On Mon, Nov 27, 2006 at 08:37:23PM +0200, Alon Bar-Lev wrote: > >> Well... The callbacks should be common to sessions... And I think you > >> should add such callback to PKCS#12 as well, when user should be > >> prompted for passphrase. > > > >Do you mean common to *all* sessions; does the library require that to > >be so? This means process-global state! > > Haaham... Sorry about that. > There is nothing I can do... PKCS#11 is global context.
Well, I hope you really mean "current implementations of PKCS#11 use global context" unless this really does derive from the standard itself. It's quite possible to use dynamically loaded modules with a non-process-global context in general. But either way, in this case, I don't think there is much value in neon wrapping such interfaces. neon could probably somehow expose an interface like: ne_ssl_client_cert *ne_ssl_clicert_native(X509 *cert, EVP_PKEY *pkey); which will let the application deal with the global stuff appropriately and then pass in the client cert, although this breaks the abstraction of the SSL toolkit and will require some buildsystem munging. Regards, joe _______________________________________________ neon mailing list [email protected] http://mailman.webdav.org/mailman/listinfo/neon
