Bring SSL strength up to NSS 3.x level.

security/nss/cmd/sslstrength/Makefile

@@ -1,5 +1,5 @@
 #! gmake
-#
+# 
 # The contents of this file are subject to the Mozilla Public
 # License Version 1.1 (the "License"); you may not use this file
 # except in compliance with the License. You may obtain a copy of
@@ -52,7 +52,15 @@ include $(CORE_DEPTH)/coreconf/config.mk
 # (4) Include "local" platform-dependent assignments (OPTIONAL).      #
 #######################################################################
 
-include $(CORE_DEPTH)/security/cmd/platlibs.mk
+include ../platlibs.mk
+
+ifeq (,$(filter-out WINNT WIN95 WIN16,$(OS_TARGET)))  # omits WINCE
+ifndef BUILD_OPT
+LDFLAGS   +=  /subsystem:console /profile /debug /machine:I386 /incremental:no
+OS_CFLAGS += -D_CONSOLE
+endif
+endif
+
 
 #######################################################################
 # (5) Execute "global" rules. (OPTIONAL)                              #
@@ -64,9 +72,11 @@ include $(CORE_DEPTH)/coreconf/rules.mk
 # (6) Execute "component" rules. (OPTIONAL)                           #
 #######################################################################
 
+#include ../platlibs.mk
+
 #######################################################################
 # (7) Execute "local" rules. (OPTIONAL).                              #
 #######################################################################
 
-
+include ../platrules.mk
 

security/nss/cmd/sslstrength/manifest.mn

@@ -43,7 +43,7 @@ PROGRAM =  sslstrength
 
 REQUIRES = security dbm seccmd
 
-DEFINES = -DNSPR20
+DEFINES += -DDLL_PREFIX=\"$(DLL_PREFIX)\" -DDLL_SUFFIX=\"$(DLL_SUFFIX)\"
 
 PACKAGE_FILES = sslstrength
 

security/nss/cmd/sslstrength/sslstrength.c

@@ -50,6 +50,8 @@
 #include "cert.h"
 #include "ssl.h"
 #include "sslproto.h"
+#include "secmod.h"
+#include "nss.h"
 
 /* define this if you want telnet capability! */
 
@@ -172,7 +174,7 @@ void SetPolicy(char *c,int policy) {  /* policy==1 : domestic,   policy==0, expo
   }
   
 
-  for (i=0;i<PL_strlen(c);i++) {
+  for (i=0;i<(int)PL_strlen(c);i++) {
     for (j=0;j<(sizeof(ciphers)/sizeof(struct CipherPolicy));j++) {
       if (ciphers[j].number == c[i]) {
 	cpolicy = policy?ciphers[j].domestic:ciphers[j].export;
@@ -337,21 +339,18 @@ PRInt32 main(PRInt32 argc,char **argv, char **envp)
 
   PR_fprintf(PR_STDOUT,"Using %s policy\n",policy?"domestic":"export");
   
-  /* use current directory for certificate database if not set */
-  
-  if (! certdir) {   
-    certdir = PR_smprintf(".");
-  }
-  
-  SECU_ConfigDirectory(certdir);
-  
-  
   /* allow you to set env var SSLDIR to set the cert directory */
   if (! certdir) certdir = SECU_DefaultSSLDir();  
-  if (certdir) SECU_ConfigDirectory(certdir);
-  
-  /* PR_Init(progname, 1, 1, 0); */
-  SECU_PKCS11Init(PR_FALSE /*readOnly==PR_FALSE*/);
+
+  /* if we don't have one still, initialize with no databases */
+  if (!certdir) {
+    rv = NSS_NoDB_Init(NULL);
+
+    (void) SECMOD_AddNewModule("Builtins", DLL_PREFIX"nssckbi."DLL_SUFFIX,0,0);
+  } else {
+    rv = NSS_Init(certdir);
+    SECU_ConfigDirectory(certdir);
+  }
   
   /* Lookup host */
   r = PR_GetHostByName(hostname,netdbbuf,PR_NETDB_BUF_SIZE,&hp);
@@ -382,9 +381,6 @@ PRInt32 main(PRInt32 argc,char **argv, char **envp)
     return -1;
   }
   
-  /* Initialize all the libsec goodies */
-  SEC_Init();
-  
   dbmsg("10: About to enable security\n");
   
   rv = SSL_OptionSet(s, SSL_SECURITY, PR_TRUE);
@@ -414,24 +410,6 @@ PRInt32 main(PRInt32 argc,char **argv, char **envp)
     return -1;
   }
   
-  handle = (CERTCertDBHandle *)PORT_ZAlloc(sizeof(CERTCertDBHandle));
-  if (!handle) {
-    PrintErrString(progname, "could not allocate database handle");
-    return -1;
-  }
-  
-  dbmsg("20: About to open certificate database\n");
-  
-  
-  /* Open up the certificate database */
-  rv = CERT_OpenCertDBFilename(handle, "cert7.db", PR_TRUE);
-  if ( rv ) {
-    PrintErrString(progname, "unable to open cert database");
-    rv = CERT_OpenVolatileCertDB(handle);
-  }
-  
-	     CERT_SetDefaultCertDB(handle);
-  
   dbmsg("30: About to set AuthCertificateHook\n");