diff options
| author | james <james@e7ae566f-a301-0410-adde-c780ea21d3b5> | 2008-05-12 20:31:43 +0000 |
|---|---|---|
| committer | james <james@e7ae566f-a301-0410-adde-c780ea21d3b5> | 2008-05-12 20:31:43 +0000 |
| commit | 1bda73a7b0f45a2502ae93e33e30b98152d893f3 (patch) | |
| tree | 7bdf8f59ec2c6443a071a0217f78f8a999596030 /options.c | |
| parent | Misc XGUI fixes. (diff) | |
| download | openvpn-1bda73a7b0f45a2502ae93e33e30b98152d893f3.tar.xz | |
Moved branch into official BETA21 position.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2959 e7ae566f-a301-0410-adde-c780ea21d3b5
Diffstat (limited to '')
| -rw-r--r-- | options.c | 27 |
1 files changed, 16 insertions, 11 deletions
@@ -27,12 +27,6 @@ * (Christof Meerwald, http://cmeerw.org) */ -#ifdef WIN32 -#include "config-win32.h" -#else -#include "config.h" -#endif - #include "syshead.h" #include "buffer.h" @@ -516,10 +510,11 @@ static const char usage_message[] = " 4 : Use Decrypt.\n" " 8 : Use Unwrap.\n" "--pkcs11-cert-private [0|1] ... : Set if login should be performed before\n" - " certificate can be accessed. Set for each provider.\n" - "--pkcs11-pin-cache seconds : Number of seconds to cache PIN. The default is -1\n" - " cache until token is removed.\n" - "--pkcs11-id serialized-id : Identity to use, get using standalone --show-pkcs11-ids\n" + " certificate can be accessed. Set for each provider.\n" + "--pkcs11-pin-cache seconds : Number of seconds to cache PIN. The default is -1\n" + " cache until token is removed.\n" + "--pkcs11-id-management : Acquire identity from management interface.\n" + "--pkcs11-id serialized-id 'id' : Identity to use, get using standalone --show-pkcs11-ids\n" #endif /* ENABLE_PKCS11 */ "\n" "SSL Library information:\n" @@ -1293,6 +1288,7 @@ show_settings (const struct options *o) } SHOW_INT (pkcs11_pin_cache_period); SHOW_STR (pkcs11_id); + SHOW_BOOL (pkcs11_id_management); #endif /* ENABLE_PKCS11 */ #if P2MP @@ -1766,8 +1762,11 @@ options_postprocess (struct options *options, bool first_time) if (options->pkcs11_providers[0]) { notnull (options->ca_file, "CA file (--ca)"); - notnull (options->pkcs11_id, "PKCS#11 id (--pkcs11-id)"); + if (options->pkcs11_id_management && options->pkcs11_id != NULL) + msg(M_USAGE, "Parameter --pkcs11-id cannot be used when --pkcs11-id-management is also specified."); + if (!options->pkcs11_id_management && options->pkcs11_id == NULL) + msg(M_USAGE, "Parameter --pkcs11-id or --pkcs11-id-management should be specified."); if (options->cert_file) msg(M_USAGE, "Parameter --cert cannot be used when --pkcs11-provider is also specified."); if (options->priv_key_file) @@ -1870,6 +1869,7 @@ options_postprocess (struct options *options, bool first_time) MUST_BE_UNDEF (pkcs11_providers[0]); MUST_BE_UNDEF (pkcs11_private_mode[0]); MUST_BE_UNDEF (pkcs11_id); + MUST_BE_UNDEF (pkcs11_id_management); #endif if (pull) @@ -5137,6 +5137,11 @@ add_option (struct options *options, VERIFY_PERMISSION (OPT_P_GENERAL); options->pkcs11_id = p[1]; } + else if (streq (p[0], "pkcs11-id-management")) + { + VERIFY_PERMISSION (OPT_P_GENERAL); + options->pkcs11_id_management = true; + } #endif #ifdef TUNSETPERSIST else if (streq (p[0], "rmtun")) |