diff options
author | relyea%netscape.com <devnull@localhost> | 2001-02-09 01:34:12 +0000 |
---|---|---|
committer | relyea%netscape.com <devnull@localhost> | 2001-02-09 01:34:12 +0000 |
commit | c16ba6b80782ee9f023a2d9f8a4b5fc45c8095d9 (patch) | |
tree | 0da0cb0a1936d97b960e708d2f39dd453d8d137f /security/nss | |
parent | 9aa2885228e216b4b7eb50eb46db3de8e98755ce (diff) | |
download | nss-hg-c16ba6b80782ee9f023a2d9f8a4b5fc45c8095d9.tar.gz |
Allow applications to initialize nss without necessarily initializing databases.Needed to keep old modutil semantics. Bug 66230. reviewed by wtc.
Diffstat (limited to 'security/nss')
-rw-r--r-- | security/nss/lib/nss/nss.h | 2 | ||||
-rw-r--r-- | security/nss/lib/nss/nssinit.c | 79 |
2 files changed, 62 insertions, 19 deletions
diff --git a/security/nss/lib/nss/nss.h b/security/nss/lib/nss/nss.h index 05e715611..579c4c3a0 100644 --- a/security/nss/lib/nss/nss.h +++ b/security/nss/lib/nss/nss.h @@ -98,7 +98,7 @@ extern SECStatus NSS_InitReadWrite(const char *configdir); */ extern SECStatus NSS_Initialize(const char *configdir, const char *certPrefix, const char *keyPrefix, const char *secmodName, - PRBool readOnly); + PRBool readOnly, PRBool noCertDB, PRBool noModDB, PRBool forceOpen); /* * initialize NSS without a creating cert db's, key db's, or secmod db's. diff --git a/security/nss/lib/nss/nssinit.c b/security/nss/lib/nss/nssinit.c index be134ba01..d8b447c0c 100644 --- a/security/nss/lib/nss/nssinit.c +++ b/security/nss/lib/nss/nssinit.c @@ -98,6 +98,9 @@ nss_keydb_name_cb(void *arg, int dbVersion) case 3: dbver = "3"; break; + case 1: + dbver = "1"; + break; case 2: default: dbver = ""; @@ -209,8 +212,27 @@ nss_OpenVolatileSecModDB() { return rv; } +/* + * OK there are now lots of options here, lets go through them all: + * + * configdir - base directory where all the cert, key, and module datbases live. + * certPrefix - prefix added to the beginning of the cert database example: " + * "https-server1-" + * keyPrefix - prefix added to the beginning of the key database example: " + * "https-server1-" + * secmodName - name of the security module database (usually "secmod.db"). + * readOnly - Boolean: true if the databases are to be openned read only. + * nocertdb - Don't open the cert DB and key DB's, just initialize the + * Volatile certdb. + * nomoddb - Don't open the security module DB, just initialize the + * PKCS #11 module. + * forceOpen - Continue to force initializations even if the databases cannot + * be opened. + */ static SECStatus -nss_Init(const char *configdir, const char *certPrefix, const char *keyPrefix, const char *secmodName, PRBool readOnly, PRBool nodb) +nss_Init(const char *configdir, const char *certPrefix, const char *keyPrefix, + const char *secmodName, PRBool readOnly, PRBool noCertDB, + PRBool noModDB, PRBool forceOpen) { SECStatus status; SECStatus rv = SECFailure; @@ -220,28 +242,45 @@ nss_Init(const char *configdir, const char *certPrefix, const char *keyPrefix, c goto loser; RNG_SystemInfoForRNG(); - status = nss_OpenCertDB(configdir, certPrefix, readOnly); - if (status != SECSuccess) { - if (!nodb) goto loser; + if (noCertDB) { status = nss_OpenVolatileCertDB(); if (status != SECSuccess) { goto loser; } - } + } else { + status = nss_OpenCertDB(configdir, certPrefix, readOnly); + if (status != SECSuccess) { + if (!forceOpen) goto loser; + status = nss_OpenVolatileCertDB(); + if (status != SECSuccess) { + goto loser; + } + } - status = nss_OpenKeyDB(configdir, keyPrefix, readOnly); - if (status != SECSuccess) { - if (!nodb) goto loser; + status = nss_OpenKeyDB(configdir, keyPrefix, readOnly); + if (status != SECSuccess) { + if (!forceOpen) goto loser; + } } - - status = nss_OpenSecModDB(configdir, secmodName); - if (status != SECSuccess) { - goto loser; + if (noModDB) { + status = nss_OpenVolatileSecModDB(); + if (status != SECSuccess) { + goto loser; + } + } else { + status = nss_OpenSecModDB(configdir, secmodName); + if (status != SECSuccess) { + if (!forceOpen) goto loser; + status = nss_OpenVolatileSecModDB(); + if (status != SECSuccess) { + goto loser; + } + } } - rv = SECSuccess; + loser: if (rv != SECSuccess) NSS_Shutdown(); @@ -251,20 +290,24 @@ loser: SECStatus NSS_Init(const char *configdir) { - return nss_Init(configdir, "", "", SECMOD_DB, PR_TRUE, PR_FALSE); + return nss_Init(configdir, "", "", SECMOD_DB, PR_TRUE, + PR_FALSE, PR_FALSE, PR_FALSE); } SECStatus NSS_InitReadWrite(const char *configdir) { - return nss_Init(configdir, "", "", SECMOD_DB, PR_FALSE, PR_FALSE); + return nss_Init(configdir, "", "", SECMOD_DB, PR_FALSE, + PR_FALSE, PR_FALSE, PR_FALSE); } SECStatus -NSS_Initialize(const char *configdir, const char *certPrefix, const char *keyPrefix, const char *secmodName, PRBool readOnly) +NSS_Initialize(const char *configdir, const char *certPrefix, + const char *keyPrefix, const char *secmodName, + PRBool readOnly, PRBool noCertDB, PRBool noModDB, PRBool forceOpen) { - return nss_Init(configdir, certPrefix, keyPrefix, - secmodName, readOnly, PR_TRUE); + return nss_Init(configdir, certPrefix, keyPrefix, secmodName, + readOnly, noCertDB, noModDB, forceOpen); } /* |