[xmlsec] Big patch to xmlsec in recent OpenOffice.org sources

Aleksey Sanin aleksey at aleksey.com
Mon Feb 28 22:12:13 PST 2005


I checked in the lasts two changes to xmlsec-mscrypto:

- (item 2) keys/providers ref-counting and multithreading
I did a slightly more generic change and was able to combine
your patch with the existing code. Now you can either use the
"native" OS calls for duplicatiing keys/providers handles (>NT 4.0)
or ref counted keys/providers handles (NT 4.0). I fixed multi
threading issue with ref counting itself (i.e. I replaced ++/--
with InterlockedIncrement/InterlockedDecrement) but I still
have concerns about using *the same* key/provider handler from
multiple threads. Thus I decided to make default configuration
*not* to support NT 4.0 (as before). You can enable NT 4.0
support by either adding "nt4=yes" option for win32/configure.js
or adding XMLSEC_MSCRYPTO_NT4 define to xmlsec-mscrypto
compilation flags.

- (item 3) xmlSecMSCryptoKeyDataX509VerifyAndExtractKey function
You was right. For your template, this function gets called
for signature and we need to return both public and private key
from it. The fix is checked in.



I believe all OO.org changes to xmlsec-mscrypto are in CVS trunk.
All my tests pass as before (seems that I fixed problems with
your patch while I was re-architecting the ref counting change).
It would be really great if you can try latest trunk to make sure
that your stuff work and that no more changes to xmlsec-mscrypto
is needed. I can create a new xmlsec release later this week if
you need it. Meantime, I'll start looking at xmlsec-nss patch :)

Thanks again for your patch!
Aleksey




More information about the xmlsec mailing list