diff options
| -rw-r--r-- | doc/manual/p11-kit-sharing.xml | 5 | ||||
| -rw-r--r-- | doc/manual/pkcs11.conf.xml | 11 | ||||
| -rw-r--r-- | p11-kit/modules.c | 13 |
3 files changed, 5 insertions, 24 deletions
diff --git a/doc/manual/p11-kit-sharing.xml b/doc/manual/p11-kit-sharing.xml index 95dd865..8be3057 100644 --- a/doc/manual/p11-kit-sharing.xml +++ b/doc/manual/p11-kit-sharing.xml @@ -100,8 +100,9 @@ module configuration option.</para> </listitem> <listitem> - <para>Managed modules have the ability to be isolated in their own process - See the <link linkend="option-isolated"><literal>isolated = yes</literal></link> + <para>Managed modules have the ability to be remoted to another machine or + isolated in their own process. + See the <link linkend="option-remote"><literal>remote = ...</literal></link> module configuration option.</para> </listitem> </itemizedlist> diff --git a/doc/manual/pkcs11.conf.xml b/doc/manual/pkcs11.conf.xml index 86c8fcb..16e6cb2 100644 --- a/doc/manual/pkcs11.conf.xml +++ b/doc/manual/pkcs11.conf.xml @@ -131,14 +131,6 @@ x-custom : text not present, then any process will load the module.</para> </listitem> </varlistentry> - <varlistentry id="option-isolated"> - <term><option>isolated:</option></term> - <listitem> - <para>Set to <literal>yes</literal> to run this PKCS#11 module in its own - process. This is a simple way to set the <option>remote</option> to - accomplish the same thing.</para> - </listitem> - </varlistentry> <varlistentry> <term><option>managed:</option></term> <listitem> @@ -162,7 +154,7 @@ x-custom : text alphabetically.</para> </listitem> </varlistentry> - <varlistentry> + <varlistentry id="option-remote"> <term><option>remote:</option></term> <listitem> <para>Instead of loading the PKCS#11 module locally, run the module @@ -173,6 +165,7 @@ x-custom : text <programlisting> remote: |ssh user@remote p11-kit remote /path/to/module.so </programlisting> + <para>Other forms of remoting will appear in later p11-kit releases.</para> </listitem> </varlistentry> <varlistentry> diff --git a/p11-kit/modules.c b/p11-kit/modules.c index bc6f768..8aaa769 100644 --- a/p11-kit/modules.c +++ b/p11-kit/modules.c @@ -486,7 +486,6 @@ take_config_and_load_module_inlock (char **name, const char *remote = NULL; char *value = NULL; CK_RV rv = CKR_OK; - bool isolated; Module *mod; assert (name); @@ -506,18 +505,6 @@ take_config_and_load_module_inlock (char **name, } } - /* The 'isolated' setting is just a simple way to configure remote */ - isolated = _p11_conf_parse_boolean (p11_dict_get (*config, "isolated"), false); - if (isolated) { - if (remote) { - p11_message ("ignoring 'isolated' on module '%s' because 'remote' is set", *name); - } else { - if (asprintf (&value, "|" BINDIR "/p11-kit remote '%s'", filename) < 0) - return_val_if_reached (CKR_DEVICE_ERROR); - remote = value; - } - } - if (remote != NULL) { rv = setup_module_for_remote_inlock (*name, remote, &mod); if (rv != CKR_OK) |