Neil wrote:
Robert Relyea wrote:
On 10/15/2009 02:39 AM, Neil wrote:
Robert Relyea wrote:
If you have no master password set, you have a token that doesn't
have 'need login' set in it. NSS will treat such a token as "always
logged in". No matter how many times you log out, the token and
it's keys are still available.
What exactly are you seeing?
What I'm seeing is that after calling logoutSimple(); login(false);
then isLoggedIn() returns false. But with a master password, then
logoutSimple(); login(false); will prompt for the password and
isLoggedIn() returns true, assuming the password was correctly
entered. And I'm not actually calling login myself; I want to leave
the token logged out if there is a password, so that the next caller
to login prompts.
isLoggedIn appears to be returning exactly what NSS returns. What you
need is the result of PK11_NeedLogin().
Unfortunately I'm not the caller of login or isLoggedIn, so I need
something that will not log out if there's no password to log out, but
not make isLoggedIn return false if there's no password (since once
that happens there seems to be no way to make it true again).
What I've since discovered is that after calling checkPassword("");
isLoggedIn() still returns true if there was no password, which is what
I want.
I also notice that checkPassword(""); logs out if there was a password.
Can this behaviour be relied on, or should I call logoutSimple() too?
--
Warning: May contain traces of nuts.
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
