Nelson Bolyard wrote:
> Bob Relyea wrote: > >> Late last week, I made a fairly large checkin that consisted of the >> following types of changes: >> >> 1) Clean up from new PKCS #11 initialization code: There were several >> places where new functions were added, or signatures where changed. > > >> 2) To identify those locations, compiler warnings were used. There >> were several places where code was changes to remove 'spurious' >> compilier warnings. There were also places where real bugs where >> identified by compilier warnings and fixed (mostly unitialized >> variables in error paths). To common forms of warnings were as follows: > > > >> 3) Additional steps to separate direct calls into the soft token by >> other parts of NSS, and calls from softoken to higher level functions >> were taken. Several data structures and low level headers which have >> already been identified as 'below the softoken line' were separated >> out. This mostly affected key functions. > > > > A bunch of structure types were renamed, and/or duplicated (with the > duplicate copy being renamed). Please provide a list of the new/renamed > types, and some guidance on how they should be used. These were part of step 3. Basically any of the structures defined in softoken (with the exception of pkcs11.h and pkcs11t.h) and freebl should only be used in in those two directories, or in standalone test programs like blapit and rsaperf. New versions of those structures defined in keythigh.h should be used instead. These structures should not be used in freebl or softoken. keytboth.h and keytlow.h are no longer exported. In general, the public versions of those structures were left alone, and the private versions were renamed, so there shouldn't be any impact on applications written to the public API. The only possible exception is PQGParams, which should be private, but we can switch them back and rename the freebl versions instead. As a preview, the next big step in this process is to pull the low level cert code completely into softoken. Again the upperlevel public structures (CERTCertificate) will remain intact, while the low level version of the structures will get renamed. A work in progress an be viewed on the branch BOB_WORK_BRANCH. I'm checkpointing intermediate steps (1. to allow public viewing of what's going on, and 2. insulate myself from data lose due to hardware failure). By Friday it should be complete enough to build a softoken.so, though not the rest of NSS. Also, many of the low level data structures in softoken acquire an appropriate LAYER_ prefix (a la Stan) which makes it clear the data structure is low level. bob
