@@ -5,5 +5,3 @@ set(VCPKG_LIBRARY_LINKAGE dynamic)
if(PORT STREQUAL "lz4")
set(VCPKG_LIBRARY_LINKAGE static)
endif()
-
-set(OPENSSL_NO_AUTOLOAD_CONFIG ON)
@@ -5,5 +5,3 @@ set(VCPKG_LIBRARY_LINKAGE dynamic)
if(PORT STREQUAL "lz4")
set(VCPKG_LIBRARY_LINKAGE static)
endif()
-
-set(OPENSSL_NO_AUTOLOAD_CONFIG ON)
@@ -5,5 +5,3 @@ set(VCPKG_LIBRARY_LINKAGE dynamic)
if(PORT STREQUAL "lz4")
set(VCPKG_LIBRARY_LINKAGE static)
endif()
-
-set(OPENSSL_NO_AUTOLOAD_CONFIG ON)
@@ -310,29 +310,6 @@ openvpn_snprintf(char *str, size_t size, const char *format, ...)
return (len >= 0 && len < size);
}
-/*
- * openvpn_swprintf() is currently only used by Windows code paths
- * and when enabled for all platforms it will currently break older
- * OpenBSD versions lacking vswprintf(3) support in their libc.
- */
-
-#ifdef _WIN32
-bool
-openvpn_swprintf(wchar_t *const str, const size_t size, const wchar_t *const format, ...)
-{
- va_list arglist;
- int len = -1;
- if (size > 0)
- {
- va_start(arglist, format);
- len = vswprintf(str, size, format, arglist);
- va_end(arglist);
- str[size - 1] = L'\0';
- }
- return (len >= 0 && len < size);
-}
-#endif
-
/*
* write a string to the end of a buffer that was
* truncated by buf_printf
@@ -101,6 +101,12 @@ struct semaphore netcmd_semaphore; /* GLOBAL */
*/
static char *win_sys_path = NULL; /* GLOBAL */
+/**
+ * Set OpenSSL environment variables to a safe directory
+ */
+void
+set_openssl_env_vars();
+
void
init_win32(void)
{
@@ -110,6 +116,8 @@ init_win32(void)
}
window_title_clear(&window_title);
win32_signal_clear(&win32_signal);
+
+ set_openssl_env_vars();
}
void
@@ -1509,4 +1517,72 @@ send_msg_iservice(HANDLE pipe, const void *data, size_t size,
return ret;
}
+bool
+openvpn_swprintf(wchar_t* const str, const size_t size, const wchar_t* const format, ...)
+{
+ va_list arglist;
+ int len = -1;
+ if (size > 0)
+ {
+ va_start(arglist, format);
+ len = vswprintf(str, size, format, arglist);
+ va_end(arglist);
+ str[size - 1] = L'\0';
+ }
+ return (len >= 0 && len < size);
+}
+
+static BOOL
+get_install_path(WCHAR *path, DWORD size)
+{
+ WCHAR reg_path[256];
+ HKEY key;
+ BOOL res = FALSE;
+ openvpn_swprintf(reg_path, _countof(reg_path), L"SOFTWARE\\" PACKAGE_NAME);
+
+ LONG status = RegOpenKeyExW(HKEY_LOCAL_MACHINE, reg_path, 0, KEY_READ, &key);
+ if (status != ERROR_SUCCESS)
+ {
+ return res;
+ }
+
+ /* The default value of REG_KEY is the install path */
+ status = RegGetValueW(key, NULL, NULL, RRF_RT_REG_SZ, NULL, (LPBYTE)path, &size);
+ res = status == ERROR_SUCCESS;
+
+ RegCloseKey(key);
+
+ return res;
+}
+
+static void
+set_openssl_env_vars()
+{
+ const WCHAR* ssl_fallback_dir = L"C:\\Windows\\System32\\";
+
+ WCHAR install_path[MAX_PATH] = { 0 };
+ if (!get_install_path(install_path, _countof(install_path)))
+ {
+ /* if we cannot find installation path from the registry,
+ * use Windows directory as a fallback
+ */
+ openvpn_swprintf(install_path, _countof(install_path), L"%ls", ssl_fallback_dir);
+ }
+
+ WCHAR openssl_cnf[MAX_PATH] = {0};
+ WCHAR openssl_engines[MAX_PATH] = {0};
+ WCHAR openssl_modules[MAX_PATH] = {0};
+
+ openvpn_swprintf(openssl_cnf, _countof(install_path),
+ L"OPENSSL_CONF=%lsssl\\openssl.cnf", install_path);
+ openvpn_swprintf(openssl_engines, _countof(openssl_engines),
+ L"OPENSSL_ENGINES=%lsssl\\engines", install_path);
+ openvpn_swprintf(openssl_modules, _countof(openssl_modules),
+ L"OPENSSL_MODULES=%lsssl\\modules", install_path);
+
+ _wputenv(openssl_cnf);
+ _wputenv(openssl_engines);
+ _wputenv(openssl_modules);
+}
+
#endif /* ifdef _WIN32 */
@@ -327,7 +327,13 @@ bool send_msg_iservice(HANDLE pipe, const void *data, size_t size,
int
openvpn_execve(const struct argv *a, const struct env_set *es, const unsigned int flags);
-bool impersonate_as_system();
+/*
+ * openvpn_swprintf() is currently only used by Windows code paths
+ * and when enabled for all platforms it will currently break older
+ * OpenBSD versions lacking vswprintf(3) support in their libc.
+ */
+bool
+openvpn_swprintf(wchar_t* const str, const size_t size, const wchar_t* const format, ...);
#endif /* ifndef OPENVPN_WIN32_H */
#endif /* ifdef _WIN32 */