On Thu, Nov 22, 2012 at 01:44:45PM +0200, Martin Paljak wrote: > On Sun, Oct 14, 2012 at 3:27 PM, Ludovic Rousseau > <ludovic.rouss...@gmail.com> wrote: > > I would suggest to drop the OpenSC tokend, unless someone volunteer to > > maintain it. > I think my current mbp running 10.7 will be the last piece of Applet > hardware/software combo I'll run, so the future is uncertain, but > current situation is solid.
OpenSC tokend is still useful. For the record, I managed to get it running with opensc 0.13.0rc1 on 10.4.11 using Xcode 2.5 with some fiddling: The Security and SecurityTokend frameworks that shipped with Xcode 2.5 are missing a few #define's. On the other hand, linking against the compiled frameworks included in Martin's build-10.5.tar.gz failed because of linker commands that the Xcode 2.5 linker (gcc 4.0.1) doesn't understand. The solution was to compile against the 10.5 version of the frameworks and link against the native 10.4 versions. The security_cdsa_client and security_cdsa_utilities frameworks are not included with Xcode 2.5. They're available on opensource.apple.com but I couldn't be bothered to download and compile them. I just compiled and linked against the versions included in Martin's build-10.5.tar.gz. The only problem is that these versions call UNIX2003 symbols in libc which don't exist on 10.4.11. This can be overcome by having the linker translate the symbols like this: '-Wl,-i_write$UNIX2003:_write' '-Wl,-i_read$UNIX2003:_read' '-Wl,-i_close$UNIX2003:_close' and so on. With OpenSC tokend compiled like this, a GemSafeV1 card correctly shows up in Keychain and when connecting to a website which requires client authentication, Safari will query for the PIN of the card. It's a shame that Apple stopped their in-house work on the tokend infrastructure. As for openssl, the build script automatically found and used the fink-installed openssl in /sw, so one (albeit not so user-friendly) solution for the removal of openssl in 10.8 may be to ask users that they pre-install openssl with brew, fink or whatever. Lukas _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
