Bug 745281 - Provide the option of disabling SSL PKCS #11 bypass at build time, r=wtc
authoremaldona%redhat.com
Mon, 11 Jun 2012 02:38:30 +0000
changeset 10366 e0fca2242a89130019cd1434cfc02f841b6dcb59
parent 10365 ae2c06b0fed6df2fd6938b39e4e7f18666613c1d
child 10367 e83eeff08cada278fe62987ba6df524438d46f41
push idunknown
push userunknown
push dateunknown
reviewerswtc
bugs745281
Bug 745281 - Provide the option of disabling SSL PKCS #11 bypass at build time, r=wtc
security/nss/lib/ssl/Makefile
security/nss/lib/ssl/config.mk
security/nss/lib/ssl/derive.c
security/nss/lib/ssl/ssl3con.c
security/nss/lib/ssl/ssl3ecc.c
security/nss/lib/ssl/ssl3ext.c
security/nss/lib/ssl/sslsnce.c
security/nss/lib/ssl/sslsock.c
--- a/security/nss/lib/ssl/Makefile
+++ b/security/nss/lib/ssl/Makefile
@@ -52,10 +52,12 @@ include $(CORE_DEPTH)/coreconf/rules.mk
 
 
 #######################################################################
 # (7) Execute "local" rules. (OPTIONAL).                              #
 #######################################################################
 
 export:: private_export
 
+ifndef NSS_NO_PKCS11_BYPASS
 # indicates dependency on freebl static lib
 $(SHARED_LIBRARY): $(CRYPTOLIB)
+endif
--- a/security/nss/lib/ssl/config.mk
+++ b/security/nss/lib/ssl/config.mk
@@ -6,21 +6,25 @@
 ifdef NISCC_TEST
 DEFINES += -DNISCC_TEST
 endif
 
 ifdef NSS_SURVIVE_DOUBLE_BYPASS_FAILURE
 DEFINES += -DNSS_SURVIVE_DOUBLE_BYPASS_FAILURE
 endif
 
+ifdef NSS_NO_PKCS11_BYPASS
+DEFINES += -DNO_PKCS11_BYPASS
+else
 CRYPTOLIB=$(SOFTOKEN_LIB_DIR)/$(LIB_PREFIX)freebl.$(LIB_SUFFIX)
 
 EXTRA_LIBS += \
 	$(CRYPTOLIB) \
 	$(NULL)
+endif
 
 ifeq (,$(filter-out WIN%,$(OS_TARGET)))
 
 # don't want the 32 in the shared library name
 SHARED_LIBRARY = $(OBJDIR)/$(DLL_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION).$(DLL_SUFFIX)
 IMPORT_LIBRARY = $(OBJDIR)/$(IMPORT_LIB_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION)$(IMPORT_LIB_SUFFIX)
 
 RES = $(OBJDIR)/ssl.res
--- a/security/nss/lib/ssl/derive.c
+++ b/security/nss/lib/ssl/derive.c
@@ -5,27 +5,30 @@
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 /* $Id$ */
 
 #include "ssl.h" 	/* prereq to sslimpl.h */
 #include "certt.h"	/* prereq to sslimpl.h */
 #include "keythi.h"	/* prereq to sslimpl.h */
 #include "sslimpl.h"
+#ifndef NO_PKCS11_BYPASS
 #include "blapi.h"
+#endif
 
 #include "keyhi.h"
 #include "pk11func.h"
 #include "secasn1.h"
 #include "cert.h"
 #include "secmodt.h"
 
 #include "sslproto.h"
 #include "sslerr.h"
 
+#ifndef NO_PKCS11_BYPASS
 /* make this a macro! */
 #ifdef NOT_A_MACRO
 static void
 buildSSLKey(unsigned char * keyBlock, unsigned int keyLen, SECItem * result,
             const char * label)
 {
     result->type = siBuffer;
     result->data = keyBlock;
@@ -533,16 +536,17 @@ ssl_canExtractMS(PK11SymKey *pms, PRBool
 
     rv = PK11_ExtractKeyValue(ms);
     *pcbp = (rv == SECSuccess);
     PK11_FreeSymKey(ms);
     
     return(rv);
 
 }
+#endif  /* !NO_PKCS11_BYPASS */
 
 /* Check the key exchange algorithm for each cipher in the list to see if
  * a master secret key can be extracted. If the KEA will use keys from the 
  * specified cert make sure the extract operation is attempted from the slot
  * where the private key resides.
  * If MS can be extracted for all ciphers, (*pcanbypass) is set to TRUE and
  * SECSuccess is returned. In all other cases but one (*pcanbypass) is
  * set to FALSE and SECFailure is returned.
@@ -552,17 +556,26 @@ ssl_canExtractMS(PK11SymKey *pms, PRBool
  */
 
 /* XXX Add SSL_CBP_TLS1_1 and test it in protocolmask when setting isTLS. */
 
 SECStatus 
 SSL_CanBypass(CERTCertificate *cert, SECKEYPrivateKey *srvPrivkey,
 	      PRUint32 protocolmask, PRUint16 *ciphersuites, int nsuites,
               PRBool *pcanbypass, void *pwArg)
-{   SECStatus	      rv;
+{
+#ifdef NO_PKCS11_BYPASS
+    if (!pcanbypass) {
+        PORT_SetError(SEC_ERROR_INVALID_ARGS);
+        return SECFailure;
+    }
+    *pcanbypass = PR_FALSE;
+    return SECSuccess;
+#else
+    SECStatus	      rv;
     int		      i;
     PRUint16	      suite;
     PK11SymKey *      pms = NULL;
     SECKEYPublicKey * srvPubkey = NULL;
     KeyType	      privKeytype;
     PK11SlotInfo *    slot = NULL;
     SECItem           param;
     CK_VERSION 	      version;
@@ -842,10 +855,11 @@ SSL_CanBypass(CERTCertificate *cert, SEC
 
     if (srvPubkey) {
     	SECKEY_DestroyPublicKey(srvPubkey);
 	srvPubkey = NULL;
     }
 
 
     return rv;
+#endif /* NO_PKCS11_BYPASS */
 }
 
--- a/security/nss/lib/ssl/ssl3con.c
+++ b/security/nss/lib/ssl/ssl3con.c
@@ -22,17 +22,19 @@
 #include "prtime.h"
 #include "prinrval.h"
 #include "prerror.h"
 #include "pratom.h"
 #include "prthread.h"
 
 #include "pk11func.h"
 #include "secmod.h"
+#ifndef NO_PKCS11_BYPASS
 #include "blapi.h"
+#endif
 
 #include <stdio.h>
 #ifdef NSS_ENABLE_ZLIB
 #include "zlib.h"
 #endif
 
 #ifndef PK11_SETATTRS
 #define PK11_SETATTRS(x,id,v,l) (x)->type = (id); \
@@ -961,18 +963,20 @@ ssl3_VerifySignedHashes(SSL3Hashes *hash
  */
 SECStatus
 ssl3_ComputeCommonKeyHash(PRUint8 * hashBuf, unsigned int bufLen,
 			     SSL3Hashes *hashes, PRBool bypassPKCS11)
 {
     SECStatus     rv 		= SECSuccess;
 
     if (bypassPKCS11) {
+#ifndef NO_PKCS11_BYPASS
 	MD5_HashBuf (hashes->md5, hashBuf, bufLen);
 	SHA1_HashBuf(hashes->sha, hashBuf, bufLen);
+#endif
     } else {
 	rv = PK11_HashBuf(SEC_OID_MD5, hashes->md5, hashBuf, bufLen);
 	if (rv != SECSuccess) {
 	    ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
 	    rv = SECFailure;
 	    goto done;
 	}
 
@@ -1384,16 +1388,17 @@ ssl3_InitCompressionContext(ssl3CipherSp
 	PORT_Assert(0);
 	PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
 	return SECFailure;
     }
 
     return SECSuccess;
 }
 
+#ifndef NO_PKCS11_BYPASS
 /* Initialize encryption and MAC contexts for pending spec.
  * Master Secret already is derived in spec->msItem
  * Caller holds Spec write lock.
  */
 static SECStatus
 ssl3_InitPendingContextsBypass(sslSocket *ss)
 {
       ssl3CipherSpec  *  pwSpec;
@@ -1550,16 +1555,17 @@ ssl3_InitPendingContextsBypass(sslSocket
     ssl3_InitCompressionContext(pwSpec);
 
 success:
     return SECSuccess;
 
 bail_out:
     return SECFailure;
 }
+#endif
 
 /* This function should probably be moved to pk11wrap and be named 
  * PK11_ParamFromIVAndEffectiveKeyBits
  */
 static SECItem *
 ssl3_ParamFromIV(CK_MECHANISM_TYPE mtype, SECItem *iv, CK_ULONG ulEffectiveBits)
 {
     SECItem * param = PK11_ParamFromIV(mtype, iv);
@@ -1750,29 +1756,31 @@ ssl3_InitPendingCipherSpec(sslSocket *ss
 
     if (pms || (!pwSpec->msItem.len && !pwSpec->master_secret)) {
 	rv = ssl3_DeriveMasterSecret(ss, pms);
 	if (rv != SECSuccess) {
 	    goto done;  /* err code set by ssl3_DeriveMasterSecret */
 	}
     }
     if (ss->opt.bypassPKCS11 && pwSpec->msItem.len && pwSpec->msItem.data) {
+#ifndef NO_PKCS11_BYPASS
 	/* Double Bypass succeeded in extracting the master_secret */
 	const ssl3KEADef * kea_def = ss->ssl3.hs.kea_def;
 	PRBool             isTLS   = (PRBool)(kea_def->tls_keygen ||
                                 (pwSpec->version > SSL_LIBRARY_VERSION_3_0));
 	pwSpec->bypassCiphers = PR_TRUE;
 	rv = ssl3_KeyAndMacDeriveBypass( pwSpec, 
 			     (const unsigned char *)&ss->ssl3.hs.client_random,
 			     (const unsigned char *)&ss->ssl3.hs.server_random,
 			     isTLS, 
 			     (PRBool)(kea_def->is_limited));
 	if (rv == SECSuccess) {
 	    rv = ssl3_InitPendingContextsBypass(ss);
 	}
+#endif
     } else if (pwSpec->master_secret) {
 	rv = ssl3_DeriveConnectionKeysPKCS11(ss);
 	if (rv == SECSuccess) {
 	    rv = ssl3_InitPendingContextsPKCS11(ss);
 	}
     } else {
 	PORT_Assert(pwSpec->master_secret);
 	PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
@@ -1909,16 +1917,17 @@ ssl3_ComputeRecordMAC(
 	PK11Context *mac_context = 
 	    (useServerMacKey ? spec->server.write_mac_context
 	                     : spec->client.write_mac_context);
 	rv  = PK11_DigestBegin(mac_context);
 	rv |= PK11_DigestOp(mac_context, temp, tempLen);
 	rv |= PK11_DigestOp(mac_context, input, inputLength);
 	rv |= PK11_DigestFinal(mac_context, outbuf, outLength, spec->mac_size);
     } else {
+#ifndef NO_PKCS11_BYPASS
 	/* bypass version */
 	const SECHashObject *hashObj = NULL;
 	unsigned int       pad_bytes = 0;
 	PRUint64           write_mac_context[MAX_MAC_CONTEXT_LLONGS];
 
 	switch (mac_def->mac) {
 	case ssl_mac_null:
 	    *outLength = 0;
@@ -1991,16 +2000,17 @@ ssl3_ComputeRecordMAC(
 		HMAC_Begin(cx);
 		HMAC_Update(cx, temp, tempLen);
 		HMAC_Update(cx, input, inputLength);
 		rv = HMAC_Finish(cx, outbuf, outLength, spec->mac_size);
 		HMAC_Destroy(cx, PR_FALSE);
 	    }
 #undef cx
 	}
+#endif
     }
 
     PORT_Assert(rv != SECSuccess || *outLength == (unsigned)spec->mac_size);
 
     PRINT_BUF(95, (NULL, "frag hash2: result", outbuf, *outLength));
 
     if (rv != SECSuccess) {
     	rv = SECFailure;
@@ -3112,16 +3122,17 @@ ssl3_DeriveMasterSecret(sslSocket *ss, P
 	if (fpms) {
 	    PK11_FreeSymKey(fpms);
     	}
     }
     if (pwSpec->master_secret == NULL) {
 	ssl_MapLowLevelError(SSL_ERROR_SESSION_KEY_GEN_FAILURE);
 	return rv;
     }
+#ifndef NO_PKCS11_BYPASS
     if (ss->opt.bypassPKCS11) {
 	SECItem * keydata;
 	/* In hope of doing a "double bypass", 
 	 * need to extract the master secret's value from the key object 
 	 * and store it raw in the sslSocket struct.
 	 */
 	rv = PK11_ExtractKeyValue(pwSpec->master_secret);
 	if (rv != SECSuccess) {
@@ -3147,16 +3158,17 @@ ssl3_DeriveMasterSecret(sslSocket *ss, P
 	    memcpy(pwSpec->raw_master_secret, keydata->data, keydata->len);
 	    pwSpec->msItem.data = pwSpec->raw_master_secret;
 	    pwSpec->msItem.len  = keydata->len;
 	} else {
 	    PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
 	    return SECFailure;
 	}
     }
+#endif
     return SECSuccess;
 }
 
 
 /* 
  * Derive encryption and MAC Keys (and IVs) from master secret
  * Sets a useful error code when returning SECFailure.
  *
@@ -3295,19 +3307,21 @@ loser:
 }
 
 static SECStatus 
 ssl3_RestartHandshakeHashes(sslSocket *ss)
 {
     SECStatus rv = SECSuccess;
 
     if (ss->opt.bypassPKCS11) {
+#ifndef NO_PKCS11_BYPASS
 	ss->ssl3.hs.messages.len = 0;
 	MD5_Begin((MD5Context *)ss->ssl3.hs.md5_cx);
 	SHA1_Begin((SHA1Context *)ss->ssl3.hs.sha_cx);
+#endif
     } else {
 	rv = PK11_DigestBegin(ss->ssl3.hs.md5);
 	if (rv != SECSuccess) {
 	    ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
 	    return rv;
 	}
 	rv = PK11_DigestBegin(ss->ssl3.hs.sha);
 	if (rv != SECSuccess) {
@@ -3326,19 +3340,21 @@ ssl3_NewHandshakeHashes(sslSocket *ss)
 
     /*
      * note: We should probably lookup an SSL3 slot for these
      * handshake hashes in hopes that we wind up with the same slots
      * that the master secret will wind up in ...
      */
     SSL_TRC(30,("%d: SSL3[%d]: start handshake hashes", SSL_GETPID(), ss->fd));
     if (ss->opt.bypassPKCS11) {
+#ifndef NO_PKCS11_BYPASS
 	PORT_Assert(!ss->ssl3.hs.messages.buf && !ss->ssl3.hs.messages.space);
 	ss->ssl3.hs.messages.buf = NULL;
 	ss->ssl3.hs.messages.space = 0;
+#endif
     } else {
 	ss->ssl3.hs.md5 = md5 = PK11_CreateDigestContext(SEC_OID_MD5);
 	ss->ssl3.hs.sha = sha = PK11_CreateDigestContext(SEC_OID_SHA1);
 	if (md5 == NULL) {
 	    ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
 	    goto loser;
 	}
 	if (sha == NULL) {
@@ -3377,24 +3393,26 @@ ssl3_UpdateHandshakeHashes(sslSocket *ss
 			   unsigned int l)
 {
     SECStatus  rv = SECSuccess;
 
     PORT_Assert( ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss) );
 
     PRINT_BUF(90, (NULL, "MD5 & SHA handshake hash input:", b, l));
 
+#ifndef NO_PKCS11_BYPASS
     if (ss->opt.bypassPKCS11) {
 	MD5_Update((MD5Context *)ss->ssl3.hs.md5_cx, b, l);
 	SHA1_Update((SHA1Context *)ss->ssl3.hs.sha_cx, b, l);
 #if defined(NSS_SURVIVE_DOUBLE_BYPASS_FAILURE)
 	rv = sslBuffer_Append(&ss->ssl3.hs.messages, b, l);
 #endif
 	return rv;
     }
+#endif
     rv = PK11_DigestOp(ss->ssl3.hs.md5, b, l);
     if (rv != SECSuccess) {
 	ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
 	return rv;
     }
     rv = PK11_DigestOp(ss->ssl3.hs.sha, b, l);
     if (rv != SECSuccess) {
 	ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
@@ -3679,16 +3697,17 @@ ssl3_ComputeHandshakeHashes(sslSocket * 
     PRBool        isTLS     = (PRBool)(spec->version > SSL_LIBRARY_VERSION_3_0);
     unsigned int  outLength;
     SSL3Opaque    md5_inner[MAX_MAC_LENGTH];
     SSL3Opaque    sha_inner[MAX_MAC_LENGTH];
 
     PORT_Assert( ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss) );
 
     if (ss->opt.bypassPKCS11) {
+#ifndef NO_PKCS11_BYPASS
 	/* compute them without PKCS11 */
 	PRUint64      md5_cx[MAX_MAC_CONTEXT_LLONGS];
 	PRUint64      sha_cx[MAX_MAC_CONTEXT_LLONGS];
 
 #define md5cx ((MD5Context *)md5_cx)
 #define shacx ((SHA1Context *)sha_cx)
 
 	if (!spec->msItem.data) {
@@ -3760,16 +3779,17 @@ ssl3_ComputeHandshakeHashes(sslSocket * 
 	}
 	SHA1_End(shacx, hashes->sha, &outLength, SHA1_LENGTH);
 
 	PRINT_BUF(60, (NULL, "SHA outer: result", hashes->sha, SHA1_LENGTH));
 
 	rv = SECSuccess;
 #undef md5cx
 #undef shacx
+#endif
     } else {
 	/* compute hases with PKCS11 */
 	PK11Context * md5;
 	PK11Context * sha       = NULL;
 	unsigned char *md5StateBuf = NULL;
 	unsigned char *shaStateBuf = NULL;
 	unsigned int  md5StateLen, shaStateLen;
 	unsigned char md5StackBuf[256];
@@ -5346,22 +5366,24 @@ ssl3_HandleServerHello(sslSocket *ss, SS
 	 * b) key is unwrapped, but we're still using PKCS11
 	 * c) key is unwrapped, and we're bypassing PKCS11.
 	 */
 	if (sid->u.ssl3.keys.msIsWrapped) {
 	    PK11SlotInfo *slot;
 	    PK11SymKey *  wrapKey;     /* wrapping key */
 	    CK_FLAGS      keyFlags      = 0;
 
+#ifndef NO_PKCS11_BYPASS
 	    if (ss->opt.bypassPKCS11) {
 		/* we cannot restart a non-bypass session in a 
 		** bypass socket.
 		*/
 		break;  
 	    }
+#endif
 	    /* unwrap master secret with PKCS11 */
 	    slot = SECMOD_LookupSlot(sid->u.ssl3.masterModuleID,
 				     sid->u.ssl3.masterSlotID);
 	    if (slot == NULL) {
 		break;		/* not considered an error. */
 	    }
 	    if (!PK11_IsPresent(slot)) {
 		PK11_FreeSlot(slot);
@@ -5386,23 +5408,25 @@ ssl3_HandleServerHello(sslSocket *ss, SS
 		PK11_UnwrapSymKeyWithFlags(wrapKey, sid->u.ssl3.masterWrapMech, 
 			    NULL, &wrappedMS, CKM_SSL3_MASTER_KEY_DERIVE,
 			    CKA_DERIVE, sizeof(SSL3MasterSecret), keyFlags);
 	    errCode = PORT_GetError();
 	    PK11_FreeSymKey(wrapKey);
 	    if (pwSpec->master_secret == NULL) {
 		break;	/* errorCode set just after call to UnwrapSymKey. */
 	    }
+#ifndef NO_PKCS11_BYPASS
 	} else if (ss->opt.bypassPKCS11) {
 	    /* MS is not wrapped */
 	    wrappedMS.data = sid->u.ssl3.keys.wrapped_master_secret;
 	    wrappedMS.len  = sid->u.ssl3.keys.wrapped_master_secret_len;
 	    memcpy(pwSpec->raw_master_secret, wrappedMS.data, wrappedMS.len);
 	    pwSpec->msItem.data = pwSpec->raw_master_secret;
 	    pwSpec->msItem.len  = wrappedMS.len;
+#endif
 	} else {
 	    /* We CAN restart a bypass session in a non-bypass socket. */
 	    /* need to import the raw master secret to session object */
 	    PK11SlotInfo *slot = PK11_GetInternalSlot();
 	    wrappedMS.data = sid->u.ssl3.keys.wrapped_master_secret;
 	    wrappedMS.len  = sid->u.ssl3.keys.wrapped_master_secret_len;
 	    pwSpec->master_secret =  
 		PK11_ImportSymKey(slot, CKM_SSL3_MASTER_KEY_DERIVE, 
@@ -6704,22 +6728,24 @@ compression_found:
 	}
 	/* we need to resurrect the master secret.... */
 
 	ssl_GetSpecWriteLock(ss);  haveSpecWriteLock = PR_TRUE;
 	pwSpec = ss->ssl3.pwSpec;
 	if (sid->u.ssl3.keys.msIsWrapped) {
 	    PK11SymKey *    wrapKey; 	/* wrapping key */
 	    CK_FLAGS        keyFlags      = 0;
+#ifndef NO_PKCS11_BYPASS
 	    if (ss->opt.bypassPKCS11) {
 		/* we cannot restart a non-bypass session in a 
 		** bypass socket.
 		*/
 		break;  
 	    }
+#endif
 
 	    wrapKey = getWrappingKey(ss, NULL, sid->u.ssl3.exchKeyType,
 				     sid->u.ssl3.masterWrapMech, 
 				     ss->pkcs11PinArg);
 	    if (!wrapKey) {
 		/* we have a SID cache entry, but no wrapping key for it??? */
 		break;
 	    }
@@ -6735,22 +6761,24 @@ compression_found:
 	    pwSpec->master_secret =
 		PK11_UnwrapSymKeyWithFlags(wrapKey, sid->u.ssl3.masterWrapMech, 
 			    NULL, &wrappedMS, CKM_SSL3_MASTER_KEY_DERIVE,
 			    CKA_DERIVE, sizeof(SSL3MasterSecret), keyFlags);
 	    PK11_FreeSymKey(wrapKey);
 	    if (pwSpec->master_secret == NULL) {
 		break;	/* not an error */
 	    }
+#ifndef NO_PKCS11_BYPASS
 	} else if (ss->opt.bypassPKCS11) {
 	    wrappedMS.data = sid->u.ssl3.keys.wrapped_master_secret;
 	    wrappedMS.len  = sid->u.ssl3.keys.wrapped_master_secret_len;
 	    memcpy(pwSpec->raw_master_secret, wrappedMS.data, wrappedMS.len);
 	    pwSpec->msItem.data = pwSpec->raw_master_secret;
 	    pwSpec->msItem.len  = wrappedMS.len;
+#endif
 	} else {
 	    /* We CAN restart a bypass session in a non-bypass socket. */
 	    /* need to import the raw master secret to session object */
 	    PK11SlotInfo * slot;
 	    wrappedMS.data = sid->u.ssl3.keys.wrapped_master_secret;
 	    wrappedMS.len  = sid->u.ssl3.keys.wrapped_master_secret_len;
 	    slot = PK11_GetInternalSlot();
 	    pwSpec->master_secret =  
@@ -7685,20 +7713,22 @@ ssl3_GenerateRSAPMS(sslSocket *ss, ssl3C
  */
 static SECStatus
 ssl3_HandleRSAClientKeyExchange(sslSocket *ss,
                                 SSL3Opaque *b,
 				PRUint32 length,
 				SECKEYPrivateKey *serverKey)
 {
     PK11SymKey *      pms;
+#ifndef NO_PKCS11_BYPASS
     unsigned char *   cr     = (unsigned char *)&ss->ssl3.hs.client_random;
     unsigned char *   sr     = (unsigned char *)&ss->ssl3.hs.server_random;
     ssl3CipherSpec *  pwSpec = ss->ssl3.pwSpec;
     unsigned int      outLen = 0;
+#endif
     PRBool            isTLS  = PR_FALSE;
     SECStatus         rv;
     SECItem           enc_pms;
     unsigned char     rsaPmsBuf[SSL3_RSA_PMS_LENGTH];
     SECItem           pmsItem = {siBuffer, NULL, 0};
 
     PORT_Assert( ss->opt.noLocks || ssl_HaveRecvBufLock(ss) );
     PORT_Assert( ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss) );
@@ -7719,16 +7749,17 @@ ssl3_HandleRSAClientKeyExchange(sslSocke
 	    enc_pms.len = kLen;
 	}
 	isTLS = PR_TRUE;
     } else {
 	isTLS = (PRBool)(ss->ssl3.hs.kea_def->tls_keygen != 0);
     }
 
     if (ss->opt.bypassPKCS11) {
+#ifndef NO_PKCS11_BYPASS
 	/* TRIPLE BYPASS, get PMS directly from RSA decryption.
 	 * Use PK11_PrivDecryptPKCS1 to decrypt the PMS to a buffer, 
 	 * then, check for version rollback attack, then 
 	 * do the equivalent of ssl3_DeriveMasterSecret, placing the MS in 
 	 * pwSpec->msItem.  Finally call ssl3_InitPendingCipherSpec with 
 	 * ss and NULL, so that it will use the MS we've already derived here. 
 	 */
 
@@ -7754,18 +7785,21 @@ ssl3_HandleRSAClientKeyExchange(sslSocke
 	rv = ssl3_MasterKeyDeriveBypass(pwSpec, cr, sr, &pmsItem, isTLS, 
 					PR_TRUE);
 	if (rv != SECSuccess) {
 	    pwSpec->msItem.data = pwSpec->raw_master_secret;
 	    pwSpec->msItem.len  = SSL3_MASTER_SECRET_LENGTH;
 	    PK11_GenerateRandom(pwSpec->msItem.data, pwSpec->msItem.len);
 	}
 	rv = ssl3_InitPendingCipherSpec(ss,  NULL);
+#endif
     } else {
+#ifndef NO_PKCS11_BYPASS
 double_bypass:
+#endif
 	/*
 	 * unwrap pms out of the incoming buffer
 	 * Note: CKM_SSL3_MASTER_KEY_DERIVE is NOT the mechanism used to do 
 	 *	the unwrap.  Rather, it is the mechanism with which the 
 	 *      unwrapped pms will be used.
 	 */
 	pms = PK11_PubUnwrapSymKey(serverKey, &enc_pms,
 				   CKM_SSL3_MASTER_KEY_DERIVE, CKA_DERIVE, 0);
@@ -8557,26 +8591,32 @@ ssl3_TLSPRFWithMasterSecret(ssl3CipherSp
 	rv |= PK11_DigestOp(prf_context, (unsigned char *) label, labelLen);
 	rv |= PK11_DigestOp(prf_context, val, valLen);
 	rv |= PK11_DigestFinal(prf_context, out, &retLen, outLen);
 	PORT_Assert(rv != SECSuccess || retLen == outLen);
 
 	PK11_DestroyContext(prf_context, PR_TRUE);
     } else {
 	/* bypass PKCS11 */
+#ifdef NO_PKCS11_BYPASS
+	PORT_Assert(spec->master_secret);
+	PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+	rv = SECFailure;
+#else
 	SECItem inData  = { siBuffer, };
 	SECItem outData = { siBuffer, };
 	PRBool isFIPS   = PR_FALSE;
 
 	inData.data  = (unsigned char *) val;
 	inData.len   = valLen;
 	outData.data = out;
 	outData.len  = outLen;
 	rv = TLS_PRF(&spec->msItem, label, &inData, &outData, isFIPS);
 	PORT_Assert(rv != SECSuccess || outData.len == outLen);
+#endif
     }
     return rv;
 }
 
 /* called from ssl3_HandleServerHelloDone
  */
 static SECStatus
 ssl3_SendNextProto(sslSocket *ss)
@@ -10143,20 +10183,22 @@ ssl3_DestroySSL3Info(sslSocket *ss)
 	ssl3_CleanupPeerCerts(ss);
 
     if (ss->ssl3.clientCertChain != NULL) {
        CERT_DestroyCertificateList(ss->ssl3.clientCertChain);
        ss->ssl3.clientCertChain = NULL;
     }
 
     /* clean up handshake */
+#ifndef NO_PKCS11_BYPASS
     if (ss->opt.bypassPKCS11) {
 	SHA1_DestroyContext((SHA1Context *)ss->ssl3.hs.sha_cx, PR_FALSE);
 	MD5_DestroyContext((MD5Context *)ss->ssl3.hs.md5_cx, PR_FALSE);
     } 
+#endif
     if (ss->ssl3.hs.md5) {
 	PK11_DestroyContext(ss->ssl3.hs.md5,PR_TRUE);
     }
     if (ss->ssl3.hs.sha) {
 	PK11_DestroyContext(ss->ssl3.hs.sha,PR_TRUE);
     }
     if (ss->ssl3.hs.messages.buf) {
     	PORT_Free(ss->ssl3.hs.messages.buf);
--- a/security/nss/lib/ssl/ssl3ecc.c
+++ b/security/nss/lib/ssl/ssl3ecc.c
@@ -23,17 +23,16 @@
 #include "prinrval.h"
 #include "prerror.h"
 #include "pratom.h"
 #include "prthread.h"
 #include "prinit.h"
 
 #include "pk11func.h"
 #include "secmod.h"
-#include "blapi.h"
 
 #include <stdio.h>
 
 #ifdef NSS_ENABLE_ECC
 
 #ifndef PK11_SETATTRS
 #define PK11_SETATTRS(x,id,v,l) (x)->type = (id); \
 		(x)->pValue=(v); (x)->ulValueLen = (l);
--- a/security/nss/lib/ssl/ssl3ext.c
+++ b/security/nss/lib/ssl/ssl3ext.c
@@ -9,41 +9,49 @@
 /* $Id$ */
 
 #include "nssrenam.h"
 #include "nss.h"
 #include "ssl.h"
 #include "sslproto.h"
 #include "sslimpl.h"
 #include "pk11pub.h"
+#ifdef NO_PKCS11_BYPASS
+#include "blapit.h"
+#else
 #include "blapi.h"
+#endif
 #include "prinit.h"
 
 static unsigned char  key_name[SESS_TICKET_KEY_NAME_LEN];
 static PK11SymKey    *session_ticket_enc_key_pkcs11 = NULL;
 static PK11SymKey    *session_ticket_mac_key_pkcs11 = NULL;
 
+#ifndef NO_PKCS11_BYPASS
 static unsigned char  session_ticket_enc_key[AES_256_KEY_LENGTH];
 static unsigned char  session_ticket_mac_key[SHA256_LENGTH];
 
 static PRBool         session_ticket_keys_initialized = PR_FALSE;
+#endif
 static PRCallOnceType generate_session_keys_once;
 
 /* forward static function declarations */
 static SECStatus ssl3_ParseEncryptedSessionTicket(sslSocket *ss,
     SECItem *data, EncryptedSessionTicket *enc_session_ticket);
 static SECStatus ssl3_AppendToItem(SECItem *item, const unsigned char *buf,
     PRUint32 bytes);
 static SECStatus ssl3_AppendNumberToItem(SECItem *item, PRUint32 num,
     PRInt32 lenSize);
 static SECStatus ssl3_GetSessionTicketKeysPKCS11(sslSocket *ss,
     PK11SymKey **aes_key, PK11SymKey **mac_key);
+#ifndef NO_PKCS11_BYPASS
 static SECStatus ssl3_GetSessionTicketKeys(const unsigned char **aes_key,
     PRUint32 *aes_key_length, const unsigned char **mac_key,
     PRUint32 *mac_key_length);
+#endif
 static PRInt32 ssl3_SendRenegotiationInfoXtn(sslSocket * ss,
     PRBool append, PRUint32 maxBytes);
 static SECStatus ssl3_HandleRenegotiationInfoXtn(sslSocket *ss, 
     PRUint16 ex_type, SECItem *data);
 static SECStatus ssl3_ClientHandleNextProtoNegoXtn(sslSocket *ss,
 			PRUint16 ex_type, SECItem *data);
 static SECStatus ssl3_ServerHandleNextProtoNegoXtn(sslSocket *ss,
 			PRUint16 ex_type, SECItem *data);
@@ -158,16 +166,17 @@ ssl3_GetSessionTicketKeysPKCS11(sslSocke
 	session_ticket_mac_key_pkcs11 == NULL)
 	return SECFailure;
 
     *aes_key = session_ticket_enc_key_pkcs11;
     *mac_key = session_ticket_mac_key_pkcs11;
     return SECSuccess;
 }
 
+#ifndef NO_PKCS11_BYPASS
 static PRStatus
 ssl3_GenerateSessionTicketKeys(void)
 {
     PORT_Memcpy(key_name, SESS_TICKET_KEY_NAME_PREFIX,
 	sizeof(SESS_TICKET_KEY_NAME_PREFIX));
 
     if (!ssl_GetSessionTicketKeys(&key_name[SESS_TICKET_KEY_NAME_PREFIX_LEN],
 	    session_ticket_enc_key, session_ticket_mac_key))
@@ -191,16 +200,17 @@ ssl3_GetSessionTicketKeys(const unsigned
 
     *aes_key = session_ticket_enc_key;
     *aes_key_length = sizeof(session_ticket_enc_key);
     *mac_key = session_ticket_mac_key;
     *mac_key_length = sizeof(session_ticket_mac_key);
 
     return SECSuccess;
 }
+#endif
 
 /* Table of handlers for received TLS hello extensions, one per extension.
  * In the second generation, this table will be dynamic, and functions
  * will be registered here.
  */
 /* This table is used by the server, to handle client hello extensions. */
 static const ssl3HelloExtensionHandler clientHelloHandlers[] = {
     { ssl_server_name_xtn,        &ssl3_HandleServerNameXtn },
@@ -650,27 +660,29 @@ ssl3_SendNewSessionTicket(sslSocket *ss)
     SSL3KEAType          effectiveExchKeyType = ssl_kea_null;
     PRUint32             padding_length;
     PRUint32             message_length;
     PRUint32             cert_length;
     uint8                length_buf[4];
     PRUint32             now;
     PK11SymKey          *aes_key_pkcs11;
     PK11SymKey          *mac_key_pkcs11;
+#ifndef NO_PKCS11_BYPASS
     const unsigned char *aes_key;
     const unsigned char *mac_key;
     PRUint32             aes_key_length;
     PRUint32             mac_key_length;
     PRUint64             aes_ctx_buf[MAX_CIPHER_CONTEXT_LLONGS];
     AESContext          *aes_ctx;
-    CK_MECHANISM_TYPE    cipherMech = CKM_AES_CBC;
-    PK11Context         *aes_ctx_pkcs11;
     const SECHashObject *hashObj = NULL;
     PRUint64             hmac_ctx_buf[MAX_MAC_CONTEXT_LLONGS];
     HMACContext         *hmac_ctx;
+#endif
+    CK_MECHANISM_TYPE    cipherMech = CKM_AES_CBC;
+    PK11Context         *aes_ctx_pkcs11;
     CK_MECHANISM_TYPE    macMech = CKM_SHA256_HMAC;
     PK11Context         *hmac_ctx_pkcs11;
     unsigned char        computed_mac[TLS_EX_SESS_TICKET_MAC_LENGTH];
     unsigned int         computed_mac_length;
     unsigned char        iv[AES_BLOCK_SIZE];
     SECItem              ivItem;
     SECItem             *srvName = NULL;
     PRUint32             srvNameLen = 0;
@@ -689,18 +701,20 @@ ssl3_SendNewSessionTicket(sslSocket *ss)
 
     /* Get IV and encryption keys */
     ivItem.data = iv;
     ivItem.len = sizeof(iv);
     rv = PK11_GenerateRandom(iv, sizeof(iv));
     if (rv != SECSuccess) goto loser;
 
     if (ss->opt.bypassPKCS11) {
+#ifndef NO_PKCS11_BYPASS
 	rv = ssl3_GetSessionTicketKeys(&aes_key, &aes_key_length,
 	    &mac_key, &mac_key_length);
+#endif
     } else {
 	rv = ssl3_GetSessionTicketKeysPKCS11(ss, &aes_key_pkcs11,
 	    &mac_key_pkcs11);
     }
     if (rv != SECSuccess) goto loser;
 
     if (ss->ssl3.pwSpec->msItem.len && ss->ssl3.pwSpec->msItem.data) {
 	/* The master secret is available unwrapped. */
@@ -859,25 +873,27 @@ ssl3_SendNewSessionTicket(sslSocket *ss)
 
     if (SECITEM_AllocItem(NULL, &ciphertext, ciphertext_length) == NULL) {
 	rv = SECFailure;
 	goto loser;
     }
 
     /* Generate encrypted portion of ticket. */
     if (ss->opt.bypassPKCS11) {
+#ifndef NO_PKCS11_BYPASS
 	aes_ctx = (AESContext *)aes_ctx_buf;
 	rv = AES_InitContext(aes_ctx, aes_key, aes_key_length, iv, 
 	    NSS_AES_CBC, 1, AES_BLOCK_SIZE);
 	if (rv != SECSuccess) goto loser;
 
 	rv = AES_Encrypt(aes_ctx, ciphertext.data, &ciphertext.len,
 	    ciphertext.len, plaintext_item.data,
 	    plaintext_item.len);
 	if (rv != SECSuccess) goto loser;
+#endif
     } else {
 	aes_ctx_pkcs11 = PK11_CreateContextBySymKey(cipherMech,
 	    CKA_ENCRYPT, aes_key_pkcs11, &ivItem);
 	if (!aes_ctx_pkcs11) 
 	    goto loser;
 
 	rv = PK11_CipherOp(aes_ctx_pkcs11, ciphertext.data,
 	    (int *)&ciphertext.len, ciphertext.len,
@@ -888,29 +904,31 @@ ssl3_SendNewSessionTicket(sslSocket *ss)
     }
 
     /* Convert ciphertext length to network order. */
     length_buf[0] = (ciphertext.len >> 8) & 0xff;
     length_buf[1] = (ciphertext.len     ) & 0xff;
 
     /* Compute MAC. */
     if (ss->opt.bypassPKCS11) {
+#ifndef NO_PKCS11_BYPASS
 	hmac_ctx = (HMACContext *)hmac_ctx_buf;
 	hashObj = HASH_GetRawHashObject(HASH_AlgSHA256);
 	if (HMAC_Init(hmac_ctx, hashObj, mac_key,
 		mac_key_length, PR_FALSE) != SECSuccess)
 	    goto loser;
 
 	HMAC_Begin(hmac_ctx);
 	HMAC_Update(hmac_ctx, key_name, SESS_TICKET_KEY_NAME_LEN);
 	HMAC_Update(hmac_ctx, iv, sizeof(iv));
 	HMAC_Update(hmac_ctx, (unsigned char *)length_buf, 2);
 	HMAC_Update(hmac_ctx, ciphertext.data, ciphertext.len);
 	HMAC_Finish(hmac_ctx, computed_mac, &computed_mac_length,
 	    sizeof(computed_mac));
+#endif
     } else {
 	SECItem macParam;
 	macParam.data = NULL;
 	macParam.len = 0;
 	hmac_ctx_pkcs11 = PK11_CreateContextBySymKey(macMech,
 	    CKA_SIGN, mac_key_pkcs11, &macParam);
 	if (!hmac_ctx_pkcs11)
 	    goto loser;
@@ -999,29 +1017,31 @@ ssl3_ServerHandleSessionTicketXtn(sslSoc
     if (data->len == 0) {
 	ss->xtnData.emptySessionTicket = PR_TRUE;
     } else {
 	int                    i;
 	SECItem                extension_data;
 	EncryptedSessionTicket enc_session_ticket;
 	unsigned char          computed_mac[TLS_EX_SESS_TICKET_MAC_LENGTH];
 	unsigned int           computed_mac_length;
+#ifndef NO_PKCS11_BYPASS
 	const SECHashObject   *hashObj;
 	const unsigned char   *aes_key;
 	const unsigned char   *mac_key;
-	PK11SymKey            *aes_key_pkcs11;
-	PK11SymKey            *mac_key_pkcs11;
 	PRUint32               aes_key_length;
 	PRUint32               mac_key_length;
 	PRUint64               hmac_ctx_buf[MAX_MAC_CONTEXT_LLONGS];
 	HMACContext           *hmac_ctx;
+	PRUint64               aes_ctx_buf[MAX_CIPHER_CONTEXT_LLONGS];
+	AESContext            *aes_ctx;
+#endif
+	PK11SymKey            *aes_key_pkcs11;
+	PK11SymKey            *mac_key_pkcs11;
 	PK11Context           *hmac_ctx_pkcs11;
 	CK_MECHANISM_TYPE      macMech = CKM_SHA256_HMAC;
-	PRUint64               aes_ctx_buf[MAX_CIPHER_CONTEXT_LLONGS];
-	AESContext            *aes_ctx;
 	PK11Context           *aes_ctx_pkcs11;
 	CK_MECHANISM_TYPE      cipherMech = CKM_AES_CBC;
 	unsigned char *        padding;
 	PRUint32               padding_length;
 	unsigned char         *buffer;
 	unsigned int           buffer_len;
 	PRInt32                temp;
 	SECItem                cert_item;
@@ -1042,18 +1062,20 @@ ssl3_ServerHandleSessionTicketXtn(sslSoc
 	extension_data.len = data->len;
 
 	if (ssl3_ParseEncryptedSessionTicket(ss, data, &enc_session_ticket)
 	    != SECSuccess)
 	    return SECFailure;
 
 	/* Get session ticket keys. */
 	if (ss->opt.bypassPKCS11) {
+#ifndef NO_PKCS11_BYPASS
 	    rv = ssl3_GetSessionTicketKeys(&aes_key, &aes_key_length,
 		&mac_key, &mac_key_length);
+#endif
 	} else {
 	    rv = ssl3_GetSessionTicketKeysPKCS11(ss, &aes_key_pkcs11,
 		&mac_key_pkcs11);
 	}
 	if (rv != SECSuccess) {
 	    SSL_DBG(("%d: SSL[%d]: Unable to get/generate session ticket keys.",
 			SSL_GETPID(), ss->fd));
 	    goto loser;
@@ -1068,27 +1090,29 @@ ssl3_ServerHandleSessionTicketXtn(sslSoc
 			SSL_GETPID(), ss->fd));
 	    goto no_ticket;
 	}
 
 	/* Verify the MAC on the ticket.  MAC verification may also
 	 * fail if the MAC key has been recently refreshed.
 	 */
 	if (ss->opt.bypassPKCS11) {
+#ifndef NO_PKCS11_BYPASS
 	    hmac_ctx = (HMACContext *)hmac_ctx_buf;
 	    hashObj = HASH_GetRawHashObject(HASH_AlgSHA256);
 	    if (HMAC_Init(hmac_ctx, hashObj, mac_key,
 		    sizeof(session_ticket_mac_key), PR_FALSE) != SECSuccess)
 		goto no_ticket;
 	    HMAC_Begin(hmac_ctx);
 	    HMAC_Update(hmac_ctx, extension_data.data,
 		extension_data.len - TLS_EX_SESS_TICKET_MAC_LENGTH);
 	    if (HMAC_Finish(hmac_ctx, computed_mac, &computed_mac_length,
 		    sizeof(computed_mac)) != SECSuccess)
 		goto no_ticket;
+#endif
 	} else {
 	    SECItem macParam;
 	    macParam.data = NULL;
 	    macParam.len = 0;
 	    hmac_ctx_pkcs11 = PK11_CreateContextBySymKey(macMech,
 		CKA_SIGN, mac_key_pkcs11, &macParam);
 	    if (!hmac_ctx_pkcs11) {
 		SSL_DBG(("%d: SSL[%d]: Unable to create HMAC context: %d.",
@@ -1124,32 +1148,34 @@ ssl3_ServerHandleSessionTicketXtn(sslSoc
 
 	/* Decrypt the ticket. */
 
 	/* Plaintext is shorter than the ciphertext due to padding. */
 	decrypted_state = SECITEM_AllocItem(NULL, NULL,
 	    enc_session_ticket.encrypted_state.len);
 
 	if (ss->opt.bypassPKCS11) {
+#ifndef NO_PKCS11_BYPASS
 	    aes_ctx = (AESContext *)aes_ctx_buf;
 	    rv = AES_InitContext(aes_ctx, aes_key,
 		sizeof(session_ticket_enc_key), enc_session_ticket.iv,
 		NSS_AES_CBC, 0,AES_BLOCK_SIZE);
 	    if (rv != SECSuccess) {
 		SSL_DBG(("%d: SSL[%d]: Unable to create AES context.",
 			    SSL_GETPID(), ss->fd));
 		goto no_ticket;
 	    }
 
 	    rv = AES_Decrypt(aes_ctx, decrypted_state->data,
 		&decrypted_state->len, decrypted_state->len,
 		enc_session_ticket.encrypted_state.data,
 		enc_session_ticket.encrypted_state.len);
 	    if (rv != SECSuccess)
 		goto no_ticket;
+#endif
 	} else {
 	    SECItem ivItem;
 	    ivItem.data = enc_session_ticket.iv;
 	    ivItem.len = AES_BLOCK_SIZE;
 	    aes_ctx_pkcs11 = PK11_CreateContextBySymKey(cipherMech,
 		CKA_DECRYPT, aes_key_pkcs11, &ivItem);
 	    if (!aes_ctx_pkcs11) {
 		SSL_DBG(("%d: SSL[%d]: Unable to create AES context.",
@@ -1314,19 +1340,21 @@ ssl3_ServerHandleSessionTicketXtn(sslSoc
 	    sid->u.ssl3.cipherSuite = parsed_session_ticket->cipher_suite;
 	    sid->u.ssl3.compression = parsed_session_ticket->compression_method;
 	    sid->authAlgorithm = parsed_session_ticket->authAlgorithm;
 	    sid->authKeyBits = parsed_session_ticket->authKeyBits;
 	    sid->keaType = parsed_session_ticket->keaType;
 	    sid->keaKeyBits = parsed_session_ticket->keaKeyBits;
 
 	    /* Copy master secret. */
+#ifndef NO_PKCS11_BYPASS
 	    if (ss->opt.bypassPKCS11 &&
 		    parsed_session_ticket->ms_is_wrapped)
 		goto no_ticket;
+#endif
 	    if (parsed_session_ticket->ms_length >
 		    sizeof(sid->u.ssl3.keys.wrapped_master_secret))
 		goto no_ticket;
 	    PORT_Memcpy(sid->u.ssl3.keys.wrapped_master_secret,
 		parsed_session_ticket->master_secret,
 		parsed_session_ticket->ms_length);
 	    sid->u.ssl3.keys.wrapped_master_secret_len =
 		parsed_session_ticket->ms_length;
--- a/security/nss/lib/ssl/sslsnce.c
+++ b/security/nss/lib/ssl/sslsnce.c
@@ -49,17 +49,22 @@
 
 #include "cert.h"
 #include "ssl.h"
 #include "sslimpl.h"
 #include "sslproto.h"
 #include "pk11func.h"
 #include "base64.h"
 #include "keyhi.h"
+#ifdef NO_PKCS11_BYPASS
+#include "blapit.h"
+#include "sechash.h"
+#else
 #include "blapi.h"
+#endif
 
 #include <stdio.h>
 
 #if defined(XP_UNIX) || defined(XP_BEOS)
 
 #include <syslog.h>
 #include <fcntl.h>
 #include <unistd.h>
@@ -411,18 +416,22 @@ CacheSrvName(cacheDesc * cache, SECItem 
         name->len > SSL_MAX_DNS_HOST_NAME) {
 	PORT_SetError(SEC_ERROR_INVALID_ARGS);
 	return 0;
     }
 
     snce.type = name->type;
     snce.nameLen = name->len;
     PORT_Memcpy(snce.name, name->data, snce.nameLen);
+#ifdef NO_PKCS11_BYPASS
+    HASH_HashBuf(HASH_AlgSHA256, snce.nameHash, name->data, name->len);
+#else
     SHA256_HashBuf(snce.nameHash, (unsigned char*)name->data,
                    name->len);
+#endif
     /* get index of the next name */
     ndx = Get32BitNameHash(name);
     /* get lock on cert cache */
     now = LockSidCacheLock(cache->srvNameCacheLock, 0);
     if (now) {
         if (cache->numSrvNameCacheEntries > 0) {
             /* Fit the index into array */
             ndx %= cache->numSrvNameCacheEntries;
--- a/security/nss/lib/ssl/sslsock.c
+++ b/security/nss/lib/ssl/sslsock.c
@@ -10,17 +10,19 @@
 #include "seccomon.h"
 #include "cert.h"
 #include "keyhi.h"
 #include "ssl.h"
 #include "sslimpl.h"
 #include "sslproto.h"
 #include "nspr.h"
 #include "private/pprio.h"
+#ifndef NO_PKCS11_BYPASS
 #include "blapi.h"
+#endif
 #include "nss.h"
 
 #define SET_ERROR_CODE   /* reminder */
 
 struct cipherPolicyStr {
 	int		cipher;
 	unsigned char 	export;	/* policy value for export policy */
 	unsigned char 	france;	/* policy value for france policy */
@@ -528,16 +530,17 @@ PrepareSocket(sslSocket *ss)
 }
 
 SECStatus
 SSL_Enable(PRFileDesc *fd, int which, PRBool on)
 {
     return SSL_OptionSet(fd, which, on);
 }
 
+#ifndef NO_PKCS11_BYPASS
 static const PRCallOnceType pristineCallOnce;
 static PRCallOnceType setupBypassOnce;
 
 static SECStatus SSL_BypassShutdown(void* appData, void* nssData)
 {
     /* unload freeBL shared library from memory */
     BL_Unload();
     setupBypassOnce = pristineCallOnce;
@@ -545,20 +548,26 @@ static SECStatus SSL_BypassShutdown(void
 }
 
 static PRStatus SSL_BypassRegisterShutdown(void)
 {
     SECStatus rv = NSS_RegisterShutdown(SSL_BypassShutdown, NULL);
     PORT_Assert(SECSuccess == rv);
     return SECSuccess == rv ? PR_SUCCESS : PR_FAILURE;
 }
+#endif
 
 static PRStatus SSL_BypassSetup(void)
 {
+#ifdef NO_PKCS11_BYPASS
+    /* Guarantee binary compatibility */
+    return PR_SUCCESS;
+#else
     return PR_CallOnce(&setupBypassOnce, &SSL_BypassRegisterShutdown);
+#endif
 }
 
 /* Implements the semantics for SSL_OptionSet(SSL_ENABLE_TLS, on) described in
  * ssl.h in the section "SSL version range setting API".
  */
 static void
 ssl_EnableTLS(SSLVersionRange *vrange, PRBool on)
 {
@@ -767,17 +776,21 @@ SSL_OptionSet(PRFileDesc *fd, PRInt32 wh
 
       case SSL_BYPASS_PKCS11:
 	if (ss->handshakeBegun) {
 	    PORT_SetError(PR_INVALID_STATE_ERROR);
 	    rv = SECFailure;
 	} else {
             if (PR_FALSE != on) {
                 if (PR_SUCCESS == SSL_BypassSetup() ) {
+#ifdef NO_PKCS11_BYPASS
+                    ss->opt.bypassPKCS11   = PR_FALSE;
+#else
                     ss->opt.bypassPKCS11   = on;
+#endif
                 } else {
                     rv = SECFailure;
                 }
             } else {
                 ss->opt.bypassPKCS11   = PR_FALSE;
             }
 	}
 	break;
@@ -1059,17 +1072,21 @@ SSL_OptionSetDefault(PRInt32 which, PRBo
 	ssl_defaults.noStepDown     = on;         
 	if (on)
 	    SSL_DisableDefaultExportCipherSuites();
 	break;
 
       case SSL_BYPASS_PKCS11:
         if (PR_FALSE != on) {
             if (PR_SUCCESS == SSL_BypassSetup()) {
+#ifdef NO_PKCS11_BYPASS
+                ssl_defaults.bypassPKCS11   = PR_FALSE;
+#else
                 ssl_defaults.bypassPKCS11   = on;
+#endif
             } else {
                 return SECFailure;
             }
         } else {
             ssl_defaults.bypassPKCS11   = PR_FALSE;
         }
 	break;
 
@@ -2787,22 +2804,24 @@ ssl_SetDefaultsFromEnvironment(void)
 	if (ev && ev[0]) {
 	    ssl_keylog_iob = fopen(ev, "a");
 	    if (ftell(ssl_keylog_iob) == 0) {
 		fputs("# pre-master secret log file, generated by NSS\n",
 		      ssl_keylog_iob);
 	    }
 	    SSL_TRACE(("SSL: logging pre-master secrets to %s", ev));
 	}
+#ifndef NO_PKCS11_BYPASS
 	ev = getenv("SSLBYPASS");
 	if (ev && ev[0]) {
 	    ssl_defaults.bypassPKCS11 = (ev[0] == '1');
 	    SSL_TRACE(("SSL: bypass default set to %d", \
 		      ssl_defaults.bypassPKCS11));
 	}
+#endif /* NO_PKCS11_BYPASS */
 	ev = getenv("SSLFORCELOCKS");
 	if (ev && ev[0] == '1') {
 	    ssl_force_locks = PR_TRUE;
 	    ssl_defaults.noLocks = 0;
 	    strcpy(lockStatus + LOCKSTATUS_OFFSET, "FORCED.  ");
 	    SSL_TRACE(("SSL: force_locks set to %d", ssl_force_locks));
 	}
 	ev = getenv("NSS_SSL_ENABLE_RENEGOTIATION");