diff options
| author | james <james@e7ae566f-a301-0410-adde-c780ea21d3b5> | 2006-04-05 07:17:02 +0000 |
|---|---|---|
| committer | james <james@e7ae566f-a301-0410-adde-c780ea21d3b5> | 2006-04-05 07:17:02 +0000 |
| commit | 18597b93f7b43f63173f373fbd8548f2d08e25bb (patch) | |
| tree | 31287d7784477dff653e5b92daee22872f58cab2 /pkcs11.h | |
| parent | be9150b693345134142d1d58fac9b251d7e7ba5d (diff) | |
| download | openvpn-18597b93f7b43f63173f373fbd8548f2d08e25bb.tar.gz openvpn-18597b93f7b43f63173f373fbd8548f2d08e25bb.tar.xz openvpn-18597b93f7b43f63173f373fbd8548f2d08e25bb.zip | |
I've recently worked on a better version of pkcs11-helper. I've also merged
it into QCA (Qt Cryptographic Architecture), so that KDE 4 will finally be
able to use smartcards.
The changes allows the following features:
1. Thread safe, is activated if USE_PTHREAD.
2. Slot event - Will allow us in the future to disconnect VPN when smartcard
is removed. In order to support this OpenVPN must support threading... At
least SIGUSR1 from a different thread. Threading should be supported in both
Windows and Linux. -- currently disabled.
When I talk about threading support it is just support in configuration script
and that the method that SIGUSR1 self can be called from a different thread.
I already handle the monitor threads.
3. Certificate enumeration - Will allow us to finally have one configuration
file for all users! When you add the plugin GUI stuff you talked about, we will
be able to display a list of available certificates for the user to select.
-- currently disabled.
4. Data object manipulation - Will allow us to store tls-auth on the smartcard
as well. -- currently disabled.
5. Many other minor improvements.
Alon Bar-Lev
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@990 e7ae566f-a301-0410-adde-c780ea21d3b5
Diffstat (limited to 'pkcs11.h')
| -rw-r--r-- | pkcs11.h | 11 |
1 files changed, 6 insertions, 5 deletions
@@ -31,6 +31,7 @@ bool pkcs11_initialize ( + const bool fProtectedAuthentication, const int nPINCachePeriod ); @@ -43,7 +44,9 @@ pkcs11_forkFixup (); bool pkcs11_addProvider ( const char * const provider, - const char * const sign_mode + const bool fProtectedAuthentication, + const char * const sign_mode, + const bool fCertIsPrivate ); int @@ -52,9 +55,7 @@ SSL_CTX_use_pkcs11 ( const char * const pkcs11_slot_type, const char * const pkcs11_slot, const char * const pkcs11_id_type, - const char * const pkcs11_id, - const bool pkcs11_protected_authentication, - const bool pkcs11_cert_private + const char * const pkcs11_id ); void @@ -71,4 +72,4 @@ show_pkcs11_objects ( #endif /* ENABLE_PKCS11 */ -#endif /* OPENVPN_PKCS11_H */ +#endif /* OPENVPN_PKCS11H_H */ |