Am 24.01.15 um 18:04 schrieb Vasily Kulikov: > This patch adds support for using certificates stored in the Mac OSX > Keychain to authenticate with the OpenVPN server. This works with > certificates stored on the computer as well as certificates on hardware > tokens that support Apple's tokend interface. > > This patch version implements management client which handles RSA-SIGN > command for RSA offloading. Also it handles new 'NEED-CERTIFICATE' > request to pass a certificate from the keychain to OpenVPN. > > OpenVPN itself gets new 'NEED-CERTIFICATE" command which is called when > --management-external-cert is used. It is implemented as a multiline > command very similar to an existing 'RSA-SIGN' command. > > The patch is against commit 3341a98c2852d1d0c1eafdc70a3bdb218ec29049. > > ACK from me to the OpenVPN part. I also tested the patch in OpenVPN for Android and the RSA-SIGN still works as expected. I have not reviewed the OS X contrib program (other than a quick glance at the code) but I think marking it as contrib it should be allowed to be still included.
Arne
signature.asc
Description: OpenPGP digital signature