Closed
Bug 66230
Opened 24 years ago
Closed 24 years ago
modutil needs to open secmod.db with temp cert & key db's
Categories
(NSS :: Libraries, defect, P1)
Tracking
(Not tracked)
RESOLVED
FIXED
3.2
People
(Reporter: bugz, Assigned: rrelyea)
Details
Attachments
(3 files)
1.31 KB,
patch
|
Details | Diff | Splinter Review | |
4.44 KB,
patch
|
Details | Diff | Splinter Review | |
5.36 KB,
patch
|
Details | Diff | Splinter Review |
modutil has an option -nocertdb, which allows the user to modify a secmod.db without initializing cert and key db's. This option cannot be supported by any of the current NSS_Init functions. Nelson has suggested that since NSS_Initialize is intended to be a general initialization function to handle all special initialization functions, it needs to be modified to allow for the behavior described above.
Reporter | ||
Updated•24 years ago
|
Target Milestone: --- → 3.2
Assignee | ||
Updated•24 years ago
|
Status: NEW → ASSIGNED
Updated•24 years ago
|
Priority: -- → P1
Assignee | ||
Comment 1•24 years ago
|
||
OK, I've added several new options to NSS_Initialize: 1) noCertDB - don't even try to initialize the certificate databases. 2) noModDB - don't even try to initialize the module database. 3) forceOpen - if you can't open any of the databases, continue on with the temparary db's. I've modified the commands which use NSS_Initialize() in mozilla/security/cmd to handle the additional parameters.
Assignee | ||
Comment 2•24 years ago
|
||
Assignee | ||
Comment 3•24 years ago
|
||
Assignee | ||
Comment 4•24 years ago
|
||
NOTE: The following change in nssinit.c case 3: dbver = "3"; break; + case 1: + dbver = "1"; + break; case 2: default: dbver = ""; Is actually part of the bug fix for bug 68234.
Comment 5•24 years ago
|
||
I reviewed the two patches and sent my suggested changes to Bob.
Comment 6•24 years ago
|
||
Another suggestion, Bob: Move the comments for NSS_Initialize from nssinit.c to nss.h. Or maybe we should not document this function to prevent people from using it ;-)
Comment 7•24 years ago
|
||
Bob, I have another suggestion. Instead of using a PRBool argument for each initialization option, we can make them bitflags that are OR'ed together. /* Bitflags for the 'flags' argument of NSS_Initialize */ #define NSS_INIT_READONLY 0x1 #define NSS_INIT_NOCERTDB 0x2 #define NSS_INIT_NOMODDB 0x4 #define NSS_INIT_FORCEOPEN 0x8 extern SECStatus NSS_Initialize(const char *configdir, const char *certPrefix, const char *keyPrefix, const char *secmodName, int flags); This will allow us to add a new Boolean initialization option without changing the function prototype of NSS_Initialize.
Assignee | ||
Comment 8•24 years ago
|
||
Ooo. I like this much better, and more extensible. I'll make up a new patch this morning.
Assignee | ||
Comment 9•24 years ago
|
||
Comment 10•24 years ago
|
||
r=wtc.
Assignee | ||
Comment 11•24 years ago
|
||
OK, Wan-Teh's suggestion has been implemented.
Status: ASSIGNED → RESOLVED
Closed: 24 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•