Add NSS_NoDB_Init()

2 files changed, 43 insertions, 0 deletions

diff --git a/security/nss/lib/nss/nss.h b/security/nss/lib/nss/nss.h
index 157f110e0..154125c8b 100644
--- a/security/nss/lib/nss/nss.h
+++ b/security/nss/lib/nss/nss.h
@@ -49,6 +49,11 @@ SEC_BEGIN_PROTOS
  */
 extern SECStatus NSS_Init(const char *configdir);
 
+/*
+ * initialize NSS without a creating cert db's, key db's, or secmod db's.
+ */
+SECStatus NSS_NoDB_Init(const char *configdir);
+
 /* 
  * Close the Cert, Key databases.
  */
diff --git a/security/nss/lib/nss/nssinit.c b/security/nss/lib/nss/nssinit.c
index 92d009fc9..fef93e630 100644
--- a/security/nss/lib/nss/nssinit.c
+++ b/security/nss/lib/nss/nssinit.c
@@ -43,6 +43,7 @@
 #include "ssl.h"
 #include "sslproto.h"
 #include "secmod.h"
+#include "secmodi.h"
 #include "nss.h"
 #include "secrng.h"
 #include "cdbhdl.h"	/* ??? */
@@ -180,6 +181,42 @@ loser:
     return rv;
 }
 
+/*
+ * initialize NSS without a creating cert db's, key db's, or secmod db's.
+ */
+SECStatus
+NSS_NoDB_Init(const char * configdir)
+{
+          
+      CERTCertDBHandle certhandle = { 0 };
+      SECStatus rv = SECSuccess;
+      SECMODModule *module;
+
+      /* now we want to verify the signature */
+      /*  Initialize the cert code */
+      rv = CERT_OpenVolatileCertDB(&certhandle);
+      if (rv != SECSuccess) {
+	   return rv;
+      }
+      CERT_SetDefaultCertDB(&certhandle);
+
+      RNG_RNGInit();
+      RNG_SystemInfoForRNG();
+      PK11_InitSlotLists();
+
+      module = SECMOD_NewInternal();
+      if (module == NULL) {
+	   return SECFailure;
+      }
+      rv = SECMOD_LoadModule(module);
+      if (rv != SECSuccess) {
+	   return rv;
+      }
+
+      SECMOD_SetInternalModule(module);
+      return rv;
+}
+
 void
 NSS_Shutdown(void)
 {
@@ -199,3 +236,4 @@ NSS_Shutdown(void)
      * but there's no secmod function to close the DB.
      */
 }
+