bug 1444943 - set NSS_SDB_USE_CACHE to yes if the profile is on an nfs mount r?jcj
MozReview-Commit-ID: 44DxZxmlSlG
--- a/security/manager/ssl/nsNSSComponent.cpp
+++ b/security/manager/ssl/nsNSSComponent.cpp
@@ -53,16 +53,21 @@
#include "pkix/pkixnss.h"
#include "secerr.h"
#include "secmod.h"
#include "ssl.h"
#include "sslerr.h"
#include "sslproto.h"
#include "prmem.h"
+#if defined(XP_LINUX) && !defined(ANDROID)
+#include <linux/magic.h>
+#include <sys/vfs.h>
+#endif
+
#ifdef XP_WIN
#include "mozilla/WindowsVersion.h"
#include "nsILocalFileWin.h"
#include "windows.h" // this needs to be before the following includes
#include "lmcons.h"
#include "sddl.h"
#include "wincrypt.h"
@@ -1748,51 +1753,65 @@ nsNSSComponent::setEnabledTLSVersions()
SSL_VersionRangeSetDefault(ssl_variant_stream, &filledInRange);
if (srv != SECSuccess) {
return NS_ERROR_FAILURE;
}
return NS_OK;
}
-#ifdef XP_WIN
+#if defined(XP_WIN) || (defined(XP_LINUX) && !defined(ANDROID))
// If the profile directory is on a networked drive, we want to set the
// environment variable NSS_SDB_USE_CACHE to yes (as long as it hasn't been set
// before).
static void
SetNSSDatabaseCacheModeAsAppropriate()
{
nsCOMPtr<nsIFile> profileFile;
nsresult rv = NS_GetSpecialDirectory(NS_APP_USER_PROFILE_50_DIR,
getter_AddRefs(profileFile));
if (NS_FAILED(rv)) {
// We're probably running without a profile directory, so this is
// irrelevant.
return;
}
- nsCOMPtr<nsILocalFileWin> profileFileWin(do_QueryInterface(profileFile));
- if (!profileFileWin) {
- MOZ_LOG(gPIPNSSLog, LogLevel::Debug, ("couldn't get nsILocalFileWin?"));
- return;
+ static const char sNSS_SDB_USE_CACHE[] = "NSS_SDB_USE_CACHE";
+ static const char sNSS_SDB_USE_CACHE_WITH_VALUE[] = "NSS_SDB_USE_CACHE=yes";
+ auto profilePath = profileFile->NativePath();
+
+#if defined(XP_LINUX) && !defined(ANDROID)
+ struct statfs statfs_s;
+ if (statfs(profilePath.get(), &statfs_s) == 0 &&
+ statfs_s.f_type == NFS_SUPER_MAGIC &&
+ !PR_GetEnv(sNSS_SDB_USE_CACHE)) {
+ MOZ_LOG(gPIPNSSLog, LogLevel::Debug,
+ ("profile is remote (and NSS_SDB_USE_CACHE wasn't set): "
+ "setting NSS_SDB_USE_CACHE"));
+ PR_SetEnv(sNSS_SDB_USE_CACHE_WITH_VALUE);
+ } else {
+ MOZ_LOG(gPIPNSSLog, LogLevel::Debug, ("not setting NSS_SDB_USE_CACHE"));
}
- auto profilePath = profileFile->NativePath();
+#endif // defined(XP_LINUX) && !defined(ANDROID)
+
+#ifdef XP_WIN
wchar_t volPath[MAX_PATH];
if (::GetVolumePathNameW(profilePath.get(), volPath, MAX_PATH) &&
::GetDriveTypeW(volPath) == DRIVE_REMOTE &&
- !PR_GetEnv("NSS_SDB_USE_CACHE")) {
+ !PR_GetEnv(sNSS_SDB_USE_CACHE)) {
MOZ_LOG(gPIPNSSLog, LogLevel::Debug,
("profile is remote (and NSS_SDB_USE_CACHE wasn't set): "
"setting NSS_SDB_USE_CACHE"));
- PR_SetEnv("NSS_SDB_USE_CACHE=yes");
+ PR_SetEnv(sNSS_SDB_USE_CACHE_WITH_VALUE);
} else {
MOZ_LOG(gPIPNSSLog, LogLevel::Debug, ("not setting NSS_SDB_USE_CACHE"));
}
+#endif // XP_WIN
}
-#endif // XP_WIN
+#endif // defined(XP_WIN) || (defined(XP_LINUX) && !defined(ANDROID))
static nsresult
GetNSSProfilePath(nsAutoCString& aProfilePath)
{
aProfilePath.Truncate();
nsCOMPtr<nsIFile> profileFile;
nsresult rv = NS_GetSpecialDirectory(NS_APP_USER_PROFILE_50_DIR,
getter_AddRefs(profileFile));
@@ -2044,17 +2063,17 @@ nsNSSComponent::InitializeNSS()
ConfigureInternalPKCS11Token();
nsAutoCString profileStr;
nsresult rv = GetNSSProfilePath(profileStr);
if (NS_FAILED(rv)) {
return NS_ERROR_NOT_AVAILABLE;
}
-#ifdef XP_WIN
+#if defined(XP_WIN) || (defined(XP_LINUX) && !defined(ANDROID))
SetNSSDatabaseCacheModeAsAppropriate();
#endif
bool nocertdb = Preferences::GetBool("security.nocertdb", false);
bool inSafeMode = true;
nsCOMPtr<nsIXULRuntime> runtime(do_GetService("@mozilla.org/xre/runtime;1"));
// There might not be an nsIXULRuntime in embedded situations. This will
// default to assuming we are in safe mode (as a result, no external PKCS11