On Wed, Jan 15, 2025 at 06:04:54PM +0100, Davide Caratti wrote: > Now that ENGINE API starts being deprecated in distros (like Fedora [1]) > wpa_supplicant users might need a way to load certificates and keys from > PKCS11 URIs even when OPENSSL_NO_ENGINE is defined. We can do that using > pkcs11-provider: load it by default in wpa_supplicant, and try to use it > when OPENSSL_NO_ENGINE is defined and configuration requests PKCS11 URIs > for certificates / keys. > > Inspired by pkcs11-provider test program 'tlssetkey.c' [2] > > [1] https://fedoraproject.org/wiki/Changes/OpensslDeprecateEngine > [2] https://github.com/latchset/pkcs11-provider/blob/main/tests/tlssetkey.c Thanks, applied. -- Jouni Malinen PGP id EFC895FA _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap
