Page MenuHomeSolus
Create Task
Maniphest T10096

Rebuild request OpenVPN with enable-pkcs11
Closed, ResolvedPublic
Actions

Description

If possible, I ask you to rebuild OpenVPN with pkcs 11. I need to connect to servers using a hardware key. Using the library https://download.rutoken.ru/Rutoken/PKCS11Lib/Current/Linux/x64/librtpkcs11ecp.so,
I tried to rebuild it myself.
But the problem is with lib pkcs11-helper, which I also tried to build, but due to lack of experience I could not do it.
Please, I don't want to go back to other operating systems, they drain my battery very quickly.
Harvey advised me to submit a request.
https://discuss.getsol.us/d/7857-openvpn-pkcs11-etoken-and-rutoken

Revisions and Commits

R2261 openvpn
D12639R2261:c5ccda04cffd openvpn: Depend on pkcs11-helper

Event Timeline

klaisens created this task.Jan 4 2022, 11:20 AM
klaisens updated the task description. (Show Details)Jan 4 2022, 11:23 AM
Girtablulu assigned this task to ReillyBrogan.Jan 4 2022, 2:00 PM
Girtablulu triaged this task as Needs More Info priority.
Girtablulu added subscribers: ReillyBrogan, Girtablulu.

@ReillyBrogan as someone who updated it lately, what's your opinion to this?

ReillyBrogan added a comment.Jan 4 2022, 7:55 PM

Should be fine, but it doesn't look like pkcs11-helper is packaged yet so that would need to be done as well. Doesn't look like it would be too much difficulty though.

ReillyBrogan added a revision: D12638: pkcs11-helper: Initial commit at version 1.28.0.Jan 12 2022, 7:20 PM
ReillyBrogan added a revision: D12639: openvpn: Depend on pkcs11-helper.Jan 12 2022, 7:23 PM
ReillyBrogan removed a revision: D12638: pkcs11-helper: Initial commit at version 1.28.0.Jan 12 2022, 7:25 PM
ReillyBrogan added a comment.Jan 12 2022, 7:28 PM

@klaisens I have built OpenVPN with pkcs11-helper but unfortunately don't have a way to test it. Would you be willing to test a few experimental packages for me to see if they actually work for your usecase? If so, please let me know if your Solus install is on unstable or stable (if you've never explicitly enabled unstable you are on stable).

joebonrichie raised the priority of this task from Needs More Info to Normal.Jan 13 2022, 6:19 PM
joebonrichie moved this task from Backlog to Improvement on the Software board.
joebonrichie added a subscriber: joebonrichie.

Hopefully @klaisens can confirm it's all working correctly first before we land it.

klaisens added a comment.Jan 14 2022, 1:26 PM

@ReillyBrogan I agree to test it. I'm using a stable one now. If necessary, I will switch to unstable.

DataDrake closed this task as Resolved by committing R2261:c5ccda04cffd: openvpn: Depend on pkcs11-helper.Jan 14 2022, 5:33 PM
DataDrake added a commit: R2261:c5ccda04cffd: openvpn: Depend on pkcs11-helper.
ReillyBrogan added a comment.Jan 14 2022, 5:38 PM
In T10096#191707, @klaisens wrote:

@ReillyBrogan I agree to test it. I'm using a stable one now. If necessary, I will switch to unstable.

@klaisens The updated openvpn with pcks11 support will be landing in this sync. Should show up later today unless the sync is suddenly deferred for whatever reason (very unlikely).

Copyright © 2015-2021 Solus Project. The Solus logo is Copyright © 2016-2021 Solus Project. All Rights Reserved.