I now have a "working" version of PSM with NSS 3.4 shared libraries.
To build: Pull mozilla (use the normal mozilla build instructions).
Pull PSM from PSM_FOR_NSS_3_4
(cd mozilla/security; cvs update -A -r PSM_FOR_NSS_3_4
manager makefile.win Makefile.in)
Pull NSS from it's tip:
(cd mozilla/security; cvs update -A coreconf nss)
The build works for NT. it will almost certainly fail for other
platforms for the following reasons:
Mac: NSS 3.4 has not yet been built for the Mac, since
the Mac project files are completely different than the common makefile
we use between Unix and NT. NSS 3.4 has had massive file reorg
Unix: mozilla uses two different build systems to build
Unix based systems and windows based systems. The windows based has the
configuration for the PSM link step defined is in the PSM directory. The
Unix bases system has PSM linkage defined in some general mozilla
makefile that lives outside the PSM directory.
WARNING: This tree is a highly unstable development tree. This posting
is only for the very adventureous who are interested in the NSS 3.4
developement. Many things in this tree will break. S/MIME has not been
tested. This branch may break an any time do to NSS developement (the
NSS tip is not necessarily defined to be stable). Your mileage may very.
Void where prohibitted by law. etc.
Major features of NSS 3.4:
1) the softoken has been pulled out as it's own DLL with only 4
external symbols: NSC_GetFunctionList (softoken's PKCS #11
C_GetFunctionList entry point) FC_GetFunctionList (FIPS token's PKCS
#11 C_GetFunctionList entry point). NSC_ModuleDBFunc is an entry point
to read configuration strings from secmod.db. C_GetFunctionList a real
PKCS #11 C_GetFunctionList (which points to NSC_GetFunctionList) so that
softoken can be loaded separately by some application as a PKCS #11 module.
2) All uses of libdbm have been isolated into the softoken.
3) Certificates searches now operate over all tokens, not some mix of
tokens or internal databases, which should facilitate additional sources
of certificate data and lookups in NSS.
4) A prototype of the new 4.0 API is now in place, and driving the
current functionality.
5) A prototype of a proposed PKCS #11 3.0 string initialization of
pkcs #11 modules have are in use.
6) The softoken can now initialize more than one set of cert/key
databases and export them as multiple PKCS #11 tokens.
7) Those symbols where were meant to be public but were only used by
PSM are now exported.
8) Some symbols which PSM needs, but are still nominally private are
exported as well.
---------------
Next up:
-- PSM with NSS 3.4 Shared libraries on some Unix platform
(Linux/Solaris/ or AIX).
