -# excluded on Windows, but it doesn't matter because the symbols are already -# exported in NSPR (Windows peculiarity). -PR_* -PL_* -#endif -ATOB_AsciiToData -ATOB_AsciiToData_Util -ATOB_ConvertAsciiToItem -ATOB_ConvertAsciiToItem_Util -BTOA_ConvertItemToAscii_Util -BTOA_DataToAscii -BTOA_DataToAscii_Util -CERT_AddCertToListHead -CERT_AddCertToListTail -CERT_AddExtension -CERT_AddExtensionByOID -__CERT_AddTempCertToPerm -CERT_AsciiToName -CERT_CacheOCSPResponseFromSideChannel -CERT_CertChainFromCert -CERT_CertificateRequestTemplate @DATA@ -CERT_CertificateTemplate @DATA@ -CERT_CertListFromCert -CERT_ChangeCertTrust -CERT_CheckCertUsage -CERT_CheckCertValidTimes -CERT_CheckNameSpace -CERT_ClearOCSPCache -CERT_CompareCerts -CERT_CompareName -CERT_ConvertAndDecodeCertificate -CERT_CopyName -CERT_CopyRDN -CERT_CreateCertificate -CERT_CreateCertificateRequest -CERT_CreateSubjectCertList -CERT_CreateValidity -CERT_CrlTemplate @DATA@ -CERT_DecodeAltNameExtension -CERT_DecodeAuthInfoAccessExtension -CERT_DecodeAuthKeyID -CERT_DecodeAVAValue -CERT_DecodeBasicConstraintValue -CERT_DecodeCertFromPackage -CERT_DecodeCertificatePoliciesExtension -CERT_DecodeCertPackage -CERT_DecodeCRLDistributionPoints -CERT_DecodeNameConstraintsExtension -CERT_DecodeOidSequence -CERT_DecodePrivKeyUsagePeriodExtension -CERT_DecodeTrustString -CERT_DecodeUserNotice -CERT_DerNameToAscii -CERT_DestroyCertArray -CERT_DestroyCertificate -CERT_DestroyCertificateList -CERT_DestroyCertificatePoliciesExtension -CERT_DestroyCertificateRequest -CERT_DestroyCertList -CERT_DestroyName -CERT_DestroyOidSequence -CERT_DestroyUserNotice -CERT_DestroyValidity -CERT_DisableOCSPChecking -CERT_DisableOCSPDefaultResponder -CERT_DupCertificate -CERT_EnableOCSPChecking -CERT_EncodeAltNameExtension -CERT_EncodeAndAddBitStrExtension -CERT_EncodeAuthKeyID -CERT_EncodeBasicConstraintValue -CERT_EncodeCertPoliciesExtension -CERT_EncodeCRLDistributionPoints -CERT_EncodeInfoAccessExtension -CERT_EncodeInhibitAnyExtension -CERT_EncodeNameConstraintsExtension -CERT_EncodeNoticeReference -CERT_EncodePolicyConstraintsExtension -CERT_EncodePolicyMappingExtension -CERT_EncodeSubjectKeyID -CERT_EncodeUserNotice -CERT_ExtractPublicKey -CERT_FilterCertListByCANames -CERT_FilterCertListByUsage -CERT_FilterCertListForUserCerts -CERT_FindCertByDERCert -CERT_FindCertByIssuerAndSN -CERT_FindCertByName -CERT_FindCertByNickname -CERT_FindCertByNicknameOrEmailAddr -CERT_FindCertExtension -CERT_FindCertIssuer -CERT_FindKeyUsageExtension -CERT_FindUserCertByUsage -CERT_FindUserCertsByUsage -CERT_FinishCertificateRequestAttributes -CERT_FinishExtensions -CERT_ForcePostMethodForOCSP -CERT_FreeNicknames -CERT_GenTime2FormattedAscii_Util -CERT_GetCertChainFromCert -CERT_GetCertEmailAddress -CERT_GetCertificateDer -CERT_GetCertificateRequestExtensions -CERT_GetCertKeyType -CERT_GetCertTimes -CERT_GetCertTrust -CERT_GetCommonName -CERT_GetConstrainedCertificateNames -CERT_GetCountryName -CERT_GetDefaultCertDB -CERT_GetFirstEmailAddress -CERT_GetGeneralNameTypeFromString -CERT_GetImposedNameConstraints -CERT_GetLocalityName -CERT_GetNextEmailAddress -CERT_GetNextGeneralName -CERT_GetNextNameConstraint -CERT_GetOCSPAuthorityInfoAccessLocation -CERT_GetOidString -CERT_GetOrgName -CERT_GetOrgUnitName -CERT_GetStateName -CERT_Hexify -CERT_ImportCerts -CERT_IsCACert -CERT_IsUserCert -CERT_MakeCANickname -CERT_MergeExtensions -CERT_NameTemplate @DATA@ -CERT_NameToAscii -CERT_NewCertList -CERT_NewTempCertificate -CERT_NicknameStringsFromCertList -CERT_OCSPCacheSettings -CERT_RemoveCertListNode -CERT_RFC1485_EscapeAndQuote -CERT_SaveSMimeProfile -CERT_SequenceOfCertExtensionTemplate @DATA@ -CERT_SetOCSPFailureMode -CERT_SetOCSPTimeout -CERT_SignedCrlTemplate @DATA@ -CERT_SignedDataTemplate @DATA@ -CERT_StartCertExtensions -CERT_StartCertificateRequestAttributes -CERT_SubjectPublicKeyInfoTemplate @DATA@ -CERT_TimeChoiceTemplate @DATA@ -CERT_VerifyCertificate -CERT_VerifySignedDataWithPublicKeyInfo -DER_AsciiToTime_Util -DER_DecodeTimeChoice_Util -DER_Encode -DER_EncodeTimeChoice_Util -DER_Encode_Util -DER_GeneralizedTimeToTime -DER_GeneralizedTimeToTime_Util -DER_GetInteger -DER_GetInteger_Util -DER_SetUInteger -DER_UTCTimeToTime_Util -DSAU_DecodeDerSigToLen -DSAU_EncodeDerSigWithLen -DTLS_GetHandshakeTimeout -DTLS_ImportFD -HASH_Begin -HASH_Create -HASH_Destroy -HASH_End -HASH_GetHashObject -HASH_GetHashOidTagByHashType -HASH_GetType -HASH_HashBuf -HASH_ResultLenByOidTag -HASH_Update -NSSBase64_DecodeBuffer -NSSBase64_EncodeItem -NSSBase64_EncodeItem_Util -NSS_CMSContentInfo_GetContent -NSS_CMSContentInfo_GetContentTypeTag -NSS_CMSContentInfo_SetContent_Data -NSS_CMSContentInfo_SetContent_EnvelopedData -NSS_CMSContentInfo_SetContent_SignedData -NSS_CMSDecoder_Cancel -NSS_CMSDecoder_Finish -NSS_CMSDecoder_Start -NSS_CMSDecoder_Update -NSS_CMSEncoder_Cancel -NSS_CMSEncoder_Finish -NSS_CMSEncoder_Start -NSS_CMSEncoder_Update -NSS_CMSEnvelopedData_AddRecipient -NSS_CMSEnvelopedData_Create -NSS_CMSEnvelopedData_GetContentInfo -NSS_CMSMessage_ContentLevel -NSS_CMSMessage_ContentLevelCount -NSS_CMSMessage_Create -NSS_CMSMessage_CreateFromDER -NSS_CMSMessage_Destroy -NSS_CMSMessage_GetContent -NSS_CMSMessage_GetContentInfo -NSS_CMSMessage_IsEncrypted -NSS_CMSMessage_IsSigned -NSS_CMSRecipientInfo_Create -NSS_CMSSignedData_AddCertificate -NSS_CMSSignedData_AddCertList -NSS_CMSSignedData_AddSignerInfo -NSS_CMSSignedData_Create -NSS_CMSSignedData_CreateCertsOnly -NSS_CMSSignedData_Destroy -NSS_CMSSignedData_GetContentInfo -NSS_CMSSignedData_GetDigestAlgs -NSS_CMSSignedData_GetSignerInfo -NSS_CMSSignedData_HasDigests -NSS_CMSSignedData_ImportCerts -NSS_CMSSignedData_SetDigestValue -NSS_CMSSignedData_SignerInfoCount -NSS_CMSSignedData_VerifySignerInfo -NSS_CMSSignerInfo_AddMSSMIMEEncKeyPrefs -NSS_CMSSignerInfo_AddSigningTime -NSS_CMSSignerInfo_AddSMIMECaps -NSS_CMSSignerInfo_AddSMIMEEncKeyPrefs -NSS_CMSSignerInfo_Create -NSS_CMSSignerInfo_GetSignerCommonName -NSS_CMSSignerInfo_GetSignerEmailAddress -NSS_CMSSignerInfo_GetSigningCertificate -NSS_CMSSignerInfo_IncludeCerts -NSS_CMSSignerInfo_Verify -NSS_FindCertKEAType -NSS_GetAlgorithmPolicy -NSS_Get_CERT_CertificateRequestTemplate -NSS_Get_CERT_CertificateTemplate -NSS_Get_CERT_CrlTemplate -NSS_Get_CERT_NameTemplate -NSS_Get_CERT_SequenceOfCertExtensionTemplate -NSS_Get_CERT_SignedCrlTemplate -NSS_Get_CERT_SignedDataTemplate -NSS_Get_CERT_SubjectPublicKeyInfoTemplate -NSS_Get_CERT_TimeChoiceTemplate -NSS_Get_SEC_AnyTemplate_Util -NSS_Get_SEC_BitStringTemplate -NSS_Get_SEC_BitStringTemplate_Util -NSS_Get_SEC_BMPStringTemplate -NSS_Get_SEC_BooleanTemplate_Util -NSS_Get_SEC_GeneralizedTimeTemplate_Util -NSS_Get_SEC_IA5StringTemplate -NSS_Get_SEC_IA5StringTemplate_Util -NSS_Get_SEC_IntegerTemplate -NSS_Get_SEC_IntegerTemplate_Util -NSS_Get_SECKEY_RSAPSSParamsTemplate -NSS_Get_SEC_NullTemplate_Util -NSS_Get_SEC_ObjectIDTemplate_Util -NSS_Get_SEC_OctetStringTemplate -NSS_Get_SEC_OctetStringTemplate_Util -NSS_Get_SECOID_AlgorithmIDTemplate -NSS_Get_SECOID_AlgorithmIDTemplate_Util -NSS_Get_SEC_SignedCertificateTemplate -NSS_Get_SEC_UTF8StringTemplate -NSS_Get_SEC_UTF8StringTemplate_Util -NSS_GetVersion -NSS_Init -NSS_Initialize -NSS_InitWithMerge -NSS_IsInitialized -NSS_OptionGet -NSS_OptionSet -NSS_NoDB_Init -NSS_SecureMemcmp -NSS_SetAlgorithmPolicy -NSS_SetDomesticPolicy -NSS_Shutdown -NSSSMIME_GetVersion -NSS_SMIMESignerInfo_SaveSMIMEProfile -NSS_SMIMEUtil_FindBulkAlgForRecipients -NSSSSL_GetVersion -#ifdef XP_WIN -_NSSUTIL_Access -#endif -NSSUTIL_ArgDecodeNumber -NSSUTIL_ArgFetchValue -NSSUTIL_ArgGetLabel -NSSUTIL_ArgGetParamValue -NSSUTIL_ArgHasFlag -NSSUTIL_ArgIsBlank -NSSUTIL_ArgParseCipherFlags -NSSUTIL_ArgParseModuleSpec -NSSUTIL_ArgParseSlotFlags -NSSUTIL_ArgParseSlotInfo -NSSUTIL_ArgReadLong -NSSUTIL_ArgSkipParameter -NSSUTIL_ArgStrip -NSSUTIL_DoModuleDBFunction -_NSSUTIL_EvaluateConfigDir -_NSSUTIL_GetSecmodName -NSSUTIL_GetVersion -NSSUTIL_MkModuleSpec -NSSUTIL_MkNSSString -NSSUTIL_MkSlotString -NSSUTIL_Quote -#ifdef XP_WIN -_NSSUTIL_UTF8ToWide -#endif -PK11_AlgtagToMechanism -PK11_Authenticate -PK11_ChangePW -PK11_CheckUserPassword -PK11_CipherOp -PK11_ConfigurePKCS11 -PK11_CreateContextBySymKey -PK11_CreateDigestContext -PK11_CreateGenericObject -PK11_CreateMergeLog -PK11_CreatePBEV2AlgorithmID -PK11_Decrypt -PK11_DeleteTokenCertAndKey -PK11_DeleteTokenPrivateKey -PK11_DeleteTokenPublicKey -PK11_DEREncodePublicKey -PK11_Derive -PK11_DeriveWithTemplate -PK11_DestroyContext -PK11_DestroyGenericObject -PK11_DestroyMergeLog -PK11_DestroyObject -PK11_DestroyTokenObject -PK11_DigestBegin -PK11_DigestFinal -PK11_DigestOp -PK11_DoesMechanism -PK11_Encrypt -PK11_ExportDERPrivateKeyInfo -PK11_ExportEncryptedPrivKeyInfo -PK11_ExtractKeyValue -PK11_FindCertFromNickname -PK11_FindCertInSlot -PK11_FindCertsFromEmailAddress -PK11_FindCertsFromNickname -PK11_FindKeyByAnyCert -PK11_FindKeyByDERCert -PK11_FindKeyByKeyID -PK11_FindRawCertsWithSubject -PK11_FindSlotByName -PK11_FindSlotsByNames -PK11_FreeSlot -PK11_FreeSlotList -PK11_FreeSlotListElement -PK11_FreeSymKey -PK11_GenerateKeyPair -PK11_GenerateKeyPairWithFlags -PK11_GenerateKeyPairWithOpFlags -PK11_GenerateRandom -PK11_GenerateRandomOnSlot -PK11_GetAllSlotsForCert -PK11_GetAllTokens -PK11_GetBestSlot -PK11_GetBestSlotMultiple -PK11_GetBlockSize -PK11_GetCertFromPrivateKey -PK11_GetCertsMatchingPrivateKey -PK11_GetDefaultArray -PK11_GetDefaultFlags -PK11_GetDisabledReason -PK11_GetFirstSafe -PK11_GetInternalKeySlot -PK11_GetInternalSlot -PK11_GetIVLength -PK11_GetKeyData -PK11_GetKeyGen -PK11_GetLowLevelKeyIDForPrivateKey -PK11_GetMechanism -PK11_GetMinimumPwdLength -PK11_GetModInfo -PK11_GetModuleURI -PK11_GetNextSafe -PK11_GetNextSymKey -PK11_GetPadMechanism -PK11_GetPrivateKeyNickname -PK11_GetPrivateModulusLen -PK11_GetSlotFromPrivateKey -PK11_GetSlotID -PK11_GetSlotInfo -PK11_GetSlotName -PK11_GetSlotPWValues -PK11_GetSlotSeries -PK11_GetSymKeyNickname -PK11_GetTokenInfo -PK11_GetTokenName -PK11_GetTokenURI -PK11_HasAttributeSet -PK11_HashBuf -PK11_HasRootCerts -PK11_ImportCert -PK11_ImportCertForKey -PK11_ImportCRL -PK11_ImportDERPrivateKeyInfoAndReturnKey -PK11_ImportPublicKey -PK11_ImportSymKey -PK11_InitPin -PK11_IsDisabled -PK11_IsFIPS -PK11_IsFriendly -PK11_IsHW -PK11_IsInternal -PK11_IsLoggedIn -PK11_IsPresent -PK11_IsReadOnly -PK11_IsRemovable -PK11_KeyForCertExists -PK11_KeyGen -PK11_KeyGenWithTemplate -PK11_ListCerts -PK11_ListCertsInSlot -PK11_ListFixedKeysInSlot -PK11_ListPrivateKeysInSlot -PK11_ListPrivKeysInSlot -PK11_LoadPrivKey -PK11_Logout -PK11_LogoutAll -PK11_MakeIDFromPubKey -PK11_MapSignKeyType -PK11_MechanismToAlgtag -PK11_MergeTokens -PK11_NeedLogin -PK11_NeedUserInit -PK11_ParamFromIV -PK11_PBEKeyGen -PK11_PrivDecrypt -PK11_PrivDecryptPKCS1 -PK11_ProtectedAuthenticationPath -PK11_PubDeriveWithKDF -PK11_PubEncrypt -PK11_PubEncryptPKCS1 -PK11_PubUnwrapSymKey -PK11_PubWrapSymKey -PK11_RandomUpdate -PK11_ReadRawAttribute -PK11_ReferenceSlot -PK11_ResetToken -PK11SDR_Decrypt -PK11SDR_Encrypt -PK11_SetPasswordFunc -PK11_SetSlotPWValues -PK11_SetSymKeyNickname -PK11_Sign -PK11_SignatureLen -PK11_SignWithMechanism -PK11_TokenKeyGenWithFlags -PK11_UnwrapPrivKey -PK11_UnwrapSymKey -PK11_UpdateSlotAttribute -PK11_UserDisableSlot -PK11_UserEnableSlot -PK11_VerifyWithMechanism -PK11_WrapPrivKey -PK11_WrapSymKey -PORT_Alloc -PORT_Alloc_Util -PORT_ArenaAlloc -PORT_ArenaAlloc_Util -PORT_ArenaGrow_Util -PORT_ArenaMark_Util -PORT_ArenaRelease_Util -PORT_ArenaStrdup -PORT_ArenaStrdup_Util -PORT_ArenaUnmark_Util -PORT_ArenaZAlloc -PORT_ArenaZAlloc_Util -PORT_DestroyCheapArena -PORT_Free -PORT_FreeArena -PORT_FreeArena_Util -PORT_Free_Util -PORT_GetError -PORT_GetError_Util -PORT_InitCheapArena -PORT_NewArena -PORT_NewArena_Util -PORT_Realloc_Util -PORT_RegExpSearch -PORT_SetError -PORT_SetError_Util -PORT_SetUCS2_ASCIIConversionFunction -PORT_SetUCS2_ASCIIConversionFunction_Util -PORT_Strdup -PORT_Strdup_Util -PORT_UCS2_ASCIIConversion_Util -PORT_UCS2_UTF8Conversion -PORT_UCS2_UTF8Conversion_Util -PORT_ZAlloc -PORT_ZAlloc_Util -PORT_ZFree_Util -SEC_AnyTemplate_Util @DATA@ -SEC_ASN1Decode -SEC_ASN1DecodeInteger -SEC_ASN1DecodeItem -SEC_ASN1DecodeItem_Util -SEC_ASN1Decode_Util -SEC_ASN1EncodeInteger_Util -SEC_ASN1EncodeItem -SEC_ASN1EncodeItem_Util -SEC_ASN1EncodeUnsignedInteger_Util -SEC_ASN1Encode_Util -SEC_BitStringTemplate @DATA@ -SEC_BitStringTemplate_Util @DATA@ -SEC_BMPStringTemplate @DATA@ -SEC_BooleanTemplate_Util @DATA@ -SEC_CertNicknameConflict -SEC_DeletePermCertificate -SEC_DerSignData -SEC_DestroyCrl -SEC_GeneralizedTimeTemplate_Util @DATA@ -SEC_GetSignatureAlgorithmOidTag -SEC_IA5StringTemplate @DATA@ -SEC_IA5StringTemplate_Util @DATA@ -SEC_IntegerTemplate @DATA@ -SEC_IntegerTemplate_Util @DATA@ -SECITEM_AllocArray -SECITEM_AllocItem -SECITEM_AllocItem_Util -SECITEM_ArenaDupItem_Util -SECITEM_CompareItem -SECITEM_CompareItem_Util -SECITEM_CopyItem -SECITEM_CopyItem_Util -SECITEM_DupArray -SECITEM_DupItem -SECITEM_DupItem_Util -SECITEM_FreeItem -SECITEM_FreeItem_Util -SECITEM_HashCompare -SECITEM_ItemsAreEqual -SECITEM_ItemsAreEqual_Util -SECITEM_ReallocItemV2 -SECITEM_ZfreeItem -SECITEM_ZfreeItem_Util -SECKEY_ConvertToPublicKey -SECKEY_CopyPrivateKey -SECKEY_CopyPublicKey -SECKEY_CopySubjectPublicKeyInfo -SECKEY_CreateSubjectPublicKeyInfo -SECKEY_DecodeDERSubjectPublicKeyInfo -SECKEY_DestroyEncryptedPrivateKeyInfo -SECKEY_DestroyPrivateKey -SECKEY_DestroyPrivateKeyList -SECKEY_DestroyPublicKey -SECKEY_DestroySubjectPublicKeyInfo -SECKEY_ECParamsToBasePointOrderLen -SECKEY_ECParamsToKeySize -SECKEY_EncodeDERSubjectPublicKeyInfo -SECKEY_ExtractPublicKey -SECKEY_GetPublicKeyType -SECKEY_ImportDERPublicKey -SECKEY_PublicKeyStrength -SECKEY_RSAPSSParamsTemplate @DATA@ -SECKEY_SignatureLen -SECMIME_DecryptionAllowed -SECMOD_AddNewModule -SECMOD_AddNewModuleEx -SECMOD_CancelWait -SECMOD_CanDeleteInternalModule -SECMOD_CloseUserDB -SECMOD_CreateModule -SECMOD_DeleteInternalModule -SECMOD_DeleteModule -SECMOD_DestroyModule -SECMOD_FindModule -SECMOD_GetDeadModuleList -SECMOD_GetDefaultModuleList -SECMOD_GetDefaultModuleListLock -SECMOD_GetInternalModule -SECMOD_GetModuleSpecList -SECMOD_GetReadLock -SECMOD_HasRemovableSlots -SECMOD_InternaltoPubMechFlags -SECMOD_LoadModule -SECMOD_LoadUserModule -SECMOD_OpenUserDB -SECMOD_PubCipherFlagstoInternal -SECMOD_PubMechFlagstoInternal -SECMOD_ReferenceModule -SECMOD_ReleaseReadLock -SECMOD_UnloadUserModule -SECMOD_UpdateModule -SECMOD_WaitForAnyTokenEvent -SEC_NullTemplate_Util @DATA@ -SEC_ObjectIDTemplate_Util @DATA@ -SEC_OctetStringTemplate @DATA@ -SEC_OctetStringTemplate_Util @DATA@ -SECOID_AddEntry -SECOID_AddEntry_Util -SECOID_AlgorithmIDTemplate @DATA@ -SECOID_AlgorithmIDTemplate_Util @DATA@ -SECOID_CopyAlgorithmID_Util -SECOID_DestroyAlgorithmID -SECOID_DestroyAlgorithmID_Util -SECOID_FindOID -SECOID_FindOIDByMechanism -SECOID_FindOIDByTag -SECOID_FindOIDByTag_Util -SECOID_FindOIDTag -SECOID_FindOIDTagDescription_Util -SECOID_FindOIDTag_Util -SECOID_FindOID_Util -SECOID_GetAlgorithmTag -SECOID_GetAlgorithmTag_Util -SECOID_Init -SECOID_SetAlgorithmID -SECOID_SetAlgorithmID_Util -SECOID_Shutdown -SEC_PKCS12AddCertAndKey -SEC_PKCS12AddPasswordIntegrity -SEC_PKCS12CreateExportContext -SEC_PKCS12CreatePasswordPrivSafe -SEC_PKCS12CreateUnencryptedSafe -SEC_PKCS12DecoderFinish -SEC_PKCS12DecoderImportBags -SEC_PKCS12DecoderIterateInit -SEC_PKCS12DecoderIterateNext -SEC_PKCS12DecoderRenameCertNicknames -SEC_PKCS12DecoderStart -SEC_PKCS12DecoderUpdate -SEC_PKCS12DecoderValidateBags -SEC_PKCS12DecoderVerify -SEC_PKCS12DestroyExportContext -SEC_PKCS12EnableCipher -SEC_PKCS12Encode -SEC_PKCS12IsEncryptionAllowed -SEC_PKCS12SetPreferredCipher -SEC_PKCS5GetPBEAlgorithm -SEC_PKCS5IsAlgorithmPBEAlgTag -SEC_PKCS7AddSigningTime -SEC_PKCS7ContentIsEncrypted -SEC_PKCS7ContentIsSigned -SEC_PKCS7CopyContentInfo -SEC_PKCS7CreateSignedData -SEC_PKCS7DecodeItem -SEC_PKCS7DecoderFinish -SEC_PKCS7DecoderStart -SEC_PKCS7DecoderUpdate -SEC_PKCS7DestroyContentInfo -SEC_PKCS7Encode -SEC_PKCS7IncludeCertChain -SEC_PKCS7VerifyDetachedSignature -SEC_QuickDERDecodeItem -SEC_QuickDERDecodeItem_Util -SEC_RegisterDefaultHttpClient -SEC_SignData -SEC_SignedCertificateTemplate @DATA@ -SEC_StringToOID -SEC_UTF8StringTemplate @DATA@ -SEC_UTF8StringTemplate_Util @DATA@ -SGN_Begin -SGN_CreateDigestInfo -SGN_CreateDigestInfo_Util -SGN_DecodeDigestInfo -SGN_DestroyContext -SGN_DestroyDigestInfo -SGN_DestroyDigestInfo_Util -SGN_End -SGN_NewContext -SGN_Update -SSL_AuthCertificateComplete -SSL_AuthCertificateHook -SSL_CipherPrefGet -SSL_CipherPrefSet -SSL_CipherPrefSetDefault -SSL_ClearSessionCache -SSL_ConfigSecureServer -SSL_ConfigSecureServerWithCertChain -SSL_ConfigServerSessionIDCache -SSL_ExportKeyingMaterial -SSL_ForceHandshake -SSL_GetChannelInfo -SSL_GetCipherSuiteInfo -SSL_GetClientAuthDataHook -SSL_GetImplementedCiphers -SSL_GetNextProto -SSL_GetNumImplementedCiphers -SSL_GetSRTPCipher -SSL_GetStatistics -SSL_HandshakeCallback -SSL_HandshakeNegotiatedExtension -SSL_ImplementedCiphers @DATA@ -SSL_ImportFD -SSL_NamedGroupConfig -SSL_NumImplementedCiphers @DATA@ -SSL_OptionSet -SSL_OptionSetDefault -SSL_PeerCertificate -SSL_PeerCertificateChain -SSL_PeerSignedCertTimestamps -SSL_PeerStapledOCSPResponses -SSL_ResetHandshake -SSL_SendAdditionalKeyShares -SSL_SetCanFalseStartCallback -SSL_SetDowngradeCheckVersion -SSL_SetNextProtoNego -SSL_SetPKCS11PinArg -SSL_SetSockPeerID -SSL_SetSRTPCiphers -SSL_SetStapledOCSPResponses -SSL_SetTrustAnchors -SSL_SetURL -SSL_ShutdownServerSessionIDCache -SSL_SignatureSchemePrefSet -SSL_SNISocketConfigHook -SSL_VersionRangeGet -SSL_VersionRangeGetDefault -SSL_VersionRangeGetSupported -SSL_VersionRangeSet -SSL_VersionRangeSetDefault -UTIL_SetForkState -VFY_Begin -VFY_CreateContext -VFY_DestroyContext -VFY_End -VFY_EndWithSignature -VFY_Update -VFY_VerifyData -VFY_VerifyDataWithAlgorithmID -VFY_VerifyDigestDirect -_SGN_VerifyPKCS1DigestInfo -__PK11_SetCertificateNickname -# These symbols are not used by applications but are possibly used across -# NSS library boundaries. -NSS_SecureMemcmpZero -PORT_ZAllocAlignedOffset_Util -CERT_FindCertByNicknameOrEmailAddrCX -SECKEY_GetPrivateKeyType -SEC_DerSignDataWithAlgorithmID -SEC_CreateSignatureAlgorithmParameters -# These symbols are not used by applicatons themselves, but are used by -# Java's security libraries, which in turn are used by Java -# applets/plugins/etc. Provide them to make Java code happy. -NSS_VersionCheck -NSS_Initialize -#ifdef NSS_EXTRA_SYMBOLS_FILE -#include @NSS_EXTRA_SYMBOLS_FILE@ -#endif diff --git a/moz.build b/moz.build index a251a8f0e1..7d6e035a5f 100644 --- a/moz.build +++ b/moz.build @@ -73,7 +73,7 @@ if not CONFIG['MOZ_DISABLE_PLATFORM']: DIRS += [ 'config/external', - 'config/external/nss', + 'security', ] if CONFIG['BUILD_CTYPES']: diff --git a/old-configure.in b/old-configure.in index ade675e956..1c2858bd8f 100644 --- a/old-configure.in +++ b/old-configure.in @@ -2009,6 +2009,16 @@ MOZ_CONFIG_NSPR() NSS_CFLAGS="-I${DIST}/include/nss" AC_SUBST(NSS_CFLAGS) +case "${OS_ARCH}" in + # This is to match the conditions in security/generate_mapfile.py, + # plus Windows which doesn't run that script. + WINNT|Darwin|Linux) + ;; + *) + AC_MSG_ERROR([building in-tree NSS is not supported on this platform.]) + ;; +esac + if test -z "$SKIP_LIBRARY_CHECKS"; then dnl system JPEG support dnl ======================================================== diff --git a/python/mozbuild/mozbuild/frontend/emitter.py b/python/mozbuild/mozbuild/frontend/emitter.py index 25c5826626..bb20b2e7d3 100644 --- a/python/mozbuild/mozbuild/frontend/emitter.py +++ b/python/mozbuild/mozbuild/frontend/emitter.py @@ -139,8 +139,6 @@ class TreeMetadataEmitter(LoggingMixin): if os.path.exists(subconfigures): paths = open(subconfigures).read().splitlines() self._external_paths = set(mozpath.normsep(d) for d in paths) - # Add security/nss manually, since it doesn't have a subconfigure. - self._external_paths.add('security/nss') self._emitter_time = 0.0 self._object_count = 0 diff --git a/security/generate_certdata.py b/security/generate_certdata.py new file mode 100644 index 0000000000..a732ccaa82 --- /dev/null +++ b/security/generate_certdata.py @@ -0,0 +1,11 @@ +#!/usr/bin/env python +# +# This exists to paper over differences between gyp's `action` definitions +# and moz.build `GENERATED_FILES` semantics. + +import buildconfig +import subprocess + +def main(output, *inputs): + output.write(subprocess.check_output([buildconfig.substs['PERL']] + list(inputs))) + return None diff --git a/security/generate_mapfile.py b/security/generate_mapfile.py new file mode 100644 index 0000000000..ec07ff1555 --- /dev/null +++ b/security/generate_mapfile.py @@ -0,0 +1,54 @@ +#!/usr/bin/env python + +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +# This script processes NSS .def files according to the rules defined in +# a comment at the top of each one. The files are used to define the +# exports from NSS shared libraries, with -DEFFILE on Windows, a linker +# script on Linux, or with -exported_symbols_list on OS X. +# +# The NSS build system processes them using a series of sed replacements, +# but the Mozilla build system is already running a Python script to generate +# the file so it's simpler to just do the replacement in Python. + +import buildconfig + + +def main(output, input): + # There's a check in old-configure.in under the system-nss handling + # that should match this. + if buildconfig.substs['OS_ARCH'] not in ('Linux', 'Darwin'): + print "Error: unhandled OS_ARCH %s" % buildconfig.substs['OS_ARCH'] + return 1 + is_linux = buildconfig.substs['OS_ARCH'] == 'Linux' + + with open(input, 'rb') as f: + for line in f: + line = line.rstrip() + # Remove all lines containing ';-' + if ';-' in line: + continue + # On non-Linux, remove all lines containing ';+' + if not is_linux and ';+' in line: + continue + # Remove the string ' DATA '. + line = line.replace(' DATA ', '') + # Remove the string ';+' + line = line.replace(';+', '') + # Remove the string ';;' + line = line.replace(';;', '') + # If a ';' is present, remove everything after it, + # and on non-Linux, remove it as well. + i = line.find(';') + if i != -1: + if is_linux: + line = line[:i+1] + else: + line = line[:i] + # On non-Linux, symbols get an underscore in front. + if line and not is_linux: + output.write('_') + output.write(line) + output.write('\n') diff --git a/security/moz.build b/security/moz.build new file mode 100644 index 0000000000..51425d2406 --- /dev/null +++ b/security/moz.build @@ -0,0 +1,121 @@ +# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*- +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +include('/build/gyp_base.mozbuild') +if CONFIG['MOZ_FOLD_LIBS']: + GeckoSharedLibrary('nss', linkage=None) + # TODO: The library name can be changed when bug 845217 is fixed. + SHARED_LIBRARY_NAME = 'nss3' + + SDK_LIBRARY = True + + USE_LIBS += [ + 'nspr4', + 'nss3_static', + 'nssutil', + 'plc4', + 'plds4', + 'smime3_static', + 'ssl', + ] + + OS_LIBS += CONFIG['REALTIME_LIBS'] + + SYMBOLS_FILE = 'nss.symbols' + # This changes the default targets in the NSS build, among + # other things. + gyp_vars['moz_fold_libs'] = 1 + # Some things in NSS need to link against nssutil, which + # gets folded, so this tells them what to link against. + gyp_vars['moz_folded_library_name'] = 'nss' + # Force things in NSS that want to link against NSPR to link + # against the folded library. + gyp_vars['nspr_libs'] = 'nss' +else: + Library('nss') + USE_LIBS += [ + 'nss3', + 'nssutil3', + 'smime3', + 'sqlite', + 'ssl3', + ] + gyp_vars['nspr_libs'] = 'nspr4 plc4 plds4' + +# This disables building some NSS tools. +gyp_vars['mozilla_client'] = 1 +# We run shlibsign as part of packaging, not build. +gyp_vars['sign_libs'] = 0 +gyp_vars['python'] = CONFIG['PYTHON'] +# The NSS gyp files do not have a default for this. +gyp_vars['nss_dist_dir'] = '$PRODUCT_DIR/dist' +# NSS wants to put public headers in $nss_dist_dir/public/nss by default, +# which would wind up being mapped to dist/include/public/nss (by +# gyp_reader's `handle_copies`). +# This forces it to put them in dist/include/nss. +gyp_vars['nss_public_dist_dir'] = '$PRODUCT_DIR/dist' +gyp_vars['nss_dist_obj_dir'] = '$PRODUCT_DIR/dist/bin' +# We don't currently build NSS tests. +gyp_vars['disable_tests'] = 1 +if CONFIG['NSS_DISABLE_DBM']: + gyp_vars['disable_dbm'] = 1 +gyp_vars['disable_libpkix'] = 1 +# pkg-config won't reliably find zlib on our builders, so just force it. +# System zlib is only used for modutil and signtool unless +# SSL zlib is enabled, which we are disabling immediately below this. +gyp_vars['zlib_libs'] = '-lz' +gyp_vars['ssl_enable_zlib'] = 0 +# System sqlite here is the in-tree mozsqlite. +gyp_vars['use_system_sqlite'] = 1 +gyp_vars['sqlite_libs'] = 'sqlite' +gyp_vars['nspr_include_dir'] = CONFIG['NSPR_INCLUDE_DIR'] +gyp_vars['nspr_lib_dir'] = CONFIG['NSPR_LIB_DIR'] +gyp_vars['enable_sslkeylogfile'] = 1 +# The Python scripts that detect clang need it to be set as CC +# in the environment, which isn't true here. I don't know that +# setting that would be harmful, but we already have this information +# anyway. +if CONFIG['CLANG_CXX']: + gyp_vars['cc_is_clang'] = 1 + +GYP_DIRS += ['nss'] +GYP_DIRS['nss'].input = 'nss/nss.gyp' +GYP_DIRS['nss'].variables = gyp_vars + +sandbox_vars = { + # NSS explicitly exports its public symbols + # with linker scripts. + 'NO_VISIBILITY_FLAGS': True, + # XXX: We should fix these warnings. + 'ALLOW_COMPILER_WARNINGS': True, + # NSS' build system doesn't currently build NSS with PGO. + # We could probably do so, but not without a lot of + # careful consideration. + 'NO_PGO': True, +} +if CONFIG['OS_TARGET'] == 'WINNT': + if CONFIG['CPU_ARCH'] == 'x86': + # This should really be the default. + sandbox_vars['ASFLAGS'] = ['-safeseh'] +if CONFIG['OS_TARGET'] == 'Android': + sandbox_vars['CFLAGS'] = [ + '-include', TOPSRCDIR + '/security/manager/android_stub.h', + # Setting sandbox_vars['DEFINES'] is broken currently. + '-DCHECK_FORK_GETPID', + ] + if CONFIG['ANDROID_VERSION']: + sandbox_vars['CFLAGS'] += ['-DANDROID_VERSION=' + CONFIG['ANDROID_VERSION']] +GYP_DIRS['nss'].sandbox_vars = sandbox_vars +GYP_DIRS['nss'].no_chromium = True +GYP_DIRS['nss'].no_unified = True +# This maps action names from gyp files to +# Python scripts that can be used in moz.build GENERATED_FILES. +GYP_DIRS['nss'].action_overrides = { + 'generate_certdata_c': 'generate_certdata.py', + 'generate_mapfile': 'generate_mapfile.py', +} + +if CONFIG['NSS_EXTRA_SYMBOLS_FILE']: + DEFINES['NSS_EXTRA_SYMBOLS_FILE'] = CONFIG['NSS_EXTRA_SYMBOLS_FILE'] \ No newline at end of file diff --git a/security/nss.symbols b/security/nss.symbols new file mode 100644 index 0000000000..03f9f79d15 --- /dev/null +++ b/security/nss.symbols @@ -0,0 +1,749 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +#ifndef XP_WIN +# NSPR, unlike NSS, exports symbols with symbol visibility (Unix) or __declspec +# (Windows). When using a linker script, however, we need to explicitly +# specify that NSPR's symbols should be globally visible. Otherwise, NSPR's +# exported symbols would be hidden. +# .def files on Windows don't allow wildcards, of course, which is why this is +# excluded on Windows, but it doesn't matter because the symbols are already +# exported in NSPR (Windows peculiarity). +PR_* +PL_* +#endif +#include ../db/sqlite3/src/sqlite.symbols +ATOB_AsciiToData +ATOB_AsciiToData_Util +ATOB_ConvertAsciiToItem +ATOB_ConvertAsciiToItem_Util +BTOA_ConvertItemToAscii_Util +BTOA_DataToAscii +BTOA_DataToAscii_Util +CERT_AddCertToListHead +CERT_AddCertToListTail +CERT_AddExtension +CERT_AddExtensionByOID +__CERT_AddTempCertToPerm +CERT_AsciiToName +CERT_CacheOCSPResponseFromSideChannel +CERT_CertChainFromCert +CERT_CertificateRequestTemplate @DATA@ +CERT_CertificateTemplate @DATA@ +CERT_CertListFromCert +CERT_ChangeCertTrust +CERT_CheckCertUsage +CERT_CheckCertValidTimes +CERT_CheckNameSpace +CERT_ClearOCSPCache +CERT_CompareCerts +CERT_CompareName +CERT_ConvertAndDecodeCertificate +CERT_CopyName +CERT_CopyRDN +CERT_CreateCertificate +CERT_CreateCertificateRequest +CERT_CreateSubjectCertList +CERT_CreateValidity +CERT_CrlTemplate @DATA@ +CERT_DecodeAltNameExtension +CERT_DecodeAuthInfoAccessExtension +CERT_DecodeAuthKeyID +CERT_DecodeAVAValue +CERT_DecodeBasicConstraintValue +CERT_DecodeCertFromPackage +CERT_DecodeCertificatePoliciesExtension +CERT_DecodeCertPackage +CERT_DecodeCRLDistributionPoints +CERT_DecodeNameConstraintsExtension +CERT_DecodeOidSequence +CERT_DecodePrivKeyUsagePeriodExtension +CERT_DecodeTrustString +CERT_DecodeUserNotice +CERT_DerNameToAscii +CERT_DestroyCertArray +CERT_DestroyCertificate +CERT_DestroyCertificateList +CERT_DestroyCertificatePoliciesExtension +CERT_DestroyCertificateRequest +CERT_DestroyCertList +CERT_DestroyName +CERT_DestroyOidSequence +CERT_DestroyUserNotice +CERT_DestroyValidity +CERT_DisableOCSPChecking +CERT_DisableOCSPDefaultResponder +CERT_DupCertificate +CERT_EnableOCSPChecking +CERT_EncodeAltNameExtension +CERT_EncodeAndAddBitStrExtension +CERT_EncodeAuthKeyID +CERT_EncodeBasicConstraintValue +CERT_EncodeCertPoliciesExtension +CERT_EncodeCRLDistributionPoints +CERT_EncodeInfoAccessExtension +CERT_EncodeInhibitAnyExtension +CERT_EncodeNameConstraintsExtension +CERT_EncodeNoticeReference +CERT_EncodePolicyConstraintsExtension +CERT_EncodePolicyMappingExtension +CERT_EncodeSubjectKeyID +CERT_EncodeUserNotice +CERT_ExtractPublicKey +CERT_FilterCertListByCANames +CERT_FilterCertListByUsage +CERT_FilterCertListForUserCerts +CERT_FindCertByDERCert +CERT_FindCertByIssuerAndSN +CERT_FindCertByName +CERT_FindCertByNickname +CERT_FindCertByNicknameOrEmailAddr +CERT_FindCertExtension +CERT_FindCertIssuer +CERT_FindKeyUsageExtension +CERT_FindUserCertByUsage +CERT_FindUserCertsByUsage +CERT_FinishCertificateRequestAttributes +CERT_FinishExtensions +CERT_ForcePostMethodForOCSP +CERT_FreeNicknames +CERT_GenTime2FormattedAscii_Util +CERT_GetCertChainFromCert +CERT_GetCertEmailAddress +CERT_GetCertificateDer +CERT_GetCertificateRequestExtensions +CERT_GetCertKeyType +CERT_GetCertTimes +CERT_GetCertTrust +CERT_GetCommonName +CERT_GetConstrainedCertificateNames +CERT_GetCountryName +CERT_GetDefaultCertDB +CERT_GetFirstEmailAddress +CERT_GetGeneralNameTypeFromString +CERT_GetImposedNameConstraints +CERT_GetLocalityName +CERT_GetNextEmailAddress +CERT_GetNextGeneralName +CERT_GetNextNameConstraint +CERT_GetOCSPAuthorityInfoAccessLocation +CERT_GetOidString +CERT_GetOrgName +CERT_GetOrgUnitName +CERT_GetStateName +CERT_Hexify +CERT_ImportCerts +CERT_IsCACert +CERT_IsUserCert +CERT_MakeCANickname +CERT_MergeExtensions +CERT_NameTemplate @DATA@ +CERT_NameToAscii +CERT_NewCertList +CERT_NewTempCertificate +CERT_NicknameStringsFromCertList +CERT_OCSPCacheSettings +CERT_RemoveCertListNode +CERT_RFC1485_EscapeAndQuote +CERT_SaveSMimeProfile +CERT_SequenceOfCertExtensionTemplate @DATA@ +CERT_SetOCSPFailureMode +CERT_SetOCSPTimeout +CERT_SignedCrlTemplate @DATA@ +CERT_SignedDataTemplate @DATA@ +CERT_StartCertExtensions +CERT_StartCertificateRequestAttributes +CERT_SubjectPublicKeyInfoTemplate @DATA@ +CERT_TimeChoiceTemplate @DATA@ +CERT_VerifyCertificate +CERT_VerifySignedDataWithPublicKeyInfo +DER_AsciiToTime_Util +DER_DecodeTimeChoice_Util +DER_Encode +DER_EncodeTimeChoice_Util +DER_Encode_Util +DER_GeneralizedTimeToTime +DER_GeneralizedTimeToTime_Util +DER_GetInteger +DER_GetInteger_Util +DER_SetUInteger +DER_UTCTimeToTime_Util +DSAU_DecodeDerSigToLen +DSAU_EncodeDerSigWithLen +DTLS_GetHandshakeTimeout +DTLS_ImportFD +HASH_Begin +HASH_Create +HASH_Destroy +HASH_End +HASH_GetHashObject +HASH_GetHashOidTagByHashType +HASH_GetType +HASH_HashBuf +HASH_ResultLenByOidTag +HASH_Update +NSSBase64_DecodeBuffer +NSSBase64_EncodeItem +NSSBase64_EncodeItem_Util +NSS_CMSContentInfo_GetContent +NSS_CMSContentInfo_GetContentTypeTag +NSS_CMSContentInfo_SetContent_Data +NSS_CMSContentInfo_SetContent_EnvelopedData +NSS_CMSContentInfo_SetContent_SignedData +NSS_CMSDecoder_Cancel +NSS_CMSDecoder_Finish +NSS_CMSDecoder_Start +NSS_CMSDecoder_Update +NSS_CMSEncoder_Cancel +NSS_CMSEncoder_Finish +NSS_CMSEncoder_Start +NSS_CMSEncoder_Update +NSS_CMSEnvelopedData_AddRecipient +NSS_CMSEnvelopedData_Create +NSS_CMSEnvelopedData_GetContentInfo +NSS_CMSMessage_ContentLevel +NSS_CMSMessage_ContentLevelCount +NSS_CMSMessage_Create +NSS_CMSMessage_CreateFromDER +NSS_CMSMessage_Destroy +NSS_CMSMessage_GetContent +NSS_CMSMessage_GetContentInfo +NSS_CMSMessage_IsEncrypted +NSS_CMSMessage_IsSigned +NSS_CMSRecipientInfo_Create +NSS_CMSSignedData_AddCertificate +NSS_CMSSignedData_AddCertList +NSS_CMSSignedData_AddSignerInfo +NSS_CMSSignedData_Create +NSS_CMSSignedData_CreateCertsOnly +NSS_CMSSignedData_Destroy +NSS_CMSSignedData_GetContentInfo +NSS_CMSSignedData_GetDigestAlgs +NSS_CMSSignedData_GetSignerInfo +NSS_CMSSignedData_HasDigests +NSS_CMSSignedData_ImportCerts +NSS_CMSSignedData_SetDigestValue +NSS_CMSSignedData_SignerInfoCount +NSS_CMSSignedData_VerifySignerInfo +NSS_CMSSignerInfo_AddMSSMIMEEncKeyPrefs +NSS_CMSSignerInfo_AddSigningTime +NSS_CMSSignerInfo_AddSMIMECaps +NSS_CMSSignerInfo_AddSMIMEEncKeyPrefs +NSS_CMSSignerInfo_Create +NSS_CMSSignerInfo_GetSignerCommonName +NSS_CMSSignerInfo_GetSignerEmailAddress +NSS_CMSSignerInfo_GetSigningCertificate +NSS_CMSSignerInfo_IncludeCerts +NSS_CMSSignerInfo_Verify +NSS_FindCertKEAType +NSS_GetAlgorithmPolicy +NSS_Get_CERT_CertificateRequestTemplate +NSS_Get_CERT_CertificateTemplate +NSS_Get_CERT_CrlTemplate +NSS_Get_CERT_NameTemplate +NSS_Get_CERT_SequenceOfCertExtensionTemplate +NSS_Get_CERT_SignedCrlTemplate +NSS_Get_CERT_SignedDataTemplate +NSS_Get_CERT_SubjectPublicKeyInfoTemplate +NSS_Get_CERT_TimeChoiceTemplate +NSS_Get_SEC_AnyTemplate_Util +NSS_Get_SEC_BitStringTemplate +NSS_Get_SEC_BitStringTemplate_Util +NSS_Get_SEC_BMPStringTemplate +NSS_Get_SEC_BooleanTemplate_Util +NSS_Get_SEC_GeneralizedTimeTemplate_Util +NSS_Get_SEC_IA5StringTemplate +NSS_Get_SEC_IA5StringTemplate_Util +NSS_Get_SEC_IntegerTemplate +NSS_Get_SEC_IntegerTemplate_Util +NSS_Get_SECKEY_RSAPSSParamsTemplate +NSS_Get_SEC_NullTemplate_Util +NSS_Get_SEC_ObjectIDTemplate_Util +NSS_Get_SEC_OctetStringTemplate +NSS_Get_SEC_OctetStringTemplate_Util +NSS_Get_SECOID_AlgorithmIDTemplate +NSS_Get_SECOID_AlgorithmIDTemplate_Util +NSS_Get_SEC_SignedCertificateTemplate +NSS_Get_SEC_UTF8StringTemplate +NSS_Get_SEC_UTF8StringTemplate_Util +NSS_GetVersion +NSS_Init +NSS_Initialize +NSS_InitWithMerge +NSS_IsInitialized +NSS_OptionGet +NSS_OptionSet +NSS_NoDB_Init +NSS_SecureMemcmp +NSS_SetAlgorithmPolicy +NSS_SetDomesticPolicy +NSS_Shutdown +NSSSMIME_GetVersion +NSS_SMIMESignerInfo_SaveSMIMEProfile +NSS_SMIMEUtil_FindBulkAlgForRecipients +NSSSSL_GetVersion +#ifdef XP_WIN +_NSSUTIL_Access +#endif +NSSUTIL_ArgDecodeNumber +NSSUTIL_ArgFetchValue +NSSUTIL_ArgGetLabel +NSSUTIL_ArgGetParamValue +NSSUTIL_ArgHasFlag +NSSUTIL_ArgIsBlank +NSSUTIL_ArgParseCipherFlags +NSSUTIL_ArgParseModuleSpec +NSSUTIL_ArgParseSlotFlags +NSSUTIL_ArgParseSlotInfo +NSSUTIL_ArgReadLong +NSSUTIL_ArgSkipParameter +NSSUTIL_ArgStrip +NSSUTIL_DoModuleDBFunction +_NSSUTIL_EvaluateConfigDir +_NSSUTIL_GetSecmodName +NSSUTIL_GetVersion +NSSUTIL_MkModuleSpec +NSSUTIL_MkNSSString +NSSUTIL_MkSlotString +NSSUTIL_Quote +#ifdef XP_WIN +_NSSUTIL_UTF8ToWide +#endif +PK11_AlgtagToMechanism +PK11_Authenticate +PK11_ChangePW +PK11_CheckUserPassword +PK11_CipherOp +PK11_ConfigurePKCS11 +PK11_CreateContextBySymKey +PK11_CreateDigestContext +PK11_CreateGenericObject +PK11_CreateMergeLog +PK11_CreatePBEV2AlgorithmID +PK11_Decrypt +PK11_DeleteTokenCertAndKey +PK11_DeleteTokenPrivateKey +PK11_DeleteTokenPublicKey +PK11_DEREncodePublicKey +PK11_Derive +PK11_DeriveWithTemplate +PK11_DestroyContext +PK11_DestroyGenericObject +PK11_DestroyMergeLog +PK11_DestroyObject +PK11_DestroyTokenObject +PK11_DigestBegin +PK11_DigestFinal +PK11_DigestOp +PK11_DoesMechanism +PK11_Encrypt +PK11_ExportDERPrivateKeyInfo +PK11_ExportEncryptedPrivKeyInfo +PK11_ExtractKeyValue +PK11_FindCertFromNickname +PK11_FindCertInSlot +PK11_FindCertsFromEmailAddress +PK11_FindCertsFromNickname +PK11_FindKeyByAnyCert +PK11_FindKeyByDERCert +PK11_FindKeyByKeyID +PK11_FindRawCertsWithSubject +PK11_FindSlotByName +PK11_FindSlotsByNames +PK11_FreeSlot +PK11_FreeSlotList +PK11_FreeSlotListElement +PK11_FreeSymKey +PK11_GenerateKeyPair +PK11_GenerateKeyPairWithFlags +PK11_GenerateKeyPairWithOpFlags +PK11_GenerateRandom +PK11_GenerateRandomOnSlot +PK11_GetAllSlotsForCert +PK11_GetAllTokens +PK11_GetBestSlot +PK11_GetBestSlotMultiple +PK11_GetBlockSize +PK11_GetCertFromPrivateKey +PK11_GetCertsMatchingPrivateKey +PK11_GetDefaultArray +PK11_GetDefaultFlags +PK11_GetDisabledReason +PK11_GetFirstSafe +PK11_GetInternalKeySlot +PK11_GetInternalSlot +PK11_GetIVLength +PK11_GetKeyData +PK11_GetKeyGen +PK11_GetLowLevelKeyIDForPrivateKey +PK11_GetMechanism +PK11_GetMinimumPwdLength +PK11_GetModInfo +PK11_GetModuleURI +PK11_GetNextSafe +PK11_GetNextSymKey +PK11_GetPadMechanism +PK11_GetPrivateKeyNickname +PK11_GetPrivateModulusLen +PK11_GetSlotFromPrivateKey +PK11_GetSlotID +PK11_GetSlotInfo +PK11_GetSlotName +PK11_GetSlotPWValues +PK11_GetSlotSeries +PK11_GetSymKeyNickname +PK11_GetTokenInfo +PK11_GetTokenName +PK11_GetTokenURI +PK11_HasAttributeSet +PK11_HashBuf +PK11_HasRootCerts +PK11_ImportCert +PK11_ImportCertForKey +PK11_ImportCRL +PK11_ImportDERPrivateKeyInfoAndReturnKey +PK11_ImportPublicKey +PK11_ImportSymKey +PK11_InitPin +PK11_IsDisabled +PK11_IsFIPS +PK11_IsFriendly +PK11_IsHW +PK11_IsInternal +PK11_IsLoggedIn +PK11_IsPresent +PK11_IsReadOnly +PK11_IsRemovable +PK11_KeyForCertExists +PK11_KeyGen +PK11_KeyGenWithTemplate +PK11_ListCerts +PK11_ListCertsInSlot +PK11_ListFixedKeysInSlot +PK11_ListPrivateKeysInSlot +PK11_ListPrivKeysInSlot +PK11_LoadPrivKey +PK11_Logout +PK11_LogoutAll +PK11_MakeIDFromPubKey +PK11_MapSignKeyType +PK11_MechanismToAlgtag +PK11_MergeTokens +PK11_NeedLogin +PK11_NeedUserInit +PK11_ParamFromIV +PK11_PBEKeyGen +PK11_PrivDecrypt +PK11_PrivDecryptPKCS1 +PK11_ProtectedAuthenticationPath +PK11_PubDeriveWithKDF +PK11_PubEncrypt +PK11_PubEncryptPKCS1 +PK11_PubUnwrapSymKey +PK11_PubWrapSymKey +PK11_RandomUpdate +PK11_ReadRawAttribute +PK11_ReferenceSlot +PK11_ResetToken +PK11SDR_Decrypt +PK11SDR_Encrypt +PK11_SetPasswordFunc +PK11_SetSlotPWValues +PK11_SetSymKeyNickname +PK11_Sign +PK11_SignatureLen +PK11_SignWithMechanism +PK11_TokenKeyGenWithFlags +PK11_UnwrapPrivKey +PK11_UnwrapSymKey +PK11_UpdateSlotAttribute +PK11_UserDisableSlot +PK11_UserEnableSlot +PK11_VerifyWithMechanism +PK11_WrapPrivKey +PK11_WrapSymKey +PORT_Alloc +PORT_Alloc_Util +PORT_ArenaAlloc +PORT_ArenaAlloc_Util +PORT_ArenaGrow_Util +PORT_ArenaMark_Util +PORT_ArenaRelease_Util +PORT_ArenaStrdup +PORT_ArenaStrdup_Util +PORT_ArenaUnmark_Util +PORT_ArenaZAlloc +PORT_ArenaZAlloc_Util +PORT_DestroyCheapArena +PORT_Free +PORT_FreeArena +PORT_FreeArena_Util +PORT_Free_Util +PORT_GetError +PORT_GetError_Util +PORT_InitCheapArena +PORT_NewArena +PORT_NewArena_Util +PORT_Realloc_Util +PORT_RegExpSearch +PORT_SetError +PORT_SetError_Util +PORT_SetUCS2_ASCIIConversionFunction +PORT_SetUCS2_ASCIIConversionFunction_Util +PORT_Strdup +PORT_Strdup_Util +PORT_UCS2_ASCIIConversion_Util +PORT_UCS2_UTF8Conversion +PORT_UCS2_UTF8Conversion_Util +PORT_ZAlloc +PORT_ZAlloc_Util +PORT_ZFree_Util +SEC_AnyTemplate_Util @DATA@ +SEC_ASN1Decode +SEC_ASN1DecodeInteger +SEC_ASN1DecodeItem +SEC_ASN1DecodeItem_Util +SEC_ASN1Decode_Util +SEC_ASN1EncodeInteger_Util +SEC_ASN1EncodeItem +SEC_ASN1EncodeItem_Util +SEC_ASN1EncodeUnsignedInteger_Util +SEC_ASN1Encode_Util +SEC_BitStringTemplate @DATA@ +SEC_BitStringTemplate_Util @DATA@ +SEC_BMPStringTemplate @DATA@ +SEC_BooleanTemplate_Util @DATA@ +SEC_CertNicknameConflict +SEC_DeletePermCertificate +SEC_DerSignData +SEC_DestroyCrl +SEC_GeneralizedTimeTemplate_Util @DATA@ +SEC_GetSignatureAlgorithmOidTag +SEC_IA5StringTemplate @DATA@ +SEC_IA5StringTemplate_Util @DATA@ +SEC_IntegerTemplate @DATA@ +SEC_IntegerTemplate_Util @DATA@ +SECITEM_AllocArray +SECITEM_AllocItem +SECITEM_AllocItem_Util +SECITEM_ArenaDupItem_Util +SECITEM_CompareItem +SECITEM_CompareItem_Util +SECITEM_CopyItem +SECITEM_CopyItem_Util +SECITEM_DupArray +SECITEM_DupItem +SECITEM_DupItem_Util +SECITEM_FreeItem +SECITEM_FreeItem_Util +SECITEM_HashCompare +SECITEM_ItemsAreEqual +SECITEM_ItemsAreEqual_Util +SECITEM_ReallocItemV2 +SECITEM_ZfreeItem +SECITEM_ZfreeItem_Util +SECKEY_ConvertToPublicKey +SECKEY_CopyPrivateKey +SECKEY_CopyPublicKey +SECKEY_CopySubjectPublicKeyInfo +SECKEY_CreateSubjectPublicKeyInfo +SECKEY_DecodeDERSubjectPublicKeyInfo +SECKEY_DestroyEncryptedPrivateKeyInfo +SECKEY_DestroyPrivateKey +SECKEY_DestroyPrivateKeyList +SECKEY_DestroyPublicKey +SECKEY_DestroySubjectPublicKeyInfo +SECKEY_ECParamsToBasePointOrderLen +SECKEY_ECParamsToKeySize +SECKEY_EncodeDERSubjectPublicKeyInfo +SECKEY_ExtractPublicKey +SECKEY_GetPublicKeyType +SECKEY_ImportDERPublicKey +SECKEY_PublicKeyStrength +SECKEY_RSAPSSParamsTemplate @DATA@ +SECKEY_SignatureLen +SECMIME_DecryptionAllowed +SECMOD_AddNewModule +SECMOD_AddNewModuleEx +SECMOD_CancelWait +SECMOD_CanDeleteInternalModule +SECMOD_CloseUserDB +SECMOD_CreateModule +SECMOD_DeleteInternalModule +SECMOD_DeleteModule +SECMOD_DestroyModule +SECMOD_FindModule +SECMOD_GetDeadModuleList +SECMOD_GetDefaultModuleList +SECMOD_GetDefaultModuleListLock +SECMOD_GetInternalModule +SECMOD_GetModuleSpecList +SECMOD_GetReadLock +SECMOD_HasRemovableSlots +SECMOD_InternaltoPubMechFlags +SECMOD_LoadModule +SECMOD_LoadUserModule +SECMOD_OpenUserDB +SECMOD_PubCipherFlagstoInternal +SECMOD_PubMechFlagstoInternal +SECMOD_ReferenceModule +SECMOD_ReleaseReadLock +SECMOD_UnloadUserModule +SECMOD_UpdateModule +SECMOD_WaitForAnyTokenEvent +SEC_NullTemplate_Util @DATA@ +SEC_ObjectIDTemplate_Util @DATA@ +SEC_OctetStringTemplate @DATA@ +SEC_OctetStringTemplate_Util @DATA@ +SECOID_AddEntry +SECOID_AddEntry_Util +SECOID_AlgorithmIDTemplate @DATA@ +SECOID_AlgorithmIDTemplate_Util @DATA@ +SECOID_CopyAlgorithmID_Util +SECOID_DestroyAlgorithmID +SECOID_DestroyAlgorithmID_Util +SECOID_FindOID +SECOID_FindOIDByMechanism +SECOID_FindOIDByTag +SECOID_FindOIDByTag_Util +SECOID_FindOIDTag +SECOID_FindOIDTagDescription_Util +SECOID_FindOIDTag_Util +SECOID_FindOID_Util +SECOID_GetAlgorithmTag +SECOID_GetAlgorithmTag_Util +SECOID_Init +SECOID_SetAlgorithmID +SECOID_SetAlgorithmID_Util +SECOID_Shutdown +SEC_PKCS12AddCertAndKey +SEC_PKCS12AddPasswordIntegrity +SEC_PKCS12CreateExportContext +SEC_PKCS12CreatePasswordPrivSafe +SEC_PKCS12CreateUnencryptedSafe +SEC_PKCS12DecoderFinish +SEC_PKCS12DecoderImportBags +SEC_PKCS12DecoderIterateInit +SEC_PKCS12DecoderIterateNext +SEC_PKCS12DecoderRenameCertNicknames +SEC_PKCS12DecoderStart +SEC_PKCS12DecoderUpdate +SEC_PKCS12DecoderValidateBags +SEC_PKCS12DecoderVerify +SEC_PKCS12DestroyExportContext +SEC_PKCS12EnableCipher +SEC_PKCS12Encode +SEC_PKCS12IsEncryptionAllowed +SEC_PKCS12SetPreferredCipher +SEC_PKCS5GetPBEAlgorithm +SEC_PKCS5IsAlgorithmPBEAlgTag +SEC_PKCS7AddSigningTime +SEC_PKCS7ContentIsEncrypted +SEC_PKCS7ContentIsSigned +SEC_PKCS7CopyContentInfo +SEC_PKCS7CreateSignedData +SEC_PKCS7DecodeItem +SEC_PKCS7DecoderFinish +SEC_PKCS7DecoderStart +SEC_PKCS7DecoderUpdate +SEC_PKCS7DestroyContentInfo +SEC_PKCS7Encode +SEC_PKCS7IncludeCertChain +SEC_PKCS7VerifyDetachedSignature +SEC_QuickDERDecodeItem +SEC_QuickDERDecodeItem_Util +SEC_RegisterDefaultHttpClient +SEC_SignData +SEC_SignedCertificateTemplate @DATA@ +SEC_StringToOID +SEC_UTF8StringTemplate @DATA@ +SEC_UTF8StringTemplate_Util @DATA@ +SGN_Begin +SGN_CreateDigestInfo +SGN_CreateDigestInfo_Util +SGN_DecodeDigestInfo +SGN_DestroyContext +SGN_DestroyDigestInfo +SGN_DestroyDigestInfo_Util +SGN_End +SGN_NewContext +SGN_Update +SSL_AuthCertificateComplete +SSL_AuthCertificateHook +SSL_CipherPrefGet +SSL_CipherPrefSet +SSL_CipherPrefSetDefault +SSL_ClearSessionCache +SSL_ConfigSecureServer +SSL_ConfigSecureServerWithCertChain +SSL_ConfigServerSessionIDCache +SSL_ExportKeyingMaterial +SSL_ForceHandshake +SSL_GetChannelInfo +SSL_GetCipherSuiteInfo +SSL_GetClientAuthDataHook +SSL_GetImplementedCiphers +SSL_GetNextProto +SSL_GetNumImplementedCiphers +SSL_GetSRTPCipher +SSL_GetStatistics +SSL_HandshakeCallback +SSL_HandshakeNegotiatedExtension +SSL_ImplementedCiphers @DATA@ +SSL_ImportFD +SSL_NamedGroupConfig +SSL_NumImplementedCiphers @DATA@ +SSL_OptionSet +SSL_OptionSetDefault +SSL_PeerCertificate +SSL_PeerCertificateChain +SSL_PeerSignedCertTimestamps +SSL_PeerStapledOCSPResponses +SSL_ResetHandshake +SSL_SendAdditionalKeyShares +SSL_SetCanFalseStartCallback +SSL_SetDowngradeCheckVersion +SSL_SetNextProtoNego +SSL_SetPKCS11PinArg +SSL_SetSockPeerID +SSL_SetSRTPCiphers +SSL_SetStapledOCSPResponses +SSL_SetTrustAnchors +SSL_SetURL +SSL_ShutdownServerSessionIDCache +SSL_SignatureSchemePrefSet +SSL_SNISocketConfigHook +SSL_VersionRangeGet +SSL_VersionRangeGetDefault +SSL_VersionRangeGetSupported +SSL_VersionRangeSet +SSL_VersionRangeSetDefault +UTIL_SetForkState +VFY_Begin +VFY_CreateContext +VFY_DestroyContext +VFY_End +VFY_EndWithSignature +VFY_Update +VFY_VerifyData +VFY_VerifyDataWithAlgorithmID +VFY_VerifyDigestDirect +_SGN_VerifyPKCS1DigestInfo +__PK11_SetCertificateNickname +# These symbols are not used by applications but are possibly used across +# NSS library boundaries. +NSS_SecureMemcmpZero +PORT_ZAllocAlignedOffset_Util +CERT_FindCertByNicknameOrEmailAddrCX +SECKEY_GetPrivateKeyType +SEC_DerSignDataWithAlgorithmID +SEC_CreateSignatureAlgorithmParameters +# These symbols are not used by applicatons themselves, but are used by +# Java's security libraries, which in turn are used by Java +# applets/plugins/etc. Provide them to make Java code happy. +NSS_VersionCheck +NSS_Initialize +#ifdef NSS_EXTRA_SYMBOLS_FILE +#include @NSS_EXTRA_SYMBOLS_FILE@ +#endif -- cgit v1.2.3