From 2a4827ea40d1e629318bcbb17ed07cc64a1431b5 Mon Sep 17 00:00:00 2001
From: wolfbeast <mcwerewolf@wolfbeast.com>
Date: Mon, 16 Mar 2020 13:38:19 +0100
Subject: Issue #1467 - Part 1: Set up conditional NSS-SQL builds.

- Adds buildconfig option --enable-nss-sqlstore
- Prefixes NSS dbinit with either sql: or dbm: depending on config
- Pre-initializes mozStorage when NSS-SQL storage is used to prevent
  an sqlite3_config race in NSS Init
---
 security/certverifier/NSSCertDBTrustDomain.cpp |  5 +++++
 security/manager/ssl/nsNSSComponent.cpp        | 11 +++++++++++
 2 files changed, 16 insertions(+)

(limited to 'security')

diff --git a/security/certverifier/NSSCertDBTrustDomain.cpp b/security/certverifier/NSSCertDBTrustDomain.cpp
index 5e89c2484..2793fad48 100644
--- a/security/certverifier/NSSCertDBTrustDomain.cpp
+++ b/security/certverifier/NSSCertDBTrustDomain.cpp
@@ -1102,7 +1102,12 @@ InitializeNSS(const nsACString& dir, bool readOnly, bool loadPKCS11Modules)
     flags |= NSS_INIT_NOMODDB;
   }
   nsAutoCString dbTypeAndDirectory;
+#ifdef NSS_SQLSTORE
+  // Not strictly necessary with current NSS versions, but can't hurt to be explicit.
+  dbTypeAndDirectory.Append("sql:");
+#else
   dbTypeAndDirectory.Append("dbm:");
+#endif
   dbTypeAndDirectory.Append(dir);
   return ::NSS_Initialize(dbTypeAndDirectory.get(), "", "", SECMOD_DB, flags);
 }
diff --git a/security/manager/ssl/nsNSSComponent.cpp b/security/manager/ssl/nsNSSComponent.cpp
index dfff59da9..d505b8aba 100644
--- a/security/manager/ssl/nsNSSComponent.cpp
+++ b/security/manager/ssl/nsNSSComponent.cpp
@@ -12,6 +12,9 @@
 #include "SharedSSLState.h"
 #include "cert.h"
 #include "certdb.h"
+#ifdef NSS_SQLSTORE
+#include "mozStorageCID.h"
+#endif
 #include "mozilla/ArrayUtils.h"
 #include "mozilla/Casting.h"
 #include "mozilla/Preferences.h"
@@ -1970,6 +1973,14 @@ nsNSSComponent::Init()
     return NS_ERROR_NOT_SAME_THREAD;
   }
 
+#ifdef NSS_SQLSTORE
+  // To avoid an sqlite3_config race in NSS init, we require the storage service to get initialized first.
+  nsCOMPtr<nsISupports> storageService = do_GetService(MOZ_STORAGE_SERVICE_CONTRACTID);
+  if (!storageService) {
+    return NS_ERROR_NOT_AVAILABLE;
+  }
+#endif
+
   nsresult rv = NS_OK;
 
   MOZ_LOG(gPIPNSSLog, LogLevel::Debug, ("Beginning NSS initialization\n"));
-- 
cgit v1.2.3