diff options
Diffstat (limited to 'src/libstrongswan/plugins/pgp')
| -rw-r--r-- | src/libstrongswan/plugins/pgp/Makefile.am | 16 | ||||
| -rw-r--r-- | src/libstrongswan/plugins/pgp/Makefile.in | 59 | ||||
| -rw-r--r-- | src/libstrongswan/plugins/pgp/pgp_builder.c | 13 | ||||
| -rw-r--r-- | src/libstrongswan/plugins/pgp/pgp_cert.c | 32 | ||||
| -rw-r--r-- | src/libstrongswan/plugins/pgp/pgp_encoder.c | 3 | ||||
| -rw-r--r-- | src/libstrongswan/plugins/pgp/pgp_plugin.c | 2 | ||||
| -rw-r--r-- | src/libstrongswan/plugins/pgp/pgp_plugin.h | 5 | ||||
| -rw-r--r-- | src/libstrongswan/plugins/pgp/pgp_utils.c | 18 |
8 files changed, 83 insertions, 65 deletions
diff --git a/src/libstrongswan/plugins/pgp/Makefile.am b/src/libstrongswan/plugins/pgp/Makefile.am index c232971bb..4b414616d 100644 --- a/src/libstrongswan/plugins/pgp/Makefile.am +++ b/src/libstrongswan/plugins/pgp/Makefile.am @@ -3,13 +3,17 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic +if MONOLITHIC +noinst_LTLIBRARIES = libstrongswan-pgp.la +else plugin_LTLIBRARIES = libstrongswan-pgp.la +endif -libstrongswan_pgp_la_SOURCES = pgp_plugin.h pgp_plugin.c \ - pgp_utils.h pgp_utils.c \ - pgp_cert.h pgp_cert.c \ - pgp_encoder.h pgp_encoder.c \ - pgp_builder.h pgp_builder.c +libstrongswan_pgp_la_SOURCES = \ + pgp_plugin.h pgp_plugin.c \ + pgp_utils.h pgp_utils.c \ + pgp_cert.h pgp_cert.c \ + pgp_encoder.h pgp_encoder.c \ + pgp_builder.h pgp_builder.c libstrongswan_pgp_la_LDFLAGS = -module -avoid-version - diff --git a/src/libstrongswan/plugins/pgp/Makefile.in b/src/libstrongswan/plugins/pgp/Makefile.in index 70840c400..5d487364f 100644 --- a/src/libstrongswan/plugins/pgp/Makefile.in +++ b/src/libstrongswan/plugins/pgp/Makefile.in @@ -72,7 +72,7 @@ am__base_list = \ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' am__installdirs = "$(DESTDIR)$(plugindir)" -LTLIBRARIES = $(plugin_LTLIBRARIES) +LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES) libstrongswan_pgp_la_LIBADD = am_libstrongswan_pgp_la_OBJECTS = pgp_plugin.lo pgp_utils.lo \ pgp_cert.lo pgp_encoder.lo pgp_builder.lo @@ -80,6 +80,8 @@ libstrongswan_pgp_la_OBJECTS = $(am_libstrongswan_pgp_la_OBJECTS) libstrongswan_pgp_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(libstrongswan_pgp_la_LDFLAGS) $(LDFLAGS) -o $@ +@MONOLITHIC_FALSE@am_libstrongswan_pgp_la_rpath = -rpath $(plugindir) +@MONOLITHIC_TRUE@am_libstrongswan_pgp_la_rpath = DEFAULT_INCLUDES = -I.@am__isrc@ depcomp = $(SHELL) $(top_srcdir)/depcomp am__depfiles_maybe = depfiles @@ -218,6 +220,7 @@ ipsecuid = @ipsecuid@ ipsecuser = @ipsecuser@ libdir = @libdir@ libexecdir = @libexecdir@ +libhydra_plugins = @libhydra_plugins@ libstrongswan_plugins = @libstrongswan_plugins@ linux_headers = @linux_headers@ localedir = @localedir@ @@ -254,12 +257,14 @@ xml_CFLAGS = @xml_CFLAGS@ xml_LIBS = @xml_LIBS@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic -plugin_LTLIBRARIES = libstrongswan-pgp.la -libstrongswan_pgp_la_SOURCES = pgp_plugin.h pgp_plugin.c \ - pgp_utils.h pgp_utils.c \ - pgp_cert.h pgp_cert.c \ - pgp_encoder.h pgp_encoder.c \ - pgp_builder.h pgp_builder.c +@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-pgp.la +@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-pgp.la +libstrongswan_pgp_la_SOURCES = \ + pgp_plugin.h pgp_plugin.c \ + pgp_utils.h pgp_utils.c \ + pgp_cert.h pgp_cert.c \ + pgp_encoder.h pgp_encoder.c \ + pgp_builder.h pgp_builder.c libstrongswan_pgp_la_LDFLAGS = -module -avoid-version all: all-am @@ -296,6 +301,15 @@ $(top_srcdir)/configure: $(am__configure_deps) $(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(am__aclocal_m4_deps): + +clean-noinstLTLIBRARIES: + -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES) + @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES) @$(NORMAL_INSTALL) test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)" @@ -328,7 +342,7 @@ clean-pluginLTLIBRARIES: rm -f "$${dir}/so_locations"; \ done libstrongswan-pgp.la: $(libstrongswan_pgp_la_OBJECTS) $(libstrongswan_pgp_la_DEPENDENCIES) - $(libstrongswan_pgp_la_LINK) -rpath $(plugindir) $(libstrongswan_pgp_la_OBJECTS) $(libstrongswan_pgp_la_LIBADD) $(LIBS) + $(libstrongswan_pgp_la_LINK) $(am_libstrongswan_pgp_la_rpath) $(libstrongswan_pgp_la_OBJECTS) $(libstrongswan_pgp_la_LIBADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) @@ -485,8 +499,8 @@ maintainer-clean-generic: @echo "it deletes files that may require special tools to rebuild." clean: clean-am -clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \ - mostlyclean-am +clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \ + clean-pluginLTLIBRARIES mostlyclean-am distclean: distclean-am -rm -rf ./$(DEPDIR) @@ -557,18 +571,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES .MAKE: install-am install-strip .PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ - clean-libtool clean-pluginLTLIBRARIES ctags distclean \ - distclean-compile distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-pluginLTLIBRARIES \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-pluginLTLIBRARIES + clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \ + ctags distclean distclean-compile distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-man install-pdf install-pdf-am \ + install-pluginLTLIBRARIES install-ps install-ps-am \ + install-strip installcheck installcheck-am installdirs \ + maintainer-clean maintainer-clean-generic mostlyclean \ + mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ + pdf pdf-am ps ps-am tags uninstall uninstall-am \ + uninstall-pluginLTLIBRARIES # Tell versions [3.59,3.63) of GNU make to not export all variables. diff --git a/src/libstrongswan/plugins/pgp/pgp_builder.c b/src/libstrongswan/plugins/pgp/pgp_builder.c index d262d18ff..84c9bfddd 100644 --- a/src/libstrongswan/plugins/pgp/pgp_builder.c +++ b/src/libstrongswan/plugins/pgp/pgp_builder.c @@ -41,7 +41,7 @@ static public_key_t *parse_public_key(chunk_t blob) BUILD_BLOB_PGP, blob, BUILD_END); break; default: - DBG1("PGP public key algorithm %N not supported", + DBG1(DBG_LIB, "PGP public key algorithm %N not supported", pgp_pubkey_alg_names, alg); return NULL; } @@ -90,12 +90,13 @@ static private_key_t *parse_rsa_private_key(chunk_t blob) } if (s2k == 255 || s2k == 254) { - DBG1("string-to-key specifiers not supported"); + DBG1(DBG_LIB, "string-to-key specifiers not supported"); return NULL; } if (s2k != PGP_SYM_ALG_PLAIN) { - DBG1("%N private key encryption not supported", pgp_sym_alg_names, s2k); + DBG1(DBG_LIB, "%N private key encryption not supported", + pgp_sym_alg_names, s2k); return NULL; } @@ -121,7 +122,7 @@ static private_key_t *parse_rsa_private_key(chunk_t blob) static bool sign_not_allowed(private_key_t *this, signature_scheme_t scheme, chunk_t data, chunk_t *signature) { - DBG1("signing failed - decryption only key"); + DBG1(DBG_LIB, "signing failed - decryption only key"); return FALSE; } @@ -131,7 +132,7 @@ static bool sign_not_allowed(private_key_t *this, signature_scheme_t scheme, static bool decrypt_not_allowed(private_key_t *this, chunk_t crypto, chunk_t *plain) { - DBG1("decryption failed - signature only key"); + DBG1(DBG_LIB, "decryption failed - signature only key"); return FALSE; } @@ -164,7 +165,7 @@ static private_key_t *parse_private_key(chunk_t blob) case 4: break; default: - DBG1("PGP packet version V%d not supported", version); + DBG1(DBG_LIB, "PGP packet version V%d not supported", version); return FALSE; } if (!pgp_read_scalar(&packet, 4, &created)) diff --git a/src/libstrongswan/plugins/pgp/pgp_cert.c b/src/libstrongswan/plugins/pgp/pgp_cert.c index fa2612285..cd04f3d1a 100644 --- a/src/libstrongswan/plugins/pgp/pgp_cert.c +++ b/src/libstrongswan/plugins/pgp/pgp_cert.c @@ -198,9 +198,9 @@ static bool is_newer(certificate_t *this, certificate_t *that) this->get_validity(this, &now, &this_update, NULL); that->get_validity(that, &now, &that_update, NULL); new = this_update > that_update; - DBG1(" certificate from %T is %s - existing certificate from %T %s", - &this_update, FALSE, new ? "newer":"not newer", - &that_update, FALSE, new ? "replaced":"retained"); + DBG1(DBG_LIB, " certificate from %T is %s - existing certificate" + " from %T %s", &this_update, FALSE, new ? "newer" : "not newer", + &that_update, FALSE, new ? "replaced" : "retained"); return new; } @@ -322,16 +322,18 @@ static bool parse_public_key(private_pgp_cert_t *this, chunk_t packet) } break; default: - DBG1("PGP packet version V%d not supported", this->version); + DBG1(DBG_LIB, "PGP packet version V%d not supported", + this->version); return FALSE; } if (this->valid) { - DBG2("L2 - created %T, valid %d days", &this->created, FALSE, this->valid); + DBG2(DBG_LIB, "L2 - created %T, valid %d days", &this->created, FALSE, + this->valid); } else { - DBG2("L2 - created %T, never expires", &this->created, FALSE); + DBG2(DBG_LIB, "L2 - created %T, never expires", &this->created, FALSE); } DESTROY_IF(this->key); this->key = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_ANY, @@ -352,13 +354,13 @@ static bool parse_public_key(private_pgp_cert_t *this, chunk_t packet) hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1); if (hasher == NULL) { - DBG1("no SHA-1 hasher available"); + DBG1(DBG_LIB, "no SHA-1 hasher available"); return FALSE; } hasher->allocate_hash(hasher, pubkey_packet_header, NULL); hasher->allocate_hash(hasher, pubkey_packet, &this->fingerprint); hasher->destroy(hasher); - DBG2("L2 - v4 fingerprint %#B", &this->fingerprint); + DBG2(DBG_LIB, "L2 - v4 fingerprint %#B", &this->fingerprint); } else { @@ -369,7 +371,7 @@ static bool parse_public_key(private_pgp_cert_t *this, chunk_t packet) return FALSE; } this->fingerprint = chunk_clone(this->fingerprint); - DBG2("L2 - v3 fingerprint %#B", &this->fingerprint); + DBG2(DBG_LIB, "L2 - v3 fingerprint %#B", &this->fingerprint); } return TRUE; } @@ -389,7 +391,7 @@ static bool parse_signature(private_pgp_cert_t *this, chunk_t packet) /* we parse only v3 or v4 signature packets */ if (version != 3 && version != 4) { - DBG2("L2 - v%d signature ignored", version); + DBG2(DBG_LIB, "L2 - v%d signature ignored", version); return TRUE; } if (version == 4) @@ -398,7 +400,7 @@ static bool parse_signature(private_pgp_cert_t *this, chunk_t packet) { return FALSE; } - DBG2("L2 - v%d signature of type 0x%02x", version, type); + DBG2(DBG_LIB, "L2 - v%d signature of type 0x%02x", version, type); } else { @@ -411,8 +413,8 @@ static bool parse_signature(private_pgp_cert_t *this, chunk_t packet) { return FALSE; } - DBG2("L2 - v3 signature of type 0x%02x, created %T", type, - &created, FALSE); + DBG2(DBG_LIB, "L2 - v3 signature of type 0x%02x, created %T", type, + &created, FALSE); } /* TODO: parse and save signature to a list */ return TRUE; @@ -425,7 +427,7 @@ static bool parse_user_id(private_pgp_cert_t *this, chunk_t packet) { DESTROY_IF(this->user_id); this->user_id = identification_create_from_encoding(ID_KEY_ID, packet); - DBG2("L2 - '%Y'", this->user_id); + DBG2(DBG_LIB, "L2 - '%Y'", this->user_id); return TRUE; } @@ -486,7 +488,7 @@ pgp_cert_t *pgp_cert_load(certificate_type_t type, va_list args) } break; default: - DBG1("ignoring %N packet in PGP certificate", + DBG1(DBG_LIB, "ignoring %N packet in PGP certificate", pgp_packet_tag_names, tag); break; } diff --git a/src/libstrongswan/plugins/pgp/pgp_encoder.c b/src/libstrongswan/plugins/pgp/pgp_encoder.c index 56acac597..d5c3df590 100644 --- a/src/libstrongswan/plugins/pgp/pgp_encoder.c +++ b/src/libstrongswan/plugins/pgp/pgp_encoder.c @@ -31,7 +31,8 @@ static bool build_v3_fingerprint(chunk_t *encoding, va_list args) hasher = lib->crypto->create_hasher(lib->crypto, HASH_MD5); if (!hasher) { - DBG1("MD5 hash algorithm not supported, PGP fingerprinting failed"); + DBG1(DBG_LIB, "MD5 hash algorithm not supported, PGP" + " fingerprinting failed"); return FALSE; } /* remove leading zero bytes before hashing modulus and exponent */ diff --git a/src/libstrongswan/plugins/pgp/pgp_plugin.c b/src/libstrongswan/plugins/pgp/pgp_plugin.c index eabb3695f..3ed1faf01 100644 --- a/src/libstrongswan/plugins/pgp/pgp_plugin.c +++ b/src/libstrongswan/plugins/pgp/pgp_plugin.c @@ -54,7 +54,7 @@ static void destroy(private_pgp_plugin_t *this) /* * see header file */ -plugin_t *plugin_create() +plugin_t *pgp_plugin_create() { private_pgp_plugin_t *this = malloc_thing(private_pgp_plugin_t); diff --git a/src/libstrongswan/plugins/pgp/pgp_plugin.h b/src/libstrongswan/plugins/pgp/pgp_plugin.h index 95765cd76..8a0ab89d6 100644 --- a/src/libstrongswan/plugins/pgp/pgp_plugin.h +++ b/src/libstrongswan/plugins/pgp/pgp_plugin.h @@ -39,9 +39,4 @@ struct pgp_plugin_t { plugin_t plugin; }; -/** - * Create a pgp_plugin instance. - */ -plugin_t *plugin_create(); - #endif /** PGP_PLUGIN_H_ @}*/ diff --git a/src/libstrongswan/plugins/pgp/pgp_utils.c b/src/libstrongswan/plugins/pgp/pgp_utils.c index 1658f3232..2d85cc0c8 100644 --- a/src/libstrongswan/plugins/pgp/pgp_utils.c +++ b/src/libstrongswan/plugins/pgp/pgp_utils.c @@ -79,7 +79,7 @@ bool pgp_read_scalar(chunk_t *blob, size_t bytes, u_int32_t *scalar) if (bytes > blob->len) { - DBG1("PGP data too short to read %d byte scalar", bytes); + DBG1(DBG_LIB, "PGP data too short to read %d byte scalar", bytes); return FALSE; } while (bytes-- > 0) @@ -100,13 +100,13 @@ bool pgp_read_mpi(chunk_t *blob, chunk_t *mpi) if (!pgp_read_scalar(blob, 2, &bits)) { - DBG1("PGP data too short to read MPI length"); + DBG1(DBG_LIB, "PGP data too short to read MPI length"); return FALSE; } bytes = (bits + 7) / 8; if (bytes > blob->len) { - DBG1("PGP data too short to read %d byte MPI", bytes); + DBG1(DBG_LIB, "PGP data too short to read %d byte MPI", bytes); return FALSE; } *mpi = chunk_create(blob->ptr, bytes); @@ -146,7 +146,7 @@ bool pgp_read_packet(chunk_t *blob, chunk_t *data, pgp_packet_tag_t *tag) if (!blob->len) { - DBG1("missing input"); + DBG1(DBG_LIB, "missing input"); return FALSE; } t = blob->ptr[0]; @@ -154,27 +154,27 @@ bool pgp_read_packet(chunk_t *blob, chunk_t *data, pgp_packet_tag_t *tag) /* bit 7 must be set */ if (!(t & 0x80)) { - DBG1("invalid packet tag"); + DBG1(DBG_LIB, "invalid packet tag"); return FALSE; } /* bit 6 set defines new packet format */ if (t & 0x40) { - DBG1("new PGP packet format not supported"); + DBG1(DBG_LIB, "new PGP packet format not supported"); return FALSE; } t = (t & 0x3C) >> 2; if (!pgp_old_packet_length(blob, &len) || len > blob->len) { - DBG1("invalid packet length"); + DBG1(DBG_LIB, "invalid packet length"); return FALSE; } *data = chunk_create(blob->ptr, len); *blob = chunk_skip(*blob, len); *tag = t; - DBG2("L1 - PGP %N (%u bytes)", pgp_packet_tag_names, t, len); - DBG3("%B", data); + DBG2(DBG_LIB, "L1 - PGP %N (%u bytes)", pgp_packet_tag_names, t, len); + DBG3(DBG_LIB, "%B", data); return TRUE; } |