Robert Relyea wrote:
On 10/15/2009 02:39 AM, Neil wrote:
Robert Relyea wrote:
If you have no master password set, you have a token that doesn't have 'need login' set
in it. NSS will treat such a token as "always logged in". No matter how many
times you log out, the token and it's keys are still available.
What exactly are you seeing?
What I'm seeing is that after calling logoutSimple(); login(false); then
isLoggedIn() returns false. But with a master password, then logoutSimple();
login(false); will prompt for the password and isLoggedIn() returns true,
assuming the password was correctly entered. And I'm not actually calling login
myself; I want to leave the token logged out if there is a password, so that
the next caller to login prompts.
isLoggedIn appears to be returning exactly what NSS returns. What you need is
the result of PK11_NeedLogin().
Unfortunately I'm not the caller of login or isLoggedIn, so I need
something that will not log out if there's no password to log out, but
not make isLoggedIn return false if there's no password (since once that
happens there seems to be no way to make it true again).
--
Warning: May contain traces of nuts.
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
