Robert Relyea wrote:
If you have no master password set, you have a token that doesn't have 'need login' set
in it. NSS will treat such a token as "always logged in". No matter how many
times you log out, the token and it's keys are still available.
What exactly are you seeing?
What I'm seeing is that after calling logoutSimple(); login(false); then
isLoggedIn() returns false. But with a master password, then
logoutSimple(); login(false); will prompt for the password and
isLoggedIn() returns true, assuming the password was correctly entered.
And I'm not actually calling login myself; I want to leave the token
logged out if there is a password, so that the next caller to login prompts.
--
Warning: May contain traces of nuts.
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
