Wan-Teh Chang wrote, On 2008-08-15 19:36:
> We ran into a similar problem with PKCS #11 modules that
> NSS and some other libraries share. When one of the libraries
> calls C_Finalize on the shared PKCS #11 module, it prevents
> the other libraries from using the PKCS #11 module.
>
> Some possible solutions to this problem:
>
> 1. Change cURL to call NSS_IsInitialized. If
> NSS_Initialized returns PR_FALSE, then cURL knows
> it needs to initialize and shut down NSS. If NSS_IsInitialized
> returns PR_TRUE, cURL won't initialize and shut down NSS.
I don't know how long cURL runs once started, but I could see the
following sequence of events:
- curl calls NSS_IsInitialized and gets back a false result,
- curl initializes NSS, and then runs for a while
- while curl is running, PSM initializes NSS
- curl finishes, and based on that previous result from IsInitialized,
it decides to call NSS_Shutdown.
- PSM tries to use NSS, unaware that it is shut down, and boom
Also, Ideally, cURL would initialize NSS with the user's profile directory.
(That is, I don't think curl typically wants its own set of trusted certs).
So it would be good if it got that profile directory name from the browser
somehow, or called upon PSM to initialize NSS for it.
> 2. Add a function to cURL that cURL users can call
> to indicate that cURL isn't responsible for initializing
> and shutting down NSS.
That requires that the invoker of cURL knows that NSS is already initialized
before invoking cURL, right?
> 3. Change NSS_Init so that instead of doing nothing
> when NSS is already initialized:
>
> http://mxr.mozilla.org/security/source/security/nss/lib/nss/nssinit.c#448
> 448 if (nss_IsInitted) {
> 449 return SECSuccess;
> 450 }
>
> it increments an initialization count. Then, NSS_Shutdown
> decrements the initialization count, and only shuts down
> NSS when the count reaches 0.
Option 3 appeals to me the most, but I'm afraid it would break binary
compatibility to modify NSS_Shutdown as you described. Software that
now depends on a single call to the shutdown function always shutting
down NSS might end up not shutting down NSS.
I can think of some ways to try to address that. We could perhaps do
the ref counting as you suggest in NSS_Init*, and then let the existing
NSS_Shutdown function always shutdown and clear the ref count, but add
a new shutdown function (NSS_CountedShutdown ?) that decrements the ref
count and if zero, then it calls NSS_Shutdown.
This may necessitate adding locks to NSS_Init and NSS_Shutdown, since
those functions presently assume that the caller has achieved mutual
exclusion with other callers.
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
