Stef Walter stefw at collabora.co.uk
Thu Jun 9 01:33:53 PDT 2011

Nikos, I hope it's okay if I CC this to the p11-glue mailing list.

On 06/07/2011 08:38 PM, Nikos Mavrogiannopoulos wrote:
> Hey Stef,
>   I noticed that if I comment out the
> module: /usr/lib/...
> from a module file, I get a warning like
> p11-kit: no module path specified in config: /etc/pkcs11/modules/opensc
> I think it should be allowed to have such a file the only way to remove
> this warning is to delete the file or move it somewhere else...

That's true. Fixed.

Another thing I noticed is that module files in the user configuration 
do not override or merge with modules with the same name in the system 

I've refactored the conf loading code to fix this. So the user can 
change settings for a module defined in the system.

Of course this is all controlled by the user-config setting [1] [2], 
which can be used to prevent/allow user configuration.

> Anyway but the serious thing is that p11-kit uses the fprintf(stderr,)
> to report warnings and errors. In a library this is not always optimal
> because noone might see those errors. In mod_gnutls for example
> noone will see those errors (and in other servers the msg might even
> end-up in the socket since many of the just close stderr and it is
> re-used for connections).

True. I want to make it possible to see errors and warnings easily. But 
you're right, that when used in a daemon this is problematic. I've added 
two new functions which help with this:


Docs: http://p11-glue.freedesktop.org/doc/p11-kit/p11-kit-Future.html

What do you think?



[1] http://p11-glue.freedesktop.org/doc/p11-kit/config-global.html

[2] http://p11-glue.freedesktop.org/doc/p11-kit/config-module.html

More information about the p11-glue mailing list