Last Comment Bug 462919 - Override NSS database path for xulrunner application
: Override NSS database path for xulrunner application
Status: RESOLVED FIXED
:
Product: Core
Classification: Components
Component: Security: PSM (show other bugs)
: Trunk
: x86 Linux
: -- normal (vote)
: ---
Assigned To: Kai Engert (:kaie) (on vacation)
:
: David Keeler [:keeler] (use needinfo?)
Mentors:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2008-11-03 14:17 PST by Kai Engert (:kaie) (on vacation)
Modified: 2010-06-07 12:07 PDT (History)
4 users (show)
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---
Has Regression Range: ---
Has STR: ---
.2-fixed
.9-fixed


Attachments
Patch v1 (937 bytes, patch)
2008-11-03 14:25 PST, Kai Engert (:kaie) (on vacation)
rrelyea: review+
mbeltzner: approval1.9.0.19-
Details | Diff | Splinter Review
merged to trunk (1.51 KB, patch)
2010-02-17 08:50 PST, Kai Engert (:kaie) (on vacation)
mbeltzner: approval1.9.2.2+
mbeltzner: approval1.9.1.9+
Details | Diff | Splinter Review

Description Kai Engert (:kaie) (on vacation) 2008-11-03 14:17:29 PST
I'm working on an application which uses Xulrunner to modify an NSS database.

I want that application to be flexible and allow to operate on NSS databases anywhere in the system.

As of today, PSM is hardcoded to use the NSS database stored in same directory where the other Mozilla profile files live. It's obviously not a good idea to create such a Mozilla profile for each directory where an NSS database might live...

I propose to introduce an override mechanism, that allows to specify the desired NSS database directory at Mozilla/Xulrunner startup time.

This could be done as a parameter to the application or as an environment variable. Doing it as an environment variable has the advantage that it can be a change locally in the PSM module.
Comment 1 Kai Engert (:kaie) (on vacation) 2008-11-03 14:25:01 PST
Created attachment 346130 [details] [diff] [review]
Patch v1


This patch allows the use of a new environment variable named MOZPSM_NSSDBDIR_OVERRIDE (for: Mozilla PSM, NSS database directory override).

Bob, do you agree this is a reasonable approach, or do you have different proposals?

Description of today's behavior and the patch:

- as of today, we always pass the directory path of the Mozilla profile
  application as the NSS init path parameter

- with the patch, PSM would look for env var MOZPSM_NSSDBDIR_OVERRIDE

- if MOZPSM_NSSDBDIR_OVERRIDE is set, it will be used when calling NSS
  init. (This allows for any special syntax that NSS might allow
  as part of the init string.)

- if env variable is NOT set, will continue to use the current behavior
Comment 2 Kai Engert (:kaie) (on vacation) 2010-02-17 08:50:44 PST
Created attachment 427342 [details] [diff] [review]
merged to trunk
Comment 3 Wan-Teh Chang 2010-02-17 09:35:53 PST
Comment on attachment 427342 [details] [diff] [review]
merged to trunk

Kai, if you didn't generate this patch ignoring whitespace,
could you indent the original code that is now inside the
"else" body?
Comment 4 Kai Engert (:kaie) (on vacation) 2010-02-18 04:29:49 PST
I've indented as proposed.

http://hg.mozilla.org/mozilla-central/rev/77dab2533801
Comment 5 Kai Engert (:kaie) (on vacation) 2010-02-18 04:31:15 PST
Comment on attachment 427342 [details] [diff] [review]
merged to trunk

It would help me if this gets included into the stable branches.

It shouldn't cause any harm, as the default is "environment variable not set", and when not set, the behavior is unchanged.
Comment 6 Wan-Teh Chang 2010-02-18 17:47:41 PST
Kai, is there a way to pass the NSS database directory to XULRunner
using XUL?  Is a XULRunner application written entirely in XUL?
Comment 7 Mike Beltzner [:beltzner, not reading bugmail] 2010-02-22 10:46:14 PST
Comment on attachment 427342 [details] [diff] [review]
merged to trunk

a=beltzner for 1.9.2 and 1.9.1, though I'd really rather there be tests for this, too!
Comment 8 Kai Engert (:kaie) (on vacation) 2010-03-09 05:38:42 PST
http://hg.mozilla.org/releases/mozilla-1.9.1/rev/142ec4e82778
http://hg.mozilla.org/releases/mozilla-1.9.2/rev/f3151d415275

The patch does not affect the default behaviour, it provides an optional external mechanism, so I think a test is not required.
Comment 9 Mike Beltzner [:beltzner, not reading bugmail] 2010-03-10 12:53:54 PST
Comment on attachment 346130 [details] [diff] [review]
Patch v1

I don't think we need this on the 1.9.0 branch.
Comment 10 Al Billings [:abillings] 2010-03-22 14:20:05 PDT
Kai, is there anything for QA to verify here? If so, what do you suggest?
Comment 11 Kai Engert (:kaie) (on vacation) 2010-06-07 12:07:23 PDT
(In reply to comment #10)
> Kai, is there anything for QA to verify here? If so, what do you suggest?

I don't think there is a need for QA.

By default, not having the environment variable set, nobody will see a difference. It there were a difference, we would have heard complaints immediately.

And I can confirm the new feature works, I use it in this tool:
https://fedorahosted.org/nss-gui/

Note You need to log in before you can comment on or make changes to this bug.