I filed https://bugzilla.mozilla.org/show_bug.cgi?id=338601 about
improving ReadSystemFiles performance. I think if that's addressed
there shouldn't be a problem doing a full NSS init (and since there's no
init option to skip initializing the RNG, I think any kind of init will
have this behavi
Julien Pierre wrote:
Brian,
Brian Ryner wrote:
I'll do some profiling to make sure it's the DB initialization that's
causing the performance hit.
I guess maybe I should have mentioned that I'm currently using these
methods through the nsICryptoHash XPCOM wrapper. So we'd either need
to cha
Brian Ryner wrote:
I'll do some profiling to make sure it's the DB initialization that's
causing the performance hit.
I guess maybe I should have mentioned that I'm currently using these
methods through the nsICryptoHash XPCOM wrapper.
I recommend that you continue to use this API.
Using thi
Looking at a startup profile in Quantify, I'm not sure that skipping the
DB initialization will help. The majority of the time seems to be going
to initializing the random number generator (ReadSystemFiles, called
from RNG_SystemInfoForRNG). Or am I missing something that would cause
this all
Wan-Teh Chang wrote:
So, if the app has already initialized NSS,
you just go ahead and use NSS functions. Else,
you have to initialize NSS (in the "no database"
mode) first, and have to shut down NSS.
This sample code assumes that this thread is
the only thread that may initialize NSS in the
ap
Brian,
Brian Ryner wrote:
I'll do some profiling to make sure it's the DB initialization that's
causing the performance hit.
I guess maybe I should have mentioned that I'm currently using these
methods through the nsICryptoHash XPCOM wrapper. So we'd either need to
change that object to kno
I'll do some profiling to make sure it's the DB initialization that's
causing the performance hit.
I guess maybe I should have mentioned that I'm currently using these
methods through the nsICryptoHash XPCOM wrapper. So we'd either need to
change that object to know that it can do a NoDB_Init
Brian Ryner wrote:
Hi,
Is it possible to use the HASH_* NSS functions before NSS_Init has been
called? I'd like to defer the full initialization while still being
able to
run an MD5 hash.
You must initialize NSS. However, there is a
way to initialize NSS for such simple things:
NSS_NoDB_In
I am modifying mod_nss to implement TLS upgrades (RFC2817) to use in a
special-purpose web client-server system. In fact, I think the
modifications to mod_nss are done, but I am not yet done with
implementing TLS upgrades in Firefox, so I haven't tested the mod_nss
modifications.
As we discussed
Frank Hecker wrote:
I'm finally getting back to working on requests for CA for their root
certificates to be included in NSS/Mozilla. (Yes, I suck for leaving
this undone for so long; my apologies.)
The first one I'm working on is for StartCom Ltd., bug 289077:
https://bugzilla.mozilla.org/
Frank Hecker wrote:
I'm finally getting back to working on requests for CA for their root
certificates to be included in NSS/Mozilla. (Yes, I suck for leaving
this undone for so long; my apologies.)
The first one I'm working on is for StartCom Ltd., bug 289077:
https://bugzilla.mozilla.org/
Frank Hecker wrote:
I'm finally getting back to working on requests for CA for their root
certificates to be included in NSS/Mozilla. (Yes, I suck for leaving
this undone for so long; my apologies.)
The first one I'm working on is for StartCom Ltd., bug 289077:
https://bugzilla.mozilla.org/
Looks like the answer is "no", since it ends up trying to use an
uninitialized lock and crashing.
Brian Ryner wrote:
Hi,
Is it possible to use the HASH_* NSS functions before NSS_Init has been
called? I'd like to defer the full initialization while still being
able to
run an MD5 hash.
Than
Hi,
Is it possible to use the HASH_* NSS functions before NSS_Init has been
called? I'd like to defer the full initialization while still being able to
run an MD5 hash.
Thanks.
--
-Brian
___
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.
Nelson B. Bolyard wrote:
Rob Crittenden wrote:
A fair bit of work has been done to mod_nss, an SSL module for Apache
that uses NSS instead of OpenSSL, since it was released last September.
Changes since then include use the NSS OCSP client, addition of a FIPS
mode (similar to modutil -fips true
Wan-Teh Chang wrote:
Rob Crittenden wrote:
A fair bit of work has been done to mod_nss, an SSL module for Apache
that uses NSS instead of OpenSSL, since it was released last September.
Changes since then include use the NSS OCSP client, addition of a FIPS
mode (similar to modutil -fips true -
16 matches
Mail list logo
