commented out everything.

now you can install those files to your etc, it will not hurt you. git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1722 c6295689-39f2-0310-b995-f0e70906c6a9
2004-01-08 11:56:47 +00:00 · 2004-01-08 11:56:47 +00:00 · f2803e1a74
commit f2803e1a74
parent 115bd355ed
2 changed files with 108 additions and 121 deletions
--- a/etc/opensc.conf.example
+++ b/etc/opensc.conf.example
@ -6,13 +6,13 @@
 # Default values for any application
 # These can be overrided by an application
 # specific configuration block.
-app default {
+#app default {
 	# Amount of debug info to print
 	#
 	# A greater value means more debug info.
 	# Default: 0
 	#
-	debug = 0;
+	#debug = 0;

 	# The file to which debug output will be written
 	#
@ -38,41 +38,28 @@ app default {
 	#
 	# reader_drivers = pcsc, ctapi;

-	reader_driver ctapi {
-		module /usr/local/towitoko/lib/libtowitoko.so {
+	#reader_driver ctapi {
+		#module /usr/local/towitoko/lib/libtowitoko.so {
 			# CT-API ports:
 			# 0..3		COM1..4
 			# 4		Printer
 			# 5		Modem
 			# 6..7		LPT1..2
-			ports = 0;
-		}
+			#ports = 0;
+		#}
 		# module /usr/local/lib/ctapi/ctapi2.so {
 		#	ports = 1, 6;
 		# }
-	}
+	#}

-	reader_driver pcsc {
-		# Whether to transform some APDU's from one case to another
-		# Possible values:
-		#            none:   Don't transform any APDU's
-		#        case4as3:   For T=0, send a case 4 APDU as case 3,
-		#                    (no Lc byte) the card will send back
-		# 		     a 61xx SW, and we will follow up with a
-		#                    GetResponse command
-		#                    The SCM SCR111, Sun SCF, and e-gate readers
-		#                    seem to require this.
-		#        case1as2:   For T=0, send a case 1 APDU as case 2.
-		#                    (append an Le byte of 0)
-		#                    The Sun SCF and e-gate readers seem to
-		#                    require this
-		# case1as2_always:   for any T=0/1, send a case 1 APDU as
-		#		     case 2.
-		#                    The Sun SCF reader may require this
-		# Default: none
+	#reader_driver pcsc {
+		# Whether to convert Case 4 APDUs to Case 3
 		#
-		apdu_masquerade = none;
-	}
+		# At least SCM SCR111 reader seems to require this.
+		# Default: false
+		#
+		#apdu_fix = false;
+	#}

 	# What card drivers to load at start-up
 	#
@ -116,9 +103,9 @@ app default {
 	# }

 	# GPK card driver
-	card_driver gpk {
+	#card_driver gpk {
 		# atr = 00:11:22;
-	}
+	#}

 	# Force using specific card driver
 	#
@ -132,7 +119,7 @@ app default {
 	# Below are the framework specific configuration blocks.

 	# PKCS #15
-	framework pkcs15 {
+	#framework pkcs15 {
 		# Whether to use the cache files in the user's
 		# home directory.
 		#
@ -144,24 +131,24 @@ app default {
 		# applications.
 		# Default: false
 		#
-		use_caching = true;
+		#use_caching = true;
 		# Use the following dynamic libraries for a read-only
 		# PKCS#15 emulation of non pkcs15 cards.
 		#
 		# pkcs15_syn = p15_starcert.so;
-	}
-}
+	#}
+#}

 # For applications that use SCAM (pam_opensc, sia_opensc)
-app scam {
-	framework pkcs15 {
-		use_caching = false;
-	}
-}
+#app scam {
+	#framework pkcs15 {
+		#use_caching = false;
+	#}
+#}

 # Parameters for the OpenSC PKCS11 module
-app opensc-pkcs11 {
-	pkcs11 {
+#app opensc-pkcs11 {
+	#pkcs11 {
 		# Maxmimum number of slots per smart card.
 		# If the card has fewer keys than defined here,
 		# the remaining number of slots will be empty.
@ -169,7 +156,7 @@ app opensc-pkcs11 {
 		# Note that there is currently a compile time
 		# maximum on the overall number of slots
 		# the pkcs11 module is able to handle.
-		num_slots = 4;
+		#num_slots = 4;

 		# Normally, the pkcs11 module will create
 		# the full number of slots defined above by
@ -180,7 +167,7 @@ app opensc-pkcs11 {
 		#
 		# Set this option to true to hide these empty
 		# slots.
-		hide_empty_tokens = false;
+		#hide_empty_slots = false;

 		# By default, the OpenSC PKCS#11 module will
 		# try to lock this card once you have authenticated
@ -194,7 +181,7 @@ app opensc-pkcs11 {
 		# has done a C_Logout or C_Finalize. In the case of
 		# Netscape or Mozilla, this does not happen until
 		# you exit the browser.
-		lock_login = true;
+		#lock_login = true;

 		# Normally, the pkcs11 module will not cache PINs
 		# presented via C_Login. However, some cards
@ -206,21 +193,21 @@ app opensc-pkcs11 {
 		# cache_pins = true
 		#
 		# Default: false
-		cache_pins = false;
+		#cache_pins = false;

 		# Set this value to false if you want to enfore on-card
 		# keypair generation
 		#
 		# Default: true
-		soft_keygen_allowed = true;
-	}
-}
+		#soft_keygen_allowed = true;
+	#}
+#}

 # Parameters for the OpenSC PKCS11-Spy module, that logs all the
 # communication between a pkcs11 module and it's calling application:
 #    app <--> pkcs11-spy <--> pkcs11 module
-app pkcs11-spy {
-	spy {
+#app pkcs11-spy {
+	#spy {
 		# Where to log to.
 		#
 		# By default, the value of the PKCS11SPY_OUTPUT environment
@ -236,5 +223,5 @@ app pkcs11-spy {
 		# opensc-pkcs11.so is used.
 		#
 		#module = opensc-pkcs11.so;
-	}
-}
+	#}
+#}
--- a/etc/scldap.conf.example
+++ b/etc/scldap.conf.example
@ -1,94 +1,94 @@
 # Configuration file for OpenSC / scldap
 # Example configuration file

-ldap example {
+#ldap example {
 	# Hostname for LDAP server (required)
-	ldaphost = "ldap.foobar.tld";
+	#ldaphost = "ldap.foobar.tld";
 	# Port for LDAP server
-	ldapport = 389;
+	#ldapport = 389;
 	# Scope for ldap search
 	# 0 = LDAP_SCOPE_BASE
 	# 1 = LDAP_SCOPE_ONELEVEL
 	# 2 = LDAP_SCOPE_SUBTREE
-	scope = 2;
+	#scope = 2;
 	# Use the Distinguished Name to
 	# bind to the LDAP directory
-	binddn = "cn=public,dc=cc,dc=foobar,dc=tld";
+	#binddn = "cn=public,dc=cc,dc=foobar,dc=tld";
 	# Use passwd as the password for simple authentication
-	passwd = "bazfoo";
+	#passwd = "bazfoo";
 	# Use base as the starting point for the
 	# search instead of the default
-	base = "dc=foobar,dc=tld";
+	#base = "dc=foobar,dc=tld";
 	# Search attribute(s)
-	attributes = "cert", "user";
+	#attributes = "cert", "user";
 	# Search filter. (required)
 	# formatted searches like (user=%s) are accepted
-	filter = "(identifier=foobarAuthority)";
-}
+	#filter = "(identifier=foobarAuthority)";
+#}

 # Test cards
-card "FINEID S4-1-1", "VRK-FINSIGN" {
-	ldap "auth certificate" {
-		ldaphost = ldap.example.com;
-		ldapport = 389;
-		scope = 2;
-		base = "dc=example,dc=com";
-		attributes = userCertificate;
-		filter = "(uniqueIdentifier=%s)";
-	}
-	ldap crl {
+#card "FINEID S4-1-1", "VRK-FINSIGN" {
+	#ldap "auth certificate" {
+		#ldaphost = ldap.example.com;
+		#ldapport = 389;
+		#scope = 2;
+		#base = "dc=example,dc=com";
+		#attributes = userCertificate;
+		#filter = "(uniqueIdentifier=%s)";
+	#}
+	#ldap crl {
 		# unnecessary, data for crl is usually generated from
 		# auth cert's crlDistributionPoints 
-		ldaphost = ldap.example.com;
-		ldapport = 389;
-		scope = 2;
-		base = "dc=example,dc=com";
-	}
-	ldap "ca certificate" {
-		ldaphost = ldap.example.com;
-		ldapport = 389;
-		scope = 2;
-		base = "dc=example,dc=com";
-		attributes = cACertificate;
-		filter = "(objectClass=fineidCertificationAuthority)";
-	}
-	ldap "approx base" {
-		ldaphost = ldap.example.com;
-		ldapport = 389;
-		scope = 2;
-		base = "dc=example,dc=com";
-	}
-}
+		#ldaphost = ldap.example.com;
+		#ldapport = 389;
+		#scope = 2;
+		#base = "dc=example,dc=com";
+	#}
+	#ldap "ca certificate" {
+		#ldaphost = ldap.example.com;
+		#ldapport = 389;
+		#scope = 2;
+		#base = "dc=example,dc=com";
+		#attributes = cACertificate;
+		#filter = "(objectClass=fineidCertificationAuthority)";
+	#}
+	#ldap "approx base" {
+		#ldaphost = ldap.example.com;
+		#ldapport = 389;
+		#scope = 2;
+		#base = "dc=example,dc=com";
+	#}
+#}

-card "FINEID S4-1", "VRK-FINSIGN" {
-	ldap "auth certificate" {
-		ldaphost = ldap.example.com;
-		ldapport = 389;
-		scope = 2;
-		base = "dc=example,dc=com";
-		attributes = userCertificate;
-		filter = "(uniqueIdentifier=%s)";
-	}
-	ldap crl {
+#card "FINEID S4-1", "VRK-FINSIGN" {
+	#ldap "auth certificate" {
+		#ldaphost = ldap.example.com;
+		#ldapport = 389;
+		#scope = 2;
+		#base = "dc=example,dc=com";
+		#attributes = userCertificate;
+		#filter = "(uniqueIdentifier=%s)";
+	#}
+	#ldap crl {
 		# unnecessary, data for crl is usually generated from
 		# auth cert's crlDistributionPoints 
-		ldaphost = ldap.example.com;
-		ldapport = 389;
-		scope = 2;
-		base = "dc=example,dc=com";
-	}
-	ldap "ca certificate" {
-		ldaphost = ldap.example.com;
-		ldapport = 389;
-		scope = 2;
-		base = "dc=example,dc=com";
-		attributes = cACertificate;
-		filter = "(objectClass=fineidCertificationAuthority)";
-	}
-	ldap "approx base" {
-		ldaphost = ldap.example.com;
-		ldapport = 389;
-		scope = 2;
-		base = "dc=example,dc=com";
-	}
-}
+		#ldaphost = ldap.example.com;
+		#ldapport = 389;
+		#scope = 2;
+		#base = "dc=example,dc=com";
+	#}
+	#ldap "ca certificate" {
+		#ldaphost = ldap.example.com;
+		#ldapport = 389;
+		#scope = 2;
+		#base = "dc=example,dc=com";
+		#attributes = cACertificate;
+		#filter = "(objectClass=fineidCertificationAuthority)";
+	#}
+	#ldap "approx base" {
+		#ldaphost = ldap.example.com;
+		#ldapport = 389;
+		#scope = 2;
+		#base = "dc=example,dc=com";
+	#}
+##}