On Sun, Aug 10, 2008 at 2:13 PM, Howard Chu <[EMAIL PROTECTED]> wrote:
>
> There's other relics lying around in the code, waiting to bite:
>
> nss/lib/nss/nssinit.c:561
> #ifndef XP_MAC
> /* only servers need this. We currently do not have a mac server */
> if ((!noModDB) && (!noCertDB) && (!noRootInit)) {
> if (!SECMOD_HasRootCerts()) {
> nss_FindExternalRoot(configdir, secmodName);
> }
> }
> #endif
>
> Anyone who has ported their server (hm, Apache? OpenLDAP?) to MacOS with NSS
> is going to wonder WTF. If they had just stuck with OpenSSL everything Would
> Just Work.
XP_MAC means "Mac OS Classic". It was very difficult to program for
Mac OS Classic.
The macros we use for Mac OS X are XP_MACOSX and DARWIN (for
its BSD subsystem).
> Frankly, code developed under the model in which NSS was developed (closed
> source for many years, targeting 1 main platform with everything else treated
> as 2nd or 3rd class citizens) can't be trusted, it needs a bottom-up audit
> because otherwise we really don't know what we're getting by using it.
NSS has been open source longer than it was closed source.
NSS has always targeted all the major Unix flavors, Mac, and Windows
as the main platforms. It is true that some platforms (OpenVMS,
BeOS, etc.) are treated as 2nd or 3rd tiers, but don't all projects with
finite resources do that?
I will make it a priority to remove code for obsolete platforms
to avoid confusion.
Wan-Teh
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
