NSS Refactor 3 11

From MozillaWiki
Revision as of 22:46, 8 June 2007 by Relyea (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

NSS Packaging Refactor for 3.11

The Current Dependency Tree

Current NSS dependency tree (NSS 3.11.X).

libcrmf.a

  • Built with sources in nss/lib/crmf
  • Static library only.

libsmime3.so

  • Built with sources in nss/lib/smime
  • Statically linked with objects in nss/lib/pkcs12 and nss/lib/pkcs7
  • Depends on libnss3.so
  • Depends on nspr*

libssl3.so

  • Built with sourced in nss/lib/ssl
  • Statically lined with library libreebl.a (nss/lib/freebl^)
  • Depends on libnss3.so
  • Depends on libfreebl.so^
  • Depends on nspr*

libnss3.so

  • Built with sources in nss/lib/nss
  • Statically linked with objects in:
    • nss/lib/certhigh
    • nss/lib/cryptohi
    • nss/lib/pk11wrap
    • nss/lib/certdb
    • nss/lib/util
    • nss/lib/pki
    • nss/lib/dev
    • nss/lib/base
  • Depends libsoftokn3.so
  • Depends on nspr*

libsoftokn3.so

  • Built with sources in nss/lib/softoken
  • Statically linked with libraries:
    • libsecutil.a (nss/lib/util)
    • libdbm.a (dbm)
    • libfreebl.a (nss/lib/freebl^)
  • Depends on libfreebl.so^
  • Depends on nspr*
^NOTE: Freebl dependency is dynamically loaded with DLopen and won't show up
on a normal dependency list.

libfreebl.so

  • Built with soruces in nss/lib/freebl
  • Statically linked with libraries:
    • libsecutil.a (nss/lib/util)
    • libdbm.a (dbm)

libnssckbi.so

  • Built with sources in nss/lib/ckfw/builtins
  • Statically linked with libraries:
    • libnssckfw.a (nss/lib/ckfw)
    • libssb.a (nss/lib/base)
  • Depends on nspr*

Analysis

For the most part these are pretty much straight line dependencies, distinct dependencies.

The exceptions are nss/lib/base, nss/lib/util and nss/lib/freebl. The latter is really a static binding to a loader function, so in practice there is very little in freebl that is actually 'copied' between components.

nss/lib/base is used in both libnss3.so and libckbi.so. This is the only runtime dependency libckbi.so has on the rest of NSS. Unfortately nss/lib/base depends on some headers in nss/lib/util, and nss/lib/ckfw depends on some headers in nss/lib/softoken.

nss/lib/base is one of the slowest changing directories in the NSS tree. Since NSS 3.9 there have been a grand total of 4 changes made to that tree:

  1. Between 3.9 and 3.10 the license changed from dual to tri-license.
  2. Between 3.9 and 3.10 two pointers were changed from &pointer[offset] to pointer+offset (offset was negative, and the new code is more readable).
  3. Between 3.11.2 and 3.11.3 alex fixed a null dereference bug.
  4. Between 3.11 and 3.12 whatnspr.c was removed.

nss/lib/util is used by libnss3.so, libsoftkn3.so and libfreebl.so.

ckfw/nssckbi dependencies

Besides the object code dependencies, there are some unexpected build dependencies for ckfw.

If you try the following: 

 # get ckfw
 cvs checkout -r NSS_3_11_BRANCH mozilla/security/coreconf mozilla/security/nss/lib/base mozilla/security/nss/lib/ckfw

 # get nspr
 cvs checkout mozilla/nsprpub
 cvs checkout -r NSS_3_11_BRANCH mozilla/security/nss/Makefile mozilla/security/nss/manifest.mn

 #build dependencies
 cd mozilla/security/nss
 make build_coreconf build_nspr

 #build base
 cd lib/base
 make

 #build ckfw
 cd ../ckfw
 make

You find the lib/base will fail because it needs header files supplied out of lib/util and lib/ckfw will fail because it needs header files supplied out of softoken (the pkcs11 headers).

Recommendation

For NSS 3.11.x We should support just replacing the ckfw directory. It's dependencies with the rest of NSS are pretty small, easily identified, and does not change very much.

Retrieved from "https://wiki.mozilla.org/index.php?title=NSS_Refactor_3_11&oldid=59061"