diff options
author | relyea%netscape.com <devnull@localhost> | 2001-02-10 02:03:03 +0000 |
---|---|---|
committer | relyea%netscape.com <devnull@localhost> | 2001-02-10 02:03:03 +0000 |
commit | 585e4221dc087f8a4b84a23af16675305330f18c (patch) | |
tree | 984bf408b08f1f998411d6909898e538db892214 /security | |
parent | b452c2a244dbb60d194a9b2a2e33b38349e019f1 (diff) | |
download | nss-hg-585e4221dc087f8a4b84a23af16675305330f18c.tar.gz |
Make the public interface use a flags variable instead of a billion little
Bools.
suggested and reviewed by wtc in bug 66230
Diffstat (limited to 'security')
-rw-r--r-- | security/nss/cmd/certutil/certutil.c | 2 | ||||
-rw-r--r-- | security/nss/cmd/modutil/modutil.c | 6 | ||||
-rw-r--r-- | security/nss/lib/nss/nss.h | 25 | ||||
-rw-r--r-- | security/nss/lib/nss/nssinit.c | 26 |
4 files changed, 52 insertions, 7 deletions
diff --git a/security/nss/cmd/certutil/certutil.c b/security/nss/cmd/certutil/certutil.c index 0553d8327..79140115d 100644 --- a/security/nss/cmd/certutil/certutil.c +++ b/security/nss/cmd/certutil/certutil.c @@ -2463,7 +2463,7 @@ main(int argc, char **argv) /* Initialize NSPR and NSS. */ PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1); rv = NSS_Initialize(SECU_ConfigDirectory(NULL), certPrefix, certPrefix, - "secmod.db", PR_FALSE, PR_FALSE, PR_FALSE, PR_FALSE); + "secmod.db", 0); if (rv != SECSuccess) { SECU_PrintPRandOSError(progName); return -1; diff --git a/security/nss/cmd/modutil/modutil.c b/security/nss/cmd/modutil/modutil.c index 81d495712..abeebaf66 100644 --- a/security/nss/cmd/modutil/modutil.c +++ b/security/nss/cmd/modutil/modutil.c @@ -506,6 +506,7 @@ init_crypto(PRBool create, PRBool readOnly) #endif Error retval; SECStatus rv; + int flags = 0; if(SECU_ConfigDirectory(dbdir)[0] == '\0') { @@ -617,8 +618,11 @@ init_crypto(PRBool create, PRBool readOnly) } /* Open/create key database */ + flags = 0; + if (readOnly) flags |= NSS_INIT_READONLY; + if (nocertdb) flags |= NSS_INIT_NOCERTDB; rv = NSS_Initialize(SECU_ConfigDirectory(NULL), dbprefix, dbprefix, - "secmod.db", readOnly, nocertdb, PR_FALSE, PR_FALSE); + "secmod.db", flags); if (rv != SECSuccess) { SECU_PrintPRandOSError(progName); retval=NSS_INITIALIZE_FAILED_ERR; diff --git a/security/nss/lib/nss/nss.h b/security/nss/lib/nss/nss.h index 579c4c3a0..1be4ad8f0 100644 --- a/security/nss/lib/nss/nss.h +++ b/security/nss/lib/nss/nss.h @@ -55,6 +55,7 @@ SEC_BEGIN_PROTOS #define NSS_VPATCH 0 #define NSS_BETA PR_FALSE + /* * Return a boolean that indicates whether the underlying library * will perform as the caller expects. @@ -93,12 +94,32 @@ extern SECStatus NSS_InitReadWrite(const char *configdir); * and an alternate name for the secmod database. NOTE: In future releases, * the database prefixes my not necessarily map to database names. * + * configdir - base directory where all the cert, key, and module datbases live. + * certPrefix - prefix added to the beginning of the cert database example: " + * "https-server1-" + * keyPrefix - prefix added to the beginning of the key database example: " + * "https-server1-" + * secmodName - name of the security module database (usually "secmod.db"). + * flags - change the open options of NSS_Initialize as follows: + * NSS_INIT_READONLY - Open the databases read only. + * NSS_INIT_NOCERTDB - Don't open the cert DB and key DB's, just + * initialize the volatile certdb. + * NSS_INIT_NOMODDB - Don't open the security module DB, just + * initialize the PKCS #11 module. + * NSS_INIT_FORCEOPEN - Continue to force initializations even if the + * databases cannot be opened. + * * Also NOTE: This is not the recommended method for initializing NSS. * The prefered method is NSS_init(). */ +#define NSS_INIT_READONLY 0x1 +#define NSS_INIT_NOCERTDB 0x2 +#define NSS_INIT_NOMODDB 0x4 +#define NSS_INIT_FORCEOPEN 0x8 + extern SECStatus NSS_Initialize(const char *configdir, - const char *certPrefix, const char *keyPrefix, const char *secmodName, - PRBool readOnly, PRBool noCertDB, PRBool noModDB, PRBool forceOpen); + const char *certPrefix, const char *keyPrefix, + const char *secmodName, PRUint32 flags); /* * initialize NSS without a creating cert db's, key db's, or secmod db's. diff --git a/security/nss/lib/nss/nssinit.c b/security/nss/lib/nss/nssinit.c index d8b447c0c..fb1ccdf12 100644 --- a/security/nss/lib/nss/nssinit.c +++ b/security/nss/lib/nss/nssinit.c @@ -301,13 +301,33 @@ NSS_InitReadWrite(const char *configdir) PR_FALSE, PR_FALSE, PR_FALSE); } +/* + * OK there are now lots of options here, lets go through them all: + * + * configdir - base directory where all the cert, key, and module datbases live. + * certPrefix - prefix added to the beginning of the cert database example: " + * "https-server1-" + * keyPrefix - prefix added to the beginning of the key database example: " + * "https-server1-" + * secmodName - name of the security module database (usually "secmod.db"). + * flags - change the open options of NSS_Initialize as follows: + * NSS_INIT_READONLY - Open the databases read only. + * NSS_INIT_NOCERTDB - Don't open the cert DB and key DB's, just + * initialize the volatile certdb. + * NSS_INIT_NOMODDB - Don't open the security module DB, just + * initialize the PKCS #11 module. + * NSS_INIT_FORCEOPEN - Continue to force initializations even if the + * databases cannot be opened. + */ SECStatus NSS_Initialize(const char *configdir, const char *certPrefix, - const char *keyPrefix, const char *secmodName, - PRBool readOnly, PRBool noCertDB, PRBool noModDB, PRBool forceOpen) + const char *keyPrefix, const char *secmodName, PRUint32 flags) { return nss_Init(configdir, certPrefix, keyPrefix, secmodName, - readOnly, noCertDB, noModDB, forceOpen); + ((flags & NSS_INIT_READONLY) == NSS_INIT_READONLY), + ((flags & NSS_INIT_NOCERTDB) == NSS_INIT_NOCERTDB), + ((flags & NSS_INIT_NOMODDB) == NSS_INIT_NOMODDB), + ((flags & NSS_INIT_FORCEOPEN) == NSS_INIT_FORCEOPEN)); } /* |