Re: gnome-keyring p11-unity [was: Re: Multiple libraries using PKCS#11 modules and CKR_ALREADY_INITIALIZED]
- From: Stef Walter <stefw collabora co uk>
- To: gnome-keyring-list gnome org, Nikos Mavrogiannopoulos <nmav gnutls org>, Joe Orton <jorton redhat com>
- Subject: Re: gnome-keyring p11-unity [was: Re: Multiple libraries using PKCS#11 modules and CKR_ALREADY_INITIALIZED]
- Date: Wed, 26 Jan 2011 08:30:45 -0600
On 01/25/2011 03:14 AM, Joe Orton wrote:
> On Sat, Jan 22, 2011 at 05:30:01PM -0600, Stef Walter wrote:
>> Joe, what would it take to make p11-unity (or something like it) a
>> dependency of pakchois?
>
> Could we merge the two? They are similar in scope.
BTW, I've renamed p11-unity to p11-kit as I noted in an earlier email.
At least that's the current working handle.
Interesting idea. Some thoughts:
* The success of p11-kit is predicated by all pkcs11 consumers
in a given process using p11-kit or its proxy module (due to the ref
counting). So we need to make sure not to add stuff to p11-kit that
would turn away any potential users (such as libraries, etc). I
personally don't think that adding much of the pakchois functionality
would have any negative effect in this way, since pakchois is such
a thin wrapper.
* The way that modules are looked up from name -> module is different
in p11-kit and pakchois. p11-kit implements the config system
described by Nikos [1] with a few changes. I'll be posting something
for discussion soon.
* Because of the way that p11-kit refcounts and needs to be able to
initialize modules that it hasn't loaded, the primary way of
referring to a module is via a CK_FUNCTION_LIST_PTR.
Anyway all that to say: with some minor caveats, merging the two seems
like a good match.
Cheers,
Stef
[1]
http://mail.gnome.org/archives/gnome-keyring-list/2011-January/msg00017.html
>
> Regards, Joe
[
Date Prev][Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
