diff options
author | Selva Nair | 2018-01-19 23:52:54 -0500 |
---|---|---|
committer | Gert Doering | 2018-01-25 09:49:39 +0100 |
commit | 51d57d7dad6c6380df7b76bbec1897ea4f98474d (patch) | |
tree | 3c699d7d9a8ecef5270425414e3bf62c31fbe581 /src/openvpn/Makefile.am | |
parent | e05aca4517b666740b384399348b995a3a646629 (diff) | |
download | openvpn-51d57d7dad6c6380df7b76bbec1897ea4f98474d.zip openvpn-51d57d7dad6c6380df7b76bbec1897ea4f98474d.tar.gz |
TLS v1.2 support for cryptoapicert -- RSA only
- If an NCRYPT handle for the private key can be obtained, use
NCryptSignHash from the Cryptography NG API to sign the hash.
This should work for all keys in the Windows certifiate stores
but may fail for keys in a legacy token, for example. In such
cases, we disable TLS v1.2 and fall back to the current
behaviour. A warning is logged unless TLS version is already
restricted to <= 1.1
Signed-off-by: Selva Nair <selva.nair@gmail.com>
Acked-by: Steffan Karger <steffan.karger@fox-it.com>
Message-Id: <1516423974-22159-1-git-send-email-selva.nair@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg16288.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Diffstat (limited to 'src/openvpn/Makefile.am')
-rw-r--r-- | src/openvpn/Makefile.am | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/openvpn/Makefile.am b/src/openvpn/Makefile.am index fcc22d6..1a2f42e 100644 --- a/src/openvpn/Makefile.am +++ b/src/openvpn/Makefile.am @@ -132,5 +132,5 @@ openvpn_LDADD = \ $(OPTIONAL_DL_LIBS) if WIN32 openvpn_SOURCES += openvpn_win32_resources.rc block_dns.c block_dns.h -openvpn_LDADD += -lgdi32 -lws2_32 -lwininet -lcrypt32 -liphlpapi -lwinmm -lfwpuclnt -lrpcrt4 +openvpn_LDADD += -lgdi32 -lws2_32 -lwininet -lcrypt32 -liphlpapi -lwinmm -lfwpuclnt -lrpcrt4 -lncrypt endif |