On Mon, 2019-07-08 at 18:46 +0200, Daniel Kobras wrote: > Hi all! > > Using either GnuTLS or one of the TPM2 engines for OpenSSL, it's > possible to use keyfiles that are encrypted with a wrapping key from > a > TPM2 device. Implementations have started to use special PEM headers > for > these files. If openconnect it can automatically invoke the necessary > magic to unwrap the key without any user interaction. A similar patch > for wpa_supplicant can be found at > http://lists.infradead.org/pipermail/hostap/2019-July/040318.html. > > Alas, these PEM files currently fail NM's header validation. The > attached patch just accepts these keys in NM, assuming further > support > is present in the backend tools. >
Hi, The patch looks good to me. best, Thomas
signature.asc
Description: This is a digitally signed message part
_______________________________________________ networkmanager-list mailing list networkmanager-list@gnome.org https://mail.gnome.org/mailman/listinfo/networkmanager-list
