Make the public interface use a flags variable instead of a billion little

Bools.

suggested and reviewed by wtc in bug 66230

4 files changed, 52 insertions, 7 deletions

diff --git a/security/nss/cmd/certutil/certutil.c b/security/nss/cmd/certutil/certutil.c
index 0553d8327..79140115d 100644
--- a/security/nss/cmd/certutil/certutil.c
+++ b/security/nss/cmd/certutil/certutil.c
@@ -2463,7 +2463,7 @@ main(int argc, char **argv)
     /*  Initialize NSPR and NSS.  */
     PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
     rv = NSS_Initialize(SECU_ConfigDirectory(NULL), certPrefix, certPrefix,
-                        "secmod.db", PR_FALSE, PR_FALSE, PR_FALSE, PR_FALSE);
+                        "secmod.db", 0);
     if (rv != SECSuccess) {
 	SECU_PrintPRandOSError(progName);
 	return -1;
diff --git a/security/nss/cmd/modutil/modutil.c b/security/nss/cmd/modutil/modutil.c
index 81d495712..abeebaf66 100644
--- a/security/nss/cmd/modutil/modutil.c
+++ b/security/nss/cmd/modutil/modutil.c
@@ -506,6 +506,7 @@ init_crypto(PRBool create, PRBool readOnly)
 #endif
 	Error retval;
 	SECStatus rv;
+	int flags = 0;
 
 
 	if(SECU_ConfigDirectory(dbdir)[0] == '\0') {
@@ -617,8 +618,11 @@ init_crypto(PRBool create, PRBool readOnly)
 	}
 
 	/* Open/create key database */
+	flags = 0;
+	if (readOnly) flags |= NSS_INIT_READONLY;
+	if (nocertdb) flags |= NSS_INIT_NOCERTDB;
 	rv = NSS_Initialize(SECU_ConfigDirectory(NULL), dbprefix, dbprefix,
-	               "secmod.db", readOnly, nocertdb, PR_FALSE, PR_FALSE);
+	               "secmod.db", flags);
 	if (rv != SECSuccess) {
 	    SECU_PrintPRandOSError(progName);
 	    retval=NSS_INITIALIZE_FAILED_ERR;
diff --git a/security/nss/lib/nss/nss.h b/security/nss/lib/nss/nss.h
index 579c4c3a0..1be4ad8f0 100644
--- a/security/nss/lib/nss/nss.h
+++ b/security/nss/lib/nss/nss.h
@@ -55,6 +55,7 @@ SEC_BEGIN_PROTOS
 #define NSS_VPATCH   0
 #define NSS_BETA     PR_FALSE
 
+
 /*
  * Return a boolean that indicates whether the underlying library
  * will perform as the caller expects.
@@ -93,12 +94,32 @@ extern SECStatus NSS_InitReadWrite(const char *configdir);
  * and an alternate name for the secmod database. NOTE: In future releases,
  * the database prefixes my not necessarily map to database names.
  *
+ * configdir - base directory where all the cert, key, and module datbases live.
+ * certPrefix - prefix added to the beginning of the cert database example: "
+ * 			"https-server1-"
+ * keyPrefix - prefix added to the beginning of the key database example: "
+ * 			"https-server1-"
+ * secmodName - name of the security module database (usually "secmod.db").
+ * flags - change the open options of NSS_Initialize as follows:
+ * 	NSS_INIT_READONLY - Open the databases read only.
+ * 	NSS_INIT_NOCERTDB - Don't open the cert DB and key DB's, just 
+ * 			initialize the volatile certdb.
+ * 	NSS_INIT_NOMODDB  - Don't open the security module DB, just 
+ *			initialize the 	PKCS #11 module.
+ *      NSS_INIT_FORCEOPEN - Continue to force initializations even if the 
+ * 			databases cannot be opened.
+ *
  * Also NOTE: This is not the recommended method for initializing NSS. 
  * The prefered method is NSS_init().
  */
+#define NSS_INIT_READONLY	0x1
+#define NSS_INIT_NOCERTDB	0x2
+#define NSS_INIT_NOMODDB	0x4
+#define NSS_INIT_FORCEOPEN	0x8
+
 extern SECStatus NSS_Initialize(const char *configdir, 
-	const char *certPrefix, const char *keyPrefix, const char *secmodName,
-	PRBool readOnly, PRBool noCertDB, PRBool noModDB, PRBool forceOpen);
+	const char *certPrefix, const char *keyPrefix, 
+	const char *secmodName, PRUint32 flags);
 
 /*
  * initialize NSS without a creating cert db's, key db's, or secmod db's.
diff --git a/security/nss/lib/nss/nssinit.c b/security/nss/lib/nss/nssinit.c
index d8b447c0c..fb1ccdf12 100644
--- a/security/nss/lib/nss/nssinit.c
+++ b/security/nss/lib/nss/nssinit.c
@@ -301,13 +301,33 @@ NSS_InitReadWrite(const char *configdir)
 		PR_FALSE, PR_FALSE, PR_FALSE);
 }
 
+/*
+ * OK there are now lots of options here, lets go through them all:
+ *
+ * configdir - base directory where all the cert, key, and module datbases live.
+ * certPrefix - prefix added to the beginning of the cert database example: "
+ * 			"https-server1-"
+ * keyPrefix - prefix added to the beginning of the key database example: "
+ * 			"https-server1-"
+ * secmodName - name of the security module database (usually "secmod.db").
+ * flags - change the open options of NSS_Initialize as follows:
+ * 	NSS_INIT_READONLY - Open the databases read only.
+ * 	NSS_INIT_NOCERTDB - Don't open the cert DB and key DB's, just 
+ * 			initialize the volatile certdb.
+ * 	NSS_INIT_NOMODDB  - Don't open the security module DB, just 
+ *			initialize the 	PKCS #11 module.
+ *      NSS_INIT_FORCEOPEN - Continue to force initializations even if the 
+ * 			databases cannot be opened.
+ */
 SECStatus
 NSS_Initialize(const char *configdir, const char *certPrefix, 
-	const char *keyPrefix, const char *secmodName, 
-	PRBool readOnly, PRBool noCertDB, PRBool noModDB, PRBool forceOpen)
+	const char *keyPrefix, const char *secmodName, PRUint32 flags)
 {
     return nss_Init(configdir, certPrefix, keyPrefix, secmodName, 
-		readOnly, noCertDB, noModDB, forceOpen);
+	((flags & NSS_INIT_READONLY) == NSS_INIT_READONLY),
+	((flags & NSS_INIT_NOCERTDB) == NSS_INIT_NOCERTDB),
+	((flags & NSS_INIT_NOMODDB) == NSS_INIT_NOMODDB),
+	((flags & NSS_INIT_FORCEOPEN) == NSS_INIT_FORCEOPEN));
 }
 
 /*