|
|
aed691 |
diff --git a/lib/nss/nssinit.c b/lib/nss/nssinit.c
|
|
|
aed691 |
--- a/lib/nss/nssinit.c
|
|
|
aed691 |
+++ b/lib/nss/nssinit.c
|
|
|
aed691 |
@@ -621,16 +621,31 @@ nss_Init(const char *configdir, const ch
|
|
|
aed691 |
initParams->minPWLen);
|
|
|
aed691 |
if (configStrings == NULL) {
|
|
|
aed691 |
PORT_SetError(SEC_ERROR_NO_MEMORY);
|
|
|
aed691 |
goto loser;
|
|
|
aed691 |
}
|
|
|
aed691 |
configName = initParams->libraryDescription;
|
|
|
aed691 |
passwordRequired = initParams->passwordRequired;
|
|
|
aed691 |
}
|
|
|
aed691 |
+
|
|
|
aed691 |
+ /* If we're NSS_ContextInit, we're probably a library. It could be
|
|
|
aed691 |
+ * possible that the application initialized NSS then forked(). The
|
|
|
aed691 |
+ * library would have no knowledge of that. If we call
|
|
|
aed691 |
+ * SECMOD_RestartModules() here, we will be able to continue on with
|
|
|
aed691 |
+ * NSS as normal. SECMOD_RestartModules() does have the side affect
|
|
|
aed691 |
+ * of losing all our PKCS #11 objects in the new process, but only if
|
|
|
aed691 |
+ * the module needs to be reinited. If it needs to be reinit those
|
|
|
aed691 |
+ * objects are inaccessible anyway, it it's always save to call
|
|
|
aed691 |
+ * SECMOD_RestartModules(PR_FALSE).
|
|
|
aed691 |
+ */
|
|
|
aed691 |
+ /* NOTE: We could call SECMOD_Init() here, but if we aren't already
|
|
|
aed691 |
+ * inited, then there's no modules to restart, so SECMOD_RestartModules
|
|
|
aed691 |
+ * will return immediately */
|
|
|
aed691 |
+ SECMOD_RestartModules(PR_FALSE);
|
|
|
aed691 |
} else {
|
|
|
aed691 |
configStrings = pk11_config_strings;
|
|
|
aed691 |
configName = pk11_config_name;
|
|
|
aed691 |
passwordRequired = pk11_password_required;
|
|
|
aed691 |
}
|
|
|
aed691 |
|
|
|
aed691 |
/* Skip the module init if we are already initted and we are trying
|
|
|
aed691 |
* to init with noCertDB and noModDB */
|