Message ID | 20211019165053.26345-1-selva.nair@gmail.com |
---|---|
State | Accepted |
Headers | show |
Series | [Openvpn-devel,for,2.5] Require EC key support in Windows builds | expand |
Acked-by: Gert Doering <gert@greenie.muc.de> No idea what took me so long - the patch file was saved to the right place for "next: ack, merge, push" but then something got in the way. But now :-) - thanks. Your patch has been applied to the release/2.5 branch. commit 6bb4edf4f778128672f405c0e33c3c785afcc479 Author: Selva Nair Date: Tue Oct 19 12:50:53 2021 -0400 Require EC key support in Windows builds Signed-off-by: Selva Nair <selva.nair@gmail.com> Acked-by: Gert Doering <gert@greenie.muc.de> Message-Id: <20211019165053.26345-1-selva.nair@gmail.com> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg22968.html Signed-off-by: Gert Doering <gert@greenie.muc.de> -- kind regards, Gert Doering
diff --git a/src/openvpn/crypto_openssl.c b/src/openvpn/crypto_openssl.c index 79fbab40..c9dc9d0a 100644 --- a/src/openvpn/crypto_openssl.c +++ b/src/openvpn/crypto_openssl.c @@ -51,6 +51,10 @@ #include <openssl/rand.h> #include <openssl/ssl.h> +#if defined(_WIN32) && defined(OPENSSL_NO_EC) +#error Windows build with OPENSSL_NO_EC: disabling EC key is not supported. +#endif + /* * Check for key size creepage. */ diff --git a/src/openvpn/cryptoapi.c b/src/openvpn/cryptoapi.c index 6c4df9e3..4becef4d 100644 --- a/src/openvpn/cryptoapi.c +++ b/src/openvpn/cryptoapi.c @@ -537,7 +537,7 @@ finish(RSA *rsa) return 1; } -#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && !defined(OPENSSL_NO_EC) +#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) static EC_KEY_METHOD *ec_method = NULL; @@ -1232,7 +1232,7 @@ SSL_CTX_use_CryptoAPI_certificate(SSL_CTX *ssl_ctx, const char *cert_prop) goto err; } } -#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && !defined(OPENSSL_NO_EC) +#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) else if (EVP_PKEY_id(pkey) == EVP_PKEY_EC) { if (!ssl_ctx_set_eckey(ssl_ctx, cd, pkey))