• David Woodhouse's avatar
    Cope with lack of gnutls_certificate_set_key() in GnuTLS 2.12 · 25d9be59
    David Woodhouse authored
    We *can* use arbitrary privkeys, by using the cert_callback to provide
    them on demand.
    
    And even without gnutls_privkey_import_ext() to give us a constructed
    privkey that represents the TPM key, we can cope by registering a
    sign_callback on the TLS session.
    
    This means that we can support the TPM, and also fix the lack of extra
    supporting certs and expiry check when using PKCS#11 certs with GnuTLS 2.12.
    
    It also means my code is an even bigger mess of #ifdefs than it was before.
    Signed-off-by: default avatarDavid Woodhouse <David.Woodhouse@intel.com>
    25d9be59
Name
Last commit
Last update
.tx Loading commit data...
po Loading commit data...
www Loading commit data...
.gitignore Loading commit data...
AUTHORS Loading commit data...
Android.mk Loading commit data...
COPYING.LGPL Loading commit data...
Makefile.am Loading commit data...
README.DTLS Loading commit data...
README.SecurID Loading commit data...
TODO Loading commit data...
acinclude.m4 Loading commit data...
auth.c Loading commit data...
autogen.sh Loading commit data...
compat.c Loading commit data...
configure.ac Loading commit data...
cstp.c Loading commit data...
dtls.c Loading commit data...
gnutls.c Loading commit data...
gnutls_pkcs12.c Loading commit data...
http.c Loading commit data...
libopenconnect.map.in Loading commit data...
library.c Loading commit data...
main.c Loading commit data...
mainloop.c Loading commit data...
openconnect-internal.h Loading commit data...
openconnect.8.in Loading commit data...
openconnect.h Loading commit data...
openconnect.pc.in Loading commit data...
openssl.c Loading commit data...
ssl.c Loading commit data...
ssl_ui.c Loading commit data...
tun.c Loading commit data...
version.sh Loading commit data...
xml.c Loading commit data...