Hi,
On Mon, Jun 14, 2021 at 10:30 AM Antonio Quartulli wrote:
> On 14/06/2021 16:26, Arne Schwabe wrote:
> > Put on the agenda for community meeting to decide if we want to
> > deprecate hand-window compeletely and reneg-sec under < 120?
> >
>
> Good idea! will do!
>
I used to have some remote
From: Lev Stipakov
These two patches prevent OpenSSL from loading
config from a user-writable location, which may
pose a security risk.
Lev Stipakov (2):
crypto_openssl.c: disable explicit initialization on Windows
contrib/vcpkg-ports: add openssl port with --no-autoload-config option
se
From: Lev Stipakov
Commit a4071b ("crypto_openssl: add initialization to pick up local
configuration")
added openssl initialization to load configuration file. However on Windows
this file is loaded from user-writable directory, such as c.\etc\ssl for mingw
builds
and (for example) c:\vcpkg\pac
From: Lev Stipakov
In default configuration OpenSSL loads config from
certain location on disk, for example
c:\vcpkg\packages\openssl_x64-windows\openvpn.cnf
which may pose a security risk.
There is "no-autoload-config" config option for OpenSSL
which disables this functionality:
https://gi
