Do not support the use of OPENSSL_NO_EC on Windows.
We build Windows releases with EC key support enabled in
OpenSSL and there is no reason to disable it in OpenVPN.
TODO: If there are no platforms of interest where EC support
cannot be enabled in OpenSSL, we should make !defined(OPENSSL_NO_EC)
a general requirement.
Signed-off-by: Selva Nair <selva.nair@gmail.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <
20211019034118.28987-3-selva.nair@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg22952.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
#include <openssl/kdf.h>
#endif
+#if defined(_WIN32) && defined(OPENSSL_NO_EC)
+#error Windows build with OPENSSL_NO_EC: disabling EC key is not supported.
+#endif
+
/*
* Check for key size creepage.
*/
return 1;
}
-#if !defined(OPENSSL_NO_EC)
-
static EC_KEY_METHOD *ec_method = NULL;
/** EC_KEY_METHOD callback: called when the key is freed */
return 0;
}
-#endif /* !defined(OPENSSL_NO_EC) */
-
static const CERT_CONTEXT *
find_certificate_in_store(const char *cert_prop, HCERTSTORE cert_store)
{
goto err;
}
}
-#if !defined(OPENSSL_NO_EC)
else if (EVP_PKEY_id(pkey) == EVP_PKEY_EC)
{
if (!ssl_ctx_set_eckey(ssl_ctx, cd, pkey))
goto err;
}
}
-#endif /* !defined(OPENSSL_NO_EC) */
else
{
msg(M_WARN|M_INFO, "WARNING: cryptoapicert: key type <%d> not supported",
projects / thirdparty / openvpn.git / commitdiff
