Allow 'importing' certificates that already exist in the database.

Use the import to change the trust flags on the given certificate.

security/nss/lib/softoken/pkcs11.c

@@ -667,9 +667,13 @@ pk11_handleCertObject(PK11Session *session,PK11Object *object)
 							!= SECSuccess) {
 	    return CKR_ATTRIBUTE_VALUE_INVALID;
 	}
+	if (!cert->isperm) {
 	    if (CERT_AddTempCertToPerm(cert, label, &trust) != SECSuccess) {
 		return CKR_HOST_MEMORY;
 	    }
+        } else {
+	    CERT_ChangeCertTrust(cert->dbhandle,cert,&trust);
+	}
 	if(certUsage) {
 	    if(CERT_ChangeCertTrustByUsage(CERT_GetDefaultCertDB(),
 				cert, *certUsage) != SECSuccess) {