On Mon, 2015-01-12 at 11:51 +0300, Vasily Kulikov wrote: > This patch adds support for using certificates stored in the Mac OSX > Keychain to authenticate with the OpenVPN server. This works with > certificates stored on the computer as well as certificates on hardware > tokens that support Apple's tokend interface. The patch is based on > the Windows Crypto API certificate functionality that currently exists > in OpenVPN. > > This patch version implements management client which handles rsa_sign > command for RSA offloading.
FWIW we really ought to be supporting key types other than RSA by now. But I appreciate that's not a new limitation and not your fault. It would be interesting to get feedback from those working on NetworkManager-openvpn, which may well want to use this API to allow key operations to happen in the user's session while OpenVPN is running as root. -- David Woodhouse Open Source Technology Centre [email protected] Intel Corporation
smime.p7s
Description: S/MIME cryptographic signature
