curl-library
Re: Fwd: Re: issues with pre-login to pkcs11 slots when using NSS
Date: Wed, 15 Jul 2009 13:31:00 -0400
Kamil Dudka wrote:
> Rob, any objections?
>
> Kamil
>
>
> ---------- Forwarded Message ----------
>
> Subject: Re: issues with pre-login to pkcs11 slots when using NSS
> Date: Wednesday 15 of July 2009
> From: Claes Jakobsson <claes_at_versed.se>
> To: Kamil Dudka <kdudka_at_redhat.com>
>
> On Jul 14, 2009, at 3:20 PM, Kamil Dudka wrote:
>> These warnings were introduced by me. It is fixed in the attached
>> patch.
>
> No warnings now with your latest revision of the patch so I think it's
> good for integration now if that's ok with Daniel and Rob.
>
> /Claes
>
> -------------------------------------------------------
It generally looks ok, I just saw a couple of things:
- line 818 prints an error that nickname wasn't specified but includes
nickname in the argument list.
- you should probably verify earlier that pRetKey is returned by
NSS_GetClientAuthData(). Why display the cert info if there isn't a key?
- I'm not sure why you are getting the certificate nickname you are in
this block:
nickname = (*pRetCert)->nickname;
if (NULL == nickname)
nickname = "[unknown]";
Why not just use the nickname that the user provided (or show both)?
Otherwise it looks ok, sorry it took me so long to review.
rob
- application/x-pkcs7-signature attachment: S/MIME Cryptographic Signature