On Fri, Oct 03, 2008 at 11:41:25AM +0200, Mark Phalan wrote: > On Mon, 2008-09-29 at 19:20 -0500, Will Fiveash wrote: > ... > > pkinit_open_session(): > > > > /* Init */ > > /* Solaris Kerberos XXX */ > > r = cctx->p11->C_Initialize(NULL); > > > > and > > if ((r = cctx->p11->C_OpenSession(slotlist[i], CKF_SERIAL_SESSION, > > NULL, NULL, &cctx->session)) != > > CKR_OK) > > > > - Be aware that pkcs11 session handles are not fork safe. Do you know > > whether the cctx will be used across a fork? See: > > 5102151 krb contexts are not fork safe > > for the krb bug relating to this issue. > > The pkinit plugin doesn't fork(). The cctx->session is only used in the > context of the pkinit plugin which does a C_Initialize() before using > any sessions and finishes with a C_Finalize(). The code looks fine to me > in this regard.
Okay. -- Will Fiveash Sun Microsystems Inc. http://opensolaris.org/os/project/kerberos/
