Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(66)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: crypto/nss_util.cc

Issue 11411013: Initialize NSS in the PPAPI process for ClearKey CDM. (Closed) Base URL: http://git.chromium.org/chromium/src.git@master
Patch Set: Add DisableNSSForkCheck to wrapper for future use. Created 8 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« crypto/nss_util.h ('K') | « crypto/nss_util.h ('k') | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: crypto/nss_util.cc
diff --git a/crypto/nss_util.cc b/crypto/nss_util.cc
index 9933d30631671ebda919bc00cedc45ed25cbf13e..f8fa52831df4eb7c07bc76da08465da39827aacb 100644
--- a/crypto/nss_util.cc
+++ b/crypto/nss_util.cc
@@ -650,6 +650,17 @@ void EnsureNSPRInit() {
g_nspr_singleton.Get();
}
+void WarmUpNSSSafely() {
+ // We might fork, but we haven't loaded any security modules.
+ crypto::DisableNSSForkCheck();
+ // The Linux SUID sandbox would prevent opening user security modules anyway,
+ // but it's more correct to tell NSS to not do it.
jln (very slow on Chromium) 2012/11/15 23:22:18 I would remove the reference to the setuid sandbox
Jorge Lucangeli Obes 2012/11/15 23:52:44 Done.
+ // Loading user security modules would have security implications.
+ crypto::ForceNSSNoDBInit();
+ // Initialize NSS.
+ crypto::EnsureNSSInit();
+}
+
void EnsureNSSInit() {
// Initializing SSL causes us to do blocking IO.
// Temporarily allow it until we fix
« crypto/nss_util.h ('K') | « crypto/nss_util.h ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698