aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRob Austein <sra@hactrn.net>2017-05-04 17:41:44 -0400
committerRob Austein <sra@hactrn.net>2017-05-04 17:41:44 -0400
commitae322afdec65e7d8c180fa761c0bbb3c682ef5c0 (patch)
tree2ce777eafc9c5810c500014b31d4fc6acdbb8db6
parentf110c617c706e3a0b21daf29802e44668e202740 (diff)
Add pkcs11-spy support, remove cryptech_probe invocation.
-rw-r--r--environment.sh17
1 files changed, 13 insertions, 4 deletions
diff --git a/environment.sh b/environment.sh
index a842d81..f3f5c75 100644
--- a/environment.sh
+++ b/environment.sh
@@ -14,9 +14,18 @@ export PKCS11_PIN=fnord
export OPENSSL_CONF=`pwd`/openssl.conf
-# If we don't already have the cryptech UART environment variables set, do that now.
-
-if test "X${CRYPTECH_RPC_CLIENT_SERIAL_DEVICE}" = "X"
+# If USE_PKCS11SPY is set, it should be an absolute path to the OpenSC
+# pkcs11-spy.so debugging tool, which we will splice between OpenSSL
+# and the real PKCS #11 library. This is not something you would want
+# to do in production, but can be useful when testing. See
+#
+# https://github.com/OpenSC/OpenSC/wiki/Using-OpenSC
+#
+# By default, pkcs11-spy writes to stderr, but you can override this
+# by setting PKCS11SPY_OUTPUT.
+
+if test "X$USE_PKCS11SPY" != "X" && test -r "$USE_PKCS11SPY"
then
- eval `cryptech_probe`
+ export PKCS11SPY="$PKCS11_MODULE"
+ export PKCS11_MODULE="$USE_PKCS11SPY"
fi