mirror of
https://github.com/OpenVPN/openvpn3.git
synced 2024-09-20 12:12:15 +02:00
f746588d45
In default configuration OpenSSL loads config from certain location on disk, which may pose a security risk. There is "no-autoload-config" config option for OpenSSL which disables this functionality: https://github.com/openssl/openssl/pull/5959 however it is not "exported" to vcpkg. This adds openssl port overlay which sets "no-autoload-config" config option. Here is the diff: diff --git a/ports/openssl/windows/portfile.cmake b/ports/openssl/windows/portfile.cmake index 7a3bf08ed..c873eb756 100644 --- a/ports/openssl/windows/portfile.cmake +++ b/ports/openssl/windows/portfile.cmake @@ -21,6 +21,7 @@ set(CONFIGURE_OPTIONS enable-capieng no-ssl2 no-tests + no-autoload-config -utf-8 ${OPENSSL_SHARED} ) There is also corresponsing PR to vcpkg: https://github.com/microsoft/vcpkg/pull/18389 When above PR is merged, this port overlay can be removed. Signed-off-by: Lev Stipakov <lev@openvpn.net> |
||
---|---|---|
.. | ||
asio | ||
mbedtls | ||
openssl |