diff options
author | james <james@e7ae566f-a301-0410-adde-c780ea21d3b5> | 2009-05-13 13:36:23 +0000 |
---|---|---|
committer | james <james@e7ae566f-a301-0410-adde-c780ea21d3b5> | 2009-05-13 13:36:23 +0000 |
commit | a7eef14a3eded1a4af503742ff3e7cb5bfaab0ce (patch) | |
tree | 7b05736b453aafc74fef81ebf0d9e9dcb2c35b38 | |
parent | Added errors-to-stderr option. When enabled, fatal errors (diff) | |
download | openvpn-a7eef14a3eded1a4af503742ff3e7cb5bfaab0ce.tar.xz |
Updated Windows build scripts to package openssl-0.9.8k,
and to use the Server 2008 WDK (6001.18002).
In cryptoapi.c, renamed CryptAcquireCertificatePrivateKey to
OpenVPNCryptAcquireCertificatePrivateKey to work around
a symbol conflict in MinGW-5.1.4.exe.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4318 e7ae566f-a301-0410-adde-c780ea21d3b5
-rw-r--r-- | cryptoapi.c | 16 | ||||
-rw-r--r-- | domake-win | 2 | ||||
-rw-r--r-- | install-win32/openssl/README.txt | 12 | ||||
-rw-r--r-- | install-win32/settings.in | 12 |
4 files changed, 21 insertions, 21 deletions
diff --git a/cryptoapi.c b/cryptoapi.c index 9406c7a..e100469 100644 --- a/cryptoapi.c +++ b/cryptoapi.c @@ -51,8 +51,8 @@ #define CERT_STORE_OPEN_EXISTING_FLAG 0x00004000 #define CRYPT_ACQUIRE_COMPARE_KEY_FLAG 0x00000004 static HINSTANCE crypt32dll = NULL; -static BOOL WINAPI (*CryptAcquireCertificatePrivateKey) (PCCERT_CONTEXT pCert, DWORD dwFlags, - void *pvReserved, HCRYPTPROV *phCryptProv, DWORD *pdwKeySpec, BOOL *pfCallerFreeProv) = NULL; +static BOOL WINAPI (*OpenVPNCryptAcquireCertificatePrivateKey) (PCCERT_CONTEXT pCert, DWORD dwFlags, + void *pvReserved, HCRYPTPROV *phCryptProv, DWORD *pdwKeySpec, BOOL *pfCallerFreeProv) = NULL; #endif /* Size of an SSL signature: MD5+SHA1 */ @@ -75,7 +75,7 @@ static ERR_STRING_DATA CRYPTOAPI_str_functs[] = { { ERR_PACK(ERR_LIB_CRYPTOAPI, 0, 0), "microsoft cryptoapi"}, { ERR_PACK(0, CRYPTOAPI_F_CERT_OPEN_SYSTEM_STORE, 0), "CertOpenSystemStore" }, { ERR_PACK(0, CRYPTOAPI_F_CERT_FIND_CERTIFICATE_IN_STORE, 0), "CertFindCertificateInStore" }, - { ERR_PACK(0, CRYPTOAPI_F_CRYPT_ACQUIRE_CERTIFICATE_PRIVATE_KEY, 0), "CryptAcquireCertificatePrivateKey" }, + { ERR_PACK(0, CRYPTOAPI_F_CRYPT_ACQUIRE_CERTIFICATE_PRIVATE_KEY, 0), "OpenVPNCryptAcquireCertificatePrivateKey" }, { ERR_PACK(0, CRYPTOAPI_F_CRYPT_CREATE_HASH, 0), "CryptCreateHash" }, { ERR_PACK(0, CRYPTOAPI_F_CRYPT_GET_HASH_PARAM, 0), "CryptGetHashParam" }, { ERR_PACK(0, CRYPTOAPI_F_CRYPT_SET_HASH_PARAM, 0), "CryptSetHashParam" }, @@ -387,16 +387,16 @@ int SSL_CTX_use_CryptoAPI_certificate(SSL_CTX *ssl_ctx, const char *cert_prop) goto err; } } - if (CryptAcquireCertificatePrivateKey == NULL) { - CryptAcquireCertificatePrivateKey = GetProcAddress(crypt32dll, - "CryptAcquireCertificatePrivateKey"); - if (CryptAcquireCertificatePrivateKey == NULL) { + if (OpenVPNCryptAcquireCertificatePrivateKey == NULL) { + OpenVPNCryptAcquireCertificatePrivateKey = GetProcAddress(crypt32dll, + "OpenVPNCryptAcquireCertificatePrivateKey"); + if (OpenVPNCryptAcquireCertificatePrivateKey == NULL) { CRYPTOAPIerr(CRYPTOAPI_F_GET_PROC_ADDRESS); goto err; } } #endif - if (!CryptAcquireCertificatePrivateKey(cd->cert_context, CRYPT_ACQUIRE_COMPARE_KEY_FLAG, + if (!OpenVPNCryptAcquireCertificatePrivateKey(cd->cert_context, CRYPT_ACQUIRE_COMPARE_KEY_FLAG, NULL, &cd->crypt_prov, &cd->key_spec, &cd->free_crypt_prov)) { /* if we don't have a smart card reader here, and we try to access a * smart card certificate, we get: @@ -96,7 +96,7 @@ # These settings will then drive the rest of the build process. install-win32/winconfig -# Delete the GENOUT directory if CLEAN="yes" +# clean all generated files install-win32/doclean # Load a pre-built GENOUT directory if GENOUT_PREBUILT is defined diff --git a/install-win32/openssl/README.txt b/install-win32/openssl/README.txt index 3afb0d4..6a042f4 100644 --- a/install-win32/openssl/README.txt +++ b/install-win32/openssl/README.txt @@ -2,20 +2,20 @@ Rebuild OpenSSL tarball without symbolic links, so it can be extracted on Windows (run on Unix): [download tarball and .asc sig] - gpg --verify openssl-0.9.8i.tar.gz.asc - tar xfz openssl-0.9.8i.tar.gz - tar cfzh openssl-0.9.8i-nolinks.tar.gz openssl-0.9.8i + gpg --verify openssl-0.9.8k.tar.gz.asc + tar xfz openssl-0.9.8k.tar.gz + tar cfzh openssl-0.9.8k-nolinks.tar.gz openssl-0.9.8k To apply patch (in MSYS shell): - cd /c/src/openssl-0.9.8i + cd /c/src/openssl-0.9.8k patch -p1 <../21/install-win32/openssl/openssl098.patch To build OpenSSL, open a command prompt window, then: - cd \src\openssl-0.9.8i + cd \src\openssl-0.9.8k ms\mw To build a new patch (optional): - diff -urw openssl-0.9.8i.orig openssl-0.9.8i | grep -v '^Only in' >openssl098.patch + diff -urw openssl-0.9.8k.orig openssl-0.9.8k | grep -v '^Only in' >openssl098.patch diff --git a/install-win32/settings.in b/install-win32/settings.in index e9159af..742fd31 100644 --- a/install-win32/settings.in +++ b/install-win32/settings.in @@ -22,7 +22,7 @@ ;!define OPENVPN_XGUI_DIR "../ovpnxml" # Prebuilt libraries. DMALLOC is optional. -!define OPENSSL_DIR "../openssl-0.9.8i" +!define OPENSSL_DIR "../openssl-0.9.8k" !define LZO_DIR "../lzo-2.02" !define PKCS11_HELPER_DIR "../pkcs11-helper" ;!define DMALLOC_DIR "../dmalloc-5.4.2" @@ -35,15 +35,15 @@ # tapinstall.exe source code. # Not needed if DRVBINSRC is defined # (or if using pre-built mode). -!define TISRC "../tapinstall" +;!define TISRC "../tapinstall" # TAP Adapter parameters. Note that PRODUCT_TAP_ID is # defined in version.m4. !define PRODUCT_TAP_DEVICE_DESCRIPTION "TAP-Win32 Adapter V9" !define PRODUCT_TAP_PROVIDER "TAP-Win32 Provider V9" !define PRODUCT_TAP_MAJOR_VER 9 -!define PRODUCT_TAP_MINOR_VER 4 -!define PRODUCT_TAP_RELDATE "01/22/2008" +!define PRODUCT_TAP_MINOR_VER 5 +!define PRODUCT_TAP_RELDATE "05/13/2009" # TAP adapter icon -- visible=0x81 or hidden=0x89 !define PRODUCT_TAP_CHARACTERISTICS 0x81 @@ -53,8 +53,8 @@ # DDK Version. # DDK distribution is assumed to be in C:\WINDDK\${DDKVER} -!define DDKVER 6001.17121 -!define DDKVER_MAJOR 6001 +;!define DDKVER 6001.18002 +;!define DDKVER_MAJOR 6001 # Code Signing. # If undefined, don't sign any files. |