Hello, unfortunately our network people are about to migrate from ipsec/vpnc VPN to Annyconnect but the official Annyconnect client for Linux does not seem to support Smartcard authentication. Neither does annyconnect AFAIK. Currently my smartcard works fine on Linux (firefox,thunderbird) using a (proprietary) pkcs11 library. As I definitely do not intend to switch to Windows I am wondering about how much work it would be to add Smartcard support to annyconnect. Unfortunately I'm currently unable to use my pkcs11 library in both openssl and gnutls. On the first glance it looks like gnutls does have a better interface for pkcs11 stuff[1] than openssl (only third party engine available). I think the probability to get this to work with gnutls is much higher in my case. Which effort would be needed to extend openconnect in a way to either use openssl or gnutls? Would it be an option to directly support pkcs11? Sven [1] http://www.gnu.org/software/gnutls/manual/html_node/Client-using-a-smart-card-with-TLS.html -- /* * Wirzenius wrote this portably, Torvalds fucked it up :-) */ (taken from /usr/src/linux/lib/vsprintf.c) /me is giggls at ircnet, http://sven.gegg.us/ on the Web
