On 03/ 3/10 03:24 AM, Nikolay Elenkov wrote: <snip>
> case I still see no reason to call C_DestroyObject for token objects. As for No doubt about that. Again, key-by-ref does the right thing. > session objects they should be destroyed automatically when the session is > closed (from 6.4, Logical view of a token): > >> ?Session objects? are more >> temporary: whenever a session is closed by any means, all session objects >> created by that >> session are automatically destroyed. In addition, session objects are only >> visible to the >> application which created them. They are indeed (see C_CloseSession() definition in pkcs11_softtoken.so sources) but given how the PK11_SESSIN cache concept is done relying on this would not help in terms of freeing memory. v.
