I've recently worked on a better version of pkcs11-helper. I've also merged

it into QCA (Qt Cryptographic Architecture), so that KDE 4 will finally be
able to use smartcards.

The changes allows the following features:

1. Thread safe, is activated if USE_PTHREAD.

2. Slot event - Will allow us in the future to disconnect VPN when smartcard
is removed. In order to support this OpenVPN must support threading... At
least SIGUSR1 from a different thread. Threading should be supported in both
Windows and Linux. -- currently disabled.

When I talk about threading support it is just support in configuration script
and that the method that SIGUSR1 self can be called from a different thread.
I already handle the monitor threads.

3. Certificate enumeration - Will allow us to finally have one configuration
file for all users! When you add the plugin GUI stuff you talked about, we will
be able to display a list of available certificates for the user to select.
-- currently disabled.

4. Data object manipulation - Will allow us to store tls-auth on the smartcard
as well. -- currently disabled.

5. Many other minor improvements.

Alon Bar-Lev


git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@990 e7ae566f-a301-0410-adde-c780ea21d3b5

1 files changed, 3 insertions, 3 deletions

diff --git a/options.h b/options.h
index 4bf1139..4349f7d 100644
--- a/options.h
+++ b/options.h
@@ -409,13 +409,13 @@ struct options
 #ifdef ENABLE_PKCS11
   const char *pkcs11_providers[MAX_PARMS];
   const char *pkcs11_sign_mode[MAX_PARMS];
+  bool pkcs11_protected_authentication[MAX_PARMS];
+  bool pkcs11_cert_private[MAX_PARMS];
+  int pkcs11_pin_cache_period;
   const char *pkcs11_slot_type;
   const char *pkcs11_slot;
   const char *pkcs11_id_type;
   const char *pkcs11_id;
-  int pkcs11_pin_cache_period;
-  bool pkcs11_protected_authentication;
-  bool pkcs11_cert_private;
 #endif
 
 #ifdef WIN32