[xmlsec] another nss patch
Aleksey Sanin
aleksey at aleksey.com
Wed Jul 23 17:55:49 PDT 2003
Hi, Tej!
I have applied and commited your new patch with one small change: I am not
sure that xmlsec-nss on Windows would work if you use XMLSEC_CRYPTO_EXPORT
macro when declaring __CERT_NewTempCertificate() function in src/nss/app.c
I think that better way would be to just use "extern" keyword:
extern CERTCertificate * __CERT_NewTempCertificate(...);
I made this replacement and everything seems to be working fine :)
Now I can run xmlsec-nss test scripts (thanks for you change to remove
certutil
dependency!) I can look at the test failures you mentioned. Seems like
we are
getting very close and I would like to write down what else needs to be
done:
0) License issues (tracking). As we discussed, you'll prepare and
submit the
full patch from branch to trunk when we will be ready.
1) Windows build. Seems it is completely broken now. May be we can work
with Igor on fixing this.
2) Documentation.
2a) I believe that you have commented all the API functions.
But docs generation scripts reported one error:
WARNING: Parameter description missing in source code comment
block -
Func: xmlSecNssNodeGetBigNumValue Param: arena.
and two undocumented functions:
xmlSecNssPKIAdoptKey
xmlSecNssTransformKWAes256GetKlass
2b) Next, it would be great if you can update interop matrix for
xmlsec-nss
(docs/xmldsig.html and docs/xmlenc.html) with new algorithms you've
added.
2c) Also I would appreciate if you prepare a small write up
about xmlsec-nss:
how default keys manager works, how xmlsec-nss deals with keys, etc.
May be some xmlsec-nss specific examples of working with key db.
This would be very helpfull for anyone who wants to use xmlsec-nss.
2d) I think you have a list of things that still needs to be
done (some NSS
dependencies, etc.). It would be great to put it somewhere
(README file
in src/nss ?) so anyone would know what works and what does not
and why.
3) Tests. I'll look at the failing tests and we'll see what can we
do about that.
Seems that some tests need to be updated.
4) Andrew's patches. Not sure but we can probably finish this after
we put
new xmlsec-nss to the trunk. Andrew, do you expect to have any API
changes
for the current xmlsec-nss implemetation?
Tej, I would apreciate if you add anything I missed or correct something.
Thanks again for doing all this!
Aleksey
More information about the xmlsec
mailing list