@@ -51,8 +51,8 @@

 #define CERT_STORE_OPEN_EXISTING_FLAG 0x00004000

 #define CRYPT_ACQUIRE_COMPARE_KEY_FLAG 0x00000004

 static HINSTANCE crypt32dll = NULL;

-static BOOL WINAPI (*CryptAcquireCertificatePrivateKey) (PCCERT_CONTEXT pCert, DWORD dwFlags,

-    void *pvReserved, HCRYPTPROV *phCryptProv, DWORD *pdwKeySpec, BOOL *pfCallerFreeProv) = NULL;

+static BOOL WINAPI (*OpenVPNCryptAcquireCertificatePrivateKey) (PCCERT_CONTEXT pCert, DWORD dwFlags,

+  void *pvReserved, HCRYPTPROV *phCryptProv, DWORD *pdwKeySpec, BOOL *pfCallerFreeProv) = NULL;

 #endif

 /* Size of an SSL signature: MD5+SHA1 */

@@ -75,7 +75,7 @@ static ERR_STRING_DATA CRYPTOAPI_str_functs[] =	{

     { ERR_PACK(ERR_LIB_CRYPTOAPI, 0, 0),				    "microsoft cryptoapi"},

     { ERR_PACK(0, CRYPTOAPI_F_CERT_OPEN_SYSTEM_STORE, 0),		    "CertOpenSystemStore" },

     { ERR_PACK(0, CRYPTOAPI_F_CERT_FIND_CERTIFICATE_IN_STORE, 0),	    "CertFindCertificateInStore" },

-    { ERR_PACK(0, CRYPTOAPI_F_CRYPT_ACQUIRE_CERTIFICATE_PRIVATE_KEY, 0),    "CryptAcquireCertificatePrivateKey" },

+    { ERR_PACK(0, CRYPTOAPI_F_CRYPT_ACQUIRE_CERTIFICATE_PRIVATE_KEY, 0),    "OpenVPNCryptAcquireCertificatePrivateKey" },

     { ERR_PACK(0, CRYPTOAPI_F_CRYPT_CREATE_HASH, 0),			    "CryptCreateHash" },

     { ERR_PACK(0, CRYPTOAPI_F_CRYPT_GET_HASH_PARAM, 0),			    "CryptGetHashParam" },

     { ERR_PACK(0, CRYPTOAPI_F_CRYPT_SET_HASH_PARAM, 0),			    "CryptSetHashParam" },

@@ -387,16 +387,16 @@ int SSL_CTX_use_CryptoAPI_certificate(SSL_CTX *ssl_ctx, const char *cert_prop)

 	    goto err;

 	}

     }

-    if (CryptAcquireCertificatePrivateKey == NULL) {

-	CryptAcquireCertificatePrivateKey = GetProcAddress(crypt32dll,

-		"CryptAcquireCertificatePrivateKey");

-	if (CryptAcquireCertificatePrivateKey == NULL) {

+    if (OpenVPNCryptAcquireCertificatePrivateKey == NULL) {

+	OpenVPNCryptAcquireCertificatePrivateKey = GetProcAddress(crypt32dll,

+		"OpenVPNCryptAcquireCertificatePrivateKey");

+	if (OpenVPNCryptAcquireCertificatePrivateKey == NULL) {

 	    CRYPTOAPIerr(CRYPTOAPI_F_GET_PROC_ADDRESS);

 	    goto err;

 	}

     }

 #endif

-    if (!CryptAcquireCertificatePrivateKey(cd->cert_context, CRYPT_ACQUIRE_COMPARE_KEY_FLAG,

+    if (!OpenVPNCryptAcquireCertificatePrivateKey(cd->cert_context, CRYPT_ACQUIRE_COMPARE_KEY_FLAG,

 	    NULL, &cd->crypt_prov, &cd->key_spec, &cd->free_crypt_prov)) {

 	/* if we don't have a smart card reader here, and we try to access a

 	 * smart card certificate, we get:

@@ -96,7 +96,7 @@

 # These settings will then drive the rest of the build process. 

 install-win32/winconfig

-# Delete the GENOUT directory if CLEAN="yes"

+# clean all generated files

 install-win32/doclean

 # Load a pre-built GENOUT directory if GENOUT_PREBUILT is defined

@@ -2,20 +2,20 @@ Rebuild OpenSSL tarball without symbolic links, so

 it can be extracted on Windows (run on Unix):

   [download tarball and .asc sig]

-  gpg --verify openssl-0.9.8i.tar.gz.asc

-  tar xfz openssl-0.9.8i.tar.gz

-  tar cfzh openssl-0.9.8i-nolinks.tar.gz openssl-0.9.8i

+  gpg --verify openssl-0.9.8k.tar.gz.asc

+  tar xfz openssl-0.9.8k.tar.gz

+  tar cfzh openssl-0.9.8k-nolinks.tar.gz openssl-0.9.8k

 To apply patch (in MSYS shell):

-  cd /c/src/openssl-0.9.8i

+  cd /c/src/openssl-0.9.8k

   patch -p1 <../21/install-win32/openssl/openssl098.patch

 To build OpenSSL, open a command prompt window, then:

-  cd \src\openssl-0.9.8i

+  cd \src\openssl-0.9.8k

   ms\mw

 To build a new patch (optional):

-  diff -urw openssl-0.9.8i.orig openssl-0.9.8i | grep -v '^Only in' >openssl098.patch

+  diff -urw openssl-0.9.8k.orig openssl-0.9.8k | grep -v '^Only in' >openssl098.patch

@@ -22,7 +22,7 @@

 ;!define OPENVPN_XGUI_DIR "../ovpnxml"

 # Prebuilt libraries.  DMALLOC is optional.

-!define OPENSSL_DIR	  "../openssl-0.9.8i"

+!define OPENSSL_DIR	  "../openssl-0.9.8k"

 !define LZO_DIR		  "../lzo-2.02"

 !define PKCS11_HELPER_DIR "../pkcs11-helper"

 ;!define DMALLOC_DIR	  "../dmalloc-5.4.2"

@@ -35,15 +35,15 @@

 # tapinstall.exe source code.

 # Not needed if DRVBINSRC is defined

 # (or if using pre-built mode).

-!define TISRC	"../tapinstall"

+;!define TISRC	"../tapinstall"

 # TAP Adapter parameters.  Note that PRODUCT_TAP_ID is

 # defined in version.m4.

 !define PRODUCT_TAP_DEVICE_DESCRIPTION  "TAP-Win32 Adapter V9"

 !define PRODUCT_TAP_PROVIDER            "TAP-Win32 Provider V9"

 !define PRODUCT_TAP_MAJOR_VER           9

-!define PRODUCT_TAP_MINOR_VER           4

-!define PRODUCT_TAP_RELDATE             "01/22/2008"

+!define PRODUCT_TAP_MINOR_VER           5

+!define PRODUCT_TAP_RELDATE             "05/13/2009"

 # TAP adapter icon -- visible=0x81 or hidden=0x89

 !define PRODUCT_TAP_CHARACTERISTICS     0x81

@@ -53,8 +53,8 @@

 # DDK Version.

 # DDK distribution is assumed to be in C:\WINDDK\${DDKVER}

-!define DDKVER	     6001.17121

-!define DDKVER_MAJOR 6001

+;!define DDKVER	     6001.18002

+;!define DDKVER_MAJOR 6001

 # Code Signing.

 # If undefined, don't sign any files.