Re: gnome-keyring p11-unity [was: Re: Multiple libraries using PKCS#11 modules and CKR_ALREADY_INITIALIZED]

[Stef Walter <stefw collabora co uk>]

On 01/23/2011 05:24 PM, Nikos Mavrogiannopoulos wrote:
> On 01/24/2011 12:18 AM, Stef Walter wrote:
>> On 01/23/2011 10:04 AM, Nikos Mavrogiannopoulos wrote:
>>> I couldn't test because I get a segfault with that[0],
>>
>> Whoops. Yes I need to do more testing and bug fixing.
>>
>>> but as an idea, I like it because it works...
>>
>> Great. Out of interest, is this something you'd be willing to make a 
>> future gnutls depend on? It (sadly) doesn't work as an in-tree 
>> statically linked library.
> 
> But as far as I understand the idea is that it is not required
> for libraries using it to even know they are... One should just
> config gnutls and any other libraries to use that pkcs11 module
> only... or I don't get something?

Yes, a simple use would not require any dependency, just loading of that
module and using it like a normal module.

However as I outlined elsewhere in this thread, we can also expose
additional functions from the proxy module and it can also be used as a
library. These functions can do things like:

 * Access the extra config fields. ie: p11_unity_registered_option()
   eg: the 'accelerated' field you mentioned elsewhere.

 * Load and initialize arbitrary modules, which are not in the
   configs (and have'm ref counted). ie: p11_unity_initialize_module()
   and p11_unity_finalize_module()

This sort of functionality is exposed in the p11-unity.h header file:

http://thewalter.net/git/cgit.cgi/p11-unity/tree/module/p11-unity.h

In order to use this additional functionality, one would need to link to
and depend on the library.

So whether it's used as a module or a library depends on the use case.

Cheers,

Stef