summaryrefslogtreecommitdiffstats
path: root/security/manager/ssl/moz.build
diff options
context:
space:
mode:
Diffstat (limited to 'security/manager/ssl/moz.build')
-rw-r--r--security/manager/ssl/moz.build246
1 files changed, 246 insertions, 0 deletions
diff --git a/security/manager/ssl/moz.build b/security/manager/ssl/moz.build
new file mode 100644
index 0000000000..76be81582d
--- /dev/null
+++ b/security/manager/ssl/moz.build
@@ -0,0 +1,246 @@
+# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*-
+# vim: set filetype=python:
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+# osclientcerts is currently only implemented for Windows
+# osclientcerts transitively depends on winapi 0.2.8, which doesn't work with
+# AArch64
+if (CONFIG["OS_ARCH"] == "WINNT" and CONFIG["CPU_ARCH"] != "aarch64") or CONFIG[
+ "OS_ARCH"
+] == "Darwin":
+ DIRS += ["osclientcerts"]
+
+TEST_DIRS += ["tests"]
+
+XPIDL_SOURCES += [
+ "nsICertificateDialogs.idl",
+ "nsICertOverrideService.idl",
+ "nsICertStorage.idl",
+ "nsIClientAuthDialogs.idl",
+ "nsIClientAuthRememberService.idl",
+ "nsIContentSignatureVerifier.idl",
+ "nsICryptoHash.idl",
+ "nsICryptoHMAC.idl",
+ "nsIKeyModule.idl",
+ "nsILocalCertService.idl",
+ "nsINSSComponent.idl",
+ "nsINSSErrorsService.idl",
+ "nsINSSVersion.idl",
+ "nsIOSKeyStore.idl",
+ "nsIOSReauthenticator.idl",
+ "nsIPK11Token.idl",
+ "nsIPK11TokenDB.idl",
+ "nsIPKCS11Module.idl",
+ "nsIPKCS11ModuleDB.idl",
+ "nsIPKCS11Slot.idl",
+ "nsIProtectedAuthThread.idl",
+ "nsISecretDecoderRing.idl",
+ "nsISecurityUITelemetry.idl",
+ "nsISiteSecurityService.idl",
+ "nsITokenDialogs.idl",
+ "nsITokenPasswordDialogs.idl",
+ "nsIX509Cert.idl",
+ "nsIX509CertDB.idl",
+ "nsIX509CertValidity.idl",
+]
+
+if CONFIG["MOZ_XUL"]:
+ XPIDL_SOURCES += [
+ "nsICertTree.idl",
+ ]
+
+XPIDL_MODULE = "pipnss"
+
+XPCOM_MANIFESTS += [
+ "components.conf",
+]
+
+EXTRA_JS_MODULES.psm += [
+ "DER.jsm",
+ "RemoteSecuritySettings.jsm",
+ "X509.jsm",
+]
+
+EXPORTS += [
+ "CommonSocketControl.h",
+ "CryptoTask.h",
+ "EnterpriseRoots.h",
+ "nsClientAuthRemember.h",
+ "nsNSSCallbacks.h",
+ "nsNSSCertificate.h",
+ "nsNSSComponent.h",
+ "nsNSSHelper.h",
+ "nsRandomGenerator.h",
+ "nsSecureBrowserUI.h",
+ "nsSecurityHeaderParser.h",
+ "NSSErrorsService.h",
+ "nsSSLSocketProvider.h",
+ "nsTLSSocketProvider.h",
+ "RootCertificateTelemetryUtils.h",
+ "ScopedNSSTypes.h",
+ "SharedCertVerifier.h",
+ "SSLServerCertVerification.h",
+ "TransportSecurityInfo.h",
+]
+
+EXPORTS.mozilla += [
+ "DataStorage.h",
+ "DataStorageList.h",
+ "PublicSSL.h",
+]
+
+EXPORTS.mozilla.psm += [
+ "PSMIPCCommon.h",
+ "TransportSecurityInfo.h",
+ "VerifySSLServerCertChild.h",
+ "VerifySSLServerCertParent.h",
+]
+
+EXPORTS.ipc += [
+ "DataStorageIPCUtils.h",
+]
+
+UNIFIED_SOURCES += [
+ "CommonSocketControl.cpp",
+ "ContentSignatureVerifier.cpp",
+ "CryptoTask.cpp",
+ "CSTrustDomain.cpp",
+ "DataStorage.cpp",
+ "EnterpriseRoots.cpp",
+ "LocalCertService.cpp",
+ "nsCertOverrideService.cpp",
+ "nsClientAuthRemember.cpp",
+ "nsCryptoHash.cpp",
+ "nsKeyModule.cpp",
+ "nsNSSCallbacks.cpp",
+ "nsNSSCertHelper.cpp",
+ "nsNSSCertificate.cpp",
+ "nsNSSCertificateDB.cpp",
+ "nsNSSCertTrust.cpp",
+ "nsNSSComponent.cpp",
+ "nsNSSIOLayer.cpp",
+ "nsNSSModule.cpp",
+ "nsNSSVersion.cpp",
+ "nsNTLMAuthModule.cpp",
+ "nsPK11TokenDB.cpp",
+ "nsPKCS11Slot.cpp",
+ "nsPKCS12Blob.cpp",
+ "nsProtectedAuthThread.cpp",
+ "nsRandomGenerator.cpp",
+ "nsSecureBrowserUI.cpp",
+ "nsSecurityHeaderParser.cpp",
+ "NSSErrorsService.cpp",
+ "nsSiteSecurityService.cpp",
+ "NSSKeyStore.cpp",
+ "nsSSLSocketProvider.cpp",
+ "nsTLSSocketProvider.cpp",
+ "OSKeyStore.cpp",
+ "PKCS11ModuleDB.cpp",
+ "PSMIPCCommon.cpp",
+ "PSMRunnable.cpp",
+ "PublicKeyPinningService.cpp",
+ "RootCertificateTelemetryUtils.cpp",
+ "SecretDecoderRing.cpp",
+ "SharedSSLState.cpp",
+ "SSLServerCertVerification.cpp",
+ "TransportSecurityInfo.cpp",
+ "VerifySSLServerCertChild.cpp",
+ "VerifySSLServerCertParent.cpp",
+ "X509CertValidity.cpp",
+]
+
+if CONFIG["OS_ARCH"] == "WINNT":
+ # On Windows this file includes ntsecapi.h, which contains definitions that
+ # conflict with headers included in remaining source files. We compile this
+ # one independently to prevent that interferance.
+ SOURCES += [
+ "OSReauthenticator.cpp",
+ ]
+else:
+ UNIFIED_SOURCES += [
+ "OSReauthenticator.cpp",
+ ]
+
+if CONFIG["MOZ_WIDGET_TOOLKIT"] == "gtk":
+ UNIFIED_SOURCES += [
+ "LibSecret.cpp",
+ ]
+ CFLAGS += CONFIG["GLIB_CFLAGS"]
+ CXXFLAGS += CONFIG["GLIB_CFLAGS"]
+
+if CONFIG["OS_ARCH"] == "Darwin":
+ UNIFIED_SOURCES += [
+ "KeychainSecret.cpp",
+ "OSReauthenticatorDarwin.mm",
+ ]
+ OS_LIBS += [
+ "-framework LocalAuthentication",
+ "-framework Security",
+ ]
+
+if CONFIG["OS_ARCH"] == "WINNT":
+ OS_LIBS += ["credui"]
+ UNIFIED_SOURCES += [
+ "CredentialManagerSecret.cpp",
+ ]
+
+IPDL_SOURCES += [
+ "PSMIPCTypes.ipdlh",
+ "PVerifySSLServerCert.ipdl",
+]
+
+if CONFIG["MOZ_XUL"]:
+ UNIFIED_SOURCES += [
+ "nsCertTree.cpp",
+ ]
+
+UNIFIED_SOURCES += [
+ "md4.c",
+]
+
+FINAL_LIBRARY = "xul"
+
+LOCAL_INCLUDES += [
+ "/dom/base",
+ "/dom/crypto",
+ "/netwerk/base",
+ "/security/certverifier",
+]
+
+LOCAL_INCLUDES += [
+ "!/dist/public/nss",
+]
+
+GeneratedFile(
+ "nsSTSPreloadListGenerated.inc",
+ script="../../../xpcom/ds/tools/make_dafsa.py",
+ inputs=["nsSTSPreloadList.inc"],
+)
+
+DEFINES["SSL_DISABLE_DEPRECATED_CIPHER_SUITE_NAMES"] = "True"
+DEFINES["NSS_ENABLE_ECC"] = "True"
+
+if not CONFIG["MOZ_SYSTEM_NSS"]:
+ USE_LIBS += [
+ "crmf",
+ ]
+
+# mozpkix is linked statically from the in-tree sources independent of whether
+# system NSS is used or not.
+USE_LIBS += ["mozpkix"]
+
+include("/ipc/chromium/chromium-config.mozbuild")
+
+if CONFIG["CC_TYPE"] in ("clang", "gcc"):
+ CXXFLAGS += [
+ "-Wextra",
+ # -Wextra enables this warning, but it's too noisy to be useful.
+ "-Wno-missing-field-initializers",
+ ]
+
+ # Gecko headers aren't warning-free enough for us to enable these warnings.
+ CXXFLAGS += [
+ "-Wno-unused-parameter",
+ ]