curl-library
Re: NSS Initialization flags
Date: Sun, 27 Sep 2009 00:43:03 +0200
Hi,
Daniel Stenberg schrieb:
> Sorry, but can you explain for an NSS rookie what that option does and
> how someone (like you) might end up wanting something else? And what is
> the "else" you want? I mean, what's the possible values we would
> consider supporting for it?
well, I could think of specifying a private certdb, and then adding CAs
to that...
> Related to this. Where on earth is this NSS_Initialize function
> documented? I've tried searching for a man page/docs page somewhere but
> I've failed...! Is
> http://mxr.mozilla.org/mozilla/source/security/nss/lib/nss/nssinit.c#607
> the best there is?
not the API docu (I'm 100% sure I found that too after looong search)
but at least helpful on that topic (helped me with the sql: prefix):
https://wiki.mozilla.org/NSS_Shared_DB_And_LINUX
>> Preferably this would be set as an environment variable rather than an
>> option on the handle that actually does the initialization. Perhaps
>> CURL_NSS_INITFLAGS?
>
> Why do you prefer an environment variable? Won't that rather make apps
> more vulnerable to side-effects if users set this variable or similar?
well, since he wants to prefix it with CURL_ I dont believe that it has
much side effects; at least not to other non-libcurl apps.
BTW. I was also thinking to rename the NSS relalted SSL_DIR env var to
something more meaningful, f.e. CURL_NSS_CERTDIR or such, however would
first like to hear something from the Redhat and Sun folks about that ...
Gün.
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2009-09-27