Closed
Bug 66230
Opened 24 years ago
Closed 24 years ago
modutil needs to open secmod.db with temp cert & key db's
Categories
(NSS :: Libraries, defect, P1)
Tracking
(Not tracked)
RESOLVED
FIXED
3.2
People
(Reporter: bugz, Assigned: rrelyea)
Details
Attachments
(3 files)
1.31 KB,
patch
|
Details | Diff | Splinter Review | |
4.44 KB,
patch
|
Details | Diff | Splinter Review | |
5.36 KB,
patch
|
Details | Diff | Splinter Review |
modutil has an option -nocertdb, which allows the user to modify a secmod.db
without initializing cert and key db's. This option cannot be supported by any
of the current NSS_Init functions.
Nelson has suggested that since NSS_Initialize is intended to be a general
initialization function to handle all special initialization functions, it needs
to be modified to allow for the behavior described above.
Reporter | ||
Updated•24 years ago
|
Target Milestone: --- → 3.2
Assignee | ||
Updated•24 years ago
|
Status: NEW → ASSIGNED
Updated•24 years ago
|
Priority: -- → P1
Assignee | ||
Comment 1•24 years ago
|
||
OK, I've added several new options to NSS_Initialize:
1) noCertDB - don't even try to initialize the certificate databases.
2) noModDB - don't even try to initialize the module database.
3) forceOpen - if you can't open any of the databases, continue on with the
temparary db's.
I've modified the commands which use NSS_Initialize() in mozilla/security/cmd to
handle the additional parameters.
Assignee | ||
Comment 2•24 years ago
|
||
Assignee | ||
Comment 3•24 years ago
|
||
Assignee | ||
Comment 4•24 years ago
|
||
NOTE:
The following change in nssinit.c
case 3:
dbver = "3";
break;
+ case 1:
+ dbver = "1";
+ break;
case 2:
default:
dbver = "";
Is actually part of the bug fix for bug 68234.
Comment 5•24 years ago
|
||
I reviewed the two patches and sent my suggested
changes to Bob.
Comment 6•24 years ago
|
||
Another suggestion, Bob:
Move the comments for NSS_Initialize from nssinit.c
to nss.h.
Or maybe we should not document this function to
prevent people from using it ;-)
Comment 7•24 years ago
|
||
Bob, I have another suggestion.
Instead of using a PRBool argument for each initialization
option, we can make them bitflags that are OR'ed together.
/* Bitflags for the 'flags' argument of NSS_Initialize */
#define NSS_INIT_READONLY 0x1
#define NSS_INIT_NOCERTDB 0x2
#define NSS_INIT_NOMODDB 0x4
#define NSS_INIT_FORCEOPEN 0x8
extern SECStatus NSS_Initialize(const char *configdir,
const char *certPrefix, const char *keyPrefix, const char *secmodName,
int flags);
This will allow us to add a new Boolean initialization
option without changing the function prototype of
NSS_Initialize.
Assignee | ||
Comment 8•24 years ago
|
||
Ooo. I like this much better, and more extensible. I'll make up a new patch this
morning.
Assignee | ||
Comment 9•24 years ago
|
||
Comment 10•24 years ago
|
||
r=wtc.
Assignee | ||
Comment 11•24 years ago
|
||
OK, Wan-Teh's suggestion has been implemented.
Status: ASSIGNED → RESOLVED
Closed: 24 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•