NetworkManager & PKCS#11 remoting
David Woodhouse
dwmw2 at infradead.org
Tue Jun 21 16:00:02 UTC 2016
On Tue, 2016-06-21 at 15:01 +0200, Nikos Mavrogiannopoulos wrote:
>
> This may not be workable. p11-kit does only the parsing of the URL but
> does not pass info to the underlying module or so. Thus even if it
> could see v-remote-fd=5, I don't think it could do anything useful with
> it (except of course setting an environment variable).
Or calling a p11_kit_remote_module_from_fd() function.
> For module-path, the story is the same, but in that case applications
> and libs that use it (such as gnutls) most likely will support it
> directly once p11-kit can parse it.
It could be largely parallel, surely? If we can teach GnuTLS to see the
module-path attribute and call p11_kit_module_load() and use the
resulting module, then we can also teach it to do the same for a
remote-fd. The only real difference is that it's calling a different
p11-kit function.
--
dwmw2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5760 bytes
Desc: not available
URL: <https://lists.freedesktop.org/archives/p11-glue/attachments/20160621/290edc9e/attachment.bin>
More information about the p11-glue
mailing list