Hi,
As reported by Lev here:
https://github.com/OpenVPN/openvpn-gui/pull/508#issuecomment-1174057372
I think its due to this in xkey-provider:
typedef void (XKEY_PRIVKEY_FREE_fn)(void *handle);
(and a similar one for SIGN_fn)
EVP_PKEY *
xkey_load_generic_key(OSSL_LIB_CTX *libctx, void *handle, EVP_PKEY *pubkey,
XKEY_EXTERNAL_SIGN_fn sign_op, XKEY_PRIVKEY_FREE_fn free_op)
{
...
<code to pass &sign_op and &free_op to openssl>
...
}
(see xkey_helper. around line:120, and xkey_common.h for declarations).
Note the lack of * before the sign_op and free_op variables in the function
definition and declaration (not shown). The typedefs are without a * as
well, but that is deliberate and intentional.
This is not flagged as a bug by gcc or msvc, and it seems both
automatically assign function pointers to sign_op and free_op as intended.
Problem seems to be that when I take the pointer to sign_op to pass to
OpenSSL, gcc does give a pointer to the function-ptr that we need, but msvc
does something else which later gets dereferenced in the provider.
In fact we had an error from msvc builds about sizeof(sign_op) not legal,
which should have been a red-flag. But we worked around it in
commit 627d1a3d28 by replacing it with sizeof(void *) --- typical
cast-away-the-bug solution.
Anyway, saying all this because I am not 100% sure that my analysis is
correct. Changing the function signature does appear to fix it though. Will
follow up with a patch.
It's a pity that we do not have a way to run unit tests on Windows builds.
I sometimes test mingw builds against some client-server setups, but msvc
builds may not be getting exercised enough --- especially with OpenSSL 3.0.
Thanks,
Selva
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
