On Fri, 25 Sep 2009, Claes Jakobsson wrote:
when we initialize NSS today it's done using NSS_Initialize(certpath, "", "", "", NSS_INIT_READONLY);. However I've come to a situation where I might have to open it using other flags than NSS_INIT_READONLY and thus would like this to be configurable at runtime.
Sorry, but can you explain for an NSS rookie what that option does and how someone (like you) might end up wanting something else? And what is the "else" you want? I mean, what's the possible values we would consider supporting for it?
Related to this. Where on earth is this NSS_Initialize function documented? I've tried searching for a man page/docs page somewhere but I've failed...! Is http://mxr.mozilla.org/mozilla/source/security/nss/lib/nss/nssinit.c#607 the best there is?
Preferably this would be set as an environment variable rather than an option on the handle that actually does the initialization. Perhaps CURL_NSS_INITFLAGS?
Why do you prefer an environment variable? Won't that rather make apps more vulnerable to side-effects if users set this variable or similar?
I'm not rejecting the idea or suggestion, I'm only trying to get a better understanding for the situation you're in.
-- / daniel.haxx.se ------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
