diff options
| author | Rene Mayrhofer <rene@mayrhofer.eu.org> | 2009-02-28 22:02:31 +0000 |
|---|---|---|
| committer | Rene Mayrhofer <rene@mayrhofer.eu.org> | 2009-02-28 22:02:31 +0000 |
| commit | 19364e11c66714324bd3d5d0dc9212db397085cb (patch) | |
| tree | fe7f5e55f0474dad1d0c29ba7c0a6f4546c99c3a /src/libstrongswan | |
| parent | c7f1b0530b85bc7654e68992f25ed8ced5d0a80d (diff) | |
| download | vyos-strongswan-19364e11c66714324bd3d5d0dc9212db397085cb.tar.gz vyos-strongswan-19364e11c66714324bd3d5d0dc9212db397085cb.zip | |
[svn-upgrade] Integrating new upstream version, strongswan (4.2.12)
Diffstat (limited to 'src/libstrongswan')
64 files changed, 2951 insertions, 462 deletions
diff --git a/src/libstrongswan/Makefile.am b/src/libstrongswan/Makefile.am index 1423db5c3..110c2ef16 100644 --- a/src/libstrongswan/Makefile.am +++ b/src/libstrongswan/Makefile.am @@ -47,6 +47,7 @@ utils/identification.c utils/identification.h \ utils/iterator.h \ utils/lexparser.c utils/lexparser.h \ utils/linked_list.c utils/linked_list.h \ +utils/hashtable.c utils/hashtable.h \ utils/enumerator.c utils/enumerator.h \ utils/optionsfrom.c utils/optionsfrom.h \ utils/mutex.c utils/mutex.h \ @@ -97,6 +98,10 @@ if USE_DES SUBDIRS += plugins/des endif +if USE_MD4 + SUBDIRS += plugins/md4 +endif + if USE_MD5 SUBDIRS += plugins/md5 endif diff --git a/src/libstrongswan/Makefile.in b/src/libstrongswan/Makefile.in index f1cf4f554..ba90d987b 100644 --- a/src/libstrongswan/Makefile.in +++ b/src/libstrongswan/Makefile.in @@ -37,24 +37,25 @@ host_triplet = @host@ @USE_LOCK_PROFILER_TRUE@am__append_3 = -DLOCK_PROFILER @USE_AES_TRUE@am__append_4 = plugins/aes @USE_DES_TRUE@am__append_5 = plugins/des -@USE_MD5_TRUE@am__append_6 = plugins/md5 -@USE_SHA1_TRUE@am__append_7 = plugins/sha1 -@USE_SHA2_TRUE@am__append_8 = plugins/sha2 -@USE_FIPS_PRF_TRUE@am__append_9 = plugins/fips_prf -@USE_GMP_TRUE@am__append_10 = plugins/gmp -@USE_RANDOM_TRUE@am__append_11 = plugins/random -@USE_HMAC_TRUE@am__append_12 = plugins/hmac -@USE_XCBC_TRUE@am__append_13 = plugins/xcbc -@USE_X509_TRUE@am__append_14 = plugins/x509 -@USE_PUBKEY_TRUE@am__append_15 = plugins/pubkey -@USE_CURL_TRUE@am__append_16 = plugins/curl -@USE_LDAP_TRUE@am__append_17 = plugins/ldap -@USE_MYSQL_TRUE@am__append_18 = plugins/mysql -@USE_SQLITE_TRUE@am__append_19 = plugins/sqlite -@USE_PADLOCK_TRUE@am__append_20 = plugins/padlock -@USE_OPENSSL_TRUE@am__append_21 = plugins/openssl -@USE_AGENT_TRUE@am__append_22 = plugins/agent -@USE_INTEGRITY_TEST_TRUE@am__append_23 = fips +@USE_MD4_TRUE@am__append_6 = plugins/md4 +@USE_MD5_TRUE@am__append_7 = plugins/md5 +@USE_SHA1_TRUE@am__append_8 = plugins/sha1 +@USE_SHA2_TRUE@am__append_9 = plugins/sha2 +@USE_FIPS_PRF_TRUE@am__append_10 = plugins/fips_prf +@USE_GMP_TRUE@am__append_11 = plugins/gmp +@USE_RANDOM_TRUE@am__append_12 = plugins/random +@USE_HMAC_TRUE@am__append_13 = plugins/hmac +@USE_XCBC_TRUE@am__append_14 = plugins/xcbc +@USE_X509_TRUE@am__append_15 = plugins/x509 +@USE_PUBKEY_TRUE@am__append_16 = plugins/pubkey +@USE_CURL_TRUE@am__append_17 = plugins/curl +@USE_LDAP_TRUE@am__append_18 = plugins/ldap +@USE_MYSQL_TRUE@am__append_19 = plugins/mysql +@USE_SQLITE_TRUE@am__append_20 = plugins/sqlite +@USE_PADLOCK_TRUE@am__append_21 = plugins/padlock +@USE_OPENSSL_TRUE@am__append_22 = plugins/openssl +@USE_AGENT_TRUE@am__append_23 = plugins/agent +@USE_INTEGRITY_TEST_TRUE@am__append_24 = fips subdir = src/libstrongswan DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 @@ -104,12 +105,12 @@ am__libstrongswan_la_SOURCES_DIST = library.c library.h chunk.c \ database/database_factory.c utils.h utils.c utils/host.c \ utils/host.h utils/identification.c utils/identification.h \ utils/iterator.h utils/lexparser.c utils/lexparser.h \ - utils/linked_list.c utils/linked_list.h utils/enumerator.c \ - utils/enumerator.h utils/optionsfrom.c utils/optionsfrom.h \ - utils/mutex.c utils/mutex.h utils/backtrace.c \ - utils/backtrace.h plugins/plugin_loader.c \ - plugins/plugin_loader.h plugins/plugin.h \ - utils/leak_detective.c utils/leak_detective.h \ + utils/linked_list.c utils/linked_list.h utils/hashtable.c \ + utils/hashtable.h utils/enumerator.c utils/enumerator.h \ + utils/optionsfrom.c utils/optionsfrom.h utils/mutex.c \ + utils/mutex.h utils/backtrace.c utils/backtrace.h \ + plugins/plugin_loader.c plugins/plugin_loader.h \ + plugins/plugin.h utils/leak_detective.c utils/leak_detective.h \ fips/fips_canister_start.c fips/fips.c fips/fips.h \ fips/fips_canister_end.c @USE_LEAK_DETECTIVE_TRUE@am__objects_1 = leak_detective.lo @@ -127,8 +128,9 @@ am__libstrongswan_la_SOURCES_DIST = library.c library.h chunk.c \ @USE_INTEGRITY_TEST_FALSE@ fetcher_manager.lo \ @USE_INTEGRITY_TEST_FALSE@ database_factory.lo utils.lo host.lo \ @USE_INTEGRITY_TEST_FALSE@ identification.lo lexparser.lo \ -@USE_INTEGRITY_TEST_FALSE@ linked_list.lo enumerator.lo \ -@USE_INTEGRITY_TEST_FALSE@ optionsfrom.lo mutex.lo backtrace.lo \ +@USE_INTEGRITY_TEST_FALSE@ linked_list.lo hashtable.lo \ +@USE_INTEGRITY_TEST_FALSE@ enumerator.lo optionsfrom.lo \ +@USE_INTEGRITY_TEST_FALSE@ mutex.lo backtrace.lo \ @USE_INTEGRITY_TEST_FALSE@ plugin_loader.lo $(am__objects_1) @USE_INTEGRITY_TEST_TRUE@am_libstrongswan_la_OBJECTS = \ @USE_INTEGRITY_TEST_TRUE@ fips_canister_start.lo fips.lo \ @@ -145,10 +147,10 @@ am__libstrongswan_la_SOURCES_DIST = library.c library.h chunk.c \ @USE_INTEGRITY_TEST_TRUE@ fetcher_manager.lo \ @USE_INTEGRITY_TEST_TRUE@ database_factory.lo utils.lo host.lo \ @USE_INTEGRITY_TEST_TRUE@ identification.lo lexparser.lo \ -@USE_INTEGRITY_TEST_TRUE@ linked_list.lo enumerator.lo \ -@USE_INTEGRITY_TEST_TRUE@ optionsfrom.lo mutex.lo backtrace.lo \ -@USE_INTEGRITY_TEST_TRUE@ plugin_loader.lo $(am__objects_1) \ -@USE_INTEGRITY_TEST_TRUE@ fips_canister_end.lo +@USE_INTEGRITY_TEST_TRUE@ linked_list.lo hashtable.lo \ +@USE_INTEGRITY_TEST_TRUE@ enumerator.lo optionsfrom.lo mutex.lo \ +@USE_INTEGRITY_TEST_TRUE@ backtrace.lo plugin_loader.lo \ +@USE_INTEGRITY_TEST_TRUE@ $(am__objects_1) fips_canister_end.lo libstrongswan_la_OBJECTS = $(am_libstrongswan_la_OBJECTS) DEFAULT_INCLUDES = -I.@am__isrc@ depcomp = $(SHELL) $(top_srcdir)/depcomp @@ -175,11 +177,12 @@ RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \ distclean-recursive maintainer-clean-recursive ETAGS = etags CTAGS = ctags -DIST_SUBDIRS = . plugins/aes plugins/des plugins/md5 plugins/sha1 \ - plugins/sha2 plugins/fips_prf plugins/gmp plugins/random \ - plugins/hmac plugins/xcbc plugins/x509 plugins/pubkey \ - plugins/curl plugins/ldap plugins/mysql plugins/sqlite \ - plugins/padlock plugins/openssl plugins/agent fips +DIST_SUBDIRS = . plugins/aes plugins/des plugins/md4 plugins/md5 \ + plugins/sha1 plugins/sha2 plugins/fips_prf plugins/gmp \ + plugins/random plugins/hmac plugins/xcbc plugins/x509 \ + plugins/pubkey plugins/curl plugins/ldap plugins/mysql \ + plugins/sqlite plugins/padlock plugins/openssl plugins/agent \ + fips DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) ACLOCAL = @ACLOCAL@ AMTAR = @AMTAR@ @@ -193,22 +196,17 @@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXDEPMODE = @CXXDEPMODE@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ DSYMUTIL = @DSYMUTIL@ -ECHO = @ECHO@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GPERF = @GPERF@ GREP = @GREP@ INSTALL = @INSTALL@ @@ -218,6 +216,7 @@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@ IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ @@ -226,12 +225,16 @@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ LINUX_HEADERS = @LINUX_HEADERS@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ +NM = @NM@ NMEDIT = @NMEDIT@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ @@ -254,8 +257,7 @@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ am__include = @am__include@ am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ @@ -294,6 +296,7 @@ libstrongswan_plugins = @libstrongswan_plugins@ linuxdir = @linuxdir@ localedir = @localedir@ localstatedir = @localstatedir@ +lt_ECHO = @lt_ECHO@ mandir = @mandir@ mkdir_p = @mkdir_p@ nm_CFLAGS = @nm_CFLAGS@ @@ -373,6 +376,7 @@ lib_LTLIBRARIES = libstrongswan.la @USE_INTEGRITY_TEST_FALSE@ utils/lexparser.h \ @USE_INTEGRITY_TEST_FALSE@ utils/linked_list.c \ @USE_INTEGRITY_TEST_FALSE@ utils/linked_list.h \ +@USE_INTEGRITY_TEST_FALSE@ utils/hashtable.c utils/hashtable.h \ @USE_INTEGRITY_TEST_FALSE@ utils/enumerator.c \ @USE_INTEGRITY_TEST_FALSE@ utils/enumerator.h \ @USE_INTEGRITY_TEST_FALSE@ utils/optionsfrom.c \ @@ -436,8 +440,9 @@ lib_LTLIBRARIES = libstrongswan.la @USE_INTEGRITY_TEST_TRUE@ utils/identification.h \ @USE_INTEGRITY_TEST_TRUE@ utils/iterator.h utils/lexparser.c \ @USE_INTEGRITY_TEST_TRUE@ utils/lexparser.h utils/linked_list.c \ -@USE_INTEGRITY_TEST_TRUE@ utils/linked_list.h \ -@USE_INTEGRITY_TEST_TRUE@ utils/enumerator.c utils/enumerator.h \ +@USE_INTEGRITY_TEST_TRUE@ utils/linked_list.h utils/hashtable.c \ +@USE_INTEGRITY_TEST_TRUE@ utils/hashtable.h utils/enumerator.c \ +@USE_INTEGRITY_TEST_TRUE@ utils/enumerator.h \ @USE_INTEGRITY_TEST_TRUE@ utils/optionsfrom.c \ @USE_INTEGRITY_TEST_TRUE@ utils/optionsfrom.h utils/mutex.c \ @USE_INTEGRITY_TEST_TRUE@ utils/mutex.h utils/backtrace.c \ @@ -463,7 +468,7 @@ SUBDIRS = . $(am__append_4) $(am__append_5) $(am__append_6) \ $(am__append_13) $(am__append_14) $(am__append_15) \ $(am__append_16) $(am__append_17) $(am__append_18) \ $(am__append_19) $(am__append_20) $(am__append_21) \ - $(am__append_22) $(am__append_23) + $(am__append_22) $(am__append_23) $(am__append_24) all: $(BUILT_SOURCES) $(MAKE) $(AM_MAKEFLAGS) all-recursive @@ -554,6 +559,7 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fips_canister_end.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fips_canister_start.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hasher.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hashtable.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/host.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/identification.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/leak_detective.Plo@am__quote@ @@ -796,6 +802,13 @@ linked_list.lo: utils/linked_list.c @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o linked_list.lo `test -f 'utils/linked_list.c' || echo '$(srcdir)/'`utils/linked_list.c +hashtable.lo: utils/hashtable.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT hashtable.lo -MD -MP -MF $(DEPDIR)/hashtable.Tpo -c -o hashtable.lo `test -f 'utils/hashtable.c' || echo '$(srcdir)/'`utils/hashtable.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/hashtable.Tpo $(DEPDIR)/hashtable.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='utils/hashtable.c' object='hashtable.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o hashtable.lo `test -f 'utils/hashtable.c' || echo '$(srcdir)/'`utils/hashtable.c + enumerator.lo: utils/enumerator.c @am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT enumerator.lo -MD -MP -MF $(DEPDIR)/enumerator.Tpo -c -o enumerator.lo `test -f 'utils/enumerator.c' || echo '$(srcdir)/'`utils/enumerator.c @am__fastdepCC_TRUE@ mv -f $(DEPDIR)/enumerator.Tpo $(DEPDIR)/enumerator.Plo diff --git a/src/libstrongswan/asn1/asn1.c b/src/libstrongswan/asn1/asn1.c index 524abfe5e..6122aa9f8 100644 --- a/src/libstrongswan/asn1/asn1.c +++ b/src/libstrongswan/asn1/asn1.c @@ -14,7 +14,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * $Id: asn1.c 4047 2008-06-10 07:36:44Z tobias $ + * $Id: asn1.c 4776 2008-12-09 15:00:30Z martin $ */ #include <stdio.h> @@ -348,8 +348,9 @@ chunk_t asn1_from_time(const time_t *time, asn1_t type) const char *format; char buf[BUF_LEN]; chunk_t formatted_time; - struct tm *t = gmtime(time); + struct tm t; + gmtime_r(time, &t); if (type == ASN1_GENERALIZEDTIME) { format = "%04d%02d%02d%02d%02d%02dZ"; @@ -358,10 +359,10 @@ chunk_t asn1_from_time(const time_t *time, asn1_t type) else /* ASN1_UTCTIME */ { format = "%02d%02d%02d%02d%02d%02dZ"; - offset = (t->tm_year < 100)? 0 : -100; + offset = (t.tm_year < 100)? 0 : -100; } - snprintf(buf, BUF_LEN, format, t->tm_year + offset, - t->tm_mon + 1, t->tm_mday, t->tm_hour, t->tm_min, t->tm_sec); + snprintf(buf, BUF_LEN, format, t.tm_year + offset, + t.tm_mon + 1, t.tm_mday, t.tm_hour, t.tm_min, t.tm_sec); formatted_time.ptr = buf; formatted_time.len = strlen(buf); return asn1_simple_object(type, formatted_time); diff --git a/src/libstrongswan/chunk.c b/src/libstrongswan/chunk.c index 565f48fb0..681581af9 100644 --- a/src/libstrongswan/chunk.c +++ b/src/libstrongswan/chunk.c @@ -1,4 +1,5 @@ /* + * Copyright (C) 2008 Tobias Brunner * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter * Hochschule fuer Technik Rapperswil @@ -13,7 +14,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * $Id: chunk.c 4276 2008-08-22 10:44:51Z martin $ + * $Id: chunk.c 4784 2008-12-10 13:43:51Z tobias $ */ #include <stdio.h> @@ -26,6 +27,16 @@ #include <debug.h> #include <printf_hook.h> +/* required for chunk_hash */ +#undef get16bits +#if (defined(__GNUC__) && defined(__i386__)) +#define get16bits(d) (*((const u_int16_t*)(d))) +#endif +#if !defined (get16bits) +#define get16bits(d) ((((u_int32_t)(((const u_int8_t*)(d))[1])) << 8)\ + + (u_int32_t)(((const u_int8_t*)(d))[0]) ) +#endif + /** * Empty chunk. */ @@ -34,15 +45,6 @@ chunk_t chunk_empty = { NULL, 0 }; /** * Described in header. */ -chunk_t chunk_create(u_char *ptr, size_t len) -{ - chunk_t chunk = {ptr, len}; - return chunk; -} - -/** - * Described in header. - */ chunk_t chunk_create_clone(u_char *ptr, chunk_t chunk) { chunk_t clone = chunk_empty; @@ -132,7 +134,7 @@ chunk_t chunk_create_cat(u_char *ptr, const char* mode, ...) void chunk_split(chunk_t chunk, const char *mode, ...) { va_list chunks; - size_t len; + u_int len; chunk_t *ch; va_start(chunks, mode); @@ -142,7 +144,7 @@ void chunk_split(chunk_t chunk, const char *mode, ...) { break; } - len = va_arg(chunks, size_t); + len = va_arg(chunks, u_int); ch = va_arg(chunks, chunk_t*); /* a null chunk means skip len bytes */ if (ch == NULL) @@ -251,7 +253,7 @@ static char hexdig_lower[] = "0123456789abcdef"; */ chunk_t chunk_to_hex(chunk_t chunk, char *buf, bool uppercase) { - int i, len;; + int i, len; char *hexdig = hexdig_lower; if (uppercase) @@ -428,39 +430,6 @@ chunk_t chunk_from_base64(chunk_t base64, char *buf) /** * Described in header. */ -void chunk_free(chunk_t *chunk) -{ - free(chunk->ptr); - chunk->ptr = NULL; - chunk->len = 0; -} - -/** - * Described in header. - */ -void chunk_clear(chunk_t *chunk) -{ - memset(chunk->ptr, 0, chunk->len); - chunk_free(chunk); -} - -/** - * Described in header. - */ -chunk_t chunk_skip(chunk_t chunk, size_t bytes) -{ - if (chunk.len > bytes) - { - chunk.ptr += bytes; - chunk.len -= bytes; - return chunk; - } - return chunk_empty; -} - -/** - * Described in header. - */ int chunk_compare(chunk_t a, chunk_t b) { int compare_len = a.len - b.len; @@ -475,11 +444,79 @@ int chunk_compare(chunk_t a, chunk_t b) /** * Described in header. + * + * The implementation is based on Paul Hsieh's SuperFastHash: + * http://www.azillionmonkeys.com/qed/hash.html + */ +u_int32_t chunk_hash_inc(chunk_t chunk, u_int32_t hash) +{ + u_char *data = chunk.ptr; + size_t len = chunk.len; + u_int32_t tmp; + int rem; + + if (!len || data == NULL) + { + return 0; + } + + rem = len & 3; + len >>= 2; + + /* Main loop */ + for (; len > 0; --len) + { + hash += get16bits(data); + tmp = (get16bits(data + 2) << 11) ^ hash; + hash = (hash << 16) ^ tmp; + data += 2 * sizeof(u_int16_t); + hash += hash >> 11; + } + + /* Handle end cases */ + switch (rem) + { + case 3: + { + hash += get16bits(data); + hash ^= hash << 16; + hash ^= data[sizeof(u_int16_t)] << 18; + hash += hash >> 11; + break; + } + case 2: + { + hash += get16bits(data); + hash ^= hash << 11; + hash += hash >> 17; + break; + } + case 1: + { + hash += *data; + hash ^= hash << 10; + hash += hash >> 1; + break; + } + } + + /* Force "avalanching" of final 127 bits */ + hash ^= hash << 3; + hash += hash >> 5; + hash ^= hash << 4; + hash += hash >> 17; + hash ^= hash << 25; + hash += hash >> 6; + + return hash; +} + +/** + * Described in header. */ -bool chunk_equals(chunk_t a, chunk_t b) +u_int32_t chunk_hash(chunk_t chunk) { - return a.ptr != NULL && b.ptr != NULL && - a.len == b.len && memeq(a.ptr, b.ptr, a.len); + return chunk_hash_inc(chunk, chunk.len); } /** diff --git a/src/libstrongswan/chunk.h b/src/libstrongswan/chunk.h index 7e70a2a2d..2986e0db3 100644 --- a/src/libstrongswan/chunk.h +++ b/src/libstrongswan/chunk.h @@ -1,4 +1,5 @@ /* + * Copyright (C) 2008 Tobias Brunner * Copyright (C) 2005-2008 Martin Willi * Copyright (C) 2005 Jan Hutter * Hochschule fuer Technik Rapperswil @@ -13,7 +14,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * $Id: chunk.h 4276 2008-08-22 10:44:51Z martin $ + * $Id: chunk.h 4841 2009-01-15 01:52:44Z andreas $ */ /** @@ -50,7 +51,11 @@ extern chunk_t chunk_empty; /** * Create a new chunk pointing to "ptr" with length "len" */ -chunk_t chunk_create(u_char *ptr, size_t len); +static inline chunk_t chunk_create(u_char *ptr, size_t len) +{ + chunk_t chunk = {ptr, len}; + return chunk; +} /** * Create a clone of a chunk pointing to "ptr" @@ -135,12 +140,23 @@ chunk_t chunk_from_base64(chunk_t base64, char *buf); /** * Free contents of a chunk */ -void chunk_free(chunk_t *chunk); +static inline void chunk_free(chunk_t *chunk) +{ + free(chunk->ptr); + *chunk = chunk_empty; +} /** * Overwrite the contents of a chunk and free it */ -void chunk_clear(chunk_t *chunk); +static inline void chunk_clear(chunk_t *chunk) +{ + if (chunk->ptr) + { + memset(chunk->ptr, 0, chunk->len); + chunk_free(chunk); + } +} /** * Initialize a chunk to point to buffer inspectable by sizeof() @@ -185,7 +201,16 @@ void chunk_clear(chunk_t *chunk); /** * Skip n bytes in chunk (forward pointer, shorten length) */ -chunk_t chunk_skip(chunk_t chunk, size_t bytes); +static inline chunk_t chunk_skip(chunk_t chunk, size_t bytes) +{ + if (chunk.len > bytes) + { + chunk.ptr += bytes; + chunk.len -= bytes; + return chunk; + } + return chunk_empty; +} /** * Compare two chunks, returns zero if a equals b @@ -197,7 +222,22 @@ int chunk_compare(chunk_t a, chunk_t b); * Compare two chunks for equality, * NULL chunks are never equal. */ -bool chunk_equals(chunk_t a, chunk_t b); +static inline bool chunk_equals(chunk_t a, chunk_t b) +{ + return a.ptr != NULL && b.ptr != NULL && + a.len == b.len && memeq(a.ptr, b.ptr, a.len); +} + +/** + * Computes a 32 bit hash of the given chunk. + * Note: This hash is only intended for hash tables not for cryptographic purposes. + */ +u_int32_t chunk_hash(chunk_t chunk); + +/** + * Incremental version of chunk_hash. Use this to hash two or more chunks. + */ +u_int32_t chunk_hash_inc(chunk_t chunk, u_int32_t hash); /** * Get printf hooks for a chunk. diff --git a/src/libstrongswan/credentials/builder.c b/src/libstrongswan/credentials/builder.c index 4295b3094..0bca198f1 100644 --- a/src/libstrongswan/credentials/builder.c +++ b/src/libstrongswan/credentials/builder.c @@ -35,6 +35,8 @@ ENUM(builder_part_names, BUILD_FROM_FILE, BUILD_END, "BUILD_CA_CERT", "BUILD_CERT", "BUILD_X509_FLAG", + "BUILD_SMARTCARD_KEYID", + "BUILD_SMARTCARD_PIN", "BUILD_END", ); diff --git a/src/libstrongswan/credentials/builder.h b/src/libstrongswan/credentials/builder.h index cd75236ba..332d52d52 100644 --- a/src/libstrongswan/credentials/builder.h +++ b/src/libstrongswan/credentials/builder.h @@ -76,6 +76,10 @@ enum builder_part_t { BUILD_CERT, /** enforce an additional X509 flag, x509_flag_t */ BUILD_X509_FLAG, + /** key ID of a key on a smartcard, null terminated char* ([slot:]keyid) */ + BUILD_SMARTCARD_KEYID, + /** pin to access a key on a smartcard, null terminated char* */ + BUILD_SMARTCARD_PIN, /** end of variable argument builder list */ BUILD_END, }; diff --git a/src/libstrongswan/credentials/credential_factory.c b/src/libstrongswan/credentials/credential_factory.c index 203317fa4..5ae6980be 100644 --- a/src/libstrongswan/credentials/credential_factory.c +++ b/src/libstrongswan/credentials/credential_factory.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * $Id: credential_factory.c 4317 2008-09-02 11:00:13Z martin $ + * $Id: credential_factory.c 4777 2008-12-09 15:57:51Z martin $ */ #include "credential_factory.h" @@ -46,9 +46,9 @@ struct private_credential_factory_t { linked_list_t *constructors; /** - * mutex to lock access to modules + * lock access to builders */ - mutex_t *mutex; + rwlock_t *lock; }; typedef struct entry_t entry_t; @@ -86,12 +86,12 @@ static enumerator_t* create_builder_enumerator( data->type = type; data->subtype = subtype; - this->mutex->lock(this->mutex); + this->lock->read_lock(this->lock); return enumerator_create_cleaner( enumerator_create_filter( this->constructors->create_enumerator(this->constructors), (void*)builder_filter, data, free), - (void*)this->mutex->unlock, this->mutex); + (void*)this->lock->unlock, this->lock); } /** @@ -106,9 +106,9 @@ static void add_builder(private_credential_factory_t *this, entry->type = type; entry->subtype = subtype; entry->constructor = constructor; - this->mutex->lock(this->mutex); + this->lock->write_lock(this->lock); this->constructors->insert_last(this->constructors, entry); - this->mutex->unlock(this->mutex); + this->lock->unlock(this->lock); } /** @@ -120,7 +120,7 @@ static void remove_builder(private_credential_factory_t *this, enumerator_t *enumerator; entry_t *entry; - this->mutex->lock(this->mutex); + this->lock->write_lock(this->lock); enumerator = this->constructors->create_enumerator(this->constructors); while (enumerator->enumerate(enumerator, &entry)) { @@ -131,7 +131,7 @@ static void remove_builder(private_credential_factory_t *this, } } enumerator->destroy(enumerator); - this->mutex->unlock(this->mutex); + this->lock->unlock(this->lock); } /** @@ -184,6 +184,8 @@ static void* create(private_credential_factory_t *this, credential_type_t type, case BUILD_CA_CERT: case BUILD_CERT: case BUILD_IETF_GROUP_ATTR: + case BUILD_SMARTCARD_KEYID: + case BUILD_SMARTCARD_PIN: builder->add(builder, part, va_arg(args, void*)); continue; /* no default to get a compiler warning */ @@ -213,7 +215,7 @@ static void* create(private_credential_factory_t *this, credential_type_t type, static void destroy(private_credential_factory_t *this) { this->constructors->destroy_function(this->constructors, free); - this->mutex->destroy(this->mutex); + this->lock->destroy(this->lock); free(this); } @@ -232,7 +234,7 @@ credential_factory_t *credential_factory_create() this->constructors = linked_list_create(); - this->mutex = mutex_create(MUTEX_RECURSIVE); + this->lock = rwlock_create(RWLOCK_DEFAULT); return &this->public; } diff --git a/src/libstrongswan/crypto/crypters/crypter.c b/src/libstrongswan/crypto/crypters/crypter.c index 2c291a9f5..13ba9c6e2 100644 --- a/src/libstrongswan/crypto/crypters/crypter.c +++ b/src/libstrongswan/crypto/crypters/crypter.c @@ -13,7 +13,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * $Id: crypter.c 3971 2008-05-16 13:27:21Z tobias $ + * $Id: crypter.c 4880 2009-02-18 19:45:46Z tobias $ */ #include "crypter.h" @@ -41,5 +41,7 @@ ENUM_NEXT(encryption_algorithm_names, ENCR_AES_GCM_ICV8, ENCR_AES_GCM_ICV16, ENC "AES_GCM_8", "AES_GCM_12", "AES_GCM_16"); -ENUM_END(encryption_algorithm_names, ENCR_AES_GCM_ICV16); +ENUM_NEXT(encryption_algorithm_names, ENCR_DES_ECB, ENCR_DES_ECB, ENCR_AES_GCM_ICV16, + "DES_ECB"); +ENUM_END(encryption_algorithm_names, ENCR_DES_ECB); diff --git a/src/libstrongswan/crypto/crypters/crypter.h b/src/libstrongswan/crypto/crypters/crypter.h index fb06af97d..1a70bd125 100644 --- a/src/libstrongswan/crypto/crypters/crypter.h +++ b/src/libstrongswan/crypto/crypters/crypter.h @@ -13,7 +13,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * $Id: crypter.h 4532 2008-10-30 13:21:21Z martin $ + * $Id: crypter.h 4886 2009-02-19 13:46:08Z tobias $ */ /** @@ -51,7 +51,8 @@ enum encryption_algorithm_t { ENCR_AES_CCM_ICV16 = 16, ENCR_AES_GCM_ICV8 = 18, ENCR_AES_GCM_ICV12 = 19, - ENCR_AES_GCM_ICV16 = 20 + ENCR_AES_GCM_ICV16 = 20, + ENCR_DES_ECB = 1025 }; /** diff --git a/src/libstrongswan/crypto/diffie_hellman.c b/src/libstrongswan/crypto/diffie_hellman.c index 02d2cb52a..53c3a1632 100644 --- a/src/libstrongswan/crypto/diffie_hellman.c +++ b/src/libstrongswan/crypto/diffie_hellman.c @@ -13,7 +13,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * $Id: diffie_hellman.c 4023 2008-05-29 06:55:03Z andreas $ + * $Id: diffie_hellman.c 4685 2008-11-22 16:14:55Z martin $ */ #include "diffie_hellman.h" @@ -36,5 +36,7 @@ ENUM_NEXT(diffie_hellman_group_names, MODP_2048_BIT, ECP_521_BIT, MODP_1536_BIT, ENUM_NEXT(diffie_hellman_group_names, ECP_192_BIT, ECP_224_BIT, ECP_521_BIT, "ECP_192_BIT", "ECP_224_BIT"); -ENUM_END(diffie_hellman_group_names, ECP_224_BIT); +ENUM_NEXT(diffie_hellman_group_names, MODP_NULL, MODP_NULL, ECP_224_BIT, + "MODP_NULL"); +ENUM_END(diffie_hellman_group_names, MODP_NULL); diff --git a/src/libstrongswan/crypto/diffie_hellman.h b/src/libstrongswan/crypto/diffie_hellman.h index ce8ab8e21..4147d85af 100644 --- a/src/libstrongswan/crypto/diffie_hellman.h +++ b/src/libstrongswan/crypto/diffie_hellman.h @@ -13,7 +13,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * $Id: diffie_hellman.h 4566 2008-11-04 13:12:11Z martin $ + * $Id: diffie_hellman.h 4685 2008-11-22 16:14:55Z martin $ */ /** @@ -52,6 +52,8 @@ enum diffie_hellman_group_t { ECP_521_BIT = 21, ECP_192_BIT = 25, ECP_224_BIT = 26, + /** insecure NULL diffie hellman group for testing, in PRIVATE USE */ + MODP_NULL = 1024, }; /** diff --git a/src/libstrongswan/crypto/hashers/hasher.c b/src/libstrongswan/crypto/hashers/hasher.c index 6c29d1d5d..cf507442d 100644 --- a/src/libstrongswan/crypto/hashers/hasher.c +++ b/src/libstrongswan/crypto/hashers/hasher.c @@ -14,14 +14,14 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * $Id: hasher.c 3619 2008-03-19 14:02:52Z martin $ + * $Id: hasher.c 4880 2009-02-18 19:45:46Z tobias $ */ #include "hasher.h" #include <asn1/oid.h> -ENUM(hash_algorithm_names, HASH_UNKNOWN, HASH_SHA512, +ENUM(hash_algorithm_names, HASH_UNKNOWN, HASH_MD4, "HASH_UNKNOWN", "HASH_PREFERRED", "HASH_MD2", @@ -29,7 +29,8 @@ ENUM(hash_algorithm_names, HASH_UNKNOWN, HASH_SHA512, "HASH_SHA1", "HASH_SHA256", "HASH_SHA384", - "HASH_SHA512" + "HASH_SHA512", + "HASH_MD4" ); /* diff --git a/src/libstrongswan/crypto/hashers/hasher.h b/src/libstrongswan/crypto/hashers/hasher.h index e19b0318b..fe2f48be6 100644 --- a/src/libstrongswan/crypto/hashers/hasher.h +++ b/src/libstrongswan/crypto/hashers/hasher.h @@ -14,7 +14,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * $Id: hasher.h 3619 2008-03-19 14:02:52Z martin $ + * $Id: hasher.h 4880 2009-02-18 19:45:46Z tobias $ */ /** @@ -44,9 +44,11 @@ enum hash_algorithm_t { HASH_SHA256 = 5, HASH_SHA384 = 6, HASH_SHA512 = 7, + HASH_MD4 = 8, }; #define HASH_SIZE_MD2 16 +#define HASH_SIZE_MD4 16 #define HASH_SIZE_MD5 16 #define HASH_SIZE_SHA1 20 #define HASH_SIZE_SHA256 32 diff --git a/src/libstrongswan/fips/Makefile.in b/src/libstrongswan/fips/Makefile.in index 9814d631f..d1c3ed5b6 100644 --- a/src/libstrongswan/fips/Makefile.in +++ b/src/libstrongswan/fips/Makefile.in @@ -76,22 +76,17 @@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXDEPMODE = @CXXDEPMODE@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ DSYMUTIL = @DSYMUTIL@ -ECHO = @ECHO@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GPERF = @GPERF@ GREP = @GREP@ INSTALL = @INSTALL@ @@ -101,6 +96,7 @@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@ IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ @@ -109,12 +105,16 @@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ LINUX_HEADERS = @LINUX_HEADERS@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ +NM = @NM@ NMEDIT = @NMEDIT@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ @@ -137,8 +137,7 @@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ am__include = @am__include@ am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ @@ -177,6 +176,7 @@ libstrongswan_plugins = @libstrongswan_plugins@ linuxdir = @linuxdir@ localedir = @localedir@ localstatedir = @localstatedir@ +lt_ECHO = @lt_ECHO@ mandir = @mandir@ mkdir_p = @mkdir_p@ nm_CFLAGS = @nm_CFLAGS@ diff --git a/src/libstrongswan/plugins/aes/Makefile.in b/src/libstrongswan/plugins/aes/Makefile.in index 55faa07f0..e4eb7e5cf 100644 --- a/src/libstrongswan/plugins/aes/Makefile.in +++ b/src/libstrongswan/plugins/aes/Makefile.in @@ -84,22 +84,17 @@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXDEPMODE = @CXXDEPMODE@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ DSYMUTIL = @DSYMUTIL@ -ECHO = @ECHO@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GPERF = @GPERF@ GREP = @GREP@ INSTALL = @INSTALL@ @@ -109,6 +104,7 @@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@ IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ @@ -117,12 +113,16 @@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ LINUX_HEADERS = @LINUX_HEADERS@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ +NM = @NM@ NMEDIT = @NMEDIT@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ @@ -145,8 +145,7 @@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ am__include = @am__include@ am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ @@ -185,6 +184,7 @@ libstrongswan_plugins = @libstrongswan_plugins@ linuxdir = @linuxdir@ localedir = @localedir@ localstatedir = @localstatedir@ +lt_ECHO = @lt_ECHO@ mandir = @mandir@ mkdir_p = @mkdir_p@ nm_CFLAGS = @nm_CFLAGS@ diff --git a/src/libstrongswan/plugins/agent/Makefile.in b/src/libstrongswan/plugins/agent/Makefile.in index eb38b537a..6b2da9cb4 100644 --- a/src/libstrongswan/plugins/agent/Makefile.in +++ b/src/libstrongswan/plugins/agent/Makefile.in @@ -85,22 +85,17 @@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXDEPMODE = @CXXDEPMODE@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ DSYMUTIL = @DSYMUTIL@ -ECHO = @ECHO@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GPERF = @GPERF@ GREP = @GREP@ INSTALL = @INSTALL@ @@ -110,6 +105,7 @@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@ IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ @@ -118,12 +114,16 @@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ LINUX_HEADERS = @LINUX_HEADERS@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ +NM = @NM@ NMEDIT = @NMEDIT@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ @@ -146,8 +146,7 @@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ am__include = @am__include@ am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ @@ -186,6 +185,7 @@ libstrongswan_plugins = @libstrongswan_plugins@ linuxdir = @linuxdir@ localedir = @localedir@ localstatedir = @localstatedir@ +lt_ECHO = @lt_ECHO@ mandir = @mandir@ mkdir_p = @mkdir_p@ nm_CFLAGS = @nm_CFLAGS@ diff --git a/src/libstrongswan/plugins/curl/Makefile.in b/src/libstrongswan/plugins/curl/Makefile.in index cb44a4ffe..cd916ccbe 100644 --- a/src/libstrongswan/plugins/curl/Makefile.in +++ b/src/libstrongswan/plugins/curl/Makefile.in @@ -84,22 +84,17 @@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXDEPMODE = @CXXDEPMODE@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ DSYMUTIL = @DSYMUTIL@ -ECHO = @ECHO@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GPERF = @GPERF@ GREP = @GREP@ INSTALL = @INSTALL@ @@ -109,6 +104,7 @@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@ IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ @@ -117,12 +113,16 @@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ LINUX_HEADERS = @LINUX_HEADERS@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ +NM = @NM@ NMEDIT = @NMEDIT@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ @@ -145,8 +145,7 @@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ am__include = @am__include@ am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ @@ -185,6 +184,7 @@ libstrongswan_plugins = @libstrongswan_plugins@ linuxdir = @linuxdir@ localedir = @localedir@ localstatedir = @localstatedir@ +lt_ECHO = @lt_ECHO@ mandir = @mandir@ mkdir_p = @mkdir_p@ nm_CFLAGS = @nm_CFLAGS@ diff --git a/src/libstrongswan/plugins/des/Makefile.in b/src/libstrongswan/plugins/des/Makefile.in index 8824bd238..415c126af 100644 --- a/src/libstrongswan/plugins/des/Makefile.in +++ b/src/libstrongswan/plugins/des/Makefile.in @@ -84,22 +84,17 @@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXDEPMODE = @CXXDEPMODE@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ DSYMUTIL = @DSYMUTIL@ -ECHO = @ECHO@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GPERF = @GPERF@ GREP = @GREP@ INSTALL = @INSTALL@ @@ -109,6 +104,7 @@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@ IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ @@ -117,12 +113,16 @@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ LINUX_HEADERS = @LINUX_HEADERS@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ +NM = @NM@ NMEDIT = @NMEDIT@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ @@ -145,8 +145,7 @@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ am__include = @am__include@ am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ @@ -185,6 +184,7 @@ libstrongswan_plugins = @libstrongswan_plugins@ linuxdir = @linuxdir@ localedir = @localedir@ localstatedir = @localstatedir@ +lt_ECHO = @lt_ECHO@ mandir = @mandir@ mkdir_p = @mkdir_p@ nm_CFLAGS = @nm_CFLAGS@ diff --git a/src/libstrongswan/plugins/des/des_crypter.c b/src/libstrongswan/plugins/des/des_crypter.c index 43aff4dd1..a0b147c63 100644 --- a/src/libstrongswan/plugins/des/des_crypter.c +++ b/src/libstrongswan/plugins/des/des_crypter.c @@ -1,4 +1,6 @@ -/* Copyright (C) 2006 Martin Willi +/* + * Copyright (C) 2009 Tobias Brunner + * Copyright (C) 2006 Martin Willi * Hochschule fuer Technik Rapperswil * * Derived from Plutos DES library by Eric Young. @@ -55,7 +57,7 @@ * copied and put under another distribution licence * [including the GNU Public Licence.] * - * $Id: des_crypter.c 3910 2008-05-07 11:54:30Z martin $ + * $Id: des_crypter.c 4887 2009-02-19 14:29:25Z tobias $ */ #include "des_crypter.h" @@ -1107,6 +1109,65 @@ static void des_cbc_encrypt(des_cblock *input, des_cblock *output, long length, tin[0]=tin[1]=0; } +/** + * DES ECB encrypt decrypt routine + */ +static void des_ecb_encrypt(des_cblock *input, des_cblock *output, long length, + des_key_schedule schedule, int enc) +{ + register DES_LONG tin0,tin1; + register DES_LONG tout0,tout1; + register unsigned char *in,*out; + register long l=length; + DES_LONG tin[2]; + + in=(unsigned char *)input; + out=(unsigned char *)output; + + if (enc) + { + for (l-=8; l>=0; l-=8) + { + c2l(in,tin0); + c2l(in,tin1); + tin[0]=tin0; + tin[1]=tin1; + des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT); + tout0=tin[0]; l2c(tout0,out); + tout1=tin[1]; l2c(tout1,out); + } + if (l != -8) + { + c2ln(in,tin0,tin1,l+8); + tin[0]=tin0; + tin[1]=tin1; + des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT); + tout0=tin[0]; l2c(tout0,out); + tout1=tin[1]; l2c(tout1,out); + } + } + else + { + for (l-=8; l>=0; l-=8) + { + c2l(in,tin0); tin[0]=tin0; + c2l(in,tin1); tin[1]=tin1; + des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT); + l2c(tout0,out); + l2c(tout1,out); + } + if (l != -8) + { + c2l(in,tin0); tin[0]=tin0; + c2l(in,tin1); tin[1]=tin1; + des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT); + l2cn(tout0,tout1,out,l+8); + } + } + tin0=tin1=tout0=tout1=0; + tin[0]=tin[1]=0; +} + static void des_encrypt2(DES_LONG *data, des_key_schedule ks, int enc) { register DES_LONG l,r,t,u; @@ -1399,6 +1460,42 @@ static void encrypt(private_des_crypter_t *this, chunk_t data, chunk_t iv, } /** + * Implementation of crypter_t.decrypt for DES (ECB). + */ +static void decrypt_ecb(private_des_crypter_t *this, chunk_t data, chunk_t iv, + chunk_t *decrypted) +{ + u_int8_t *out; + + out = data.ptr; + if (decrypted) + { + *decrypted = chunk_alloc(data.len); + out = decrypted->ptr; + } + des_ecb_encrypt((des_cblock*)(data.ptr), (des_cblock*)out, + data.len, this->ks, DES_DECRYPT); +} + +/** + * Implementation of crypter_t.decrypt for DES (ECB). + */ +static void encrypt_ecb(private_des_crypter_t *this, chunk_t data, chunk_t iv, + chunk_t *encrypted) +{ + u_int8_t *out; + + out = data.ptr; + if (encrypted) + { + *encrypted = chunk_alloc(data.len); + out = encrypted->ptr; + } + des_ecb_encrypt((des_cblock*)(data.ptr), (des_cblock*)out, + data.len, this->ks, DES_ENCRYPT); +} + +/** * Implementation of crypter_t.decrypt for 3DES. */ static void decrypt3(private_des_crypter_t *this, chunk_t data, chunk_t iv, @@ -1509,6 +1606,12 @@ des_crypter_t *des_crypter_create(encryption_algorithm_t algo) this->public.crypter_interface.encrypt = (void (*) (crypter_t *, chunk_t,chunk_t, chunk_t *)) encrypt3; this->public.crypter_interface.decrypt = (void (*) (crypter_t *, chunk_t , chunk_t, chunk_t *)) decrypt3; break; + case ENCR_DES_ECB: + this->key_size = sizeof(des_cblock); + this->public.crypter_interface.set_key = (void (*) (crypter_t *,chunk_t)) set_key; + this->public.crypter_interface.encrypt = (void (*) (crypter_t *, chunk_t,chunk_t, chunk_t *)) encrypt_ecb; + this->public.crypter_interface.decrypt = (void (*) (crypter_t *, chunk_t , chunk_t, chunk_t *)) decrypt_ecb; + break; default: free(this); return NULL; diff --git a/src/libstrongswan/plugins/des/des_plugin.c b/src/libstrongswan/plugins/des/des_plugin.c index 538138d8a..a0d8ce07b 100644 --- a/src/libstrongswan/plugins/des/des_plugin.c +++ b/src/libstrongswan/plugins/des/des_plugin.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * $Id: des_plugin.c 4309 2008-08-28 11:07:57Z martin $ + * $Id: des_plugin.c 4887 2009-02-19 14:29:25Z tobias $ */ #include "des_plugin.h" @@ -56,6 +56,8 @@ plugin_t *plugin_create() (crypter_constructor_t)des_crypter_create); lib->crypto->add_crypter(lib->crypto, ENCR_DES, (crypter_constructor_t)des_crypter_create); + lib->crypto->add_crypter(lib->crypto, ENCR_DES_ECB, + (crypter_constructor_t)des_crypter_create); return &this->public.plugin; } diff --git a/src/libstrongswan/plugins/fips_prf/Makefile.in b/src/libstrongswan/plugins/fips_prf/Makefile.in index 48a6c9b28..1e53f435f 100644 --- a/src/libstrongswan/plugins/fips_prf/Makefile.in +++ b/src/libstrongswan/plugins/fips_prf/Makefile.in @@ -86,22 +86,17 @@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXDEPMODE = @CXXDEPMODE@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ DSYMUTIL = @DSYMUTIL@ -ECHO = @ECHO@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GPERF = @GPERF@ GREP = @GREP@ INSTALL = @INSTALL@ @@ -111,6 +106,7 @@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@ IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ @@ -119,12 +115,16 @@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ LINUX_HEADERS = @LINUX_HEADERS@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ +NM = @NM@ NMEDIT = @NMEDIT@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ @@ -147,8 +147,7 @@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ am__include = @am__include@ am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ @@ -187,6 +186,7 @@ libstrongswan_plugins = @libstrongswan_plugins@ linuxdir = @linuxdir@ localedir = @localedir@ localstatedir = @localstatedir@ +lt_ECHO = @lt_ECHO@ mandir = @mandir@ mkdir_p = @mkdir_p@ nm_CFLAGS = @nm_CFLAGS@ diff --git a/src/libstrongswan/plugins/gmp/Makefile.in b/src/libstrongswan/plugins/gmp/Makefile.in index 56642b7c9..c406f3af6 100644 --- a/src/libstrongswan/plugins/gmp/Makefile.in +++ b/src/libstrongswan/plugins/gmp/Makefile.in @@ -85,22 +85,17 @@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXDEPMODE = @CXXDEPMODE@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ DSYMUTIL = @DSYMUTIL@ -ECHO = @ECHO@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GPERF = @GPERF@ GREP = @GREP@ INSTALL = @INSTALL@ @@ -110,6 +105,7 @@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@ IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ @@ -118,12 +114,16 @@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ LINUX_HEADERS = @LINUX_HEADERS@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ +NM = @NM@ NMEDIT = @NMEDIT@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ @@ -146,8 +146,7 @@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ am__include = @am__include@ am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ @@ -186,6 +185,7 @@ libstrongswan_plugins = @libstrongswan_plugins@ linuxdir = @linuxdir@ localedir = @localedir@ localstatedir = @localstatedir@ +lt_ECHO = @lt_ECHO@ mandir = @mandir@ mkdir_p = @mkdir_p@ nm_CFLAGS = @nm_CFLAGS@ diff --git a/src/libstrongswan/plugins/hmac/Makefile.in b/src/libstrongswan/plugins/hmac/Makefile.in index ded48fbf2..067763049 100644 --- a/src/libstrongswan/plugins/hmac/Makefile.in +++ b/src/libstrongswan/plugins/hmac/Makefile.in @@ -85,22 +85,17 @@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXDEPMODE = @CXXDEPMODE@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ DSYMUTIL = @DSYMUTIL@ -ECHO = @ECHO@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GPERF = @GPERF@ GREP = @GREP@ INSTALL = @INSTALL@ @@ -110,6 +105,7 @@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@ IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ @@ -118,12 +114,16 @@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ LINUX_HEADERS = @LINUX_HEADERS@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ +NM = @NM@ NMEDIT = @NMEDIT@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ @@ -146,8 +146,7 @@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ am__include = @am__include@ am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ @@ -186,6 +185,7 @@ libstrongswan_plugins = @libstrongswan_plugins@ linuxdir = @linuxdir@ localedir = @localedir@ localstatedir = @localstatedir@ +lt_ECHO = @lt_ECHO@ mandir = @mandir@ mkdir_p = @mkdir_p@ nm_CFLAGS = @nm_CFLAGS@ diff --git a/src/libstrongswan/plugins/ldap/Makefile.in b/src/libstrongswan/plugins/ldap/Makefile.in index e828fbd44..e0109c6e8 100644 --- a/src/libstrongswan/plugins/ldap/Makefile.in +++ b/src/libstrongswan/plugins/ldap/Makefile.in @@ -84,22 +84,17 @@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXDEPMODE = @CXXDEPMODE@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ DSYMUTIL = @DSYMUTIL@ -ECHO = @ECHO@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GPERF = @GPERF@ GREP = @GREP@ INSTALL = @INSTALL@ @@ -109,6 +104,7 @@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@ IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ @@ -117,12 +113,16 @@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ LINUX_HEADERS = @LINUX_HEADERS@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ +NM = @NM@ NMEDIT = @NMEDIT@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ @@ -145,8 +145,7 @@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ am__include = @am__include@ am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ @@ -185,6 +184,7 @@ libstrongswan_plugins = @libstrongswan_plugins@ linuxdir = @linuxdir@ localedir = @localedir@ localstatedir = @localstatedir@ +lt_ECHO = @lt_ECHO@ mandir = @mandir@ mkdir_p = @mkdir_p@ nm_CFLAGS = @nm_CFLAGS@ diff --git a/src/libstrongswan/plugins/md4/Makefile.am b/src/libstrongswan/plugins/md4/Makefile.am new file mode 100644 index 000000000..f984322a6 --- /dev/null +++ b/src/libstrongswan/plugins/md4/Makefile.am @@ -0,0 +1,10 @@ + +INCLUDES = -I$(top_srcdir)/src/libstrongswan + +AM_CFLAGS = -rdynamic + +plugin_LTLIBRARIES = libstrongswan-md4.la + +libstrongswan_md4_la_SOURCES = md4_plugin.h md4_plugin.c md4_hasher.c md4_hasher.h +libstrongswan_md4_la_LDFLAGS = -module + diff --git a/src/libstrongswan/plugins/md4/Makefile.in b/src/libstrongswan/plugins/md4/Makefile.in new file mode 100644 index 000000000..4dbe8a6c4 --- /dev/null +++ b/src/libstrongswan/plugins/md4/Makefile.in @@ -0,0 +1,496 @@ +# Makefile.in generated by automake 1.10.1 from Makefile.am. +# @configure_input@ + +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +@SET_MAKE@ + +VPATH = @srcdir@ +pkgdatadir = $(datadir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ +subdir = src/libstrongswan/plugins/md4 +DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/configure.in +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(install_sh) -d +CONFIG_CLEAN_FILES = +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; +am__installdirs = "$(DESTDIR)$(plugindir)" +pluginLTLIBRARIES_INSTALL = $(INSTALL) +LTLIBRARIES = $(plugin_LTLIBRARIES) +libstrongswan_md4_la_LIBADD = +am_libstrongswan_md4_la_OBJECTS = md4_plugin.lo md4_hasher.lo +libstrongswan_md4_la_OBJECTS = $(am_libstrongswan_md4_la_OBJECTS) +libstrongswan_md4_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ + $(libstrongswan_md4_la_LDFLAGS) $(LDFLAGS) -o $@ +DEFAULT_INCLUDES = -I.@am__isrc@ +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ + $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ + $(LDFLAGS) -o $@ +SOURCES = $(libstrongswan_md4_la_SOURCES) +DIST_SOURCES = $(libstrongswan_md4_la_SOURCES) +ETAGS = etags +CTAGS = ctags +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMTAR = @AMTAR@ +AR = @AR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ +DEPDIR = @DEPDIR@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ +FGREP = @FGREP@ +GPERF = @GPERF@ +GREP = @GREP@ +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@ +IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@ +LD = @LD@ +LDFLAGS = @LDFLAGS@ +LEX = @LEX@ +LEXLIB = @LEXLIB@ +LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LIBTOOL = @LIBTOOL@ +LINUX_HEADERS = @LINUX_HEADERS@ +LIPO = @LIPO@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAKEINFO = @MAKEINFO@ +MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +PERL = @PERL@ +PKG_CONFIG = @PKG_CONFIG@ +RANLIB = @RANLIB@ +SED = @SED@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +STRIP = @STRIP@ +VERSION = @VERSION@ +YACC = @YACC@ +YFLAGS = @YFLAGS@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ +am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +builddir = @builddir@ +confdir = @confdir@ +datadir = @datadir@ +datarootdir = @datarootdir@ +docdir = @docdir@ +dvidir = @dvidir@ +exec_prefix = @exec_prefix@ +gtk_CFLAGS = @gtk_CFLAGS@ +gtk_LIBS = @gtk_LIBS@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = @htmldir@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +ipsecdir = @ipsecdir@ +ipsecgroup = @ipsecgroup@ +ipsecuser = @ipsecuser@ +libdir = @libdir@ +libexecdir = @libexecdir@ +libstrongswan_plugins = @libstrongswan_plugins@ +linuxdir = @linuxdir@ +localedir = @localedir@ +localstatedir = @localstatedir@ +lt_ECHO = @lt_ECHO@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +nm_CFLAGS = @nm_CFLAGS@ +nm_LIBS = @nm_LIBS@ +oldincludedir = @oldincludedir@ +pdfdir = @pdfdir@ +piddir = @piddir@ +plugindir = @plugindir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +psdir = @psdir@ +resolv_conf = @resolv_conf@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +simreader = @simreader@ +srcdir = @srcdir@ +strongswan_conf = @strongswan_conf@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ +xml_CFLAGS = @xml_CFLAGS@ +xml_LIBS = @xml_LIBS@ +INCLUDES = -I$(top_srcdir)/src/libstrongswan +AM_CFLAGS = -rdynamic +plugin_LTLIBRARIES = libstrongswan-md4.la +libstrongswan_md4_la_SOURCES = md4_plugin.h md4_plugin.c md4_hasher.c md4_hasher.h +libstrongswan_md4_la_LDFLAGS = -module +all: all-am + +.SUFFIXES: +.SUFFIXES: .c .lo .o .obj +$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ + && exit 0; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/md4/Makefile'; \ + cd $(top_srcdir) && \ + $(AUTOMAKE) --gnu src/libstrongswan/plugins/md4/Makefile +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES) + @$(NORMAL_INSTALL) + test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)" + @list='$(plugin_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(pluginLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(plugindir)/$$f'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(pluginLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(plugindir)/$$f"; \ + else :; fi; \ + done + +uninstall-pluginLTLIBRARIES: + @$(NORMAL_UNINSTALL) + @list='$(plugin_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(plugindir)/$$p'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(plugindir)/$$p"; \ + done + +clean-pluginLTLIBRARIES: + -test -z "$(plugin_LTLIBRARIES)" || rm -f $(plugin_LTLIBRARIES) + @list='$(plugin_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done +libstrongswan-md4.la: $(libstrongswan_md4_la_OBJECTS) $(libstrongswan_md4_la_DEPENDENCIES) + $(libstrongswan_md4_la_LINK) -rpath $(plugindir) $(libstrongswan_md4_la_OBJECTS) $(libstrongswan_md4_la_LIBADD) $(LIBS) + +mostlyclean-compile: + -rm -f *.$(OBJEXT) + +distclean-compile: + -rm -f *.tab.c + +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/md4_hasher.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/md4_plugin.Plo@am__quote@ + +.c.o: +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< + +.c.obj: +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` + +.c.lo: +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs + +ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique +tags: TAGS + +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$tags $$unique; \ + fi +ctags: CTAGS +CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique + +GTAGS: + here=`$(am__cd) $(top_builddir) && pwd` \ + && cd $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) $$here + +distclean-tags: + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags + +distdir: $(DISTFILES) + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + fi; \ + cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + else \ + test -f $(distdir)/$$file \ + || cp -p $$d/$$file $(distdir)/$$file \ + || exit 1; \ + fi; \ + done +check-am: all-am +check: check-am +all-am: Makefile $(LTLIBRARIES) +installdirs: + for dir in "$(DESTDIR)$(plugindir)"; do \ + test -z "$$dir" || $(MKDIR_P) "$$dir"; \ + done +install: install-am +install-exec: install-exec-am +install-data: install-data-am +uninstall: uninstall-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-am +install-strip: + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + `test -z '$(STRIP)' || \ + echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install +mostlyclean-generic: + +clean-generic: + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." +clean: clean-am + +clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \ + mostlyclean-am + +distclean: distclean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +distclean-am: clean-am distclean-compile distclean-generic \ + distclean-tags + +dvi: dvi-am + +dvi-am: + +html: html-am + +info: info-am + +info-am: + +install-data-am: install-pluginLTLIBRARIES + +install-dvi: install-dvi-am + +install-exec-am: + +install-html: install-html-am + +install-info: install-info-am + +install-man: + +install-pdf: install-pdf-am + +install-ps: install-ps-am + +installcheck-am: + +maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-am + +mostlyclean-am: mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool + +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + +uninstall-am: uninstall-pluginLTLIBRARIES + +.MAKE: install-am install-strip + +.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ + clean-libtool clean-pluginLTLIBRARIES ctags distclean \ + distclean-compile distclean-generic distclean-libtool \ + distclean-tags distdir dvi dvi-am html html-am info info-am \ + install install-am install-data install-data-am install-dvi \ + install-dvi-am install-exec install-exec-am install-html \ + install-html-am install-info install-info-am install-man \ + install-pdf install-pdf-am install-pluginLTLIBRARIES \ + install-ps install-ps-am install-strip installcheck \ + installcheck-am installdirs maintainer-clean \ + maintainer-clean-generic mostlyclean mostlyclean-compile \ + mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ + tags uninstall uninstall-am uninstall-pluginLTLIBRARIES + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/src/libstrongswan/plugins/md4/md4_hasher.c b/src/libstrongswan/plugins/md4/md4_hasher.c new file mode 100644 index 000000000..9053bc68d --- /dev/null +++ b/src/libstrongswan/plugins/md4/md4_hasher.c @@ -0,0 +1,359 @@ +/* + * Copyright (C) 2005-2006 Martin Willi + * Copyright (C) 2005 Jan Hutter + * Hochschule fuer Technik Rapperswil + * Copyright (C) 1990-1992, RSA Data Security, Inc. Created 1990. + * All rights reserved. + * + * Derived from the RSA Data Security, Inc. MD4 Message-Digest Algorithm. + * Ported to fulfill hasher_t interface. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + * + * $Id: md4_hasher.c 4885 2009-02-19 10:16:45Z andreas $ + */ + +#include <string.h> + +#include "md4_hasher.h" + +/* + * Constants for MD4Transform routine. + */ +#define S11 3 +#define S12 7 +#define S13 11 +#define S14 19 +#define S21 3 +#define S22 5 +#define S23 9 +#define S24 13 +#define S31 3 +#define S32 9 +#define S33 11 +#define S34 15 + +static u_int8_t PADDING[64] = { + 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 +}; + +/* + * F, G, H and I are basic MD4 functions. + */ +#define F(x, y, z) (((x) & (y)) | ((~x) & (z))) +#define G(x, y, z) (((x) & (y)) | ((x) & (z)) | ((y) & (z))) +#define H(x, y, z) ((x) ^ (y) ^ (z)) + +/* + * ROTATE_LEFT rotates x left n bits. + */ +#define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> (32-(n)))) + +/* FF, GG and HH are transformations for rounds 1, 2 and 3 + * Rotation is separate from addition to prevent recomputation + */ +#define FF(a, b, c, d, x, s) { \ + (a) += F ((b), (c), (d)) + (x); \ + (a) = ROTATE_LEFT ((a), (s)); \ + } +#define GG(a, b, c, d, x, s) { \ + (a) += G ((b), (c), (d)) + (x) + (u_int32_t)0x5a827999; \ + (a) = ROTATE_LEFT ((a), (s)); \ + } +#define HH(a, b, c, d, x, s) { \ + (a) += H ((b), (c), (d)) + (x) + (u_int32_t)0x6ed9eba1; \ + (a) = ROTATE_LEFT ((a), (s)); \ + } + +typedef struct private_md4_hasher_t private_md4_hasher_t; + +/** + * Private data structure with hasing context. + */ +struct private_md4_hasher_t { + /** + * Public interface for this hasher. + */ + md4_hasher_t public; + + /* + * State of the hasher. + */ + u_int32_t state[4]; + u_int32_t count[2]; + u_int8_t buffer[64]; +}; + +#if BYTE_ORDER != LITTLE_ENDIAN + +/* Encodes input (u_int32_t) into output (u_int8_t). Assumes len is + * a multiple of 4. + */ +static void Encode (u_int8_t *output, u_int32_t *input, size_t len) +{ + size_t i, j; + + for (i = 0, j = 0; j < len; i++, j += 4) + { + output[j] = (u_int8_t)(input[i] & 0xff); + output[j+1] = (u_int8_t)((input[i] >> 8) & 0xff); + output[j+2] = (u_int8_t)((input[i] >> 16) & 0xff); + output[j+3] = (u_int8_t)((input[i] >> 24) & 0xff); + } +} + +/* Decodes input (u_int8_t) into output (u_int32_t). Assumes len is + * a multiple of 4. + */ +static void Decode(u_int32_t *output, u_int8_t *input, size_t len) +{ + size_t i, j; + + for (i = 0, j = 0; j < len; i++, j += 4) + { + output[i] = ((u_int32_t)input[j]) | (((u_int32_t)input[j+1]) << 8) | + (((u_int32_t)input[j+2]) << 16) | (((u_int32_t)input[j+3]) << 24); + } +} + +#elif BYTE_ORDER == LITTLE_ENDIAN + #define Encode memcpy + #define Decode memcpy +#endif + +/* + * MD4 basic transformation. Transforms state based on block. + */ +static void MD4Transform(u_int32_t state[4], u_int8_t block[64]) +{ + u_int32_t a = state[0], b = state[1], c = state[2], d = state[3], x[16]; + + Decode(x, block, 64); + + /* Round 1 */ + FF (a, b, c, d, x[ 0], S11); /* 1 */ + FF (d, a, b, c, x[ 1], S12); /* 2 */ + FF (c, d, a, b, x[ 2], S13); /* 3 */ + FF (b, c, d, a, x[ 3], S14); /* 4 */ + FF (a, b, c, d, x[ 4], S11); /* 5 */ + FF (d, a, b, c, x[ 5], S12); /* 6 */ + FF (c, d, a, b, x[ 6], S13); /* 7 */ + FF (b, c, d, a, x[ 7], S14); /* 8 */ + FF (a, b, c, d, x[ 8], S11); /* 9 */ + FF (d, a, b, c, x[ 9], S12); /* 10 */ + FF (c, d, a, b, x[10], S13); /* 11 */ + FF (b, c, d, a, x[11], S14); /* 12 */ + FF (a, b, c, d, x[12], S11); /* 13 */ + FF (d, a, b, c, x[13], S12); /* 14 */ + FF (c, d, a, b, x[14], S13); /* 15 */ + FF (b, c, d, a, x[15], S14); /* 16 */ + + /* Round 2 */ + GG (a, b, c, d, x[ 0], S21); /* 17 */ + GG (d, a, b, c, x[ 4], S22); /* 18 */ + GG (c, d, a, b, x[ 8], S23); /* 19 */ + GG (b, c, d, a, x[12], S24); /* 20 */ + GG (a, b, c, d, x[ 1], S21); /* 21 */ + GG (d, a, b, c, x[ 5], S22); /* 22 */ + GG (c, d, a, b, x[ 9], S23); /* 23 */ + GG (b, c, d, a, x[13], S24); /* 24 */ + GG (a, b, c, d, x[ 2], S21); /* 25 */ + GG (d, a, b, c, x[ 6], S22); /* 26 */ + GG (c, d, a, b, x[10], S23); /* 27 */ + GG (b, c, d, a, x[14], S24); /* 28 */ + GG (a, b, c, d, x[ 3], S21); /* 29 */ + GG (d, a, b, c, x[ 7], S22); /* 30 */ + GG (c, d, a, b, x[11], S23); /* 31 */ + GG (b, c, d, a, x[15], S24); /* 32 */ + + /* Round 3 */ + HH (a, b, c, d, x[ 0], S31); /* 33 */ + HH (d, a, b, c, x[ 8], S32); /* 34 */ + HH (c, d, a, b, x[ 4], S33); /* 35 */ + HH (b, c, d, a, x[12], S34); /* 36 */ + HH (a, b, c, d, x[ 2], S31); /* 37 */ + HH (d, a, b, c, x[10], S32); /* 38 */ + HH (c, d, a, b, x[ 6], S33); /* 39 */ + HH (b, c, d, a, x[14], S34); /* 40 */ + HH (a, b, c, d, x[ 1], S31); /* 41 */ + HH (d, a, b, c, x[ 9], S32); /* 42 */ + HH (c, d, a, b, x[ 5], S33); /* 43 */ + HH (b, c, d, a, x[13], S34); /* 44 */ + HH (a, b, c, d, x[ 3], S31); /* 45 */ + HH (d, a, b, c, x[11], S32); /* 46 */ + HH (c, d, a, b, x[ 7], S33); /* 47 */ + HH (b, c, d, a, x[15], S34); /* 48 */ + + state[0] += a; + state[1] += b; + state[2] += c; + state[3] += d; +} + +/* MD4 block update operation. Continues an MD4 message-digest + * operation, processing another message block, and updating the + * context. + */ +static void MD4Update(private_md4_hasher_t *this, u_int8_t *input, size_t inputLen) +{ + u_int32_t i; + size_t index, partLen; + + /* Compute number of bytes mod 64 */ + index = (u_int8_t)((this->count[0] >> 3) & 0x3F); + + /* Update number of bits */ + if ((this->count[0] += (inputLen << 3)) < (inputLen << 3)) + { + this->count[1]++; + } + this->count[1] += (inputLen >> 29); + + partLen = 64 - index; + + /* Transform as many times as possible. */ + if (inputLen >= partLen) + { + memcpy(&this->buffer[index], input, partLen); + MD4Transform (this->state, this->buffer); + + for (i = partLen; i + 63 < inputLen; i += 64) + { + MD4Transform (this->state, &input[i]); + } + index = 0; + } + else + { + i = 0; + } + + /* Buffer remaining input */ + memcpy(&this->buffer[index], &input[i], inputLen-i); +} + +/* MD4 finalization. Ends an MD4 message-digest operation, writing the + * the message digest and zeroizing the context. + */ +static void MD4Final (private_md4_hasher_t *this, u_int8_t digest[16]) +{ + u_int8_t bits[8]; + size_t index, padLen; + + /* Save number of bits */ + Encode (bits, this->count, 8); + + /* Pad out to 56 mod 64. */ + index = (size_t)((this->count[0] >> 3) & 0x3f); + padLen = (index < 56) ? (56 - index) : (120 - index); + MD4Update (this, PADDING, padLen); + + /* Append length (before padding) */ + MD4Update (this, bits, 8); + + if (digest != NULL) /* Bill Simpson's padding */ + { + /* store state in digest */ + Encode (digest, this->state, 16); + } +} + + + +/** + * Implementation of hasher_t.get_hash. + */ +static void get_hash(private_md4_hasher_t *this, chunk_t chunk, u_int8_t *buffer) +{ + MD4Update(this, chunk.ptr, chunk.len); + if (buffer != NULL) + { + MD4Final(this, buffer); + this->public.hasher_interface.reset(&(this->public.hasher_interface)); + } +} + + +/** + * Implementation of hasher_t.allocate_hash. + */ +static void allocate_hash(private_md4_hasher_t *this, chunk_t chunk, chunk_t *hash) +{ + chunk_t allocated_hash; + + MD4Update(this, chunk.ptr, chunk.len); + if (hash != NULL) + { + allocated_hash.ptr = malloc(HASH_SIZE_MD4); + allocated_hash.len = HASH_SIZE_MD4; + + MD4Final(this, allocated_hash.ptr); + this->public.hasher_interface.reset(&(this->public.hasher_interface)); + + *hash = allocated_hash; + } +} + +/** + * Implementation of hasher_t.get_hash_size. + */ +static size_t get_hash_size(private_md4_hasher_t *this) +{ + return HASH_SIZE_MD4; +} + +/** + * Implementation of hasher_t.reset. + */ +static void reset(private_md4_hasher_t *this) +{ + this->state[0] = 0x67452301; + this->state[1] = 0xefcdab89; + this->state[2] = 0x98badcfe; + this->state[3] = 0x10325476; + this->count[0] = 0; + this->count[1] = 0; +} + +/** + * Implementation of hasher_t.destroy. + */ +static void destroy(private_md4_hasher_t *this) +{ + free(this); +} + +/* + * Described in header. + */ +md4_hasher_t *md4_hasher_create(hash_algorithm_t algo) +{ + private_md4_hasher_t *this; + + if (algo != HASH_MD4) + { + return NULL; + } + this = malloc_thing(private_md4_hasher_t); + + this->public.hasher_interface.get_hash = (void (*) (hasher_t*, chunk_t, u_int8_t*))get_hash; + this->public.hasher_interface.allocate_hash = (void (*) (hasher_t*, chunk_t, chunk_t*))allocate_hash; + this->public.hasher_interface.get_hash_size = (size_t (*) (hasher_t*))get_hash_size; + this->public.hasher_interface.reset = (void (*) (hasher_t*))reset; + this->public.hasher_interface.destroy = (void (*) (hasher_t*))destroy; + + /* initialize */ + reset(this); + + return &(this->public); +} diff --git a/src/libstrongswan/plugins/md4/md4_hasher.h b/src/libstrongswan/plugins/md4/md4_hasher.h new file mode 100644 index 000000000..75956fde6 --- /dev/null +++ b/src/libstrongswan/plugins/md4/md4_hasher.h @@ -0,0 +1,48 @@ +/* + * Copyright (C) 2008 Martin Willi + * Copyright (C) 2005 Jan Hutter + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @defgroup md4_hasher md4_hasher + * @{ @ingroup md4_p + */ + +#ifndef MD4_HASHER_H_ +#define MD4_HASHER_H_ + +typedef struct md4_hasher_t md4_hasher_t; + +#include <crypto/hashers/hasher.h> + +/** + * Implementation of hasher_t interface using the MD4 algorithm. + */ +struct md4_hasher_t { + + /** + * Generic hasher_t interface for this hasher. + */ + hasher_t hasher_interface; +}; + +/** + * Creates a new md4_hasher_t. + * + * @param algo hash algorithm, must be HASH_MD4 + * @return md4_hasher_t object, NULL if not supported + */ +md4_hasher_t *md4_hasher_create(hash_algorithm_t algo); + +#endif /*MD4_HASHER_H_@}*/ diff --git a/src/libstrongswan/plugins/md4/md4_plugin.c b/src/libstrongswan/plugins/md4/md4_plugin.c new file mode 100644 index 000000000..df77314f7 --- /dev/null +++ b/src/libstrongswan/plugins/md4/md4_plugin.c @@ -0,0 +1,60 @@ +/* + * Copyright (C) 2008 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + * + * $Id: md4_plugin.c 4885 2009-02-19 10:16:45Z andreas $ + */ + +#include "md4_plugin.h" + +#include <library.h> +#include "md4_hasher.h" + +typedef struct private_md4_plugin_t private_md4_plugin_t; + +/** + * private data of md4_plugin + */ +struct private_md4_plugin_t { + + /** + * public functions + */ + md4_plugin_t public; +}; + +/** + * Implementation of md4_plugin_t.destroy + */ +static void destroy(private_md4_plugin_t *this) +{ + lib->crypto->remove_hasher(lib->crypto, + (hasher_constructor_t)md4_hasher_create); + free(this); +} + +/* + * see header file + */ +plugin_t *plugin_create() +{ + private_md4_plugin_t *this = malloc_thing(private_md4_plugin_t); + + this->public.plugin.destroy = (void(*)(plugin_t*))destroy; + + lib->crypto->add_hasher(lib->crypto, HASH_MD4, + (hasher_constructor_t)md4_hasher_create); + + return &this->public.plugin; +} + diff --git a/src/libstrongswan/plugins/md4/md4_plugin.h b/src/libstrongswan/plugins/md4/md4_plugin.h new file mode 100644 index 000000000..965bff261 --- /dev/null +++ b/src/libstrongswan/plugins/md4/md4_plugin.h @@ -0,0 +1,47 @@ +/* + * Copyright (C) 2008 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @defgroup md4_p md4 + * @ingroup plugins + * + * @defgroup md4_plugin md4_plugin + * @{ @ingroup md4_p + */ + +#ifndef MD4_PLUGIN_H_ +#define MD4_PLUGIN_H_ + +#include <plugins/plugin.h> + +typedef struct md4_plugin_t md4_plugin_t; + +/** + * Plugin implementing the md4 hash algorithm in software. + */ +struct md4_plugin_t { + + /** + * implements plugin interface + */ + plugin_t plugin; +}; + +/** + * Create a md4_plugin instance. + */ +plugin_t *plugin_create(); + +#endif /* MD4_PLUGIN_H_ @}*/ diff --git a/src/libstrongswan/plugins/md5/Makefile.in b/src/libstrongswan/plugins/md5/Makefile.in index 43b921e63..a73e78b05 100644 --- a/src/libstrongswan/plugins/md5/Makefile.in +++ b/src/libstrongswan/plugins/md5/Makefile.in @@ -84,22 +84,17 @@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXDEPMODE = @CXXDEPMODE@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ DSYMUTIL = @DSYMUTIL@ -ECHO = @ECHO@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GPERF = @GPERF@ GREP = @GREP@ INSTALL = @INSTALL@ @@ -109,6 +104,7 @@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@ IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ @@ -117,12 +113,16 @@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ LINUX_HEADERS = @LINUX_HEADERS@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ +NM = @NM@ NMEDIT = @NMEDIT@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ @@ -145,8 +145,7 @@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ am__include = @am__include@ am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ @@ -185,6 +184,7 @@ libstrongswan_plugins = @libstrongswan_plugins@ linuxdir = @linuxdir@ localedir = @localedir@ localstatedir = @localstatedir@ +lt_ECHO = @lt_ECHO@ mandir = @mandir@ mkdir_p = @mkdir_p@ nm_CFLAGS = @nm_CFLAGS@ diff --git a/src/libstrongswan/plugins/mysql/Makefile.in b/src/libstrongswan/plugins/mysql/Makefile.in index 96dc33fe5..9a16662b9 100644 --- a/src/libstrongswan/plugins/mysql/Makefile.in +++ b/src/libstrongswan/plugins/mysql/Makefile.in @@ -84,22 +84,17 @@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXDEPMODE = @CXXDEPMODE@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ DSYMUTIL = @DSYMUTIL@ -ECHO = @ECHO@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GPERF = @GPERF@ GREP = @GREP@ INSTALL = @INSTALL@ @@ -109,6 +104,7 @@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@ IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ @@ -117,12 +113,16 @@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ LINUX_HEADERS = @LINUX_HEADERS@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ +NM = @NM@ NMEDIT = @NMEDIT@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ @@ -145,8 +145,7 @@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ am__include = @am__include@ am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ @@ -185,6 +184,7 @@ libstrongswan_plugins = @libstrongswan_plugins@ linuxdir = @linuxdir@ localedir = @localedir@ localstatedir = @localstatedir@ +lt_ECHO = @lt_ECHO@ mandir = @mandir@ mkdir_p = @mkdir_p@ nm_CFLAGS = @nm_CFLAGS@ diff --git a/src/libstrongswan/plugins/openssl/Makefile.in b/src/libstrongswan/plugins/openssl/Makefile.in index 746b5cf4b..0af89d377 100644 --- a/src/libstrongswan/plugins/openssl/Makefile.in +++ b/src/libstrongswan/plugins/openssl/Makefile.in @@ -89,22 +89,17 @@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXDEPMODE = @CXXDEPMODE@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ DSYMUTIL = @DSYMUTIL@ -ECHO = @ECHO@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GPERF = @GPERF@ GREP = @GREP@ INSTALL = @INSTALL@ @@ -114,6 +109,7 @@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@ IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ @@ -122,12 +118,16 @@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ LINUX_HEADERS = @LINUX_HEADERS@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ +NM = @NM@ NMEDIT = @NMEDIT@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ @@ -150,8 +150,7 @@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ am__include = @am__include@ am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ @@ -190,6 +189,7 @@ libstrongswan_plugins = @libstrongswan_plugins@ linuxdir = @linuxdir@ localedir = @localedir@ localstatedir = @localstatedir@ +lt_ECHO = @lt_ECHO@ mandir = @mandir@ mkdir_p = @mkdir_p@ nm_CFLAGS = @nm_CFLAGS@ diff --git a/src/libstrongswan/plugins/openssl/openssl_crypter.c b/src/libstrongswan/plugins/openssl/openssl_crypter.c index e59c4d615..5eddeb5f9 100644 --- a/src/libstrongswan/plugins/openssl/openssl_crypter.c +++ b/src/libstrongswan/plugins/openssl/openssl_crypter.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * $Id: openssl_crypter.c 4020 2008-05-28 12:20:38Z andreas $ + * $Id: openssl_crypter.c 4879 2009-02-18 19:41:33Z tobias $ */ #include "openssl_crypter.h" @@ -224,6 +224,9 @@ openssl_crypter_t *openssl_crypter_create(encryption_algorithm_t algo, return NULL; } break; + case ENCR_DES_ECB: + this->cipher = EVP_des_ecb(); + break; default: { char* name = lookup_algorithm(encryption_algs, algo, &key_size); diff --git a/src/libstrongswan/plugins/openssl/openssl_hasher.c b/src/libstrongswan/plugins/openssl/openssl_hasher.c index 1275cdfb0..d344dbd51 100644 --- a/src/libstrongswan/plugins/openssl/openssl_hasher.c +++ b/src/libstrongswan/plugins/openssl/openssl_hasher.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * $Id: openssl_hasher.c 3898 2008-04-30 09:23:13Z tobias $ + * $Id: openssl_hasher.c 4879 2009-02-18 19:41:33Z tobias $ */ #include "openssl_hasher.h" @@ -69,7 +69,8 @@ static openssl_algorithm_t integrity_algs[] = { {HASH_SHA1, "sha1"}, {HASH_SHA256, "sha256"}, {HASH_SHA384, "sha384"}, - {HASH_SHA512, "sha512"}, + {HASH_SHA512, "sha512"}, + {HASH_MD4, "md4"}, {END_OF_LIST, NULL}, }; diff --git a/src/libstrongswan/plugins/openssl/openssl_plugin.c b/src/libstrongswan/plugins/openssl/openssl_plugin.c index dcc78aed6..725daff01 100644 --- a/src/libstrongswan/plugins/openssl/openssl_plugin.c +++ b/src/libstrongswan/plugins/openssl/openssl_plugin.c @@ -13,9 +13,10 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * $Id: openssl_plugin.c 4583 2008-11-05 12:37:37Z martin $ + * $Id: openssl_plugin.c 4879 2009-02-18 19:41:33Z tobias $ */ +#include <openssl/conf.h> #include <openssl/evp.h> #include <openssl/engine.h> #include <openssl/crypto.h> @@ -185,6 +186,7 @@ static void destroy(private_openssl_plugin_t *this) ENGINE_cleanup(); EVP_cleanup(); + CONF_modules_free(); threading_cleanup(); @@ -202,6 +204,7 @@ plugin_t *plugin_create() threading_init(); + OPENSSL_config(NULL); OpenSSL_add_all_algorithms(); /* activate support for hardware accelerators */ @@ -223,6 +226,8 @@ plugin_t *plugin_create() (crypter_constructor_t)openssl_crypter_create); lib->crypto->add_crypter(lib->crypto, ENCR_DES, (crypter_constructor_t)openssl_crypter_create); + lib->crypto->add_crypter(lib->crypto, ENCR_DES_ECB, + (crypter_constructor_t)openssl_crypter_create); lib->crypto->add_crypter(lib->crypto, ENCR_NULL, (crypter_constructor_t)openssl_crypter_create); @@ -231,6 +236,8 @@ plugin_t *plugin_create() (hasher_constructor_t)openssl_hasher_create); lib->crypto->add_hasher(lib->crypto, HASH_MD2, (hasher_constructor_t)openssl_hasher_create); + lib->crypto->add_hasher(lib->crypto, HASH_MD4, + (hasher_constructor_t)openssl_hasher_create); lib->crypto->add_hasher(lib->crypto, HASH_MD5, (hasher_constructor_t)openssl_hasher_create); lib->crypto->add_hasher(lib->crypto, HASH_SHA256, diff --git a/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c b/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c index a815ce622..9730e0ab2 100644 --- a/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c +++ b/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * $Id: openssl_rsa_private_key.c 4564 2008-11-04 13:01:36Z martin $ + * $Id: openssl_rsa_private_key.c 4745 2008-12-03 10:12:20Z tobias $ */ #include "openssl_rsa_private_key.h" @@ -22,6 +22,7 @@ #include <openssl/evp.h> #include <openssl/rsa.h> +#include <openssl/engine.h> /** * Public exponent to use for key generation. @@ -43,6 +44,11 @@ struct private_openssl_rsa_private_key_t { * RSA object from OpenSSL */ RSA *rsa; + + /** + * TRUE if the key is from an OpenSSL ENGINE and might not be readable + */ + bool engine; /** * Keyid formed as a SHA-1 hash of a privateKey object @@ -238,9 +244,13 @@ static bool belongs_to(private_openssl_rsa_private_key_t *this, public_key_t *pu */ static chunk_t get_encoding(private_openssl_rsa_private_key_t *this) { - chunk_t enc = chunk_alloc(i2d_RSAPrivateKey(this->rsa, NULL)); - u_char *p = enc.ptr; - i2d_RSAPrivateKey(this->rsa, &p); + chunk_t enc = chunk_empty; + if (!this->engine) + { + enc = chunk_alloc(i2d_RSAPrivateKey(this->rsa, NULL)); + u_char *p = enc.ptr; + i2d_RSAPrivateKey(this->rsa, &p); + } return enc; } @@ -289,6 +299,7 @@ static private_openssl_rsa_private_key_t *openssl_rsa_private_key_create_empty(v this->public.interface.get_ref = (private_key_t* (*)(private_key_t *this))get_ref; this->public.interface.destroy = (void (*)(private_key_t *this))destroy; + this->engine = FALSE; this->keyid = NULL; this->keyid_info = NULL; this->ref = 1; @@ -347,6 +358,61 @@ static openssl_rsa_private_key_t *load(chunk_t blob) return &this->public; } +/** + * load private key from a smart card + */ +static openssl_rsa_private_key_t *load_from_smartcard(char *keyid, char *pin) +{ + private_openssl_rsa_private_key_t *this = NULL; + EVP_PKEY *key; + char *engine_id = lib->settings->get_str(lib->settings, + "library.plugins.openssl.engine_id", "pkcs11"); + + ENGINE *engine = ENGINE_by_id(engine_id); + if (!engine) + { + DBG1("engine '%s' is not available", engine_id); + return NULL; + } + + if (!ENGINE_init(engine)) + { + DBG1("failed to initialize engine '%s'", engine_id); + goto error; + } + + if (!ENGINE_ctrl_cmd_string(engine, "PIN", pin, 0)) + { + DBG1("failed to set PIN on engine '%s'", engine_id); + goto error; + } + + key = ENGINE_load_private_key(engine, keyid, NULL, NULL); + + if (!key) + { + DBG1("failed to load private key with ID '%s' from engine '%s'", keyid, + engine_id); + goto error; + } + ENGINE_free(engine); + + this = openssl_rsa_private_key_create_empty(); + this->rsa = EVP_PKEY_get1_RSA(key); + this->engine = TRUE; + + if (!openssl_rsa_public_key_build_id(this->rsa, &this->keyid, &this->keyid_info)) + { + destroy(this); + return NULL; + } + return &this->public; + +error: + ENGINE_free(engine); + return NULL; +} + typedef struct private_builder_t private_builder_t; /** * Builder implementation for key loading/generation @@ -356,6 +422,10 @@ struct private_builder_t { builder_t public; /** loaded/generated private key */ openssl_rsa_private_key_t *key; + /** temporary stored smartcard key ID */ + char *keyid; + /** temporary stored smartcard pin */ + char *pin; }; /** @@ -365,6 +435,10 @@ static openssl_rsa_private_key_t *build(private_builder_t *this) { openssl_rsa_private_key_t *key = this->key; + if (this->keyid && this->pin) + { + key = load_from_smartcard(this->keyid, this->pin); + } free(this); return key; } @@ -396,6 +470,20 @@ static void add(private_builder_t *this, builder_part_t part, ...) va_end(args); return; } + case BUILD_SMARTCARD_KEYID: + { + va_start(args, part); + this->keyid = va_arg(args, char*); + va_end(args); + return; + } + case BUILD_SMARTCARD_PIN: + { + va_start(args, part); + this->pin = va_arg(args, char*); + va_end(args); + return; + } default: break; } @@ -424,6 +512,8 @@ builder_t *openssl_rsa_private_key_builder(key_type_t type) this->key = NULL; this->public.add = (void(*)(builder_t *this, builder_part_t part, ...))add; this->public.build = (void*(*)(builder_t *this))build; + this->keyid = NULL; + this->pin = NULL; return &this->public; } diff --git a/src/libstrongswan/plugins/padlock/Makefile.am b/src/libstrongswan/plugins/padlock/Makefile.am index e2e76e9e6..e7c3ba486 100644 --- a/src/libstrongswan/plugins/padlock/Makefile.am +++ b/src/libstrongswan/plugins/padlock/Makefile.am @@ -7,6 +7,7 @@ plugin_LTLIBRARIES = libstrongswan-padlock.la libstrongswan_padlock_la_SOURCES = padlock_plugin.h padlock_plugin.c \ padlock_aes_crypter.c padlock_aes_crypter.h \ - padlock_sha1_hasher.c padlock_sha1_hasher.h + padlock_sha1_hasher.c padlock_sha1_hasher.h \ + padlock_rng.c padlock_rng.h libstrongswan_padlock_la_LDFLAGS = -module diff --git a/src/libstrongswan/plugins/padlock/Makefile.in b/src/libstrongswan/plugins/padlock/Makefile.in index 1b032e3d4..290b4836d 100644 --- a/src/libstrongswan/plugins/padlock/Makefile.in +++ b/src/libstrongswan/plugins/padlock/Makefile.in @@ -51,7 +51,7 @@ pluginLTLIBRARIES_INSTALL = $(INSTALL) LTLIBRARIES = $(plugin_LTLIBRARIES) libstrongswan_padlock_la_LIBADD = am_libstrongswan_padlock_la_OBJECTS = padlock_plugin.lo \ - padlock_aes_crypter.lo padlock_sha1_hasher.lo + padlock_aes_crypter.lo padlock_sha1_hasher.lo padlock_rng.lo libstrongswan_padlock_la_OBJECTS = \ $(am_libstrongswan_padlock_la_OBJECTS) libstrongswan_padlock_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ @@ -86,22 +86,17 @@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXDEPMODE = @CXXDEPMODE@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ DSYMUTIL = @DSYMUTIL@ -ECHO = @ECHO@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GPERF = @GPERF@ GREP = @GREP@ INSTALL = @INSTALL@ @@ -111,6 +106,7 @@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@ IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ @@ -119,12 +115,16 @@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ LINUX_HEADERS = @LINUX_HEADERS@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ +NM = @NM@ NMEDIT = @NMEDIT@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ @@ -147,8 +147,7 @@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ am__include = @am__include@ am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ @@ -187,6 +186,7 @@ libstrongswan_plugins = @libstrongswan_plugins@ linuxdir = @linuxdir@ localedir = @localedir@ localstatedir = @localstatedir@ +lt_ECHO = @lt_ECHO@ mandir = @mandir@ mkdir_p = @mkdir_p@ nm_CFLAGS = @nm_CFLAGS@ @@ -215,7 +215,8 @@ AM_CFLAGS = -rdynamic plugin_LTLIBRARIES = libstrongswan-padlock.la libstrongswan_padlock_la_SOURCES = padlock_plugin.h padlock_plugin.c \ padlock_aes_crypter.c padlock_aes_crypter.h \ - padlock_sha1_hasher.c padlock_sha1_hasher.h + padlock_sha1_hasher.c padlock_sha1_hasher.h \ + padlock_rng.c padlock_rng.h libstrongswan_padlock_la_LDFLAGS = -module all: all-am @@ -289,6 +290,7 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/padlock_aes_crypter.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/padlock_plugin.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/padlock_rng.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/padlock_sha1_hasher.Plo@am__quote@ .c.o: diff --git a/src/libstrongswan/plugins/padlock/padlock_plugin.c b/src/libstrongswan/plugins/padlock/padlock_plugin.c index 822acc4a2..d0b55bcd9 100644 --- a/src/libstrongswan/plugins/padlock/padlock_plugin.c +++ b/src/libstrongswan/plugins/padlock/padlock_plugin.c @@ -16,12 +16,37 @@ */ #include "padlock_plugin.h" - -#include <library.h> #include "padlock_aes_crypter.h" #include "padlock_sha1_hasher.h" +#include "padlock_rng.h" + +#include <stdio.h> + +#include <library.h> +#include <debug.h> typedef struct private_padlock_plugin_t private_padlock_plugin_t; +typedef enum padlock_feature_t padlock_feature_t; + +/** + * Feature flags of padlock, received via cpuid() + */ +enum padlock_feature_t { + PADLOCK_RESERVED_1 = (1<<0), + PADLOCK_RESERVED_2 = (1<<1), + PADLOCK_RNG_AVAILABLE = (1<<2), + PADLOCK_RNG_ENABLED = (1<<3), + PADLOCK_RESERVED_3 = (1<<4), + PADLOCK_RESERVED_4 = (1<<5), + PADLOCK_ACE_AVAILABLE = (1<<6), + PADLOCK_ACE_ENABLED = (1<<7), + PADLOCK_ACE2_AVAILABLE = (1<<8), + PADLOCK_ACE2_ENABLED = (1<<9), + PADLOCK_PHE_AVAILABLE = (1<<10), + PADLOCK_PHE_ENABLED = (1<<11), + PADLOCK_PMM_AVAILABLE = (1<<12), + PADLOCK_PMM_ENABLED = (1<<13), +}; /** * private data of aes_plugin @@ -32,17 +57,76 @@ struct private_padlock_plugin_t { * public functions */ padlock_plugin_t public; + + /** + * features supported by Padlock + */ + padlock_feature_t features; }; /** + * Get cpuid for info, return eax, ebx, ecx and edx. -fPIC requires to save ebx. + */ +#define cpuid(op, a, b, c, d)\ + asm (\ + "pushl %%ebx \n\t"\ + "cpuid \n\t"\ + "movl %%ebx, %1 \n\t"\ + "popl %%ebx \n\t"\ + : "=a" (a), "=r" (b), "=c" (c), "=d" (d) \ + : "a" (op)); + +/** + * Get features supported by Padlock + */ +static padlock_feature_t get_padlock_features() +{ + char vendor[3 * sizeof(int) + 1]; + int a, b, c, d; + + cpuid(0, a, b, c, d); + /* VendorID string is in b-d-c (yes, in this order) */ + snprintf(vendor, sizeof(vendor), "%.4s%.4s%.4s", &b, &d, &c); + + /* check if we have a VIA chip */ + if (streq(vendor, "CentaurHauls")) + { + cpuid(0xC0000000, a, b, c, d); + /* check Centaur Extended Feature Flags */ + if (a >= 0xC0000001) + { + cpuid(0xC0000001, a, b, c, d); + return d; + } + } + DBG1("Padlock not found, CPU is %s\n", vendor); + return 0; +} + +/** * Implementation of aes_plugin_t.destroy */ static void destroy(private_padlock_plugin_t *this) { - lib->crypto->remove_crypter(lib->crypto, - (crypter_constructor_t)padlock_aes_crypter_create); - lib->crypto->remove_hasher(lib->crypto, - (hasher_constructor_t)padlock_sha1_hasher_create); + if (this->features & PADLOCK_RNG_ENABLED) + { + lib->crypto->remove_rng(lib->crypto, + (rng_constructor_t)padlock_rng_create); + lib->crypto->remove_rng(lib->crypto, + (rng_constructor_t)padlock_rng_create); + lib->crypto->remove_rng(lib->crypto, + (rng_constructor_t)padlock_rng_create); + } + if (this->features & PADLOCK_ACE2_ENABLED) + { + lib->crypto->remove_crypter(lib->crypto, + (crypter_constructor_t)padlock_aes_crypter_create); + } + if (this->features & PADLOCK_PHE_ENABLED) + { + lib->crypto->remove_hasher(lib->crypto, + (hasher_constructor_t)padlock_sha1_hasher_create); + } free(this); } @@ -55,10 +139,42 @@ plugin_t *plugin_create() this->public.plugin.destroy = (void(*)(plugin_t*))destroy; - lib->crypto->add_crypter(lib->crypto, ENCR_AES_CBC, - (crypter_constructor_t)padlock_aes_crypter_create); - lib->crypto->add_hasher(lib->crypto, HASH_SHA1, - (hasher_constructor_t)padlock_sha1_hasher_create); + this->features = get_padlock_features(); + if (!this->features) + { + free(this); + return NULL; + } + DBG1("Padlock found, supports:%s%s%s%s%s, enabled:%s%s%s%s%s", + this->features & PADLOCK_RNG_AVAILABLE ? " RNG" : "", + this->features & PADLOCK_ACE_AVAILABLE ? " ACE" : "", + this->features & PADLOCK_ACE2_AVAILABLE ? " ACE2" : "", + this->features & PADLOCK_PHE_AVAILABLE ? " PHE" : "", + this->features & PADLOCK_PMM_AVAILABLE ? " PMM" : "", + this->features & PADLOCK_RNG_ENABLED ? " RNG" : "", + this->features & PADLOCK_ACE_ENABLED ? " ACE" : "", + this->features & PADLOCK_ACE2_ENABLED ? " ACE2" : "", + this->features & PADLOCK_PHE_ENABLED ? " PHE" : "", + this->features & PADLOCK_PMM_ENABLED ? " PMM" : ""); + if (this->features & PADLOCK_RNG_ENABLED) + { + lib->crypto->add_rng(lib->crypto, RNG_REAL, + (rng_constructor_t)padlock_rng_create); + lib->crypto->add_rng(lib->crypto, RNG_STRONG, + (rng_constructor_t)padlock_rng_create); + lib->crypto->add_rng(lib->crypto, RNG_WEAK, + (rng_constructor_t)padlock_rng_create); + } + if (this->features & PADLOCK_ACE2_ENABLED) + { + lib->crypto->add_crypter(lib->crypto, ENCR_AES_CBC, + (crypter_constructor_t)padlock_aes_crypter_create); + } + if (this->features & PADLOCK_PHE_ENABLED) + { + lib->crypto->add_hasher(lib->crypto, HASH_SHA1, + (hasher_constructor_t)padlock_sha1_hasher_create); + } return &this->public.plugin; } diff --git a/src/libstrongswan/plugins/padlock/padlock_rng.c b/src/libstrongswan/plugins/padlock/padlock_rng.c new file mode 100644 index 000000000..50d9f0c43 --- /dev/null +++ b/src/libstrongswan/plugins/padlock/padlock_rng.c @@ -0,0 +1,136 @@ +/* + * Copyright (C) 2008 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + * + * $Id$ + */ + +#include "padlock_rng.h" + +typedef struct private_padlock_rng_t private_padlock_rng_t; +typedef enum padlock_quality_factor_t padlock_quality_factor_t; + +/** + * Padlock RNG quality factors + */ +enum padlock_quality_factor_t { + /* Lowest quality: Reads 8 bytes */ + PADLOCK_QF0 = 0x00, + /* Medium quality: Reads 4 bytes */ + PADLOCK_QF1 = 0x01, + /* Better quality: Reads 2 bytes */ + PADLOCK_QF2 = 0x10, + /* Highest quality: Reads 1 byte */ + PADLOCK_QF3 = 0x11, +}; + +/** + * Private data of an padlock_rng_t object. + */ +struct private_padlock_rng_t { + + /** + * Public padlock_rng_t interface. + */ + padlock_rng_t public; + + /** + * Padlock quality factor + */ + padlock_quality_factor_t quality; +}; + +/** + * Get bytes from Padlock RNG. buf should have space for (len + 7) + */ +static void rng(char *buf, int len, int quality) +{ + while (len > 0)
+ { + int status; + + /* run XSTORE until we have all bytes needed. We do not use REP, as + * this should not be performance critical and it's easier this way. */ + asm volatile ( + ".byte 0x0F,0xA7,0xC0 \n\t"
+ : "=D"(buf), "=a"(status)
+ : "d"(quality), "D"(buf)); + + /* bits[0..4] of status word contains the number of bytes read */ + len -= status & 0x1F; + } +} + +/** + * Implementation of padlock_rng_t.allocate_bytes. + */ +static void allocate_bytes(private_padlock_rng_t *this, size_t bytes, + chunk_t *chunk) +{ + chunk->len = bytes; + /* padlock requires some additional bytes */ + chunk->ptr = malloc(bytes + 7); + + rng(chunk->ptr, chunk->len, this->quality); +} + +/** + * Implementation of padlock_rng_t.get_bytes. + */ +static void get_bytes(private_padlock_rng_t *this, size_t bytes, + u_int8_t *buffer) +{ + chunk_t chunk; + + /* Padlock needs a larger buffer than "bytes", we need a new buffer */ + allocate_bytes(this, bytes, &chunk); + memcpy(buffer, chunk.ptr, bytes); + chunk_clear(&chunk); +} + +/** + * Implementation of padlock_rng_t.destroy. + */ +static void destroy(private_padlock_rng_t *this) +{ + free(this); +} + +/* + * Described in header. + */ +padlock_rng_t *padlock_rng_create(rng_quality_t quality) +{ + private_padlock_rng_t *this = malloc_thing(private_padlock_rng_t); + + this->public.rng.get_bytes = (void (*) (rng_t *, size_t, u_int8_t*)) get_bytes; + this->public.rng.allocate_bytes = (void (*) (rng_t *, size_t, chunk_t*)) allocate_bytes; + this->public.rng.destroy = (void (*) (rng_t *))destroy; + + /* map RNG quality to Padlock quality factor */ + switch (quality) + { + case RNG_WEAK: + this->quality = PADLOCK_QF0; + break; + case RNG_STRONG: + this->quality = PADLOCK_QF1; + break; + case RNG_REAL: + this->quality = PADLOCK_QF3; + break; + } + + return &this->public; +} + diff --git a/src/libstrongswan/plugins/padlock/padlock_rng.h b/src/libstrongswan/plugins/padlock/padlock_rng.h new file mode 100644 index 000000000..a76ecd296 --- /dev/null +++ b/src/libstrongswan/plugins/padlock/padlock_rng.h @@ -0,0 +1,49 @@ +/* + * Copyright (C) 2008 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + * + * $Id$ + */ + +/** + * @defgroup padlock_rng padlock_rng + * @{ @ingroup padlock + */ + +#ifndef PADLOCK_RNG_H_ +#define PADLOCK_RNG_H_ + +#include <crypto/rngs/rng.h> + +typedef struct padlock_rng_t padlock_rng_t; + +/** + * Hardware-RNG based on via Padlock. + */ +struct padlock_rng_t { + + /** + * Implements rng_t interface. + */ + rng_t rng; +}; + +/** + * Create a padlock_rng instance. + * + * @param quality required quality of randomness + * @return created random_rng_t + */ +padlock_rng_t *padlock_rng_create(rng_quality_t quality); + +#endif /* PADLOCK_RNG_ @}*/ diff --git a/src/libstrongswan/plugins/pubkey/Makefile.in b/src/libstrongswan/plugins/pubkey/Makefile.in index ef1004672..eb5e19f08 100644 --- a/src/libstrongswan/plugins/pubkey/Makefile.in +++ b/src/libstrongswan/plugins/pubkey/Makefile.in @@ -86,22 +86,17 @@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXDEPMODE = @CXXDEPMODE@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ DSYMUTIL = @DSYMUTIL@ -ECHO = @ECHO@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GPERF = @GPERF@ GREP = @GREP@ INSTALL = @INSTALL@ @@ -111,6 +106,7 @@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@ IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ @@ -119,12 +115,16 @@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ LINUX_HEADERS = @LINUX_HEADERS@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ +NM = @NM@ NMEDIT = @NMEDIT@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ @@ -147,8 +147,7 @@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ am__include = @am__include@ am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ @@ -187,6 +186,7 @@ libstrongswan_plugins = @libstrongswan_plugins@ linuxdir = @linuxdir@ localedir = @localedir@ localstatedir = @localstatedir@ +lt_ECHO = @lt_ECHO@ mandir = @mandir@ mkdir_p = @mkdir_p@ nm_CFLAGS = @nm_CFLAGS@ diff --git a/src/libstrongswan/plugins/random/Makefile.in b/src/libstrongswan/plugins/random/Makefile.in index 90b319520..f5e3c4cc9 100644 --- a/src/libstrongswan/plugins/random/Makefile.in +++ b/src/libstrongswan/plugins/random/Makefile.in @@ -85,22 +85,17 @@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXDEPMODE = @CXXDEPMODE@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ DSYMUTIL = @DSYMUTIL@ -ECHO = @ECHO@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GPERF = @GPERF@ GREP = @GREP@ INSTALL = @INSTALL@ @@ -110,6 +105,7 @@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@ IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ @@ -118,12 +114,16 @@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ LINUX_HEADERS = @LINUX_HEADERS@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ +NM = @NM@ NMEDIT = @NMEDIT@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ @@ -146,8 +146,7 @@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ am__include = @am__include@ am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ @@ -186,6 +185,7 @@ libstrongswan_plugins = @libstrongswan_plugins@ linuxdir = @linuxdir@ localedir = @localedir@ localstatedir = @localstatedir@ +lt_ECHO = @lt_ECHO@ mandir = @mandir@ mkdir_p = @mkdir_p@ nm_CFLAGS = @nm_CFLAGS@ diff --git a/src/libstrongswan/plugins/sha1/Makefile.in b/src/libstrongswan/plugins/sha1/Makefile.in index df6845b43..ece7381b2 100644 --- a/src/libstrongswan/plugins/sha1/Makefile.in +++ b/src/libstrongswan/plugins/sha1/Makefile.in @@ -85,22 +85,17 @@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXDEPMODE = @CXXDEPMODE@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ DSYMUTIL = @DSYMUTIL@ -ECHO = @ECHO@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GPERF = @GPERF@ GREP = @GREP@ INSTALL = @INSTALL@ @@ -110,6 +105,7 @@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@ IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ @@ -118,12 +114,16 @@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ LINUX_HEADERS = @LINUX_HEADERS@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ +NM = @NM@ NMEDIT = @NMEDIT@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ @@ -146,8 +146,7 @@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ am__include = @am__include@ am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ @@ -186,6 +185,7 @@ libstrongswan_plugins = @libstrongswan_plugins@ linuxdir = @linuxdir@ localedir = @localedir@ localstatedir = @localstatedir@ +lt_ECHO = @lt_ECHO@ mandir = @mandir@ mkdir_p = @mkdir_p@ nm_CFLAGS = @nm_CFLAGS@ diff --git a/src/libstrongswan/plugins/sha2/Makefile.in b/src/libstrongswan/plugins/sha2/Makefile.in index ea5610671..6b28b68a1 100644 --- a/src/libstrongswan/plugins/sha2/Makefile.in +++ b/src/libstrongswan/plugins/sha2/Makefile.in @@ -84,22 +84,17 @@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXDEPMODE = @CXXDEPMODE@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ DSYMUTIL = @DSYMUTIL@ -ECHO = @ECHO@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GPERF = @GPERF@ GREP = @GREP@ INSTALL = @INSTALL@ @@ -109,6 +104,7 @@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@ IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ @@ -117,12 +113,16 @@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ LINUX_HEADERS = @LINUX_HEADERS@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ +NM = @NM@ NMEDIT = @NMEDIT@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ @@ -145,8 +145,7 @@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ am__include = @am__include@ am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ @@ -185,6 +184,7 @@ libstrongswan_plugins = @libstrongswan_plugins@ linuxdir = @linuxdir@ localedir = @localedir@ localstatedir = @localstatedir@ +lt_ECHO = @lt_ECHO@ mandir = @mandir@ mkdir_p = @mkdir_p@ nm_CFLAGS = @nm_CFLAGS@ diff --git a/src/libstrongswan/plugins/sqlite/Makefile.in b/src/libstrongswan/plugins/sqlite/Makefile.in index 21773de32..e6732a195 100644 --- a/src/libstrongswan/plugins/sqlite/Makefile.in +++ b/src/libstrongswan/plugins/sqlite/Makefile.in @@ -86,22 +86,17 @@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXDEPMODE = @CXXDEPMODE@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ DSYMUTIL = @DSYMUTIL@ -ECHO = @ECHO@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GPERF = @GPERF@ GREP = @GREP@ INSTALL = @INSTALL@ @@ -111,6 +106,7 @@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@ IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ @@ -119,12 +115,16 @@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ LINUX_HEADERS = @LINUX_HEADERS@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ +NM = @NM@ NMEDIT = @NMEDIT@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ @@ -147,8 +147,7 @@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ am__include = @am__include@ am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ @@ -187,6 +186,7 @@ libstrongswan_plugins = @libstrongswan_plugins@ linuxdir = @linuxdir@ localedir = @localedir@ localstatedir = @localstatedir@ +lt_ECHO = @lt_ECHO@ mandir = @mandir@ mkdir_p = @mkdir_p@ nm_CFLAGS = @nm_CFLAGS@ diff --git a/src/libstrongswan/plugins/x509/Makefile.in b/src/libstrongswan/plugins/x509/Makefile.in index 01093e862..028bbd41a 100644 --- a/src/libstrongswan/plugins/x509/Makefile.in +++ b/src/libstrongswan/plugins/x509/Makefile.in @@ -86,22 +86,17 @@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXDEPMODE = @CXXDEPMODE@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ DSYMUTIL = @DSYMUTIL@ -ECHO = @ECHO@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GPERF = @GPERF@ GREP = @GREP@ INSTALL = @INSTALL@ @@ -111,6 +106,7 @@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@ IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ @@ -119,12 +115,16 @@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ LINUX_HEADERS = @LINUX_HEADERS@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ +NM = @NM@ NMEDIT = @NMEDIT@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ @@ -147,8 +147,7 @@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ am__include = @am__include@ am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ @@ -187,6 +186,7 @@ libstrongswan_plugins = @libstrongswan_plugins@ linuxdir = @linuxdir@ localedir = @localedir@ localstatedir = @localstatedir@ +lt_ECHO = @lt_ECHO@ mandir = @mandir@ mkdir_p = @mkdir_p@ nm_CFLAGS = @nm_CFLAGS@ diff --git a/src/libstrongswan/plugins/x509/x509_ac.c b/src/libstrongswan/plugins/x509/x509_ac.c index 257a903e4..fbb7707a1 100644 --- a/src/libstrongswan/plugins/x509/x509_ac.c +++ b/src/libstrongswan/plugins/x509/x509_ac.c @@ -409,7 +409,7 @@ static bool parse_certificate(private_x509_ac_t *this) sig_alg = asn1_parse_algorithmIdentifier(object, level, NULL); break; case AC_OBJ_SERIAL_NUMBER: - this->serialNumber = object; + this->serialNumber = chunk_clone(object); break; case AC_OBJ_NOT_BEFORE: this->notBefore = asn1_to_time(&object, ASN1_GENERALIZEDTIME); @@ -923,6 +923,7 @@ static void destroy(private_x509_ac_t *this) ietfAttr_list_destroy(this->charging); ietfAttr_list_destroy(this->groups); + free(this->serialNumber.ptr); free(this->encoding.ptr); free(this); } @@ -956,6 +957,7 @@ static private_x509_ac_t *create_empty(void) /* initialize */ this->encoding = chunk_empty; + this->serialNumber = chunk_empty; this->holderSerial = chunk_empty; this->holderIssuer = NULL; this->entityName = NULL; diff --git a/src/libstrongswan/plugins/x509/x509_cert.c b/src/libstrongswan/plugins/x509/x509_cert.c index 9f76c3486..e618f31d8 100644 --- a/src/libstrongswan/plugins/x509/x509_cert.c +++ b/src/libstrongswan/plugins/x509/x509_cert.c @@ -17,7 +17,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * $Id: x509_cert.c 4576 2008-11-05 08:32:38Z martin $ + * $Id: x509_cert.c 4767 2008-12-08 19:15:38Z martin $ */ #define _GNU_SOURCE @@ -66,7 +66,7 @@ struct private_x509_cert_t { * Public interface for this certificate. */ x509_cert_t public; - + /** * X.509 certificate encoding in ASN.1 DER format */ @@ -76,7 +76,7 @@ struct private_x509_cert_t { * SHA1 hash of the DER encoding of this X.509 certificate */ chunk_t encoding_hash; - + /** * X.509 certificate body over which signature is computed */ @@ -96,17 +96,17 @@ struct private_x509_cert_t { * ID representing the certificate issuer */ identification_t *issuer; - + /** * Start time of certificate validity */ time_t notBefore; - + /** * End time of certificate validity */ time_t notAfter; - + /** * ID representing the certificate subject */ @@ -121,12 +121,12 @@ struct private_x509_cert_t { * List of crlDistributionPoints as allocated char* */ linked_list_t *crl_uris; - + /** * List ocspAccessLocations as identification_t */ linked_list_t *ocsp_uris; - + /** * certificates embedded public key */ @@ -136,12 +136,12 @@ struct private_x509_cert_t { * Subject Key Identifier */ chunk_t subjectKeyID; - + /** * Authority Key Identifier */ identification_t *authKeyIdentifier; - + /** * Authority Key Serial Number */ @@ -151,18 +151,23 @@ struct private_x509_cert_t { * x509 constraints and other flags */ x509_flag_t flags; - + /** * Signature algorithm */ int algorithm; - + /** * Signature */ chunk_t signature; /** + * Certificate parsed from blob/file? + */ + bool parsed; + + /** * reference count */ refcount_t ref; @@ -258,7 +263,7 @@ static bool parse_otherName(chunk_t blob, int level0) } } success = parser->success(parser); - + end: parser->destroy(parser); return success; @@ -306,16 +311,16 @@ static identification_t *parse_generalName(chunk_t blob, int level0) asn1_parser_t *parser; chunk_t object; int objectID ; - + identification_t *gn = NULL; - + parser = asn1_parser_create(generalNameObjects, blob); parser->set_top_level(parser, level0); - + while (parser->iterate(parser, &objectID, &object)) { id_type_t id_type = ID_ANY; - + switch (objectID) { case GN_OBJ_RFC822_NAME: @@ -329,7 +334,7 @@ static identification_t *parse_generalName(chunk_t blob, int level0) break; case GN_OBJ_DIRECTORY_NAME: id_type = ID_DER_ASN1_DN; - break; + break; case GN_OBJ_IP_ADDRESS: id_type = ID_IPV4_ADDR; break; @@ -350,12 +355,12 @@ static identification_t *parse_generalName(chunk_t blob, int level0) gn = identification_create_from_encoding(id_type, object); DBG2(" '%D'", gn); goto end; - } - } - + } + } + end: parser->destroy(parser); - return gn; + return gn; } /** @@ -377,18 +382,18 @@ void x509_parse_generalNames(chunk_t blob, int level0, bool implicit, linked_lis asn1_parser_t *parser; chunk_t object; int objectID; - + parser = asn1_parser_create(generalNamesObjects, blob); parser->set_top_level(parser, level0); parser->set_flags(parser, implicit, FALSE); - + while (parser->iterate(parser, &objectID, &object)) { if (objectID == GENERAL_NAMES_GN) { identification_t *gn = parse_generalName(object, parser->get_level(parser)+1); - + if (gn) { list->insert_last(list, (void *)gn); @@ -425,12 +430,12 @@ identification_t* x509_parse_authorityKeyIdentifier(chunk_t blob, int level0, chunk_t object; int objectID; identification_t *authKeyIdentifier = NULL; - + *authKeySerialNumber = chunk_empty; - + parser = asn1_parser_create(authKeyIdentifierObjects, blob); parser->set_top_level(parser, level0); - + while (parser->iterate(parser, &objectID, &object)) { switch (objectID) @@ -480,7 +485,7 @@ static void parse_authorityInfoAccess(chunk_t blob, int level0, parser = asn1_parser_create(authInfoAccessObjects, blob); parser->set_top_level(parser, level0); - + while (parser->iterate(parser, &objectID, &object)) { switch (objectID) @@ -497,7 +502,7 @@ static void parse_authorityInfoAccess(chunk_t blob, int level0, { identification_t *id; char *uri; - + id = parse_generalName(object, parser->get_level(parser)+1); if (id == NULL) @@ -524,7 +529,7 @@ static void parse_authorityInfoAccess(chunk_t blob, int level0, break; } } - + end: parser->destroy(parser); } @@ -552,7 +557,7 @@ static bool parse_extendedKeyUsage(chunk_t blob, int level0) parser = asn1_parser_create(extendedKeyUsageObjects, blob); parser->set_top_level(parser, level0); - + while (parser->iterate(parser, &objectID, &object)) { if (objectID == EXT_KEY_USAGE_PURPOSE_ID && @@ -599,13 +604,13 @@ static void parse_crlDistributionPoints(chunk_t blob, int level0, parser = asn1_parser_create(crlDistributionPointsObjects, blob); parser->set_top_level(parser, level0); - + while (parser->iterate(parser, &objectID, &object)) { if (objectID == CRL_DIST_POINTS_FULLNAME) { identification_t *id; - + /* append extracted generalNames to existing chained list */ x509_parse_generalNames(object, parser->get_level(parser)+1, TRUE, list); @@ -613,7 +618,7 @@ static void parse_crlDistributionPoints(chunk_t blob, int level0, while (list->remove_last(list, (void**)&id) == SUCCESS) { char *uri; - + if (asprintf(&uri, "%D", id) > 0) { this->crl_uris->insert_last(this->crl_uris, uri); @@ -687,11 +692,11 @@ static bool parse_certificate(private_x509_cert_t *this) bool critical; parser = asn1_parser_create(certObjects, this->encoding); - + while (parser->iterate(parser, &objectID, &object)) { u_int level = parser->get_level(parser)+1; - + switch (objectID) { case X509_OBJ_TBS_CERTIFICATE: @@ -806,7 +811,7 @@ static bool parse_certificate(private_x509_cert_t *this) } } success = parser->success(parser); - + end: parser->destroy(parser); return success; @@ -850,7 +855,7 @@ static id_match_t has_subject(private_x509_cert_t *this, identification_t *subje { return ID_MATCH_PERFECT; } - + best = this->subject->matches(this->subject, subject); enumerator = this->subjectAltNames->create_enumerator(this->subjectAltNames); while (enumerator->enumerate(enumerator, ¤t)) @@ -1001,7 +1006,7 @@ static bool is_newer(certificate_t *this, certificate_t *that) { time_t this_update, that_update, now = time(NULL); bool new; - + this->get_validity(this, &now, &this_update, NULL); that->get_validity(that, &now, &that_update, NULL); new = this_update > that_update; @@ -1026,7 +1031,7 @@ static bool equals(private_x509_cert_t *this, certificate_t *other) { chunk_t encoding; bool equal; - + if (this == (private_x509_cert_t*)other) { return TRUE; @@ -1102,6 +1107,12 @@ static void destroy(private_x509_cert_t *this) DESTROY_IF(this->authKeyIdentifier); chunk_free(&this->encoding); chunk_free(&this->encoding_hash); + if (!this->parsed) + { /* only parsed certificates point these fields to "encoded" */ + chunk_free(&this->signature); + chunk_free(&this->serialNumber); + chunk_free(&this->tbsCertificate); + } free(this); } } @@ -1132,9 +1143,14 @@ static private_x509_cert_t* create_empty(void) this->public.interface.create_subjectAltName_enumerator = (enumerator_t* (*)(x509_t*))create_subjectAltName_enumerator; this->public.interface.create_crl_uri_enumerator = (enumerator_t* (*)(x509_t*))create_crl_uri_enumerator; this->public.interface.create_ocsp_uri_enumerator = (enumerator_t* (*)(x509_t*))create_ocsp_uri_enumerator; - + this->encoding = chunk_empty; this->encoding_hash = chunk_empty; + this->tbsCertificate = chunk_empty; + this->version = 3; + this->serialNumber = chunk_empty; + this->notBefore = 0; + this->notAfter = 0; this->public_key = NULL; this->subject = NULL; this->issuer = NULL; @@ -1144,9 +1160,12 @@ static private_x509_cert_t* create_empty(void) this->subjectKeyID = chunk_empty; this->authKeyIdentifier = NULL; this->authKeySerialNumber = chunk_empty; + this->algorithm = 0; + this->signature = chunk_empty; this->flags = 0; this->ref = 1; - + this->parsed = FALSE; + return this; } @@ -1155,22 +1174,23 @@ static private_x509_cert_t* create_empty(void) */ static private_x509_cert_t *create_from_chunk(chunk_t chunk) { + hasher_t *hasher; private_x509_cert_t *this = create_empty(); - + this->encoding = chunk; if (!parse_certificate(this)) { destroy(this); return NULL; } - + /* check if the certificate is self-signed */ if (issued_by(this, &this->public.interface.interface)) { this->flags |= X509_SELF_SIGNED; } - hasher_t *hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1); + hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1); if (hasher != NULL) { hasher->allocate_hash(hasher, this->encoding, &this->encoding_hash); @@ -1181,6 +1201,7 @@ static private_x509_cert_t *create_from_chunk(chunk_t chunk) DBG1(" unable to create hash of certificate, SHA1 not supported"); } + this->parsed = TRUE; return this; } @@ -1207,7 +1228,6 @@ static private_x509_cert_t *create_from_file(char *path) } DBG1(" loaded certificate file '%s'", path); return this; - } typedef struct private_builder_t private_builder_t; @@ -1221,21 +1241,137 @@ struct private_builder_t { private_x509_cert_t *cert; /** additional flags to enforce */ x509_flag_t flags; + /** certificate to sign, if we generate a new cert */ + certificate_t *sign_cert; + /** private key to sign, if we generate a new cert */ + private_key_t *sign_key; }; /** + * Generate and sign a new certificate + */ +static bool generate(private_builder_t *this) +{ + chunk_t extensions = chunk_empty; + identification_t *issuer, *subject; + chunk_t key_info, key; + signature_scheme_t scheme; + hasher_t *hasher; + + subject = this->cert->subject; + if (this->sign_cert) + { + issuer = this->sign_cert->get_subject(this->sign_cert); + if (!this->cert->public_key) + { + return FALSE; + } + } + else + { /* self signed */ + issuer = subject; + if (!this->cert->public_key) + { + this->cert->public_key = this->sign_key->get_public_key(this->sign_key); + } + this->flags |= X509_SELF_SIGNED; + } + this->cert->issuer = issuer->clone(issuer); + if (!this->cert->notBefore) + { + this->cert->notBefore = time(NULL); + } + if (!this->cert->notAfter) + { /* defaults to 1 years from now on */ + this->cert->notAfter = this->cert->notBefore + 60 * 60 * 24 * 365; + } + this->cert->flags = this->flags; + + switch (this->sign_key->get_type(this->sign_key)) + { + case KEY_RSA: + this->cert->algorithm = OID_SHA1_WITH_RSA; + scheme = SIGN_RSA_EMSA_PKCS1_SHA1; + break; + default: + return FALSE; + } + + switch (this->cert->public_key->get_type(this->cert->public_key)) + { + case KEY_RSA: + key = this->cert->public_key->get_encoding(this->cert->public_key); + key_info = asn1_wrap(ASN1_SEQUENCE, "cm", + asn1_algorithmIdentifier(OID_RSA_ENCRYPTION), + asn1_bitstring("m", key)); + break; + default: + return FALSE; + } + + if (this->cert->subjectAltNames->get_count(this->cert->subjectAltNames)) + { + /* TODO: encode subjectAltNames */ + } + + this->cert->tbsCertificate = asn1_wrap(ASN1_SEQUENCE, "mmccmcmm", + asn1_simple_object(ASN1_CONTEXT_C_0, ASN1_INTEGER_2), + asn1_simple_object(ASN1_INTEGER, this->cert->serialNumber), + asn1_algorithmIdentifier(this->cert->algorithm), + issuer->get_encoding(issuer), + asn1_wrap(ASN1_SEQUENCE, "mm", + asn1_from_time(&this->cert->notBefore, ASN1_UTCTIME), + asn1_from_time(&this->cert->notAfter, ASN1_UTCTIME)), + subject->get_encoding(subject), + key_info, extensions); + + if (!this->sign_key->sign(this->sign_key, scheme, + this->cert->tbsCertificate, &this->cert->signature)) + { + return FALSE; + } + this->cert->encoding = asn1_wrap(ASN1_SEQUENCE, "ccm", + this->cert->tbsCertificate, + asn1_algorithmIdentifier(this->cert->algorithm), + asn1_bitstring("c", this->cert->signature)); + + hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1); + if (!hasher) + { + return FALSE; + } + hasher->allocate_hash(hasher, this->cert->encoding, + &this->cert->encoding_hash); + hasher->destroy(hasher); + return TRUE; +} + +/** * Implementation of builder_t.build */ static private_x509_cert_t *build(private_builder_t *this) { - private_x509_cert_t *cert = this->cert; - x509_flag_t flags = this->flags; - + private_x509_cert_t *cert; + x509_flag_t flags; + + if (this->cert && !this->cert->encoding.ptr) + { + if (!this->sign_key || !this->cert || + !generate(this)) + { + destroy(this->cert); + free(this); + return NULL; + } + } + cert = this->cert; + flags = this->flags; free(this); if (cert == NULL) { return NULL; } + if ((flags & X509_CA) && !(cert->flags & X509_CA)) { DBG1(" ca certificate must have ca basic constraint set, discarded"); @@ -1253,6 +1389,7 @@ static void add(private_builder_t *this, builder_part_t part, ...) { va_list args; chunk_t chunk; + bool handled = TRUE; va_start(args, part); switch (part) @@ -1267,6 +1404,60 @@ static void add(private_builder_t *this, builder_part_t part, ...) case BUILD_X509_FLAG: this->flags = va_arg(args, x509_flag_t); break; + case BUILD_SIGNING_KEY: + this->sign_key = va_arg(args, private_key_t*); + break; + case BUILD_SIGNING_CERT: + this->sign_cert = va_arg(args, certificate_t*); + break; + default: + /* all other parts need an empty cert */ + if (!this->cert) + { + this->cert = create_empty(); + } + handled = FALSE; + break; + } + if (handled) + { + va_end(args); + return; + } + + switch (part) + { + case BUILD_PUBLIC_KEY: + { + public_key_t *key = va_arg(args, public_key_t*); + this->cert->public_key = key->get_ref(key); + break; + } + case BUILD_SUBJECT: + { + identification_t *id = va_arg(args, identification_t*); + this->cert->subject = id->clone(id); + break; + } + case BUILD_SUBJECT_ALTNAME: + { + identification_t *id = va_arg(args, identification_t*); + this->cert->subjectAltNames->insert_last( + this->cert->subjectAltNames, id->clone(id)); + break; + } + case BUILD_NOT_BEFORE_TIME: + this->cert->notBefore = va_arg(args, time_t); + break; + case BUILD_NOT_AFTER_TIME: + this->cert->notAfter = va_arg(args, time_t); + break; + case BUILD_SERIAL: + { + chunk_t serial = va_arg(args, chunk_t); + this->cert->serialNumber = chunk_clone(serial); + break; + } default: /* abort if unsupported option */ if (this->cert) @@ -1295,6 +1486,8 @@ builder_t *x509_cert_builder(certificate_type_t type) this->cert = NULL; this->flags = 0; + this->sign_cert = NULL; + this->sign_key = NULL; this->public.add = (void(*)(builder_t *this, builder_part_t part, ...))add; this->public.build = (void*(*)(builder_t *this))build; diff --git a/src/libstrongswan/plugins/xcbc/Makefile.in b/src/libstrongswan/plugins/xcbc/Makefile.in index 898142582..48c6ef954 100644 --- a/src/libstrongswan/plugins/xcbc/Makefile.in +++ b/src/libstrongswan/plugins/xcbc/Makefile.in @@ -85,22 +85,17 @@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXDEPMODE = @CXXDEPMODE@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ DSYMUTIL = @DSYMUTIL@ -ECHO = @ECHO@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GPERF = @GPERF@ GREP = @GREP@ INSTALL = @INSTALL@ @@ -110,6 +105,7 @@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@ IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ @@ -118,12 +114,16 @@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ LINUX_HEADERS = @LINUX_HEADERS@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ +NM = @NM@ NMEDIT = @NMEDIT@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ @@ -146,8 +146,7 @@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ am__include = @am__include@ am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ @@ -186,6 +185,7 @@ libstrongswan_plugins = @libstrongswan_plugins@ linuxdir = @linuxdir@ localedir = @localedir@ localstatedir = @localstatedir@ +lt_ECHO = @lt_ECHO@ mandir = @mandir@ mkdir_p = @mkdir_p@ nm_CFLAGS = @nm_CFLAGS@ diff --git a/src/libstrongswan/utils.c b/src/libstrongswan/utils.c index b2134dfc7..4e6a09c4f 100644 --- a/src/libstrongswan/utils.c +++ b/src/libstrongswan/utils.c @@ -13,17 +13,17 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * $Id: utils.c 4305 2008-08-28 07:47:55Z tobias $ + * $Id: utils.c 4742 2008-12-03 09:45:58Z tobias $ */ #include "utils.h" #include <sys/stat.h> #include <string.h> -#include <pthread.h> #include <stdio.h> #include <unistd.h> #include <dirent.h> +#include <time.h> #include <enum.h> #include <debug.h> @@ -61,16 +61,41 @@ void *clalloc(void * pointer, size_t size) */ void memxor(u_int8_t dest[], u_int8_t src[], size_t n) { - size_t i; - for (i = 0; i < n; i++) + int i = 0, m; + + m = n - sizeof(long); + while (i < m) + { + *(long*)(dest + i) ^= *(long*)(src + i); + i += sizeof(long); + } + while (i < n) { dest[i] ^= src[i]; + i++; } } /** * Described in header. */ +void *memstr(const void *haystack, const char *needle, size_t n) +{ + unsigned const char *pos = haystack; + size_t l = strlen(needle); + for (; n >= l; ++pos, --n) + { + if (memeq(pos, needle, l)) + { + return (void*)pos; + } + } + return NULL; +} + +/** + * Described in header. + */ bool mkdir_p(const char *path, mode_t mode) { size_t len; @@ -129,19 +154,16 @@ void nop() { } +#ifndef HAVE_GCC_ATOMIC_OPERATIONS +#include <pthread.h> + /** - * We use a single mutex for all refcount variables. This - * is not optimal for performance, but the critical section - * is not that long... - * TODO: Consider to include a mutex in each refcount_t variable. + * We use a single mutex for all refcount variables. */ static pthread_mutex_t ref_mutex = PTHREAD_MUTEX_INITIALIZER; /** - * Described in header. - * - * TODO: May be implemented with atomic CPU instructions - * instead of a mutex. + * Increase refcount */ void ref_get(refcount_t *ref) { @@ -151,10 +173,7 @@ void ref_get(refcount_t *ref) } /** - * Described in header. - * - * TODO: May be implemented with atomic CPU instructions - * instead of a mutex. + * Decrease refcount */ bool ref_put(refcount_t *ref) { @@ -165,6 +184,7 @@ bool ref_put(refcount_t *ref) pthread_mutex_unlock(&ref_mutex); return !more_refs; } +#endif /* HAVE_GCC_ATOMIC_OPERATIONS */ /** * output handler in printf() for time_t diff --git a/src/libstrongswan/utils.h b/src/libstrongswan/utils.h index a5900201a..b26a17b01 100644 --- a/src/libstrongswan/utils.h +++ b/src/libstrongswan/utils.h @@ -13,7 +13,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * $Id: utils.h 4632 2008-11-11 18:37:19Z martin $ + * $Id: utils.h 4742 2008-12-03 09:45:58Z tobias $ */ /** @@ -225,6 +225,12 @@ void *clalloc(void *pointer, size_t size); void memxor(u_int8_t dest[], u_int8_t src[], size_t n); /** + * A variant of strstr with the characteristics of memchr, where haystack is not + * a null-terminated string but simply a memory area of length n. + */ +void *memstr(const void *haystack, const char *needle, size_t n); + +/** * Creates a directory and all required parent directories. * * @param path path to the new directory @@ -248,6 +254,14 @@ void nop(); */ typedef volatile u_int refcount_t; + +#ifdef HAVE_GCC_ATOMIC_OPERATIONS + +#define ref_get(ref) {__sync_fetch_and_add(ref, 1); } +#define ref_put(ref) (!__sync_sub_and_fetch(ref, 1)) + +#else /* !HAVE_GCC_ATOMIC_OPERATIONS */ + /** * Get a new reference. * @@ -268,6 +282,8 @@ void ref_get(refcount_t *ref); */ bool ref_put(refcount_t *ref); +#endif /* HAVE_GCC_ATOMIC_OPERATIONS */ + /** * Get printf hooks for time. * diff --git a/src/libstrongswan/utils/enumerator.c b/src/libstrongswan/utils/enumerator.c index 4ebc2e097..e7653a9b2 100644 --- a/src/libstrongswan/utils/enumerator.c +++ b/src/libstrongswan/utils/enumerator.c @@ -1,4 +1,5 @@ /* + * Copyright (C) 2008 Tobias Brunner * Copyright (C) 2007 Martin Willi * Hochschule fuer Technik Rapperswil * @@ -12,7 +13,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * $Id: enumerator.c 4142 2008-07-02 08:09:07Z martin $ + * $Id: enumerator.c 4744 2008-12-03 10:03:59Z tobias $ */ #include "enumerator.h" @@ -215,27 +216,48 @@ static bool enumerate_token_enum(token_enum_t *this, char **token) } } - /* find separators */ - sep = this->sep; - while (*sep) + switch (*this->pos) { - tmp = strchr(this->pos, *sep); - if (tmp && (pos == NULL || tmp < pos)) + case '"': + case '\'': { - pos = tmp; + /* read quoted token */ + tmp = strchr(this->pos + 1, *this->pos); + if (tmp) + { + *token = this->pos + 1; + *tmp = '\0'; + this->pos = tmp + 1; + return TRUE; + } + /* unterminated string, FALL-THROUGH */ + } + default: + { + /* find nearest separator */ + sep = this->sep; + while (*sep) + { + tmp = strchr(this->pos, *sep); + if (tmp && (pos == NULL || tmp < pos)) + { + pos = tmp; + } + sep++; + } + *token = this->pos; + if (pos) + { + *pos = '\0'; + this->pos = pos + 1; + } + else + { + last = TRUE; + pos = this->pos = strchr(this->pos, '\0'); + } + break; } - sep++; - } - *token = this->pos; - if (pos) - { - *pos = '\0'; - this->pos = pos + 1; - } - else - { - last = TRUE; - pos = this->pos = strchr(this->pos, '\0'); } /* trim trailing characters/separators */ @@ -268,7 +290,7 @@ static bool enumerate_token_enum(token_enum_t *this, char **token) } } - if (!last || pos > *token) + if (!last || pos >= *token) { return TRUE; } diff --git a/src/libstrongswan/utils/hashtable.c b/src/libstrongswan/utils/hashtable.c new file mode 100644 index 000000000..892d08b6c --- /dev/null +++ b/src/libstrongswan/utils/hashtable.c @@ -0,0 +1,433 @@ +/* + * Copyright (C) 2008 Tobias Brunner + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + * + * $Id: hashtable.c 4812 2008-12-17 09:56:05Z tobias $ + */ + +#include <utils/linked_list.h> + +#include "hashtable.h" + +/** The maximum capacity of the hash table (MUST be a power of 2) */ +#define MAX_CAPACITY (1 << 30) + +typedef struct pair_t pair_t; + +/** + * This pair holds a pointer to the key and value it represents. + */ +struct pair_t { + /** + * Key of a hash table item. + */ + void *key; + + /** + * Value of a hash table item. + */ + void *value; + + /** + * Cached hash (used in case of a resize). + */ + u_int hash; +}; + +/** + * Creates an empty pair object. + */ +pair_t *pair_create(void *key, void *value, u_int hash) +{ + pair_t *this = malloc_thing(pair_t); + + this->key = key; + this->value = value; + this->hash = hash; + + return this; +} + +typedef struct private_hashtable_t private_hashtable_t; + +/** + * Private data of a hashtable_t object. + * + */ +struct private_hashtable_t { + /** + * Public part of hash table. + */ + hashtable_t public; + + /** + * The number of items in the hash table. + */ + u_int count; + + /** + * The current capacity of the hash table (always a power of 2). + */ + u_int capacity; + + /** + * The current mask to calculate the row index (capacity - 1). + */ + u_int mask; + + /** + * The load factor. + */ + float load_factor; + + /** + * The actual table. + */ + linked_list_t **table; + + /** + * The hashing function. + */ + hashtable_hash_t hash; + + /** + * The equality function. + */ + hashtable_equals_t equals; +}; + +typedef struct private_enumerator_t private_enumerator_t; + +/** + * hash table enumerator implementation + */ +struct private_enumerator_t { + + /** + * implements enumerator interface + */ + enumerator_t enumerator; + + /** + * associated hash table + */ + private_hashtable_t *table; + + /** + * current row index + */ + u_int row; + + /** + * enumerator for the current row + */ + enumerator_t *current; +}; + +/** + * Compare a pair in a list with the given key. + */ +static inline bool pair_equals(pair_t *pair, private_hashtable_t *this, void *key) +{ + return this->equals(key, pair->key); +} + +/** + * This function returns the next-highest power of two for the given number. + * The algorithm works by setting all bits on the right-hand side of the most + * significant 1 to 1 and then increments the whole number so it rolls over + * to the nearest power of two. Note: returns 0 for n == 0 + */ +static u_int get_nearest_powerof2(u_int n) +{ + u_int i; + --n; + for (i = 1; i < sizeof(u_int) * 8; i <<= 1) + { + n |= n >> i; + } + return ++n; +} + +/** + * Init hash table parameters + */ +static void init_hashtable(private_hashtable_t *this, u_int capacity) +{ + capacity = max(1, min(capacity, MAX_CAPACITY)); + this->capacity = get_nearest_powerof2(capacity); + this->mask = this->capacity - 1; + this->load_factor = 0.75; + + this->table = calloc(this->capacity, sizeof(linked_list_t*)); +} + +/** + * Double the size of the hash table and rehash all the elements. + */ +static void rehash(private_hashtable_t *this) +{ + u_int row; + u_int old_capacity = this->capacity; + linked_list_t **old_table = this->table; + + if (old_capacity >= MAX_CAPACITY) + { + return; + } + + init_hashtable(this, old_capacity << 1); + + for (row = 0; row < old_capacity; ++row) + { + linked_list_t *list; + if ((list = old_table[row]) != NULL) + { + pair_t *pair; + enumerator_t *enumerator = list->create_enumerator(list); + while (enumerator->enumerate(enumerator, &pair)) + { + linked_list_t *new_list; + u_int new_row = pair->hash & this->mask; + list->remove_at(list, enumerator); + if ((new_list = this->table[new_row]) == NULL) + { + new_list = this->table[new_row] = linked_list_create(); + } + new_list->insert_last(new_list, pair); + } + enumerator->destroy(enumerator); + list->destroy(list); + } + } + free(old_table); +} + +/** + * Implementation of hashtable_t.put + */ +static void *put(private_hashtable_t *this, void *key, void *value) +{ + linked_list_t *list; + void *old_value = NULL; + u_int hash = this->hash(key); + u_int row = hash & this->mask; + + if ((list = this->table[row]) != NULL) + { + pair_t *pair; + enumerator_t *enumerator = list->create_enumerator(list); + while (enumerator->enumerate(enumerator, &pair)) + { + if (pair_equals(pair, this, key)) + { + old_value = pair->value; + pair->value = value; + break; + } + } + enumerator->destroy(enumerator); + } + else + { + list = this->table[row] = linked_list_create(); + } + + if (!old_value) + { + list->insert_last(list, pair_create(key, value, hash)); + this->count++; + } + + if (this->count >= this->capacity * this->load_factor) + { + rehash(this); + } + + return old_value; +} + +/** + * Implementation of hashtable_t.get + */ +static void *get(private_hashtable_t *this, void *key) +{ + void *value = NULL; + linked_list_t *list; + u_int row = this->hash(key) & this->mask; + + if ((list = this->table[row]) != NULL) + { + pair_t *pair; + if (list->find_first(list, (linked_list_match_t)pair_equals, + (void**)&pair, this, key) == SUCCESS) + { + value = pair->value; + } + } + + return value; +} + +/** + * Implementation of hashtable_t.remove + */ +static void *remove(private_hashtable_t *this, void *key) +{ + void *value = NULL; + linked_list_t *list; + u_int row = this->hash(key) & this->mask; + + if ((list = this->table[row]) != NULL) + { + pair_t *pair; + enumerator_t *enumerator = list->create_enumerator(list); + while (enumerator->enumerate(enumerator, &pair)) + { + if (pair_equals(pair, this, key)) + { + list->remove_at(list, enumerator); + value = pair->value; + this->count--; + free(pair); + break; + } + } + enumerator->destroy(enumerator); + } + + return value; +} + +/** + * Implementation of hashtable_t.get_count + */ +static u_int get_count(private_hashtable_t *this) +{ + return this->count; +} + +/** + * Implementation of private_enumerator_t.enumerator.enumerate. + */ +static bool enumerate(private_enumerator_t *this, void **key, void **value) +{ + while (this->row < this->table->capacity) + { + if (this->current) + { + pair_t *pair; + + if (this->current->enumerate(this->current, &pair)) + { + if (key) + { + *key = pair->key; + } + if (value) + { + *value = pair->value; + } + return TRUE; + } + this->current->destroy(this->current); + this->current = NULL; + } + else + { + linked_list_t *list; + + if ((list = this->table->table[this->row]) != NULL) + { + this->current = list->create_enumerator(list); + continue; + } + } + this->row++; + } + return FALSE; +} + +/** + * Implementation of private_enumerator_t.enumerator.destroy. + */ +static void enumerator_destroy(private_enumerator_t *this) +{ + if (this->current) + { + this->current->destroy(this->current); + } + free(this); +} + +/** + * Implementation of hashtable_t.create_enumerator. + */ +static enumerator_t* create_enumerator(private_hashtable_t *this) +{ + private_enumerator_t *enumerator = malloc_thing(private_enumerator_t); + + enumerator->enumerator.enumerate = (void*)enumerate; + enumerator->enumerator.destroy = (void*)enumerator_destroy; + enumerator->table = this; + enumerator->row = 0; + enumerator->current = NULL; + + return &enumerator->enumerator; +} + +/** + * Implementation of hashtable_t.destroy + */ +static void destroy(private_hashtable_t *this) +{ + u_int row; + for (row = 0; row < this->capacity; ++row) + { + linked_list_t *list; + if ((list = this->table[row]) != NULL) + { + list->destroy_function(list, free); + } + } + free(this->table); + free(this); +} + +/* + * Described in header. + */ +hashtable_t *hashtable_create(hashtable_hash_t hash, hashtable_equals_t equals, + u_int capacity) +{ + private_hashtable_t *this = malloc_thing(private_hashtable_t); + + this->public.put = (void*(*)(hashtable_t*,void*,void*))put; + this->public.get = (void*(*)(hashtable_t*,void*))get; + this->public.remove = (void*(*)(hashtable_t*,void*))remove; + this->public.get_count = (u_int(*)(hashtable_t*))get_count; + this->public.create_enumerator = (enumerator_t*(*)(hashtable_t*))create_enumerator; + this->public.destroy = (void(*)(hashtable_t*))destroy; + + this->count = 0; + this->capacity = 0; + this->mask = 0; + this->load_factor = 0; + this->table = NULL; + this->hash = hash; + this->equals = equals; + + init_hashtable(this, capacity); + + return &this->public; +} diff --git a/src/libstrongswan/utils/hashtable.h b/src/libstrongswan/utils/hashtable.h new file mode 100644 index 000000000..3d3005e73 --- /dev/null +++ b/src/libstrongswan/utils/hashtable.h @@ -0,0 +1,116 @@ +/* + * Copyright (C) 2008 Tobias Brunner + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + * + * $Id: hashtable.h 4762 2008-12-05 10:01:52Z martin $ + */ + +/** + * @defgroup hashtable hashtable + * @{ @ingroup utils + */ + +#ifndef HASHTABLE_H_ +#define HASHTABLE_H_ + +#include <utils/enumerator.h> + +typedef struct hashtable_t hashtable_t; + +/** + * Prototype for a function that computes the hash code from the given key. + * + * @param key key to hash + * @return hash code + */ +typedef u_int (*hashtable_hash_t)(void *key); + +/** + * Prototype for a function that compares the two keys for equality. + * + * @param key first key (the one we are looking for) + * @param other_key second key + * @return TRUE if the keys are equal + */ +typedef bool (*hashtable_equals_t)(void *key, void *other_key); + +/** + * Class implementing a hash table. + * + * General purpose hash table. This hash table is not synchronized. + */ +struct hashtable_t { + + /** + * Create an enumerator over the hash table key/value pairs. + * + * @return enumerator over (void *key, void *value) + */ + enumerator_t *(*create_enumerator) (hashtable_t *this); + + /** + * Adds the given value with the given key to the hash table, if there + * exists no entry with that key. NULL is returned in this case. + * Otherwise the existing value is replaced and the function returns the + * old value. + * + * @param key the key to store + * @param value the value to store + * @return NULL if no item was replaced, the old value otherwise + */ + void *(*put) (hashtable_t *this, void *key, void *value); + + /** + * Returns the value with the given key, if the hash table contains such an + * entry, otherwise NULL is returned. + * + * @param key the key of the requested value + * @return the value, NULL if not found + */ + void *(*get) (hashtable_t *this, void *key); + + /** + * Removes the value with the given key from the hash table and returns the + * removed value (or NULL if no such value existed). + * + * @param key the key of the value to remove + * @return the removed value, NULL if not found + */ + void *(*remove) (hashtable_t *this, void *key); + + /** + * Gets the number of items in the hash table. + * + * @return number of items + */ + u_int (*get_count) (hashtable_t *this); + + /** + * Destroys a hash table object. + */ + void (*destroy) (hashtable_t *this); + +}; + +/** + * Creates an empty hash table object. + * + * @param hash hash function + * @param equals equals function + * @param capacity initial capacity + * @return hashtable_t object. + */ +hashtable_t *hashtable_create(hashtable_hash_t hash, hashtable_equals_t equals, + u_int capacity); + +#endif /* HASHTABLE_H_ @} */ diff --git a/src/libstrongswan/utils/host.c b/src/libstrongswan/utils/host.c index 4702222e8..719c5a529 100644 --- a/src/libstrongswan/utils/host.c +++ b/src/libstrongswan/utils/host.c @@ -15,7 +15,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * $Id: host.c 4639 2008-11-12 15:09:24Z martin $ + * $Id: host.c 4856 2009-02-05 22:13:48Z andreas $ */ #define _GNU_SOURCE @@ -453,6 +453,10 @@ host_t *host_create_from_dns(char *string, int af, u_int16_t port) { return host_create_any(af ? af : AF_INET); } + if (streq(string, "%any6")) + { + return host_create_any(af ? af : AF_INET6); + } else if (strchr(string, ':')) { /* gethostbyname does not like IPv6 addresses - fallback */ diff --git a/src/libstrongswan/utils/identification.c b/src/libstrongswan/utils/identification.c index db442e9ab..529e62509 100644 --- a/src/libstrongswan/utils/identification.c +++ b/src/libstrongswan/utils/identification.c @@ -13,7 +13,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * $Id: identification.c 4344 2008-09-17 02:17:01Z andreas $ + * $Id: identification.c 4856 2009-02-05 22:13:48Z andreas $ */ #define _GNU_SOURCE @@ -1046,6 +1046,7 @@ identification_t *identification_create_from_string(char *string) else if (strchr(string, '@') == NULL) { if (streq(string, "%any") + || streq(string, "%any6") || streq(string, "0.0.0.0") || streq(string, "*") || streq(string, "::") diff --git a/src/libstrongswan/utils/leak_detective.c b/src/libstrongswan/utils/leak_detective.c index 73409158d..4c56c9596 100644 --- a/src/libstrongswan/utils/leak_detective.c +++ b/src/libstrongswan/utils/leak_detective.c @@ -12,9 +12,11 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * $Id: leak_detective.c 4609 2008-11-10 16:44:27Z martin $ + * $Id: leak_detective.c 4796 2008-12-12 09:10:52Z martin $ */ +#define _GNU_SOURCE +#include <sched.h> #include <stddef.h> #include <string.h> #include <stdio.h> @@ -160,6 +162,7 @@ char *whitelist[] = { /* pthread stuff */ "pthread_create", "pthread_setspecific", + "__pthread_setspecific", /* glibc functions */ "mktime", "__gmtime_r", @@ -199,6 +202,7 @@ char *whitelist[] = { "RSA_new_method", "DH_new_method", "ENGINE_load_builtin_engines", + "OPENSSL_config", }; /** @@ -471,6 +475,16 @@ leak_detective_t *leak_detective_create() if (getenv("LEAK_DETECTIVE_DISABLE") == NULL) { + cpu_set_t mask; + + CPU_ZERO(&mask); + CPU_SET(0, &mask); + + if (sched_setaffinity(0, sizeof(cpu_set_t), &mask) != 0) + { + fprintf(stderr, "setting CPU affinity failed: %m"); + } + lib->leak_detective = TRUE; install_hooks(); } diff --git a/src/libstrongswan/utils/lexparser.c b/src/libstrongswan/utils/lexparser.c index 8b7b3b547..5725df1ea 100644 --- a/src/libstrongswan/utils/lexparser.c +++ b/src/libstrongswan/utils/lexparser.c @@ -11,16 +11,11 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * $Id: lexparser.c 3872 2008-04-25 07:04:59Z andreas $ + * $Id: lexparser.c 4877 2009-02-18 09:45:54Z martin $ */ -/* memrchr is a GNU extension */ -#define _GNU_SOURCE -#include <string.h> - #include "lexparser.h" - /** * eat whitespace */ @@ -30,7 +25,7 @@ bool eat_whitespace(chunk_t *src) { src->ptr++; src->len--; } - return src->len > 0 && *src->ptr != '#'; + return src->len > 0 && *src->ptr != '#'; } /** @@ -51,11 +46,11 @@ bool extract_token(chunk_t *token, const char termination, chunk_t *src) if (termination == ' ') { u_char *eot_tab = memchr(src->ptr, '\t', src->len); - + /* check if a tab instead of a space terminates the token */ eot = ( eot_tab == NULL || (eot && eot < eot_tab) ) ? eot : eot_tab; } - + /* initialize empty token */ *token = chunk_empty; @@ -76,16 +71,17 @@ bool extract_token(chunk_t *token, const char termination, chunk_t *src) } /** - * extracts a token ending with the last occurrence of a given termination symbol + * extracts a token ending with the first occurrence of a given null-terminated string */ -bool extract_last_token(chunk_t *token, const char termination, chunk_t *src) +bool extract_token_str(chunk_t *token, const char *termination, chunk_t *src) { - u_char *eot = memrchr(src->ptr, termination, src->len); + u_char *eot = memstr(src->ptr, termination, src->len); + size_t l = strlen(termination); /* initialize empty token */ *token = chunk_empty; - if (eot == NULL) /* termination symbol not found */ + if (eot == NULL) /* termination string not found */ { return FALSE; } @@ -94,9 +90,9 @@ bool extract_last_token(chunk_t *token, const char termination, chunk_t *src) token->ptr = src->ptr; token->len = (u_int)(eot - src->ptr); - /* advance src pointer after termination symbol */ - src->ptr = eot + 1; - src->len -= (token->len + 1); + /* advance src pointer after termination string */ + src->ptr = eot + l; + src->len -= (token->len + l); return TRUE; } diff --git a/src/libstrongswan/utils/lexparser.h b/src/libstrongswan/utils/lexparser.h index 7d54ca22e..c47f65718 100644 --- a/src/libstrongswan/utils/lexparser.h +++ b/src/libstrongswan/utils/lexparser.h @@ -13,7 +13,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * $Id: lexparser.h 3876 2008-04-26 09:24:14Z andreas $ + * $Id: lexparser.h 4877 2009-02-18 09:45:54Z martin $ */ /** @@ -37,14 +37,14 @@ bool eat_whitespace(chunk_t *src); bool match(const char *pattern, const chunk_t *ch); /** - * Extracts a token ending with the first occurence a given termination symbol + * Extracts a token ending with the first occurrence of a given termination symbol */ bool extract_token(chunk_t *token, const char termination, chunk_t *src); /** - * Extracts a token ending with the last occurence a given termination symbol + * Extracts a token ending with the first occurrence of a given null-terminated string */ -bool extract_last_token(chunk_t *token, const char termination, chunk_t *src); +bool extract_token_str(chunk_t *token, const char *termination, chunk_t *src); /** * Fetches a new text line terminated by \n or \r\n diff --git a/src/libstrongswan/utils/mutex.c b/src/libstrongswan/utils/mutex.c index ddb0d2df6..ba4b72b0c 100644 --- a/src/libstrongswan/utils/mutex.c +++ b/src/libstrongswan/utils/mutex.c @@ -1,4 +1,5 @@ /* + * Copyright (C) 2008 Tobias Brunner * Copyright (C) 2008 Martin Willi * Hochschule fuer Technik Rapperswil * @@ -12,7 +13,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * $Id: mutex.c 4591 2008-11-05 16:12:54Z martin $ + * $Id: mutex.c 4803 2008-12-15 09:13:43Z martin $ */ #define _GNU_SOURCE @@ -76,7 +77,7 @@ static void profiler_cleanup(lock_profile_t *profile) */ static void profiler_init(lock_profile_t *profile) { - profile->backtrace = backtrace_create(3); + profile->backtrace = backtrace_create(2); timerclear(&profile->waited); } @@ -332,28 +333,17 @@ static void wait(private_condvar_t *this, private_mutex_t *mutex) } /** - * Implementation of condvar_t.timed_wait. + * Implementation of condvar_t.timed_wait_abs. */ -static bool timed_wait(private_condvar_t *this, private_mutex_t *mutex, - u_int timeout) +static bool timed_wait_abs(private_condvar_t *this, private_mutex_t *mutex, + timeval_t time) { struct timespec ts; - struct timeval tv; - u_int s, ms; bool timed_out; - gettimeofday(&tv, NULL); - - s = timeout / 1000; - ms = timeout % 1000; + ts.tv_sec = time.tv_sec; + ts.tv_nsec = time.tv_usec * 1000; - ts.tv_sec = tv.tv_sec + s; - ts.tv_nsec = tv.tv_usec * 1000 + ms * 1000000; - if (ts.tv_nsec > 1000000000 /* 1s */) - { - ts.tv_nsec -= 1000000000; - ts.tv_sec++; - } if (mutex->recursive) { private_r_mutex_t* recursive = (private_r_mutex_t*)mutex; @@ -372,6 +362,31 @@ static bool timed_wait(private_condvar_t *this, private_mutex_t *mutex, } /** + * Implementation of condvar_t.timed_wait. + */ +static bool timed_wait(private_condvar_t *this, private_mutex_t *mutex, + u_int timeout) +{ + timeval_t tv; + u_int s, ms; + + gettimeofday(&tv, NULL); + + s = timeout / 1000; + ms = timeout % 1000; + + tv.tv_sec += s; + tv.tv_usec += ms * 1000; + + if (tv.tv_usec > 1000000 /* 1s */) + { + tv.tv_usec -= 1000000; + tv.tv_sec++; + } + return timed_wait_abs(this, mutex, tv); +} + +/** * Implementation of condvar_t.signal. */ static void signal(private_condvar_t *this) @@ -410,6 +425,7 @@ condvar_t *condvar_create(condvar_type_t type) this->public.wait = (void(*)(condvar_t*, mutex_t *mutex))wait; this->public.timed_wait = (bool(*)(condvar_t*, mutex_t *mutex, u_int timeout))timed_wait; + this->public.timed_wait_abs = (bool(*)(condvar_t*, mutex_t *mutex, timeval_t time))timed_wait_abs; this->public.signal = (void(*)(condvar_t*))signal; this->public.broadcast = (void(*)(condvar_t*))broadcast; this->public.destroy = (void(*)(condvar_t*))condvar_destroy; diff --git a/src/libstrongswan/utils/mutex.h b/src/libstrongswan/utils/mutex.h index a0a198024..4cdd96a99 100644 --- a/src/libstrongswan/utils/mutex.h +++ b/src/libstrongswan/utils/mutex.h @@ -1,4 +1,5 @@ /* + * Copyright (C) 2008 Tobias Brunner * Copyright (C) 2008 Martin Willi * Hochschule fuer Technik Rapperswil * @@ -11,6 +12,8 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. + * + * $Id: mutex.h 4697 2008-11-25 19:30:02Z tobias $ */ /** @@ -99,6 +102,15 @@ struct condvar_t { bool (*timed_wait)(condvar_t *this, mutex_t *mutex, u_int timeout); /** + * Wait on a condvar until it gets signalized, or times out. + * + * @param mutex mutex to release while waiting + * @param time absolute time until timeout + * @return TRUE if timed out, FALSE otherwise + */ + bool (*timed_wait_abs)(condvar_t *this, mutex_t *mutex, timeval_t timeout); + + /** * Wake up a single thread in a condvar. */ void (*signal)(condvar_t *this); |