[gnutls-devel] GnuTLS | multiple remote PKCS#11 modules not working (#961)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Wed Apr 1 07:30:25 CEST 2020




Daiki Ueno commented:


The check is exercised in two occasions:
1. called from `gnutls_pkcs11_add_provider` to manually register the module
2. called from `gnutls_pkcs11_init` to automatically enumerate registered modules

For (1), I think we can simply skip the check, because that is user's intention obviously. For (2), I would suggest adding a flag, say `GNUTLS_PKCS11_FLAG_ALLOW_DUPLICATE`, to explicitly skip the check. Then we could expose it from `p11tool`.

How does this sound?

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/961#note_315211225
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20200401/adf942c4/attachment.html>


More information about the Gnutls-devel mailing list