I don't actually remember why I added my own; it *ought* to be installed
correctly by the distribution's packaging of SoftHSM.
There was a brief discussion about my hard-coded version being
Fedora-specific, followed by a suggestion that I could pick up the
proper path from and existing module file, followed by the realisation
that said existing module file would suffice anyway. So just require it.
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
+++ /dev/null
-module:/usr/lib64/pkcs11/libsofthsm2.so
$(OPENSSL) x509 -days 3650 -CA $(certsdir)/ca.pem -CAkey $(certsdir)/ca-key.pem \
-set_serial $(shell date +%s) -req -out $@ -in $<
-SHM2_UTIL=HOME=$(srcdir) SOFTHSM2_CONF=softhsm2.conf softhsm2-util
-P11TOOL=HOME=$(srcdir) SOFTHSM2_CONF=softhsm2.conf p11tool
+SHM2_UTIL=SOFTHSM2_CONF=softhsm2.conf softhsm2-util
+P11TOOL=SOFTHSM2_CONF=softhsm2.conf p11tool
# Nice and simple: Certs visible without login, public keys present in token
softhsm-setup0:
for KEY in ${pkcs11_keys}; do
echo -n "Connecting to obtain cookie (token ${TOKEN} key ${KEY})... "
CERTURI="pkcs11:token=${TOKEN};${KEY};pin-value=1234"
- ( echo "test" | HOME=${srcdir} SOFTHSM2_CONF=softhsm2.conf LD_PRELOAD=libsocket_wrapper.so \
+ ( echo "test" | SOFTHSM2_CONF=softhsm2.conf LD_PRELOAD=libsocket_wrapper.so \
$OPENCONNECT -q $ADDRESS:443 -u test -c "${CERTURI}" --key-password 1234 --servercert=d66b507ae074d03b02eafca40d35f87dd81049d3 --cookieonly --passwd-on-stdin ) ||
fail $PID "Could not connect with token ${TOKEN} key ${KEY##*/}!"
done
projects / users / dwmw2 / openconnect.git / commitdiff