Menu
▾
▴
Re: [Opensc-devel] [engine_pkcs11] Various fixes and features
|
From: Anthony F. <ant...@gm...> - 2013-08-31 07:06:52
|
Petr -- On Fri, Aug 30, 2013 at 8:45 AM, Petr Písař <pet...@at...> wrote: > Hello, > > while testing TLS client authentication using a cryprographical token in my > project (libisds over cURL over OpenSSL with Athena USB token under OpenSC), > I found a lot of bugs in the engine_pkcs11 plug-in for OpenSSL. Indeed. :( > Some of the bugs are so serious that they prevent from using the token through > OpenSSL and can lead even to a segmentation fault. So I deciced to fix them > and post the pathes here in hope the engine_pkcs11 maintainer will review them > and merge them. If you're already using this set of patches in production, you might also be interested in my patchset that fixes a severe memory leak with the use of on-token private keys through the engine interface: https://github.com/OpenSC/engine_pkcs11/pull/3 It requires a small change in API -- but without it, I was losing megabytes of memory per hour. Thanks for your code -- I hope it gets integrated soon! Best regards, Tony |
