Closed Bug 204881 Opened 22 years ago Closed 9 years ago

Embedding applications must be able to manage NSS init on their own

Categories

(Core Graveyard :: Security: UI, defect)

Product:
Core Graveyard
Component:
Security: UI
Version:
Other Branch
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED WONTFIX

People

(Reporter: KaiE, Unassigned)

Details

(Whiteboard: edt_x3 [kerh-ehz])

Attachments

(1 file)

Patch v1
7.28 KB, patch
Details | Diff | Splinter Review
In some embedding scnearios, the application wants to embed Gecko including PSM, but wants to drive the security initialization on their own. The following is the proposed way to do it: - the embedding application must init NSS before any code in security/manager/ssl gets called - the embedding application must implement a service that provides interface nsINSSInitControlService, accessible using contract ID "@mozilla.org/security/nss-init-control-service;1" - nsINSSInitControlService provides the control flag "shouldGeckoInitNSS" - Gecko/PSM will not init NSS, if such a service implementation is available and shouldGeckoInitNSS returns FALSE. - standard Mozilla will not implement this service
I'm attaching a first patch that is suitable for an embedding application that uses a single profile all the time, i.e. that does not require dynamic profile switching. Such a feature would require the embedding application to listen to announcements from the profile manager and do NSS shutdown/re-init on demand. However, in such a scenario, probably more changes would be required to PSM, because of PSM's attempt to track all resources and free them at the correct time. To support such a complex environment, additional callbacks between the embedding application and Gecko/PSM will have to be implemented.
Attached patch Patch v1Splinter Review
Whiteboard: edt_x3
Will nsNSSComponent still function if it never calls its InitializeNSS() method? Is the real problem that the embedding app wants to use NSS by itself and the Gecko layer (nsNSSComponent) is being dragged in?
> Will nsNSSComponent still function if it never calls its InitializeNSS() method? No, it will crash if nobody inits NSS. > Is the real problem that the embedding app wants to use NSS by itself and the > Gecko layer (nsNSSComponent) is being dragged in? Yes, embedding app wants to access NSS, too, thereby it gets shared between the application and Gecko.
Discussed with Conrad, a more flexible solution would allow the embedding application to provide callbacks for NSS init and shutdown, possibly doing nothing if the application did already init. However, it must be carefully reviewed which portions of PSM init/shutdown code should get executed anyway (e.g. the tracking of NSS resources for early cleanup), in order to make profile switching will work correctly in such a callback environment.
Product: PSM → Core
Whiteboard: edt_x3 → edt_x3 [kerh-ehz]
QA Contact: bmartin → ui
reassign bug owner. mass-update-kaie-20120918
Assignee: kaie → nobody
It's not clear to me that anyone is in need of this feature. If that's not the case, please file a new bug in Core :: Security: PSM with the details of your situation.
Status: NEW → RESOLVED
Closed: 9 years ago
Resolution: --- → WONTFIX
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: