summaryrefslogtreecommitdiff
path: root/src/libstrongswan/plugins
diff options
context:
space:
mode:
authorRene Mayrhofer <rene@mayrhofer.eu.org>2009-10-21 11:18:20 +0000
committerRene Mayrhofer <rene@mayrhofer.eu.org>2009-10-21 11:18:20 +0000
commita9b7f8d4a4a4202facd9690580b38542e7933f00 (patch)
treed82a9d506c62cff257e5292845b68df3ca5c60dc /src/libstrongswan/plugins
parent12263dccbbb6747d53b97333c3d6f0f17e1bffea (diff)
downloadvyos-strongswan-a9b7f8d4a4a4202facd9690580b38542e7933f00.tar.gz
vyos-strongswan-a9b7f8d4a4a4202facd9690580b38542e7933f00.zip
- New upstream release.
- Don't disable internal crypto plugins, pluto expects to find them in some cases. - Enable integrity checking.
Diffstat (limited to 'src/libstrongswan/plugins')
-rw-r--r--src/libstrongswan/plugins/aes/Makefile.am2
-rw-r--r--src/libstrongswan/plugins/aes/Makefile.in7
-rw-r--r--src/libstrongswan/plugins/agent/Makefile.am2
-rw-r--r--src/libstrongswan/plugins/agent/Makefile.in7
-rw-r--r--src/libstrongswan/plugins/blowfish/Makefile.am2
-rw-r--r--src/libstrongswan/plugins/blowfish/Makefile.in7
-rw-r--r--src/libstrongswan/plugins/curl/Makefile.am2
-rw-r--r--src/libstrongswan/plugins/curl/Makefile.in7
-rw-r--r--src/libstrongswan/plugins/des/Makefile.am2
-rw-r--r--src/libstrongswan/plugins/des/Makefile.in7
-rw-r--r--src/libstrongswan/plugins/fips_prf/Makefile.am2
-rw-r--r--src/libstrongswan/plugins/fips_prf/Makefile.in7
-rw-r--r--src/libstrongswan/plugins/gcrypt/Makefile.am2
-rw-r--r--src/libstrongswan/plugins/gcrypt/Makefile.in7
-rw-r--r--src/libstrongswan/plugins/gcrypt/gcrypt_hasher.c3
-rw-r--r--src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c4
-rw-r--r--src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c61
-rw-r--r--src/libstrongswan/plugins/gcrypt/gcrypt_rsa_public_key.c14
-rw-r--r--src/libstrongswan/plugins/gmp/Makefile.am2
-rw-r--r--src/libstrongswan/plugins/gmp/Makefile.in7
-rw-r--r--src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c2
-rw-r--r--src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c4
-rw-r--r--src/libstrongswan/plugins/hmac/Makefile.am2
-rw-r--r--src/libstrongswan/plugins/hmac/Makefile.in7
-rw-r--r--src/libstrongswan/plugins/ldap/Makefile.am2
-rw-r--r--src/libstrongswan/plugins/ldap/Makefile.in7
-rw-r--r--src/libstrongswan/plugins/md4/Makefile.am2
-rw-r--r--src/libstrongswan/plugins/md4/Makefile.in7
-rw-r--r--src/libstrongswan/plugins/md5/Makefile.am2
-rw-r--r--src/libstrongswan/plugins/md5/Makefile.in7
-rw-r--r--src/libstrongswan/plugins/mysql/Makefile.am2
-rw-r--r--src/libstrongswan/plugins/mysql/Makefile.in7
-rw-r--r--src/libstrongswan/plugins/mysql/mysql_database.c2
-rw-r--r--src/libstrongswan/plugins/openssl/Makefile.am2
-rw-r--r--src/libstrongswan/plugins/openssl/Makefile.in7
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_crypter.c18
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c20
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_hasher.c1
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_plugin.c8
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c2
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c2
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_util.c15
-rw-r--r--src/libstrongswan/plugins/padlock/Makefile.am2
-rw-r--r--src/libstrongswan/plugins/padlock/Makefile.in7
-rw-r--r--src/libstrongswan/plugins/padlock/padlock_plugin.c2
-rw-r--r--src/libstrongswan/plugins/plugin_loader.c27
-rw-r--r--src/libstrongswan/plugins/pubkey/Makefile.am2
-rw-r--r--src/libstrongswan/plugins/pubkey/Makefile.in7
-rw-r--r--src/libstrongswan/plugins/random/Makefile.am2
-rw-r--r--src/libstrongswan/plugins/random/Makefile.in7
-rw-r--r--src/libstrongswan/plugins/sha1/Makefile.am2
-rw-r--r--src/libstrongswan/plugins/sha1/Makefile.in7
-rw-r--r--src/libstrongswan/plugins/sha2/Makefile.am2
-rw-r--r--src/libstrongswan/plugins/sha2/Makefile.in7
-rw-r--r--src/libstrongswan/plugins/sha2/sha2_hasher.c64
-rw-r--r--src/libstrongswan/plugins/sha2/sha2_plugin.c2
-rw-r--r--src/libstrongswan/plugins/sqlite/Makefile.am2
-rw-r--r--src/libstrongswan/plugins/sqlite/Makefile.in7
-rw-r--r--src/libstrongswan/plugins/sqlite/sqlite_database.c2
-rw-r--r--src/libstrongswan/plugins/test_vectors/Makefile.am2
-rw-r--r--src/libstrongswan/plugins/test_vectors/Makefile.in7
-rw-r--r--src/libstrongswan/plugins/test_vectors/test_vectors.h3
-rw-r--r--src/libstrongswan/plugins/test_vectors/test_vectors/sha2.c35
-rw-r--r--src/libstrongswan/plugins/x509/Makefile.am2
-rw-r--r--src/libstrongswan/plugins/x509/Makefile.in7
-rw-r--r--src/libstrongswan/plugins/xcbc/Makefile.am2
-rw-r--r--src/libstrongswan/plugins/xcbc/Makefile.in7
67 files changed, 412 insertions, 86 deletions
diff --git a/src/libstrongswan/plugins/aes/Makefile.am b/src/libstrongswan/plugins/aes/Makefile.am
index e73040f27..a3101172f 100644
--- a/src/libstrongswan/plugins/aes/Makefile.am
+++ b/src/libstrongswan/plugins/aes/Makefile.am
@@ -6,5 +6,5 @@ AM_CFLAGS = -rdynamic
plugin_LTLIBRARIES = libstrongswan-aes.la
libstrongswan_aes_la_SOURCES = aes_plugin.h aes_plugin.c aes_crypter.c aes_crypter.h
-libstrongswan_aes_la_LDFLAGS = -module
+libstrongswan_aes_la_LDFLAGS = -module -avoid-version
diff --git a/src/libstrongswan/plugins/aes/Makefile.in b/src/libstrongswan/plugins/aes/Makefile.in
index 19d3249b5..4414b2ede 100644
--- a/src/libstrongswan/plugins/aes/Makefile.in
+++ b/src/libstrongswan/plugins/aes/Makefile.in
@@ -73,12 +73,14 @@ ETAGS = etags
CTAGS = ctags
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
+ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AR = @AR@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
AWK = @AWK@
+BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
@@ -143,6 +145,7 @@ RUBYINCLUDE = @RUBYINCLUDE@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
+SOCKLIB = @SOCKLIB@
STRIP = @STRIP@
VERSION = @VERSION@
YACC = @YACC@
@@ -183,7 +186,9 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
+ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
+ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
@@ -221,7 +226,7 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
plugin_LTLIBRARIES = libstrongswan-aes.la
libstrongswan_aes_la_SOURCES = aes_plugin.h aes_plugin.c aes_crypter.c aes_crypter.h
-libstrongswan_aes_la_LDFLAGS = -module
+libstrongswan_aes_la_LDFLAGS = -module -avoid-version
all: all-am
.SUFFIXES:
diff --git a/src/libstrongswan/plugins/agent/Makefile.am b/src/libstrongswan/plugins/agent/Makefile.am
index bc022aa26..e1000e562 100644
--- a/src/libstrongswan/plugins/agent/Makefile.am
+++ b/src/libstrongswan/plugins/agent/Makefile.am
@@ -8,5 +8,5 @@ plugin_LTLIBRARIES = libstrongswan-agent.la
libstrongswan_agent_la_SOURCES = agent_plugin.h agent_plugin.c \
agent_private_key.c agent_private_key.h
-libstrongswan_agent_la_LDFLAGS = -module
+libstrongswan_agent_la_LDFLAGS = -module -avoid-version
diff --git a/src/libstrongswan/plugins/agent/Makefile.in b/src/libstrongswan/plugins/agent/Makefile.in
index 5a5202262..a73edb362 100644
--- a/src/libstrongswan/plugins/agent/Makefile.in
+++ b/src/libstrongswan/plugins/agent/Makefile.in
@@ -74,12 +74,14 @@ ETAGS = etags
CTAGS = ctags
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
+ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AR = @AR@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
AWK = @AWK@
+BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
@@ -144,6 +146,7 @@ RUBYINCLUDE = @RUBYINCLUDE@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
+SOCKLIB = @SOCKLIB@
STRIP = @STRIP@
VERSION = @VERSION@
YACC = @YACC@
@@ -184,7 +187,9 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
+ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
+ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
@@ -224,7 +229,7 @@ plugin_LTLIBRARIES = libstrongswan-agent.la
libstrongswan_agent_la_SOURCES = agent_plugin.h agent_plugin.c \
agent_private_key.c agent_private_key.h
-libstrongswan_agent_la_LDFLAGS = -module
+libstrongswan_agent_la_LDFLAGS = -module -avoid-version
all: all-am
.SUFFIXES:
diff --git a/src/libstrongswan/plugins/blowfish/Makefile.am b/src/libstrongswan/plugins/blowfish/Makefile.am
index 6bb82169e..3fbc5893b 100644
--- a/src/libstrongswan/plugins/blowfish/Makefile.am
+++ b/src/libstrongswan/plugins/blowfish/Makefile.am
@@ -8,5 +8,5 @@ plugin_LTLIBRARIES = libstrongswan-blowfish.la
libstrongswan_blowfish_la_SOURCES = \
blowfish_plugin.h blowfish_plugin.c blowfish_crypter.c blowfish_crypter.h \
bf_skey.c blowfish.h bf_pi.h bf_locl.h bf_enc.c
-libstrongswan_blowfish_la_LDFLAGS = -module
+libstrongswan_blowfish_la_LDFLAGS = -module -avoid-version
diff --git a/src/libstrongswan/plugins/blowfish/Makefile.in b/src/libstrongswan/plugins/blowfish/Makefile.in
index 25cea73df..e536b5fc6 100644
--- a/src/libstrongswan/plugins/blowfish/Makefile.in
+++ b/src/libstrongswan/plugins/blowfish/Makefile.in
@@ -76,12 +76,14 @@ ETAGS = etags
CTAGS = ctags
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
+ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AR = @AR@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
AWK = @AWK@
+BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
@@ -146,6 +148,7 @@ RUBYINCLUDE = @RUBYINCLUDE@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
+SOCKLIB = @SOCKLIB@
STRIP = @STRIP@
VERSION = @VERSION@
YACC = @YACC@
@@ -186,7 +189,9 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
+ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
+ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
@@ -227,7 +232,7 @@ libstrongswan_blowfish_la_SOURCES = \
blowfish_plugin.h blowfish_plugin.c blowfish_crypter.c blowfish_crypter.h \
bf_skey.c blowfish.h bf_pi.h bf_locl.h bf_enc.c
-libstrongswan_blowfish_la_LDFLAGS = -module
+libstrongswan_blowfish_la_LDFLAGS = -module -avoid-version
all: all-am
.SUFFIXES:
diff --git a/src/libstrongswan/plugins/curl/Makefile.am b/src/libstrongswan/plugins/curl/Makefile.am
index 1b44516b2..f0a41e4ad 100644
--- a/src/libstrongswan/plugins/curl/Makefile.am
+++ b/src/libstrongswan/plugins/curl/Makefile.am
@@ -6,6 +6,6 @@ AM_CFLAGS = -rdynamic
plugin_LTLIBRARIES = libstrongswan-curl.la
libstrongswan_curl_la_SOURCES = curl_plugin.h curl_plugin.c curl_fetcher.c curl_fetcher.h
-libstrongswan_curl_la_LDFLAGS = -module
+libstrongswan_curl_la_LDFLAGS = -module -avoid-version
libstrongswan_curl_la_LIBADD = -lcurl
diff --git a/src/libstrongswan/plugins/curl/Makefile.in b/src/libstrongswan/plugins/curl/Makefile.in
index b413e035e..21d77ac8f 100644
--- a/src/libstrongswan/plugins/curl/Makefile.in
+++ b/src/libstrongswan/plugins/curl/Makefile.in
@@ -73,12 +73,14 @@ ETAGS = etags
CTAGS = ctags
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
+ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AR = @AR@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
AWK = @AWK@
+BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
@@ -143,6 +145,7 @@ RUBYINCLUDE = @RUBYINCLUDE@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
+SOCKLIB = @SOCKLIB@
STRIP = @STRIP@
VERSION = @VERSION@
YACC = @YACC@
@@ -183,7 +186,9 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
+ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
+ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
@@ -221,7 +226,7 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
plugin_LTLIBRARIES = libstrongswan-curl.la
libstrongswan_curl_la_SOURCES = curl_plugin.h curl_plugin.c curl_fetcher.c curl_fetcher.h
-libstrongswan_curl_la_LDFLAGS = -module
+libstrongswan_curl_la_LDFLAGS = -module -avoid-version
libstrongswan_curl_la_LIBADD = -lcurl
all: all-am
diff --git a/src/libstrongswan/plugins/des/Makefile.am b/src/libstrongswan/plugins/des/Makefile.am
index ea94eda8a..76cfbc419 100644
--- a/src/libstrongswan/plugins/des/Makefile.am
+++ b/src/libstrongswan/plugins/des/Makefile.am
@@ -6,5 +6,5 @@ AM_CFLAGS = -rdynamic
plugin_LTLIBRARIES = libstrongswan-des.la
libstrongswan_des_la_SOURCES = des_plugin.h des_plugin.c des_crypter.c des_crypter.h
-libstrongswan_des_la_LDFLAGS = -module
+libstrongswan_des_la_LDFLAGS = -module -avoid-version
diff --git a/src/libstrongswan/plugins/des/Makefile.in b/src/libstrongswan/plugins/des/Makefile.in
index bbca6a032..19da339fe 100644
--- a/src/libstrongswan/plugins/des/Makefile.in
+++ b/src/libstrongswan/plugins/des/Makefile.in
@@ -73,12 +73,14 @@ ETAGS = etags
CTAGS = ctags
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
+ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AR = @AR@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
AWK = @AWK@
+BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
@@ -143,6 +145,7 @@ RUBYINCLUDE = @RUBYINCLUDE@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
+SOCKLIB = @SOCKLIB@
STRIP = @STRIP@
VERSION = @VERSION@
YACC = @YACC@
@@ -183,7 +186,9 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
+ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
+ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
@@ -221,7 +226,7 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
plugin_LTLIBRARIES = libstrongswan-des.la
libstrongswan_des_la_SOURCES = des_plugin.h des_plugin.c des_crypter.c des_crypter.h
-libstrongswan_des_la_LDFLAGS = -module
+libstrongswan_des_la_LDFLAGS = -module -avoid-version
all: all-am
.SUFFIXES:
diff --git a/src/libstrongswan/plugins/fips_prf/Makefile.am b/src/libstrongswan/plugins/fips_prf/Makefile.am
index 73f28825a..d9431947e 100644
--- a/src/libstrongswan/plugins/fips_prf/Makefile.am
+++ b/src/libstrongswan/plugins/fips_prf/Makefile.am
@@ -6,5 +6,5 @@ AM_CFLAGS = -rdynamic
plugin_LTLIBRARIES = libstrongswan-fips-prf.la
libstrongswan_fips_prf_la_SOURCES = fips_prf_plugin.h fips_prf_plugin.c fips_prf.c fips_prf.h
-libstrongswan_fips_prf_la_LDFLAGS = -module
+libstrongswan_fips_prf_la_LDFLAGS = -module -avoid-version
diff --git a/src/libstrongswan/plugins/fips_prf/Makefile.in b/src/libstrongswan/plugins/fips_prf/Makefile.in
index 881d7a36e..5dcae7f27 100644
--- a/src/libstrongswan/plugins/fips_prf/Makefile.in
+++ b/src/libstrongswan/plugins/fips_prf/Makefile.in
@@ -75,12 +75,14 @@ ETAGS = etags
CTAGS = ctags
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
+ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AR = @AR@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
AWK = @AWK@
+BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
@@ -145,6 +147,7 @@ RUBYINCLUDE = @RUBYINCLUDE@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
+SOCKLIB = @SOCKLIB@
STRIP = @STRIP@
VERSION = @VERSION@
YACC = @YACC@
@@ -185,7 +188,9 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
+ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
+ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
@@ -223,7 +228,7 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
plugin_LTLIBRARIES = libstrongswan-fips-prf.la
libstrongswan_fips_prf_la_SOURCES = fips_prf_plugin.h fips_prf_plugin.c fips_prf.c fips_prf.h
-libstrongswan_fips_prf_la_LDFLAGS = -module
+libstrongswan_fips_prf_la_LDFLAGS = -module -avoid-version
all: all-am
.SUFFIXES:
diff --git a/src/libstrongswan/plugins/gcrypt/Makefile.am b/src/libstrongswan/plugins/gcrypt/Makefile.am
index 72cc409fc..7394676e2 100644
--- a/src/libstrongswan/plugins/gcrypt/Makefile.am
+++ b/src/libstrongswan/plugins/gcrypt/Makefile.am
@@ -13,5 +13,5 @@ libstrongswan_gcrypt_la_SOURCES = gcrypt_plugin.h gcrypt_plugin.c \
gcrypt_crypter.h gcrypt_crypter.c \
gcrypt_hasher.h gcrypt_hasher.c
-libstrongswan_gcrypt_la_LDFLAGS = -module
+libstrongswan_gcrypt_la_LDFLAGS = -module -avoid-version
libstrongswan_gcrypt_la_LIBADD = $(LIBGCRYPT_LIBS)
diff --git a/src/libstrongswan/plugins/gcrypt/Makefile.in b/src/libstrongswan/plugins/gcrypt/Makefile.in
index 49994c593..e3d27f7f8 100644
--- a/src/libstrongswan/plugins/gcrypt/Makefile.in
+++ b/src/libstrongswan/plugins/gcrypt/Makefile.in
@@ -77,12 +77,14 @@ ETAGS = etags
CTAGS = ctags
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
+ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AR = @AR@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
AWK = @AWK@
+BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
@@ -147,6 +149,7 @@ RUBYINCLUDE = @RUBYINCLUDE@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
+SOCKLIB = @SOCKLIB@
STRIP = @STRIP@
VERSION = @VERSION@
YACC = @YACC@
@@ -187,7 +190,9 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
+ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
+ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
@@ -232,7 +237,7 @@ libstrongswan_gcrypt_la_SOURCES = gcrypt_plugin.h gcrypt_plugin.c \
gcrypt_crypter.h gcrypt_crypter.c \
gcrypt_hasher.h gcrypt_hasher.c
-libstrongswan_gcrypt_la_LDFLAGS = -module
+libstrongswan_gcrypt_la_LDFLAGS = -module -avoid-version
libstrongswan_gcrypt_la_LIBADD = $(LIBGCRYPT_LIBS)
all: all-am
diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_hasher.c b/src/libstrongswan/plugins/gcrypt/gcrypt_hasher.c
index 785ebda90..41e17c897 100644
--- a/src/libstrongswan/plugins/gcrypt/gcrypt_hasher.c
+++ b/src/libstrongswan/plugins/gcrypt/gcrypt_hasher.c
@@ -116,6 +116,9 @@ gcrypt_hasher_t *gcrypt_hasher_create(hash_algorithm_t algo)
case HASH_SHA1:
gcrypt_alg = GCRY_MD_SHA1;
break;
+ case HASH_SHA224:
+ gcrypt_alg = GCRY_MD_SHA224;
+ break;
case HASH_SHA256:
gcrypt_alg = GCRY_MD_SHA256;
break;
diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c b/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c
index 547329dde..939e0886c 100644
--- a/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c
+++ b/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c
@@ -47,7 +47,7 @@ struct private_gcrypt_plugin_t {
*/
static int mutex_init(void **lock)
{
- *lock = mutex_create(MUTEX_DEFAULT);
+ *lock = mutex_create(MUTEX_TYPE_DEFAULT);
return 0;
}
@@ -148,6 +148,8 @@ plugin_t *plugin_create()
(hasher_constructor_t)gcrypt_hasher_create);
lib->crypto->add_hasher(lib->crypto, HASH_MD5,
(hasher_constructor_t)gcrypt_hasher_create);
+ lib->crypto->add_hasher(lib->crypto, HASH_SHA224,
+ (hasher_constructor_t)gcrypt_hasher_create);
lib->crypto->add_hasher(lib->crypto, HASH_SHA256,
(hasher_constructor_t)gcrypt_hasher_create);
lib->crypto->add_hasher(lib->crypto, HASH_SHA384,
diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c
index 611ab2467..e0e8015db 100644
--- a/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c
+++ b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c
@@ -61,12 +61,14 @@ struct private_gcrypt_rsa_private_key_t {
public_key_t *gcrypt_rsa_public_key_create_from_sexp(gcry_sexp_t key);
/**
- * find a token in a S-expression
+ * find a token in a S-expression. If a key is given, its length is used to
+ * pad the output to a given length.
*/
-chunk_t gcrypt_rsa_find_token(gcry_sexp_t sexp, char *name)
+chunk_t gcrypt_rsa_find_token(gcry_sexp_t sexp, char *name, gcry_sexp_t key)
{
gcry_sexp_t token;
- chunk_t data = chunk_empty;
+ chunk_t data = chunk_empty, tmp;
+ size_t len = 0;
token = gcry_sexp_find_token(sexp, name, 1);
if (token)
@@ -76,7 +78,36 @@ chunk_t gcrypt_rsa_find_token(gcry_sexp_t sexp, char *name)
{
data.len = 0;
}
- data = chunk_clone(data);
+ else
+ {
+ if (key)
+ {
+ /* gcrypt might return more bytes than necessary. Truncate
+ * to key lenght if key given, or prepend zeros if needed */
+ len = gcry_pk_get_nbits(key);
+ len = len / 8 + (len % 8 ? 1 : 0);
+ if (len > data.len)
+ {
+ tmp = chunk_alloc(len);
+ len -= data.len;
+ memset(tmp.ptr, 0, tmp.len - len);
+ memcpy(tmp.ptr + len, data.ptr, data.len);
+ data = tmp;
+ }
+ else if (len < data.len)
+ {
+ data = chunk_clone(chunk_skip(data, data.len - len));
+ }
+ else
+ {
+ data = chunk_clone(data);
+ }
+ }
+ else
+ {
+ data = chunk_clone(data);
+ }
+ }
gcry_sexp_release(token);
}
return data;
@@ -124,7 +155,7 @@ static bool sign_raw(private_gcrypt_rsa_private_key_t *this,
DBG1("creating pkcs1 signature failed: %s", gpg_strerror(err));
return FALSE;
}
- *signature = gcrypt_rsa_find_token(out, "s");
+ *signature = gcrypt_rsa_find_token(out, "s", this->key);
gcry_sexp_release(out);
return !!signature->len;
}
@@ -170,7 +201,7 @@ static bool sign_pkcs1(private_gcrypt_rsa_private_key_t *this,
DBG1("creating pkcs1 signature failed: %s", gpg_strerror(err));
return FALSE;
}
- *signature = gcrypt_rsa_find_token(out, "s");
+ *signature = gcrypt_rsa_find_token(out, "s", this->key);
gcry_sexp_release(out);
return !!signature->len;
}
@@ -195,6 +226,8 @@ static bool sign(private_gcrypt_rsa_private_key_t *this, signature_scheme_t sche
return sign_raw(this, data, sig);
case SIGN_RSA_EMSA_PKCS1_SHA1:
return sign_pkcs1(this, HASH_SHA1, "sha1", data, sig);
+ case SIGN_RSA_EMSA_PKCS1_SHA224:
+ return sign_pkcs1(this, HASH_SHA224, "sha224", data, sig);
case SIGN_RSA_EMSA_PKCS1_SHA256:
return sign_pkcs1(this, HASH_SHA256, "sha256", data, sig);
case SIGN_RSA_EMSA_PKCS1_SHA384:
@@ -353,9 +386,9 @@ static chunk_t get_encoding(private_gcrypt_rsa_private_key_t *this)
gcry_error_t err;
/* p and q are swapped, gcrypt expects p < q */
- cp = gcrypt_rsa_find_token(this->key, "q");
- cq = gcrypt_rsa_find_token(this->key, "p");
- cd = gcrypt_rsa_find_token(this->key, "d");
+ cp = gcrypt_rsa_find_token(this->key, "q", NULL);
+ cq = gcrypt_rsa_find_token(this->key, "p", NULL);
+ cd = gcrypt_rsa_find_token(this->key, "d", NULL);
err = gcry_mpi_scan(&p, GCRYMPI_FMT_USG, cp.ptr, cp.len, NULL)
| gcry_mpi_scan(&q, GCRYMPI_FMT_USG, cq.ptr, cq.len, NULL)
@@ -401,14 +434,14 @@ static chunk_t get_encoding(private_gcrypt_rsa_private_key_t *this)
}
return asn1_wrap(ASN1_SEQUENCE, "cmmmmmmmm", ASN1_INTEGER_0,
- asn1_integer("m", gcrypt_rsa_find_token(this->key, "n")),
- asn1_integer("m", gcrypt_rsa_find_token(this->key, "e")),
+ asn1_integer("m", gcrypt_rsa_find_token(this->key, "n", NULL)),
+ asn1_integer("m", gcrypt_rsa_find_token(this->key, "e", NULL)),
asn1_integer("m", cd),
asn1_integer("m", cp),
asn1_integer("m", cq),
asn1_integer("m", cexp1),
asn1_integer("m", cexp2),
- asn1_integer("m", gcrypt_rsa_find_token(this->key, "u")));
+ asn1_integer("m", gcrypt_rsa_find_token(this->key, "u", NULL)));
}
/**
@@ -477,8 +510,8 @@ bool gcrypt_rsa_build_keyids(gcry_sexp_t key, identification_t **keyid,
return FALSE;
}
publicKey = asn1_wrap(ASN1_SEQUENCE, "mm",
- asn1_integer("m", gcrypt_rsa_find_token(key, "n")),
- asn1_integer("m", gcrypt_rsa_find_token(key, "e")));
+ asn1_integer("m", gcrypt_rsa_find_token(key, "n", NULL)),
+ asn1_integer("m", gcrypt_rsa_find_token(key, "e", NULL)));
hasher->allocate_hash(hasher, publicKey, &hash);
*keyid = identification_create_from_encoding(ID_PUBKEY_SHA1, hash);
chunk_free(&hash);
diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_public_key.c b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_public_key.c
index 8024f58a7..4d9c88c6d 100644
--- a/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_public_key.c
+++ b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_public_key.c
@@ -60,7 +60,7 @@ struct private_gcrypt_rsa_public_key_t {
/**
* Implemented in gcrypt_rsa_private_key.c
*/
-chunk_t gcrypt_rsa_find_token(gcry_sexp_t sexp, char *name);
+chunk_t gcrypt_rsa_find_token(gcry_sexp_t sexp, char *name, gcry_sexp_t key);
bool gcrypt_rsa_build_keyids(gcry_sexp_t key, identification_t **keyid,
identification_t **keyid_info);
@@ -188,6 +188,8 @@ static bool verify(private_gcrypt_rsa_public_key_t *this,
return verify_pkcs1(this, HASH_MD5, "md5", data, signature);
case SIGN_RSA_EMSA_PKCS1_SHA1:
return verify_pkcs1(this, HASH_SHA1, "sha1", data, signature);
+ case SIGN_RSA_EMSA_PKCS1_SHA224:
+ return verify_pkcs1(this, HASH_SHA224, "sha224", data, signature);
case SIGN_RSA_EMSA_PKCS1_SHA256:
return verify_pkcs1(this, HASH_SHA256, "sha256", data, signature);
case SIGN_RSA_EMSA_PKCS1_SHA384:
@@ -226,7 +228,7 @@ static bool encrypt_(private_gcrypt_rsa_public_key_t *this, chunk_t plain,
DBG1("encrypting data using pkcs1 failed: %s", gpg_strerror(err));
return FALSE;
}
- *encrypted = gcrypt_rsa_find_token(out, "a");
+ *encrypted = gcrypt_rsa_find_token(out, "a", this->key);
gcry_sexp_release(out);
return !!encrypted->len;
}
@@ -290,8 +292,8 @@ static identification_t *get_id(private_gcrypt_rsa_public_key_t *this,
static chunk_t get_encoding(private_gcrypt_rsa_public_key_t *this)
{
return asn1_wrap(ASN1_SEQUENCE, "mm",
- asn1_integer("m", gcrypt_rsa_find_token(this->key, "n")),
- asn1_integer("m", gcrypt_rsa_find_token(this->key, "e")));
+ asn1_integer("m", gcrypt_rsa_find_token(this->key, "n", NULL)),
+ asn1_integer("m", gcrypt_rsa_find_token(this->key, "e", NULL)));
}
/**
@@ -352,8 +354,8 @@ public_key_t *gcrypt_rsa_public_key_create_from_sexp(gcry_sexp_t key)
chunk_t n, e;
this = gcrypt_rsa_public_key_create_empty();
- n = gcrypt_rsa_find_token(key, "n");
- e = gcrypt_rsa_find_token(key, "e");
+ n = gcrypt_rsa_find_token(key, "n", NULL);
+ e = gcrypt_rsa_find_token(key, "e", NULL);
err = gcry_sexp_build(&this->key, NULL, "(public-key(rsa(n %b)(e %b)))",
n.len, n.ptr, e.len, e.ptr);
diff --git a/src/libstrongswan/plugins/gmp/Makefile.am b/src/libstrongswan/plugins/gmp/Makefile.am
index f073b5d48..1ab358328 100644
--- a/src/libstrongswan/plugins/gmp/Makefile.am
+++ b/src/libstrongswan/plugins/gmp/Makefile.am
@@ -10,6 +10,6 @@ libstrongswan_gmp_la_SOURCES = gmp_plugin.h gmp_plugin.c \
gmp_rsa_private_key.c gmp_rsa_private_key.h \
gmp_rsa_public_key.c gmp_rsa_public_key.h
-libstrongswan_gmp_la_LDFLAGS = -module
+libstrongswan_gmp_la_LDFLAGS = -module -avoid-version
libstrongswan_gmp_la_LIBADD = -lgmp
diff --git a/src/libstrongswan/plugins/gmp/Makefile.in b/src/libstrongswan/plugins/gmp/Makefile.in
index a60cd998c..8d5dff34b 100644
--- a/src/libstrongswan/plugins/gmp/Makefile.in
+++ b/src/libstrongswan/plugins/gmp/Makefile.in
@@ -74,12 +74,14 @@ ETAGS = etags
CTAGS = ctags
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
+ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AR = @AR@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
AWK = @AWK@
+BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
@@ -144,6 +146,7 @@ RUBYINCLUDE = @RUBYINCLUDE@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
+SOCKLIB = @SOCKLIB@
STRIP = @STRIP@
VERSION = @VERSION@
YACC = @YACC@
@@ -184,7 +187,9 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
+ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
+ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
@@ -226,7 +231,7 @@ libstrongswan_gmp_la_SOURCES = gmp_plugin.h gmp_plugin.c \
gmp_rsa_private_key.c gmp_rsa_private_key.h \
gmp_rsa_public_key.c gmp_rsa_public_key.h
-libstrongswan_gmp_la_LDFLAGS = -module
+libstrongswan_gmp_la_LDFLAGS = -module -avoid-version
libstrongswan_gmp_la_LIBADD = -lgmp
all: all-am
diff --git a/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c b/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c
index cbc112762..259c8e9ad 100644
--- a/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c
+++ b/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c
@@ -301,6 +301,8 @@ static bool sign(private_gmp_rsa_private_key_t *this, signature_scheme_t scheme,
return build_emsa_pkcs1_signature(this, HASH_UNKNOWN, data, signature);
case SIGN_RSA_EMSA_PKCS1_SHA1:
return build_emsa_pkcs1_signature(this, HASH_SHA1, data, signature);
+ case SIGN_RSA_EMSA_PKCS1_SHA224:
+ return build_emsa_pkcs1_signature(this, HASH_SHA224, data, signature);
case SIGN_RSA_EMSA_PKCS1_SHA256:
return build_emsa_pkcs1_signature(this, HASH_SHA256, data, signature);
case SIGN_RSA_EMSA_PKCS1_SHA384:
diff --git a/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c b/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c
index 1f3e3072f..c26187c64 100644
--- a/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c
+++ b/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c
@@ -301,6 +301,8 @@ static bool verify(private_gmp_rsa_public_key_t *this, signature_scheme_t scheme
return verify_emsa_pkcs1_signature(this, HASH_MD5, data, signature);
case SIGN_RSA_EMSA_PKCS1_SHA1:
return verify_emsa_pkcs1_signature(this, HASH_SHA1, data, signature);
+ case SIGN_RSA_EMSA_PKCS1_SHA224:
+ return verify_emsa_pkcs1_signature(this, HASH_SHA224, data, signature);
case SIGN_RSA_EMSA_PKCS1_SHA256:
return verify_emsa_pkcs1_signature(this, HASH_SHA256, data, signature);
case SIGN_RSA_EMSA_PKCS1_SHA384:
@@ -417,7 +419,7 @@ static size_t get_keysize(private_gmp_rsa_public_key_t *this)
/**
* Build the PGP version 3 RSA key identifier from n and e using
- * MD5 hashed modulus and exponent. Also used in rsa_private_key.c.
+ * MD5 hashed modulus and exponent.
*/
static identification_t* gmp_rsa_build_pgp_v3_keyid(mpz_t n, mpz_t e)
{
diff --git a/src/libstrongswan/plugins/hmac/Makefile.am b/src/libstrongswan/plugins/hmac/Makefile.am
index 89e0638f3..1856cad2d 100644
--- a/src/libstrongswan/plugins/hmac/Makefile.am
+++ b/src/libstrongswan/plugins/hmac/Makefile.am
@@ -7,5 +7,5 @@ plugin_LTLIBRARIES = libstrongswan-hmac.la
libstrongswan_hmac_la_SOURCES = hmac_plugin.h hmac_plugin.c hmac.h hmac.c \
hmac_prf.h hmac_prf.c hmac_signer.h hmac_signer.c
-libstrongswan_hmac_la_LDFLAGS = -module
+libstrongswan_hmac_la_LDFLAGS = -module -avoid-version
diff --git a/src/libstrongswan/plugins/hmac/Makefile.in b/src/libstrongswan/plugins/hmac/Makefile.in
index fc36bd9fa..389bde8f9 100644
--- a/src/libstrongswan/plugins/hmac/Makefile.in
+++ b/src/libstrongswan/plugins/hmac/Makefile.in
@@ -74,12 +74,14 @@ ETAGS = etags
CTAGS = ctags
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
+ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AR = @AR@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
AWK = @AWK@
+BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
@@ -144,6 +146,7 @@ RUBYINCLUDE = @RUBYINCLUDE@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
+SOCKLIB = @SOCKLIB@
STRIP = @STRIP@
VERSION = @VERSION@
YACC = @YACC@
@@ -184,7 +187,9 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
+ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
+ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
@@ -224,7 +229,7 @@ plugin_LTLIBRARIES = libstrongswan-hmac.la
libstrongswan_hmac_la_SOURCES = hmac_plugin.h hmac_plugin.c hmac.h hmac.c \
hmac_prf.h hmac_prf.c hmac_signer.h hmac_signer.c
-libstrongswan_hmac_la_LDFLAGS = -module
+libstrongswan_hmac_la_LDFLAGS = -module -avoid-version
all: all-am
.SUFFIXES:
diff --git a/src/libstrongswan/plugins/ldap/Makefile.am b/src/libstrongswan/plugins/ldap/Makefile.am
index ac6b4be00..6ad073d97 100644
--- a/src/libstrongswan/plugins/ldap/Makefile.am
+++ b/src/libstrongswan/plugins/ldap/Makefile.am
@@ -6,6 +6,6 @@ AM_CFLAGS = -rdynamic
plugin_LTLIBRARIES = libstrongswan-ldap.la
libstrongswan_ldap_la_SOURCES = ldap_plugin.h ldap_plugin.c ldap_fetcher.h ldap_fetcher.c
-libstrongswan_ldap_la_LDFLAGS = -module
+libstrongswan_ldap_la_LDFLAGS = -module -avoid-version
libstrongswan_ldap_la_LIBADD = -lldap -llber
diff --git a/src/libstrongswan/plugins/ldap/Makefile.in b/src/libstrongswan/plugins/ldap/Makefile.in
index 6eefc8546..93fc9a0c1 100644
--- a/src/libstrongswan/plugins/ldap/Makefile.in
+++ b/src/libstrongswan/plugins/ldap/Makefile.in
@@ -73,12 +73,14 @@ ETAGS = etags
CTAGS = ctags
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
+ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AR = @AR@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
AWK = @AWK@
+BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
@@ -143,6 +145,7 @@ RUBYINCLUDE = @RUBYINCLUDE@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
+SOCKLIB = @SOCKLIB@
STRIP = @STRIP@
VERSION = @VERSION@
YACC = @YACC@
@@ -183,7 +186,9 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
+ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
+ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
@@ -221,7 +226,7 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
plugin_LTLIBRARIES = libstrongswan-ldap.la
libstrongswan_ldap_la_SOURCES = ldap_plugin.h ldap_plugin.c ldap_fetcher.h ldap_fetcher.c
-libstrongswan_ldap_la_LDFLAGS = -module
+libstrongswan_ldap_la_LDFLAGS = -module -avoid-version
libstrongswan_ldap_la_LIBADD = -lldap -llber
all: all-am
diff --git a/src/libstrongswan/plugins/md4/Makefile.am b/src/libstrongswan/plugins/md4/Makefile.am
index f984322a6..a47da2e8e 100644
--- a/src/libstrongswan/plugins/md4/Makefile.am
+++ b/src/libstrongswan/plugins/md4/Makefile.am
@@ -6,5 +6,5 @@ AM_CFLAGS = -rdynamic
plugin_LTLIBRARIES = libstrongswan-md4.la
libstrongswan_md4_la_SOURCES = md4_plugin.h md4_plugin.c md4_hasher.c md4_hasher.h
-libstrongswan_md4_la_LDFLAGS = -module
+libstrongswan_md4_la_LDFLAGS = -module -avoid-version
diff --git a/src/libstrongswan/plugins/md4/Makefile.in b/src/libstrongswan/plugins/md4/Makefile.in
index efdb64e90..7ca6a20cc 100644
--- a/src/libstrongswan/plugins/md4/Makefile.in
+++ b/src/libstrongswan/plugins/md4/Makefile.in
@@ -73,12 +73,14 @@ ETAGS = etags
CTAGS = ctags
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
+ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AR = @AR@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
AWK = @AWK@
+BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
@@ -143,6 +145,7 @@ RUBYINCLUDE = @RUBYINCLUDE@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
+SOCKLIB = @SOCKLIB@
STRIP = @STRIP@
VERSION = @VERSION@
YACC = @YACC@
@@ -183,7 +186,9 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
+ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
+ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
@@ -221,7 +226,7 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
plugin_LTLIBRARIES = libstrongswan-md4.la
libstrongswan_md4_la_SOURCES = md4_plugin.h md4_plugin.c md4_hasher.c md4_hasher.h
-libstrongswan_md4_la_LDFLAGS = -module
+libstrongswan_md4_la_LDFLAGS = -module -avoid-version
all: all-am
.SUFFIXES:
diff --git a/src/libstrongswan/plugins/md5/Makefile.am b/src/libstrongswan/plugins/md5/Makefile.am
index 0a9c5cbf4..ce0611c13 100644
--- a/src/libstrongswan/plugins/md5/Makefile.am
+++ b/src/libstrongswan/plugins/md5/Makefile.am
@@ -6,5 +6,5 @@ AM_CFLAGS = -rdynamic
plugin_LTLIBRARIES = libstrongswan-md5.la
libstrongswan_md5_la_SOURCES = md5_plugin.h md5_plugin.c md5_hasher.c md5_hasher.h
-libstrongswan_md5_la_LDFLAGS = -module
+libstrongswan_md5_la_LDFLAGS = -module -avoid-version
diff --git a/src/libstrongswan/plugins/md5/Makefile.in b/src/libstrongswan/plugins/md5/Makefile.in
index 15c98aba4..fb9bc4b4d 100644
--- a/src/libstrongswan/plugins/md5/Makefile.in
+++ b/src/libstrongswan/plugins/md5/Makefile.in
@@ -73,12 +73,14 @@ ETAGS = etags
CTAGS = ctags
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
+ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AR = @AR@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
AWK = @AWK@
+BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
@@ -143,6 +145,7 @@ RUBYINCLUDE = @RUBYINCLUDE@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
+SOCKLIB = @SOCKLIB@
STRIP = @STRIP@
VERSION = @VERSION@
YACC = @YACC@
@@ -183,7 +186,9 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
+ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
+ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
@@ -221,7 +226,7 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
plugin_LTLIBRARIES = libstrongswan-md5.la
libstrongswan_md5_la_SOURCES = md5_plugin.h md5_plugin.c md5_hasher.c md5_hasher.h
-libstrongswan_md5_la_LDFLAGS = -module
+libstrongswan_md5_la_LDFLAGS = -module -avoid-version
all: all-am
.SUFFIXES:
diff --git a/src/libstrongswan/plugins/mysql/Makefile.am b/src/libstrongswan/plugins/mysql/Makefile.am
index ec94b8fda..0daf7655b 100644
--- a/src/libstrongswan/plugins/mysql/Makefile.am
+++ b/src/libstrongswan/plugins/mysql/Makefile.am
@@ -7,6 +7,6 @@ plugin_LTLIBRARIES = libstrongswan-mysql.la
libstrongswan_mysql_la_SOURCES = mysql_plugin.h mysql_plugin.c \
mysql_database.h mysql_database.c
-libstrongswan_mysql_la_LDFLAGS = -module
+libstrongswan_mysql_la_LDFLAGS = -module -avoid-version
libstrongswan_mysql_la_LIBADD = -lmysqlclient_r
diff --git a/src/libstrongswan/plugins/mysql/Makefile.in b/src/libstrongswan/plugins/mysql/Makefile.in
index 26b514ad6..21fe61923 100644
--- a/src/libstrongswan/plugins/mysql/Makefile.in
+++ b/src/libstrongswan/plugins/mysql/Makefile.in
@@ -73,12 +73,14 @@ ETAGS = etags
CTAGS = ctags
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
+ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AR = @AR@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
AWK = @AWK@
+BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
@@ -143,6 +145,7 @@ RUBYINCLUDE = @RUBYINCLUDE@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
+SOCKLIB = @SOCKLIB@
STRIP = @STRIP@
VERSION = @VERSION@
YACC = @YACC@
@@ -183,7 +186,9 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
+ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
+ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
@@ -223,7 +228,7 @@ plugin_LTLIBRARIES = libstrongswan-mysql.la
libstrongswan_mysql_la_SOURCES = mysql_plugin.h mysql_plugin.c \
mysql_database.h mysql_database.c
-libstrongswan_mysql_la_LDFLAGS = -module
+libstrongswan_mysql_la_LDFLAGS = -module -avoid-version
libstrongswan_mysql_la_LIBADD = -lmysqlclient_r
all: all-am
diff --git a/src/libstrongswan/plugins/mysql/mysql_database.c b/src/libstrongswan/plugins/mysql/mysql_database.c
index d0d5a3d15..341217dd4 100644
--- a/src/libstrongswan/plugins/mysql/mysql_database.c
+++ b/src/libstrongswan/plugins/mysql/mysql_database.c
@@ -686,7 +686,7 @@ mysql_database_t *mysql_database_create(char *uri)
free(this);
return NULL;
}
- this->mutex = mutex_create(MUTEX_DEFAULT);
+ this->mutex = mutex_create(MUTEX_TYPE_DEFAULT);
this->pool = linked_list_create();
/* check connectivity */
diff --git a/src/libstrongswan/plugins/openssl/Makefile.am b/src/libstrongswan/plugins/openssl/Makefile.am
index f331a78eb..25cc5aa1d 100644
--- a/src/libstrongswan/plugins/openssl/Makefile.am
+++ b/src/libstrongswan/plugins/openssl/Makefile.am
@@ -16,6 +16,6 @@ libstrongswan_openssl_la_SOURCES = openssl_plugin.h openssl_plugin.c \
openssl_ec_private_key.c openssl_ec_private_key.h \
openssl_ec_public_key.c openssl_ec_public_key.h
-libstrongswan_openssl_la_LDFLAGS = -module
+libstrongswan_openssl_la_LDFLAGS = -module -avoid-version
libstrongswan_openssl_la_LIBADD = -lcrypto
diff --git a/src/libstrongswan/plugins/openssl/Makefile.in b/src/libstrongswan/plugins/openssl/Makefile.in
index 0ebb5acf0..e6d7b479b 100644
--- a/src/libstrongswan/plugins/openssl/Makefile.in
+++ b/src/libstrongswan/plugins/openssl/Makefile.in
@@ -78,12 +78,14 @@ ETAGS = etags
CTAGS = ctags
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
+ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AR = @AR@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
AWK = @AWK@
+BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
@@ -148,6 +150,7 @@ RUBYINCLUDE = @RUBYINCLUDE@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
+SOCKLIB = @SOCKLIB@
STRIP = @STRIP@
VERSION = @VERSION@
YACC = @YACC@
@@ -188,7 +191,9 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
+ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
+ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
@@ -236,7 +241,7 @@ libstrongswan_openssl_la_SOURCES = openssl_plugin.h openssl_plugin.c \
openssl_ec_private_key.c openssl_ec_private_key.h \
openssl_ec_public_key.c openssl_ec_public_key.h
-libstrongswan_openssl_la_LDFLAGS = -module
+libstrongswan_openssl_la_LDFLAGS = -module -avoid-version
libstrongswan_openssl_la_LIBADD = -lcrypto
all: all-am
diff --git a/src/libstrongswan/plugins/openssl/openssl_crypter.c b/src/libstrongswan/plugins/openssl/openssl_crypter.c
index 7f48f1009..424fec60a 100644
--- a/src/libstrongswan/plugins/openssl/openssl_crypter.c
+++ b/src/libstrongswan/plugins/openssl/openssl_crypter.c
@@ -83,6 +83,7 @@ static openssl_algorithm_t encryption_algs[] = {
/* {ENCR_DES_IV32, "***", 0, 0}, */
/* {ENCR_NULL, "***", 0, 0}, */ /* handled separately */
/* {ENCR_AES_CBC, "***", 0, 0}, */ /* handled separately */
+/* {ENCR_CAMELLIA_CBC, "***", 0, 0}, */ /* handled separately */
/* {ENCR_AES_CTR, "***", 0, 0}, */ /* disabled in evp.h */
{END_OF_LIST, NULL, 0, 0},
};
@@ -224,6 +225,23 @@ openssl_crypter_t *openssl_crypter_create(encryption_algorithm_t algo,
return NULL;
}
break;
+ case ENCR_CAMELLIA_CBC:
+ switch (key_size)
+ {
+ case 16: /* CAMELLIA 128 */
+ this->cipher = EVP_get_cipherbyname("camellia128");
+ break;
+ case 24: /* CAMELLIA 192 */
+ this->cipher = EVP_get_cipherbyname("camellia192");
+ break;
+ case 32: /* CAMELLIA 256 */
+ this->cipher = EVP_get_cipherbyname("camellia256");
+ break;
+ default:
+ free(this);
+ return NULL;
+ }
+ break;
case ENCR_DES_ECB:
this->cipher = EVP_des_ecb();
break;
diff --git a/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c b/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c
index c93acb75c..082aed9ca 100644
--- a/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c
+++ b/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c
@@ -108,7 +108,8 @@ error:
* Convert an EC_POINT to a chunk by concatenating the x and y coordinates of
* the point. This function allocates memory for the chunk.
*/
-static bool ecp2chunk(const EC_GROUP *group, const EC_POINT *point, chunk_t *chunk)
+static bool ecp2chunk(const EC_GROUP *group, const EC_POINT *point,
+ chunk_t *chunk, bool x_coordinate_only)
{
BN_CTX *ctx;
BIGNUM *x, *y;
@@ -133,6 +134,10 @@ static bool ecp2chunk(const EC_GROUP *group, const EC_POINT *point, chunk_t *chu
goto error;
}
+ if (x_coordinate_only)
+ {
+ y = NULL;
+ }
if (!openssl_bn_cat(EC_FIELD_ELEMENT_LEN(group), x, y, chunk))
{
goto error;
@@ -160,7 +165,7 @@ static bool compute_shared_key(private_openssl_ec_diffie_hellman_t *this, chunk_
{
const BIGNUM *priv_key;
EC_POINT *secret = NULL;
- bool ret = FALSE;
+ bool x_coordinate_only, ret = FALSE;
priv_key = EC_KEY_get0_private_key(this->key);
if (!priv_key)
@@ -179,7 +184,14 @@ static bool compute_shared_key(private_openssl_ec_diffie_hellman_t *this, chunk_
goto error;
}
- if (!ecp2chunk(this->ec_group, secret, shared_secret))
+ /*
+ * The default setting ecp_x_coordinate_only = TRUE
+ * applies the following errata for RFC 4753:
+ * http://www.rfc-editor.org/errata_search.php?eid=9
+ */
+ x_coordinate_only = lib->settings->get_bool(lib->settings,
+ "libstrongswan.ecp_x_coordinate_only", TRUE);
+ if (!ecp2chunk(this->ec_group, secret, shared_secret, x_coordinate_only))
{
goto error;
}
@@ -219,7 +231,7 @@ static void set_other_public_value(private_openssl_ec_diffie_hellman_t *this, ch
*/
static void get_my_public_value(private_openssl_ec_diffie_hellman_t *this,chunk_t *value)
{
- ecp2chunk(this->ec_group, EC_KEY_get0_public_key(this->key), value);
+ ecp2chunk(this->ec_group, EC_KEY_get0_public_key(this->key), value, FALSE);
}
/**
diff --git a/src/libstrongswan/plugins/openssl/openssl_hasher.c b/src/libstrongswan/plugins/openssl/openssl_hasher.c
index ed3e57957..90a5229d5 100644
--- a/src/libstrongswan/plugins/openssl/openssl_hasher.c
+++ b/src/libstrongswan/plugins/openssl/openssl_hasher.c
@@ -65,6 +65,7 @@ static openssl_algorithm_t integrity_algs[] = {
{HASH_MD2, "md2"},
{HASH_MD5, "md5"},
{HASH_SHA1, "sha1"},
+ {HASH_SHA224, "sha224"},
{HASH_SHA256, "sha256"},
{HASH_SHA384, "sha384"},
{HASH_SHA512, "sha512"},
diff --git a/src/libstrongswan/plugins/openssl/openssl_plugin.c b/src/libstrongswan/plugins/openssl/openssl_plugin.c
index a90dff7f1..ce6716f5a 100644
--- a/src/libstrongswan/plugins/openssl/openssl_plugin.c
+++ b/src/libstrongswan/plugins/openssl/openssl_plugin.c
@@ -84,7 +84,7 @@ static struct CRYPTO_dynlock_value *create_function(const char *file, int line)
struct CRYPTO_dynlock_value *lock;
lock = malloc_thing(struct CRYPTO_dynlock_value);
- lock->mutex = mutex_create(MUTEX_DEFAULT);
+ lock->mutex = mutex_create(MUTEX_TYPE_DEFAULT);
return lock;
}
@@ -140,7 +140,7 @@ static void threading_init()
mutex = malloc(sizeof(mutex_t*) * num_locks);
for (i = 0; i < num_locks; i++)
{
- mutex[i] = mutex_create(MUTEX_DEFAULT);
+ mutex[i] = mutex_create(MUTEX_TYPE_DEFAULT);
}
}
@@ -212,6 +212,8 @@ plugin_t *plugin_create()
/* crypter */
lib->crypto->add_crypter(lib->crypto, ENCR_AES_CBC,
(crypter_constructor_t)openssl_crypter_create);
+ lib->crypto->add_crypter(lib->crypto, ENCR_CAMELLIA_CBC,
+ (crypter_constructor_t)openssl_crypter_create);
lib->crypto->add_crypter(lib->crypto, ENCR_3DES,
(crypter_constructor_t)openssl_crypter_create);
lib->crypto->add_crypter(lib->crypto, ENCR_RC5,
@@ -238,6 +240,8 @@ plugin_t *plugin_create()
(hasher_constructor_t)openssl_hasher_create);
lib->crypto->add_hasher(lib->crypto, HASH_MD5,
(hasher_constructor_t)openssl_hasher_create);
+ lib->crypto->add_hasher(lib->crypto, HASH_SHA224,
+ (hasher_constructor_t)openssl_hasher_create);
lib->crypto->add_hasher(lib->crypto, HASH_SHA256,
(hasher_constructor_t)openssl_hasher_create);
lib->crypto->add_hasher(lib->crypto, HASH_SHA384,
diff --git a/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c b/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c
index c5d4142da..95c0ffdc8 100644
--- a/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c
+++ b/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c
@@ -165,6 +165,8 @@ static bool sign(private_openssl_rsa_private_key_t *this, signature_scheme_t sch
return build_emsa_pkcs1_signature(this, NID_undef, data, signature);
case SIGN_RSA_EMSA_PKCS1_SHA1:
return build_emsa_pkcs1_signature(this, NID_sha1, data, signature);
+ case SIGN_RSA_EMSA_PKCS1_SHA224:
+ return build_emsa_pkcs1_signature(this, NID_sha224, data, signature);
case SIGN_RSA_EMSA_PKCS1_SHA256:
return build_emsa_pkcs1_signature(this, NID_sha256, data, signature);
case SIGN_RSA_EMSA_PKCS1_SHA384:
diff --git a/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c b/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c
index 89912f24c..bc1ba35b6 100644
--- a/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c
+++ b/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c
@@ -143,6 +143,8 @@ static bool verify(private_openssl_rsa_public_key_t *this, signature_scheme_t sc
return verify_emsa_pkcs1_signature(this, NID_undef, data, signature);
case SIGN_RSA_EMSA_PKCS1_SHA1:
return verify_emsa_pkcs1_signature(this, NID_sha1, data, signature);
+ case SIGN_RSA_EMSA_PKCS1_SHA224:
+ return verify_emsa_pkcs1_signature(this, NID_sha224, data, signature);
case SIGN_RSA_EMSA_PKCS1_SHA256:
return verify_emsa_pkcs1_signature(this, NID_sha256, data, signature);
case SIGN_RSA_EMSA_PKCS1_SHA384:
diff --git a/src/libstrongswan/plugins/openssl/openssl_util.c b/src/libstrongswan/plugins/openssl/openssl_util.c
index bb0c296e1..c8c453f64 100644
--- a/src/libstrongswan/plugins/openssl/openssl_util.c
+++ b/src/libstrongswan/plugins/openssl/openssl_util.c
@@ -71,21 +71,26 @@ bool openssl_bn_cat(int len, BIGNUM *a, BIGNUM *b, chunk_t *chunk)
{
int offset;
- chunk->len = len * 2;
+ chunk->len = len + (b ? len : 0);
chunk->ptr = malloc(chunk->len);
memset(chunk->ptr, 0, chunk->len);
+ /* convert a */
offset = len - BN_num_bytes(a);
if (!BN_bn2bin(a, chunk->ptr + offset))
{
goto error;
}
- offset = len - BN_num_bytes(b);
- if (!BN_bn2bin(b, chunk->ptr + len + offset))
+ /* optionally convert and concatenate b */
+ if (b)
{
- goto error;
- }
+ offset = len - BN_num_bytes(b);
+ if (!BN_bn2bin(b, chunk->ptr + len + offset))
+ {
+ goto error;
+ }
+ }
return TRUE;
error:
diff --git a/src/libstrongswan/plugins/padlock/Makefile.am b/src/libstrongswan/plugins/padlock/Makefile.am
index e7c3ba486..b2b1f9d85 100644
--- a/src/libstrongswan/plugins/padlock/Makefile.am
+++ b/src/libstrongswan/plugins/padlock/Makefile.am
@@ -9,5 +9,5 @@ libstrongswan_padlock_la_SOURCES = padlock_plugin.h padlock_plugin.c \
padlock_aes_crypter.c padlock_aes_crypter.h \
padlock_sha1_hasher.c padlock_sha1_hasher.h \
padlock_rng.c padlock_rng.h
-libstrongswan_padlock_la_LDFLAGS = -module
+libstrongswan_padlock_la_LDFLAGS = -module -avoid-version
diff --git a/src/libstrongswan/plugins/padlock/Makefile.in b/src/libstrongswan/plugins/padlock/Makefile.in
index 7fe0cc198..44f533744 100644
--- a/src/libstrongswan/plugins/padlock/Makefile.in
+++ b/src/libstrongswan/plugins/padlock/Makefile.in
@@ -75,12 +75,14 @@ ETAGS = etags
CTAGS = ctags
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
+ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AR = @AR@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
AWK = @AWK@
+BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
@@ -145,6 +147,7 @@ RUBYINCLUDE = @RUBYINCLUDE@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
+SOCKLIB = @SOCKLIB@
STRIP = @STRIP@
VERSION = @VERSION@
YACC = @YACC@
@@ -185,7 +188,9 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
+ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
+ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
@@ -227,7 +232,7 @@ libstrongswan_padlock_la_SOURCES = padlock_plugin.h padlock_plugin.c \
padlock_sha1_hasher.c padlock_sha1_hasher.h \
padlock_rng.c padlock_rng.h
-libstrongswan_padlock_la_LDFLAGS = -module
+libstrongswan_padlock_la_LDFLAGS = -module -avoid-version
all: all-am
.SUFFIXES:
diff --git a/src/libstrongswan/plugins/padlock/padlock_plugin.c b/src/libstrongswan/plugins/padlock/padlock_plugin.c
index dddb73551..e241b59be 100644
--- a/src/libstrongswan/plugins/padlock/padlock_plugin.c
+++ b/src/libstrongswan/plugins/padlock/padlock_plugin.c
@@ -97,7 +97,7 @@ static padlock_feature_t get_padlock_features()
return d;
}
}
- DBG1("Padlock not found, CPU is %s\n", vendor);
+ DBG1("Padlock not found, CPU is %s", vendor);
return 0;
}
diff --git a/src/libstrongswan/plugins/plugin_loader.c b/src/libstrongswan/plugins/plugin_loader.c
index ad5a9e240..459ba9ba9 100644
--- a/src/libstrongswan/plugins/plugin_loader.c
+++ b/src/libstrongswan/plugins/plugin_loader.c
@@ -22,6 +22,7 @@
#include <stdio.h>
#include <debug.h>
+#include <integrity_checker.h>
#include <utils/linked_list.h>
#include <plugins/plugin.h>
@@ -61,27 +62,45 @@ static plugin_t* load_plugin(private_plugin_loader_t *this,
snprintf(file, sizeof(file), "%s/libstrongswan-%s.so", path, name);
+ if (lib->integrity)
+ {
+ if (!lib->integrity->check_file(lib->integrity, name, file))
+ {
+ DBG1("plugin '%s': failed file integrity test of '%s'", name, file);
+ return NULL;
+ }
+ }
handle = dlopen(file, RTLD_LAZY);
if (handle == NULL)
{
- DBG1("loading plugin '%s' failed: %s", name, dlerror());
+ DBG1("plugin '%s': failed to load '%s' - %s", name, file, dlerror());
return NULL;
}
constructor = dlsym(handle, "plugin_create");
if (constructor == NULL)
{
- DBG1("loading plugin '%s' failed: no plugin_create() function", name);
+ DBG1("plugin '%s': failed to load - no plugin_create() function", name);
dlclose(handle);
return NULL;
}
+ if (lib->integrity)
+ {
+ if (!lib->integrity->check_segment(lib->integrity, name, constructor))
+ {
+ DBG1("plugin '%s': failed segment integrity test", name);
+ dlclose(handle);
+ return NULL;
+ }
+ DBG1("plugin '%s': passed file and segment integrity tests", name);
+ }
plugin = constructor();
if (plugin == NULL)
{
- DBG1("loading plugin '%s' failed: plugin_create() returned NULL", name);
+ DBG1("plugin '%s': failed to load - plugin_create() returned NULL", name);
dlclose(handle);
return NULL;
}
- DBG2("plugin '%s' loaded successfully", name);
+ DBG2("plugin '%s': loaded successfully", name);
/* we do not store or free dlopen() handles, leak_detective requires
* the modules to keep loaded until leak report */
diff --git a/src/libstrongswan/plugins/pubkey/Makefile.am b/src/libstrongswan/plugins/pubkey/Makefile.am
index 3b512614f..9423e6689 100644
--- a/src/libstrongswan/plugins/pubkey/Makefile.am
+++ b/src/libstrongswan/plugins/pubkey/Makefile.am
@@ -9,5 +9,5 @@ libstrongswan_pubkey_la_SOURCES = pubkey_plugin.h pubkey_plugin.c \
pubkey_cert.h pubkey_cert.c\
pubkey_public_key.h pubkey_public_key.c
-libstrongswan_pubkey_la_LDFLAGS = -module
+libstrongswan_pubkey_la_LDFLAGS = -module -avoid-version
diff --git a/src/libstrongswan/plugins/pubkey/Makefile.in b/src/libstrongswan/plugins/pubkey/Makefile.in
index 4514424f2..a672e2ea8 100644
--- a/src/libstrongswan/plugins/pubkey/Makefile.in
+++ b/src/libstrongswan/plugins/pubkey/Makefile.in
@@ -75,12 +75,14 @@ ETAGS = etags
CTAGS = ctags
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
+ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AR = @AR@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
AWK = @AWK@
+BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
@@ -145,6 +147,7 @@ RUBYINCLUDE = @RUBYINCLUDE@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
+SOCKLIB = @SOCKLIB@
STRIP = @STRIP@
VERSION = @VERSION@
YACC = @YACC@
@@ -185,7 +188,9 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
+ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
+ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
@@ -226,7 +231,7 @@ libstrongswan_pubkey_la_SOURCES = pubkey_plugin.h pubkey_plugin.c \
pubkey_cert.h pubkey_cert.c\
pubkey_public_key.h pubkey_public_key.c
-libstrongswan_pubkey_la_LDFLAGS = -module
+libstrongswan_pubkey_la_LDFLAGS = -module -avoid-version
all: all-am
.SUFFIXES:
diff --git a/src/libstrongswan/plugins/random/Makefile.am b/src/libstrongswan/plugins/random/Makefile.am
index 8b61d7094..9a11b8567 100644
--- a/src/libstrongswan/plugins/random/Makefile.am
+++ b/src/libstrongswan/plugins/random/Makefile.am
@@ -7,5 +7,5 @@ plugin_LTLIBRARIES = libstrongswan-random.la
libstrongswan_random_la_SOURCES = random_plugin.h random_plugin.c \
random_rng.c random_rng.h
-libstrongswan_random_la_LDFLAGS = -module
+libstrongswan_random_la_LDFLAGS = -module -avoid-version
diff --git a/src/libstrongswan/plugins/random/Makefile.in b/src/libstrongswan/plugins/random/Makefile.in
index 0bed27468..a2869fb51 100644
--- a/src/libstrongswan/plugins/random/Makefile.in
+++ b/src/libstrongswan/plugins/random/Makefile.in
@@ -74,12 +74,14 @@ ETAGS = etags
CTAGS = ctags
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
+ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AR = @AR@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
AWK = @AWK@
+BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
@@ -144,6 +146,7 @@ RUBYINCLUDE = @RUBYINCLUDE@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
+SOCKLIB = @SOCKLIB@
STRIP = @STRIP@
VERSION = @VERSION@
YACC = @YACC@
@@ -184,7 +187,9 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
+ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
+ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
@@ -224,7 +229,7 @@ plugin_LTLIBRARIES = libstrongswan-random.la
libstrongswan_random_la_SOURCES = random_plugin.h random_plugin.c \
random_rng.c random_rng.h
-libstrongswan_random_la_LDFLAGS = -module
+libstrongswan_random_la_LDFLAGS = -module -avoid-version
all: all-am
.SUFFIXES:
diff --git a/src/libstrongswan/plugins/sha1/Makefile.am b/src/libstrongswan/plugins/sha1/Makefile.am
index 5de45e4e8..ead51a45a 100644
--- a/src/libstrongswan/plugins/sha1/Makefile.am
+++ b/src/libstrongswan/plugins/sha1/Makefile.am
@@ -7,5 +7,5 @@ plugin_LTLIBRARIES = libstrongswan-sha1.la
libstrongswan_sha1_la_SOURCES = sha1_plugin.h sha1_plugin.c \
sha1_hasher.c sha1_hasher.h sha1_prf.c sha1_prf.h
-libstrongswan_sha1_la_LDFLAGS = -module
+libstrongswan_sha1_la_LDFLAGS = -module -avoid-version
diff --git a/src/libstrongswan/plugins/sha1/Makefile.in b/src/libstrongswan/plugins/sha1/Makefile.in
index c8b8905bb..f1f5807ab 100644
--- a/src/libstrongswan/plugins/sha1/Makefile.in
+++ b/src/libstrongswan/plugins/sha1/Makefile.in
@@ -74,12 +74,14 @@ ETAGS = etags
CTAGS = ctags
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
+ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AR = @AR@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
AWK = @AWK@
+BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
@@ -144,6 +146,7 @@ RUBYINCLUDE = @RUBYINCLUDE@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
+SOCKLIB = @SOCKLIB@
STRIP = @STRIP@
VERSION = @VERSION@
YACC = @YACC@
@@ -184,7 +187,9 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
+ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
+ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
@@ -224,7 +229,7 @@ plugin_LTLIBRARIES = libstrongswan-sha1.la
libstrongswan_sha1_la_SOURCES = sha1_plugin.h sha1_plugin.c \
sha1_hasher.c sha1_hasher.h sha1_prf.c sha1_prf.h
-libstrongswan_sha1_la_LDFLAGS = -module
+libstrongswan_sha1_la_LDFLAGS = -module -avoid-version
all: all-am
.SUFFIXES:
diff --git a/src/libstrongswan/plugins/sha2/Makefile.am b/src/libstrongswan/plugins/sha2/Makefile.am
index 066e49476..5422e1d4e 100644
--- a/src/libstrongswan/plugins/sha2/Makefile.am
+++ b/src/libstrongswan/plugins/sha2/Makefile.am
@@ -6,5 +6,5 @@ AM_CFLAGS = -rdynamic
plugin_LTLIBRARIES = libstrongswan-sha2.la
libstrongswan_sha2_la_SOURCES = sha2_plugin.h sha2_plugin.c sha2_hasher.c sha2_hasher.h
-libstrongswan_sha2_la_LDFLAGS = -module
+libstrongswan_sha2_la_LDFLAGS = -module -avoid-version
diff --git a/src/libstrongswan/plugins/sha2/Makefile.in b/src/libstrongswan/plugins/sha2/Makefile.in
index f37c93502..b34286813 100644
--- a/src/libstrongswan/plugins/sha2/Makefile.in
+++ b/src/libstrongswan/plugins/sha2/Makefile.in
@@ -73,12 +73,14 @@ ETAGS = etags
CTAGS = ctags
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
+ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AR = @AR@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
AWK = @AWK@
+BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
@@ -143,6 +145,7 @@ RUBYINCLUDE = @RUBYINCLUDE@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
+SOCKLIB = @SOCKLIB@
STRIP = @STRIP@
VERSION = @VERSION@
YACC = @YACC@
@@ -183,7 +186,9 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
+ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
+ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
@@ -221,7 +226,7 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
plugin_LTLIBRARIES = libstrongswan-sha2.la
libstrongswan_sha2_la_SOURCES = sha2_plugin.h sha2_plugin.c sha2_hasher.c sha2_hasher.h
-libstrongswan_sha2_la_LDFLAGS = -module
+libstrongswan_sha2_la_LDFLAGS = -module -avoid-version
all: all-am
.SUFFIXES:
diff --git a/src/libstrongswan/plugins/sha2/sha2_hasher.c b/src/libstrongswan/plugins/sha2/sha2_hasher.c
index 0e8811cca..645f4d786 100644
--- a/src/libstrongswan/plugins/sha2/sha2_hasher.c
+++ b/src/libstrongswan/plugins/sha2/sha2_hasher.c
@@ -58,6 +58,11 @@ struct private_sha256_hasher_t {
};
+static const u_int32_t sha224_hashInit[8] = {
+ 0xc1059ed8, 0x367cd507, 0x3070dd17, 0xf70e5939, 0xffc00b31, 0x68581511,
+ 0x64f98fa7, 0xbefa4fa4
+};
+
static const u_int32_t sha256_hashInit[8] = {
0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c,
0x1f83d9ab, 0x5be0cd19
@@ -422,6 +427,21 @@ static void sha512_final(private_sha512_hasher_t *ctx)
}
/**
+ * Implementation of hasher_t.get_hash for SHA224.
+ */
+static void get_hash224(private_sha256_hasher_t *this,
+ chunk_t chunk, u_int8_t *buffer)
+{
+ sha256_write(this, chunk.ptr, chunk.len);
+ if (buffer != NULL)
+ {
+ sha256_final(this);
+ memcpy(buffer, this->sha_out, HASH_SIZE_SHA224);
+ this->public.hasher_interface.reset(&(this->public.hasher_interface));
+ }
+}
+
+/**
* Implementation of hasher_t.get_hash for SHA256.
*/
static void get_hash256(private_sha256_hasher_t *this,
@@ -467,6 +487,25 @@ static void get_hash512(private_sha512_hasher_t *this,
}
/**
+ * Implementation of hasher_t.allocate_hash for SHA224.
+ */
+static void allocate_hash224(private_sha256_hasher_t *this,
+ chunk_t chunk, chunk_t *hash)
+{
+ chunk_t allocated_hash;
+
+ sha256_write(this, chunk.ptr, chunk.len);
+ if (hash != NULL)
+ {
+ sha256_final(this);
+ allocated_hash = chunk_alloc(HASH_SIZE_SHA224);
+ memcpy(allocated_hash.ptr, this->sha_out, HASH_SIZE_SHA224);
+ this->public.hasher_interface.reset(&(this->public.hasher_interface));
+ *hash = allocated_hash;
+ }
+}
+
+/**
* Implementation of hasher_t.allocate_hash for SHA256.
*/
static void allocate_hash256(private_sha256_hasher_t *this,
@@ -524,6 +563,14 @@ static void allocate_hash512(private_sha512_hasher_t *this,
}
/**
+ * Implementation of hasher_t.get_hash_size for SHA224.
+ */
+static size_t get_hash_size224(private_sha256_hasher_t *this)
+{
+ return HASH_SIZE_SHA224;
+}
+
+/**
* Implementation of hasher_t.get_hash_size for SHA256.
*/
static size_t get_hash_size256(private_sha256_hasher_t *this)
@@ -548,6 +595,16 @@ static size_t get_hash_size512(private_sha512_hasher_t *this)
}
/**
+ * Implementation of hasher_t.reset for SHA224
+ */
+static void reset224(private_sha256_hasher_t *ctx)
+{
+ memcpy(&ctx->sha_H[0], &sha224_hashInit[0], sizeof(ctx->sha_H));
+ ctx->sha_blocks = 0;
+ ctx->sha_bufCnt = 0;
+}
+
+/**
* Implementation of hasher_t.reset for SHA256
*/
static void reset256(private_sha256_hasher_t *ctx)
@@ -596,6 +653,13 @@ sha2_hasher_t *sha2_hasher_create(hash_algorithm_t algorithm)
switch (algorithm)
{
+ case HASH_SHA224:
+ this = (sha2_hasher_t*)malloc_thing(private_sha256_hasher_t);
+ this->hasher_interface.reset = (void(*)(hasher_t*))reset224;
+ this->hasher_interface.get_hash_size = (size_t(*)(hasher_t*))get_hash_size224;
+ this->hasher_interface.get_hash = (void(*)(hasher_t*,chunk_t,u_int8_t*))get_hash224;
+ this->hasher_interface.allocate_hash = (void(*)(hasher_t*,chunk_t,chunk_t*))allocate_hash224;
+ break;
case HASH_SHA256:
this = (sha2_hasher_t*)malloc_thing(private_sha256_hasher_t);
this->hasher_interface.reset = (void(*)(hasher_t*))reset256;
diff --git a/src/libstrongswan/plugins/sha2/sha2_plugin.c b/src/libstrongswan/plugins/sha2/sha2_plugin.c
index 21bc592dc..0743f7b1a 100644
--- a/src/libstrongswan/plugins/sha2/sha2_plugin.c
+++ b/src/libstrongswan/plugins/sha2/sha2_plugin.c
@@ -50,6 +50,8 @@ plugin_t *plugin_create()
this->public.plugin.destroy = (void(*)(plugin_t*))destroy;
+ lib->crypto->add_hasher(lib->crypto, HASH_SHA224,
+ (hasher_constructor_t)sha2_hasher_create);
lib->crypto->add_hasher(lib->crypto, HASH_SHA256,
(hasher_constructor_t)sha2_hasher_create);
lib->crypto->add_hasher(lib->crypto, HASH_SHA384,
diff --git a/src/libstrongswan/plugins/sqlite/Makefile.am b/src/libstrongswan/plugins/sqlite/Makefile.am
index 7c3017abf..f26e31294 100644
--- a/src/libstrongswan/plugins/sqlite/Makefile.am
+++ b/src/libstrongswan/plugins/sqlite/Makefile.am
@@ -7,6 +7,6 @@ plugin_LTLIBRARIES = libstrongswan-sqlite.la
libstrongswan_sqlite_la_SOURCES = sqlite_plugin.h sqlite_plugin.c \
sqlite_database.h sqlite_database.c
-libstrongswan_sqlite_la_LDFLAGS = -module
+libstrongswan_sqlite_la_LDFLAGS = -module -avoid-version
libstrongswan_sqlite_la_LIBADD = -lsqlite3
diff --git a/src/libstrongswan/plugins/sqlite/Makefile.in b/src/libstrongswan/plugins/sqlite/Makefile.in
index 547548bd7..b59a1c343 100644
--- a/src/libstrongswan/plugins/sqlite/Makefile.in
+++ b/src/libstrongswan/plugins/sqlite/Makefile.in
@@ -75,12 +75,14 @@ ETAGS = etags
CTAGS = ctags
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
+ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AR = @AR@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
AWK = @AWK@
+BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
@@ -145,6 +147,7 @@ RUBYINCLUDE = @RUBYINCLUDE@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
+SOCKLIB = @SOCKLIB@
STRIP = @STRIP@
VERSION = @VERSION@
YACC = @YACC@
@@ -185,7 +188,9 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
+ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
+ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
@@ -225,7 +230,7 @@ plugin_LTLIBRARIES = libstrongswan-sqlite.la
libstrongswan_sqlite_la_SOURCES = sqlite_plugin.h sqlite_plugin.c \
sqlite_database.h sqlite_database.c
-libstrongswan_sqlite_la_LDFLAGS = -module
+libstrongswan_sqlite_la_LDFLAGS = -module -avoid-version
libstrongswan_sqlite_la_LIBADD = -lsqlite3
all: all-am
diff --git a/src/libstrongswan/plugins/sqlite/sqlite_database.c b/src/libstrongswan/plugins/sqlite/sqlite_database.c
index ce873b714..6e4951f2d 100644
--- a/src/libstrongswan/plugins/sqlite/sqlite_database.c
+++ b/src/libstrongswan/plugins/sqlite/sqlite_database.c
@@ -333,7 +333,7 @@ sqlite_database_t *sqlite_database_create(char *uri)
this->public.db.get_driver = (db_driver_t(*)(database_t*))get_driver;
this->public.db.destroy = (void(*)(database_t*))destroy;
- this->mutex = mutex_create(MUTEX_RECURSIVE);
+ this->mutex = mutex_create(MUTEX_TYPE_RECURSIVE);
if (sqlite3_open(file, &this->db) != SQLITE_OK)
{
diff --git a/src/libstrongswan/plugins/test_vectors/Makefile.am b/src/libstrongswan/plugins/test_vectors/Makefile.am
index 27d17c084..6028805c4 100644
--- a/src/libstrongswan/plugins/test_vectors/Makefile.am
+++ b/src/libstrongswan/plugins/test_vectors/Makefile.am
@@ -29,5 +29,5 @@ libstrongswan_test_vectors_la_SOURCES = \
test_vectors/sha2_hmac.c \
test_vectors/fips_prf.c \
test_vectors/rng.c
-libstrongswan_test_vectors_la_LDFLAGS = -module
+libstrongswan_test_vectors_la_LDFLAGS = -module -avoid-version
diff --git a/src/libstrongswan/plugins/test_vectors/Makefile.in b/src/libstrongswan/plugins/test_vectors/Makefile.in
index bb877620c..0e408ba7e 100644
--- a/src/libstrongswan/plugins/test_vectors/Makefile.in
+++ b/src/libstrongswan/plugins/test_vectors/Makefile.in
@@ -79,12 +79,14 @@ ETAGS = etags
CTAGS = ctags
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
+ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AR = @AR@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
AWK = @AWK@
+BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
@@ -149,6 +151,7 @@ RUBYINCLUDE = @RUBYINCLUDE@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
+SOCKLIB = @SOCKLIB@
STRIP = @STRIP@
VERSION = @VERSION@
YACC = @YACC@
@@ -189,7 +192,9 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
+ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
+ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
@@ -251,7 +256,7 @@ libstrongswan_test_vectors_la_SOURCES = \
test_vectors/fips_prf.c \
test_vectors/rng.c
-libstrongswan_test_vectors_la_LDFLAGS = -module
+libstrongswan_test_vectors_la_LDFLAGS = -module -avoid-version
all: all-am
.SUFFIXES:
diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors.h b/src/libstrongswan/plugins/test_vectors/test_vectors.h
index df5a9c9a8..b182dd829 100644
--- a/src/libstrongswan/plugins/test_vectors/test_vectors.h
+++ b/src/libstrongswan/plugins/test_vectors/test_vectors.h
@@ -98,6 +98,9 @@ TEST_VECTOR_HASHER(md5_7)
TEST_VECTOR_HASHER(sha1_1)
TEST_VECTOR_HASHER(sha1_2)
TEST_VECTOR_HASHER(sha1_3)
+TEST_VECTOR_HASHER(sha224_1)
+TEST_VECTOR_HASHER(sha224_2)
+TEST_VECTOR_HASHER(sha224_3)
TEST_VECTOR_HASHER(sha256_1)
TEST_VECTOR_HASHER(sha256_2)
TEST_VECTOR_HASHER(sha256_3)
diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/sha2.c b/src/libstrongswan/plugins/test_vectors/test_vectors/sha2.c
index e2bd42240..4679c26b3 100644
--- a/src/libstrongswan/plugins/test_vectors/test_vectors/sha2.c
+++ b/src/libstrongswan/plugins/test_vectors/test_vectors/sha2.c
@@ -16,6 +16,41 @@
#include <crypto/crypto_tester.h>
/**
+ * SHA-224 vectors from "The Secure Hash Algorithm Validation System (SHAVS)"
+ */
+hasher_test_vector_t sha224_1 = {
+ .alg = HASH_SHA224, .len = 1,
+ .data = "\x07",
+ .hash = "\x00\xec\xd5\xf1\x38\x42\x2b\x8a\xd7\x4c\x97\x99\xfd\x82\x6c\x53"
+ "\x1b\xad\x2f\xca\xbc\x74\x50\xbe\xe2\xaa\x8c\x2a"
+
+};
+
+hasher_test_vector_t sha224_2 = {
+ .alg = HASH_SHA224, .len = 16,
+ .data = "\x18\x80\x40\x05\xdd\x4f\xbd\x15\x56\x29\x9d\x6f\x9d\x93\xdf\x62",
+ .hash = "\xdf\x90\xd7\x8a\xa7\x88\x21\xc9\x9b\x40\xba\x4c\x96\x69\x21\xac"
+ "\xcd\x8f\xfb\x1e\x98\xac\x38\x8e\x56\x19\x1d\xb1"
+};
+
+hasher_test_vector_t sha224_3 = {
+ .alg = HASH_SHA224, .len = 163,
+ .data = "\x55\xb2\x10\x07\x9c\x61\xb5\x3a\xdd\x52\x06\x22\xd1\xac\x97\xd5"
+ "\xcd\xbe\x8c\xb3\x3a\xa0\xae\x34\x45\x17\xbe\xe4\xd7\xba\x09\xab"
+ "\xc8\x53\x3c\x52\x50\x88\x7a\x43\xbe\xbb\xac\x90\x6c\x2e\x18\x37"
+ "\xf2\x6b\x36\xa5\x9a\xe3\xbe\x78\x14\xd5\x06\x89\x6b\x71\x8b\x2a"
+ "\x38\x3e\xcd\xac\x16\xb9\x61\x25\x55\x3f\x41\x6f\xf3\x2c\x66\x74"
+ "\xc7\x45\x99\xa9\x00\x53\x86\xd9\xce\x11\x12\x24\x5f\x48\xee\x47"
+ "\x0d\x39\x6c\x1e\xd6\x3b\x92\x67\x0c\xa5\x6e\xc8\x4d\xee\xa8\x14"
+ "\xb6\x13\x5e\xca\x54\x39\x2b\xde\xdb\x94\x89\xbc\x9b\x87\x5a\x8b"
+ "\xaf\x0d\xc1\xae\x78\x57\x36\x91\x4a\xb7\xda\xa2\x64\xbc\x07\x9d"
+ "\x26\x9f\x2c\x0d\x7e\xdd\xd8\x10\xa4\x26\x14\x5a\x07\x76\xf6\x7c"
+ "\x87\x82\x73",
+ .hash = "\x0b\x31\x89\x4e\xc8\x93\x7a\xd9\xb9\x1b\xdf\xbc\xba\x29\x4d\x9a"
+ "\xde\xfa\xa1\x8e\x09\x30\x5e\x9f\x20\xd5\xc3\xa4"
+};
+
+/**
* SHA-256 vectors from "The Secure Hash Algorithm Validation System (SHAVS)"
*/
hasher_test_vector_t sha256_1 = {
diff --git a/src/libstrongswan/plugins/x509/Makefile.am b/src/libstrongswan/plugins/x509/Makefile.am
index 3f9f85c36..e9668b4e4 100644
--- a/src/libstrongswan/plugins/x509/Makefile.am
+++ b/src/libstrongswan/plugins/x509/Makefile.am
@@ -12,5 +12,5 @@ libstrongswan_x509_la_SOURCES = x509_plugin.h x509_plugin.c \
x509_ocsp_request.h x509_ocsp_request.c \
x509_ocsp_response.h x509_ocsp_response.c \
ietf_attr_list.h ietf_attr_list.c
-libstrongswan_x509_la_LDFLAGS = -module
+libstrongswan_x509_la_LDFLAGS = -module -avoid-version
diff --git a/src/libstrongswan/plugins/x509/Makefile.in b/src/libstrongswan/plugins/x509/Makefile.in
index 0c62ad3b3..56cb04769 100644
--- a/src/libstrongswan/plugins/x509/Makefile.in
+++ b/src/libstrongswan/plugins/x509/Makefile.in
@@ -75,12 +75,14 @@ ETAGS = etags
CTAGS = ctags
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
+ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AR = @AR@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
AWK = @AWK@
+BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
@@ -145,6 +147,7 @@ RUBYINCLUDE = @RUBYINCLUDE@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
+SOCKLIB = @SOCKLIB@
STRIP = @STRIP@
VERSION = @VERSION@
YACC = @YACC@
@@ -185,7 +188,9 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
+ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
+ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
@@ -230,7 +235,7 @@ libstrongswan_x509_la_SOURCES = x509_plugin.h x509_plugin.c \
x509_ocsp_response.h x509_ocsp_response.c \
ietf_attr_list.h ietf_attr_list.c
-libstrongswan_x509_la_LDFLAGS = -module
+libstrongswan_x509_la_LDFLAGS = -module -avoid-version
all: all-am
.SUFFIXES:
diff --git a/src/libstrongswan/plugins/xcbc/Makefile.am b/src/libstrongswan/plugins/xcbc/Makefile.am
index 1b10d21f8..515b75031 100644
--- a/src/libstrongswan/plugins/xcbc/Makefile.am
+++ b/src/libstrongswan/plugins/xcbc/Makefile.am
@@ -7,5 +7,5 @@ plugin_LTLIBRARIES = libstrongswan-xcbc.la
libstrongswan_xcbc_la_SOURCES = xcbc_plugin.h xcbc_plugin.c xcbc.h xcbc.c \
xcbc_prf.h xcbc_prf.c xcbc_signer.h xcbc_signer.c
-libstrongswan_xcbc_la_LDFLAGS = -module
+libstrongswan_xcbc_la_LDFLAGS = -module -avoid-version
diff --git a/src/libstrongswan/plugins/xcbc/Makefile.in b/src/libstrongswan/plugins/xcbc/Makefile.in
index 82ef55bd5..1d4e39586 100644
--- a/src/libstrongswan/plugins/xcbc/Makefile.in
+++ b/src/libstrongswan/plugins/xcbc/Makefile.in
@@ -74,12 +74,14 @@ ETAGS = etags
CTAGS = ctags
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
+ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AR = @AR@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
AWK = @AWK@
+BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
@@ -144,6 +146,7 @@ RUBYINCLUDE = @RUBYINCLUDE@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
+SOCKLIB = @SOCKLIB@
STRIP = @STRIP@
VERSION = @VERSION@
YACC = @YACC@
@@ -184,7 +187,9 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
+ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
+ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
@@ -224,7 +229,7 @@ plugin_LTLIBRARIES = libstrongswan-xcbc.la
libstrongswan_xcbc_la_SOURCES = xcbc_plugin.h xcbc_plugin.c xcbc.h xcbc.c \
xcbc_prf.h xcbc_prf.c xcbc_signer.h xcbc_signer.c
-libstrongswan_xcbc_la_LDFLAGS = -module
+libstrongswan_xcbc_la_LDFLAGS = -module -avoid-version
all: all-am
.SUFFIXES: