mozilla/security/svrcore - from the README:
"Terry Hayes wrote the Netscape svrcore library in 1998.
Valerie Chu wrote the ntgetpin.c and related files.
svrcore used to contain two major parts.
The first part is what we released on mozilla. It is a kind of
object-oriented package for handling PIN requests from NSS. The
idea was to provide a standard way for servers to allow PIN input
from a file or from the terminal. There is also a PIN handler
that caches the PIN in memory after encrypting it with a key on
a device (such as a Fortezza card). This allowed a server to
restart without having to reenter the PIN. However since the PIN
is encrypted, a core dump would not expose it. In addition,
removing the device would also make the PIN inaccessible."
I think the directory server and other servers that handle PINs have
their own PIN storage mechanisms. So it would seem that the ldap sdk is
the only component that uses svrcore, and then only the command line
programs, not the shared libraries. In looking at the RPM packaging,
there are 3 alternatives:
1) Have the nss-devel package include svrcore. The NSS team is against
this idea.
2) Create a svrcore-devel package. I don't relish the idea of having to
maintain this package along with the ldap sdk. But it would be worth it
if there are other components/programs that do or would use it.
3) Just fold svrcore into the ldap sdk. Simple and effective.
I'm leaning towards 3. What do other people think? Anton, what did you
guys do with the Sun version of the ldap sdk? Do you use svrcore? Did
you open source it along with the other OpenSolaris code?
_______________________________________________
mozilla-directory mailing list
mozilla-directory@mozilla.org
http://mail.mozilla.org/listinfo/mozilla-directory
