47 lines
1.4 KiB
Diff
47 lines
1.4 KiB
Diff
--- qtwebengine/src/3rdparty/chromium/net/socket/ssl_client_socket_openssl.cc 2015-12-10 18:17:21.000000000 +0100
|
|
+++ qtwebengine/src/3rdparty/chromium/net/socket/ssl_client_socket_openssl.cc 2016-01-14 17:11:38.432633534 +0100
|
|
@@ -57,6 +57,10 @@
|
|
#include "net/ssl/ssl_platform_key.h"
|
|
#endif
|
|
|
|
+#if defined(USE_NSS_CERTS) || defined(OS_IOS)
|
|
+#include "net/cert_net/nss_ocsp.h"
|
|
+#endif
|
|
+
|
|
namespace net {
|
|
|
|
namespace {
|
|
@@ -795,6 +799,14 @@
|
|
DCHECK(!ssl_);
|
|
DCHECK(!transport_bio_);
|
|
|
|
+#if defined(USE_NSS_CERTS) || defined(OS_IOS)
|
|
+ if (ssl_config_.cert_io_enabled) {
|
|
+ // TODO(davidben): Move this out of SSLClientSocket. See
|
|
+ // https://crbug.com/539520.
|
|
+ EnsureNSSHttpIOInit();
|
|
+ }
|
|
+#endif
|
|
+
|
|
SSLContext* context = SSLContext::GetInstance();
|
|
crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE);
|
|
|
|
--- qtwebengine/src/core/config/linux.pri 2015-12-14 16:27:24.000000000 +0100
|
|
+++ qtwebengine/src/core/config/linux.pri 2016-01-14 17:31:05.765975551 +0100
|
|
@@ -18,7 +18,13 @@
|
|
use_kerberos=0 \
|
|
use_pango=0
|
|
|
|
-!use?(nss) {
|
|
+use?(nss) {
|
|
+# do a "chimera build" (BoringSSL code, NSS certs): This is the default in
|
|
+# Chromium 47+, and it is the only variant that works with NSS 3.21.
|
|
+ GYP_CONFIG += use_nss_certs=1 \
|
|
+ use_openssl=1 \
|
|
+ use_openssl_certs=0
|
|
+} else {
|
|
GYP_CONFIG += use_nss_certs=0 \
|
|
use_openssl=1 \
|
|
use_openssl_certs=1
|
|
|