I need some more time on this, I should be finished by tomorrow. I do how ever have one very big high level comment.
DJM-0 We should port the wpa crypto code to use PKCS#11 instead. I'm not suggesting that this is required for initial integration but I think it would be good to do since it should actually reduce the amount of crypto related functionality wpad needs to implement; it can probably be done just by replacing wpa_enc.c with a version that uses PKCS#11 instead. It will help we come to do WPA-Enterprise since in that case we need to provide support for storing the private RSA key in a smartcard or other PKCS#11 keystore. DJM-1 usr/src/cmd/cmd-inet/usr.lib/wpad/svc-wpa This method script shouldn't be needed at all since it should be possible to express all of this in the manifest without needing a separate method script. DJM-2 usr/src/cmd/cmd-inet/usr.lib/wpad/wpa_enc.c usr/src/cmd/cmd-inet/usr.lib/wpad/wpa_enc.h No comments other than DJM-0 which isn't required for now. More later. -- Darren J Moffat
