diff options
| author | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2017-10-23 16:51:05 +0200 |
|---|---|---|
| committer | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2017-12-05 17:04:14 +0100 |
| commit | c357eb3f7483c17a184614c31ecea0a17cd30e92 (patch) | |
| tree | 9ed5fe4b67363fc2cbd0f2e35f4f778950d32d5f | |
| parent | 8ffae806c3daf7f8f178f0c87a2552df68e9af91 (diff) | |
| download | qtwebengine-chromium-c357eb3f7483c17a184614c31ecea0a17cd30e92.tar.gz | |
[Revert] Uprev NSS requirement on Linux to 3.26
This reverts the upstream commit that upped the minimum NSS version
because Google certificates are signed by a weak root which causes
warnings in earlier NSS versions. Since NSS is a shared library, doing a
build-time check is pointless, and we still have CIs with old versions.
Original commit message:
BUG=691261
Change-Id: Ib7396ffb27e20e3dff041266d523a842d2c5d9c7
Review-Url: https://codereview.chromium.org/2721373002
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
| -rw-r--r-- | chromium/crypto/nss_util.cc | 13 | ||||
| -rw-r--r-- | chromium/crypto/scoped_test_nss_db.cc | 9 |
2 files changed, 17 insertions, 5 deletions
diff --git a/chromium/crypto/nss_util.cc b/chromium/crypto/nss_util.cc index e5a6d6f68f5..ad58f137403 100644 --- a/chromium/crypto/nss_util.cc +++ b/chromium/crypto/nss_util.cc @@ -622,13 +622,16 @@ class NSSInitSingleton { EnsureNSPRInit(); - // We *must* have NSS >= 3.26 at compile time. - static_assert((NSS_VMAJOR == 3 && NSS_VMINOR >= 26) || (NSS_VMAJOR > 3), - "nss version check failed"); + // We *must* have NSS >= 3.14.3. + static_assert( + (NSS_VMAJOR == 3 && NSS_VMINOR == 14 && NSS_VPATCH >= 3) || + (NSS_VMAJOR == 3 && NSS_VMINOR > 14) || + (NSS_VMAJOR > 3), + "nss version check failed"); // Also check the run-time NSS version. // NSS_VersionCheck is a >= check, not strict equality. - if (!NSS_VersionCheck("3.26")) { - LOG(FATAL) << "NSS_VersionCheck(\"3.26\") failed. NSS >= 3.26 is " + if (!NSS_VersionCheck("3.14.3")) { + LOG(FATAL) << "NSS_VersionCheck(\"3.14.3\") failed. NSS >= 3.14.3 is " "required. Please upgrade to the latest NSS, and if you " "still get this error, contact your distribution " "maintainer."; diff --git a/chromium/crypto/scoped_test_nss_db.cc b/chromium/crypto/scoped_test_nss_db.cc index 03470c13037..b334109e034 100644 --- a/chromium/crypto/scoped_test_nss_db.cc +++ b/chromium/crypto/scoped_test_nss_db.cc @@ -44,6 +44,15 @@ ScopedTestNSSDB::~ScopedTestNSSDB() { CERT_DestroyCertList(cert_list); } + // Don't close when NSS is < 3.15.1, because it would require an additional + // sleep for 1 second after closing the database, due to + // http://bugzil.la/875601. + if (!NSS_VersionCheck("3.15.1")) { + LOG(ERROR) << "NSS version is < 3.15.1, test DB will not be closed."; + temp_dir_.Take(); + return; + } + // NSS is allowed to do IO on the current thread since dispatching // to a dedicated thread would still have the affect of blocking // the current thread, due to NSS's internal locking requirements |