Hi, Daniel Stenberg schrieb: > Sorry, but can you explain for an NSS rookie what that option does and > how someone (like you) might end up wanting something else? And what is > the "else" you want? I mean, what's the possible values we would > consider supporting for it? well, I could think of specifying a private certdb, and then adding CAs to that...
> Related to this. Where on earth is this NSS_Initialize function > documented? I've tried searching for a man page/docs page somewhere but > I've failed...! Is > http://mxr.mozilla.org/mozilla/source/security/nss/lib/nss/nssinit.c#607 > the best there is? not the API docu (I'm 100% sure I found that too after looong search) but at least helpful on that topic (helped me with the sql: prefix): https://wiki.mozilla.org/NSS_Shared_DB_And_LINUX >> Preferably this would be set as an environment variable rather than an >> option on the handle that actually does the initialization. Perhaps >> CURL_NSS_INITFLAGS? > > Why do you prefer an environment variable? Won't that rather make apps > more vulnerable to side-effects if users set this variable or similar? well, since he wants to prefix it with CURL_ I dont believe that it has much side effects; at least not to other non-libcurl apps. BTW. I was also thinking to rename the NSS relalted SSL_DIR env var to something more meaningful, f.e. CURL_NSS_CERTDIR or such, however would first like to hear something from the Redhat and Sun folks about that ... Gün. ------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
