1ca03610d7
This patch changes the slot selection logic to look for more than one token label in the list of slots, using the first token that is found. This change is required to enable load balancing with devices that use separate tokens for this feature. This patch adds a new option in the [p11_crypto_plugin] section "token_labels", and deprecates the "token_label" option. For backwards compatibility, the "token_label" option will still be used if present. Change-Id: Ic2b85246c37e856c38cb47613313b19e653118de
15 lines
688 B
YAML
15 lines
688 B
YAML
---
|
|
features:
|
|
- |
|
|
A new "token_labels" option has been added to the PKCS#11 driver which
|
|
supersedes the previous "token_label" option. The new option is used to
|
|
specify a list of tokens that can be used by Barbican. This is required
|
|
for some HSM devices that use separate tokens for load balancing. For most
|
|
use cases the new option will just have a single token. The old option
|
|
is deprecated, but will still be used if present.
|
|
deprecations:
|
|
- |
|
|
The "token_label" option in the PKCS#11 driver is deprecated. Th new
|
|
"token_labels" option should be used instead. If present, "token_label"
|
|
will still be used by appending it to "token_labels".
|