git.ipfire.org Git - thirdparty/openvpn.git/commit

author	James Yonan <james@openvpn.net>
	Thu, 9 Dec 2010 11:21:04 +0000 (11:21 +0000)
committer	James Yonan <james@openvpn.net>
	Thu, 9 Dec 2010 11:21:04 +0000 (11:21 +0000)
commit	2a3d17ed182608cf60d731a237f9f926c28db522
tree	6ffd2d41156ecafe4715447b4b4c006112d6f514	tree
parent	2d12eb12cf2a49adbc2e89e20990415947519900	commit \| diff

Added "management-external-key" option.  This option can be used
instead of "key" in client mode, and allows the client to run
without the need to load the actual private key.  When the SSL
protocol needs to perform an RSA sign operation, the data to
be signed will be sent to the management interface via a
notification as follows:

  >RSA_SIGN:[BASE64_DATA]

The management interface client should then sign BASE64_DATA
using the private key and return the signature as follows:

  rsa-sig
  [BASE64_SIG_LINE]
  .
  .
  .
  END

This capability is intended to allow the use of arbitrary
cryptographic service providers with OpenVPN via the
management interface.

git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@6708 e7ae566f-a301-0410-adde-c780ea21d3b5

base64.c		diff \| blob \| blame \| history
base64.h		diff \| blob \| blame \| history
buffer.c		diff \| blob \| blame \| history
manage.c		diff \| blob \| blame \| history
manage.h		diff \| blob \| blame \| history
misc.c		diff \| blob \| blame \| history
ntlm.c		diff \| blob \| blame \| history
options.c		diff \| blob \| blame \| history
ssl.c		diff \| blob \| blame \| history
syshead.h		diff \| blob \| blame \| history