diff options
| author | David Woodhouse <dwmw2@infradead.org> | 2014-12-11 13:03:35 +0000 |
|---|---|---|
| committer | Gert Doering <gert@greenie.muc.de> | 2014-12-27 15:09:36 +0100 |
| commit | 3c6d32205db88348c07c720b710b41548497819c (patch) | |
| tree | a77ee4e060e6dccbfb046b6bceb17cfb3e4ee156 /src/openvpn/options.c | |
| parent | e2e9a69c1ecc7142cc17d665076795215b6a8e9a (diff) | |
| download | openvpn-3c6d32205db88348c07c720b710b41548497819c.tar.gz openvpn-3c6d32205db88348c07c720b710b41548497819c.tar.xz openvpn-3c6d32205db88348c07c720b710b41548497819c.zip | |
pkcs11: Load p11-kit-proxy.so module by default
If the user specifies --pkcs11-id or --pkcs-id-management but neglects
to explicitly provide a --pkcs11-provider argument, and if the system
has p11-kit installed, then load the p11-kit proxy module so that the
system-configured tokens are available.
Trac: 490
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Acked-by: Steffan Karger <steffan.karger@fox-it.com>
Message-Id: <1418303015.31745.78.camel@infradead.org>
URL: http://article.gmane.org/gmane.network.openvpn.devel/9342
Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit 6f1d3cf062d5c33cbad4d521d157d43d53ffc7d1)
Diffstat (limited to 'src/openvpn/options.c')
| -rw-r--r-- | src/openvpn/options.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/src/openvpn/options.c b/src/openvpn/options.c index f0091c2..b33eb4a 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -2447,6 +2447,15 @@ options_postprocess_mutate_invariant (struct options *options) #endif } #endif + +#ifdef DEFAULT_PKCS11_MODULE + /* If p11-kit is present on the system then load its p11-kit-proxy.so + by default if the user asks for PKCS#11 without otherwise specifying + the module to use. */ + if (!options->pkcs11_providers[0] && + (options->pkcs11_id || options->pkcs11_id_management)) + options->pkcs11_providers[0] = DEFAULT_PKCS11_MODULE; +#endif } static void |