On 2009-09-12 17:33 PDT, Guenter wrote:
> [...] so I assume that:
> rv = NSS_Initialize(certDir, "", "", "", NSS_INIT_READONLY);
> works also fine with pre-3.12.0, and there's no need to specify secmod.db
> as 4th argument, right?
You only need to specify a non-empty string for the 4th argument if you
want/need to use a non-standard file name for the PKCS#11 module
configuration information file.
> conclusion - would something like that work from 3.2.1 to recent?
>
> char *certDir = PR_smprintf("%s%s",
> NSS_VersionCheck("3.12.0") ? "sql:" : "",
> SSL_DIR);
> rv = NSS_Initialize(certDir, "", "", "", NSS_INIT_READONLY);
> PR_smprintf_free(cerDir);
3.2.1? Yikes!
I do not think that trying to write a program that is fully backwards
compatible with all versions of NSS back to 3.2.1 is a noble objective.
If you really want to do that, you should write, build and test your
program with NSS 3.2.1, and then rely on the newer versions of NSS to
maintain backwards binary compatibility.
Writing and building a program to work with the newest version of NSS,
and then hoping that it will also work with older versions of NSS is
very likely to result in lots of failure and frustration. It is very
likely that your program will call functions that did not exist in older
versions of NSS, or will rely on features that did not exist.
But the biggest reason not to attempt it, in my opinion, is that the
older versions of NSS all have various serious security vulnerabilities.
Those vulnerabilities were fixed in newer versions of NSS. That's how
we always fix security vulnerabilities in NSS. We release new versions
that are backwards binary compatible and contain the fixes. If anyone
is still running NSS 3.2.1, I can think of numerous serious ("critical")
security vulnerabilities to which they are still vulnerable.
I'd say that in the interest of the security of your customers/users,
your best bet would be to write code that checks the version of NSS
being used on the customer's system, and if it's old, put up an error
message about unpatched security vulnerabilities and refuse to start.
Tell the user that you cannot claim to offer any serious security claims
while running on top of an old version of the library with known security
vulnerabilities.
> I guess I can already right after the call to NSS_Initialize() call
> PR_smprintf_free() ?
Yes. I believe so.
> thanks, Günter.
/Nelson
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
