aboutsummaryrefslogtreecommitdiffstats
path: root/smime/lib/e-cert-db.c
diff options
context:
space:
mode:
Diffstat (limited to 'smime/lib/e-cert-db.c')
-rw-r--r--smime/lib/e-cert-db.c45
1 files changed, 34 insertions, 11 deletions
diff --git a/smime/lib/e-cert-db.c b/smime/lib/e-cert-db.c
index 73f184ab17..287d89aef4 100644
--- a/smime/lib/e-cert-db.c
+++ b/smime/lib/e-cert-db.c
@@ -203,31 +203,54 @@ pk11_password (PK11SlotInfo* slot, PRBool retry, gpointer arg)
static void
initialize_nss (void)
{
+ const gchar *data_dir;
gchar *evolution_dir_path;
- gboolean success;
+ gchar *nss_configstr;
+ SECStatus status;
+
+ data_dir = e_get_user_data_dir ();
#ifdef G_OS_WIN32
/* NSS wants filenames in system codepage */
- evolution_dir_path = g_win32_locale_filename_from_utf8 (e_get_user_data_dir ());
+ evolution_dir_path = g_win32_locale_filename_from_utf8 (data_dir);
#else
- evolution_dir_path = g_strdup (e_get_user_data_dir ());
+ evolution_dir_path = g_strdup (data_dir);
#endif
+#if NSS_VMAJOR > 3 || (NSS_VMAJOR == 3 && NSS_VMINOR >= 12)
+ nss_configstr = g_strconcat ("sql:", evolution_dir_path, NULL);
+
/* we initialize NSS here to make sure it only happens once */
- success = (SECSuccess == NSS_InitReadWrite (evolution_dir_path));
- if (!success) {
- success = (SECSuccess == NSS_Init (evolution_dir_path));
- if (success)
+ /* See: https://wiki.mozilla.org/NSS_Shared_DB,
+ * particularly "Mode 3A". */
+ status = NSS_InitWithMerge (
+ nss_configstr, /* dest dir */
+ "", "", /* new DB name prefixes */
+ SECMOD_DB, /* secmod name */
+ evolution_dir_path, /* old DB dir */
+ "", "", /* old DB name prefixes */
+ evolution_dir_path, /* unique ID for old DB */
+ "Evolution S/MIME", /* UI name for old DB */
+ 0); /* flags */
+#else
+ nss_configstr = g_strdup (evolution_dir_path);
+ status = NSS_InitReadWrite (nss_configstr);
+#endif
+
+ if (status != SECSuccess) {
+ status = NSS_Init (nss_configstr);
+ if (status == SECSuccess)
g_warning ("opening cert databases read-only");
}
- if (!success) {
- success = (SECSuccess == NSS_NoDB_Init (evolution_dir_path));
- if (success)
+ if (status != SECSuccess) {
+ status = NSS_NoDB_Init (nss_configstr);
+ if (status == SECSuccess)
g_warning ("initializing security library without cert databases.");
}
+ g_free (nss_configstr);
g_free (evolution_dir_path);
- if (!success) {
+ if (status != SECSuccess) {
g_warning ("Failed all methods for initializing NSS");
return;
}