Hi, > It has a long (6 years and counting) history and may never get merged... > > https://github.com/OpenSC/pkcs11-helper/pull/4 > > We could look into incorporating it into our own pkcs11 glue code > (pkcs11.c etc.). Not sure whether it really needs access to any > innards of pkcs11-helper.
Sounds reasonable. I don't know much about pkcs11 so let's wait for volunteers. > At the same time, pkcs11-helper is a separate library so anything > required to build it doesn't belong to openvpn repo, does it? Ideally > native (msvc) build on Windows it should work like on Linux/Unix > platforms -- have all dependencies satisfied independently and then > just "configure" and build. I agree. In 2.6 we're going to have vcpkg manifest with the list of dependencies: https://github.com/schwabe/openvpn/blob/dco/vcpkg.json "dependencies": [ "cmocka", "lz4", "openssl", "lzo", "tap-windows6", "ovpn-dco-win" ] All those dependendencies (except ovpn-dco-win) have ports in vcpkg upstream, so we just list those and let vcpkg do the rest. Since pkcs11-helper (and ovpn-dco-win) have no support in vcpkg upstream, we have to maintain ports ourselves. We could: 1) move ports to openvpn-build. I don't think this is a good solution, because that would require Windows developers to clone another repo, which is needed for building installers. This looks like a wrong thing for me to do. 2) move ports and the rest of Windows-specific stuff, such as openvpnmsica, into openvpn-windows repo. This is something to consider, assuming that this repo also would take care about MSI (and NSIS?) stuff and have openvpn as a submodule. 3) do nothing and have those ports as part of openvpn repo. vcpkg supports "ports-overlay" , so I see nothing wrong or "hacky" with this approach. I see you point about having dependencies build scripts as part of openvpn repo. However in this case script is fairly trivial and mostly consists of boilerplate code: https://github.com/lstipakov/openvpn/blob/dco180521/contrib/vcpkg-ports/pkcs11-helper/portfile.cmake To my understanding this part of openvpn is fairly static, so I don't expect much maintenance burden for it, if any. In any case I volunteer to take care of it. 4) submit pkcs11-helper and ovpn-dco-win ports to vcpkg upstream and then remove those from openvpn. We could do that after doing release with vcpkg as dependencies manager, so we'll have a good use case. I can volunteer for that. -- -Lev _______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
