Closed
Bug 1263221
Opened 9 years ago
Closed 9 years ago
improve how we handle the __CERT_AddTempCertToPerm situation
Categories
(Core :: Security: PSM, defect)
Core
Security: PSM
Tracking
()
RESOLVED
FIXED
mozilla48
| Tracking | Status | |
|---|---|---|
| firefox48 | --- | fixed |
People
(Reporter: keeler, Assigned: keeler)
References
Details
(Whiteboard: [psm-assigned])
Attachments
(1 file)
There is a function in NSS called CERT_AddTempCertToPerm that is useful to PSM. It is exported as __CERT_AddTempCertToPerm (I think because it is considered an internal API this "compromise" was settled upon). The relevant header file (certdb.h) only mentions CERT_AddTempCertToPerm, so if PSM code uses the prefixed version, the compiler can't find the declaration. If PSM uses the unprefixed version, the linker can't find the definition (since it's private). The workaround has been to insert a line '#define CERT_AddTempCertToPerm __CERT_AddTempCertToPerm' before including certdb.h (directly or indirectly) in any file using it. This doesn't work well with unified builds. However, it looks like we can leverage the improved build system to put the redefinition in the relevant moz.build files themselves. This bug will explore the feasibility of that option.
|
Assignee | |
Comment 1•9 years ago
|
||
Review commit: https://reviewboard.mozilla.org/r/45307/diff/#index_header
See other reviews: https://reviewboard.mozilla.org/r/45307/
Attachment #8739548 -
Flags: review?(mgoodwin)
Attachment #8739548 -
Flags: review?(cmanchester)
|
|
Assignee | |
Comment 2•9 years ago
|
||
Here's how this came out on try: https://treeherder.mozilla.org/#/jobs?repo=try&revision=07e42dd1d91a
r? to :chmanchester to confirm that this is an ok thing to do in moz.build.
|
||
Comment 3•9 years ago
|
||
Comment on attachment 8739548 [details]
MozReview Request: bug 1263221 - improve how PSM handles the visibility of __CERT_AddTempCertToPerm r?chmanchester,mgoodwin
https://reviewboard.mozilla.org/r/45307/#review41823
I'm fine with the PSM stuff - assuming the build / config stuff looks good to those who know about these things.
Attachment #8739548 -
Flags: review?(mgoodwin) → review+
|
||
Updated•9 years ago
|
Attachment #8739548 -
Flags: review?(cmanchester) → review+
|
|
||
Comment 4•9 years ago
|
||
Comment on attachment 8739548 [details]
MozReview Request: bug 1263221 - improve how PSM handles the visibility of __CERT_AddTempCertToPerm r?chmanchester,mgoodwin
https://reviewboard.mozilla.org/r/45307/#review42043
Looks good to me.
|
|
Assignee | |
Comment 6•9 years ago
|
||
Thanks!
|
||
Comment 7•9 years ago
|
||
| bugherder | ||
Status: NEW → RESOLVED
Closed: 9 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla48
You need to log in
before you can comment on or make changes to this bug.
Description
•