]> git.ipfire.org Git - thirdparty/openvpn.git/commit
projects / thirdparty / openvpn.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 7a50f5f) | patch
msvc: adjust build options to harden binaries
authorLev Stipakov <lev@openvpn.net>
Fri, 18 Feb 2022 23:50:04 +0000 (01:50 +0200)
committerGert Doering <gert@greenie.muc.de>
Thu, 17 Mar 2022 12:59:40 +0000 (13:59 +0100)
commit2612125d7cf5e3c8687a3fab8fba61670ac12f35
tree352394c6fad3f4f8b849693a30dbe57ac8ac35d0tree
parent7a50f5f633ca179214d102806c582de9a076ec8acommit | diff
msvc: adjust build options to harden binaries

 - enable hardware-enforced stack protection on
compatible hardware/software (/CETCOMPAT linker option)

 - hash object files with SHA256 (/ZH:SHA_256 compiler option)

 - enable SDL. The required to add

    _CRT_NONSTDC_NO_DEPRECATE
    _CRT_SECURE_NO_WARNINGS
    _WINSOCK_DEPRECATED_NO_WARNINGS

preprocessor definitions. I don't feel like replacing strdup (which is
correct POSIX function) and inet_ntoa (we always pass IPv4 address to
it, inet_ntop will make code more complex)

Above issues were discovered by bitskim.

Signed-off-by: Lev Stipakov <lev@openvpn.net>
Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
Message-Id: <20220218235004.269-1-lstipakov@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23851.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
src/openvpn/crypto_openssl.c diff | blob | blame | history
src/openvpn/openvpn.vcxproj diff | blob | blame | history
src/openvpn/openvpn.vcxproj.filters diff | blob | blame | history
src/openvpnmsica/openvpnmsica.vcxproj diff | blob | blame | history
src/openvpnserv/openvpnserv.vcxproj diff | blob | blame | history
src/tapctl/tapctl.vcxproj diff | blob | blame | history
Mirror of https://github.com/OpenVPN/openvpn.git