diff options
author | wolfbeast <mcwerewolf@wolfbeast.com> | 2020-01-02 21:24:54 +0100 |
---|---|---|
committer | wolfbeast <mcwerewolf@wolfbeast.com> | 2020-01-02 21:24:54 +0100 |
commit | 24f97a1683b5a8d5fc66c1ad8fffa722b91b914f (patch) | |
tree | 593c2d3643fddca09ab54260d10f0c8231747708 /CLOBBER | |
parent | c097dcf7fa55c1871f821b86e1c35578b132805f (diff) | |
download | UXP-24f97a1683b5a8d5fc66c1ad8fffa722b91b914f.tar UXP-24f97a1683b5a8d5fc66c1ad8fffa722b91b914f.tar.gz UXP-24f97a1683b5a8d5fc66c1ad8fffa722b91b914f.tar.lz UXP-24f97a1683b5a8d5fc66c1ad8fffa722b91b914f.tar.xz UXP-24f97a1683b5a8d5fc66c1ad8fffa722b91b914f.zip |
Issue #1338 - Part 4: Initialize NSS with desired run-time values.
This NSS version (and onward) has variables to enable PKDBF rounds for
master password hardening (combating brute-force guessing).
Since we use DBM, we need to explicitly enable iteration counts in DBM
mode, and adjust the rounds used with a lower maximum because the PKDBF
routine for DBM is considerably slower for which the NSS default of
10,000 is debilitatingly high.
The method for this is run-time configuration through environment
variables. We set these prior to NSS initialization from nsAppRunner.cpp
so the NSS lib picks them up and allows us to continue using the DBM
cert/key stores with stored rounds per record.
Diffstat (limited to 'CLOBBER')
0 files changed, 0 insertions, 0 deletions