#include <signal.h>
-#ifdef HAVE_NSS
#include <nspr.h>
#include <prthread.h>
#include "nss.h" /* Don't use <> here or it will include the system nss.h instead */
#include <ssl.h>
-#endif /* HAVE_NSS */
+#include <errno.h>
#include <glib/gi18n-lib.h>
#include "camel-provider.h"
#include "camel-win32.h"
-#ifdef HAVE_NSS
/* To protect NSS initialization and shutdown. This prevents
- concurrent calls to shutdown() and init() by different threads */
+ * concurrent calls to shutdown () and init () by different threads */
PRLock *nss_initlock = NULL;
/* Whether or not Camel has initialized the NSS library. We cannot
- unconditionally call NSS_Shutdown() if NSS was initialized by other
- library before. This boolean ensures that we only perform a cleanup
- if and only if Camel is the one that previously initialized NSS */
+ * unconditionally call NSS_Shutdown () if NSS was initialized by other
+ * library before. This boolean ensures that we only perform a cleanup
+ * if and only if Camel is the one that previously initialized NSS */
volatile gboolean nss_initialized = FALSE;
-#endif
static gint initialised = FALSE;
#define NSS_SYSTEM_DB "/etc/pki/nssdb"
static gint
-nss_has_system_db(void)
+nss_has_system_db (void)
{
- int found = FALSE;
+ gint found = FALSE;
#ifndef G_OS_WIN32
FILE *f;
- char buf[80];
+ gchar buf[80];
- f = fopen(NSS_SYSTEM_DB "/pkcs11.txt", "r");
+ f = fopen (NSS_SYSTEM_DB "/pkcs11.txt", "r");
if (!f)
return FALSE;
-
+
/* Check whether the system NSS db is actually enabled */
- while (fgets(buf, 80, f) && !found) {
- if (!strcmp(buf, "library=libnsssysinit.so\n"))
+ while (fgets (buf, 80, f) && !found) {
+ if (!strcmp (buf, "library=libnsssysinit.so\n"))
found = TRUE;
}
- fclose(f);
+ fclose (f);
#endif
return found;
}
gint
-camel_init (const gchar *configdir, gboolean nss_init)
+camel_init (const gchar *configdir,
+ gboolean nss_init)
{
CamelCertDB *certdb;
gchar *path;
if (initialised)
return 0;
- bindtextdomain (GETTEXT_PACKAGE, EVOLUTION_LOCALEDIR);
+ bindtextdomain (GETTEXT_PACKAGE, LOCALEDIR);
bind_textdomain_codeset (GETTEXT_PACKAGE, "UTF-8");
- camel_debug_init();
+ camel_debug_init ();
-#ifdef HAVE_NSS
if (nss_init) {
gchar *nss_configdir = NULL;
gchar *nss_sql_configdir = NULL;
- SECStatus status;
+ SECStatus status = SECFailure;
PRUint16 indx;
if (nss_initlock == NULL) {
- PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 10);
- nss_initlock = PR_NewLock();
+ PR_Init (PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 10);
+ nss_initlock = PR_NewLock ();
}
PR_Lock (nss_initlock);
* to prevent camel from bailing out on first run. */
#ifdef G_OS_WIN32
g_mkdir_with_parents (configdir, 0700);
- nss_sql_configdir = g_strconcat ("sql:", nss_configdir, NULL);
+ nss_sql_configdir = g_strconcat (
+ "sql:", nss_configdir, NULL);
#else
- gchar *user_nss_dir = g_build_filename ( g_get_home_dir (),
- ".pki/nssdb", NULL );
- g_mkdir_with_parents (user_nss_dir, 0700);
-
- nss_sql_configdir = g_strconcat ("sql:", user_nss_dir, NULL);
- g_free(user_nss_dir);
+ gchar *user_nss_dir = g_build_filename (
+ g_get_home_dir (), ".pki/nssdb", NULL );
+ if (g_mkdir_with_parents (user_nss_dir, 0700))
+ g_warning (
+ "Failed to create SQL "
+ "database directory %s: %s\n",
+ user_nss_dir, strerror (errno));
+
+ nss_sql_configdir = g_strconcat (
+ "sql:", user_nss_dir, NULL);
+ g_free (user_nss_dir);
#endif
}
-
#if NSS_VMAJOR > 3 || (NSS_VMAJOR == 3 && NSS_VMINOR >= 12)
/* See: https://wiki.mozilla.org/NSS_Shared_DB,
* particularly "Mode 3A". Note that the target
0); /* flags */
if (status == SECFailure) {
- g_free (nss_configdir);
- g_free (nss_sql_configdir);
- g_warning ("Failed to initialize NSS");
- PR_Unlock (nss_initlock);
- return -1;
+ g_warning (
+ "Failed to initialize NSS SQL database in %s: NSS error %d",
+ nss_sql_configdir, PORT_GetError ());
+ /* Fall back to opening the old DBM database */
}
-#else
+#endif
/* Support old versions of libnss, pre-sqlite support. */
- status = NSS_InitReadWrite (nss_configdir);
+ if (status == SECFailure)
+ status = NSS_InitReadWrite (nss_configdir);
if (status == SECFailure) {
/* Fall back to using volatile dbs? */
status = NSS_NoDB_Init (nss_configdir);
return -1;
}
}
-#endif
nss_initialized = TRUE;
skip_nss_init:
NSS_SetDomesticPolicy ();
- PR_Unlock(nss_initlock);
+ PR_Unlock (nss_initlock);
/* we must enable all ciphersuites */
for (indx = 0; indx < SSL_NumImplementedCiphers; indx++) {
- if (!SSL_IS_SSL2_CIPHER(SSL_ImplementedCiphers[indx]))
+ if (!SSL_IS_SSL2_CIPHER (SSL_ImplementedCiphers[indx]))
SSL_CipherPrefSetDefault (SSL_ImplementedCiphers[indx], PR_TRUE);
}
g_free (nss_configdir);
g_free (nss_sql_configdir);
}
-#endif /* HAVE_NSS */
path = g_strdup_printf ("%s/camel-cert.db", configdir);
certdb = camel_certdb_new ();
/* These next calls must come last. */
-#if defined (HAVE_NSS)
if (nss_initlock != NULL) {
- PR_Lock(nss_initlock);
+ PR_Lock (nss_initlock);
if (nss_initialized)
NSS_Shutdown ();
- PR_Unlock(nss_initlock);
+ PR_Unlock (nss_initlock);
}
-#endif /* HAVE_NSS */
initialised = FALSE;
}