Hi, As reported by Lev here: https://github.com/OpenVPN/openvpn-gui/pull/508#issuecomment-1174057372
I think its due to this in xkey-provider: typedef void (XKEY_PRIVKEY_FREE_fn)(void *handle); (and a similar one for SIGN_fn) EVP_PKEY * xkey_load_generic_key(OSSL_LIB_CTX *libctx, void *handle, EVP_PKEY *pubkey, XKEY_EXTERNAL_SIGN_fn sign_op, XKEY_PRIVKEY_FREE_fn free_op) { ... <code to pass &sign_op and &free_op to openssl> ... } (see xkey_helper. around line:120, and xkey_common.h for declarations). Note the lack of * before the sign_op and free_op variables in the function definition and declaration (not shown). The typedefs are without a * as well, but that is deliberate and intentional. This is not flagged as a bug by gcc or msvc, and it seems both automatically assign function pointers to sign_op and free_op as intended. Problem seems to be that when I take the pointer to sign_op to pass to OpenSSL, gcc does give a pointer to the function-ptr that we need, but msvc does something else which later gets dereferenced in the provider. In fact we had an error from msvc builds about sizeof(sign_op) not legal, which should have been a red-flag. But we worked around it in commit 627d1a3d28 by replacing it with sizeof(void *) --- typical cast-away-the-bug solution. Anyway, saying all this because I am not 100% sure that my analysis is correct. Changing the function signature does appear to fix it though. Will follow up with a patch. It's a pity that we do not have a way to run unit tests on Windows builds. I sometimes test mingw builds against some client-server setups, but msvc builds may not be getting exercised enough --- especially with OpenSSL 3.0. Thanks, Selva
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel