testbound compiles --with-nss.

git-svn-id: file:///svn/unbound/trunk@2692 be551aaa-1e26-0410-a405-d3ace91eadb9

diff --git a/daemon/daemon.c b/daemon/daemon.c
index 9d6ce9fe47feeb72765f0f0bb2cf7b616309d2e5..b17d5488184ef65fe2934a4ced8e53054787a5b7 100644 (file)
--- a/daemon/daemon.c
+++ b/daemon/daemon.c
@@ -55,6 +55,11 @@
 #ifdef HAVE_OPENSSL_ENGINE_H
 #include <openssl/engine.h>
 #endif
+
+#ifdef HAVE_NSS
+#include <nss3/nss.h>
+#endif
+
 #include <ldns/ldns.h>
 #include "daemon/daemon.h"
 #include "daemon/worker.h"
@@ -189,20 +194,25 @@ daemon_init(void)
 #endif /* USE_WINSOCK */
        signal_handling_record();
        checklock_start();
+#ifdef HAVE_SSL
        ERR_load_crypto_strings();
        ERR_load_SSL_strings();
-#ifdef HAVE_OPENSSL_CONFIG
+#  ifdef HAVE_OPENSSL_CONFIG
        OPENSSL_config("unbound");
-#endif
-#ifdef USE_GOST
+#  endif
+#  ifdef USE_GOST
        (void)ldns_key_EVP_load_gost_id();
-#endif
+#  endif
        OpenSSL_add_all_algorithms();
-#if HAVE_DECL_SSL_COMP_GET_COMPRESSION_METHODS
+#  if HAVE_DECL_SSL_COMP_GET_COMPRESSION_METHODS
        /* grab the COMP method ptr because openssl leaks it */
        comp_meth = (void*)SSL_COMP_get_compression_methods();
-#endif
+#  endif
        (void)SSL_library_init();
+#elif defined(HAVE_NSS)
+       if(NSS_NoDB_Init(NULL) != SECSuccess)
+               fatal_exit("could not init NSS");
+#endif /* HAVE_SSL or HAVE_NSS */
 #ifdef HAVE_TZSET
        /* init timezone info while we are not chrooted yet */
        tzset();
@@ -530,31 +540,37 @@ daemon_delete(struct daemon* daemon)
        free(daemon->chroot);
        free(daemon->pidfile);
        free(daemon->env);
+#ifdef HAVE_SSL
        SSL_CTX_free((SSL_CTX*)daemon->listen_sslctx);
        SSL_CTX_free((SSL_CTX*)daemon->connect_sslctx);
+#endif
        free(daemon);
 #ifdef LEX_HAS_YYLEX_DESTROY
        /* lex cleanup */
        ub_c_lex_destroy();
 #endif
        /* libcrypto cleanup */
-#if defined(USE_GOST) && defined(HAVE_LDNS_KEY_EVP_UNLOAD_GOST)
+#ifdef HAVE_SSL
+#  if defined(USE_GOST) && defined(HAVE_LDNS_KEY_EVP_UNLOAD_GOST)
        ldns_key_EVP_unload_gost();
-#endif
-#if HAVE_DECL_SSL_COMP_GET_COMPRESSION_METHODS && HAVE_DECL_SK_SSL_COMP_POP_FREE
-#ifndef S_SPLINT_S
+#  endif
+#  if HAVE_DECL_SSL_COMP_GET_COMPRESSION_METHODS && HAVE_DECL_SK_SSL_COMP_POP_FREE
+#    ifndef S_SPLINT_S
        sk_SSL_COMP_pop_free(comp_meth, (void(*)())CRYPTO_free);
-#endif
-#endif
-#ifdef HAVE_OPENSSL_CONFIG
+#    endif
+#  endif
+#  ifdef HAVE_OPENSSL_CONFIG
        EVP_cleanup();
        ENGINE_cleanup();
        CONF_modules_free();
-#endif
+#  endif
        CRYPTO_cleanup_all_ex_data(); /* safe, no more threads right now */
        ERR_remove_state(0);
        ERR_free_strings();
        RAND_cleanup();
+#elif defined(HAVE_NSS)
+       NSS_Shutdown();
+#endif /* HAVE_SSL or HAVE_NSS */
        checklock_stop();
 #ifdef USE_WINSOCK
        if(WSACleanup() != 0) {

diff --git a/daemon/unbound.c b/daemon/unbound.c
index 6d87a4f6d5c4ace99b2850f82f293edb4ba98a16..4e647c7657749159de51326d450b6197622120c7 100644 (file)
--- a/daemon/unbound.c
+++ b/daemon/unbound.c
@@ -87,6 +87,10 @@
 #  include "winrc/win_svc.h"
 #endif
 
+#ifdef HAVE_NSS
+#  include <nss3/nss.h>
+#endif
+
 /** global debug value to keep track of heap memory allocation */
 void* unbound_start_brk = 0;
 
@@ -159,7 +163,12 @@ static void usage()
        get_event_sys(&evnm, &evsys, &evmethod);
        printf("linked libs: %s %s (it uses %s), ldns %s, %s\n", 
                evnm, evsys, evmethod, ldns_version(), 
-               SSLeay_version(SSLEAY_VERSION));
+#ifdef HAVE_SSL
+               SSLeay_version(SSLEAY_VERSION)
+#elif defined(HAVE_NSS)
+               NSS_GetVersion()
+#endif
+               );
        printf("linked modules:");
        for(m = module_list_avail(); *m; m++)
                printf(" %s", *m);