openvpn + pkcs11

NE

New Member


Messages: 14

Hi,

I am tying to use openvpn with a pkcs11-compatible token. So I built it from security/openvpn port, using the « Use security/pkcs11-helper » option, but I can't get it working: every command involving pkcs11 just fails. Eg:
% openvpn --show-pkcs11-ids /usr/local/lib/libopensc.so
Options error: Unrecognized option or missing parameter(s) in [CMD-LINE]:1: show-pkcs11-ids (2.3.2)
Use --help for more information.
%
Furthermore:
  • the openvpn man page has informations about pkcs11 commands/parameters while inner help (ie openvpn --help) has none.
  • ldd /usr/sbin/openvpn doesn't show any link with pkcs11*
  • truss openvpn --show-pkcs11-ids [...] doesn't report any attempt to open any pkcs11 related file
Any hint ?
 
OP
OP
N

NE

New Member


Messages: 14

Fixed with the following patch applied to the security/openvpn Makefile:
Code:
--- Makefile.bak        2014-02-13 10:40:42.000000000 +0100
+++ Makefile    2014-02-13 06:54:19.000000000 +0100
@@ -62,6 +62,7 @@
 
 .if ${PORT_OPTIONS:MPKCS11}
 LIB_DEPENDS+=  libpkcs11-helper.so:${PORTSDIR}/security/pkcs11-helper
+CONFIGURE_ARGS+=       --enable-pkcs11=yes
 .else
 CONFIGURE_ARGS+=       --disable-pkcs11
 .endif
 
Top