Hi, Hans Petter Jansson schrieb: >>> This database only fails to migrate if the target database was not >>> already created by another, successful merge, though. > >> I think you're saying that the failures only occur if the "target" (cert9) >> DB doesn't already exist when your program is run, but does succeed if >> the target is already a legit cert9 DB. Is that what you're saying? >> That would not surprise me. I think that the function you're using, >> NSS_InitWithMerge, does assume that the target DB already exists. > > Almost. I'm saying that if the database fails to migrate the first time, > and leaves an empty database, then subsequent merges to that database > also fail. However, if the first merge is successful (creating the > database and populating it), then subsequent merges always work. > > I have a small sample size, though, since I don't have (nor want, > really) direct access to other users' databases. > > It looks like Wolfgang found the problem, or at least a problem, in the > "Firefox' password manager" thread, so I'm going to test using a normal > NSS_Init() to create the database if it doesn't already exist, and see > if that works. > > Thanks, Wolfgang :)
I _think_ the problem when creating a new database (if one doesn't already exist) using NSS_Init() could be that the internal token (SDR) is created and people will never be able to read their passwords again even after a merge? I think what should be done is to mimic exactly what "certutil -L -X -d sql:." is doing for the initial creation of the database? Wolfgang _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
