Hello, It is a good idea. But first, please remove the emacs stuff.
Now, I see that the ENGINE_load_builtin_engines() is already called at crypto_openssl.c::crypto_init_lib_engine, is there any require to duplicate this? There is already "engine" option, available only to polarssl, it can easily and correct way be used also for openssl, instead of having another option. What do you think? Alon. On Sun, Jun 17, 2012 at 2:50 AM, Thomas Habets <tho...@habets.se> wrote: > Patch attached. > > Add support for SSL engine loading the private key. > > Added option 'key-engine' specifying the name of the engine that > will load the private key. > > For example this can be "tpm" to use the OpenSSL TPM engine module > (libengine-tpm-openssl in Debian). > > It defaults to the built-in UI methods because openssl-tpm-engine > doesn't yet support user data being sent to the callback functions. > A patch for that on its way to them. > > Some more details: > http://blog.habets.pp.se/2012/02/TPM-backed-SSL > > Signed-off-by: Thomas Habets <hab...@google.com> > > -- > typedef struct me_s { > char name[] = { "Thomas Habets" }; > char email[] = { "tho...@habets.pp.se" }; > char kernel[] = { "Linux" }; > char *pgpKey[] = { "http://www.habets.pp.se/pubkey.txt"; }; > char pgp[] = { "A8A3 D1DD 4AE0 8467 7FDE 0945 286A E90A AD48 E854" }; > char coolcmd[] = { "echo '. ./_&. ./_'>_;. ./_" }; > } me_t; > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ > Openvpn-devel mailing list > Openvpn-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/openvpn-devel >
