[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Proposal: Close sessions with regards to multiple callers
This proposal adds clarifications to C_CloseSession and C_CloseAllSessions noting their raciness with regard to login state, if multiple callers of a PKCS#11 token are present within a process. In addition it adds warnings about when it is appropriate to use C_CloseAllSessions. Cheers, Stef 11.6 Session management functions *** Remove last clause of paragraph 5. Call C_CloseSession once for each session that the application | has with the token. o C_CloseSession *** Add paragraph | Applications should be aware that another caller of the token within | the same process (such as within a shared library) may have a | session open with the token, or may open one during or after the | call to C_CloseSession. *** Add paragraph | Unless the application can guarantee that it is aware of all | sessions, it cannot make assumptions about the login state of the | token after a C_CloseSession call. o C_CloseAllSessions *** Add paragraph | Applications should be aware that another caller of the token within | the same process (such as within a shared library) may have a | session open with the token, or may open one during or after the | call to C_CloseAllSessions. *** Add paragraph | Unless the application can guarantee that it is aware of all | sessions, it cannot make assumptions about the login state | of the token after a C_CloseAllSessions call. *** Add paragraph | Because other callers within the same process may be using other | sessions unbeknownst to the caller, this function should only be | called in response to a user action or other significant event.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]