|
Title: New patch OpenSC support for OpenVPN 2.0.2
Hi there,
I took Fritz Elfert's patch that enables the use of openvpn and opensc smartcards and modified it a little bit:
- Original post of Fritz: http://openvpn.net/archive/openvpn-devel/2005-02/msg00000.html
- Take out all the code for PIN dialog window under MSWindows and X-Xindows from the original patch.
- Keeped the --opensc-cert option to specify the certificate ID to use among those stored in the smartcard.
- Added an option --opensc-authfile to specify a file to read the smartcard PIN from it or "stdin" to let the user input it from the console.
- Added an option --opensc-pin to specify the PIN via command-line or configuration file.
- --opensc_authfile and opensc_pin are mutually exclusive
- If only --opensc-cert is given (no PIN options) it wil ask for a PIN from the console.
It's tested under Linux Debian with OpenSC and etoken from alladin. But it should work under Windows as well. I haven't tested as I don't run a development environment in Windows.
Can this be merged in the next version? I've been reading the posts proposing to implement this other ways, but consider that this code already works. I would include it know and then implement a better aproach to support smartcards in case it's needed, something that I'm not yet convinced of.
Attached is the diff file for 2.0.2 version of OpenVPN.
<<openvpn-support-opensc.diff>>
Iván Casado Ruiz
SADIEL, S.A.
C/ Isaac Newton s/n, Isla de la Cartuja 41092 SEVILLA Tel. 95 5043600
Av. Alberto Alcocer, 46-B 28016 MADRID Tel. 91 4583492
Av. Constitución, 4 06800 MERIDA Tel. 92 4373620
C/ Ronda Sant Pere, 17 08010 BARCELONA Tel. 93 3425759
http://www.sadiel.es
Attachment:
openvpn-support-opensc.diff
Description: openvpn-support-opensc.diff
|