Hi, On Tue, Jan 9, 2018 at 1:00 AM, Илья Шипицин <chipits...@gmail.com> wrote: > > > > 2018-01-08 7:21 GMT+05:00 <selva.n...@gmail.com>: >> >> From: Selva Nair <selva.n...@gmail.com> >> >> Hi, >> >> I am not sure how receptive the crypto maintaineres are to the >> idea of adding more code into cryptoapi.c, but here goes: >> >> I've been wanting to add TLS 1.2 support for certs in the >> Windows cert store using management external key. But that's >> a lot more work than extending cryptoapicert support. And, >> rather surprsingly, it turns out that the CNG API for signing is >> easy to use (well after some groping in the dark..) and doesn't >> take much to implement. >> >> So these patches.. >> >> The first patch is not really related and to make the existing code >> "openssl-1.1 ready" (missed by past patches as no one probably builds >> Windows binary with 1.1..). > > > there was an agreement on one of the recent community meetings to > gracefully deprecate both libressl and openssl-1.0.X in favour of > openssl-1.1.X > > so, we should learn how to build windows binary with 1.1.X :)
I had tested the patch with 1.1 and needed only minor changes to build script. See https://github.com/selvanair/openvpn-build pkcs11-helper build showed some warnings but I did not check further as I usually disable it. Selva ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
