mirror of
https://github.com/OpenVPN/openvpn.git
synced 2024-09-20 12:02:28 +02:00
Require EC key support in Windows builds
Do not support the use of OPENSSL_NO_EC on Windows. We build Windows releases with EC key support enabled in OpenSSL and there is no reason to disable it in OpenVPN. TODO: If there are no platforms of interest where EC support cannot be enabled in OpenSSL, we should make !defined(OPENSSL_NO_EC) a general requirement. Signed-off-by: Selva Nair <selva.nair@gmail.com> Acked-by: Gert Doering <gert@greenie.muc.de> Message-Id: <20211019034118.28987-3-selva.nair@gmail.com> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg22952.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
This commit is contained in:
parent
6ad1fbce2b
commit
ec9f698d3b
@ -55,6 +55,10 @@
|
||||
#include <openssl/kdf.h>
|
||||
#endif
|
||||
|
||||
#if defined(_WIN32) && defined(OPENSSL_NO_EC)
|
||||
#error Windows build with OPENSSL_NO_EC: disabling EC key is not supported.
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Check for key size creepage.
|
||||
*/
|
||||
|
@ -236,8 +236,6 @@ rsa_finish(RSA *rsa)
|
||||
return 1;
|
||||
}
|
||||
|
||||
#if !defined(OPENSSL_NO_EC)
|
||||
|
||||
static EC_KEY_METHOD *ec_method = NULL;
|
||||
|
||||
/** EC_KEY_METHOD callback: called when the key is freed */
|
||||
@ -423,8 +421,6 @@ err:
|
||||
return 0;
|
||||
}
|
||||
|
||||
#endif /* !defined(OPENSSL_NO_EC) */
|
||||
|
||||
static const CERT_CONTEXT *
|
||||
find_certificate_in_store(const char *cert_prop, HCERTSTORE cert_store)
|
||||
{
|
||||
@ -853,7 +849,6 @@ SSL_CTX_use_CryptoAPI_certificate(SSL_CTX *ssl_ctx, const char *cert_prop)
|
||||
goto err;
|
||||
}
|
||||
}
|
||||
#if !defined(OPENSSL_NO_EC)
|
||||
else if (EVP_PKEY_id(pkey) == EVP_PKEY_EC)
|
||||
{
|
||||
if (!ssl_ctx_set_eckey(ssl_ctx, cd, pkey))
|
||||
@ -861,7 +856,6 @@ SSL_CTX_use_CryptoAPI_certificate(SSL_CTX *ssl_ctx, const char *cert_prop)
|
||||
goto err;
|
||||
}
|
||||
}
|
||||
#endif /* !defined(OPENSSL_NO_EC) */
|
||||
else
|
||||
{
|
||||
msg(M_WARN|M_INFO, "WARNING: cryptoapicert: key type <%d> not supported",
|
||||
|
Loading…
Reference in New Issue
Block a user