Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.1-rc5 released
Hello Alon, > Oh... Building OpenVPN for Windows is very difficult task now... > I am working to simplify that... building pkcs11-helper with openssl support didn't work for me with mingw. the openssl symlinks don't work. A server that produces nightly builds would be nice ... -- what I done till now: Download + Install -- MinGW (c-compiler) + MSYS (make, etc) + Perl (alternativly Activestate Perl): http://www.mingw.org/download.shtml Man2html: http://hydra.nac.uci.edu/indiv/ehood/man2html.html OpenSSL 0.9.7 (need perl): http://www.openssl.org/source/ LZO 2: http://www.oberhumer.com/opensource/lzo/download/ pkcs11-helper (need man2html) http://www.opensc-project.org/files/pkcs11-helper/ nullsoft scriptable install system (NSIS) http://nsis.sourceforge.net/Download Windows Driver Development Kit http://www.microsoft.com/whdc/DevTools/ddk/default.mspx J:\WINDDK\3790.1830\src\setup\devcon Platform SDK (Windows Server 2003 R2 Platform SDK) http://www.microsoft.com/downloads/details.aspx?FamilyId=484269E2-3B89-47E3-8EB7-1F2BE6D7123A&displaylang=en Service.c Service.H (from Simple Service example) Compile --- 1. patch openssl 2. build openssl 3. build lzo 4. build pkcs11-helper with openssl engine 5. customize install-win32\settings.in 6. run domake-win greetings Carsten
Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.1-rc5 released
On Jan 27, 2008 8:57 PM, Dave wrote: > OK, I can report success on windows. Thanks! This is important!
Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.1-rc5 released
> Behalf Of Alon Bar-Lev > On Jan 27, 2008 7:04 PM, Dave wrote: > > > Can you explain the new options, or point me to where they are > > explained so I can reconfigure? > > There is a single ID now for PKCS#11 certificate, sync to all > projects OpenVPN, OpensSSH, QCA, eCryptfs etc... You use > pkcs11-id 'id' (mind the single quote). You can view id list > using show-pkcs11-ids. > > I updated the HOWTO: > http://openvpn.net/howto.html#pkcs11 > > So you don't need to specify any other option except of: > pkcs11-providers bt_csp11.dll pkcs11-id 'serialized-id' OK, I can report success on windows. -Dave
Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.1-rc5 released
On Jan 27, 2008 7:22 PM, Mirek Zajic wrote: > Where can I find PKCS#11 Windows binaries? If you mean OpenVPN binaries, > it is because I want to fix my NTLMv2 patch. Oh... Building OpenVPN for Windows is very difficult task now... I am working to simplify that... Alon.
Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.1-rc5 released
On Jan 27, 2008 7:04 PM, Dave wrote: > Can you explain the new options, or point me to where they are explained so > I can reconfigure? There is a single ID now for PKCS#11 certificate, sync to all projects OpenVPN, OpensSSH, QCA, eCryptfs etc... You use pkcs11-id 'id' (mind the single quote). You can view id list using show-pkcs11-ids. I updated the HOWTO: http://openvpn.net/howto.html#pkcs11 So you don't need to specify any other option except of: pkcs11-providers bt_csp11.dll pkcs11-id 'serialized-id' Alon
Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.1-rc5 released
Where can I find PKCS#11 Windows binaries? If you mean OpenVPN binaries, it is because I want to fix my NTLMv2 patch. Alon Bar-Lev napsal(a): On 1/27/08, Mirek Zajic wrote: I was trying to compile PKCS#11 for about three hours and I didn't succeed. I rather compiled OpenVPN without PKCS#11 support. Maybe that some scripts (.bat) would help because foolish Windows users (like me) are used to compile programs just by clicking "Compile". Playing with commandline, editing makefiles etc. is sometimes very confusing and it really isn't necessary. Why do you try to compile it? You can use James binaries to test OpenVPN on Windows. Alon.
Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.1-rc5 released
I would, but I cannot figure out how to map the old options to the current options. Previously, I used: #basic token selection pkcs11-providers bt_csp11.dll pkcs11-slot-type "label" pkcs11-slot "DavidLemley" pkcs11-sign-mode sign #select token keyset pkcs11-id-type label pkcs11-id "david_lemley_bestoken's ziggurat29 CA ID" Can you explain the new options, or point me to where they are explained so I can reconfigure? > -Original Message- > From: openvpn-users-boun...@lists.sourceforge.net > [mailto:openvpn-users-boun...@lists.sourceforge.net] On > Behalf Of Alon Bar-Lev > Sent: Sunday, January 27, 2008 12:58 AM > To: James Yonan > Cc: Openvpn-devel@lists.sourceforge.net; > openvpn-us...@lists.sourceforge.net > Subject: Re: [Openvpn-users] OpenVPN 2.1-rc5 released > > > Can anyone who uses PKCS#11 on Windows can acknowledge it works? > > Thanks! > > On 1/24/08, Alon Bar-Lev wrote: > > All PKCS#11 users, please notice, > > There was a major change in the parameters of PKCS#11, > please refer to > > the HOWTO: http://openvpn.net/howto.html#pkcs11 > > > > Regards, > > Alon Bar-Lev. > > -- > --- > This SF.net email is sponsored by: Microsoft > Defy all challenges. Microsoft(R) Visual Studio 2008. > http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ > ___ > Openvpn-users mailing list > openvpn-us...@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/openvpn-users >
Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.1-rc5 released
On 1/27/08, Mirek Zajic wrote: > I was trying to compile PKCS#11 for about three hours and I didn't > succeed. I rather compiled OpenVPN without PKCS#11 support. Maybe that > some scripts (.bat) would help because foolish Windows users (like me) > are used to compile programs just by clicking "Compile". Playing with > commandline, editing makefiles etc. is sometimes very confusing and it > really isn't necessary. Why do you try to compile it? You can use James binaries to test OpenVPN on Windows. Alon.
Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.1-rc5 released
I was trying to compile PKCS#11 for about three hours and I didn't succeed. I rather compiled OpenVPN without PKCS#11 support. Maybe that some scripts (.bat) would help because foolish Windows users (like me) are used to compile programs just by clicking "Compile". Playing with commandline, editing makefiles etc. is sometimes very confusing and it really isn't necessary. Alon Bar-Lev napsal(a): Can anyone who uses PKCS#11 on Windows can acknowledge it works? Thanks! On 1/24/08, Alon Bar-Lev wrote: All PKCS#11 users, please notice, There was a major change in the parameters of PKCS#11, please refer to the HOWTO: http://openvpn.net/howto.html#pkcs11 Regards, Alon Bar-Lev. - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel