Rob Crittenden provided an NSS update with the following highlights:

o It looks for the NSS database first in the environment variable SSL_DIR, then in /etc/pki/nssdb, then it initializes with no database if neither of those exist. o If the NSS PKCS#11 libnspsem.so driver is available then PEM files may be loaded, including the ca-bundle. If it is not available then only certificates already in the NSS database are used. o Tries to detect whether a file or nickname is being passed in so the right thing is done o Added a bit of code to make the output more like the OpenSSL module, including displaying the certificate information when connecting in verbose mode o Improved handling of certificate errors (expired, untrusted, etc) The libnsspem.so PKCS#11 module is currently only available in Fedora 8/rawhide. Work will be done soon to upstream it. The NSS module will work with or without it, all that changes is the source of the certificates and keys.
author: Daniel Stenberg <daniel@haxx.se> 2007-09-18 22:21:54 +0000
committer: Daniel Stenberg <daniel@haxx.se> 2007-09-18 22:21:54 +0000
commit: 8c3f40ee320c419800b97f7ed385c43948970f61 (patch)
tree: f1e57c3b2d09ed1567af8103aba649b6bb32cf36 /lib/urldata.h
parent: b1aafbd95730bd826e55fad9e368630d835df573 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/lib/urldata.h b/lib/urldata.h
index 381849a38..2d09be07b 100644
--- a/lib/urldata.h
+++ b/lib/urldata.h
@@ -183,6 +183,7 @@ struct ssl_connect_data {
 #endif /* USE_GNUTLS */
 #ifdef USE_NSS
   PRFileDesc *handle;
+  char *client_nickname;
 #endif /* USE_NSS */
 #ifdef USE_QSOSSL
   SSLHandle *handle;
author	Daniel Stenberg <daniel@haxx.se>	2007-09-18 22:21:54 +0000
committer	Daniel Stenberg <daniel@haxx.se>	2007-09-18 22:21:54 +0000
commit	8c3f40ee320c419800b97f7ed385c43948970f61 (patch)
tree	f1e57c3b2d09ed1567af8103aba649b6bb32cf36 /lib/urldata.h
parent	b1aafbd95730bd826e55fad9e368630d835df573 (diff)