Windows support
Nikos Mavrogiannopoulos
nmav at gnutls.org
Wed Feb 12 09:14:15 EST 2014
On Wed, Feb 12, 2014 at 12:22 PM, David Woodhouse <dwmw2 at infradead.org> wrote:
> But if the default build the "easy way" using Fedora's mingw packages is
> working (and it *is*, with both mingw32 and mingw64), then that'll be
> fine with me. I'm happy enough to stick a pkgconfig check in, just for
> Windows, for the known-problematic versions of GnuTLS. If only I knew
> for sure which those were... :)
You could avoid anything between 3.2.0 and 3.2.9 to be sure.
>> > Do we have support for using keys in the Windows certificate store?
>> Only the trusted CAs are loaded from there. For keys I think that this
>> API would work as a smart card so gnutls_privkey_import_ext2() should
>> be used (and only the signing function needed). From people that have
>> already done it, I was told that you need a signing function similar
>> to:
>> http://thewalter.net/git/cgit.cgi/p11-capi/tree/module/p11-capi-rsa.c#n180
> Hm, interesting.
> I note Stef's code is licence-compatible with GnuTLS. It would be very
> interesting if we could get proper support for the Windows key store
> into GnuTLS natively. And by "we" I don't really mean to do it myself
> this time; that's one rathole too far :)
I believe we've done quite a lot for the windows port. I guess any
other addition
should come from someone actually using that code. As I have no windows system
it is a very big burden to me to test any windows code, so I'll not
bother with that
unless there is someone contributing it.
regards,
Nikos
More information about the openconnect-devel
mailing list