From 0f474eaef3ac90f9dd5eb946bca8b36040f4c85e Mon Sep 17 00:00:00 2001 From: Craig Ringer Date: Sat, 29 May 2010 15:26:53 -0400 Subject: Bug 585301 - Use NSS SQLite database, if available --- smime/lib/e-cert-db.c | 45 ++++++++++++++++++++++++++++++++++----------- 1 file changed, 34 insertions(+), 11 deletions(-) (limited to 'smime/lib') diff --git a/smime/lib/e-cert-db.c b/smime/lib/e-cert-db.c index 73f184ab17..287d89aef4 100644 --- a/smime/lib/e-cert-db.c +++ b/smime/lib/e-cert-db.c @@ -203,31 +203,54 @@ pk11_password (PK11SlotInfo* slot, PRBool retry, gpointer arg) static void initialize_nss (void) { + const gchar *data_dir; gchar *evolution_dir_path; - gboolean success; + gchar *nss_configstr; + SECStatus status; + + data_dir = e_get_user_data_dir (); #ifdef G_OS_WIN32 /* NSS wants filenames in system codepage */ - evolution_dir_path = g_win32_locale_filename_from_utf8 (e_get_user_data_dir ()); + evolution_dir_path = g_win32_locale_filename_from_utf8 (data_dir); #else - evolution_dir_path = g_strdup (e_get_user_data_dir ()); + evolution_dir_path = g_strdup (data_dir); #endif +#if NSS_VMAJOR > 3 || (NSS_VMAJOR == 3 && NSS_VMINOR >= 12) + nss_configstr = g_strconcat ("sql:", evolution_dir_path, NULL); + /* we initialize NSS here to make sure it only happens once */ - success = (SECSuccess == NSS_InitReadWrite (evolution_dir_path)); - if (!success) { - success = (SECSuccess == NSS_Init (evolution_dir_path)); - if (success) + /* See: https://wiki.mozilla.org/NSS_Shared_DB, + * particularly "Mode 3A". */ + status = NSS_InitWithMerge ( + nss_configstr, /* dest dir */ + "", "", /* new DB name prefixes */ + SECMOD_DB, /* secmod name */ + evolution_dir_path, /* old DB dir */ + "", "", /* old DB name prefixes */ + evolution_dir_path, /* unique ID for old DB */ + "Evolution S/MIME", /* UI name for old DB */ + 0); /* flags */ +#else + nss_configstr = g_strdup (evolution_dir_path); + status = NSS_InitReadWrite (nss_configstr); +#endif + + if (status != SECSuccess) { + status = NSS_Init (nss_configstr); + if (status == SECSuccess) g_warning ("opening cert databases read-only"); } - if (!success) { - success = (SECSuccess == NSS_NoDB_Init (evolution_dir_path)); - if (success) + if (status != SECSuccess) { + status = NSS_NoDB_Init (nss_configstr); + if (status == SECSuccess) g_warning ("initializing security library without cert databases."); } + g_free (nss_configstr); g_free (evolution_dir_path); - if (!success) { + if (status != SECSuccess) { g_warning ("Failed all methods for initializing NSS"); return; } -- cgit