diff options
Diffstat (limited to 'src/libstrongswan')
209 files changed, 3432 insertions, 5288 deletions
diff --git a/src/libstrongswan/Android.mk b/src/libstrongswan/Android.mk new file mode 100644 index 000000000..d639220e3 --- /dev/null +++ b/src/libstrongswan/Android.mk @@ -0,0 +1,121 @@ +LOCAL_PATH := $(call my-dir) +include $(CLEAR_VARS) + +# copy-n-paste from Makefile.am +LOCAL_SRC_FILES := \ +library.c library.h \ +chunk.c chunk.h \ +debug.c debug.h \ +enum.c enum.h \ +settings.h settings.c \ +printf_hook.c printf_hook.h \ +asn1/asn1.c asn1/asn1.h \ +asn1/asn1_parser.c asn1/asn1_parser.h \ +asn1/oid.c asn1/oid.h \ +crypto/crypters/crypter.c crypto/crypters/crypter.h \ +crypto/hashers/hasher.h crypto/hashers/hasher.c \ +crypto/pkcs9.c crypto/pkcs9.h \ +crypto/proposal/proposal_keywords.c crypto/proposal/proposal_keywords.h \ +crypto/prfs/prf.c crypto/prfs/prf.h \ +crypto/rngs/rng.c crypto/rngs/rng.h \ +crypto/prf_plus.h crypto/prf_plus.c \ +crypto/signers/signer.c crypto/signers/signer.h \ +crypto/crypto_factory.c crypto/crypto_factory.h \ +crypto/crypto_tester.c crypto/crypto_tester.h \ +crypto/diffie_hellman.c crypto/diffie_hellman.h \ +crypto/transform.c crypto/transform.h \ +credentials/credential_factory.c credentials/credential_factory.h \ +credentials/builder.c credentials/builder.h \ +credentials/keys/key_encoding.c credentials/keys/key_encoding.h \ +credentials/keys/private_key.c credentials/keys/private_key.h \ +credentials/keys/public_key.c credentials/keys/public_key.h \ +credentials/keys/shared_key.c credentials/keys/shared_key.h \ +credentials/certificates/certificate.c credentials/certificates/certificate.h \ +credentials/certificates/x509.h credentials/certificates/x509.c \ +credentials/certificates/ac.h \ +credentials/certificates/crl.h credentials/certificates/crl.c \ +credentials/certificates/pkcs10.h \ +credentials/certificates/ocsp_request.h \ +credentials/certificates/ocsp_response.h credentials/certificates/ocsp_response.c \ +credentials/certificates/pgp_certificate.h \ +credentials/ietf_attributes/ietf_attributes.c credentials/ietf_attributes/ietf_attributes.h \ +database/database.h database/database_factory.h database/database_factory.c \ +fetcher/fetcher.h fetcher/fetcher_manager.h fetcher/fetcher_manager.c \ +selectors/traffic_selector.c selectors/traffic_selector.h \ +threading/thread.h threading/thread.c \ +threading/thread_value.h threading/thread_value.c \ +threading/mutex.h threading/mutex.c threading/condvar.h \ +threading/rwlock.h threading/rwlock.c \ +threading/lock_profiler.h \ +utils.h utils.c \ +utils/host.c utils/host.h \ +utils/identification.c utils/identification.h \ +utils/iterator.h \ +utils/lexparser.c utils/lexparser.h \ +utils/linked_list.c utils/linked_list.h \ +utils/hashtable.c utils/hashtable.h \ +utils/enumerator.c utils/enumerator.h \ +utils/optionsfrom.c utils/optionsfrom.h \ +utils/backtrace.c utils/backtrace.h \ +plugins/plugin_loader.c plugins/plugin_loader.h plugins/plugin.h + +# adding the plugin source files + +LOCAL_SRC_FILES += $(call add_plugin, aes) + +LOCAL_SRC_FILES += $(call add_plugin, des) + +LOCAL_SRC_FILES += $(call add_plugin, fips-prf) + +LOCAL_SRC_FILES += $(call add_plugin, gmp) +ifneq ($(call plugin_enabled, gmp)),) +LOCAL_C_INCLUDES += $(libgmp_PATH) +LOCAL_SHARED_LIBRARIES += libgmp +endif + +LOCAL_SRC_FILES += $(call add_plugin, hmac) + +LOCAL_SRC_FILES += $(call add_plugin, md4) + +LOCAL_SRC_FILES += $(call add_plugin, md5) + +LOCAL_SRC_FILES += $(call add_plugin, openssl) +ifneq ($(call plugin_enabled, openssl)),) +LOCAL_C_INCLUDES += external/openssl/include +LOCAL_SHARED_LIBRARIES += libcrypto +endif + +LOCAL_SRC_FILES += $(call add_plugin, pem) + +LOCAL_SRC_FILES += $(call add_plugin, pkcs1) + +LOCAL_SRC_FILES += $(call add_plugin, pubkey) + +LOCAL_SRC_FILES += $(call add_plugin, random) + +LOCAL_SRC_FILES += $(call add_plugin, sha1) + +LOCAL_SRC_FILES += $(call add_plugin, sha2) + +LOCAL_SRC_FILES += $(call add_plugin, x509) + +LOCAL_SRC_FILES += $(call add_plugin, xcbc) + +# build libstrongswan ---------------------------------------------------------- + +LOCAL_C_INCLUDES += \ + $(libvstr_PATH) + +LOCAL_CFLAGS := $(strongswan_CFLAGS) \ + -include $(LOCAL_PATH)/AndroidConfigLocal.h + +LOCAL_MODULE := libstrongswan + +LOCAL_ARM_MODE := arm + +LOCAL_PRELINK_MODULE := false + +LOCAL_SHARED_LIBRARIES += libdl libvstr + +include $(BUILD_SHARED_LIBRARY) + diff --git a/src/libstrongswan/AndroidConfigLocal.h b/src/libstrongswan/AndroidConfigLocal.h new file mode 100644 index 000000000..a6da3276a --- /dev/null +++ b/src/libstrongswan/AndroidConfigLocal.h @@ -0,0 +1,9 @@ +/* stuff defined in AndroidConfig.h, which is included using the -include + * command-line option, thus cannot be undefined using -U CFLAGS options. + * the reason we have to undefine these flags in the first place, is that + * AndroidConfig.h defines them as 0, which in turn means that they are + * actually defined. */ + +#undef HAVE_BACKTRACE +#undef HAVE_DLADDR + diff --git a/src/libstrongswan/Makefile.am b/src/libstrongswan/Makefile.am index 7ee15052c..157d37b5e 100644 --- a/src/libstrongswan/Makefile.am +++ b/src/libstrongswan/Makefile.am @@ -10,9 +10,6 @@ printf_hook.c printf_hook.h \ asn1/asn1.c asn1/asn1.h \ asn1/asn1_parser.c asn1/asn1_parser.h \ asn1/oid.c asn1/oid.h \ -attributes/attributes.c attributes/attributes.h \ -attributes/attribute_provider.h attributes/attribute_handler.h \ -attributes/attribute_manager.c attributes/attribute_manager.h \ crypto/crypters/crypter.c crypto/crypters/crypter.h \ crypto/hashers/hasher.h crypto/hashers/hasher.c \ crypto/pkcs9.c crypto/pkcs9.h \ @@ -90,7 +87,8 @@ endif EXTRA_DIST = \ asn1/oid.txt asn1/oid.pl \ -crypto/proposal/proposal_keywords.txt +crypto/proposal/proposal_keywords.txt \ +Android.mk AndroidConfigLocal.h BUILT_SOURCES = \ $(srcdir)/asn1/oid.c $(srcdir)/asn1/oid.h \ @@ -115,116 +113,197 @@ $(srcdir)/crypto/proposal/proposal_keywords.c: $(srcdir)/crypto/proposal/proposa # build plugins with their own Makefile ####################################### +if MONOLITHIC +SUBDIRS = +else SUBDIRS = . +endif if USE_AES SUBDIRS += plugins/aes +if MONOLITHIC + libstrongswan_la_LIBADD += plugins/aes/libstrongswan-aes.la +endif endif if USE_DES SUBDIRS += plugins/des +if MONOLITHIC + libstrongswan_la_LIBADD += plugins/des/libstrongswan-des.la +endif endif if USE_BLOWFISH SUBDIRS += plugins/blowfish +if MONOLITHIC + libstrongswan_la_LIBADD += plugins/blowfish/libstrongswan-blowfish.la +endif endif if USE_MD4 SUBDIRS += plugins/md4 +if MONOLITHIC + libstrongswan_la_LIBADD += plugins/md4/libstrongswan-md4.la +endif endif if USE_MD5 SUBDIRS += plugins/md5 +if MONOLITHIC + libstrongswan_la_LIBADD += plugins/md5/libstrongswan-md5.la +endif endif if USE_SHA1 SUBDIRS += plugins/sha1 +if MONOLITHIC + libstrongswan_la_LIBADD += plugins/sha1/libstrongswan-sha1.la +endif endif if USE_SHA2 SUBDIRS += plugins/sha2 +if MONOLITHIC + libstrongswan_la_LIBADD += plugins/sha2/libstrongswan-sha2.la endif - -if USE_FIPS_PRF - SUBDIRS += plugins/fips_prf endif if USE_GMP SUBDIRS += plugins/gmp +if MONOLITHIC + libstrongswan_la_LIBADD += plugins/gmp/libstrongswan-gmp.la +endif endif if USE_RANDOM SUBDIRS += plugins/random +if MONOLITHIC + libstrongswan_la_LIBADD += plugins/random/libstrongswan-random.la +endif endif if USE_HMAC SUBDIRS += plugins/hmac +if MONOLITHIC + libstrongswan_la_LIBADD += plugins/hmac/libstrongswan-hmac.la +endif endif if USE_XCBC SUBDIRS += plugins/xcbc +if MONOLITHIC + libstrongswan_la_LIBADD += plugins/xcbc/libstrongswan-xcbc.la +endif endif if USE_X509 SUBDIRS += plugins/x509 +if MONOLITHIC + libstrongswan_la_LIBADD += plugins/x509/libstrongswan-x509.la +endif endif if USE_PUBKEY SUBDIRS += plugins/pubkey +if MONOLITHIC + libstrongswan_la_LIBADD += plugins/pubkey/libstrongswan-pubkey.la +endif endif if USE_PKCS1 SUBDIRS += plugins/pkcs1 +if MONOLITHIC + libstrongswan_la_LIBADD += plugins/pkcs1/libstrongswan-pkcs1.la +endif endif if USE_PGP SUBDIRS += plugins/pgp +if MONOLITHIC + libstrongswan_la_LIBADD += plugins/pgp/libstrongswan-pgp.la +endif endif if USE_DNSKEY SUBDIRS += plugins/dnskey +if MONOLITHIC + libstrongswan_la_LIBADD += plugins/dnskey/libstrongswan-dnskey.la +endif endif if USE_PEM SUBDIRS += plugins/pem +if MONOLITHIC + libstrongswan_la_LIBADD += plugins/pem/libstrongswan-pem.la +endif endif if USE_CURL SUBDIRS += plugins/curl +if MONOLITHIC + libstrongswan_la_LIBADD += plugins/curl/libstrongswan-curl.la +endif endif if USE_LDAP SUBDIRS += plugins/ldap +if MONOLITHIC + libstrongswan_la_LIBADD += plugins/ldap/libstrongswan-ldap.la +endif endif if USE_MYSQL SUBDIRS += plugins/mysql +if MONOLITHIC + libstrongswan_la_LIBADD += plugins/mysql/libstrongswan-mysql.la +endif endif if USE_SQLITE SUBDIRS += plugins/sqlite +if MONOLITHIC + libstrongswan_la_LIBADD += plugins/sqlite/libstrongswan-sqlite.la endif - -if USE_ATTR_SQL - SUBDIRS += plugins/attr_sql endif if USE_PADLOCK SUBDIRS += plugins/padlock +if MONOLITHIC + libstrongswan_la_LIBADD += plugins/padlock/libstrongswan-padlock.la +endif endif if USE_OPENSSL SUBDIRS += plugins/openssl +if MONOLITHIC + libstrongswan_la_LIBADD += plugins/openssl/libstrongswan-openssl.la +endif endif if USE_GCRYPT SUBDIRS += plugins/gcrypt +if MONOLITHIC + libstrongswan_la_LIBADD += plugins/gcrypt/libstrongswan-gcrypt.la +endif +endif + +if USE_FIPS_PRF + SUBDIRS += plugins/fips_prf +if MONOLITHIC + libstrongswan_la_LIBADD += plugins/fips_prf/libstrongswan-fips-prf.la +endif endif if USE_AGENT SUBDIRS += plugins/agent +if MONOLITHIC + libstrongswan_la_LIBADD += plugins/agent/libstrongswan-agent.la +endif endif if USE_TEST_VECTORS SUBDIRS += plugins/test_vectors +if MONOLITHIC + libstrongswan_la_LIBADD += plugins/test_vectors/libstrongswan-test-vectors.la +endif endif diff --git a/src/libstrongswan/Makefile.in b/src/libstrongswan/Makefile.in index 729d32eb3..b8d967d4a 100644 --- a/src/libstrongswan/Makefile.in +++ b/src/libstrongswan/Makefile.in @@ -45,33 +45,59 @@ host_triplet = @host@ @USE_VSTR_TRUE@am__append_6 = -lvstr @USE_AES_TRUE@am__append_7 = plugins/aes -@USE_DES_TRUE@am__append_8 = plugins/des -@USE_BLOWFISH_TRUE@am__append_9 = plugins/blowfish -@USE_MD4_TRUE@am__append_10 = plugins/md4 -@USE_MD5_TRUE@am__append_11 = plugins/md5 -@USE_SHA1_TRUE@am__append_12 = plugins/sha1 -@USE_SHA2_TRUE@am__append_13 = plugins/sha2 -@USE_FIPS_PRF_TRUE@am__append_14 = plugins/fips_prf -@USE_GMP_TRUE@am__append_15 = plugins/gmp -@USE_RANDOM_TRUE@am__append_16 = plugins/random -@USE_HMAC_TRUE@am__append_17 = plugins/hmac -@USE_XCBC_TRUE@am__append_18 = plugins/xcbc -@USE_X509_TRUE@am__append_19 = plugins/x509 -@USE_PUBKEY_TRUE@am__append_20 = plugins/pubkey -@USE_PKCS1_TRUE@am__append_21 = plugins/pkcs1 -@USE_PGP_TRUE@am__append_22 = plugins/pgp -@USE_DNSKEY_TRUE@am__append_23 = plugins/dnskey -@USE_PEM_TRUE@am__append_24 = plugins/pem -@USE_CURL_TRUE@am__append_25 = plugins/curl -@USE_LDAP_TRUE@am__append_26 = plugins/ldap -@USE_MYSQL_TRUE@am__append_27 = plugins/mysql -@USE_SQLITE_TRUE@am__append_28 = plugins/sqlite -@USE_ATTR_SQL_TRUE@am__append_29 = plugins/attr_sql -@USE_PADLOCK_TRUE@am__append_30 = plugins/padlock -@USE_OPENSSL_TRUE@am__append_31 = plugins/openssl -@USE_GCRYPT_TRUE@am__append_32 = plugins/gcrypt -@USE_AGENT_TRUE@am__append_33 = plugins/agent -@USE_TEST_VECTORS_TRUE@am__append_34 = plugins/test_vectors +@MONOLITHIC_TRUE@@USE_AES_TRUE@am__append_8 = plugins/aes/libstrongswan-aes.la +@USE_DES_TRUE@am__append_9 = plugins/des +@MONOLITHIC_TRUE@@USE_DES_TRUE@am__append_10 = plugins/des/libstrongswan-des.la +@USE_BLOWFISH_TRUE@am__append_11 = plugins/blowfish +@MONOLITHIC_TRUE@@USE_BLOWFISH_TRUE@am__append_12 = plugins/blowfish/libstrongswan-blowfish.la +@USE_MD4_TRUE@am__append_13 = plugins/md4 +@MONOLITHIC_TRUE@@USE_MD4_TRUE@am__append_14 = plugins/md4/libstrongswan-md4.la +@USE_MD5_TRUE@am__append_15 = plugins/md5 +@MONOLITHIC_TRUE@@USE_MD5_TRUE@am__append_16 = plugins/md5/libstrongswan-md5.la +@USE_SHA1_TRUE@am__append_17 = plugins/sha1 +@MONOLITHIC_TRUE@@USE_SHA1_TRUE@am__append_18 = plugins/sha1/libstrongswan-sha1.la +@USE_SHA2_TRUE@am__append_19 = plugins/sha2 +@MONOLITHIC_TRUE@@USE_SHA2_TRUE@am__append_20 = plugins/sha2/libstrongswan-sha2.la +@USE_GMP_TRUE@am__append_21 = plugins/gmp +@MONOLITHIC_TRUE@@USE_GMP_TRUE@am__append_22 = plugins/gmp/libstrongswan-gmp.la +@USE_RANDOM_TRUE@am__append_23 = plugins/random +@MONOLITHIC_TRUE@@USE_RANDOM_TRUE@am__append_24 = plugins/random/libstrongswan-random.la +@USE_HMAC_TRUE@am__append_25 = plugins/hmac +@MONOLITHIC_TRUE@@USE_HMAC_TRUE@am__append_26 = plugins/hmac/libstrongswan-hmac.la +@USE_XCBC_TRUE@am__append_27 = plugins/xcbc +@MONOLITHIC_TRUE@@USE_XCBC_TRUE@am__append_28 = plugins/xcbc/libstrongswan-xcbc.la +@USE_X509_TRUE@am__append_29 = plugins/x509 +@MONOLITHIC_TRUE@@USE_X509_TRUE@am__append_30 = plugins/x509/libstrongswan-x509.la +@USE_PUBKEY_TRUE@am__append_31 = plugins/pubkey +@MONOLITHIC_TRUE@@USE_PUBKEY_TRUE@am__append_32 = plugins/pubkey/libstrongswan-pubkey.la +@USE_PKCS1_TRUE@am__append_33 = plugins/pkcs1 +@MONOLITHIC_TRUE@@USE_PKCS1_TRUE@am__append_34 = plugins/pkcs1/libstrongswan-pkcs1.la +@USE_PGP_TRUE@am__append_35 = plugins/pgp +@MONOLITHIC_TRUE@@USE_PGP_TRUE@am__append_36 = plugins/pgp/libstrongswan-pgp.la +@USE_DNSKEY_TRUE@am__append_37 = plugins/dnskey +@MONOLITHIC_TRUE@@USE_DNSKEY_TRUE@am__append_38 = plugins/dnskey/libstrongswan-dnskey.la +@USE_PEM_TRUE@am__append_39 = plugins/pem +@MONOLITHIC_TRUE@@USE_PEM_TRUE@am__append_40 = plugins/pem/libstrongswan-pem.la +@USE_CURL_TRUE@am__append_41 = plugins/curl +@MONOLITHIC_TRUE@@USE_CURL_TRUE@am__append_42 = plugins/curl/libstrongswan-curl.la +@USE_LDAP_TRUE@am__append_43 = plugins/ldap +@MONOLITHIC_TRUE@@USE_LDAP_TRUE@am__append_44 = plugins/ldap/libstrongswan-ldap.la +@USE_MYSQL_TRUE@am__append_45 = plugins/mysql +@MONOLITHIC_TRUE@@USE_MYSQL_TRUE@am__append_46 = plugins/mysql/libstrongswan-mysql.la +@USE_SQLITE_TRUE@am__append_47 = plugins/sqlite +@MONOLITHIC_TRUE@@USE_SQLITE_TRUE@am__append_48 = plugins/sqlite/libstrongswan-sqlite.la +@USE_PADLOCK_TRUE@am__append_49 = plugins/padlock +@MONOLITHIC_TRUE@@USE_PADLOCK_TRUE@am__append_50 = plugins/padlock/libstrongswan-padlock.la +@USE_OPENSSL_TRUE@am__append_51 = plugins/openssl +@MONOLITHIC_TRUE@@USE_OPENSSL_TRUE@am__append_52 = plugins/openssl/libstrongswan-openssl.la +@USE_GCRYPT_TRUE@am__append_53 = plugins/gcrypt +@MONOLITHIC_TRUE@@USE_GCRYPT_TRUE@am__append_54 = plugins/gcrypt/libstrongswan-gcrypt.la +@USE_FIPS_PRF_TRUE@am__append_55 = plugins/fips_prf +@MONOLITHIC_TRUE@@USE_FIPS_PRF_TRUE@am__append_56 = plugins/fips_prf/libstrongswan-fips-prf.la +@USE_AGENT_TRUE@am__append_57 = plugins/agent +@MONOLITHIC_TRUE@@USE_AGENT_TRUE@am__append_58 = plugins/agent/libstrongswan-agent.la +@USE_TEST_VECTORS_TRUE@am__append_59 = plugins/test_vectors +@MONOLITHIC_TRUE@@USE_TEST_VECTORS_TRUE@am__append_60 = plugins/test_vectors/libstrongswan-test-vectors.la subdir = src/libstrongswan DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 @@ -115,14 +141,20 @@ am__DEPENDENCIES_1 = libstrongswan_la_DEPENDENCIES = $(am__DEPENDENCIES_1) \ $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) + $(am__DEPENDENCIES_1) $(am__append_8) $(am__append_10) \ + $(am__append_12) $(am__append_14) $(am__append_16) \ + $(am__append_18) $(am__append_20) $(am__append_22) \ + $(am__append_24) $(am__append_26) $(am__append_28) \ + $(am__append_30) $(am__append_32) $(am__append_34) \ + $(am__append_36) $(am__append_38) $(am__append_40) \ + $(am__append_42) $(am__append_44) $(am__append_46) \ + $(am__append_48) $(am__append_50) $(am__append_52) \ + $(am__append_54) $(am__append_56) $(am__append_58) \ + $(am__append_60) am__libstrongswan_la_SOURCES_DIST = library.c library.h chunk.c \ chunk.h debug.c debug.h enum.c enum.h settings.h settings.c \ printf_hook.c printf_hook.h asn1/asn1.c asn1/asn1.h \ asn1/asn1_parser.c asn1/asn1_parser.h asn1/oid.c asn1/oid.h \ - attributes/attributes.c attributes/attributes.h \ - attributes/attribute_provider.h attributes/attribute_handler.h \ - attributes/attribute_manager.c attributes/attribute_manager.h \ crypto/crypters/crypter.c crypto/crypters/crypter.h \ crypto/hashers/hasher.h crypto/hashers/hasher.c crypto/pkcs9.c \ crypto/pkcs9.h crypto/proposal/proposal_keywords.c \ @@ -173,10 +205,10 @@ am__libstrongswan_la_SOURCES_DIST = library.c library.h chunk.c \ @USE_INTEGRITY_TEST_TRUE@am__objects_2 = integrity_checker.lo am_libstrongswan_la_OBJECTS = library.lo chunk.lo debug.lo enum.lo \ settings.lo printf_hook.lo asn1.lo asn1_parser.lo oid.lo \ - attributes.lo attribute_manager.lo crypter.lo hasher.lo \ - pkcs9.lo proposal_keywords.lo prf.lo rng.lo prf_plus.lo \ - signer.lo crypto_factory.lo crypto_tester.lo diffie_hellman.lo \ - transform.lo credential_factory.lo builder.lo key_encoding.lo \ + crypter.lo hasher.lo pkcs9.lo proposal_keywords.lo prf.lo \ + rng.lo prf_plus.lo signer.lo crypto_factory.lo \ + crypto_tester.lo diffie_hellman.lo transform.lo \ + credential_factory.lo builder.lo key_encoding.lo \ private_key.lo public_key.lo shared_key.lo certificate.lo \ x509.lo crl.lo ocsp_response.lo ietf_attributes.lo \ database_factory.lo fetcher_manager.lo traffic_selector.lo \ @@ -215,13 +247,12 @@ AM_RECURSIVE_TARGETS = $(RECURSIVE_TARGETS:-recursive=) \ ETAGS = etags CTAGS = ctags DIST_SUBDIRS = . plugins/aes plugins/des plugins/blowfish plugins/md4 \ - plugins/md5 plugins/sha1 plugins/sha2 plugins/fips_prf \ - plugins/gmp plugins/random plugins/hmac plugins/xcbc \ - plugins/x509 plugins/pubkey plugins/pkcs1 plugins/pgp \ - plugins/dnskey plugins/pem plugins/curl plugins/ldap \ - plugins/mysql plugins/sqlite plugins/attr_sql plugins/padlock \ - plugins/openssl plugins/gcrypt plugins/agent \ - plugins/test_vectors + plugins/md5 plugins/sha1 plugins/sha2 plugins/gmp \ + plugins/random plugins/hmac plugins/xcbc plugins/x509 \ + plugins/pubkey plugins/pkcs1 plugins/pgp plugins/dnskey \ + plugins/pem plugins/curl plugins/ldap plugins/mysql \ + plugins/sqlite plugins/padlock plugins/openssl plugins/gcrypt \ + plugins/fips_prf plugins/agent plugins/test_vectors DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) am__relativize = \ dir0=`pwd`; \ @@ -368,6 +399,7 @@ ipsecuid = @ipsecuid@ ipsecuser = @ipsecuser@ libdir = @libdir@ libexecdir = @libexecdir@ +libhydra_plugins = @libhydra_plugins@ libstrongswan_plugins = @libstrongswan_plugins@ linux_headers = @linux_headers@ localedir = @localedir@ @@ -407,9 +439,6 @@ libstrongswan_la_SOURCES = library.c library.h chunk.c chunk.h debug.c \ debug.h enum.c enum.h settings.h settings.c printf_hook.c \ printf_hook.h asn1/asn1.c asn1/asn1.h asn1/asn1_parser.c \ asn1/asn1_parser.h asn1/oid.c asn1/oid.h \ - attributes/attributes.c attributes/attributes.h \ - attributes/attribute_provider.h attributes/attribute_handler.h \ - attributes/attribute_manager.c attributes/attribute_manager.h \ crypto/crypters/crypter.c crypto/crypters/crypter.h \ crypto/hashers/hasher.h crypto/hashers/hasher.c crypto/pkcs9.c \ crypto/pkcs9.h crypto/proposal/proposal_keywords.c \ @@ -456,14 +485,24 @@ libstrongswan_la_SOURCES = library.c library.h chunk.c chunk.h debug.c \ plugins/plugin_loader.h plugins/plugin.h $(am__append_2) \ $(am__append_5) libstrongswan_la_LIBADD = $(PTHREADLIB) $(DLLIB) $(BTLIB) $(SOCKLIB) \ - $(RTLIB) $(am__append_6) + $(RTLIB) $(am__append_6) $(am__append_8) $(am__append_10) \ + $(am__append_12) $(am__append_14) $(am__append_16) \ + $(am__append_18) $(am__append_20) $(am__append_22) \ + $(am__append_24) $(am__append_26) $(am__append_28) \ + $(am__append_30) $(am__append_32) $(am__append_34) \ + $(am__append_36) $(am__append_38) $(am__append_40) \ + $(am__append_42) $(am__append_44) $(am__append_46) \ + $(am__append_48) $(am__append_50) $(am__append_52) \ + $(am__append_54) $(am__append_56) $(am__append_58) \ + $(am__append_60) INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -DIPSEC_DIR=\"${ipsecdir}\" -DPLUGINDIR=\"${plugindir}\" \ -DSTRONGSWAN_CONF=\"${strongswan_conf}\" $(am__append_1) \ $(am__append_3) $(am__append_4) EXTRA_DIST = \ asn1/oid.txt asn1/oid.pl \ -crypto/proposal/proposal_keywords.txt +crypto/proposal/proposal_keywords.txt \ +Android.mk AndroidConfigLocal.h BUILT_SOURCES = \ $(srcdir)/asn1/oid.c $(srcdir)/asn1/oid.h \ @@ -473,19 +512,37 @@ MAINTAINERCLEANFILES = \ $(srcdir)/asn1/oid.c $(srcdir)/asn1/oid.h \ $(srcdir)/crypto/proposal/proposal_keywords.c +@MONOLITHIC_FALSE@SUBDIRS = . $(am__append_7) $(am__append_9) \ +@MONOLITHIC_FALSE@ $(am__append_11) $(am__append_13) \ +@MONOLITHIC_FALSE@ $(am__append_15) $(am__append_17) \ +@MONOLITHIC_FALSE@ $(am__append_19) $(am__append_21) \ +@MONOLITHIC_FALSE@ $(am__append_23) $(am__append_25) \ +@MONOLITHIC_FALSE@ $(am__append_27) $(am__append_29) \ +@MONOLITHIC_FALSE@ $(am__append_31) $(am__append_33) \ +@MONOLITHIC_FALSE@ $(am__append_35) $(am__append_37) \ +@MONOLITHIC_FALSE@ $(am__append_39) $(am__append_41) \ +@MONOLITHIC_FALSE@ $(am__append_43) $(am__append_45) \ +@MONOLITHIC_FALSE@ $(am__append_47) $(am__append_49) \ +@MONOLITHIC_FALSE@ $(am__append_51) $(am__append_53) \ +@MONOLITHIC_FALSE@ $(am__append_55) $(am__append_57) \ +@MONOLITHIC_FALSE@ $(am__append_59) # build plugins with their own Makefile ####################################### -SUBDIRS = . $(am__append_7) $(am__append_8) $(am__append_9) \ - $(am__append_10) $(am__append_11) $(am__append_12) \ - $(am__append_13) $(am__append_14) $(am__append_15) \ - $(am__append_16) $(am__append_17) $(am__append_18) \ - $(am__append_19) $(am__append_20) $(am__append_21) \ - $(am__append_22) $(am__append_23) $(am__append_24) \ - $(am__append_25) $(am__append_26) $(am__append_27) \ - $(am__append_28) $(am__append_29) $(am__append_30) \ - $(am__append_31) $(am__append_32) $(am__append_33) \ - $(am__append_34) +@MONOLITHIC_TRUE@SUBDIRS = $(am__append_7) $(am__append_9) \ +@MONOLITHIC_TRUE@ $(am__append_11) $(am__append_13) \ +@MONOLITHIC_TRUE@ $(am__append_15) $(am__append_17) \ +@MONOLITHIC_TRUE@ $(am__append_19) $(am__append_21) \ +@MONOLITHIC_TRUE@ $(am__append_23) $(am__append_25) \ +@MONOLITHIC_TRUE@ $(am__append_27) $(am__append_29) \ +@MONOLITHIC_TRUE@ $(am__append_31) $(am__append_33) \ +@MONOLITHIC_TRUE@ $(am__append_35) $(am__append_37) \ +@MONOLITHIC_TRUE@ $(am__append_39) $(am__append_41) \ +@MONOLITHIC_TRUE@ $(am__append_43) $(am__append_45) \ +@MONOLITHIC_TRUE@ $(am__append_47) $(am__append_49) \ +@MONOLITHIC_TRUE@ $(am__append_51) $(am__append_53) \ +@MONOLITHIC_TRUE@ $(am__append_55) $(am__append_57) \ +@MONOLITHIC_TRUE@ $(am__append_59) all: $(BUILT_SOURCES) $(MAKE) $(AM_MAKEFLAGS) all-recursive @@ -563,8 +620,6 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_parser.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/attribute_manager.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/attributes.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/backtrace.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/builder.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/certificate.Plo@am__quote@ @@ -657,20 +712,6 @@ oid.lo: asn1/oid.c @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o oid.lo `test -f 'asn1/oid.c' || echo '$(srcdir)/'`asn1/oid.c -attributes.lo: attributes/attributes.c -@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT attributes.lo -MD -MP -MF $(DEPDIR)/attributes.Tpo -c -o attributes.lo `test -f 'attributes/attributes.c' || echo '$(srcdir)/'`attributes/attributes.c -@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/attributes.Tpo $(DEPDIR)/attributes.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='attributes/attributes.c' object='attributes.lo' libtool=yes @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o attributes.lo `test -f 'attributes/attributes.c' || echo '$(srcdir)/'`attributes/attributes.c - -attribute_manager.lo: attributes/attribute_manager.c -@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT attribute_manager.lo -MD -MP -MF $(DEPDIR)/attribute_manager.Tpo -c -o attribute_manager.lo `test -f 'attributes/attribute_manager.c' || echo '$(srcdir)/'`attributes/attribute_manager.c -@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/attribute_manager.Tpo $(DEPDIR)/attribute_manager.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='attributes/attribute_manager.c' object='attribute_manager.lo' libtool=yes @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o attribute_manager.lo `test -f 'attributes/attribute_manager.c' || echo '$(srcdir)/'`attributes/attribute_manager.c - crypter.lo: crypto/crypters/crypter.c @am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT crypter.lo -MD -MP -MF $(DEPDIR)/crypter.Tpo -c -o crypter.lo `test -f 'crypto/crypters/crypter.c' || echo '$(srcdir)/'`crypto/crypters/crypter.c @am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/crypter.Tpo $(DEPDIR)/crypter.Plo diff --git a/src/libstrongswan/asn1/asn1.c b/src/libstrongswan/asn1/asn1.c index 763caafc4..6264bdc54 100644 --- a/src/libstrongswan/asn1/asn1.c +++ b/src/libstrongswan/asn1/asn1.c @@ -19,7 +19,6 @@ #include <string.h> #include <time.h> -#include <utils.h> #include <debug.h> #include "oid.h" @@ -134,7 +133,7 @@ size_t asn1_length(chunk_t *blob) if (blob->len < 2) { - DBG2("insufficient number of octets to parse ASN.1 length"); + DBG2(DBG_LIB, "insufficient number of octets to parse ASN.1 length"); return ASN1_INVALID_LENGTH; } @@ -146,7 +145,7 @@ size_t asn1_length(chunk_t *blob) { /* single length octet */ if (n > blob->len) { - DBG2("length is larger than remaining blob size"); + DBG2(DBG_LIB, "length is larger than remaining blob size"); return ASN1_INVALID_LENGTH; } return n; @@ -157,14 +156,14 @@ size_t asn1_length(chunk_t *blob) if (n == 0 || n > blob->len) { - DBG2("number of length octets invalid"); + DBG2(DBG_LIB, "number of length octets invalid"); return ASN1_INVALID_LENGTH; } if (n > sizeof(len)) { - DBG2("number of length octets is larger than limit of %d octets", - (int)sizeof(len)); + DBG2(DBG_LIB, "number of length octets is larger than limit of" + " %d octets", (int)sizeof(len)); return ASN1_INVALID_LENGTH; } @@ -177,7 +176,7 @@ size_t asn1_length(chunk_t *blob) } if (len > blob->len) { - DBG2("length is larger than remaining blob size"); + DBG2(DBG_LIB, "length is larger than remaining blob size"); return ASN1_INVALID_LENGTH; } return len; @@ -377,7 +376,7 @@ void asn1_debug_simple_object(chunk_t object, asn1_t type, bool private) oid = asn1_known_oid(object); if (oid != OID_UNKNOWN) { - DBG2(" '%s'", oid_names[oid].name); + DBG2(DBG_LIB, " '%s'", oid_names[oid].name); return; } break; @@ -386,14 +385,14 @@ void asn1_debug_simple_object(chunk_t object, asn1_t type, bool private) case ASN1_PRINTABLESTRING: case ASN1_T61STRING: case ASN1_VISIBLESTRING: - DBG2(" '%.*s'", (int)object.len, object.ptr); + DBG2(DBG_LIB, " '%.*s'", (int)object.len, object.ptr); return; case ASN1_UTCTIME: case ASN1_GENERALIZEDTIME: { time_t time = asn1_to_time(&object, type); - DBG2(" '%T'", &time, TRUE); + DBG2(DBG_LIB, " '%T'", &time, TRUE); } return; default: @@ -401,11 +400,11 @@ void asn1_debug_simple_object(chunk_t object, asn1_t type, bool private) } if (private) { - DBG4("%B", &object); + DBG4(DBG_LIB, "%B", &object); } else { - DBG3("%B", &object); + DBG3(DBG_LIB, "%B", &object); } } @@ -419,13 +418,14 @@ bool asn1_parse_simple_object(chunk_t *object, asn1_t type, u_int level, const c /* an ASN.1 object must possess at least a tag and length field */ if (object->len < 2) { - DBG2("L%d - %s: ASN.1 object smaller than 2 octets", level, name); + DBG2(DBG_LIB, "L%d - %s: ASN.1 object smaller than 2 octets", level, + name); return FALSE; } if (*object->ptr != type) { - DBG2("L%d - %s: ASN1 tag 0x%02x expected, but is 0x%02x", + DBG2(DBG_LIB, "L%d - %s: ASN1 tag 0x%02x expected, but is 0x%02x", level, name, type, *object->ptr); return FALSE; } @@ -434,12 +434,12 @@ bool asn1_parse_simple_object(chunk_t *object, asn1_t type, u_int level, const c if (len == ASN1_INVALID_LENGTH || object->len < len) { - DBG2("L%d - %s: length of ASN.1 object invalid or too large", + DBG2(DBG_LIB, "L%d - %s: length of ASN.1 object invalid or too large", level, name); return FALSE; } - DBG2("L%d - %s:", level, name); + DBG2(DBG_LIB, "L%d - %s:", level, name); asn1_debug_simple_object(*object, type, FALSE); return TRUE; } @@ -501,7 +501,7 @@ bool is_asn1(chunk_t blob) if (tag != ASN1_SEQUENCE && tag != ASN1_SET && tag != ASN1_OCTET_STRING) { - DBG2(" file content is not binary ASN.1"); + DBG2(DBG_LIB, " file content is not binary ASN.1"); return FALSE; } @@ -519,7 +519,7 @@ bool is_asn1(chunk_t blob) return TRUE; } - DBG2(" file size does not match ASN.1 coded length"); + DBG2(DBG_LIB, " file size does not match ASN.1 coded length"); return FALSE; } diff --git a/src/libstrongswan/asn1/asn1.h b/src/libstrongswan/asn1/asn1.h index d29190df7..866c28095 100644 --- a/src/libstrongswan/asn1/asn1.h +++ b/src/libstrongswan/asn1/asn1.h @@ -25,8 +25,7 @@ #include <stdarg.h> -#include <utils.h> -#include <chunk.h> +#include <library.h> /** * Definition of some primitive ASN1 types diff --git a/src/libstrongswan/asn1/asn1_parser.c b/src/libstrongswan/asn1/asn1_parser.c index dc7726ad7..3e5bbbabd 100644 --- a/src/libstrongswan/asn1/asn1_parser.c +++ b/src/libstrongswan/asn1/asn1_parser.c @@ -19,7 +19,6 @@ #include <string.h> #include <time.h> -#include <utils.h> #include <debug.h> #include "asn1.h" @@ -123,7 +122,7 @@ static bool iterate(private_asn1_parser_t *this, int *objectID, chunk_t *object) if ((obj.flags & ASN1_DEF) && (blob->len == 0 || *start_ptr != obj.type) ) { /* field is missing */ - DBG2("L%d - %s:", level, obj.name); + DBG2(DBG_LIB, "L%d - %s:", level, obj.name); if (obj.type & ASN1_CONSTRUCTED) { this->line++ ; /* skip context-specific tag */ @@ -150,7 +149,7 @@ static bool iterate(private_asn1_parser_t *this, int *objectID, chunk_t *object) if (blob->len < 2) { - DBG1("L%d - %s: ASN.1 object smaller than 2 octets", + DBG1(DBG_LIB, "L%d - %s: ASN.1 object smaller than 2 octets", level, obj.name); this->success = FALSE; goto end; @@ -160,7 +159,7 @@ static bool iterate(private_asn1_parser_t *this, int *objectID, chunk_t *object) if (blob1->len == ASN1_INVALID_LENGTH) { - DBG1("L%d - %s: length of ASN.1 object invalid or too large", + DBG1(DBG_LIB, "L%d - %s: length of ASN.1 object invalid or too large", level, obj.name); this->success = FALSE; } @@ -173,7 +172,7 @@ static bool iterate(private_asn1_parser_t *this, int *objectID, chunk_t *object) if (obj.flags & ASN1_RAW) { - DBG2("L%d - %s:", level, obj.name); + DBG2(DBG_LIB, "L%d - %s:", level, obj.name); object->ptr = start_ptr; object->len = (size_t)(blob->ptr - start_ptr); goto end; @@ -181,14 +180,14 @@ static bool iterate(private_asn1_parser_t *this, int *objectID, chunk_t *object) if (*start_ptr != obj.type && !(this->implicit && this->line == 0)) { - DBG1("L%d - %s: ASN1 tag 0x%02x expected, but is 0x%02x", + DBG1(DBG_LIB, "L%d - %s: ASN1 tag 0x%02x expected, but is 0x%02x", level, obj.name, obj.type, *start_ptr); - DBG3("%b", start_ptr, (u_int)(blob->ptr - start_ptr)); + DBG3(DBG_LIB, "%b", start_ptr, (u_int)(blob->ptr - start_ptr)); this->success = FALSE; goto end; } - DBG2("L%d - %s:", level, obj.name); + DBG2(DBG_LIB, "L%d - %s:", level, obj.name); /* In case of "SEQUENCE OF" or "SET OF" start a loop */ if (obj.flags & ASN1_LOOP) @@ -217,11 +216,11 @@ static bool iterate(private_asn1_parser_t *this, int *objectID, chunk_t *object) object->len = (size_t)(blob->ptr - start_ptr); if (this->private) { - DBG4("%B", object); + DBG4(DBG_LIB, "%B", object); } else { - DBG3("%B", object); + DBG3(DBG_LIB, "%B", object); } } else if (obj.flags & ASN1_BODY) diff --git a/src/libstrongswan/asn1/asn1_parser.h b/src/libstrongswan/asn1/asn1_parser.h index 49325232d..0edc22c23 100644 --- a/src/libstrongswan/asn1/asn1_parser.h +++ b/src/libstrongswan/asn1/asn1_parser.h @@ -25,9 +25,9 @@ #include <stdarg.h> -#include <utils.h> -#include <chunk.h> -#include <asn1/asn1.h> +#include <library.h> + +#include "asn1.h" /** * Definition of ASN.1 flags diff --git a/src/libstrongswan/asn1/oid.h b/src/libstrongswan/asn1/oid.h index 32e2eb033..aa1fd31b0 100644 --- a/src/libstrongswan/asn1/oid.h +++ b/src/libstrongswan/asn1/oid.h @@ -41,6 +41,7 @@ extern const oid_t oid_names[]; #define OID_UNIQUE_IDENTIFIER 34 #define OID_ROLE 35 #define OID_SUBJECT_KEY_ID 38 +#define OID_KEY_USAGE 39 #define OID_SUBJECT_ALT_NAME 41 #define OID_BASIC_CONSTRAINTS 43 #define OID_CRL_NUMBER 44 diff --git a/src/libstrongswan/asn1/oid.txt b/src/libstrongswan/asn1/oid.txt index 203bc1f28..5d729c2eb 100644 --- a/src/libstrongswan/asn1/oid.txt +++ b/src/libstrongswan/asn1/oid.txt @@ -37,7 +37,7 @@ 0x1D "id-ce" 0x09 "subjectDirectoryAttrs" 0x0E "subjectKeyIdentifier" OID_SUBJECT_KEY_ID - 0x0F "keyUsage" + 0x0F "keyUsage" OID_KEY_USAGE 0x10 "privateKeyUsagePeriod" 0x11 "subjectAltName" OID_SUBJECT_ALT_NAME 0x12 "issuerAltName" diff --git a/src/libstrongswan/attributes/attribute_handler.h b/src/libstrongswan/attributes/attribute_handler.h deleted file mode 100644 index d042f47ef..000000000 --- a/src/libstrongswan/attributes/attribute_handler.h +++ /dev/null @@ -1,72 +0,0 @@ -/* - * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup attribute_handler attribute_handler - * @{ @ingroup attributes - */ - -#ifndef ATTRIBUTE_HANDLER_H_ -#define ATTRIBUTE_HANDLER_H_ - -#include <chunk.h> -#include <utils/host.h> -#include <utils/identification.h> - -#include "attributes.h" - -typedef struct attribute_handler_t attribute_handler_t; - -/** - * Interface to handle configuration payload attributes. - */ -struct attribute_handler_t { - - /** - * Handle a configuration attribute. - * - * After receiving a configuration attriubte, it is passed to each - * attribute handler until it is handled. - * - * @param server server from which the attribute was received - * @param type type of configuration attribute to handle - * @param data associated attribute data - * @return TRUE if attribute handled - */ - bool (*handle)(attribute_handler_t *this, identification_t *server, - configuration_attribute_type_t type, chunk_t data); - - /** - * Release an attribute handled during handle(). - * - * A handler that handle()d an attribute gets a call to release() when the - * connection gets closed. Depending on the implementation, this is required - * to remove the attribute. - */ - void (*release)(attribute_handler_t *this, identification_t *server, - configuration_attribute_type_t type, chunk_t data); - - /** - * Enumerate attributes to request from a server. - * - * @param server server identity to request attributes from - * @param vip virtual IP we are requesting, if any - * @return enumerator (configuration_attribute_type_t, chunk_t) - */ - enumerator_t* (*create_attribute_enumerator)(attribute_handler_t *this, - identification_t *server, host_t *vip); -}; - -#endif /** ATTRIBUTE_HANDLER_H_ @}*/ diff --git a/src/libstrongswan/attributes/attribute_manager.c b/src/libstrongswan/attributes/attribute_manager.c deleted file mode 100644 index 91fa1ebb5..000000000 --- a/src/libstrongswan/attributes/attribute_manager.c +++ /dev/null @@ -1,374 +0,0 @@ -/* - * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include "attribute_manager.h" - -#include <debug.h> -#include <utils/linked_list.h> -#include <threading/rwlock.h> - -typedef struct private_attribute_manager_t private_attribute_manager_t; - -/** - * private data of attribute_manager - */ -struct private_attribute_manager_t { - - /** - * public functions - */ - attribute_manager_t public; - - /** - * list of registered providers - */ - linked_list_t *providers; - - /** - * list of registered handlers - */ - linked_list_t *handlers; - - /** - * rwlock provider list - */ - rwlock_t *lock; -}; - -/** - * Data to pass to enumerator filters - */ -typedef struct { - /** server/peer identity */ - identification_t *id; - /** requesting/assigned virtual IP */ - host_t *vip; -} enum_data_t; - -/** - * Implementation of attribute_manager_t.acquire_address. - */ -static host_t* acquire_address(private_attribute_manager_t *this, - char *pool, identification_t *id, - host_t *requested) -{ - enumerator_t *enumerator; - attribute_provider_t *current; - host_t *host = NULL; - - this->lock->read_lock(this->lock); - enumerator = this->providers->create_enumerator(this->providers); - while (enumerator->enumerate(enumerator, ¤t)) - { - host = current->acquire_address(current, pool, id, requested); - if (host) - { - break; - } - } - enumerator->destroy(enumerator); - this->lock->unlock(this->lock); - - if (!host) - { - DBG1("acquiring address from pool '%s' failed", pool); - } - return host; -} - -/** - * Implementation of attribute_manager_t.release_address. - */ -static void release_address(private_attribute_manager_t *this, - char *pool, host_t *address, identification_t *id) -{ - enumerator_t *enumerator; - attribute_provider_t *current; - bool found = FALSE; - - this->lock->read_lock(this->lock); - enumerator = this->providers->create_enumerator(this->providers); - while (enumerator->enumerate(enumerator, ¤t)) - { - if (current->release_address(current, pool, address, id)) - { - found = TRUE; - break; - } - } - enumerator->destroy(enumerator); - this->lock->unlock(this->lock); - - if (!found) - { - DBG1("releasing address to pool '%s' failed", pool); - } -} - -/** - * inner enumerator constructor for responder attributes - */ -static enumerator_t *responder_enum_create(attribute_provider_t *provider, - enum_data_t *data) -{ - return provider->create_attribute_enumerator(provider, data->id, data->vip); -} - -/** - * Implementation of attribute_manager_t.create_responder_enumerator - */ -static enumerator_t* create_responder_enumerator( - private_attribute_manager_t *this, identification_t *id, host_t *vip) -{ - enum_data_t *data = malloc_thing(enum_data_t); - - data->id = id; - data->vip = vip; - this->lock->read_lock(this->lock); - return enumerator_create_cleaner( - enumerator_create_nested( - this->providers->create_enumerator(this->providers), - (void*)responder_enum_create, data, free), - (void*)this->lock->unlock, this->lock); -} - -/** - * Implementation of attribute_manager_t.add_provider. - */ -static void add_provider(private_attribute_manager_t *this, - attribute_provider_t *provider) -{ - this->lock->write_lock(this->lock); - this->providers->insert_last(this->providers, provider); - this->lock->unlock(this->lock); -} - -/** - * Implementation of attribute_manager_t.remove_provider. - */ -static void remove_provider(private_attribute_manager_t *this, - attribute_provider_t *provider) -{ - this->lock->write_lock(this->lock); - this->providers->remove(this->providers, provider, NULL); - this->lock->unlock(this->lock); -} - -/** - * Implementation of attribute_manager_t.handle - */ -static attribute_handler_t* handle(private_attribute_manager_t *this, - identification_t *server, attribute_handler_t *handler, - configuration_attribute_type_t type, chunk_t data) -{ - enumerator_t *enumerator; - attribute_handler_t *current, *handled = NULL; - - this->lock->read_lock(this->lock); - - /* try to find the passed handler */ - enumerator = this->handlers->create_enumerator(this->handlers); - while (enumerator->enumerate(enumerator, ¤t)) - { - if (current == handler && current->handle(current, server, type, data)) - { - handled = current; - break; - } - } - enumerator->destroy(enumerator); - if (!handled) - { /* handler requesting this attribute not found, try any other */ - enumerator = this->handlers->create_enumerator(this->handlers); - while (enumerator->enumerate(enumerator, ¤t)) - { - if (current->handle(current, server, type, data)) - { - handled = current; - break; - } - } - enumerator->destroy(enumerator); - } - this->lock->unlock(this->lock); - - if (!handled) - { - DBG1("handling %N attribute failed", - configuration_attribute_type_names, type); - } - return handled; -} - -/** - * Implementation of attribute_manager_t.release - */ -static void release(private_attribute_manager_t *this, - attribute_handler_t *handler, - identification_t *server, - configuration_attribute_type_t type, chunk_t data) -{ - enumerator_t *enumerator; - attribute_handler_t *current; - - this->lock->read_lock(this->lock); - enumerator = this->handlers->create_enumerator(this->handlers); - while (enumerator->enumerate(enumerator, ¤t)) - { - if (current == handler) - { - current->release(current, server, type, data); - break; - } - } - enumerator->destroy(enumerator); - this->lock->unlock(this->lock); -} - -/** - * Enumerator implementation to enumerate nested initiator attributes - */ -typedef struct { - /** implements enumerator_t */ - enumerator_t public; - /** back ref */ - private_attribute_manager_t *this; - /** currently processing handler */ - attribute_handler_t *handler; - /** outer enumerator over handlers */ - enumerator_t *outer; - /** inner enumerator over current handlers attributes */ - enumerator_t *inner; - /** server ID we want attributes for */ - identification_t *id; - /** virtual IP we are requesting along with attriubutes */ - host_t *vip; -} initiator_enumerator_t; - -/** - * Enumerator implementation for initiator attributes - */ -static bool initiator_enumerate(initiator_enumerator_t *this, - attribute_handler_t **handler, - configuration_attribute_type_t *type, - chunk_t *value) -{ - /* enumerate inner attributes using outer handler enumerator */ - while (!this->inner || !this->inner->enumerate(this->inner, type, value)) - { - if (!this->outer->enumerate(this->outer, &this->handler)) - { - return FALSE; - } - DESTROY_IF(this->inner); - this->inner = this->handler->create_attribute_enumerator(this->handler, - this->id, this->vip); - } - /* inject the handler as additional attribute */ - *handler = this->handler; - return TRUE; -} - -/** - * Cleanup function of initiator attribute enumerator - */ -static void initiator_destroy(initiator_enumerator_t *this) -{ - this->this->lock->unlock(this->this->lock); - this->outer->destroy(this->outer); - DESTROY_IF(this->inner); - free(this); -} - -/** - * Implementation of attribute_manager_t.create_initiator_enumerator - */ -static enumerator_t* create_initiator_enumerator( - private_attribute_manager_t *this, identification_t *id, host_t *vip) -{ - initiator_enumerator_t *enumerator = malloc_thing(initiator_enumerator_t); - - this->lock->read_lock(this->lock); - enumerator->public.enumerate = (void*)initiator_enumerate; - enumerator->public.destroy = (void*)initiator_destroy; - enumerator->this = this; - enumerator->id = id; - enumerator->vip = vip; - enumerator->outer = this->handlers->create_enumerator(this->handlers); - enumerator->inner = NULL; - enumerator->handler = NULL; - - return &enumerator->public; -} - -/** - * Implementation of attribute_manager_t.add_handler - */ -static void add_handler(private_attribute_manager_t *this, - attribute_handler_t *handler) -{ - this->lock->write_lock(this->lock); - this->handlers->insert_last(this->handlers, handler); - this->lock->unlock(this->lock); -} - -/** - * Implementation of attribute_manager_t.remove_handler - */ -static void remove_handler(private_attribute_manager_t *this, - attribute_handler_t *handler) -{ - this->lock->write_lock(this->lock); - this->handlers->remove(this->handlers, handler, NULL); - this->lock->unlock(this->lock); -} - -/** - * Implementation of attribute_manager_t.destroy - */ -static void destroy(private_attribute_manager_t *this) -{ - this->providers->destroy(this->providers); - this->handlers->destroy(this->handlers); - this->lock->destroy(this->lock); - free(this); -} - -/* - * see header file - */ -attribute_manager_t *attribute_manager_create() -{ - private_attribute_manager_t *this = malloc_thing(private_attribute_manager_t); - - this->public.acquire_address = (host_t*(*)(attribute_manager_t*, char*, identification_t*,host_t*))acquire_address; - this->public.release_address = (void(*)(attribute_manager_t*, char *, host_t*, identification_t*))release_address; - this->public.create_responder_enumerator = (enumerator_t*(*)(attribute_manager_t*, identification_t*, host_t*))create_responder_enumerator; - this->public.add_provider = (void(*)(attribute_manager_t*, attribute_provider_t *provider))add_provider; - this->public.remove_provider = (void(*)(attribute_manager_t*, attribute_provider_t *provider))remove_provider; - this->public.handle = (attribute_handler_t*(*)(attribute_manager_t*,identification_t*, attribute_handler_t*, configuration_attribute_type_t, chunk_t))handle; - this->public.release = (void(*)(attribute_manager_t*, attribute_handler_t*, identification_t*, configuration_attribute_type_t, chunk_t))release; - this->public.create_initiator_enumerator = (enumerator_t*(*)(attribute_manager_t*, identification_t*, host_t*))create_initiator_enumerator; - this->public.add_handler = (void(*)(attribute_manager_t*, attribute_handler_t*))add_handler; - this->public.remove_handler = (void(*)(attribute_manager_t*, attribute_handler_t*))remove_handler; - this->public.destroy = (void(*)(attribute_manager_t*))destroy; - - this->providers = linked_list_create(); - this->handlers = linked_list_create(); - this->lock = rwlock_create(RWLOCK_TYPE_DEFAULT); - - return &this->public; -} - diff --git a/src/libstrongswan/attributes/attribute_manager.h b/src/libstrongswan/attributes/attribute_manager.h deleted file mode 100644 index 642662366..000000000 --- a/src/libstrongswan/attributes/attribute_manager.h +++ /dev/null @@ -1,149 +0,0 @@ -/* - * Copyright (C) 2008-2009 Martin Willi - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup attribute_manager attribute_manager - * @{ @ingroup attributes - */ - -#ifndef ATTRIBUTE_MANAGER_H_ -#define ATTRIBUTE_MANAGER_H_ - -#include "attribute_provider.h" -#include "attribute_handler.h" - -typedef struct attribute_manager_t attribute_manager_t; - -/** - * The attribute manager hands out attributes or handles them. - * - * The attribute manager manages both, attribute providers and attribute - * handlers. Attribute providers are responsible to hand out attributes if - * a connecting peer requests them. Handlers handle such attributes if they - * are received on the requesting peer. - */ -struct attribute_manager_t { - - /** - * Acquire a virtual IP address to assign to a peer. - * - * @param pool pool name to acquire address from - * @param id peer identity to get address forua - * @param requested IP in configuration request - * @return allocated address, NULL to serve none - */ - host_t* (*acquire_address)(attribute_manager_t *this, - char *pool, identification_t *id, - host_t *requested); - - /** - * Release a previously acquired address. - * - * @param pool pool name from which the address was acquired - * @param address address to release - * @param id peer identity to get address for - */ - void (*release_address)(attribute_manager_t *this, - char *pool, host_t *address, identification_t *id); - - /** - * Create an enumerator over attributes to hand out to a peer. - * - * @param id peer identity to hand out attributes to - * @param vip virtual IP to assign to peer, if any - * @return enumerator (configuration_attribute_type_t, chunk_t) - */ - enumerator_t* (*create_responder_enumerator)(attribute_manager_t *this, - identification_t *id, host_t *vip); - - /** - * Register an attribute provider to the manager. - * - * @param provider attribute provider to register - */ - void (*add_provider)(attribute_manager_t *this, - attribute_provider_t *provider); - /** - * Unregister an attribute provider from the manager. - * - * @param provider attribute provider to unregister - */ - void (*remove_provider)(attribute_manager_t *this, - attribute_provider_t *provider); - - /** - * Handle a configuration attribute by passing them to the handlers. - * - * @param server server from which the attribute was received - * @param handler handler we requested the attribute for, if any - * @param type type of configuration attribute - * @param data associated attribute data - * @return handler which handled this attribute, NULL if none - */ - attribute_handler_t* (*handle)(attribute_manager_t *this, - identification_t *server, attribute_handler_t *handler, - configuration_attribute_type_t type, chunk_t data); - - /** - * Release an attribute previously handle()d by a handler. - * - * @param handler handler returned by handle() for this attribute - * @param server server from which the attribute was received - * @param type type of attribute to release - * @param data associated attribute data - */ - void (*release)(attribute_manager_t *this, attribute_handler_t *handler, - identification_t *server, - configuration_attribute_type_t type, - chunk_t data); - - /** - * Create an enumerator over attributes to request from server. - * - * @param id server identity to hand out attributes to - * @param vip virtual IP going to request, if any - * @return enumerator (attribute_handler_t, ca_type_t, chunk_t) - */ - enumerator_t* (*create_initiator_enumerator)(attribute_manager_t *this, - identification_t *id, host_t *vip); - - /** - * Register an attribute handler to the manager. - * - * @param handler attribute handler to register - */ - void (*add_handler)(attribute_manager_t *this, - attribute_handler_t *handler); - - /** - * Unregister an attribute handler from the manager. - * - * @param handler attribute handler to unregister - */ - void (*remove_handler)(attribute_manager_t *this, - attribute_handler_t *handler); - - /** - * Destroy a attribute_manager instance. - */ - void (*destroy)(attribute_manager_t *this); -}; - -/** - * Create a attribute_manager instance. - */ -attribute_manager_t *attribute_manager_create(); - -#endif /** ATTRIBUTE_MANAGER_H_ @}*/ diff --git a/src/libstrongswan/attributes/attribute_provider.h b/src/libstrongswan/attributes/attribute_provider.h deleted file mode 100644 index f8485cc6c..000000000 --- a/src/libstrongswan/attributes/attribute_provider.h +++ /dev/null @@ -1,67 +0,0 @@ -/* - * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup attribute_provider attribute_provider - * @{ @ingroup attributes - */ - -#ifndef ATTRIBUTE_PROVIDER_H_ -#define ATTRIBUTE_PROVIDER_H_ - -#include <utils/host.h> -#include <utils/identification.h> - -typedef struct attribute_provider_t attribute_provider_t; - -/** - * Interface to provide attributes to peers through attribute manager. - */ -struct attribute_provider_t { - - /** - * Acquire a virtual IP address to assign to a peer. - * - * @param pool name of the pool to acquire address from - * @param id peer ID - * @param requested IP in configuration request - * @return allocated address, NULL to serve none - */ - host_t* (*acquire_address)(attribute_provider_t *this, - char *pool, identification_t *id, - host_t *requested); - /** - * Release a previously acquired address. - * - * @param pool name of the pool this address was acquired from - * @param address address to release - * @param id peer ID - * @return TRUE if the address has been released by the provider - */ - bool (*release_address)(attribute_provider_t *this, - char *pool, host_t *address, identification_t *id); - - /** - * Create an enumerator over attributes to hand out to a peer. - * - * @param id peer ID - * @param vip virtual IP to assign to peer, if any - * @return enumerator (configuration_attribute_type_t, chunk_t) - */ - enumerator_t* (*create_attribute_enumerator)(attribute_provider_t *this, - identification_t *id, host_t *vip); -}; - -#endif /** ATTRIBUTE_PROVIDER_H_ @}*/ diff --git a/src/libstrongswan/attributes/attributes.c b/src/libstrongswan/attributes/attributes.c deleted file mode 100644 index 83feed17e..000000000 --- a/src/libstrongswan/attributes/attributes.c +++ /dev/null @@ -1,43 +0,0 @@ -/* - * Copyright (C) 2005-2006 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - - -#include "attributes.h" - -ENUM_BEGIN(configuration_attribute_type_names, INTERNAL_IP4_ADDRESS, INTERNAL_IP6_PREFIX, - "INTERNAL_IP4_ADDRESS", - "INTERNAL_IP4_NETMASK", - "INTERNAL_IP4_DNS", - "INTERNAL_IP4_NBNS", - "INTERNAL_ADDRESS_EXPIRY", - "INTERNAL_IP4_DHCP", - "APPLICATION_VERSION", - "INTERNAL_IP6_ADDRESS", - "INTERNAL_IP6_NETMASK", - "INTERNAL_IP6_DNS", - "INTERNAL_IP6_NBNS", - "INTERNAL_IP6_DHCP", - "INTERNAL_IP4_SUBNET", - "SUPPORTED_ATTRIBUTES", - "INTERNAL_IP6_SUBNET", - "MIP6_HOME_PREFIX", - "INTERNAL_IP6_LINK", - "INTERNAL_IP6_PREFIX"); -ENUM_NEXT(configuration_attribute_type_names, INTERNAL_IP4_SERVER, INTERNAL_IP6_SERVER, INTERNAL_IP6_PREFIX, - "INTERNAL_IP4_SERVER", - "INTERNAL_IP6_SERVER"); -ENUM_END(configuration_attribute_type_names, INTERNAL_IP6_SERVER); - diff --git a/src/libstrongswan/attributes/attributes.h b/src/libstrongswan/attributes/attributes.h deleted file mode 100644 index f4a396f21..000000000 --- a/src/libstrongswan/attributes/attributes.h +++ /dev/null @@ -1,62 +0,0 @@ -/* - * Copyright (C) 2005-2006 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup attributes_g attributes - * @{ @ingroup attributes - */ - -#ifndef ATTRIBUTES_H_ -#define ATTRIBUTES_H_ - -typedef enum configuration_attribute_type_t configuration_attribute_type_t; - -#include <enum.h> - -/** - * Type of the attribute, as in IKEv2 RFC 3.15.1 or IKEv1 ModeConfig. - */ -enum configuration_attribute_type_t { - INTERNAL_IP4_ADDRESS = 1, - INTERNAL_IP4_NETMASK = 2, - INTERNAL_IP4_DNS = 3, - INTERNAL_IP4_NBNS = 4, - INTERNAL_ADDRESS_EXPIRY = 5, - INTERNAL_IP4_DHCP = 6, - APPLICATION_VERSION = 7, - INTERNAL_IP6_ADDRESS = 8, - INTERNAL_IP6_NETMASK = 9, - INTERNAL_IP6_DNS = 10, - INTERNAL_IP6_NBNS = 11, - INTERNAL_IP6_DHCP = 12, - INTERNAL_IP4_SUBNET = 13, - SUPPORTED_ATTRIBUTES = 14, - INTERNAL_IP6_SUBNET = 15, - MIP6_HOME_PREFIX = 16, - INTERNAL_IP6_LINK = 17, - INTERNAL_IP6_PREFIX = 18, - /* proprietary Microsoft attributes */ - INTERNAL_IP4_SERVER = 23456, - INTERNAL_IP6_SERVER = 23457 -}; - -/** - * enum names for configuration_attribute_type_t. - */ -extern enum_name_t *configuration_attribute_type_names; - - -#endif /** ATTRIBUTES_H_ @}*/ diff --git a/src/libstrongswan/chunk.c b/src/libstrongswan/chunk.c index 86436e997..ef69eb4e7 100644 --- a/src/libstrongswan/chunk.c +++ b/src/libstrongswan/chunk.c @@ -22,8 +22,7 @@ #include <ctype.h> #include "chunk.h" - -#include <debug.h> +#include "debug.h" /* required for chunk_hash */ #undef get16bits @@ -222,7 +221,7 @@ bool chunk_write(chunk_t chunk, char *path, char *label, mode_t mask, bool force if (!force && access(path, F_OK) == 0) { - DBG1(" %s file '%s' already exists", label, path); + DBG1(DBG_LIB, " %s file '%s' already exists", label, path); return FALSE; } oldmask = umask(mask); @@ -231,20 +230,21 @@ bool chunk_write(chunk_t chunk, char *path, char *label, mode_t mask, bool force { if (fwrite(chunk.ptr, sizeof(u_char), chunk.len, fd) == chunk.len) { - DBG1(" written %s file '%s' (%d bytes)", + DBG1(DBG_LIB, " written %s file '%s' (%d bytes)", label, path, chunk.len); good = TRUE; } else { - DBG1(" writing %s file '%s' failed: %s", + DBG1(DBG_LIB, " writing %s file '%s' failed: %s", label, path, strerror(errno)); } fclose(fd); } else { - DBG1(" could not open %s file '%s': %s", label, path, strerror(errno)); + DBG1(DBG_LIB, " could not open %s file '%s': %s", label, path, + strerror(errno)); } umask(oldmask); return good; @@ -497,7 +497,7 @@ bool chunk_printable(chunk_t chunk, chunk_t *sane, char replace) * Described in header. * * The implementation is based on Paul Hsieh's SuperFastHash: - * http://www.azillionmonkeys.com/qed/hash.html + * http://www.azillionmonkeys.com/qed/hash.html */ u_int32_t chunk_hash_inc(chunk_t chunk, u_int32_t hash) { diff --git a/src/libstrongswan/chunk.h b/src/libstrongswan/chunk.h index a526f4a89..f0f9a7366 100644 --- a/src/libstrongswan/chunk.h +++ b/src/libstrongswan/chunk.h @@ -42,7 +42,7 @@ struct chunk_t { size_t len; }; -#include <utils.h> +#include "utils.h" /** * A { NULL, 0 }-chunk handy for initialization. diff --git a/src/libstrongswan/credentials/credential_factory.c b/src/libstrongswan/credentials/credential_factory.c index 5139ad504..7cc7dbe0e 100644 --- a/src/libstrongswan/credentials/credential_factory.c +++ b/src/libstrongswan/credentials/credential_factory.c @@ -151,7 +151,7 @@ static void* create(private_credential_factory_t *this, credential_type_t type, { names = certificate_type_names; } - DBG1("building %N - %N failed, tried %d builders", + DBG1(DBG_LIB, "building %N - %N failed, tried %d builders", credential_type_names, type, names, subtype, failures); } this->recursive->set(this->recursive, (void*)level); diff --git a/src/libstrongswan/credentials/keys/key_encoding.h b/src/libstrongswan/credentials/keys/key_encoding.h index 384117166..d8435f4b4 100644 --- a/src/libstrongswan/credentials/keys/key_encoding.h +++ b/src/libstrongswan/credentials/keys/key_encoding.h @@ -79,7 +79,7 @@ enum key_encoding_type_t { KEY_PRIV_ASN1_DER, /** subjectPublicKeyInfo encoding */ KEY_PUB_SPKI_ASN1_DER, - /** PEM oncoded PKCS#1 key */ + /** PEM encoded PKCS#1 key */ KEY_PUB_PEM, KEY_PRIV_PEM, /** PGP key encoding */ diff --git a/src/libstrongswan/credentials/keys/shared_key.h b/src/libstrongswan/credentials/keys/shared_key.h index fe7bc86be..d00b8d12e 100644 --- a/src/libstrongswan/credentials/keys/shared_key.h +++ b/src/libstrongswan/credentials/keys/shared_key.h @@ -41,6 +41,8 @@ enum shared_key_type_t { SHARED_PRIVATE_KEY_PASS, /** PIN to unlock a smartcard */ SHARED_PIN, + /** Calculated NT Hash = MD4(UTF-16LE(password)) */ + SHARED_NT_HASH, }; /** diff --git a/src/libstrongswan/crypto/crypto_factory.c b/src/libstrongswan/crypto/crypto_factory.c index 46b50329d..fee71953d 100644 --- a/src/libstrongswan/crypto/crypto_factory.c +++ b/src/libstrongswan/crypto/crypto_factory.c @@ -686,7 +686,7 @@ static void add_test_vector(private_crypto_factory_t *this, case RANDOM_NUMBER_GENERATOR: return this->tester->add_rng_vector(this->tester, vector); default: - DBG1("%N test vectors not supported, ignored", + DBG1(DBG_LIB, "%N test vectors not supported, ignored", transform_type_names, type); } } diff --git a/src/libstrongswan/crypto/crypto_tester.c b/src/libstrongswan/crypto/crypto_tester.c index 86daf65f9..76cc1cf2c 100644 --- a/src/libstrongswan/crypto/crypto_tester.c +++ b/src/libstrongswan/crypto/crypto_tester.c @@ -136,7 +136,7 @@ static bool test_crypter(private_crypto_tester_t *this, crypter->destroy(crypter); if (failed) { - DBG1("disabled %N: test vector %u failed", + DBG1(DBG_LIB, "disabled %N: test vector %u failed", encryption_algorithm_names, alg, tested); break; } @@ -144,14 +144,14 @@ static bool test_crypter(private_crypto_tester_t *this, enumerator->destroy(enumerator); if (!tested) { - DBG1("%s %N: no test vectors found", + DBG1(DBG_LIB, "%s %N: no test vectors found", this->required ? "disabled" : "enabled ", encryption_algorithm_names, alg); return !this->required; } if (!failed) { - DBG1("enabled %N: passed %u test vectors", + DBG1(DBG_LIB, "enabled %N: passed %u test vectors", encryption_algorithm_names, alg, tested); } return !failed; @@ -183,7 +183,7 @@ static bool test_signer(private_crypto_tester_t *this, signer = create(alg); if (!signer) { - DBG1("disabled %N: creating instance failed", + DBG1(DBG_LIB, "disabled %N: creating instance failed", integrity_algorithm_names, alg); failed = TRUE; break; @@ -240,7 +240,7 @@ static bool test_signer(private_crypto_tester_t *this, signer->destroy(signer); if (failed) { - DBG1("disabled %N: test vector %u failed", + DBG1(DBG_LIB, "disabled %N: test vector %u failed", integrity_algorithm_names, alg, tested); break; } @@ -248,14 +248,14 @@ static bool test_signer(private_crypto_tester_t *this, enumerator->destroy(enumerator); if (!tested) { - DBG1("%s %N: no test vectors found", + DBG1(DBG_LIB, "%s %N: no test vectors found", this->required ? "disabled" : "enabled ", integrity_algorithm_names, alg); return !this->required; } if (!failed) { - DBG1("enabled %N: passed %u test vectors", + DBG1(DBG_LIB, "enabled %N: passed %u test vectors", integrity_algorithm_names, alg, tested); } return !failed; @@ -287,7 +287,7 @@ static bool test_hasher(private_crypto_tester_t *this, hash_algorithm_t alg, hasher = create(alg); if (!hasher) { - DBG1("disabled %N: creating instance failed", + DBG1(DBG_LIB, "disabled %N: creating instance failed", hash_algorithm_names, alg); failed = TRUE; break; @@ -330,7 +330,7 @@ static bool test_hasher(private_crypto_tester_t *this, hash_algorithm_t alg, hasher->destroy(hasher); if (failed) { - DBG1("disabled %N: test vector %u failed", + DBG1(DBG_LIB, "disabled %N: test vector %u failed", hash_algorithm_names, alg, tested); break; } @@ -338,14 +338,14 @@ static bool test_hasher(private_crypto_tester_t *this, hash_algorithm_t alg, enumerator->destroy(enumerator); if (!tested) { - DBG1("%s %N: no test vectors found", + DBG1(DBG_LIB, "%s %N: no test vectors found", this->required ? "disabled" : "enabled ", hash_algorithm_names, alg); return !this->required; } if (!failed) { - DBG1("enabled %N: passed %u test vectors", + DBG1(DBG_LIB, "enabled %N: passed %u test vectors", hash_algorithm_names, alg, tested); } return !failed; @@ -377,7 +377,7 @@ static bool test_prf(private_crypto_tester_t *this, prf = create(alg); if (!prf) { - DBG1("disabled %N: creating instance failed", + DBG1(DBG_LIB, "disabled %N: creating instance failed", pseudo_random_function_names, alg); failed = TRUE; break; @@ -431,7 +431,7 @@ static bool test_prf(private_crypto_tester_t *this, prf->destroy(prf); if (failed) { - DBG1("disabled %N: test vector %u failed", + DBG1(DBG_LIB, "disabled %N: test vector %u failed", pseudo_random_function_names, alg, tested); break; } @@ -439,14 +439,14 @@ static bool test_prf(private_crypto_tester_t *this, enumerator->destroy(enumerator); if (!tested) { - DBG1("%s %N: no test vectors found", + DBG1(DBG_LIB, "%s %N: no test vectors found", this->required ? "disabled" : "enabled ", pseudo_random_function_names, alg); return !this->required; } if (!failed) { - DBG1("enabled %N: passed %u test vectors", + DBG1(DBG_LIB, "enabled %N: passed %u test vectors", pseudo_random_function_names, alg, tested); } return !failed; @@ -465,7 +465,7 @@ static bool test_rng(private_crypto_tester_t *this, rng_quality_t quality, if (!this->rng_true && quality == RNG_TRUE) { - DBG1("enabled %N: skipping test (disabled by config)", + DBG1(DBG_LIB, "enabled %N: skipping test (disabled by config)", rng_quality_names, quality); return TRUE; } @@ -485,7 +485,7 @@ static bool test_rng(private_crypto_tester_t *this, rng_quality_t quality, rng = create(quality); if (!rng) { - DBG1("disabled %N: creating instance failed", + DBG1(DBG_LIB, "disabled %N: creating instance failed", rng_quality_names, quality); failed = TRUE; break; @@ -515,7 +515,7 @@ static bool test_rng(private_crypto_tester_t *this, rng_quality_t quality, rng->destroy(rng); if (failed) { - DBG1("disabled %N: test vector %u failed", + DBG1(DBG_LIB, "disabled %N: test vector %u failed", rng_quality_names, quality, tested); break; } @@ -523,14 +523,14 @@ static bool test_rng(private_crypto_tester_t *this, rng_quality_t quality, enumerator->destroy(enumerator); if (!tested) { - DBG1("%s %N: no test vectors found", + DBG1(DBG_LIB, "%s %N: no test vectors found", this->required ? ", disabled" : "enabled ", rng_quality_names, quality); return !this->required; } if (!failed) { - DBG1("enabled %N: passed %u test vectors", + DBG1(DBG_LIB, "enabled %N: passed %u test vectors", rng_quality_names, quality, tested); } return !failed; diff --git a/src/libstrongswan/crypto/diffie_hellman.c b/src/libstrongswan/crypto/diffie_hellman.c index 18d532697..9bd8991fc 100644 --- a/src/libstrongswan/crypto/diffie_hellman.c +++ b/src/libstrongswan/crypto/diffie_hellman.c @@ -1,5 +1,6 @@ /* - * Copyright (C) 2005-2008 Martin Willi + * Copyright (C) 2010 Tobias Brunner + * Copyright (C) 2005-2010 Martin Willi * Copyright (C) 2005 Jan Hutter * Hochschule fuer Technik Rapperswil * @@ -31,10 +32,412 @@ ENUM_NEXT(diffie_hellman_group_names, MODP_2048_BIT, ECP_521_BIT, MODP_1536_BIT, "ECP_256", "ECP_384", "ECP_521"); -ENUM_NEXT(diffie_hellman_group_names, ECP_192_BIT, ECP_224_BIT, ECP_521_BIT, +ENUM_NEXT(diffie_hellman_group_names, MODP_1024_160, ECP_224_BIT, ECP_521_BIT, + "MODP_1024_160", + "MODP_2048_224", + "MODP_2048_256", "ECP_192", "ECP_224"); ENUM_NEXT(diffie_hellman_group_names, MODP_NULL, MODP_NULL, ECP_224_BIT, "MODP_NULL"); ENUM_END(diffie_hellman_group_names, MODP_NULL); + +/** + * List of known diffie hellman group parameters. + */ +static struct { + /* Public part of the struct */ + diffie_hellman_params_t public; + /* The group identifier as specified in IKEv2 */ + diffie_hellman_group_t group; + /* Optimal length of the exponent (in bytes), as specified in RFC 3526. */ + size_t opt_exp; +} dh_params[] = { + { + .group = MODP_768_BIT, .opt_exp = 32, .public = { + .generator = chunk_from_chars(0x02), + .prime = chunk_from_chars( + 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34, + 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74, + 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD, + 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37, + 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6, + 0xF4,0x4C,0x42,0xE9,0xA6,0x3A,0x36,0x20,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF) + }, + },{ + .group = MODP_1024_BIT, .opt_exp = 32, .public = { + .generator = chunk_from_chars(0x02), + .prime = chunk_from_chars( + 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34, + 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74, + 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD, + 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37, + 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6, + 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED, + 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6, + 0x49,0x28,0x66,0x51,0xEC,0xE6,0x53,0x81,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF) + }, + },{ + .group = MODP_1536_BIT, .opt_exp = 32, .public = { + .generator = chunk_from_chars(0x02), + .prime = chunk_from_chars( + 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34, + 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74, + 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD, + 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37, + 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6, + 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED, + 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6, + 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05, + 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F, + 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB, + 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04, + 0xF1,0x74,0x6C,0x08,0xCA,0x23,0x73,0x27,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF) + }, + },{ + .group = MODP_2048_BIT, .opt_exp = 48, .public = { + .generator = chunk_from_chars(0x02), + .prime = chunk_from_chars( + 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34, + 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74, + 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD, + 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37, + 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6, + 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED, + 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6, + 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05, + 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F, + 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB, + 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04, + 0xF1,0x74,0x6C,0x08,0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B, + 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,0xEC,0x07,0xA2,0x8F, + 0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18, + 0x39,0x95,0x49,0x7C,0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10, + 0x15,0x72,0x8E,0x5A,0x8A,0xAC,0xAA,0x68,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF) + }, + },{ + .group = MODP_3072_BIT, .opt_exp = 48, .public = { + .generator = chunk_from_chars(0x02), + .prime = chunk_from_chars( + 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34, + 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74, + 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD, + 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37, + 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6, + 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED, + 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6, + 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05, + 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F, + 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB, + 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04, + 0xF1,0x74,0x6C,0x08,0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B, + 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,0xEC,0x07,0xA2,0x8F, + 0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18, + 0x39,0x95,0x49,0x7C,0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10, + 0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,0x04,0x50,0x7A,0x33, + 0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A, + 0x8A,0xEA,0x71,0x57,0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7, + 0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,0x4A,0x25,0x61,0x9D, + 0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64, + 0xD8,0x76,0x02,0x73,0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C, + 0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,0xBA,0xD9,0x46,0xE2, + 0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E, + 0x4B,0x82,0xD1,0x20,0xA9,0x3A,0xD2,0xCA,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF) + }, + },{ + .group = MODP_4096_BIT, .opt_exp = 64, .public = { + .generator = chunk_from_chars(0x02), + .prime = chunk_from_chars( + 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34, + 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74, + 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD, + 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37, + 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6, + 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED, + 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6, + 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05, + 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F, + 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB, + 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04, + 0xF1,0x74,0x6C,0x08,0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B, + 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,0xEC,0x07,0xA2,0x8F, + 0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18, + 0x39,0x95,0x49,0x7C,0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10, + 0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,0x04,0x50,0x7A,0x33, + 0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A, + 0x8A,0xEA,0x71,0x57,0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7, + 0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,0x4A,0x25,0x61,0x9D, + 0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64, + 0xD8,0x76,0x02,0x73,0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C, + 0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,0xBA,0xD9,0x46,0xE2, + 0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E, + 0x4B,0x82,0xD1,0x20,0xA9,0x21,0x08,0x01,0x1A,0x72,0x3C,0x12,0xA7,0x87,0xE6,0xD7, + 0x88,0x71,0x9A,0x10,0xBD,0xBA,0x5B,0x26,0x99,0xC3,0x27,0x18,0x6A,0xF4,0xE2,0x3C, + 0x1A,0x94,0x68,0x34,0xB6,0x15,0x0B,0xDA,0x25,0x83,0xE9,0xCA,0x2A,0xD4,0x4C,0xE8, + 0xDB,0xBB,0xC2,0xDB,0x04,0xDE,0x8E,0xF9,0x2E,0x8E,0xFC,0x14,0x1F,0xBE,0xCA,0xA6, + 0x28,0x7C,0x59,0x47,0x4E,0x6B,0xC0,0x5D,0x99,0xB2,0x96,0x4F,0xA0,0x90,0xC3,0xA2, + 0x23,0x3B,0xA1,0x86,0x51,0x5B,0xE7,0xED,0x1F,0x61,0x29,0x70,0xCE,0xE2,0xD7,0xAF, + 0xB8,0x1B,0xDD,0x76,0x21,0x70,0x48,0x1C,0xD0,0x06,0x91,0x27,0xD5,0xB0,0x5A,0xA9, + 0x93,0xB4,0xEA,0x98,0x8D,0x8F,0xDD,0xC1,0x86,0xFF,0xB7,0xDC,0x90,0xA6,0xC0,0x8F, + 0x4D,0xF4,0x35,0xC9,0x34,0x06,0x31,0x99,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF) + }, + },{ + .group = MODP_6144_BIT, .opt_exp = 64, .public = { + .generator = chunk_from_chars(0x02), + .prime = chunk_from_chars( + 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34, + 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74, + 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD, + 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37, + 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6, + 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED, + 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6, + 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05, + 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F, + 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB, + 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04, + 0xF1,0x74,0x6C,0x08,0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B, + 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,0xEC,0x07,0xA2,0x8F, + 0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18, + 0x39,0x95,0x49,0x7C,0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10, + 0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,0x04,0x50,0x7A,0x33, + 0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A, + 0x8A,0xEA,0x71,0x57,0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7, + 0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,0x4A,0x25,0x61,0x9D, + 0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64, + 0xD8,0x76,0x02,0x73,0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C, + 0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,0xBA,0xD9,0x46,0xE2, + 0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E, + 0x4B,0x82,0xD1,0x20,0xA9,0x21,0x08,0x01,0x1A,0x72,0x3C,0x12,0xA7,0x87,0xE6,0xD7, + 0x88,0x71,0x9A,0x10,0xBD,0xBA,0x5B,0x26,0x99,0xC3,0x27,0x18,0x6A,0xF4,0xE2,0x3C, + 0x1A,0x94,0x68,0x34,0xB6,0x15,0x0B,0xDA,0x25,0x83,0xE9,0xCA,0x2A,0xD4,0x4C,0xE8, + 0xDB,0xBB,0xC2,0xDB,0x04,0xDE,0x8E,0xF9,0x2E,0x8E,0xFC,0x14,0x1F,0xBE,0xCA,0xA6, + 0x28,0x7C,0x59,0x47,0x4E,0x6B,0xC0,0x5D,0x99,0xB2,0x96,0x4F,0xA0,0x90,0xC3,0xA2, + 0x23,0x3B,0xA1,0x86,0x51,0x5B,0xE7,0xED,0x1F,0x61,0x29,0x70,0xCE,0xE2,0xD7,0xAF, + 0xB8,0x1B,0xDD,0x76,0x21,0x70,0x48,0x1C,0xD0,0x06,0x91,0x27,0xD5,0xB0,0x5A,0xA9, + 0x93,0xB4,0xEA,0x98,0x8D,0x8F,0xDD,0xC1,0x86,0xFF,0xB7,0xDC,0x90,0xA6,0xC0,0x8F, + 0x4D,0xF4,0x35,0xC9,0x34,0x02,0x84,0x92,0x36,0xC3,0xFA,0xB4,0xD2,0x7C,0x70,0x26, + 0xC1,0xD4,0xDC,0xB2,0x60,0x26,0x46,0xDE,0xC9,0x75,0x1E,0x76,0x3D,0xBA,0x37,0xBD, + 0xF8,0xFF,0x94,0x06,0xAD,0x9E,0x53,0x0E,0xE5,0xDB,0x38,0x2F,0x41,0x30,0x01,0xAE, + 0xB0,0x6A,0x53,0xED,0x90,0x27,0xD8,0x31,0x17,0x97,0x27,0xB0,0x86,0x5A,0x89,0x18, + 0xDA,0x3E,0xDB,0xEB,0xCF,0x9B,0x14,0xED,0x44,0xCE,0x6C,0xBA,0xCE,0xD4,0xBB,0x1B, + 0xDB,0x7F,0x14,0x47,0xE6,0xCC,0x25,0x4B,0x33,0x20,0x51,0x51,0x2B,0xD7,0xAF,0x42, + 0x6F,0xB8,0xF4,0x01,0x37,0x8C,0xD2,0xBF,0x59,0x83,0xCA,0x01,0xC6,0x4B,0x92,0xEC, + 0xF0,0x32,0xEA,0x15,0xD1,0x72,0x1D,0x03,0xF4,0x82,0xD7,0xCE,0x6E,0x74,0xFE,0xF6, + 0xD5,0x5E,0x70,0x2F,0x46,0x98,0x0C,0x82,0xB5,0xA8,0x40,0x31,0x90,0x0B,0x1C,0x9E, + 0x59,0xE7,0xC9,0x7F,0xBE,0xC7,0xE8,0xF3,0x23,0xA9,0x7A,0x7E,0x36,0xCC,0x88,0xBE, + 0x0F,0x1D,0x45,0xB7,0xFF,0x58,0x5A,0xC5,0x4B,0xD4,0x07,0xB2,0x2B,0x41,0x54,0xAA, + 0xCC,0x8F,0x6D,0x7E,0xBF,0x48,0xE1,0xD8,0x14,0xCC,0x5E,0xD2,0x0F,0x80,0x37,0xE0, + 0xA7,0x97,0x15,0xEE,0xF2,0x9B,0xE3,0x28,0x06,0xA1,0xD5,0x8B,0xB7,0xC5,0xDA,0x76, + 0xF5,0x50,0xAA,0x3D,0x8A,0x1F,0xBF,0xF0,0xEB,0x19,0xCC,0xB1,0xA3,0x13,0xD5,0x5C, + 0xDA,0x56,0xC9,0xEC,0x2E,0xF2,0x96,0x32,0x38,0x7F,0xE8,0xD7,0x6E,0x3C,0x04,0x68, + 0x04,0x3E,0x8F,0x66,0x3F,0x48,0x60,0xEE,0x12,0xBF,0x2D,0x5B,0x0B,0x74,0x74,0xD6, + 0xE6,0x94,0xF9,0x1E,0x6D,0xCC,0x40,0x24,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF) + }, + },{ + .group = MODP_8192_BIT, .opt_exp = 64, .public = { + .generator = chunk_from_chars(0x02), + .prime = chunk_from_chars( + 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34, + 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74, + 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD, + 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37, + 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6, + 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED, + 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6, + 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05, + 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F, + 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB, + 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04, + 0xF1,0x74,0x6C,0x08,0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B, + 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,0xEC,0x07,0xA2,0x8F, + 0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18, + 0x39,0x95,0x49,0x7C,0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10, + 0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,0x04,0x50,0x7A,0x33, + 0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A, + 0x8A,0xEA,0x71,0x57,0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7, + 0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,0x4A,0x25,0x61,0x9D, + 0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64, + 0xD8,0x76,0x02,0x73,0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C, + 0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,0xBA,0xD9,0x46,0xE2, + 0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E, + 0x4B,0x82,0xD1,0x20,0xA9,0x21,0x08,0x01,0x1A,0x72,0x3C,0x12,0xA7,0x87,0xE6,0xD7, + 0x88,0x71,0x9A,0x10,0xBD,0xBA,0x5B,0x26,0x99,0xC3,0x27,0x18,0x6A,0xF4,0xE2,0x3C, + 0x1A,0x94,0x68,0x34,0xB6,0x15,0x0B,0xDA,0x25,0x83,0xE9,0xCA,0x2A,0xD4,0x4C,0xE8, + 0xDB,0xBB,0xC2,0xDB,0x04,0xDE,0x8E,0xF9,0x2E,0x8E,0xFC,0x14,0x1F,0xBE,0xCA,0xA6, + 0x28,0x7C,0x59,0x47,0x4E,0x6B,0xC0,0x5D,0x99,0xB2,0x96,0x4F,0xA0,0x90,0xC3,0xA2, + 0x23,0x3B,0xA1,0x86,0x51,0x5B,0xE7,0xED,0x1F,0x61,0x29,0x70,0xCE,0xE2,0xD7,0xAF, + 0xB8,0x1B,0xDD,0x76,0x21,0x70,0x48,0x1C,0xD0,0x06,0x91,0x27,0xD5,0xB0,0x5A,0xA9, + 0x93,0xB4,0xEA,0x98,0x8D,0x8F,0xDD,0xC1,0x86,0xFF,0xB7,0xDC,0x90,0xA6,0xC0,0x8F, + 0x4D,0xF4,0x35,0xC9,0x34,0x02,0x84,0x92,0x36,0xC3,0xFA,0xB4,0xD2,0x7C,0x70,0x26, + 0xC1,0xD4,0xDC,0xB2,0x60,0x26,0x46,0xDE,0xC9,0x75,0x1E,0x76,0x3D,0xBA,0x37,0xBD, + 0xF8,0xFF,0x94,0x06,0xAD,0x9E,0x53,0x0E,0xE5,0xDB,0x38,0x2F,0x41,0x30,0x01,0xAE, + 0xB0,0x6A,0x53,0xED,0x90,0x27,0xD8,0x31,0x17,0x97,0x27,0xB0,0x86,0x5A,0x89,0x18, + 0xDA,0x3E,0xDB,0xEB,0xCF,0x9B,0x14,0xED,0x44,0xCE,0x6C,0xBA,0xCE,0xD4,0xBB,0x1B, + 0xDB,0x7F,0x14,0x47,0xE6,0xCC,0x25,0x4B,0x33,0x20,0x51,0x51,0x2B,0xD7,0xAF,0x42, + 0x6F,0xB8,0xF4,0x01,0x37,0x8C,0xD2,0xBF,0x59,0x83,0xCA,0x01,0xC6,0x4B,0x92,0xEC, + 0xF0,0x32,0xEA,0x15,0xD1,0x72,0x1D,0x03,0xF4,0x82,0xD7,0xCE,0x6E,0x74,0xFE,0xF6, + 0xD5,0x5E,0x70,0x2F,0x46,0x98,0x0C,0x82,0xB5,0xA8,0x40,0x31,0x90,0x0B,0x1C,0x9E, + 0x59,0xE7,0xC9,0x7F,0xBE,0xC7,0xE8,0xF3,0x23,0xA9,0x7A,0x7E,0x36,0xCC,0x88,0xBE, + 0x0F,0x1D,0x45,0xB7,0xFF,0x58,0x5A,0xC5,0x4B,0xD4,0x07,0xB2,0x2B,0x41,0x54,0xAA, + 0xCC,0x8F,0x6D,0x7E,0xBF,0x48,0xE1,0xD8,0x14,0xCC,0x5E,0xD2,0x0F,0x80,0x37,0xE0, + 0xA7,0x97,0x15,0xEE,0xF2,0x9B,0xE3,0x28,0x06,0xA1,0xD5,0x8B,0xB7,0xC5,0xDA,0x76, + 0xF5,0x50,0xAA,0x3D,0x8A,0x1F,0xBF,0xF0,0xEB,0x19,0xCC,0xB1,0xA3,0x13,0xD5,0x5C, + 0xDA,0x56,0xC9,0xEC,0x2E,0xF2,0x96,0x32,0x38,0x7F,0xE8,0xD7,0x6E,0x3C,0x04,0x68, + 0x04,0x3E,0x8F,0x66,0x3F,0x48,0x60,0xEE,0x12,0xBF,0x2D,0x5B,0x0B,0x74,0x74,0xD6, + 0xE6,0x94,0xF9,0x1E,0x6D,0xBE,0x11,0x59,0x74,0xA3,0x92,0x6F,0x12,0xFE,0xE5,0xE4, + 0x38,0x77,0x7C,0xB6,0xA9,0x32,0xDF,0x8C,0xD8,0xBE,0xC4,0xD0,0x73,0xB9,0x31,0xBA, + 0x3B,0xC8,0x32,0xB6,0x8D,0x9D,0xD3,0x00,0x74,0x1F,0xA7,0xBF,0x8A,0xFC,0x47,0xED, + 0x25,0x76,0xF6,0x93,0x6B,0xA4,0x24,0x66,0x3A,0xAB,0x63,0x9C,0x5A,0xE4,0xF5,0x68, + 0x34,0x23,0xB4,0x74,0x2B,0xF1,0xC9,0x78,0x23,0x8F,0x16,0xCB,0xE3,0x9D,0x65,0x2D, + 0xE3,0xFD,0xB8,0xBE,0xFC,0x84,0x8A,0xD9,0x22,0x22,0x2E,0x04,0xA4,0x03,0x7C,0x07, + 0x13,0xEB,0x57,0xA8,0x1A,0x23,0xF0,0xC7,0x34,0x73,0xFC,0x64,0x6C,0xEA,0x30,0x6B, + 0x4B,0xCB,0xC8,0x86,0x2F,0x83,0x85,0xDD,0xFA,0x9D,0x4B,0x7F,0xA2,0xC0,0x87,0xE8, + 0x79,0x68,0x33,0x03,0xED,0x5B,0xDD,0x3A,0x06,0x2B,0x3C,0xF5,0xB3,0xA2,0x78,0xA6, + 0x6D,0x2A,0x13,0xF8,0x3F,0x44,0xF8,0x2D,0xDF,0x31,0x0E,0xE0,0x74,0xAB,0x6A,0x36, + 0x45,0x97,0xE8,0x99,0xA0,0x25,0x5D,0xC1,0x64,0xF3,0x1C,0xC5,0x08,0x46,0x85,0x1D, + 0xF9,0xAB,0x48,0x19,0x5D,0xED,0x7E,0xA1,0xB1,0xD5,0x10,0xBD,0x7E,0xE7,0x4D,0x73, + 0xFA,0xF3,0x6B,0xC3,0x1E,0xCF,0xA2,0x68,0x35,0x90,0x46,0xF4,0xEB,0x87,0x9F,0x92, + 0x40,0x09,0x43,0x8B,0x48,0x1C,0x6C,0xD7,0x88,0x9A,0x00,0x2E,0xD5,0xEE,0x38,0x2B, + 0xC9,0x19,0x0D,0xA6,0xFC,0x02,0x6E,0x47,0x95,0x58,0xE4,0x47,0x56,0x77,0xE9,0xAA, + 0x9E,0x30,0x50,0xE2,0x76,0x56,0x94,0xDF,0xC8,0x1F,0x56,0xE8,0x80,0xB9,0x6E,0x71, + 0x60,0xC9,0x80,0xDD,0x98,0xED,0xD3,0xDF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF) + }, + },{ + .group = MODP_1024_160, .opt_exp = 20, .public = { + .subgroup = chunk_from_chars( + 0xF5,0x18,0xAA,0x87,0x81,0xA8,0xDF,0x27,0x8A,0xBA,0x4E,0x7D,0x64,0xB7,0xCB,0x9D, + 0x49,0x46,0x23,0x53), + .generator = chunk_from_chars( + 0xA4,0xD1,0xCB,0xD5,0xC3,0xFD,0x34,0x12,0x67,0x65,0xA4,0x42,0xEF,0xB9,0x99,0x05, + 0xF8,0x10,0x4D,0xD2,0x58,0xAC,0x50,0x7F,0xD6,0x40,0x6C,0xFF,0x14,0x26,0x6D,0x31, + 0x26,0x6F,0xEA,0x1E,0x5C,0x41,0x56,0x4B,0x77,0x7E,0x69,0x0F,0x55,0x04,0xF2,0x13, + 0x16,0x02,0x17,0xB4,0xB0,0x1B,0x88,0x6A,0x5E,0x91,0x54,0x7F,0x9E,0x27,0x49,0xF4, + 0xD7,0xFB,0xD7,0xD3,0xB9,0xA9,0x2E,0xE1,0x90,0x9D,0x0D,0x22,0x63,0xF8,0x0A,0x76, + 0xA6,0xA2,0x4C,0x08,0x7A,0x09,0x1F,0x53,0x1D,0xBF,0x0A,0x01,0x69,0xB6,0xA2,0x8A, + 0xD6,0x62,0xA4,0xD1,0x8E,0x73,0xAF,0xA3,0x2D,0x77,0x9D,0x59,0x18,0xD0,0x8B,0xC8, + 0x85,0x8F,0x4D,0xCE,0xF9,0x7C,0x2A,0x24,0x85,0x5E,0x6E,0xEB,0x22,0xB3,0xB2,0xE5), + .prime = chunk_from_chars( + 0xB1,0x0B,0x8F,0x96,0xA0,0x80,0xE0,0x1D,0xDE,0x92,0xDE,0x5E,0xAE,0x5D,0x54,0xEC, + 0x52,0xC9,0x9F,0xBC,0xFB,0x06,0xA3,0xC6,0x9A,0x6A,0x9D,0xCA,0x52,0xD2,0x3B,0x61, + 0x60,0x73,0xE2,0x86,0x75,0xA2,0x3D,0x18,0x98,0x38,0xEF,0x1E,0x2E,0xE6,0x52,0xC0, + 0x13,0xEC,0xB4,0xAE,0xA9,0x06,0x11,0x23,0x24,0x97,0x5C,0x3C,0xD4,0x9B,0x83,0xBF, + 0xAC,0xCB,0xDD,0x7D,0x90,0xC4,0xBD,0x70,0x98,0x48,0x8E,0x9C,0x21,0x9A,0x73,0x72, + 0x4E,0xFF,0xD6,0xFA,0xE5,0x64,0x47,0x38,0xFA,0xA3,0x1A,0x4F,0xF5,0x5B,0xCC,0xC0, + 0xA1,0x51,0xAF,0x5F,0x0D,0xC8,0xB4,0xBD,0x45,0xBF,0x37,0xDF,0x36,0x5C,0x1A,0x65, + 0xE6,0x8C,0xFD,0xA7,0x6D,0x4D,0xA7,0x08,0xDF,0x1F,0xB2,0xBC,0x2E,0x4A,0x43,0x71), + }, + }, { + .group = MODP_2048_224, .opt_exp = 28, .public = { + .subgroup = chunk_from_chars( + 0x80,0x1C,0x0D,0x34,0xC5,0x8D,0x93,0xFE,0x99,0x71,0x77,0x10,0x1F,0x80,0x53,0x5A, + 0x47,0x38,0xCE,0xBC,0xBF,0x38,0x9A,0x99,0xB3,0x63,0x71,0xEB), + .generator = chunk_from_chars( + 0xAC,0x40,0x32,0xEF,0x4F,0x2D,0x9A,0xE3,0x9D,0xF3,0x0B,0x5C,0x8F,0xFD,0xAC,0x50, + 0x6C,0xDE,0xBE,0x7B,0x89,0x99,0x8C,0xAF,0x74,0x86,0x6A,0x08,0xCF,0xE4,0xFF,0xE3, + 0xA6,0x82,0x4A,0x4E,0x10,0xB9,0xA6,0xF0,0xDD,0x92,0x1F,0x01,0xA7,0x0C,0x4A,0xFA, + 0xAB,0x73,0x9D,0x77,0x00,0xC2,0x9F,0x52,0xC5,0x7D,0xB1,0x7C,0x62,0x0A,0x86,0x52, + 0xBE,0x5E,0x90,0x01,0xA8,0xD6,0x6A,0xD7,0xC1,0x76,0x69,0x10,0x19,0x99,0x02,0x4A, + 0xF4,0xD0,0x27,0x27,0x5A,0xC1,0x34,0x8B,0xB8,0xA7,0x62,0xD0,0x52,0x1B,0xC9,0x8A, + 0xE2,0x47,0x15,0x04,0x22,0xEA,0x1E,0xD4,0x09,0x93,0x9D,0x54,0xDA,0x74,0x60,0xCD, + 0xB5,0xF6,0xC6,0xB2,0x50,0x71,0x7C,0xBE,0xF1,0x80,0xEB,0x34,0x11,0x8E,0x98,0xD1, + 0x19,0x52,0x9A,0x45,0xD6,0xF8,0x34,0x56,0x6E,0x30,0x25,0xE3,0x16,0xA3,0x30,0xEF, + 0xBB,0x77,0xA8,0x6F,0x0C,0x1A,0xB1,0x5B,0x05,0x1A,0xE3,0xD4,0x28,0xC8,0xF8,0xAC, + 0xB7,0x0A,0x81,0x37,0x15,0x0B,0x8E,0xEB,0x10,0xE1,0x83,0xED,0xD1,0x99,0x63,0xDD, + 0xD9,0xE2,0x63,0xE4,0x77,0x05,0x89,0xEF,0x6A,0xA2,0x1E,0x7F,0x5F,0x2F,0xF3,0x81, + 0xB5,0x39,0xCC,0xE3,0x40,0x9D,0x13,0xCD,0x56,0x6A,0xFB,0xB4,0x8D,0x6C,0x01,0x91, + 0x81,0xE1,0xBC,0xFE,0x94,0xB3,0x02,0x69,0xED,0xFE,0x72,0xFE,0x9B,0x6A,0xA4,0xBD, + 0x7B,0x5A,0x0F,0x1C,0x71,0xCF,0xFF,0x4C,0x19,0xC4,0x18,0xE1,0xF6,0xEC,0x01,0x79, + 0x81,0xBC,0x08,0x7F,0x2A,0x70,0x65,0xB3,0x84,0xB8,0x90,0xD3,0x19,0x1F,0x2B,0xFA), + .prime = chunk_from_chars( + 0xAD,0x10,0x7E,0x1E,0x91,0x23,0xA9,0xD0,0xD6,0x60,0xFA,0xA7,0x95,0x59,0xC5,0x1F, + 0xA2,0x0D,0x64,0xE5,0x68,0x3B,0x9F,0xD1,0xB5,0x4B,0x15,0x97,0xB6,0x1D,0x0A,0x75, + 0xE6,0xFA,0x14,0x1D,0xF9,0x5A,0x56,0xDB,0xAF,0x9A,0x3C,0x40,0x7B,0xA1,0xDF,0x15, + 0xEB,0x3D,0x68,0x8A,0x30,0x9C,0x18,0x0E,0x1D,0xE6,0xB8,0x5A,0x12,0x74,0xA0,0xA6, + 0x6D,0x3F,0x81,0x52,0xAD,0x6A,0xC2,0x12,0x90,0x37,0xC9,0xED,0xEF,0xDA,0x4D,0xF8, + 0xD9,0x1E,0x8F,0xEF,0x55,0xB7,0x39,0x4B,0x7A,0xD5,0xB7,0xD0,0xB6,0xC1,0x22,0x07, + 0xC9,0xF9,0x8D,0x11,0xED,0x34,0xDB,0xF6,0xC6,0xBA,0x0B,0x2C,0x8B,0xBC,0x27,0xBE, + 0x6A,0x00,0xE0,0xA0,0xB9,0xC4,0x97,0x08,0xB3,0xBF,0x8A,0x31,0x70,0x91,0x88,0x36, + 0x81,0x28,0x61,0x30,0xBC,0x89,0x85,0xDB,0x16,0x02,0xE7,0x14,0x41,0x5D,0x93,0x30, + 0x27,0x82,0x73,0xC7,0xDE,0x31,0xEF,0xDC,0x73,0x10,0xF7,0x12,0x1F,0xD5,0xA0,0x74, + 0x15,0x98,0x7D,0x9A,0xDC,0x0A,0x48,0x6D,0xCD,0xF9,0x3A,0xCC,0x44,0x32,0x83,0x87, + 0x31,0x5D,0x75,0xE1,0x98,0xC6,0x41,0xA4,0x80,0xCD,0x86,0xA1,0xB9,0xE5,0x87,0xE8, + 0xBE,0x60,0xE6,0x9C,0xC9,0x28,0xB2,0xB9,0xC5,0x21,0x72,0xE4,0x13,0x04,0x2E,0x9B, + 0x23,0xF1,0x0B,0x0E,0x16,0xE7,0x97,0x63,0xC9,0xB5,0x3D,0xCF,0x4B,0xA8,0x0A,0x29, + 0xE3,0xFB,0x73,0xC1,0x6B,0x8E,0x75,0xB9,0x7E,0xF3,0x63,0xE2,0xFF,0xA3,0x1F,0x71, + 0xCF,0x9D,0xE5,0x38,0x4E,0x71,0xB8,0x1C,0x0A,0xC4,0xDF,0xFE,0x0C,0x10,0xE6,0x4F) + }, + },{ + .group = MODP_2048_256, .opt_exp = 32, .public = { + .subgroup = chunk_from_chars( + 0x8C,0xF8,0x36,0x42,0xA7,0x09,0xA0,0x97,0xB4,0x47,0x99,0x76,0x40,0x12,0x9D,0xA2, + 0x99,0xB1,0xA4,0x7D,0x1E,0xB3,0x75,0x0B,0xA3,0x08,0xB0,0xFE,0x64,0xF5,0xFB,0xD3), + .generator = chunk_from_chars( + 0x3F,0xB3,0x2C,0x9B,0x73,0x13,0x4D,0x0B,0x2E,0x77,0x50,0x66,0x60,0xED,0xBD,0x48, + 0x4C,0xA7,0xB1,0x8F,0x21,0xEF,0x20,0x54,0x07,0xF4,0x79,0x3A,0x1A,0x0B,0xA1,0x25, + 0x10,0xDB,0xC1,0x50,0x77,0xBE,0x46,0x3F,0xFF,0x4F,0xED,0x4A,0xAC,0x0B,0xB5,0x55, + 0xBE,0x3A,0x6C,0x1B,0x0C,0x6B,0x47,0xB1,0xBC,0x37,0x73,0xBF,0x7E,0x8C,0x6F,0x62, + 0x90,0x12,0x28,0xF8,0xC2,0x8C,0xBB,0x18,0xA5,0x5A,0xE3,0x13,0x41,0x00,0x0A,0x65, + 0x01,0x96,0xF9,0x31,0xC7,0x7A,0x57,0xF2,0xDD,0xF4,0x63,0xE5,0xE9,0xEC,0x14,0x4B, + 0x77,0x7D,0xE6,0x2A,0xAA,0xB8,0xA8,0x62,0x8A,0xC3,0x76,0xD2,0x82,0xD6,0xED,0x38, + 0x64,0xE6,0x79,0x82,0x42,0x8E,0xBC,0x83,0x1D,0x14,0x34,0x8F,0x6F,0x2F,0x91,0x93, + 0xB5,0x04,0x5A,0xF2,0x76,0x71,0x64,0xE1,0xDF,0xC9,0x67,0xC1,0xFB,0x3F,0x2E,0x55, + 0xA4,0xBD,0x1B,0xFF,0xE8,0x3B,0x9C,0x80,0xD0,0x52,0xB9,0x85,0xD1,0x82,0xEA,0x0A, + 0xDB,0x2A,0x3B,0x73,0x13,0xD3,0xFE,0x14,0xC8,0x48,0x4B,0x1E,0x05,0x25,0x88,0xB9, + 0xB7,0xD2,0xBB,0xD2,0xDF,0x01,0x61,0x99,0xEC,0xD0,0x6E,0x15,0x57,0xCD,0x09,0x15, + 0xB3,0x35,0x3B,0xBB,0x64,0xE0,0xEC,0x37,0x7F,0xD0,0x28,0x37,0x0D,0xF9,0x2B,0x52, + 0xC7,0x89,0x14,0x28,0xCD,0xC6,0x7E,0xB6,0x18,0x4B,0x52,0x3D,0x1D,0xB2,0x46,0xC3, + 0x2F,0x63,0x07,0x84,0x90,0xF0,0x0E,0xF8,0xD6,0x47,0xD1,0x48,0xD4,0x79,0x54,0x51, + 0x5E,0x23,0x27,0xCF,0xEF,0x98,0xC5,0x82,0x66,0x4B,0x4C,0x0F,0x6C,0xC4,0x16,0x59), + .prime = chunk_from_chars( + 0x87,0xA8,0xE6,0x1D,0xB4,0xB6,0x66,0x3C,0xFF,0xBB,0xD1,0x9C,0x65,0x19,0x59,0x99, + 0x8C,0xEE,0xF6,0x08,0x66,0x0D,0xD0,0xF2,0x5D,0x2C,0xEE,0xD4,0x43,0x5E,0x3B,0x00, + 0xE0,0x0D,0xF8,0xF1,0xD6,0x19,0x57,0xD4,0xFA,0xF7,0xDF,0x45,0x61,0xB2,0xAA,0x30, + 0x16,0xC3,0xD9,0x11,0x34,0x09,0x6F,0xAA,0x3B,0xF4,0x29,0x6D,0x83,0x0E,0x9A,0x7C, + 0x20,0x9E,0x0C,0x64,0x97,0x51,0x7A,0xBD,0x5A,0x8A,0x9D,0x30,0x6B,0xCF,0x67,0xED, + 0x91,0xF9,0xE6,0x72,0x5B,0x47,0x58,0xC0,0x22,0xE0,0xB1,0xEF,0x42,0x75,0xBF,0x7B, + 0x6C,0x5B,0xFC,0x11,0xD4,0x5F,0x90,0x88,0xB9,0x41,0xF5,0x4E,0xB1,0xE5,0x9B,0xB8, + 0xBC,0x39,0xA0,0xBF,0x12,0x30,0x7F,0x5C,0x4F,0xDB,0x70,0xC5,0x81,0xB2,0x3F,0x76, + 0xB6,0x3A,0xCA,0xE1,0xCA,0xA6,0xB7,0x90,0x2D,0x52,0x52,0x67,0x35,0x48,0x8A,0x0E, + 0xF1,0x3C,0x6D,0x9A,0x51,0xBF,0xA4,0xAB,0x3A,0xD8,0x34,0x77,0x96,0x52,0x4D,0x8E, + 0xF6,0xA1,0x67,0xB5,0xA4,0x18,0x25,0xD9,0x67,0xE1,0x44,0xE5,0x14,0x05,0x64,0x25, + 0x1C,0xCA,0xCB,0x83,0xE6,0xB4,0x86,0xF6,0xB3,0xCA,0x3F,0x79,0x71,0x50,0x60,0x26, + 0xC0,0xB8,0x57,0xF6,0x89,0x96,0x28,0x56,0xDE,0xD4,0x01,0x0A,0xBD,0x0B,0xE6,0x21, + 0xC3,0xA3,0x96,0x0A,0x54,0xE7,0x10,0xC3,0x75,0xF2,0x63,0x75,0xD7,0x01,0x41,0x03, + 0xA4,0xB5,0x43,0x30,0xC1,0x98,0xAF,0x12,0x61,0x16,0xD2,0x27,0x6E,0x11,0x71,0x5F, + 0x69,0x38,0x77,0xFA,0xD7,0xEF,0x09,0xCA,0xDB,0x09,0x4A,0xE9,0x1E,0x1A,0x15,0x97) + }, + }, +}; + +/** + * Described in header. + */ +diffie_hellman_params_t *diffie_hellman_get_params(diffie_hellman_group_t group) +{ + int i; + + for (i = 0; i < countof(dh_params); i++) + { + if (dh_params[i].group == group) + { + if (!dh_params[i].public.exp_len) + { + if (!dh_params[i].public.subgroup.len && + lib->settings->get_int(lib->settings, + "libstrongswan.dh_exponent_ansi_x9_42", TRUE)) + { + dh_params[i].public.exp_len = dh_params[i].public.prime.len; + } + else + { + dh_params[i].public.exp_len = dh_params[i].opt_exp; + } + } + return &dh_params[i].public; + } + } + return NULL; +} + diff --git a/src/libstrongswan/crypto/diffie_hellman.h b/src/libstrongswan/crypto/diffie_hellman.h index 842938c3b..cdc9c785e 100644 --- a/src/libstrongswan/crypto/diffie_hellman.h +++ b/src/libstrongswan/crypto/diffie_hellman.h @@ -1,4 +1,5 @@ /* + * Copyright (C) 2010 Tobias Brunner * Copyright (C) 2005-2007 Martin Willi * Copyright (C) 2005 Jan Hutter * Hochschule fuer Technik Rapperswil @@ -24,6 +25,7 @@ typedef enum diffie_hellman_group_t diffie_hellman_group_t; typedef struct diffie_hellman_t diffie_hellman_t; +typedef struct diffie_hellman_params_t diffie_hellman_params_t; #include <library.h> @@ -48,6 +50,9 @@ enum diffie_hellman_group_t { ECP_256_BIT = 19, ECP_384_BIT = 20, ECP_521_BIT = 21, + MODP_1024_160 = 22, + MODP_2048_224 = 23, + MODP_2048_256 = 24, ECP_192_BIT = 25, ECP_224_BIT = 26, /** insecure NULL diffie hellman group for testing, in PRIVATE USE */ @@ -70,8 +75,8 @@ struct diffie_hellman_t { * Space for returned secret is allocated and must be * freed by the caller. * - * @param secret shared secret will be written into this chunk - * @return SUCCESS, FAILED if not both DH values are set + * @param secret shared secret will be written into this chunk + * @return SUCCESS, FAILED if not both DH values are set */ status_t (*get_shared_secret) (diffie_hellman_t *this, chunk_t *secret); @@ -80,7 +85,7 @@ struct diffie_hellman_t { * * Chunk gets cloned and can be destroyed afterwards. * - * @param value public value of partner + * @param value public value of partner */ void (*set_other_public_value) (diffie_hellman_t *this, chunk_t value); @@ -106,4 +111,38 @@ struct diffie_hellman_t { void (*destroy) (diffie_hellman_t *this); }; +/** + * Parameters for a specific diffie hellman group. + */ +struct diffie_hellman_params_t { + + /** + * The prime of the group + */ + const chunk_t prime; + + /** + * Generator of the group + */ + const chunk_t generator; + + /** + * Exponent length to use + */ + size_t exp_len; + + /** + * Prime order subgroup; for MODP Groups 22-24 + */ + const chunk_t subgroup; +}; + +/** + * Get the parameters associated with the specified diffie hellman group. + * + * @param group DH group + * @return The parameters or NULL, if the group is not supported + */ +diffie_hellman_params_t *diffie_hellman_get_params(diffie_hellman_group_t group); + #endif /** DIFFIE_HELLMAN_H_ @}*/ diff --git a/src/libstrongswan/crypto/proposal/proposal_keywords.c b/src/libstrongswan/crypto/proposal/proposal_keywords.c index 75816e8b3..a43dde7ea 100644 --- a/src/libstrongswan/crypto/proposal/proposal_keywords.c +++ b/src/libstrongswan/crypto/proposal/proposal_keywords.c @@ -59,12 +59,12 @@ struct proposal_token { u_int16_t keysize; }; -#define TOTAL_KEYWORDS 89 +#define TOTAL_KEYWORDS 95 #define MIN_WORD_LENGTH 3 #define MAX_WORD_LENGTH 12 -#define MIN_HASH_VALUE 4 -#define MAX_HASH_VALUE 123 -/* maximum key range = 120, duplicates = 0 */ +#define MIN_HASH_VALUE 5 +#define MAX_HASH_VALUE 137 +/* maximum key range = 133, duplicates = 0 */ #ifdef __GNUC__ __inline @@ -80,32 +80,32 @@ hash (str, len) { static const unsigned char asso_values[] = { - 124, 124, 124, 124, 124, 124, 124, 124, 124, 124, - 124, 124, 124, 124, 124, 124, 124, 124, 124, 124, - 124, 124, 124, 124, 124, 124, 124, 124, 124, 124, - 124, 124, 124, 124, 124, 124, 124, 124, 124, 124, - 124, 124, 124, 124, 124, 124, 124, 124, 124, 11, - 2, 23, 5, 27, 21, 8, 5, 0, 124, 124, - 124, 124, 124, 124, 124, 124, 124, 124, 124, 124, - 124, 124, 124, 124, 124, 124, 124, 124, 124, 124, - 124, 124, 124, 124, 124, 124, 124, 124, 124, 124, - 124, 124, 124, 124, 124, 22, 124, 24, 0, 1, - 8, 2, 50, 0, 11, 54, 124, 124, 0, 124, - 42, 0, 124, 124, 5, 9, 34, 6, 124, 124, - 124, 124, 124, 124, 124, 124, 124, 124, 124, 124, - 124, 124, 124, 124, 124, 124, 124, 124, 124, 124, - 124, 124, 124, 124, 124, 124, 124, 124, 124, 124, - 124, 124, 124, 124, 124, 124, 124, 124, 124, 124, - 124, 124, 124, 124, 124, 124, 124, 124, 124, 124, - 124, 124, 124, 124, 124, 124, 124, 124, 124, 124, - 124, 124, 124, 124, 124, 124, 124, 124, 124, 124, - 124, 124, 124, 124, 124, 124, 124, 124, 124, 124, - 124, 124, 124, 124, 124, 124, 124, 124, 124, 124, - 124, 124, 124, 124, 124, 124, 124, 124, 124, 124, - 124, 124, 124, 124, 124, 124, 124, 124, 124, 124, - 124, 124, 124, 124, 124, 124, 124, 124, 124, 124, - 124, 124, 124, 124, 124, 124, 124, 124, 124, 124, - 124, 124, 124, 124, 124, 124, 124 + 138, 138, 138, 138, 138, 138, 138, 138, 138, 138, + 138, 138, 138, 138, 138, 138, 138, 138, 138, 138, + 138, 138, 138, 138, 138, 138, 138, 138, 138, 138, + 138, 138, 138, 138, 138, 138, 138, 138, 138, 138, + 138, 138, 138, 138, 138, 138, 138, 138, 3, 11, + 2, 23, 29, 27, 21, 16, 5, 0, 138, 138, + 138, 138, 138, 138, 138, 138, 138, 138, 138, 138, + 138, 138, 138, 138, 138, 138, 138, 138, 138, 138, + 138, 138, 138, 138, 138, 138, 138, 138, 138, 138, + 138, 138, 138, 138, 138, 17, 138, 1, 0, 1, + 9, 9, 50, 0, 4, 54, 138, 138, 1, 138, + 35, 0, 138, 138, 71, 3, 38, 22, 138, 138, + 138, 138, 138, 138, 138, 138, 138, 138, 138, 138, + 138, 138, 138, 138, 138, 138, 138, 138, 138, 138, + 138, 138, 138, 138, 138, 138, 138, 138, 138, 138, + 138, 138, 138, 138, 138, 138, 138, 138, 138, 138, + 138, 138, 138, 138, 138, 138, 138, 138, 138, 138, + 138, 138, 138, 138, 138, 138, 138, 138, 138, 138, + 138, 138, 138, 138, 138, 138, 138, 138, 138, 138, + 138, 138, 138, 138, 138, 138, 138, 138, 138, 138, + 138, 138, 138, 138, 138, 138, 138, 138, 138, 138, + 138, 138, 138, 138, 138, 138, 138, 138, 138, 138, + 138, 138, 138, 138, 138, 138, 138, 138, 138, 138, + 138, 138, 138, 138, 138, 138, 138, 138, 138, 138, + 138, 138, 138, 138, 138, 138, 138, 138, 138, 138, + 138, 138, 138, 138, 138, 138, 138 }; register int hval = len; @@ -135,108 +135,115 @@ hash (str, len) static const struct proposal_token wordlist[] = { - {"null", ENCRYPTION_ALGORITHM, ENCR_NULL, 0}, - {"aes192", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 192}, - {"aesxcbc", INTEGRITY_ALGORITHM, AUTH_AES_XCBC_96, 0}, - {"aes", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128}, - {"aes128", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128}, - {"des", ENCRYPTION_ALGORITHM, ENCR_DES, 0}, - {"aes192ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 192}, - {"aes128ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 128}, - {"3des", ENCRYPTION_ALGORITHM, ENCR_3DES, 0}, - {"aes192gcm8", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 192}, - {"aes192ccm8", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 192}, - {"aes128gcm8", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 128}, - {"aes128ccm8", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 128}, - {"aes192gcm12", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 192}, - {"aes192ccm12", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 192}, - {"aes128gcm12", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 128}, - {"aes128ccm12", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 128}, - {"aes192gcm128", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 192}, - {"aes192ccm128", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 192}, - {"aes128gcm128", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 128}, - {"aes128ccm128", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 128}, - {"aes192gcm96", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 192}, - {"aes192ccm96", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 192}, - {"aes128gcm96", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 128}, - {"aes128ccm96", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 128}, - {"cast128", ENCRYPTION_ALGORITHM, ENCR_CAST, 128}, - {"aes192gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 192}, - {"aes192ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 192}, - {"aes128gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 128}, - {"aes128ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 128}, - {"aes256ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 256}, - {"aes192gcm16", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 192}, - {"aes192ccm16", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 192}, - {"aes128gcm16", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 128}, - {"aes128ccm16", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 128}, - {"aes256gcm8", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 256}, - {"aes256ccm8", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 256}, - {"sha1", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0}, - {"sha384", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0}, - {"aes256gcm12", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 256}, - {"aes256ccm12", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 256}, - {"sha512", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0}, - {"aes256", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 256}, - {"aes256gcm128", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 256}, - {"aes256ccm128", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 256}, - {"modp8192", DIFFIE_HELLMAN_GROUP, MODP_8192_BIT, 0}, - {"ecp192", DIFFIE_HELLMAN_GROUP, ECP_192_BIT, 0}, - {"aes256gcm96", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 256}, - {"aes256ccm96", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 256}, - {"sha", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0}, - {"modp2048", DIFFIE_HELLMAN_GROUP, MODP_2048_BIT, 0}, - {"ecp224", DIFFIE_HELLMAN_GROUP, ECP_224_BIT, 0}, - {"aes256gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 256}, - {"aes256ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 256}, - {"ecp384", DIFFIE_HELLMAN_GROUP, ECP_384_BIT, 0}, - {"modp768", DIFFIE_HELLMAN_GROUP, MODP_768_BIT, 0}, - {"modp1024", DIFFIE_HELLMAN_GROUP, MODP_1024_BIT, 0}, - {"ecp521", DIFFIE_HELLMAN_GROUP, ECP_521_BIT, 0}, - {"aes256gcm16", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 256}, - {"aes256ccm16", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 256}, - {"md5", INTEGRITY_ALGORITHM, AUTH_HMAC_MD5_96, 0}, - {"blowfish192", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 192}, - {"sha2_384", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0}, - {"camellia192", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 192}, - {"modp4096", DIFFIE_HELLMAN_GROUP, MODP_4096_BIT, 0}, - {"sha2_512", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0}, - {"blowfish128", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128}, - {"blowfish", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128}, - {"camellia128", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 128}, - {"modp6144", DIFFIE_HELLMAN_GROUP, MODP_6144_BIT, 0}, - {"modp3072", DIFFIE_HELLMAN_GROUP, MODP_3072_BIT, 0}, - {"serpent192", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 192}, - {"twofish192", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 192}, - {"sha256", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0}, - {"twofish", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 128}, - {"serpent128", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128}, - {"twofish128", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 128}, - {"modpnull", DIFFIE_HELLMAN_GROUP, MODP_NULL, 0}, - {"camellia", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 128}, - {"ecp256", DIFFIE_HELLMAN_GROUP, ECP_256_BIT, 0}, - {"modp1536", DIFFIE_HELLMAN_GROUP, MODP_1536_BIT, 0}, - {"serpent", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128}, - {"sha2_256", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0}, - {"sha256_96", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_96, 0}, - {"sha2_256_96", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_96, 0}, - {"blowfish256", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 256}, - {"camellia256", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 256}, - {"serpent256", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 256}, - {"twofish256", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 256} + {"null", ENCRYPTION_ALGORITHM, ENCR_NULL, 0}, + {"aes", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128}, + {"aes192", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 192}, + {"aesxcbc", INTEGRITY_ALGORITHM, AUTH_AES_XCBC_96, 0}, + {"aes192gmac", ENCRYPTION_ALGORITHM, ENCR_NULL_AUTH_AES_GMAC, 192}, + {"aes128", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128}, + {"aes128gmac", ENCRYPTION_ALGORITHM, ENCR_NULL_AUTH_AES_GMAC, 128}, + {"des", ENCRYPTION_ALGORITHM, ENCR_DES, 0}, + {"aes192gcm8", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 192}, + {"aes192ccm8", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 192}, + {"aes128gcm8", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 128}, + {"aes128ccm8", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 128}, + {"aes192gcm12", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 192}, + {"aes192ccm12", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 192}, + {"aes128gcm12", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 128}, + {"aes128ccm12", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 128}, + {"aes192gcm128", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 192}, + {"aes192ccm128", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 192}, + {"aes128gcm128", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 128}, + {"aes128ccm128", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 128}, + {"aes192gcm96", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 192}, + {"aes192ccm96", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 192}, + {"aes128gcm96", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 128}, + {"aes128ccm96", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 128}, + {"3des", ENCRYPTION_ALGORITHM, ENCR_3DES, 0}, + {"cast128", ENCRYPTION_ALGORITHM, ENCR_CAST, 128}, + {"aes256gmac", ENCRYPTION_ALGORITHM, ENCR_NULL_AUTH_AES_GMAC, 256}, + {"sha", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0}, + {"aes192gcm16", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 192}, + {"aes192ccm16", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 192}, + {"aes128gcm16", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 128}, + {"aes128ccm16", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 128}, + {"aes256gcm8", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 256}, + {"aes256ccm8", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 256}, + {"modp8192", DIFFIE_HELLMAN_GROUP, MODP_8192_BIT, 0}, + {"aes256gcm12", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 256}, + {"aes256ccm12", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 256}, + {"sha1", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0}, + {"aes256", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 256}, + {"aes256gcm128", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 256}, + {"aes256ccm128", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 256}, + {"sha512", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0}, + {"ecp192", DIFFIE_HELLMAN_GROUP, ECP_192_BIT, 0}, + {"aes256gcm96", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 256}, + {"aes256ccm96", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 256}, + {"aes192gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 192}, + {"aes192ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 192}, + {"aes128gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 128}, + {"aes128ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 128}, + {"md5", INTEGRITY_ALGORITHM, AUTH_HMAC_MD5_96, 0}, + {"blowfish", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128}, + {"blowfish192", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 192}, + {"modp768", DIFFIE_HELLMAN_GROUP, MODP_768_BIT, 0}, + {"ecp521", DIFFIE_HELLMAN_GROUP, ECP_521_BIT, 0}, + {"aes256gcm16", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 256}, + {"aes256ccm16", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 256}, + {"blowfish128", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128}, + {"camellia", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 128}, + {"modp1024s160", DIFFIE_HELLMAN_GROUP, MODP_1024_160, 0}, + {"sha2_512", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0}, + {"camellia192", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 192}, + {"sha384", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0}, + {"modp2048", DIFFIE_HELLMAN_GROUP, MODP_2048_BIT, 0}, + {"modpnull", DIFFIE_HELLMAN_GROUP, MODP_NULL, 0}, + {"aes192ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 192}, + {"camellia128", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 128}, + {"aes128ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 128}, + {"modp3072", DIFFIE_HELLMAN_GROUP, MODP_3072_BIT, 0}, + {"modp1024", DIFFIE_HELLMAN_GROUP, MODP_1024_BIT, 0}, + {"ecp224", DIFFIE_HELLMAN_GROUP, ECP_224_BIT, 0}, + {"aes256gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 256}, + {"aes256ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 256}, + {"ecp384", DIFFIE_HELLMAN_GROUP, ECP_384_BIT, 0}, + {"twofish", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 128}, + {"sha256", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0}, + {"modp4096", DIFFIE_HELLMAN_GROUP, MODP_4096_BIT, 0}, + {"twofish192", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 192}, + {"sha2_384", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0}, + {"modp1536", DIFFIE_HELLMAN_GROUP, MODP_1536_BIT, 0}, + {"serpent192", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 192}, + {"twofish128", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 128}, + {"modp2048s256", DIFFIE_HELLMAN_GROUP, MODP_2048_256, 0}, + {"ecp256", DIFFIE_HELLMAN_GROUP, ECP_256_BIT, 0}, + {"serpent128", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128}, + {"aes256ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 256}, + {"modp2048s224", DIFFIE_HELLMAN_GROUP, MODP_2048_224, 0}, + {"sha2_256", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0}, + {"sha256_96", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_96, 0}, + {"blowfish256", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 256}, + {"sha2_256_96", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_96, 0}, + {"modp6144", DIFFIE_HELLMAN_GROUP, MODP_6144_BIT, 0}, + {"camellia256", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 256}, + {"serpent", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128}, + {"twofish256", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 256}, + {"serpent256", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 256} }; static const short lookup[] = { - -1, -1, -1, -1, 0, -1, -1, -1, 1, -1, 2, -1, 3, 4, - 5, 6, -1, 7, 8, -1, 9, 10, 11, 12, 13, 14, 15, 16, - 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, -1, - 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, - 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, - 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, -1, 70, - 71, 72, -1, -1, 73, 74, 75, 76, 77, -1, 78, -1, -1, -1, - -1, -1, -1, -1, -1, -1, 79, 80, -1, -1, -1, -1, -1, 81, - 82, 83, -1, 84, -1, -1, -1, 85, -1, 86, 87, 88 + -1, -1, -1, -1, -1, 0, 1, -1, 2, -1, 3, -1, 4, 5, + 6, 7, -1, -1, -1, -1, 8, 9, 10, 11, 12, 13, 14, 15, + 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, -1, 26, -1, -1, + 27, 28, 29, 30, 31, 32, 33, -1, 34, 35, 36, 37, 38, 39, + 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, + 54, 55, 56, 57, 58, -1, 59, 60, 61, 62, 63, 64, 65, 66, + 67, 68, -1, 69, 70, 71, 72, 73, 74, 75, 76, -1, -1, 77, + 78, 79, 80, 81, -1, -1, 82, 83, -1, -1, 84, 85, -1, 86, + 87, 88, 89, -1, -1, -1, -1, -1, -1, -1, 90, 91, -1, -1, + -1, -1, -1, -1, 92, -1, 93, -1, -1, -1, -1, 94 }; #ifdef __GNUC__ diff --git a/src/libstrongswan/crypto/proposal/proposal_keywords.txt b/src/libstrongswan/crypto/proposal/proposal_keywords.txt index 139d689ca..338993821 100644 --- a/src/libstrongswan/crypto/proposal/proposal_keywords.txt +++ b/src/libstrongswan/crypto/proposal/proposal_keywords.txt @@ -29,92 +29,98 @@ struct proposal_token { u_int16_t keysize; }; %% -null, ENCRYPTION_ALGORITHM, ENCR_NULL, 0 -des, ENCRYPTION_ALGORITHM, ENCR_DES, 0 -3des, ENCRYPTION_ALGORITHM, ENCR_3DES, 0 -aes, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128 -aes128, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128 -aes192, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 192 -aes256, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 256 -aes128ctr, ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 128 -aes192ctr, ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 192 -aes256ctr, ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 256 -aes128ccm8, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 128 -aes128ccm64, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 128 -aes128ccm12, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 128 -aes128ccm96, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 128 -aes128ccm16, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 128 -aes128ccm128, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 128 -aes192ccm8, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 192 -aes192ccm64, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 192 -aes192ccm12, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 192 -aes192ccm96, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 192 -aes192ccm16, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 192 -aes192ccm128, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 192 -aes256ccm8, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 256 -aes256ccm64, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 256 -aes256ccm12, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 256 -aes256ccm96, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 256 -aes256ccm16, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 256 -aes256ccm128, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 256 -aes128gcm8, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 128 -aes128gcm64, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 128 -aes128gcm12, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 128 -aes128gcm96, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 128 -aes128gcm16, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 128 -aes128gcm128, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 128 -aes192gcm8, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 192 -aes192gcm64, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 192 -aes192gcm12, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 192 -aes192gcm96, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 192 -aes192gcm16, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 192 -aes192gcm128, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 192 -aes256gcm8, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 256 -aes256gcm64, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 256 -aes256gcm12, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 256 -aes256gcm96, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 256 -aes256gcm16, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 256 -aes256gcm128, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 256 -blowfish, ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128 -blowfish128, ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128 -blowfish192, ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 192 -blowfish256, ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 256 -camellia, ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 128 -camellia128, ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 128 -camellia192, ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 192 -camellia256, ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 256 -cast128, ENCRYPTION_ALGORITHM, ENCR_CAST, 128 -serpent, ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128 -serpent128, ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128 -serpent192, ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 192 -serpent256, ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 256 -twofish, ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 128 -twofish128, ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 128 -twofish192, ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 192 -twofish256, ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 256 -sha, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0 -sha1, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0 -sha256, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0 -sha2_256, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0 -sha256_96, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_96, 0 -sha2_256_96, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_96, 0 -sha384, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0 -sha2_384, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0 -sha512, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0 -sha2_512, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0 -md5, INTEGRITY_ALGORITHM, AUTH_HMAC_MD5_96, 0 -aesxcbc, INTEGRITY_ALGORITHM, AUTH_AES_XCBC_96, 0 -modpnull, DIFFIE_HELLMAN_GROUP, MODP_NULL, 0 -modp768, DIFFIE_HELLMAN_GROUP, MODP_768_BIT, 0 -modp1024, DIFFIE_HELLMAN_GROUP, MODP_1024_BIT, 0 -modp1536, DIFFIE_HELLMAN_GROUP, MODP_1536_BIT, 0 -modp2048, DIFFIE_HELLMAN_GROUP, MODP_2048_BIT, 0 -modp3072, DIFFIE_HELLMAN_GROUP, MODP_3072_BIT, 0 -modp4096, DIFFIE_HELLMAN_GROUP, MODP_4096_BIT, 0 -modp6144, DIFFIE_HELLMAN_GROUP, MODP_6144_BIT, 0 -modp8192, DIFFIE_HELLMAN_GROUP, MODP_8192_BIT, 0 -ecp192, DIFFIE_HELLMAN_GROUP, ECP_192_BIT, 0 -ecp224, DIFFIE_HELLMAN_GROUP, ECP_224_BIT, 0 -ecp256, DIFFIE_HELLMAN_GROUP, ECP_256_BIT, 0 -ecp384, DIFFIE_HELLMAN_GROUP, ECP_384_BIT, 0 -ecp521, DIFFIE_HELLMAN_GROUP, ECP_521_BIT, 0 +null, ENCRYPTION_ALGORITHM, ENCR_NULL, 0 +des, ENCRYPTION_ALGORITHM, ENCR_DES, 0 +3des, ENCRYPTION_ALGORITHM, ENCR_3DES, 0 +aes, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128 +aes128, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128 +aes192, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 192 +aes256, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 256 +aes128ctr, ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 128 +aes192ctr, ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 192 +aes256ctr, ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 256 +aes128ccm8, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 128 +aes128ccm64, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 128 +aes128ccm12, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 128 +aes128ccm96, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 128 +aes128ccm16, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 128 +aes128ccm128, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 128 +aes192ccm8, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 192 +aes192ccm64, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 192 +aes192ccm12, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 192 +aes192ccm96, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 192 +aes192ccm16, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 192 +aes192ccm128, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 192 +aes256ccm8, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 256 +aes256ccm64, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 256 +aes256ccm12, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 256 +aes256ccm96, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 256 +aes256ccm16, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 256 +aes256ccm128, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 256 +aes128gcm8, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 128 +aes128gcm64, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 128 +aes128gcm12, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 128 +aes128gcm96, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 128 +aes128gcm16, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 128 +aes128gcm128, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 128 +aes192gcm8, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 192 +aes192gcm64, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 192 +aes192gcm12, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 192 +aes192gcm96, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 192 +aes192gcm16, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 192 +aes192gcm128, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 192 +aes256gcm8, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 256 +aes256gcm64, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 256 +aes256gcm12, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 256 +aes256gcm96, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 256 +aes256gcm16, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 256 +aes256gcm128, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 256 +aes128gmac, ENCRYPTION_ALGORITHM, ENCR_NULL_AUTH_AES_GMAC, 128 +aes192gmac, ENCRYPTION_ALGORITHM, ENCR_NULL_AUTH_AES_GMAC, 192 +aes256gmac, ENCRYPTION_ALGORITHM, ENCR_NULL_AUTH_AES_GMAC, 256 +blowfish, ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128 +blowfish128, ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128 +blowfish192, ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 192 +blowfish256, ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 256 +camellia, ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 128 +camellia128, ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 128 +camellia192, ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 192 +camellia256, ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 256 +cast128, ENCRYPTION_ALGORITHM, ENCR_CAST, 128 +serpent, ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128 +serpent128, ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128 +serpent192, ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 192 +serpent256, ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 256 +twofish, ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 128 +twofish128, ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 128 +twofish192, ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 192 +twofish256, ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 256 +sha, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0 +sha1, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0 +sha256, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0 +sha2_256, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0 +sha256_96, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_96, 0 +sha2_256_96, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_96, 0 +sha384, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0 +sha2_384, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0 +sha512, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0 +sha2_512, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0 +md5, INTEGRITY_ALGORITHM, AUTH_HMAC_MD5_96, 0 +aesxcbc, INTEGRITY_ALGORITHM, AUTH_AES_XCBC_96, 0 +modpnull, DIFFIE_HELLMAN_GROUP, MODP_NULL, 0 +modp768, DIFFIE_HELLMAN_GROUP, MODP_768_BIT, 0 +modp1024, DIFFIE_HELLMAN_GROUP, MODP_1024_BIT, 0 +modp1536, DIFFIE_HELLMAN_GROUP, MODP_1536_BIT, 0 +modp2048, DIFFIE_HELLMAN_GROUP, MODP_2048_BIT, 0 +modp3072, DIFFIE_HELLMAN_GROUP, MODP_3072_BIT, 0 +modp4096, DIFFIE_HELLMAN_GROUP, MODP_4096_BIT, 0 +modp6144, DIFFIE_HELLMAN_GROUP, MODP_6144_BIT, 0 +modp8192, DIFFIE_HELLMAN_GROUP, MODP_8192_BIT, 0 +ecp192, DIFFIE_HELLMAN_GROUP, ECP_192_BIT, 0 +ecp224, DIFFIE_HELLMAN_GROUP, ECP_224_BIT, 0 +ecp256, DIFFIE_HELLMAN_GROUP, ECP_256_BIT, 0 +ecp384, DIFFIE_HELLMAN_GROUP, ECP_384_BIT, 0 +ecp521, DIFFIE_HELLMAN_GROUP, ECP_521_BIT, 0 +modp1024s160, DIFFIE_HELLMAN_GROUP, MODP_1024_160, 0 +modp2048s224, DIFFIE_HELLMAN_GROUP, MODP_2048_224, 0 +modp2048s256, DIFFIE_HELLMAN_GROUP, MODP_2048_256, 0 diff --git a/src/libstrongswan/debug.c b/src/libstrongswan/debug.c index 51b7875d8..21a7e63dd 100644 --- a/src/libstrongswan/debug.c +++ b/src/libstrongswan/debug.c @@ -17,10 +17,36 @@ #include "debug.h" +ENUM(debug_names, DBG_DMN, DBG_LIB, + "DMN", + "MGR", + "IKE", + "CHD", + "JOB", + "CFG", + "KNL", + "NET", + "ENC", + "LIB", +); + +ENUM(debug_lower_names, DBG_DMN, DBG_LIB, + "dmn", + "mgr", + "ike", + "chd", + "job", + "cfg", + "knl", + "net", + "enc", + "lib", +); + /** * level logged by the default logger */ -static int default_level = 1; +static level_t default_level = 1; /** * stream logged to by the default logger @@ -30,7 +56,7 @@ static FILE *default_stream = NULL; /** * default dbg function which printf all to stderr */ -void dbg_default(int level, char *fmt, ...) +void dbg_default(debug_t group, level_t level, char *fmt, ...) { if (!default_stream) { @@ -50,7 +76,7 @@ void dbg_default(int level, char *fmt, ...) /** * set the level logged by the default stderr logger */ -void dbg_default_set_level(int level) +void dbg_default_set_level(level_t level) { default_level = level; } @@ -66,5 +92,5 @@ void dbg_default_set_stream(FILE *stream) /** * The registered debug hook. */ -void (*dbg) (int level, char *fmt, ...) = dbg_default; +void (*dbg) (debug_t group, level_t level, char *fmt, ...) = dbg_default; diff --git a/src/libstrongswan/debug.h b/src/libstrongswan/debug.h index 085795acb..a21111d93 100644 --- a/src/libstrongswan/debug.h +++ b/src/libstrongswan/debug.h @@ -21,26 +21,95 @@ #ifndef DEBUG_H_ #define DEBUG_H_ +typedef enum debug_t debug_t; +typedef enum level_t level_t; + #include <stdio.h> +#include "enum.h" + +/** + * Debug message group. + */ +enum debug_t { + /** daemon specific */ + DBG_DMN, + /** IKE_SA_MANAGER */ + DBG_MGR, + /** IKE_SA */ + DBG_IKE, + /** CHILD_SA */ + DBG_CHD, + /** job processing */ + DBG_JOB, + /** configuration backends */ + DBG_CFG, + /** kernel interface */ + DBG_KNL, + /** networking/sockets */ + DBG_NET, + /** message encoding/decoding */ + DBG_ENC, + /** libstrongswan */ + DBG_LIB, + /** number of groups */ + DBG_MAX, + /** pseudo group with all groups */ + DBG_ANY = DBG_MAX, +}; + +/** + * short names of debug message group. + */ +extern enum_name_t *debug_names; + +/** + * short names of debug message group, lower case. + */ +extern enum_name_t *debug_lower_names; + +/** + * Debug levels used to control output verbosity. + */ +enum level_t { + /** absolutely silent */ + LEVEL_SILENT = -1, + /** most important auditing logs */ + LEVEL_AUDIT = 0, + /** control flow */ + LEVEL_CTRL = 1, + /** diagnose problems */ + LEVEL_DIAG = 2, + /** raw binary blobs */ + LEVEL_RAW = 3, + /** including sensitive data (private keys) */ + LEVEL_PRIVATE = 4, +}; + #ifndef DEBUG_LEVEL # define DEBUG_LEVEL 4 #endif /* DEBUG_LEVEL */ /** debug macros, they call the dbg function hook */ +#if DEBUG_LEVEL >= 0 +# define DBG0(group, fmt, ...) dbg(group, 0, fmt, ##__VA_ARGS__) +#endif /* DEBUG_LEVEL */ #if DEBUG_LEVEL >= 1 -# define DBG1(fmt, ...) dbg(1, fmt, ##__VA_ARGS__) +# define DBG1(group, fmt, ...) dbg(group, 1, fmt, ##__VA_ARGS__) #endif /* DEBUG_LEVEL */ #if DEBUG_LEVEL >= 2 -# define DBG2(fmt, ...) dbg(2, fmt, ##__VA_ARGS__) +# define DBG2(group, fmt, ...) dbg(group, 2, fmt, ##__VA_ARGS__) #endif /* DEBUG_LEVEL */ #if DEBUG_LEVEL >= 3 -# define DBG3(fmt, ...) dbg(3, fmt, ##__VA_ARGS__) +# define DBG3(group, fmt, ...) dbg(group, 3, fmt, ##__VA_ARGS__) #endif /* DEBUG_LEVEL */ #if DEBUG_LEVEL >= 4 -# define DBG4(fmt, ...) dbg(4, fmt, ##__VA_ARGS__) +# define DBG4(group, fmt, ...) dbg(group, 4, fmt, ##__VA_ARGS__) #endif /* DEBUG_LEVEL */ +#ifndef DBG0 +# define DBG0(...) {} +#endif #ifndef DBG1 # define DBG1(...) {} #endif @@ -55,13 +124,13 @@ #endif /** dbg function hook, uses dbg_default() by default */ -extern void (*dbg) (int level, char *fmt, ...); +extern void (*dbg) (debug_t group, level_t level, char *fmt, ...); /** default logging function */ -void dbg_default(int level, char *fmt, ...); +void dbg_default(debug_t group, level_t level, char *fmt, ...); /** set the level logged by dbg_default() */ -void dbg_default_set_level(int level); +void dbg_default_set_level(level_t level); /** set the stream logged by dbg_default() to */ void dbg_default_set_stream(FILE *stream); diff --git a/src/libstrongswan/enum.h b/src/libstrongswan/enum.h index 6b9fd7eaa..691f9f2bc 100644 --- a/src/libstrongswan/enum.h +++ b/src/libstrongswan/enum.h @@ -22,7 +22,7 @@ #ifndef ENUM_H_ #define ENUM_H_ -#include <printf_hook.h> +#include "printf_hook.h" typedef struct enum_name_t enum_name_t; diff --git a/src/libstrongswan/fetcher/fetcher_manager.c b/src/libstrongswan/fetcher/fetcher_manager.c index b73bfacf6..c81de032c 100644 --- a/src/libstrongswan/fetcher/fetcher_manager.c +++ b/src/libstrongswan/fetcher/fetcher_manager.c @@ -134,7 +134,7 @@ static status_t fetch(private_fetcher_manager_t *this, this->lock->unlock(this->lock); if (!capable) { - DBG1("unable to fetch from %s, no capable fetcher found", url); + DBG1(DBG_LIB, "unable to fetch from %s, no capable fetcher found", url); } return status; } diff --git a/src/libstrongswan/integrity_checker.c b/src/libstrongswan/integrity_checker.c index 51da4e725..c9cad44ae 100644 --- a/src/libstrongswan/integrity_checker.c +++ b/src/libstrongswan/integrity_checker.c @@ -26,8 +26,8 @@ #include <sys/stat.h> #include <sys/types.h> -#include <debug.h> -#include <library.h> +#include "debug.h" +#include "library.h" typedef struct private_integrity_checker_t private_integrity_checker_t; @@ -72,13 +72,14 @@ static u_int32_t build_file(private_integrity_checker_t *this, char *file, fd = open(file, O_RDONLY); if (fd == -1) { - DBG1(" opening '%s' failed: %s", file, strerror(errno)); + DBG1(DBG_LIB, " opening '%s' failed: %s", file, strerror(errno)); return 0; } if (fstat(fd, &sb) == -1) { - DBG1(" getting file size of '%s' failed: %s", file, strerror(errno)); + DBG1(DBG_LIB, " getting file size of '%s' failed: %s", file, + strerror(errno)); close(fd); return 0; } @@ -86,7 +87,7 @@ static u_int32_t build_file(private_integrity_checker_t *this, char *file, addr = mmap(NULL, sb.st_size, PROT_READ, MAP_PRIVATE, fd, 0); if (addr == MAP_FAILED) { - DBG1(" mapping '%s' failed: %s", file, strerror(errno)); + DBG1(DBG_LIB, " mapping '%s' failed: %s", file, strerror(errno)); close(fd); return 0; } @@ -146,13 +147,13 @@ static u_int32_t build_segment(private_integrity_checker_t *this, void *sym, if (dladdr(sym, &dli) == 0) { - DBG1(" unable to locate symbol: %s", dlerror()); + DBG1(DBG_LIB, " unable to locate symbol: %s", dlerror()); return 0; } /* we reuse the Dl_info struct as in/out parameter */ if (!dl_iterate_phdr((void*)callback, &dli)) { - DBG1(" executable section not found"); + DBG1(DBG_LIB, " executable section not found"); return 0; } @@ -192,7 +193,7 @@ static bool check_file(private_integrity_checker_t *this, cs = find_checksum(this, name); if (!cs) { - DBG1(" '%s' file checksum not found", name); + DBG1(DBG_LIB, " '%s' file checksum not found", name); return FALSE; } sum = build_file(this, file, &len); @@ -202,17 +203,17 @@ static bool check_file(private_integrity_checker_t *this, } if (cs->file_len != len) { - DBG1(" invalid '%s' file size: %u bytes, expected %u bytes", + DBG1(DBG_LIB, " invalid '%s' file size: %u bytes, expected %u bytes", name, len, cs->file_len); return FALSE; } if (cs->file != sum) { - DBG1(" invalid '%s' file checksum: %08x, expected %08x", + DBG1(DBG_LIB, " invalid '%s' file checksum: %08x, expected %08x", name, sum, cs->file); return FALSE; } - DBG2(" valid '%s' file checksum: %08x", name, sum); + DBG2(DBG_LIB, " valid '%s' file checksum: %08x", name, sum); return TRUE; } @@ -229,7 +230,7 @@ static bool check_segment(private_integrity_checker_t *this, cs = find_checksum(this, name); if (!cs) { - DBG1(" '%s' segment checksum not found", name); + DBG1(DBG_LIB, " '%s' segment checksum not found", name); return FALSE; } sum = build_segment(this, sym, &len); @@ -239,17 +240,17 @@ static bool check_segment(private_integrity_checker_t *this, } if (cs->segment_len != len) { - DBG1(" invalid '%s' segment size: %u bytes, expected %u bytes", - name, len, cs->segment_len); + DBG1(DBG_LIB, " invalid '%s' segment size: %u bytes," + " expected %u bytes", name, len, cs->segment_len); return FALSE; } if (cs->segment != sum) { - DBG1(" invalid '%s' segment checksum: %08x, expected %08x", + DBG1(DBG_LIB, " invalid '%s' segment checksum: %08x, expected %08x", name, sum, cs->segment); return FALSE; } - DBG2(" valid '%s' segment checksum: %08x", name, sum); + DBG2(DBG_LIB, " valid '%s' segment checksum: %08x", name, sum); return TRUE; } @@ -262,7 +263,7 @@ static bool check(private_integrity_checker_t *this, char *name, void *sym) if (dladdr(sym, &dli) == 0) { - DBG1("unable to locate symbol: %s", dlerror()); + DBG1(DBG_LIB, "unable to locate symbol: %s", dlerror()); return FALSE; } if (!check_file(this, name, (char*)dli.dli_fname)) @@ -319,12 +320,14 @@ integrity_checker_t *integrity_checker_create(char *checksum_library) } else { - DBG1("checksum library '%s' invalid", checksum_library); + DBG1(DBG_LIB, "checksum library '%s' invalid", + checksum_library); } } else { - DBG1("loading checksum library '%s' failed", checksum_library); + DBG1(DBG_LIB, "loading checksum library '%s' failed", + checksum_library); } } return &this->public; diff --git a/src/libstrongswan/integrity_checker.h b/src/libstrongswan/integrity_checker.h index 7349353f3..55a4658f7 100644 --- a/src/libstrongswan/integrity_checker.h +++ b/src/libstrongswan/integrity_checker.h @@ -21,8 +21,8 @@ #ifndef INTEGRITY_CHECKER_H_ #define INTEGRITY_CHECKER_H_ -#include <utils.h> -#include <plugins/plugin.h> +#include "utils.h" +#include "plugins/plugin.h" typedef struct integrity_checker_t integrity_checker_t; typedef struct integrity_checksum_t integrity_checksum_t; diff --git a/src/libstrongswan/library.c b/src/libstrongswan/library.c index 4e8bb87d0..108ac2ca0 100644 --- a/src/libstrongswan/library.c +++ b/src/libstrongswan/library.c @@ -18,14 +18,12 @@ #include <stdlib.h> -#include <utils.h> -#include <chunk.h> -#include <debug.h> -#include <threading/thread.h> -#include <utils/identification.h> -#include <utils/host.h> +#include "debug.h" +#include "threading/thread.h" +#include "utils/identification.h" +#include "utils/host.h" #ifdef LEAK_DETECTIVE -#include <utils/leak_detective.h> +#include "utils/leak_detective.h" #endif #define CHECKSUM_LIBRARY IPSEC_DIR"/libchecksum.so" @@ -68,7 +66,6 @@ void library_deinit() this->public.encoding->destroy(this->public.encoding); this->public.crypto->destroy(this->public.crypto); this->public.fetcher->destroy(this->public.fetcher); - this->public.attributes->destroy(this->public.attributes); this->public.db->destroy(this->public.db); this->public.printf_hook->destroy(this->public.printf_hook); if (this->public.integrity) @@ -133,7 +130,6 @@ bool library_init(char *settings) this->public.creds = credential_factory_create(); this->public.encoding = key_encoding_create(); this->public.fetcher = fetcher_manager_create(); - this->public.attributes = attribute_manager_create(); this->public.db = database_factory_create(); this->public.plugins = plugin_loader_create(); this->public.integrity = NULL; @@ -145,11 +141,11 @@ bool library_init(char *settings) this->public.integrity = integrity_checker_create(CHECKSUM_LIBRARY); if (!lib->integrity->check(lib->integrity, "libstrongswan", library_init)) { - DBG1("integrity check of libstrongswan failed"); + DBG1(DBG_LIB, "integrity check of libstrongswan failed"); return FALSE; } #else /* !INTEGRITY_TEST */ - DBG1("integrity test enabled, but not supported"); + DBG1(DBG_LIB, "integrity test enabled, but not supported"); return FALSE; #endif /* INTEGRITY_TEST */ } diff --git a/src/libstrongswan/library.h b/src/libstrongswan/library.h index 78a6fe0a9..241084155 100644 --- a/src/libstrongswan/library.h +++ b/src/libstrongswan/library.h @@ -55,18 +55,17 @@ #ifndef LIBRARY_H_ #define LIBRARY_H_ -#include <printf_hook.h> -#include <utils.h> -#include <chunk.h> -#include <settings.h> -#include <integrity_checker.h> -#include <plugins/plugin_loader.h> -#include <crypto/crypto_factory.h> -#include <fetcher/fetcher_manager.h> -#include <attributes/attribute_manager.h> -#include <database/database_factory.h> -#include <credentials/credential_factory.h> -#include <credentials/keys/key_encoding.h> +#include "printf_hook.h" +#include "utils.h" +#include "chunk.h" +#include "settings.h" +#include "integrity_checker.h" +#include "plugins/plugin_loader.h" +#include "crypto/crypto_factory.h" +#include "fetcher/fetcher_manager.h" +#include "database/database_factory.h" +#include "credentials/credential_factory.h" +#include "credentials/keys/key_encoding.h" typedef struct library_t library_t; @@ -101,11 +100,6 @@ struct library_t { fetcher_manager_t *fetcher; /** - * manager for payload attributes - */ - attribute_manager_t *attributes; - - /** * database construction factory */ database_factory_t *db; diff --git a/src/libstrongswan/plugins/aes/Makefile.am b/src/libstrongswan/plugins/aes/Makefile.am index a3101172f..e72daeb44 100644 --- a/src/libstrongswan/plugins/aes/Makefile.am +++ b/src/libstrongswan/plugins/aes/Makefile.am @@ -3,8 +3,13 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic +if MONOLITHIC +noinst_LTLIBRARIES = libstrongswan-aes.la +else plugin_LTLIBRARIES = libstrongswan-aes.la +endif -libstrongswan_aes_la_SOURCES = aes_plugin.h aes_plugin.c aes_crypter.c aes_crypter.h -libstrongswan_aes_la_LDFLAGS = -module -avoid-version +libstrongswan_aes_la_SOURCES = \ + aes_plugin.h aes_plugin.c aes_crypter.c aes_crypter.h +libstrongswan_aes_la_LDFLAGS = -module -avoid-version diff --git a/src/libstrongswan/plugins/aes/Makefile.in b/src/libstrongswan/plugins/aes/Makefile.in index 03ef465e0..391d23049 100644 --- a/src/libstrongswan/plugins/aes/Makefile.in +++ b/src/libstrongswan/plugins/aes/Makefile.in @@ -72,13 +72,15 @@ am__base_list = \ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' am__installdirs = "$(DESTDIR)$(plugindir)" -LTLIBRARIES = $(plugin_LTLIBRARIES) +LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES) libstrongswan_aes_la_LIBADD = am_libstrongswan_aes_la_OBJECTS = aes_plugin.lo aes_crypter.lo libstrongswan_aes_la_OBJECTS = $(am_libstrongswan_aes_la_OBJECTS) libstrongswan_aes_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(libstrongswan_aes_la_LDFLAGS) $(LDFLAGS) -o $@ +@MONOLITHIC_FALSE@am_libstrongswan_aes_la_rpath = -rpath $(plugindir) +@MONOLITHIC_TRUE@am_libstrongswan_aes_la_rpath = DEFAULT_INCLUDES = -I.@am__isrc@ depcomp = $(SHELL) $(top_srcdir)/depcomp am__depfiles_maybe = depfiles @@ -217,6 +219,7 @@ ipsecuid = @ipsecuid@ ipsecuser = @ipsecuser@ libdir = @libdir@ libexecdir = @libexecdir@ +libhydra_plugins = @libhydra_plugins@ libstrongswan_plugins = @libstrongswan_plugins@ linux_headers = @linux_headers@ localedir = @localedir@ @@ -253,8 +256,11 @@ xml_CFLAGS = @xml_CFLAGS@ xml_LIBS = @xml_LIBS@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic -plugin_LTLIBRARIES = libstrongswan-aes.la -libstrongswan_aes_la_SOURCES = aes_plugin.h aes_plugin.c aes_crypter.c aes_crypter.h +@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-aes.la +@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-aes.la +libstrongswan_aes_la_SOURCES = \ + aes_plugin.h aes_plugin.c aes_crypter.c aes_crypter.h + libstrongswan_aes_la_LDFLAGS = -module -avoid-version all: all-am @@ -290,6 +296,15 @@ $(top_srcdir)/configure: $(am__configure_deps) $(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(am__aclocal_m4_deps): + +clean-noinstLTLIBRARIES: + -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES) + @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES) @$(NORMAL_INSTALL) test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)" @@ -322,7 +337,7 @@ clean-pluginLTLIBRARIES: rm -f "$${dir}/so_locations"; \ done libstrongswan-aes.la: $(libstrongswan_aes_la_OBJECTS) $(libstrongswan_aes_la_DEPENDENCIES) - $(libstrongswan_aes_la_LINK) -rpath $(plugindir) $(libstrongswan_aes_la_OBJECTS) $(libstrongswan_aes_la_LIBADD) $(LIBS) + $(libstrongswan_aes_la_LINK) $(am_libstrongswan_aes_la_rpath) $(libstrongswan_aes_la_OBJECTS) $(libstrongswan_aes_la_LIBADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) @@ -476,8 +491,8 @@ maintainer-clean-generic: @echo "it deletes files that may require special tools to rebuild." clean: clean-am -clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \ - mostlyclean-am +clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \ + clean-pluginLTLIBRARIES mostlyclean-am distclean: distclean-am -rm -rf ./$(DEPDIR) @@ -548,18 +563,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES .MAKE: install-am install-strip .PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ - clean-libtool clean-pluginLTLIBRARIES ctags distclean \ - distclean-compile distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-pluginLTLIBRARIES \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-pluginLTLIBRARIES + clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \ + ctags distclean distclean-compile distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-man install-pdf install-pdf-am \ + install-pluginLTLIBRARIES install-ps install-ps-am \ + install-strip installcheck installcheck-am installdirs \ + maintainer-clean maintainer-clean-generic mostlyclean \ + mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ + pdf pdf-am ps ps-am tags uninstall uninstall-am \ + uninstall-pluginLTLIBRARIES # Tell versions [3.59,3.63) of GNU make to not export all variables. diff --git a/src/libstrongswan/plugins/aes/aes_plugin.c b/src/libstrongswan/plugins/aes/aes_plugin.c index c6215cc7f..1e920f8cc 100644 --- a/src/libstrongswan/plugins/aes/aes_plugin.c +++ b/src/libstrongswan/plugins/aes/aes_plugin.c @@ -44,7 +44,7 @@ static void destroy(private_aes_plugin_t *this) /* * see header file */ -plugin_t *plugin_create() +plugin_t *aes_plugin_create() { private_aes_plugin_t *this = malloc_thing(private_aes_plugin_t); diff --git a/src/libstrongswan/plugins/aes/aes_plugin.h b/src/libstrongswan/plugins/aes/aes_plugin.h index a6ff620ed..f0f0e8154 100644 --- a/src/libstrongswan/plugins/aes/aes_plugin.h +++ b/src/libstrongswan/plugins/aes/aes_plugin.h @@ -39,9 +39,4 @@ struct aes_plugin_t { plugin_t plugin; }; -/** - * Create a aes_plugin instance. - */ -plugin_t *plugin_create(); - #endif /** AES_PLUGIN_H_ @}*/ diff --git a/src/libstrongswan/plugins/agent/Makefile.am b/src/libstrongswan/plugins/agent/Makefile.am index e1000e562..ffa6e8b7f 100644 --- a/src/libstrongswan/plugins/agent/Makefile.am +++ b/src/libstrongswan/plugins/agent/Makefile.am @@ -3,10 +3,14 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic +if MONOLITHIC +noinst_LTLIBRARIES = libstrongswan-agent.la +else plugin_LTLIBRARIES = libstrongswan-agent.la +endif -libstrongswan_agent_la_SOURCES = agent_plugin.h agent_plugin.c \ - agent_private_key.c agent_private_key.h +libstrongswan_agent_la_SOURCES = \ + agent_plugin.h agent_plugin.c \ + agent_private_key.c agent_private_key.h libstrongswan_agent_la_LDFLAGS = -module -avoid-version - diff --git a/src/libstrongswan/plugins/agent/Makefile.in b/src/libstrongswan/plugins/agent/Makefile.in index 5bf52aa56..bd6465374 100644 --- a/src/libstrongswan/plugins/agent/Makefile.in +++ b/src/libstrongswan/plugins/agent/Makefile.in @@ -72,7 +72,7 @@ am__base_list = \ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' am__installdirs = "$(DESTDIR)$(plugindir)" -LTLIBRARIES = $(plugin_LTLIBRARIES) +LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES) libstrongswan_agent_la_LIBADD = am_libstrongswan_agent_la_OBJECTS = agent_plugin.lo \ agent_private_key.lo @@ -80,6 +80,9 @@ libstrongswan_agent_la_OBJECTS = $(am_libstrongswan_agent_la_OBJECTS) libstrongswan_agent_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(libstrongswan_agent_la_LDFLAGS) $(LDFLAGS) -o $@ +@MONOLITHIC_FALSE@am_libstrongswan_agent_la_rpath = -rpath \ +@MONOLITHIC_FALSE@ $(plugindir) +@MONOLITHIC_TRUE@am_libstrongswan_agent_la_rpath = DEFAULT_INCLUDES = -I.@am__isrc@ depcomp = $(SHELL) $(top_srcdir)/depcomp am__depfiles_maybe = depfiles @@ -218,6 +221,7 @@ ipsecuid = @ipsecuid@ ipsecuser = @ipsecuser@ libdir = @libdir@ libexecdir = @libexecdir@ +libhydra_plugins = @libhydra_plugins@ libstrongswan_plugins = @libstrongswan_plugins@ linux_headers = @linux_headers@ localedir = @localedir@ @@ -254,9 +258,11 @@ xml_CFLAGS = @xml_CFLAGS@ xml_LIBS = @xml_LIBS@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic -plugin_LTLIBRARIES = libstrongswan-agent.la -libstrongswan_agent_la_SOURCES = agent_plugin.h agent_plugin.c \ - agent_private_key.c agent_private_key.h +@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-agent.la +@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-agent.la +libstrongswan_agent_la_SOURCES = \ + agent_plugin.h agent_plugin.c \ + agent_private_key.c agent_private_key.h libstrongswan_agent_la_LDFLAGS = -module -avoid-version all: all-am @@ -293,6 +299,15 @@ $(top_srcdir)/configure: $(am__configure_deps) $(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(am__aclocal_m4_deps): + +clean-noinstLTLIBRARIES: + -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES) + @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES) @$(NORMAL_INSTALL) test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)" @@ -325,7 +340,7 @@ clean-pluginLTLIBRARIES: rm -f "$${dir}/so_locations"; \ done libstrongswan-agent.la: $(libstrongswan_agent_la_OBJECTS) $(libstrongswan_agent_la_DEPENDENCIES) - $(libstrongswan_agent_la_LINK) -rpath $(plugindir) $(libstrongswan_agent_la_OBJECTS) $(libstrongswan_agent_la_LIBADD) $(LIBS) + $(libstrongswan_agent_la_LINK) $(am_libstrongswan_agent_la_rpath) $(libstrongswan_agent_la_OBJECTS) $(libstrongswan_agent_la_LIBADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) @@ -479,8 +494,8 @@ maintainer-clean-generic: @echo "it deletes files that may require special tools to rebuild." clean: clean-am -clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \ - mostlyclean-am +clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \ + clean-pluginLTLIBRARIES mostlyclean-am distclean: distclean-am -rm -rf ./$(DEPDIR) @@ -551,18 +566,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES .MAKE: install-am install-strip .PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ - clean-libtool clean-pluginLTLIBRARIES ctags distclean \ - distclean-compile distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-pluginLTLIBRARIES \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-pluginLTLIBRARIES + clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \ + ctags distclean distclean-compile distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-man install-pdf install-pdf-am \ + install-pluginLTLIBRARIES install-ps install-ps-am \ + install-strip installcheck installcheck-am installdirs \ + maintainer-clean maintainer-clean-generic mostlyclean \ + mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ + pdf pdf-am ps ps-am tags uninstall uninstall-am \ + uninstall-pluginLTLIBRARIES # Tell versions [3.59,3.63) of GNU make to not export all variables. diff --git a/src/libstrongswan/plugins/agent/agent_plugin.c b/src/libstrongswan/plugins/agent/agent_plugin.c index 299b2cc1d..d40b437bb 100644 --- a/src/libstrongswan/plugins/agent/agent_plugin.c +++ b/src/libstrongswan/plugins/agent/agent_plugin.c @@ -44,7 +44,7 @@ static void destroy(private_agent_plugin_t *this) /* * see header file */ -plugin_t *plugin_create() +plugin_t *agent_plugin_create() { private_agent_plugin_t *this = malloc_thing(private_agent_plugin_t); diff --git a/src/libstrongswan/plugins/agent/agent_plugin.h b/src/libstrongswan/plugins/agent/agent_plugin.h index e49af42d8..d352c305c 100644 --- a/src/libstrongswan/plugins/agent/agent_plugin.h +++ b/src/libstrongswan/plugins/agent/agent_plugin.h @@ -39,9 +39,4 @@ struct agent_plugin_t { plugin_t plugin; }; -/** - * Create a agent_plugin instance. - */ -plugin_t *plugin_create(); - #endif /** AGENT_PLUGIN_H_ @}*/ diff --git a/src/libstrongswan/plugins/agent/agent_private_key.c b/src/libstrongswan/plugins/agent/agent_private_key.c index d0a2da87f..4247f849e 100644 --- a/src/libstrongswan/plugins/agent/agent_private_key.c +++ b/src/libstrongswan/plugins/agent/agent_private_key.c @@ -137,7 +137,8 @@ static int open_connection(char *path) s = socket(AF_UNIX, SOCK_STREAM, 0); if (s == -1) { - DBG1("opening ssh-agent socket %s failed: %s:", path, strerror(errno)); + DBG1(DBG_LIB, "opening ssh-agent socket %s failed: %s:", path, + strerror(errno)); return -1; } @@ -147,7 +148,8 @@ static int open_connection(char *path) if (connect(s, (struct sockaddr*)&addr, SUN_LEN(&addr)) != 0) { - DBG1("connecting to ssh-agent socket failed: %s", strerror(errno)); + DBG1(DBG_LIB, "connecting to ssh-agent socket failed: %s", + strerror(errno)); close(s); return -1; } @@ -168,7 +170,7 @@ static bool read_key(private_agent_private_key_t *this, public_key_t *pubkey) if (write(this->socket, &len, sizeof(len)) != sizeof(len) || write(this->socket, &buf, 1) != 1) { - DBG1("writing to ssh-agent failed"); + DBG1(DBG_LIB, "writing to ssh-agent failed"); return FALSE; } @@ -179,7 +181,7 @@ static bool read_key(private_agent_private_key_t *this, public_key_t *pubkey) read_uint32(&blob) != blob.len || read_byte(&blob) != SSH_AGENT_ID_RESPONSE) { - DBG1("received invalid ssh-agent identity response"); + DBG1(DBG_LIB, "received invalid ssh-agent identity response"); return FALSE; } count = read_uint32(&blob); @@ -231,7 +233,7 @@ static bool sign(private_agent_private_key_t *this, signature_scheme_t scheme, if (scheme != SIGN_RSA_EMSA_PKCS1_SHA1) { - DBG1("signature scheme %N not supported by ssh-agent", + DBG1(DBG_LIB, "signature scheme %N not supported by ssh-agent", signature_scheme_names, scheme); return FALSE; } @@ -241,7 +243,7 @@ static bool sign(private_agent_private_key_t *this, signature_scheme_t scheme, if (write(this->socket, &len, sizeof(len)) != sizeof(len) || write(this->socket, &buf, 1) != 1) { - DBG1("writing to ssh-agent failed"); + DBG1(DBG_LIB, "writing to ssh-agent failed"); return FALSE; } @@ -249,7 +251,7 @@ static bool sign(private_agent_private_key_t *this, signature_scheme_t scheme, if (write(this->socket, &len, sizeof(len)) != sizeof(len) || write(this->socket, this->key.ptr, this->key.len) != this->key.len) { - DBG1("writing to ssh-agent failed"); + DBG1(DBG_LIB, "writing to ssh-agent failed"); return FALSE; } @@ -257,14 +259,14 @@ static bool sign(private_agent_private_key_t *this, signature_scheme_t scheme, if (write(this->socket, &len, sizeof(len)) != sizeof(len) || write(this->socket, data.ptr, data.len) != data.len) { - DBG1("writing to ssh-agent failed"); + DBG1(DBG_LIB, "writing to ssh-agent failed"); return FALSE; } flags = htonl(0); if (write(this->socket, &flags, sizeof(flags)) != sizeof(flags)) { - DBG1("writing to ssh-agent failed"); + DBG1(DBG_LIB, "writing to ssh-agent failed"); return FALSE; } @@ -274,7 +276,7 @@ static bool sign(private_agent_private_key_t *this, signature_scheme_t scheme, read_uint32(&blob) != blob.len || read_byte(&blob) != SSH_AGENT_SIGN_RESPONSE) { - DBG1("received invalid ssh-agent signature response"); + DBG1(DBG_LIB, "received invalid ssh-agent signature response"); return FALSE; } /* parse length */ @@ -285,7 +287,7 @@ static bool sign(private_agent_private_key_t *this, signature_scheme_t scheme, blob = read_string(&blob); if (!blob.len) { - DBG1("received invalid ssh-agent signature response"); + DBG1(DBG_LIB, "received invalid ssh-agent signature response"); return FALSE; } *signature = chunk_clone(blob); @@ -306,7 +308,7 @@ static key_type_t get_type(private_agent_private_key_t *this) static bool decrypt(private_agent_private_key_t *this, chunk_t crypto, chunk_t *plain) { - DBG1("private key decryption not supported by ssh-agent"); + DBG1(DBG_LIB, "private key decryption not supported by ssh-agent"); return FALSE; } diff --git a/src/libstrongswan/plugins/attr_sql/Makefile.am b/src/libstrongswan/plugins/attr_sql/Makefile.am deleted file mode 100644 index 5be310abf..000000000 --- a/src/libstrongswan/plugins/attr_sql/Makefile.am +++ /dev/null @@ -1,15 +0,0 @@ - -INCLUDES = -I$(top_srcdir)/src/libstrongswan - -AM_CFLAGS = -rdynamic \ - -DPLUGINS=\""${libstrongswan_plugins}\"" - -plugin_LTLIBRARIES = libstrongswan-attr-sql.la -libstrongswan_attr_sql_la_SOURCES = \ - attr_sql_plugin.h attr_sql_plugin.c \ - sql_attribute.h sql_attribute.c -libstrongswan_attr_sql_la_LDFLAGS = -module -avoid-version - -ipsec_PROGRAMS = pool -pool_SOURCES = pool.c -pool_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la diff --git a/src/libstrongswan/plugins/attr_sql/Makefile.in b/src/libstrongswan/plugins/attr_sql/Makefile.in deleted file mode 100644 index e157a9b78..000000000 --- a/src/libstrongswan/plugins/attr_sql/Makefile.in +++ /dev/null @@ -1,633 +0,0 @@ -# Makefile.in generated by automake 1.11 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, -# Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkglibexecdir = $(libexecdir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -ipsec_PROGRAMS = pool$(EXEEXT) -subdir = src/libstrongswan/plugins/attr_sql -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \ - $(top_srcdir)/m4/config/ltoptions.m4 \ - $(top_srcdir)/m4/config/ltsugar.m4 \ - $(top_srcdir)/m4/config/ltversion.m4 \ - $(top_srcdir)/m4/config/lt~obsolete.m4 \ - $(top_srcdir)/m4/macros/with.m4 \ - $(top_srcdir)/m4/macros/enable-disable.m4 \ - $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_CLEAN_FILES = -CONFIG_CLEAN_VPATH_FILES = -am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; -am__vpath_adj = case $$p in \ - $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ - *) f=$$p;; \ - esac; -am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; -am__install_max = 40 -am__nobase_strip_setup = \ - srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` -am__nobase_strip = \ - for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" -am__nobase_list = $(am__nobase_strip_setup); \ - for p in $$list; do echo "$$p $$p"; done | \ - sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ - $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ - if (++n[$$2] == $(am__install_max)) \ - { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ - END { for (dir in files) print dir, files[dir] }' -am__base_list = \ - sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ - sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' -am__installdirs = "$(DESTDIR)$(plugindir)" "$(DESTDIR)$(ipsecdir)" -LTLIBRARIES = $(plugin_LTLIBRARIES) -libstrongswan_attr_sql_la_LIBADD = -am_libstrongswan_attr_sql_la_OBJECTS = attr_sql_plugin.lo \ - sql_attribute.lo -libstrongswan_attr_sql_la_OBJECTS = \ - $(am_libstrongswan_attr_sql_la_OBJECTS) -libstrongswan_attr_sql_la_LINK = $(LIBTOOL) --tag=CC \ - $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \ - $(AM_CFLAGS) $(CFLAGS) $(libstrongswan_attr_sql_la_LDFLAGS) \ - $(LDFLAGS) -o $@ -PROGRAMS = $(ipsec_PROGRAMS) -am_pool_OBJECTS = pool.$(OBJEXT) -pool_OBJECTS = $(am_pool_OBJECTS) -pool_DEPENDENCIES = \ - $(top_builddir)/src/libstrongswan/libstrongswan.la -DEFAULT_INCLUDES = -I.@am__isrc@ -depcomp = $(SHELL) $(top_srcdir)/depcomp -am__depfiles_maybe = depfiles -am__mv = mv -f -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ - $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ - $(LDFLAGS) -o $@ -SOURCES = $(libstrongswan_attr_sql_la_SOURCES) $(pool_SOURCES) -DIST_SOURCES = $(libstrongswan_attr_sql_la_SOURCES) $(pool_SOURCES) -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -ALLOCA = @ALLOCA@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -BTLIB = @BTLIB@ -CC = @CC@ -CCDEPMODE = @CCDEPMODE@ -CFLAGS = @CFLAGS@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DEFS = @DEFS@ -DEPDIR = @DEPDIR@ -DLLIB = @DLLIB@ -DSYMUTIL = @DSYMUTIL@ -DUMPBIN = @DUMPBIN@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -FGREP = @FGREP@ -GPERF = @GPERF@ -GREP = @GREP@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LD = @LD@ -LDFLAGS = @LDFLAGS@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIPO = @LIPO@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -MYSQLCFLAG = @MYSQLCFLAG@ -MYSQLCONFIG = @MYSQLCONFIG@ -MYSQLLIB = @MYSQLLIB@ -NM = @NM@ -NMEDIT = @NMEDIT@ -OBJDUMP = @OBJDUMP@ -OBJEXT = @OBJEXT@ -OTOOL = @OTOOL@ -OTOOL64 = @OTOOL64@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_URL = @PACKAGE_URL@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PERL = @PERL@ -PKG_CONFIG = @PKG_CONFIG@ -PTHREADLIB = @PTHREADLIB@ -RANLIB = @RANLIB@ -RTLIB = @RTLIB@ -RUBY = @RUBY@ -RUBYINCLUDE = @RUBYINCLUDE@ -SED = @SED@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -SOCKLIB = @SOCKLIB@ -STRIP = @STRIP@ -VERSION = @VERSION@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ -am__include = @am__include@ -am__leading_dot = @am__leading_dot@ -am__quote = @am__quote@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -default_pkcs11 = @default_pkcs11@ -docdir = @docdir@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -gtk_CFLAGS = @gtk_CFLAGS@ -gtk_LIBS = @gtk_LIBS@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -ipsecdir = @ipsecdir@ -ipsecgid = @ipsecgid@ -ipsecgroup = @ipsecgroup@ -ipsecuid = @ipsecuid@ -ipsecuser = @ipsecuser@ -libdir = @libdir@ -libexecdir = @libexecdir@ -libstrongswan_plugins = @libstrongswan_plugins@ -linux_headers = @linux_headers@ -localedir = @localedir@ -localstatedir = @localstatedir@ -lt_ECHO = @lt_ECHO@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -nm_CFLAGS = @nm_CFLAGS@ -nm_LIBS = @nm_LIBS@ -nm_ca_dir = @nm_ca_dir@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -piddir = @piddir@ -plugindir = @plugindir@ -pluto_plugins = @pluto_plugins@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -random_device = @random_device@ -resolv_conf = @resolv_conf@ -routing_table = @routing_table@ -routing_table_prio = @routing_table_prio@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -strongswan_conf = @strongswan_conf@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_build_prefix = @top_build_prefix@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -urandom_device = @urandom_device@ -xml_CFLAGS = @xml_CFLAGS@ -xml_LIBS = @xml_LIBS@ -INCLUDES = -I$(top_srcdir)/src/libstrongswan -AM_CFLAGS = -rdynamic \ - -DPLUGINS=\""${libstrongswan_plugins}\"" - -plugin_LTLIBRARIES = libstrongswan-attr-sql.la -libstrongswan_attr_sql_la_SOURCES = \ - attr_sql_plugin.h attr_sql_plugin.c \ - sql_attribute.h sql_attribute.c - -libstrongswan_attr_sql_la_LDFLAGS = -module -avoid-version -pool_SOURCES = pool.c -pool_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la -all: all-am - -.SUFFIXES: -.SUFFIXES: .c .lo .o .obj -$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ - && { if test -f $@; then exit 0; else break; fi; }; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/attr_sql/Makefile'; \ - $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --gnu src/libstrongswan/plugins/attr_sql/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(am__aclocal_m4_deps): -install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES) - @$(NORMAL_INSTALL) - test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)" - @list='$(plugin_LTLIBRARIES)'; test -n "$(plugindir)" || list=; \ - list2=; for p in $$list; do \ - if test -f $$p; then \ - list2="$$list2 $$p"; \ - else :; fi; \ - done; \ - test -z "$$list2" || { \ - echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(plugindir)'"; \ - $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(plugindir)"; \ - } - -uninstall-pluginLTLIBRARIES: - @$(NORMAL_UNINSTALL) - @list='$(plugin_LTLIBRARIES)'; test -n "$(plugindir)" || list=; \ - for p in $$list; do \ - $(am__strip_dir) \ - echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(plugindir)/$$f'"; \ - $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(plugindir)/$$f"; \ - done - -clean-pluginLTLIBRARIES: - -test -z "$(plugin_LTLIBRARIES)" || rm -f $(plugin_LTLIBRARIES) - @list='$(plugin_LTLIBRARIES)'; for p in $$list; do \ - dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ - test "$$dir" != "$$p" || dir=.; \ - echo "rm -f \"$${dir}/so_locations\""; \ - rm -f "$${dir}/so_locations"; \ - done -libstrongswan-attr-sql.la: $(libstrongswan_attr_sql_la_OBJECTS) $(libstrongswan_attr_sql_la_DEPENDENCIES) - $(libstrongswan_attr_sql_la_LINK) -rpath $(plugindir) $(libstrongswan_attr_sql_la_OBJECTS) $(libstrongswan_attr_sql_la_LIBADD) $(LIBS) -install-ipsecPROGRAMS: $(ipsec_PROGRAMS) - @$(NORMAL_INSTALL) - test -z "$(ipsecdir)" || $(MKDIR_P) "$(DESTDIR)$(ipsecdir)" - @list='$(ipsec_PROGRAMS)'; test -n "$(ipsecdir)" || list=; \ - for p in $$list; do echo "$$p $$p"; done | \ - sed 's/$(EXEEXT)$$//' | \ - while read p p1; do if test -f $$p || test -f $$p1; \ - then echo "$$p"; echo "$$p"; else :; fi; \ - done | \ - sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \ - -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ - sed 'N;N;N;s,\n, ,g' | \ - $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ - { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ - if ($$2 == $$4) files[d] = files[d] " " $$1; \ - else { print "f", $$3 "/" $$4, $$1; } } \ - END { for (d in files) print "f", d, files[d] }' | \ - while read type dir files; do \ - if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ - test -z "$$files" || { \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(ipsecdir)$$dir'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(ipsecdir)$$dir" || exit $$?; \ - } \ - ; done - -uninstall-ipsecPROGRAMS: - @$(NORMAL_UNINSTALL) - @list='$(ipsec_PROGRAMS)'; test -n "$(ipsecdir)" || list=; \ - files=`for p in $$list; do echo "$$p"; done | \ - sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ - -e 's/$$/$(EXEEXT)/' `; \ - test -n "$$list" || exit 0; \ - echo " ( cd '$(DESTDIR)$(ipsecdir)' && rm -f" $$files ")"; \ - cd "$(DESTDIR)$(ipsecdir)" && rm -f $$files - -clean-ipsecPROGRAMS: - @list='$(ipsec_PROGRAMS)'; test -n "$$list" || exit 0; \ - echo " rm -f" $$list; \ - rm -f $$list || exit $$?; \ - test -n "$(EXEEXT)" || exit 0; \ - list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f" $$list; \ - rm -f $$list -pool$(EXEEXT): $(pool_OBJECTS) $(pool_DEPENDENCIES) - @rm -f pool$(EXEEXT) - $(LINK) $(pool_OBJECTS) $(pool_LDADD) $(LIBS) - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/attr_sql_plugin.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pool.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sql_attribute.Plo@am__quote@ - -.c.o: -@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< -@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(COMPILE) -c $< - -.c.obj: -@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` -@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` - -.c.lo: -@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< -@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ - END { if (nonempty) { for (i in files) print i; }; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - set x; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ - END { if (nonempty) { for (i in files) print i; }; }'`; \ - shift; \ - if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - if test $$# -gt 0; then \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - "$$@" $$unique; \ - else \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$unique; \ - fi; \ - fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ - END { if (nonempty) { for (i in files) print i; }; }'`; \ - test -z "$(CTAGS_ARGS)$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && $(am__cd) $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) "$$here" - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d "$(distdir)/$$file"; then \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ - else \ - test -f "$(distdir)/$$file" \ - || cp -p $$d/$$file "$(distdir)/$$file" \ - || exit 1; \ - fi; \ - done -check-am: all-am -check: check-am -all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) -installdirs: - for dir in "$(DESTDIR)$(plugindir)" "$(DESTDIR)$(ipsecdir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-ipsecPROGRAMS clean-libtool \ - clean-pluginLTLIBRARIES mostlyclean-am - -distclean: distclean-am - -rm -rf ./$(DEPDIR) - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -html-am: - -info: info-am - -info-am: - -install-data-am: install-ipsecPROGRAMS install-pluginLTLIBRARIES - -install-dvi: install-dvi-am - -install-dvi-am: - -install-exec-am: - -install-html: install-html-am - -install-html-am: - -install-info: install-info-am - -install-info-am: - -install-man: - -install-pdf: install-pdf-am - -install-pdf-am: - -install-ps: install-ps-am - -install-ps-am: - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -rf ./$(DEPDIR) - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-ipsecPROGRAMS uninstall-pluginLTLIBRARIES - -.MAKE: install-am install-strip - -.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ - clean-ipsecPROGRAMS clean-libtool clean-pluginLTLIBRARIES \ - ctags distclean distclean-compile distclean-generic \ - distclean-libtool distclean-tags distdir dvi dvi-am html \ - html-am info info-am install install-am install-data \ - install-data-am install-dvi install-dvi-am install-exec \ - install-exec-am install-html install-html-am install-info \ - install-info-am install-ipsecPROGRAMS install-man install-pdf \ - install-pdf-am install-pluginLTLIBRARIES install-ps \ - install-ps-am install-strip installcheck installcheck-am \ - installdirs maintainer-clean maintainer-clean-generic \ - mostlyclean mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool pdf pdf-am ps ps-am tags uninstall \ - uninstall-am uninstall-ipsecPROGRAMS \ - uninstall-pluginLTLIBRARIES - - -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/src/libstrongswan/plugins/attr_sql/attr_sql_plugin.c b/src/libstrongswan/plugins/attr_sql/attr_sql_plugin.c deleted file mode 100644 index 66b309c67..000000000 --- a/src/libstrongswan/plugins/attr_sql/attr_sql_plugin.c +++ /dev/null @@ -1,88 +0,0 @@ -/* - * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include <library.h> -#include <debug.h> - -#include "attr_sql_plugin.h" -#include "sql_attribute.h" - -typedef struct private_attr_sql_plugin_t private_attr_sql_plugin_t; - -/** - * private data of attr_sql plugin - */ -struct private_attr_sql_plugin_t { - - /** - * implements plugin interface - */ - attr_sql_plugin_t public; - - /** - * database connection instance - */ - database_t *db; - - /** - * configuration attributes - */ - sql_attribute_t *attribute; - -}; - -/** - * Implementation of plugin_t.destroy - */ -static void destroy(private_attr_sql_plugin_t *this) -{ - lib->attributes->remove_provider(lib->attributes, &this->attribute->provider); - this->attribute->destroy(this->attribute); - this->db->destroy(this->db); - free(this); -} - -/* - * see header file - */ -plugin_t *plugin_create() -{ - char *uri; - private_attr_sql_plugin_t *this; - - uri = lib->settings->get_str(lib->settings, "libstrongswan.plugins.attr-sql.database", NULL); - if (!uri) - { - DBG1("attr-sql plugin: database URI not set"); - return NULL; - } - - this = malloc_thing(private_attr_sql_plugin_t); - - this->public.plugin.destroy = (void(*)(plugin_t*))destroy; - - this->db = lib->db->create(lib->db, uri); - if (!this->db) - { - DBG1("attr-sql plugin failed to connect to database"); - free(this); - return NULL; - } - this->attribute = sql_attribute_create(this->db); - lib->attributes->add_provider(lib->attributes, &this->attribute->provider); - - return &this->public.plugin; -} - diff --git a/src/libstrongswan/plugins/attr_sql/pool.c b/src/libstrongswan/plugins/attr_sql/pool.c deleted file mode 100644 index 85b30a70f..000000000 --- a/src/libstrongswan/plugins/attr_sql/pool.c +++ /dev/null @@ -1,1050 +0,0 @@ -/* - * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#define _GNU_SOURCE -#include <getopt.h> -#include <unistd.h> -#include <stdio.h> -#include <time.h> - -#include <debug.h> -#include <library.h> -#include <utils/host.h> -#include <utils/identification.h> -#include <attributes/attributes.h> - -/** - * global database handle - */ -database_t *db; - -/** - * --start/--end/--server addresses of various subcommands - */ -host_t *start = NULL, *end = NULL, *server = NULL; - -/** - * instead of a pool handle a DNS or NBNS attribute - */ -static bool is_attribute(char *name) -{ - return strcaseeq(name, "dns") || strcaseeq(name, "nbns") || - strcaseeq(name, "wins"); -} - -/** - * determine configuration attribute type - */ -static configuration_attribute_type_t get_attribute_type(char *name, host_t* addr) -{ - if (strcaseeq(name, "dns")) - { - return (addr->get_family(addr) == AF_INET) ? INTERNAL_IP4_DNS : - INTERNAL_IP6_DNS; - } - else - { - return (addr->get_family(addr) == AF_INET) ? INTERNAL_IP4_NBNS : - INTERNAL_IP6_NBNS; - } -} - -/** - * calculate the size of a pool using start and end address chunk - */ -static u_int get_pool_size(chunk_t start, chunk_t end) -{ - u_int *start_ptr, *end_ptr; - - if (start.len < sizeof(u_int) || end.len < sizeof(u_int)) - { - return 0; - } - start_ptr = (u_int*)(start.ptr + start.len - sizeof(u_int)); - end_ptr = (u_int*)(end.ptr + end.len - sizeof(u_int)); - return ntohl(*end_ptr) - ntohl(*start_ptr) + 1; -} - -/** - * print usage info - */ -static void usage(void) -{ - printf("\ -Usage:\n\ - ipsec pool --status|--add|--del|--resize|--purge [options]\n\ - \n\ - ipsec pool --status\n\ - Show a list of installed pools with statistics.\n\ - \n\ - ipsec pool --add <name> --start <start> --end <end> [--timeout <timeout>]\n\ - Add a new pool to the database.\n\ - name: Name of the pool, as used in ipsec.conf rightsourceip=%%name\n\ - start: Start address of the pool\n\ - end: End address of the pool\n\ - timeout: Lease time in hours, 0 for static leases\n\ - \n\ - ipsec pool --add dns|nbns|wins --server <server>\n\ - Add a new DNS or NBNS server to the database.\n\ - server: IP address of the name server\n\ - \n\ - ipsec pool --del <name>\n\ - Delete a pool from the database.\n\ - name: Name of the pool to delete\n\ - \n\ - ipsec pool --del dns|nbns|wins [--server <server>]\n\ - Delete a specific or all DNS or NBNS servers from the database.\n\ - server: IP address of the name server to delete\n\ - \n\ - ipsec pool --resize <name> --end <end>\n\ - Grow or shrink an existing pool.\n\ - name: Name of the pool to resize\n\ - end: New end address for the pool\n\ - \n\ - ipsec pool --leases [--filter <filter>] [--utc]\n\ - Show lease information using filters:\n\ - filter: Filter string containing comma separated key=value filters,\n\ - e.g. id=alice@strongswan.org,addr=1.1.1.1\n\ - pool: name of the pool\n\ - id: assigned identity of the lease\n\ - addr: lease IP address\n\ - tstamp: UNIX timestamp when lease was valid, as integer\n\ - status: status of the lease: online|valid|expired\n\ - utc: Show times in UTC instead of local time\n\ - \n\ - ipsec pool --purge <name>\n\ - Delete lease history of a pool:\n\ - name: Name of the pool to purge\n\ - \n"); - exit(0); -} - -/** - * ipsec pool --status - show pool overview - */ -static void status(void) -{ - enumerator_t *ns, *pool, *lease; - host_t *server; - chunk_t value; - bool found = FALSE; - - /* enumerate IPv4 DNS servers */ - ns = db->query(db, "SELECT value FROM attributes WHERE type = ?", - DB_INT, INTERNAL_IP4_DNS, DB_BLOB); - if (ns) - { - while (ns->enumerate(ns, &value)) - { - if (!found) - { - printf("dns servers:"); - found = TRUE; - } - server = host_create_from_chunk(AF_INET, value, 0); - if (server) - { - printf(" %H", server); - server->destroy(server); - } - } - ns->destroy(ns); - } - - /* enumerate IPv6 DNS servers */ - ns = db->query(db, "SELECT value FROM attributes WHERE type = ?", - DB_INT, INTERNAL_IP6_DNS, DB_BLOB); - if (ns) - { - while (ns->enumerate(ns, &value)) - { - if (!found) - { - printf("dns servers:"); - found = TRUE; - } - server = host_create_from_chunk(AF_INET6, value, 0); - if (server) - { - printf(" %H", server); - server->destroy(server); - } - } - ns->destroy(ns); - } - if (found) - { - printf("\n"); - } - else - { - printf("no dns servers found.\n"); - } - found = FALSE; - - /* enumerate IPv4 NBNS servers */ - ns = db->query(db, "SELECT value FROM attributes WHERE type = ?", - DB_INT, INTERNAL_IP4_NBNS, DB_BLOB); - if (ns) - { - while (ns->enumerate(ns, &value)) - { - if (!found) - { - printf("nbns servers:"); - found = TRUE; - } - server = host_create_from_chunk(AF_INET, value, 0); - if (server) - { - printf(" %H", server); - server->destroy(server); - } - } - ns->destroy(ns); - } - - /* enumerate IPv6 NBNS servers */ - ns = db->query(db, "SELECT value FROM attributes WHERE type = ?", - DB_INT, INTERNAL_IP6_NBNS, DB_BLOB); - if (ns) - { - while (ns->enumerate(ns, &value)) - { - if (!found) - { - printf("nbns servers:"); - found = TRUE; - } - server = host_create_from_chunk(AF_INET6, value, 0); - if (server) - { - printf(" %H", server); - server->destroy(server); - } - } - ns->destroy(ns); - } - if (found) - { - printf("\n"); - } - else - { - printf("no nbns servers found.\n"); - } - found = FALSE; - - pool = db->query(db, "SELECT id, name, start, end, timeout FROM pools", - DB_INT, DB_TEXT, DB_BLOB, DB_BLOB, DB_UINT); - if (pool) - { - char *name; - chunk_t start_chunk, end_chunk; - host_t *start, *end; - u_int id, timeout, online = 0, used = 0, size = 0; - - while (pool->enumerate(pool, &id, &name, - &start_chunk, &end_chunk, &timeout)) - { - if (!found) - { - printf("%8s %15s %15s %8s %6s %11s %11s\n", "name", "start", - "end", "timeout", "size", "online", "usage"); - found = TRUE; - } - - start = host_create_from_chunk(AF_UNSPEC, start_chunk, 0); - end = host_create_from_chunk(AF_UNSPEC, end_chunk, 0); - size = get_pool_size(start_chunk, end_chunk); - printf("%8s %15H %15H ", name, start, end); - if (timeout) - { - printf("%7dh ", timeout/3600); - } - else - { - printf("%8s ", "static"); - } - printf("%6d ", size); - /* get number of online hosts */ - lease = db->query(db, "SELECT COUNT(*) FROM addresses " - "WHERE pool = ? AND released = 0", - DB_UINT, id, DB_INT); - if (lease) - { - lease->enumerate(lease, &online); - lease->destroy(lease); - } - printf("%5d (%2d%%) ", online, online*100/size); - /* get number of online or valid lieases */ - lease = db->query(db, "SELECT COUNT(*) FROM addresses " - "WHERE addresses.pool = ? " - "AND ((? AND acquired != 0) " - " OR released = 0 OR released > ?) ", - DB_UINT, id, DB_UINT, !timeout, - DB_UINT, time(NULL) - timeout, DB_UINT); - if (lease) - { - lease->enumerate(lease, &used); - lease->destroy(lease); - } - printf("%5d (%2d%%) ", used, used*100/size); - - printf("\n"); - DESTROY_IF(start); - DESTROY_IF(end); - } - pool->destroy(pool); - } - if (!found) - { - printf("no pools found.\n"); - } - exit(0); -} - -/** - * ipsec pool --add - add a new pool - */ -static void add(char *name, host_t *start, host_t *end, int timeout) -{ - chunk_t start_addr, end_addr, cur_addr; - u_int id, count; - - start_addr = start->get_address(start); - end_addr = end->get_address(end); - cur_addr = chunk_clonea(start_addr); - count = get_pool_size(start_addr, end_addr); - - if (start_addr.len != end_addr.len || - memcmp(start_addr.ptr, end_addr.ptr, start_addr.len) > 0) - { - fprintf(stderr, "invalid start/end pair specified.\n"); - exit(-1); - } - if (db->execute(db, &id, - "INSERT INTO pools (name, start, end, timeout) " - "VALUES (?, ?, ?, ?)", - DB_TEXT, name, DB_BLOB, start_addr, - DB_BLOB, end_addr, DB_INT, timeout*3600) != 1) - { - fprintf(stderr, "creating pool failed.\n"); - exit(-1); - } - printf("allocating %d addresses... ", count); - fflush(stdout); - if (db->get_driver(db) == DB_SQLITE) - { /* run population in a transaction for sqlite */ - db->execute(db, NULL, "BEGIN TRANSACTION"); - } - while (TRUE) - { - db->execute(db, NULL, - "INSERT INTO addresses (pool, address, identity, acquired, released) " - "VALUES (?, ?, ?, ?, ?)", - DB_UINT, id, DB_BLOB, cur_addr, DB_UINT, 0, DB_UINT, 0, DB_UINT, 1); - if (chunk_equals(cur_addr, end_addr)) - { - break; - } - chunk_increment(cur_addr); - } - if (db->get_driver(db) == DB_SQLITE) - { - db->execute(db, NULL, "END TRANSACTION"); - } - printf("done.\n", count); - - exit(0); -} - -/** - * ipsec pool --add dns|nbns|wins - add a DNS or NBNS server entry - */ -static void add_attr(char *name, host_t *server) -{ - configuration_attribute_type_t type; - chunk_t value; - - type = get_attribute_type(name, server); - value = server->get_address(server); - if (db->execute(db, NULL, - "INSERT INTO attributes (type, value) VALUES (?, ?)", - DB_INT, type, DB_BLOB, value) != 1) - { - fprintf(stderr, "adding %s server %H failed.\n", name, server); - exit(-1); - } - printf("added %s server %H\n", name, server); - exit(0); -} - -/** - * ipsec pool --del - delete a pool - */ -static void del(char *name) -{ - enumerator_t *query; - u_int id; - bool found = FALSE; - - query = db->query(db, "SELECT id FROM pools WHERE name = ?", - DB_TEXT, name, DB_UINT); - if (!query) - { - fprintf(stderr, "deleting pool failed.\n"); - exit(-1); - } - while (query->enumerate(query, &id)) - { - found = TRUE; - if (db->execute(db, NULL, - "DELETE FROM leases WHERE address IN (" - " SELECT id FROM addresses WHERE pool = ?)", DB_UINT, id) < 0 || - db->execute(db, NULL, - "DELETE FROM addresses WHERE pool = ?", DB_UINT, id) < 0 || - db->execute(db, NULL, - "DELETE FROM pools WHERE id = ?", DB_UINT, id) < 0) - { - fprintf(stderr, "deleting pool failed.\n"); - query->destroy(query); - exit(-1); - } - } - query->destroy(query); - if (!found) - { - fprintf(stderr, "pool '%s' not found.\n", name); - exit(-1); - } - exit(0); -} - -/** - * ipsec pool --del dns|nbns|wins - delete a DNS or NBNS server entry - */ -static void del_attr(char *name, host_t *server) -{ - configuration_attribute_type_t type; - chunk_t value; - u_int id; - enumerator_t *query; - bool found = FALSE; - - if (server) - { - type = get_attribute_type(name, server); - value = server->get_address(server); - query = db->query(db, - "SELECT id, type, value FROM attributes " - "WHERE type = ? AND value = ?", - DB_INT, type, DB_BLOB, value, - DB_UINT, DB_INT, DB_BLOB); - } - else - { - configuration_attribute_type_t type_ip4, type_ip6; - - if (strcaseeq(name, "dns")) - { - type_ip4 = INTERNAL_IP4_DNS; - type_ip6 = INTERNAL_IP6_DNS; - } - else - { - type_ip4 = INTERNAL_IP4_NBNS; - type_ip6 = INTERNAL_IP6_NBNS; - } - - query = db->query(db, - "SELECT id, type, value FROM attributes " - "WHERE type = ? OR type = ?", - DB_INT, type_ip4, DB_INT, type_ip6, - DB_UINT, DB_INT, DB_BLOB); - } - if (!query) - { - fprintf(stderr, "deleting %s servers failed.\n", name); - exit(-1); - } - - while (query->enumerate(query, &id, &type, &value)) - { - int family; - host_t *host; - - found = TRUE; - family = (type == INTERNAL_IP4_DNS || type == INTERNAL_IP4_NBNS) ? - AF_INET : AF_INET6; - host = host_create_from_chunk(family, value, 0); - if (db->execute(db, NULL, - "DELETE FROM attributes WHERE id = ?", - DB_UINT, id) != 1) - { - fprintf(stderr, "deleting %s server %H failed\n", name, host); - query->destroy(query); - DESTROY_IF(host); - exit(-1); - } - printf("deleted %s server %H\n", name, host); - DESTROY_IF(host); - } - query->destroy(query); - - if (!found) - { - printf("no matching %s servers found\n", name); - exit(-1); - } - exit(0); -} - -/** - * ipsec pool --resize - resize a pool if (db->execute(db, NULL, - "DELETE FROM attributes WHERE type = ? AND value = ?", - DB_INT, type, DB_BLOB, value) != 1) - { - fprintf(stderr, "deleting %s server %H failed\n", name, server); - exit(-1); - } - printf("deleted %s server %H\n", name, server); - if (db->execute(db, NULL, - "DELETE FROM attributes WHERE type = ? AND value = ?", - DB_INT, type, DB_BLOB, value) != 1) - { - fprintf(stderr, "deleting %s server %H failed\n", name, server); - exit(-1); - } - printf("deleted %s server %H\n", name, server); - - */ -static void resize(char *name, host_t *end) -{ - enumerator_t *query; - chunk_t old_addr, new_addr, cur_addr; - u_int id, count; - - new_addr = end->get_address(end); - - query = db->query(db, "SELECT id, end FROM pools WHERE name = ?", - DB_TEXT, name, DB_UINT, DB_BLOB); - if (!query || !query->enumerate(query, &id, &old_addr)) - { - DESTROY_IF(query); - fprintf(stderr, "resizing pool failed.\n"); - exit(-1); - } - if (old_addr.len != new_addr.len || - memcmp(new_addr.ptr, old_addr.ptr, old_addr.len) < 0) - { - fprintf(stderr, "shrinking of pools not supported.\n"); - query->destroy(query); - exit(-1); - } - cur_addr = chunk_clonea(old_addr); - count = get_pool_size(old_addr, new_addr) - 1; - query->destroy(query); - - if (db->execute(db, NULL, - "UPDATE pools SET end = ? WHERE name = ?", - DB_BLOB, new_addr, DB_TEXT, name) <= 0) - { - fprintf(stderr, "pool '%s' not found.\n", name); - exit(-1); - } - - printf("allocating %d new addresses... ", count); - fflush(stdout); - if (db->get_driver(db) == DB_SQLITE) - { /* run population in a transaction for sqlite */ - db->execute(db, NULL, "BEGIN TRANSACTION"); - } - while (count-- > 0) - { - chunk_increment(cur_addr); - db->execute(db, NULL, - "INSERT INTO addresses (pool, address, identity, acquired, released) " - "VALUES (?, ?, ?, ?, ?)", - DB_UINT, id, DB_BLOB, cur_addr, DB_UINT, 0, DB_UINT, 0, DB_UINT, 1); - } - if (db->get_driver(db) == DB_SQLITE) - { - db->execute(db, NULL, "END TRANSACTION"); - } - printf("done.\n", count); - - exit(0); -} - -/** - * create the lease query using the filter string - */ -static enumerator_t *create_lease_query(char *filter) -{ - enumerator_t *query; - identification_t *id = NULL; - host_t *addr = NULL; - u_int tstamp = 0; - bool online = FALSE, valid = FALSE, expired = FALSE; - char *value, *pos, *pool = NULL; - enum { - FIL_POOL = 0, - FIL_ID, - FIL_ADDR, - FIL_TSTAMP, - FIL_STATE, - }; - char *const token[] = { - [FIL_POOL] = "pool", - [FIL_ID] = "id", - [FIL_ADDR] = "addr", - [FIL_TSTAMP] = "tstamp", - [FIL_STATE] = "status", - NULL - }; - - /* if the filter string contains a distinguished name as a ID, we replace - * ", " by "/ " in order to not confuse the getsubopt parser */ - pos = filter; - while ((pos = strchr(pos, ','))) - { - if (pos[1] == ' ') - { - pos[0] = '/'; - } - pos++; - } - - while (filter && *filter != '\0') - { - switch (getsubopt(&filter, token, &value)) - { - case FIL_POOL: - if (value) - { - pool = value; - } - break; - case FIL_ID: - if (value) - { - id = identification_create_from_string(value); - } - break; - case FIL_ADDR: - if (value) - { - addr = host_create_from_string(value, 0); - } - if (!addr) - { - fprintf(stderr, "invalid 'addr' in filter string.\n"); - exit(-1); - } - break; - case FIL_TSTAMP: - if (value) - { - tstamp = atoi(value); - } - if (tstamp == 0) - { - online = TRUE; - } - break; - case FIL_STATE: - if (value) - { - if (streq(value, "online")) - { - online = TRUE; - } - else if (streq(value, "valid")) - { - valid = TRUE; - } - else if (streq(value, "expired")) - { - expired = TRUE; - } - else - { - fprintf(stderr, "invalid 'state' in filter string.\n"); - exit(-1); - } - } - break; - default: - fprintf(stderr, "invalid filter string.\n"); - exit(-1); - break; - } - } - query = db->query(db, - "SELECT name, addresses.address, identities.type, " - "identities.data, leases.acquired, leases.released, timeout " - "FROM leases JOIN addresses ON leases.address = addresses.id " - "JOIN pools ON addresses.pool = pools.id " - "JOIN identities ON leases.identity = identities.id " - "WHERE (? OR name = ?) " - "AND (? OR (identities.type = ? AND identities.data = ?)) " - "AND (? OR addresses.address = ?) " - "AND (? OR (? >= leases.acquired AND (? <= leases.released))) " - "AND (? OR leases.released > ? - timeout) " - "AND (? OR leases.released < ? - timeout) " - "AND ? " - "UNION " - "SELECT name, address, identities.type, identities.data, " - "acquired, released, timeout FROM addresses " - "JOIN pools ON addresses.pool = pools.id " - "JOIN identities ON addresses.identity = identities.id " - "WHERE ? AND released = 0 " - "AND (? OR name = ?) " - "AND (? OR (identities.type = ? AND identities.data = ?)) " - "AND (? OR address = ?)", - DB_INT, pool == NULL, DB_TEXT, pool, - DB_INT, id == NULL, - DB_INT, id ? id->get_type(id) : 0, - DB_BLOB, id ? id->get_encoding(id) : chunk_empty, - DB_INT, addr == NULL, - DB_BLOB, addr ? addr->get_address(addr) : chunk_empty, - DB_INT, tstamp == 0, DB_UINT, tstamp, DB_UINT, tstamp, - DB_INT, !valid, DB_INT, time(NULL), - DB_INT, !expired, DB_INT, time(NULL), - DB_INT, !online, - /* union */ - DB_INT, !(valid || expired), - DB_INT, pool == NULL, DB_TEXT, pool, - DB_INT, id == NULL, - DB_INT, id ? id->get_type(id) : 0, - DB_BLOB, id ? id->get_encoding(id) : chunk_empty, - DB_INT, addr == NULL, - DB_BLOB, addr ? addr->get_address(addr) : chunk_empty, - /* res */ - DB_TEXT, DB_BLOB, DB_INT, DB_BLOB, DB_UINT, DB_UINT, DB_UINT); - /* id and addr leak but we can't destroy them until query is destroyed. */ - return query; -} - -/** - * ipsec pool --leases - show lease information of a pool - */ -static void leases(char *filter, bool utc) -{ - enumerator_t *query; - chunk_t address_chunk, identity_chunk; - int identity_type; - char *name; - u_int acquired, released, timeout; - host_t *address; - identification_t *identity; - bool found = FALSE; - - query = create_lease_query(filter); - if (!query) - { - fprintf(stderr, "querying leases failed.\n"); - exit(-1); - } - while (query->enumerate(query, &name, &address_chunk, &identity_type, - &identity_chunk, &acquired, &released, &timeout)) - { - if (!found) - { - int len = utc ? 25 : 21; - - found = TRUE; - printf("%-8s %-15s %-7s %-*s %-*s %s\n", - "name", "address", "status", len, "start", len, "end", "identity"); - } - address = host_create_from_chunk(AF_UNSPEC, address_chunk, 0); - identity = identification_create_from_encoding(identity_type, identity_chunk); - - printf("%-8s %-15H ", name, address); - if (released == 0) - { - printf("%-7s ", "online"); - } - else if (timeout == 0) - { - printf("%-7s ", "static"); - } - else if (released >= time(NULL) - timeout) - { - printf("%-7s ", "valid"); - } - else - { - printf("%-7s ", "expired"); - } - - printf(" %T ", &acquired, utc); - if (released) - { - printf("%T ", &released, utc); - } - else - { - printf(" "); - if (utc) - { - printf(" "); - } - } - printf("%Y\n", identity); - DESTROY_IF(address); - identity->destroy(identity); - } - query->destroy(query); - if (!found) - { - fprintf(stderr, "no matching leases found.\n"); - exit(-1); - } - exit(0); -} - -/** - * ipsec pool --purge - delete expired leases - */ -static void purge(char *name) -{ - int purged = 0; - - purged = db->execute(db, NULL, - "DELETE FROM leases WHERE address IN (" - " SELECT id FROM addresses WHERE pool IN (" - " SELECT id FROM pools WHERE name = ?))", - DB_TEXT, name); - if (purged < 0) - { - fprintf(stderr, "purging pool '%s' failed.\n", name); - exit(-1); - } - fprintf(stderr, "purged %d leases in pool '%s'.\n", purged, name); - exit(0); -} - -/** - * atexit handler to close db on shutdown - */ -static void cleanup(void) -{ - db->destroy(db); - DESTROY_IF(start); - DESTROY_IF(end); - DESTROY_IF(server); -} - -int main(int argc, char *argv[]) -{ - char *uri, *name = "", *filter = ""; - int timeout = 0; - bool utc = FALSE; - enum { - OP_USAGE, - OP_STATUS, - OP_ADD, - OP_ADD_ATTR, - OP_DEL, - OP_DEL_ATTR, - OP_RESIZE, - OP_LEASES, - OP_PURGE - } operation = OP_USAGE; - - atexit(library_deinit); - - /* initialize library */ - if (!library_init(NULL)) - { - exit(SS_RC_LIBSTRONGSWAN_INTEGRITY); - } - if (lib->integrity && - !lib->integrity->check_file(lib->integrity, "pool", argv[0])) - { - fprintf(stderr, "integrity check of pool failed\n"); - exit(SS_RC_DAEMON_INTEGRITY); - } - if (!lib->plugins->load(lib->plugins, NULL, - lib->settings->get_str(lib->settings, "pool.load", PLUGINS))) - { - exit(SS_RC_INITIALIZATION_FAILED); - } - - uri = lib->settings->get_str(lib->settings, "libstrongswan.plugins.attr-sql.database", NULL); - if (!uri) - { - fprintf(stderr, "database URI libstrongswan.plugins.attr-sql.database not set.\n"); - exit(SS_RC_INITIALIZATION_FAILED); - } - db = lib->db->create(lib->db, uri); - if (!db) - { - fprintf(stderr, "opening database failed.\n"); - exit(SS_RC_INITIALIZATION_FAILED); - } - atexit(cleanup); - - while (TRUE) - { - int c; - - struct option long_opts[] = { - { "help", no_argument, NULL, 'h' }, - - { "utc", no_argument, NULL, 'u' }, - { "status", no_argument, NULL, 'w' }, - { "add", required_argument, NULL, 'a' }, - { "del", required_argument, NULL, 'd' }, - { "resize", required_argument, NULL, 'r' }, - { "leases", no_argument, NULL, 'l' }, - { "purge", required_argument, NULL, 'p' }, - - { "start", required_argument, NULL, 's' }, - { "end", required_argument, NULL, 'e' }, - { "timeout", required_argument, NULL, 't' }, - { "filter", required_argument, NULL, 'f' }, - { "server", required_argument, NULL, 'v' }, - { 0,0,0,0 } - }; - - c = getopt_long(argc, argv, "", long_opts, NULL); - switch (c) - { - case EOF: - break; - case 'h': - break; - case 'w': - operation = OP_STATUS; - break; - case 'u': - utc = TRUE; - continue; - case 'a': - name = optarg; - operation = is_attribute(name) ? OP_ADD_ATTR : OP_ADD; - continue; - case 'd': - name = optarg; - operation = is_attribute(name) ? OP_DEL_ATTR : OP_DEL; - continue; - case 'r': - name = optarg; - operation = OP_RESIZE; - continue; - case 'l': - operation = OP_LEASES; - continue; - case 'p': - name = optarg; - operation = OP_PURGE; - continue; - case 's': - start = host_create_from_string(optarg, 0); - if (start == NULL) - { - fprintf(stderr, "invalid start address: '%s'.\n", optarg); - operation = OP_USAGE; - break; - } - continue; - case 'e': - end = host_create_from_string(optarg, 0); - if (end == NULL) - { - fprintf(stderr, "invalid end address: '%s'.\n", optarg); - operation = OP_USAGE; - break; - } - continue; - case 't': - timeout = atoi(optarg); - if (timeout == 0 && strcmp(optarg, "0") != 0) - { - fprintf(stderr, "invalid timeout '%s'.\n", optarg); - operation = OP_USAGE; - break; - } - continue; - case 'f': - filter = optarg; - continue; - case 'v': - server = host_create_from_string(optarg, 0); - if (server == NULL) - { - fprintf(stderr, "invalid server address: '%s'.\n", optarg); - operation = OP_USAGE; - break; - } - continue; - default: - operation = OP_USAGE; - break; - } - break; - } - - switch (operation) - { - case OP_USAGE: - usage(); - break; - case OP_STATUS: - status(); - break; - case OP_ADD: - if (start == NULL || end == NULL) - { - fprintf(stderr, "missing arguments.\n"); - usage(); - } - add(name, start, end, timeout); - break; - case OP_ADD_ATTR: - if (server == NULL) - { - fprintf(stderr, "missing arguments.\n"); - usage(); - } - add_attr(name, server); - break; - case OP_DEL: - del(name); - break; - case OP_DEL_ATTR: - del_attr(name, server); - break; - case OP_RESIZE: - if (end == NULL) - { - fprintf(stderr, "missing arguments.\n"); - usage(); - } - resize(name, end); - break; - case OP_LEASES: - leases(filter, utc); - break; - case OP_PURGE: - purge(name); - break; - } - exit(0); -} - diff --git a/src/libstrongswan/plugins/attr_sql/sql_attribute.c b/src/libstrongswan/plugins/attr_sql/sql_attribute.c deleted file mode 100644 index a89195b6d..000000000 --- a/src/libstrongswan/plugins/attr_sql/sql_attribute.c +++ /dev/null @@ -1,384 +0,0 @@ -/* - * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include <time.h> - -#include <debug.h> -#include <library.h> - -#include "sql_attribute.h" - -typedef struct private_sql_attribute_t private_sql_attribute_t; - -/** - * private data of sql_attribute - */ -struct private_sql_attribute_t { - - /** - * public functions - */ - sql_attribute_t public; - - /** - * database connection - */ - database_t *db; - - /** - * wheter to record lease history in lease table - */ - bool history; -}; - -/** - * lookup/insert an identity - */ -static u_int get_identity(private_sql_attribute_t *this, identification_t *id) -{ - enumerator_t *e; - u_int row; - - /* look for peer identity in the identities table */ - e = this->db->query(this->db, - "SELECT id FROM identities WHERE type = ? AND data = ?", - DB_INT, id->get_type(id), DB_BLOB, id->get_encoding(id), - DB_UINT); - - if (e && e->enumerate(e, &row)) - { - e->destroy(e); - return row; - } - DESTROY_IF(e); - /* not found, insert new one */ - if (this->db->execute(this->db, &row, - "INSERT INTO identities (type, data) VALUES (?, ?)", - DB_INT, id->get_type(id), DB_BLOB, id->get_encoding(id)) == 1) - { - return row; - } - return 0; -} - -/** - * Lookup pool by name - */ -static u_int get_pool(private_sql_attribute_t *this, char *name, u_int *timeout) -{ - enumerator_t *e; - u_int pool; - - e = this->db->query(this->db, "SELECT id, timeout FROM pools WHERE name = ?", - DB_TEXT, name, DB_UINT, DB_UINT); - if (e && e->enumerate(e, &pool, timeout)) - { - e->destroy(e); - return pool; - } - DESTROY_IF(e); - return 0; -} - -/** - * Look up an existing lease - */ -static host_t* check_lease(private_sql_attribute_t *this, char *name, - u_int pool, u_int identity) -{ - while (TRUE) - { - u_int id; - chunk_t address; - enumerator_t *e; - time_t now = time(NULL); - - e = this->db->query(this->db, - "SELECT id, address FROM addresses " - "WHERE pool = ? AND identity = ? AND released != 0 LIMIT 1", - DB_UINT, pool, DB_UINT, identity, DB_UINT, DB_BLOB); - if (!e || !e->enumerate(e, &id, &address)) - { - DESTROY_IF(e); - break; - } - address = chunk_clonea(address); - e->destroy(e); - - if (this->db->execute(this->db, NULL, - "UPDATE addresses SET acquired = ?, released = 0 " - "WHERE id = ? AND identity = ? AND released != 0", - DB_UINT, now, DB_UINT, id, DB_UINT, identity) > 0) - { - host_t *host; - - host = host_create_from_chunk(AF_UNSPEC, address, 0); - if (host) - { - DBG1("acquired existing lease for address %H in pool '%s'", - host, name); - return host; - } - } - } - return NULL; -} - -/** - * We check for unallocated addresses or expired leases. First we select an - * address as a candidate, but double check later on if it is still available - * during the update operation. This allows us to work without locking. - */ -static host_t* get_lease(private_sql_attribute_t *this, char *name, - u_int pool, u_int timeout, u_int identity) -{ - while (TRUE) - { - u_int id; - chunk_t address; - enumerator_t *e; - time_t now = time(NULL); - int hits; - - if (timeout) - { - /* check for an expired lease */ - e = this->db->query(this->db, - "SELECT id, address FROM addresses " - "WHERE pool = ? AND released != 0 AND released < ? LIMIT 1", - DB_UINT, pool, DB_UINT, now - timeout, DB_UINT, DB_BLOB); - } - else - { - /* with static leases, check for an unallocated address */ - e = this->db->query(this->db, - "SELECT id, address FROM addresses " - "WHERE pool = ? AND identity = 0 LIMIT 1", - DB_UINT, pool, DB_UINT, DB_BLOB); - - } - - if (!e || !e->enumerate(e, &id, &address)) - { - DESTROY_IF(e); - break; - } - address = chunk_clonea(address); - e->destroy(e); - - if (timeout) - { - hits = this->db->execute(this->db, NULL, - "UPDATE addresses SET " - "acquired = ?, released = 0, identity = ? " - "WHERE id = ? AND released != 0 AND released < ?", - DB_UINT, now, DB_UINT, identity, - DB_UINT, id, DB_UINT, now - timeout); - } - else - { - hits = this->db->execute(this->db, NULL, - "UPDATE addresses SET " - "acquired = ?, released = 0, identity = ? " - "WHERE id = ? AND identity = 0", - DB_UINT, now, DB_UINT, identity, DB_UINT, id); - } - if (hits > 0) - { - host_t *host; - - host = host_create_from_chunk(AF_UNSPEC, address, 0); - if (host) - { - DBG1("acquired new lease for address %H in pool '%s'", - host, name); - return host; - } - } - } - DBG1("no available address found in pool '%s'", name); - return NULL; -} - -/** - * Implementation of attribute_provider_t.acquire_address - */ -static host_t* acquire_address(private_sql_attribute_t *this, - char *names, identification_t *id, - host_t *requested) -{ - host_t *address = NULL; - u_int identity, pool, timeout; - - identity = get_identity(this, id); - if (identity) - { - /* check for a single pool first (no concatenation and enumeration) */ - if (strchr(names, ',') == NULL) - { - pool = get_pool(this, names, &timeout); - if (pool) - { - /* check for an existing lease */ - address = check_lease(this, names, pool, identity); - if (address == NULL) - { - /* get an unallocated address or expired lease */ - address = get_lease(this, names, pool, timeout, identity); - } - } - } - else - { - enumerator_t *enumerator; - char *name; - - /* in a first step check for an existing lease over all pools */ - enumerator = enumerator_create_token(names, ",", " "); - while (enumerator->enumerate(enumerator, &name)) - { - pool = get_pool(this, name, &timeout); - if (pool) - { - address = check_lease(this, name, pool, identity); - if (address) - { - enumerator->destroy(enumerator); - return address; - } - } - } - enumerator->destroy(enumerator); - - /* in a second step get an unallocated address or expired lease */ - enumerator = enumerator_create_token(names, ",", " "); - while (enumerator->enumerate(enumerator, &name)) - { - pool = get_pool(this, name, &timeout); - if (pool) - { - address = get_lease(this, name, pool, timeout, identity); - if (address) - { - break; - } - } - } - enumerator->destroy(enumerator); - } - } - return address; -} - -/** - * Implementation of attribute_provider_t.release_address - */ -static bool release_address(private_sql_attribute_t *this, - char *name, host_t *address, identification_t *id) -{ - enumerator_t *enumerator; - bool found = FALSE; - time_t now = time(NULL); - - enumerator = enumerator_create_token(name, ",", " "); - while (enumerator->enumerate(enumerator, &name)) - { - u_int pool, timeout; - - pool = get_pool(this, name, &timeout); - if (pool) - { - if (this->history) - { - this->db->execute(this->db, NULL, - "INSERT INTO leases (address, identity, acquired, released)" - " SELECT id, identity, acquired, ? FROM addresses " - " WHERE pool = ? AND address = ?", - DB_UINT, now, DB_UINT, pool, - DB_BLOB, address->get_address(address)); - } - if (this->db->execute(this->db, NULL, - "UPDATE addresses SET released = ? WHERE " - "pool = ? AND address = ?", DB_UINT, time(NULL), - DB_UINT, pool, DB_BLOB, address->get_address(address)) > 0) - { - found = TRUE; - break; - } - } - } - enumerator->destroy(enumerator); - return found; -} - -/** - * Implementation of sql_attribute_t.create_attribute_enumerator - */ -static enumerator_t* create_attribute_enumerator(private_sql_attribute_t *this, - identification_t *id, host_t *vip) -{ - if (vip) - { - enumerator_t *enumerator; - - enumerator = this->db->query(this->db, - "SELECT type, value FROM attributes", DB_INT, DB_BLOB); - if (enumerator) - { - return enumerator; - } - } - return enumerator_create_empty(); -} - -/** - * Implementation of sql_attribute_t.destroy - */ -static void destroy(private_sql_attribute_t *this) -{ - free(this); -} - -/* - * see header file - */ -sql_attribute_t *sql_attribute_create(database_t *db) -{ - private_sql_attribute_t *this = malloc_thing(private_sql_attribute_t); - time_t now = time(NULL); - - this->public.provider.acquire_address = (host_t*(*)(attribute_provider_t *this, char*, identification_t *, host_t *))acquire_address; - this->public.provider.release_address = (bool(*)(attribute_provider_t *this, char*,host_t *, identification_t*))release_address; - this->public.provider.create_attribute_enumerator = (enumerator_t*(*)(attribute_provider_t*, identification_t *id, host_t *host))create_attribute_enumerator; - this->public.destroy = (void(*)(sql_attribute_t*))destroy; - - this->db = db; - this->history = lib->settings->get_bool(lib->settings, - "libstrongswan.plugins.attr-sql.lease_history", TRUE); - - /* close any "online" leases in the case we crashed */ - if (this->history) - { - this->db->execute(this->db, NULL, - "INSERT INTO leases (address, identity, acquired, released)" - " SELECT id, identity, acquired, ? FROM addresses " - " WHERE released = 0", DB_UINT, now); - } - this->db->execute(this->db, NULL, - "UPDATE addresses SET released = ? WHERE released = 0", - DB_UINT, now); - return &this->public; -} - diff --git a/src/libstrongswan/plugins/attr_sql/sql_attribute.h b/src/libstrongswan/plugins/attr_sql/sql_attribute.h deleted file mode 100644 index ca87eb27e..000000000 --- a/src/libstrongswan/plugins/attr_sql/sql_attribute.h +++ /dev/null @@ -1,50 +0,0 @@ -/* - * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup sql_attribute sql_attribute - * @{ @ingroup attr_sql - */ - -#ifndef SQL_ATTRIBUTE_H_ -#define SQL_ATTRIBUTE_H_ - -#include <attributes/attribute_provider.h> -#include <database/database.h> - -typedef struct sql_attribute_t sql_attribute_t; - -/** - * SQL database based IKEv2 cfg attribute provider. - */ -struct sql_attribute_t { - - /** - * Implements attribute provider interface - */ - attribute_provider_t provider; - - /** - * Destroy a sql_attribute instance. - */ - void (*destroy)(sql_attribute_t *this); -}; - -/** - * Create a sql_attribute instance. - */ -sql_attribute_t *sql_attribute_create(database_t *db); - -#endif /** SQL_ATTRIBUTE_H_ @}*/ diff --git a/src/libstrongswan/plugins/blowfish/Makefile.am b/src/libstrongswan/plugins/blowfish/Makefile.am index de8948445..95c414204 100644 --- a/src/libstrongswan/plugins/blowfish/Makefile.am +++ b/src/libstrongswan/plugins/blowfish/Makefile.am @@ -3,10 +3,14 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic +if MONOLITHIC +noinst_LTLIBRARIES = libstrongswan-blowfish.la +else plugin_LTLIBRARIES = libstrongswan-blowfish.la +endif libstrongswan_blowfish_la_SOURCES = \ -blowfish_plugin.h blowfish_plugin.c blowfish_crypter.c blowfish_crypter.h \ -bf_skey.c blowfish.h bf_pi.h bf_locl.h bf_enc.c -libstrongswan_blowfish_la_LDFLAGS = -module -avoid-version + blowfish_plugin.h blowfish_plugin.c blowfish_crypter.c blowfish_crypter.h \ + bf_skey.c blowfish.h bf_pi.h bf_locl.h bf_enc.c +libstrongswan_blowfish_la_LDFLAGS = -module -avoid-version diff --git a/src/libstrongswan/plugins/blowfish/Makefile.in b/src/libstrongswan/plugins/blowfish/Makefile.in index 7b55d69c7..f95a4abe5 100644 --- a/src/libstrongswan/plugins/blowfish/Makefile.in +++ b/src/libstrongswan/plugins/blowfish/Makefile.in @@ -72,7 +72,7 @@ am__base_list = \ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' am__installdirs = "$(DESTDIR)$(plugindir)" -LTLIBRARIES = $(plugin_LTLIBRARIES) +LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES) libstrongswan_blowfish_la_LIBADD = am_libstrongswan_blowfish_la_OBJECTS = blowfish_plugin.lo \ blowfish_crypter.lo bf_skey.lo bf_enc.lo @@ -82,6 +82,9 @@ libstrongswan_blowfish_la_LINK = $(LIBTOOL) --tag=CC \ $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \ $(AM_CFLAGS) $(CFLAGS) $(libstrongswan_blowfish_la_LDFLAGS) \ $(LDFLAGS) -o $@ +@MONOLITHIC_FALSE@am_libstrongswan_blowfish_la_rpath = -rpath \ +@MONOLITHIC_FALSE@ $(plugindir) +@MONOLITHIC_TRUE@am_libstrongswan_blowfish_la_rpath = DEFAULT_INCLUDES = -I.@am__isrc@ depcomp = $(SHELL) $(top_srcdir)/depcomp am__depfiles_maybe = depfiles @@ -220,6 +223,7 @@ ipsecuid = @ipsecuid@ ipsecuser = @ipsecuser@ libdir = @libdir@ libexecdir = @libexecdir@ +libhydra_plugins = @libhydra_plugins@ libstrongswan_plugins = @libstrongswan_plugins@ linux_headers = @linux_headers@ localedir = @localedir@ @@ -256,10 +260,11 @@ xml_CFLAGS = @xml_CFLAGS@ xml_LIBS = @xml_LIBS@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic -plugin_LTLIBRARIES = libstrongswan-blowfish.la +@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-blowfish.la +@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-blowfish.la libstrongswan_blowfish_la_SOURCES = \ -blowfish_plugin.h blowfish_plugin.c blowfish_crypter.c blowfish_crypter.h \ -bf_skey.c blowfish.h bf_pi.h bf_locl.h bf_enc.c + blowfish_plugin.h blowfish_plugin.c blowfish_crypter.c blowfish_crypter.h \ + bf_skey.c blowfish.h bf_pi.h bf_locl.h bf_enc.c libstrongswan_blowfish_la_LDFLAGS = -module -avoid-version all: all-am @@ -296,6 +301,15 @@ $(top_srcdir)/configure: $(am__configure_deps) $(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(am__aclocal_m4_deps): + +clean-noinstLTLIBRARIES: + -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES) + @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES) @$(NORMAL_INSTALL) test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)" @@ -328,7 +342,7 @@ clean-pluginLTLIBRARIES: rm -f "$${dir}/so_locations"; \ done libstrongswan-blowfish.la: $(libstrongswan_blowfish_la_OBJECTS) $(libstrongswan_blowfish_la_DEPENDENCIES) - $(libstrongswan_blowfish_la_LINK) -rpath $(plugindir) $(libstrongswan_blowfish_la_OBJECTS) $(libstrongswan_blowfish_la_LIBADD) $(LIBS) + $(libstrongswan_blowfish_la_LINK) $(am_libstrongswan_blowfish_la_rpath) $(libstrongswan_blowfish_la_OBJECTS) $(libstrongswan_blowfish_la_LIBADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) @@ -484,8 +498,8 @@ maintainer-clean-generic: @echo "it deletes files that may require special tools to rebuild." clean: clean-am -clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \ - mostlyclean-am +clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \ + clean-pluginLTLIBRARIES mostlyclean-am distclean: distclean-am -rm -rf ./$(DEPDIR) @@ -556,18 +570,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES .MAKE: install-am install-strip .PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ - clean-libtool clean-pluginLTLIBRARIES ctags distclean \ - distclean-compile distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-pluginLTLIBRARIES \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-pluginLTLIBRARIES + clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \ + ctags distclean distclean-compile distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-man install-pdf install-pdf-am \ + install-pluginLTLIBRARIES install-ps install-ps-am \ + install-strip installcheck installcheck-am installdirs \ + maintainer-clean maintainer-clean-generic mostlyclean \ + mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ + pdf pdf-am ps ps-am tags uninstall uninstall-am \ + uninstall-pluginLTLIBRARIES # Tell versions [3.59,3.63) of GNU make to not export all variables. diff --git a/src/libstrongswan/plugins/blowfish/blowfish_plugin.c b/src/libstrongswan/plugins/blowfish/blowfish_plugin.c index 993dc8b3b..f9fb605b3 100644 --- a/src/libstrongswan/plugins/blowfish/blowfish_plugin.c +++ b/src/libstrongswan/plugins/blowfish/blowfish_plugin.c @@ -45,7 +45,7 @@ static void destroy(private_blowfish_plugin_t *this) /* * see header file */ -plugin_t *plugin_create() +plugin_t *blowfish_plugin_create() { private_blowfish_plugin_t *this = malloc_thing(private_blowfish_plugin_t); diff --git a/src/libstrongswan/plugins/blowfish/blowfish_plugin.h b/src/libstrongswan/plugins/blowfish/blowfish_plugin.h index 596a7c791..6a87f42ee 100644 --- a/src/libstrongswan/plugins/blowfish/blowfish_plugin.h +++ b/src/libstrongswan/plugins/blowfish/blowfish_plugin.h @@ -40,9 +40,4 @@ struct blowfish_plugin_t { plugin_t plugin; }; -/** - * Create a blowfish_plugin instance. - */ -plugin_t *plugin_create(); - #endif /** BLOWFISH_PLUGIN_H_ @}*/ diff --git a/src/libstrongswan/plugins/curl/Makefile.am b/src/libstrongswan/plugins/curl/Makefile.am index f0a41e4ad..43718f678 100644 --- a/src/libstrongswan/plugins/curl/Makefile.am +++ b/src/libstrongswan/plugins/curl/Makefile.am @@ -3,9 +3,14 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic +if MONOLITHIC +noinst_LTLIBRARIES = libstrongswan-curl.la +else plugin_LTLIBRARIES = libstrongswan-curl.la +endif + +libstrongswan_curl_la_SOURCES = \ + curl_plugin.h curl_plugin.c curl_fetcher.c curl_fetcher.h -libstrongswan_curl_la_SOURCES = curl_plugin.h curl_plugin.c curl_fetcher.c curl_fetcher.h libstrongswan_curl_la_LDFLAGS = -module -avoid-version libstrongswan_curl_la_LIBADD = -lcurl - diff --git a/src/libstrongswan/plugins/curl/Makefile.in b/src/libstrongswan/plugins/curl/Makefile.in index 32b2504fe..1952b22e7 100644 --- a/src/libstrongswan/plugins/curl/Makefile.in +++ b/src/libstrongswan/plugins/curl/Makefile.in @@ -72,13 +72,15 @@ am__base_list = \ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' am__installdirs = "$(DESTDIR)$(plugindir)" -LTLIBRARIES = $(plugin_LTLIBRARIES) +LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES) libstrongswan_curl_la_DEPENDENCIES = am_libstrongswan_curl_la_OBJECTS = curl_plugin.lo curl_fetcher.lo libstrongswan_curl_la_OBJECTS = $(am_libstrongswan_curl_la_OBJECTS) libstrongswan_curl_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(libstrongswan_curl_la_LDFLAGS) $(LDFLAGS) -o $@ +@MONOLITHIC_FALSE@am_libstrongswan_curl_la_rpath = -rpath $(plugindir) +@MONOLITHIC_TRUE@am_libstrongswan_curl_la_rpath = DEFAULT_INCLUDES = -I.@am__isrc@ depcomp = $(SHELL) $(top_srcdir)/depcomp am__depfiles_maybe = depfiles @@ -217,6 +219,7 @@ ipsecuid = @ipsecuid@ ipsecuser = @ipsecuser@ libdir = @libdir@ libexecdir = @libexecdir@ +libhydra_plugins = @libhydra_plugins@ libstrongswan_plugins = @libstrongswan_plugins@ linux_headers = @linux_headers@ localedir = @localedir@ @@ -253,8 +256,11 @@ xml_CFLAGS = @xml_CFLAGS@ xml_LIBS = @xml_LIBS@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic -plugin_LTLIBRARIES = libstrongswan-curl.la -libstrongswan_curl_la_SOURCES = curl_plugin.h curl_plugin.c curl_fetcher.c curl_fetcher.h +@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-curl.la +@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-curl.la +libstrongswan_curl_la_SOURCES = \ + curl_plugin.h curl_plugin.c curl_fetcher.c curl_fetcher.h + libstrongswan_curl_la_LDFLAGS = -module -avoid-version libstrongswan_curl_la_LIBADD = -lcurl all: all-am @@ -291,6 +297,15 @@ $(top_srcdir)/configure: $(am__configure_deps) $(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(am__aclocal_m4_deps): + +clean-noinstLTLIBRARIES: + -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES) + @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES) @$(NORMAL_INSTALL) test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)" @@ -323,7 +338,7 @@ clean-pluginLTLIBRARIES: rm -f "$${dir}/so_locations"; \ done libstrongswan-curl.la: $(libstrongswan_curl_la_OBJECTS) $(libstrongswan_curl_la_DEPENDENCIES) - $(libstrongswan_curl_la_LINK) -rpath $(plugindir) $(libstrongswan_curl_la_OBJECTS) $(libstrongswan_curl_la_LIBADD) $(LIBS) + $(libstrongswan_curl_la_LINK) $(am_libstrongswan_curl_la_rpath) $(libstrongswan_curl_la_OBJECTS) $(libstrongswan_curl_la_LIBADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) @@ -477,8 +492,8 @@ maintainer-clean-generic: @echo "it deletes files that may require special tools to rebuild." clean: clean-am -clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \ - mostlyclean-am +clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \ + clean-pluginLTLIBRARIES mostlyclean-am distclean: distclean-am -rm -rf ./$(DEPDIR) @@ -549,18 +564,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES .MAKE: install-am install-strip .PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ - clean-libtool clean-pluginLTLIBRARIES ctags distclean \ - distclean-compile distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-pluginLTLIBRARIES \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-pluginLTLIBRARIES + clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \ + ctags distclean distclean-compile distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-man install-pdf install-pdf-am \ + install-pluginLTLIBRARIES install-ps install-ps-am \ + install-strip installcheck installcheck-am installdirs \ + maintainer-clean maintainer-clean-generic mostlyclean \ + mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ + pdf pdf-am ps ps-am tags uninstall uninstall-am \ + uninstall-pluginLTLIBRARIES # Tell versions [3.59,3.63) of GNU make to not export all variables. diff --git a/src/libstrongswan/plugins/curl/curl_fetcher.c b/src/libstrongswan/plugins/curl/curl_fetcher.c index 08315e932..2341c9052 100644 --- a/src/libstrongswan/plugins/curl/curl_fetcher.c +++ b/src/libstrongswan/plugins/curl/curl_fetcher.c @@ -84,7 +84,7 @@ METHOD(fetcher_t, fetch, status_t, curl_easy_setopt(this->curl, CURLOPT_HTTPHEADER, this->headers); } - DBG2(" sending http request to '%s'...", uri); + DBG2(DBG_LIB, " sending http request to '%s'...", uri); switch (curl_easy_perform(this->curl)) { case CURLE_UNSUPPORTED_PROTOCOL: @@ -94,7 +94,7 @@ METHOD(fetcher_t, fetch, status_t, status = SUCCESS; break; default: - DBG1("libcurl http request failed: %s", error); + DBG1(DBG_LIB, "libcurl http request failed: %s", error); status = FAILED; break; } diff --git a/src/libstrongswan/plugins/curl/curl_plugin.c b/src/libstrongswan/plugins/curl/curl_plugin.c index 13dfa053f..e00fcfc03 100644 --- a/src/libstrongswan/plugins/curl/curl_plugin.c +++ b/src/libstrongswan/plugins/curl/curl_plugin.c @@ -48,7 +48,7 @@ static void destroy(private_curl_plugin_t *this) /* * see header file */ -plugin_t *plugin_create() +plugin_t *curl_plugin_create() { CURLcode res; private_curl_plugin_t *this = malloc_thing(private_curl_plugin_t); @@ -69,7 +69,7 @@ plugin_t *plugin_create() } else { - DBG1("global libcurl initializing failed: %s, curl disabled", + DBG1(DBG_LIB, "global libcurl initializing failed: %s, curl disabled", curl_easy_strerror(res)); } return &this->public.plugin; diff --git a/src/libstrongswan/plugins/curl/curl_plugin.h b/src/libstrongswan/plugins/curl/curl_plugin.h index 1b748446b..ae17285c2 100644 --- a/src/libstrongswan/plugins/curl/curl_plugin.h +++ b/src/libstrongswan/plugins/curl/curl_plugin.h @@ -39,9 +39,4 @@ struct curl_plugin_t { plugin_t plugin; }; -/** - * Create a curl_plugin instance. - */ -plugin_t *plugin_create(); - #endif /** CURL_PLUGIN_H_ @}*/ diff --git a/src/libstrongswan/plugins/des/Makefile.am b/src/libstrongswan/plugins/des/Makefile.am index 76cfbc419..c7d9ce915 100644 --- a/src/libstrongswan/plugins/des/Makefile.am +++ b/src/libstrongswan/plugins/des/Makefile.am @@ -3,8 +3,13 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic +if MONOLITHIC +noinst_LTLIBRARIES = libstrongswan-des.la +else plugin_LTLIBRARIES = libstrongswan-des.la +endif -libstrongswan_des_la_SOURCES = des_plugin.h des_plugin.c des_crypter.c des_crypter.h -libstrongswan_des_la_LDFLAGS = -module -avoid-version +libstrongswan_des_la_SOURCES = \ + des_plugin.h des_plugin.c des_crypter.c des_crypter.h +libstrongswan_des_la_LDFLAGS = -module -avoid-version diff --git a/src/libstrongswan/plugins/des/Makefile.in b/src/libstrongswan/plugins/des/Makefile.in index f68b4bd03..af351cfe3 100644 --- a/src/libstrongswan/plugins/des/Makefile.in +++ b/src/libstrongswan/plugins/des/Makefile.in @@ -72,13 +72,15 @@ am__base_list = \ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' am__installdirs = "$(DESTDIR)$(plugindir)" -LTLIBRARIES = $(plugin_LTLIBRARIES) +LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES) libstrongswan_des_la_LIBADD = am_libstrongswan_des_la_OBJECTS = des_plugin.lo des_crypter.lo libstrongswan_des_la_OBJECTS = $(am_libstrongswan_des_la_OBJECTS) libstrongswan_des_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(libstrongswan_des_la_LDFLAGS) $(LDFLAGS) -o $@ +@MONOLITHIC_FALSE@am_libstrongswan_des_la_rpath = -rpath $(plugindir) +@MONOLITHIC_TRUE@am_libstrongswan_des_la_rpath = DEFAULT_INCLUDES = -I.@am__isrc@ depcomp = $(SHELL) $(top_srcdir)/depcomp am__depfiles_maybe = depfiles @@ -217,6 +219,7 @@ ipsecuid = @ipsecuid@ ipsecuser = @ipsecuser@ libdir = @libdir@ libexecdir = @libexecdir@ +libhydra_plugins = @libhydra_plugins@ libstrongswan_plugins = @libstrongswan_plugins@ linux_headers = @linux_headers@ localedir = @localedir@ @@ -253,8 +256,11 @@ xml_CFLAGS = @xml_CFLAGS@ xml_LIBS = @xml_LIBS@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic -plugin_LTLIBRARIES = libstrongswan-des.la -libstrongswan_des_la_SOURCES = des_plugin.h des_plugin.c des_crypter.c des_crypter.h +@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-des.la +@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-des.la +libstrongswan_des_la_SOURCES = \ + des_plugin.h des_plugin.c des_crypter.c des_crypter.h + libstrongswan_des_la_LDFLAGS = -module -avoid-version all: all-am @@ -290,6 +296,15 @@ $(top_srcdir)/configure: $(am__configure_deps) $(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(am__aclocal_m4_deps): + +clean-noinstLTLIBRARIES: + -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES) + @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES) @$(NORMAL_INSTALL) test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)" @@ -322,7 +337,7 @@ clean-pluginLTLIBRARIES: rm -f "$${dir}/so_locations"; \ done libstrongswan-des.la: $(libstrongswan_des_la_OBJECTS) $(libstrongswan_des_la_DEPENDENCIES) - $(libstrongswan_des_la_LINK) -rpath $(plugindir) $(libstrongswan_des_la_OBJECTS) $(libstrongswan_des_la_LIBADD) $(LIBS) + $(libstrongswan_des_la_LINK) $(am_libstrongswan_des_la_rpath) $(libstrongswan_des_la_OBJECTS) $(libstrongswan_des_la_LIBADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) @@ -476,8 +491,8 @@ maintainer-clean-generic: @echo "it deletes files that may require special tools to rebuild." clean: clean-am -clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \ - mostlyclean-am +clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \ + clean-pluginLTLIBRARIES mostlyclean-am distclean: distclean-am -rm -rf ./$(DEPDIR) @@ -548,18 +563,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES .MAKE: install-am install-strip .PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ - clean-libtool clean-pluginLTLIBRARIES ctags distclean \ - distclean-compile distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-pluginLTLIBRARIES \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-pluginLTLIBRARIES + clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \ + ctags distclean distclean-compile distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-man install-pdf install-pdf-am \ + install-pluginLTLIBRARIES install-ps install-ps-am \ + install-strip installcheck installcheck-am installdirs \ + maintainer-clean maintainer-clean-generic mostlyclean \ + mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ + pdf pdf-am ps ps-am tags uninstall uninstall-am \ + uninstall-pluginLTLIBRARIES # Tell versions [3.59,3.63) of GNU make to not export all variables. diff --git a/src/libstrongswan/plugins/des/des_plugin.c b/src/libstrongswan/plugins/des/des_plugin.c index 649d224ab..afc82e8d4 100644 --- a/src/libstrongswan/plugins/des/des_plugin.c +++ b/src/libstrongswan/plugins/des/des_plugin.c @@ -44,7 +44,7 @@ static void destroy(private_des_plugin_t *this) /* * see header file */ -plugin_t *plugin_create() +plugin_t *des_plugin_create() { private_des_plugin_t *this = malloc_thing(private_des_plugin_t); diff --git a/src/libstrongswan/plugins/des/des_plugin.h b/src/libstrongswan/plugins/des/des_plugin.h index 17df220bc..cfff420c0 100644 --- a/src/libstrongswan/plugins/des/des_plugin.h +++ b/src/libstrongswan/plugins/des/des_plugin.h @@ -39,9 +39,4 @@ struct des_plugin_t { plugin_t plugin; }; -/** - * Create a des_plugin instance. - */ -plugin_t *plugin_create(); - #endif /** DES_PLUGIN_H_ @}*/ diff --git a/src/libstrongswan/plugins/dnskey/Makefile.am b/src/libstrongswan/plugins/dnskey/Makefile.am index fd020f505..fbba95e0a 100644 --- a/src/libstrongswan/plugins/dnskey/Makefile.am +++ b/src/libstrongswan/plugins/dnskey/Makefile.am @@ -3,10 +3,14 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic +if MONOLITHIC +noinst_LTLIBRARIES = libstrongswan-dnskey.la +else plugin_LTLIBRARIES = libstrongswan-dnskey.la +endif -libstrongswan_dnskey_la_SOURCES = dnskey_plugin.h dnskey_plugin.c \ - dnskey_builder.h dnskey_builder.c +libstrongswan_dnskey_la_SOURCES = \ + dnskey_plugin.h dnskey_plugin.c \ + dnskey_builder.h dnskey_builder.c libstrongswan_dnskey_la_LDFLAGS = -module -avoid-version - diff --git a/src/libstrongswan/plugins/dnskey/Makefile.in b/src/libstrongswan/plugins/dnskey/Makefile.in index d7d5ff29b..1f1f90127 100644 --- a/src/libstrongswan/plugins/dnskey/Makefile.in +++ b/src/libstrongswan/plugins/dnskey/Makefile.in @@ -72,7 +72,7 @@ am__base_list = \ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' am__installdirs = "$(DESTDIR)$(plugindir)" -LTLIBRARIES = $(plugin_LTLIBRARIES) +LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES) libstrongswan_dnskey_la_LIBADD = am_libstrongswan_dnskey_la_OBJECTS = dnskey_plugin.lo \ dnskey_builder.lo @@ -81,6 +81,9 @@ libstrongswan_dnskey_la_OBJECTS = \ libstrongswan_dnskey_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(libstrongswan_dnskey_la_LDFLAGS) $(LDFLAGS) -o $@ +@MONOLITHIC_FALSE@am_libstrongswan_dnskey_la_rpath = -rpath \ +@MONOLITHIC_FALSE@ $(plugindir) +@MONOLITHIC_TRUE@am_libstrongswan_dnskey_la_rpath = DEFAULT_INCLUDES = -I.@am__isrc@ depcomp = $(SHELL) $(top_srcdir)/depcomp am__depfiles_maybe = depfiles @@ -219,6 +222,7 @@ ipsecuid = @ipsecuid@ ipsecuser = @ipsecuser@ libdir = @libdir@ libexecdir = @libexecdir@ +libhydra_plugins = @libhydra_plugins@ libstrongswan_plugins = @libstrongswan_plugins@ linux_headers = @linux_headers@ localedir = @localedir@ @@ -255,9 +259,11 @@ xml_CFLAGS = @xml_CFLAGS@ xml_LIBS = @xml_LIBS@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic -plugin_LTLIBRARIES = libstrongswan-dnskey.la -libstrongswan_dnskey_la_SOURCES = dnskey_plugin.h dnskey_plugin.c \ - dnskey_builder.h dnskey_builder.c +@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-dnskey.la +@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-dnskey.la +libstrongswan_dnskey_la_SOURCES = \ + dnskey_plugin.h dnskey_plugin.c \ + dnskey_builder.h dnskey_builder.c libstrongswan_dnskey_la_LDFLAGS = -module -avoid-version all: all-am @@ -294,6 +300,15 @@ $(top_srcdir)/configure: $(am__configure_deps) $(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(am__aclocal_m4_deps): + +clean-noinstLTLIBRARIES: + -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES) + @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES) @$(NORMAL_INSTALL) test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)" @@ -326,7 +341,7 @@ clean-pluginLTLIBRARIES: rm -f "$${dir}/so_locations"; \ done libstrongswan-dnskey.la: $(libstrongswan_dnskey_la_OBJECTS) $(libstrongswan_dnskey_la_DEPENDENCIES) - $(libstrongswan_dnskey_la_LINK) -rpath $(plugindir) $(libstrongswan_dnskey_la_OBJECTS) $(libstrongswan_dnskey_la_LIBADD) $(LIBS) + $(libstrongswan_dnskey_la_LINK) $(am_libstrongswan_dnskey_la_rpath) $(libstrongswan_dnskey_la_OBJECTS) $(libstrongswan_dnskey_la_LIBADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) @@ -480,8 +495,8 @@ maintainer-clean-generic: @echo "it deletes files that may require special tools to rebuild." clean: clean-am -clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \ - mostlyclean-am +clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \ + clean-pluginLTLIBRARIES mostlyclean-am distclean: distclean-am -rm -rf ./$(DEPDIR) @@ -552,18 +567,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES .MAKE: install-am install-strip .PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ - clean-libtool clean-pluginLTLIBRARIES ctags distclean \ - distclean-compile distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-pluginLTLIBRARIES \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-pluginLTLIBRARIES + clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \ + ctags distclean distclean-compile distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-man install-pdf install-pdf-am \ + install-pluginLTLIBRARIES install-ps install-ps-am \ + install-strip installcheck installcheck-am installdirs \ + maintainer-clean maintainer-clean-generic mostlyclean \ + mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ + pdf pdf-am ps ps-am tags uninstall uninstall-am \ + uninstall-pluginLTLIBRARIES # Tell versions [3.59,3.63) of GNU make to not export all variables. diff --git a/src/libstrongswan/plugins/dnskey/dnskey_builder.c b/src/libstrongswan/plugins/dnskey/dnskey_builder.c index ba20e7158..ea4eb6cda 100644 --- a/src/libstrongswan/plugins/dnskey/dnskey_builder.c +++ b/src/libstrongswan/plugins/dnskey/dnskey_builder.c @@ -52,7 +52,7 @@ static dnskey_public_key_t *parse_public_key(chunk_t blob) if (blob.len < sizeof(dnskey_rr_t)) { - DBG1("DNSKEY too short"); + DBG1(DBG_LIB, "DNSKEY too short"); return NULL; } blob = chunk_skip(blob, sizeof(dnskey_rr_t)); @@ -63,7 +63,8 @@ static dnskey_public_key_t *parse_public_key(chunk_t blob) return lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_RSA, BUILD_BLOB_DNSKEY, blob, BUILD_END); default: - DBG1("DNSKEY public key algorithm %d not supported", rr->algorithm); + DBG1(DBG_LIB, "DNSKEY public key algorithm %d not supported", + rr->algorithm); return NULL; } } @@ -77,7 +78,7 @@ static dnskey_public_key_t *parse_rsa_public_key(chunk_t blob) if (blob.len < 3) { - DBG1("RFC 3110 public key blob too short for exponent length"); + DBG1(DBG_LIB, "RFC 3110 public key blob too short for exponent length"); return NULL; } @@ -94,7 +95,7 @@ static dnskey_public_key_t *parse_rsa_public_key(chunk_t blob) e.ptr = blob.ptr; if (e.len >= blob.len) { - DBG1("RFC 3110 public key blob too short for exponent"); + DBG1(DBG_LIB, "RFC 3110 public key blob too short for exponent"); return NULL; } n = chunk_skip(blob, e.len); diff --git a/src/libstrongswan/plugins/dnskey/dnskey_plugin.c b/src/libstrongswan/plugins/dnskey/dnskey_plugin.c index 83dbe31a1..125047b05 100644 --- a/src/libstrongswan/plugins/dnskey/dnskey_plugin.c +++ b/src/libstrongswan/plugins/dnskey/dnskey_plugin.c @@ -44,7 +44,7 @@ static void destroy(private_dnskey_plugin_t *this) /* * see header file */ -plugin_t *plugin_create() +plugin_t *dnskey_plugin_create() { private_dnskey_plugin_t *this = malloc_thing(private_dnskey_plugin_t); diff --git a/src/libstrongswan/plugins/dnskey/dnskey_plugin.h b/src/libstrongswan/plugins/dnskey/dnskey_plugin.h index 17790e1c6..8b49bd6cb 100644 --- a/src/libstrongswan/plugins/dnskey/dnskey_plugin.h +++ b/src/libstrongswan/plugins/dnskey/dnskey_plugin.h @@ -39,9 +39,4 @@ struct dnskey_plugin_t { plugin_t plugin; }; -/** - * Create a dnskey_plugin instance. - */ -plugin_t *plugin_create(); - #endif /** DNSKEY_PLUGIN_H_ @}*/ diff --git a/src/libstrongswan/plugins/fips_prf/Makefile.am b/src/libstrongswan/plugins/fips_prf/Makefile.am index d9431947e..c9cf2c977 100644 --- a/src/libstrongswan/plugins/fips_prf/Makefile.am +++ b/src/libstrongswan/plugins/fips_prf/Makefile.am @@ -3,8 +3,13 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic +if MONOLITHIC +noinst_LTLIBRARIES = libstrongswan-fips-prf.la +else plugin_LTLIBRARIES = libstrongswan-fips-prf.la +endif -libstrongswan_fips_prf_la_SOURCES = fips_prf_plugin.h fips_prf_plugin.c fips_prf.c fips_prf.h -libstrongswan_fips_prf_la_LDFLAGS = -module -avoid-version +libstrongswan_fips_prf_la_SOURCES = \ + fips_prf_plugin.h fips_prf_plugin.c fips_prf.c fips_prf.h +libstrongswan_fips_prf_la_LDFLAGS = -module -avoid-version diff --git a/src/libstrongswan/plugins/fips_prf/Makefile.in b/src/libstrongswan/plugins/fips_prf/Makefile.in index b23af6def..70553fbd8 100644 --- a/src/libstrongswan/plugins/fips_prf/Makefile.in +++ b/src/libstrongswan/plugins/fips_prf/Makefile.in @@ -72,7 +72,7 @@ am__base_list = \ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' am__installdirs = "$(DESTDIR)$(plugindir)" -LTLIBRARIES = $(plugin_LTLIBRARIES) +LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES) libstrongswan_fips_prf_la_LIBADD = am_libstrongswan_fips_prf_la_OBJECTS = fips_prf_plugin.lo fips_prf.lo libstrongswan_fips_prf_la_OBJECTS = \ @@ -81,6 +81,9 @@ libstrongswan_fips_prf_la_LINK = $(LIBTOOL) --tag=CC \ $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \ $(AM_CFLAGS) $(CFLAGS) $(libstrongswan_fips_prf_la_LDFLAGS) \ $(LDFLAGS) -o $@ +@MONOLITHIC_FALSE@am_libstrongswan_fips_prf_la_rpath = -rpath \ +@MONOLITHIC_FALSE@ $(plugindir) +@MONOLITHIC_TRUE@am_libstrongswan_fips_prf_la_rpath = DEFAULT_INCLUDES = -I.@am__isrc@ depcomp = $(SHELL) $(top_srcdir)/depcomp am__depfiles_maybe = depfiles @@ -219,6 +222,7 @@ ipsecuid = @ipsecuid@ ipsecuser = @ipsecuser@ libdir = @libdir@ libexecdir = @libexecdir@ +libhydra_plugins = @libhydra_plugins@ libstrongswan_plugins = @libstrongswan_plugins@ linux_headers = @linux_headers@ localedir = @localedir@ @@ -255,8 +259,11 @@ xml_CFLAGS = @xml_CFLAGS@ xml_LIBS = @xml_LIBS@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic -plugin_LTLIBRARIES = libstrongswan-fips-prf.la -libstrongswan_fips_prf_la_SOURCES = fips_prf_plugin.h fips_prf_plugin.c fips_prf.c fips_prf.h +@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-fips-prf.la +@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-fips-prf.la +libstrongswan_fips_prf_la_SOURCES = \ + fips_prf_plugin.h fips_prf_plugin.c fips_prf.c fips_prf.h + libstrongswan_fips_prf_la_LDFLAGS = -module -avoid-version all: all-am @@ -292,6 +299,15 @@ $(top_srcdir)/configure: $(am__configure_deps) $(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(am__aclocal_m4_deps): + +clean-noinstLTLIBRARIES: + -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES) + @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES) @$(NORMAL_INSTALL) test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)" @@ -324,7 +340,7 @@ clean-pluginLTLIBRARIES: rm -f "$${dir}/so_locations"; \ done libstrongswan-fips-prf.la: $(libstrongswan_fips_prf_la_OBJECTS) $(libstrongswan_fips_prf_la_DEPENDENCIES) - $(libstrongswan_fips_prf_la_LINK) -rpath $(plugindir) $(libstrongswan_fips_prf_la_OBJECTS) $(libstrongswan_fips_prf_la_LIBADD) $(LIBS) + $(libstrongswan_fips_prf_la_LINK) $(am_libstrongswan_fips_prf_la_rpath) $(libstrongswan_fips_prf_la_OBJECTS) $(libstrongswan_fips_prf_la_LIBADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) @@ -478,8 +494,8 @@ maintainer-clean-generic: @echo "it deletes files that may require special tools to rebuild." clean: clean-am -clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \ - mostlyclean-am +clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \ + clean-pluginLTLIBRARIES mostlyclean-am distclean: distclean-am -rm -rf ./$(DEPDIR) @@ -550,18 +566,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES .MAKE: install-am install-strip .PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ - clean-libtool clean-pluginLTLIBRARIES ctags distclean \ - distclean-compile distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-pluginLTLIBRARIES \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-pluginLTLIBRARIES + clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \ + ctags distclean distclean-compile distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-man install-pdf install-pdf-am \ + install-pluginLTLIBRARIES install-ps install-ps-am \ + install-strip installcheck installcheck-am installdirs \ + maintainer-clean maintainer-clean-generic mostlyclean \ + mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ + pdf pdf-am ps ps-am tags uninstall uninstall-am \ + uninstall-pluginLTLIBRARIES # Tell versions [3.59,3.63) of GNU make to not export all variables. diff --git a/src/libstrongswan/plugins/fips_prf/fips_prf.c b/src/libstrongswan/plugins/fips_prf/fips_prf.c index 123d2a244..ad03fa585 100644 --- a/src/libstrongswan/plugins/fips_prf/fips_prf.c +++ b/src/libstrongswan/plugins/fips_prf/fips_prf.c @@ -126,14 +126,14 @@ static void get_bytes(private_fips_prf_t *this, chunk_t seed, u_int8_t w[]) { /* a. XVAL = (XKEY + XSEED j) mod 2^b */ add_mod(this->b, xkey, xseed, xval); - DBG3("XVAL %b", xval, this->b); + DBG3(DBG_LIB, "XVAL %b", xval, this->b); /* b. wi = G(t, XVAL ) */ this->g(this, chunk_create(xval, this->b), &w[i * this->b]); - DBG3("w[%d] %b", i, &w[i * this->b], this->b); + DBG3(DBG_LIB, "w[%d] %b", i, &w[i * this->b], this->b); /* c. XKEY = (1 + XKEY + wi) mod 2b */ add_mod(this->b, xkey, &w[i * this->b], sum); add_mod(this->b, sum, one, xkey); - DBG3("XKEY %b", xkey, this->b); + DBG3(DBG_LIB, "XKEY %b", xkey, this->b); } /* 3.3 done already, mod q not used */ diff --git a/src/libstrongswan/plugins/fips_prf/fips_prf_plugin.c b/src/libstrongswan/plugins/fips_prf/fips_prf_plugin.c index 6c0842f81..f41265637 100644 --- a/src/libstrongswan/plugins/fips_prf/fips_prf_plugin.c +++ b/src/libstrongswan/plugins/fips_prf/fips_prf_plugin.c @@ -44,7 +44,7 @@ static void destroy(private_fips_prf_plugin_t *this) /* * see header file */ -plugin_t *plugin_create() +plugin_t *fips_prf_plugin_create() { private_fips_prf_plugin_t *this = malloc_thing(private_fips_prf_plugin_t); diff --git a/src/libstrongswan/plugins/fips_prf/fips_prf_plugin.h b/src/libstrongswan/plugins/fips_prf/fips_prf_plugin.h index 8d65254ba..3bd26ad45 100644 --- a/src/libstrongswan/plugins/fips_prf/fips_prf_plugin.h +++ b/src/libstrongswan/plugins/fips_prf/fips_prf_plugin.h @@ -39,9 +39,4 @@ struct fips_prf_plugin_t { plugin_t plugin; }; -/** - * Create a fips_prf_plugin instance. - */ -plugin_t *plugin_create(); - #endif /** FIPS_PRF_PLUGIN_H_ @}*/ diff --git a/src/libstrongswan/plugins/gcrypt/Makefile.am b/src/libstrongswan/plugins/gcrypt/Makefile.am index a468a5ed9..48bf916ab 100644 --- a/src/libstrongswan/plugins/gcrypt/Makefile.am +++ b/src/libstrongswan/plugins/gcrypt/Makefile.am @@ -3,9 +3,14 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic +if MONOLITHIC +noinst_LTLIBRARIES = libstrongswan-gcrypt.la +else plugin_LTLIBRARIES = libstrongswan-gcrypt.la +endif -libstrongswan_gcrypt_la_SOURCES = gcrypt_plugin.h gcrypt_plugin.c \ +libstrongswan_gcrypt_la_SOURCES = \ + gcrypt_plugin.h gcrypt_plugin.c \ gcrypt_rsa_public_key.h gcrypt_rsa_public_key.c \ gcrypt_rsa_private_key.h gcrypt_rsa_private_key.c \ gcrypt_dh.h gcrypt_dh.c \ diff --git a/src/libstrongswan/plugins/gcrypt/Makefile.in b/src/libstrongswan/plugins/gcrypt/Makefile.in index c3081e2dd..35829c950 100644 --- a/src/libstrongswan/plugins/gcrypt/Makefile.in +++ b/src/libstrongswan/plugins/gcrypt/Makefile.in @@ -72,7 +72,7 @@ am__base_list = \ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' am__installdirs = "$(DESTDIR)$(plugindir)" -LTLIBRARIES = $(plugin_LTLIBRARIES) +LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES) libstrongswan_gcrypt_la_DEPENDENCIES = am_libstrongswan_gcrypt_la_OBJECTS = gcrypt_plugin.lo \ gcrypt_rsa_public_key.lo gcrypt_rsa_private_key.lo \ @@ -82,6 +82,9 @@ libstrongswan_gcrypt_la_OBJECTS = \ libstrongswan_gcrypt_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(libstrongswan_gcrypt_la_LDFLAGS) $(LDFLAGS) -o $@ +@MONOLITHIC_FALSE@am_libstrongswan_gcrypt_la_rpath = -rpath \ +@MONOLITHIC_FALSE@ $(plugindir) +@MONOLITHIC_TRUE@am_libstrongswan_gcrypt_la_rpath = DEFAULT_INCLUDES = -I.@am__isrc@ depcomp = $(SHELL) $(top_srcdir)/depcomp am__depfiles_maybe = depfiles @@ -220,6 +223,7 @@ ipsecuid = @ipsecuid@ ipsecuser = @ipsecuser@ libdir = @libdir@ libexecdir = @libexecdir@ +libhydra_plugins = @libhydra_plugins@ libstrongswan_plugins = @libstrongswan_plugins@ linux_headers = @linux_headers@ localedir = @localedir@ @@ -256,8 +260,10 @@ xml_CFLAGS = @xml_CFLAGS@ xml_LIBS = @xml_LIBS@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic -plugin_LTLIBRARIES = libstrongswan-gcrypt.la -libstrongswan_gcrypt_la_SOURCES = gcrypt_plugin.h gcrypt_plugin.c \ +@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-gcrypt.la +@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-gcrypt.la +libstrongswan_gcrypt_la_SOURCES = \ + gcrypt_plugin.h gcrypt_plugin.c \ gcrypt_rsa_public_key.h gcrypt_rsa_public_key.c \ gcrypt_rsa_private_key.h gcrypt_rsa_private_key.c \ gcrypt_dh.h gcrypt_dh.c \ @@ -301,6 +307,15 @@ $(top_srcdir)/configure: $(am__configure_deps) $(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(am__aclocal_m4_deps): + +clean-noinstLTLIBRARIES: + -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES) + @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES) @$(NORMAL_INSTALL) test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)" @@ -333,7 +348,7 @@ clean-pluginLTLIBRARIES: rm -f "$${dir}/so_locations"; \ done libstrongswan-gcrypt.la: $(libstrongswan_gcrypt_la_OBJECTS) $(libstrongswan_gcrypt_la_DEPENDENCIES) - $(libstrongswan_gcrypt_la_LINK) -rpath $(plugindir) $(libstrongswan_gcrypt_la_OBJECTS) $(libstrongswan_gcrypt_la_LIBADD) $(LIBS) + $(libstrongswan_gcrypt_la_LINK) $(am_libstrongswan_gcrypt_la_rpath) $(libstrongswan_gcrypt_la_OBJECTS) $(libstrongswan_gcrypt_la_LIBADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) @@ -492,8 +507,8 @@ maintainer-clean-generic: @echo "it deletes files that may require special tools to rebuild." clean: clean-am -clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \ - mostlyclean-am +clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \ + clean-pluginLTLIBRARIES mostlyclean-am distclean: distclean-am -rm -rf ./$(DEPDIR) @@ -564,18 +579,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES .MAKE: install-am install-strip .PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ - clean-libtool clean-pluginLTLIBRARIES ctags distclean \ - distclean-compile distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-pluginLTLIBRARIES \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-pluginLTLIBRARIES + clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \ + ctags distclean distclean-compile distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-man install-pdf install-pdf-am \ + install-pluginLTLIBRARIES install-ps install-ps-am \ + install-strip installcheck installcheck-am installdirs \ + maintainer-clean maintainer-clean-generic mostlyclean \ + mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ + pdf pdf-am ps ps-am tags uninstall uninstall-am \ + uninstall-pluginLTLIBRARIES # Tell versions [3.59,3.63) of GNU make to not export all variables. diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_crypter.c b/src/libstrongswan/plugins/gcrypt/gcrypt_crypter.c index 1eee6226d..5dbdde32c 100644 --- a/src/libstrongswan/plugins/gcrypt/gcrypt_crypter.c +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_crypter.c @@ -234,7 +234,7 @@ gcrypt_crypter_t *gcrypt_crypter_create(encryption_algorithm_t algo, err = gcry_cipher_open(&this->h, gcrypt_alg, mode, 0); if (err) { - DBG1("grcy_cipher_open(%N) failed: %s", + DBG1(DBG_LIB, "grcy_cipher_open(%N) failed: %s", encryption_algorithm_names, algo, gpg_strerror(err)); free(this); return NULL; diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_dh.c b/src/libstrongswan/plugins/gcrypt/gcrypt_dh.c index 59c82f1e7..08d6239ad 100644 --- a/src/libstrongswan/plugins/gcrypt/gcrypt_dh.c +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_dh.c @@ -1,4 +1,5 @@ /* + * Copyright (C) 2010 Tobias Brunner * Copyright (C) 2009 Martin Willi * Hochschule fuer Technik Rapperswil * @@ -19,310 +20,6 @@ #include <debug.h> -/** - * Modulus of Group 1 (MODP_768_BIT). - */ -static u_int8_t group1_modulus[] = { - 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34, - 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74, - 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD, - 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37, - 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6, - 0xF4,0x4C,0x42,0xE9,0xA6,0x3A,0x36,0x20,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF -}; - -/** - * Modulus of Group 2 (MODP_1024_BIT). - */ -static u_int8_t group2_modulus[] = { - 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34, - 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74, - 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD, - 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37, - 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6, - 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED, - 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6, - 0x49,0x28,0x66,0x51,0xEC,0xE6,0x53,0x81,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF -}; - -/** - * Modulus of Group 5 (MODP_1536_BIT). - */ -static u_int8_t group5_modulus[] = { - 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34, - 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74, - 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD, - 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37, - 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6, - 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED, - 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6, - 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05, - 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F, - 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB, - 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04, - 0xF1,0x74,0x6C,0x08,0xCA,0x23,0x73,0x27,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF -}; -/** - * Modulus of Group 14 (MODP_2048_BIT). - */ -static u_int8_t group14_modulus[] = { - 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34, - 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74, - 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD, - 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37, - 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6, - 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED, - 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6, - 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05, - 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F, - 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB, - 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04, - 0xF1,0x74,0x6C,0x08,0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B, - 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,0xEC,0x07,0xA2,0x8F, - 0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18, - 0x39,0x95,0x49,0x7C,0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10, - 0x15,0x72,0x8E,0x5A,0x8A,0xAC,0xAA,0x68,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF -}; - -/** - * Modulus of Group 15 (MODP_3072_BIT). - */ -static u_int8_t group15_modulus[] = { - 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34, - 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74, - 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD, - 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37, - 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6, - 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED, - 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6, - 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05, - 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F, - 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB, - 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04, - 0xF1,0x74,0x6C,0x08,0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B, - 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,0xEC,0x07,0xA2,0x8F, - 0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18, - 0x39,0x95,0x49,0x7C,0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10, - 0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,0x04,0x50,0x7A,0x33, - 0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A, - 0x8A,0xEA,0x71,0x57,0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7, - 0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,0x4A,0x25,0x61,0x9D, - 0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64, - 0xD8,0x76,0x02,0x73,0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C, - 0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,0xBA,0xD9,0x46,0xE2, - 0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E, - 0x4B,0x82,0xD1,0x20,0xA9,0x3A,0xD2,0xCA,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF -}; - -/** - * Modulus of Group 16 (MODP_4096_BIT). - */ -static u_int8_t group16_modulus[] = { - 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34, - 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74, - 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD, - 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37, - 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6, - 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED, - 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6, - 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05, - 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F, - 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB, - 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04, - 0xF1,0x74,0x6C,0x08,0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B, - 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,0xEC,0x07,0xA2,0x8F, - 0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18, - 0x39,0x95,0x49,0x7C,0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10, - 0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,0x04,0x50,0x7A,0x33, - 0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A, - 0x8A,0xEA,0x71,0x57,0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7, - 0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,0x4A,0x25,0x61,0x9D, - 0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64, - 0xD8,0x76,0x02,0x73,0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C, - 0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,0xBA,0xD9,0x46,0xE2, - 0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E, - 0x4B,0x82,0xD1,0x20,0xA9,0x21,0x08,0x01,0x1A,0x72,0x3C,0x12,0xA7,0x87,0xE6,0xD7, - 0x88,0x71,0x9A,0x10,0xBD,0xBA,0x5B,0x26,0x99,0xC3,0x27,0x18,0x6A,0xF4,0xE2,0x3C, - 0x1A,0x94,0x68,0x34,0xB6,0x15,0x0B,0xDA,0x25,0x83,0xE9,0xCA,0x2A,0xD4,0x4C,0xE8, - 0xDB,0xBB,0xC2,0xDB,0x04,0xDE,0x8E,0xF9,0x2E,0x8E,0xFC,0x14,0x1F,0xBE,0xCA,0xA6, - 0x28,0x7C,0x59,0x47,0x4E,0x6B,0xC0,0x5D,0x99,0xB2,0x96,0x4F,0xA0,0x90,0xC3,0xA2, - 0x23,0x3B,0xA1,0x86,0x51,0x5B,0xE7,0xED,0x1F,0x61,0x29,0x70,0xCE,0xE2,0xD7,0xAF, - 0xB8,0x1B,0xDD,0x76,0x21,0x70,0x48,0x1C,0xD0,0x06,0x91,0x27,0xD5,0xB0,0x5A,0xA9, - 0x93,0xB4,0xEA,0x98,0x8D,0x8F,0xDD,0xC1,0x86,0xFF,0xB7,0xDC,0x90,0xA6,0xC0,0x8F, - 0x4D,0xF4,0x35,0xC9,0x34,0x06,0x31,0x99,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF -}; - -/** - * Modulus of Group 17 (MODP_6144_BIT). - */ -static u_int8_t group17_modulus[] = { - 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34, - 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74, - 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD, - 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37, - 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6, - 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED, - 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6, - 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05, - 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F, - 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB, - 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04, - 0xF1,0x74,0x6C,0x08,0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B, - 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,0xEC,0x07,0xA2,0x8F, - 0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18, - 0x39,0x95,0x49,0x7C,0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10, - 0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,0x04,0x50,0x7A,0x33, - 0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A, - 0x8A,0xEA,0x71,0x57,0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7, - 0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,0x4A,0x25,0x61,0x9D, - 0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64, - 0xD8,0x76,0x02,0x73,0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C, - 0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,0xBA,0xD9,0x46,0xE2, - 0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E, - 0x4B,0x82,0xD1,0x20,0xA9,0x21,0x08,0x01,0x1A,0x72,0x3C,0x12,0xA7,0x87,0xE6,0xD7, - 0x88,0x71,0x9A,0x10,0xBD,0xBA,0x5B,0x26,0x99,0xC3,0x27,0x18,0x6A,0xF4,0xE2,0x3C, - 0x1A,0x94,0x68,0x34,0xB6,0x15,0x0B,0xDA,0x25,0x83,0xE9,0xCA,0x2A,0xD4,0x4C,0xE8, - 0xDB,0xBB,0xC2,0xDB,0x04,0xDE,0x8E,0xF9,0x2E,0x8E,0xFC,0x14,0x1F,0xBE,0xCA,0xA6, - 0x28,0x7C,0x59,0x47,0x4E,0x6B,0xC0,0x5D,0x99,0xB2,0x96,0x4F,0xA0,0x90,0xC3,0xA2, - 0x23,0x3B,0xA1,0x86,0x51,0x5B,0xE7,0xED,0x1F,0x61,0x29,0x70,0xCE,0xE2,0xD7,0xAF, - 0xB8,0x1B,0xDD,0x76,0x21,0x70,0x48,0x1C,0xD0,0x06,0x91,0x27,0xD5,0xB0,0x5A,0xA9, - 0x93,0xB4,0xEA,0x98,0x8D,0x8F,0xDD,0xC1,0x86,0xFF,0xB7,0xDC,0x90,0xA6,0xC0,0x8F, - 0x4D,0xF4,0x35,0xC9,0x34,0x02,0x84,0x92,0x36,0xC3,0xFA,0xB4,0xD2,0x7C,0x70,0x26, - 0xC1,0xD4,0xDC,0xB2,0x60,0x26,0x46,0xDE,0xC9,0x75,0x1E,0x76,0x3D,0xBA,0x37,0xBD, - 0xF8,0xFF,0x94,0x06,0xAD,0x9E,0x53,0x0E,0xE5,0xDB,0x38,0x2F,0x41,0x30,0x01,0xAE, - 0xB0,0x6A,0x53,0xED,0x90,0x27,0xD8,0x31,0x17,0x97,0x27,0xB0,0x86,0x5A,0x89,0x18, - 0xDA,0x3E,0xDB,0xEB,0xCF,0x9B,0x14,0xED,0x44,0xCE,0x6C,0xBA,0xCE,0xD4,0xBB,0x1B, - 0xDB,0x7F,0x14,0x47,0xE6,0xCC,0x25,0x4B,0x33,0x20,0x51,0x51,0x2B,0xD7,0xAF,0x42, - 0x6F,0xB8,0xF4,0x01,0x37,0x8C,0xD2,0xBF,0x59,0x83,0xCA,0x01,0xC6,0x4B,0x92,0xEC, - 0xF0,0x32,0xEA,0x15,0xD1,0x72,0x1D,0x03,0xF4,0x82,0xD7,0xCE,0x6E,0x74,0xFE,0xF6, - 0xD5,0x5E,0x70,0x2F,0x46,0x98,0x0C,0x82,0xB5,0xA8,0x40,0x31,0x90,0x0B,0x1C,0x9E, - 0x59,0xE7,0xC9,0x7F,0xBE,0xC7,0xE8,0xF3,0x23,0xA9,0x7A,0x7E,0x36,0xCC,0x88,0xBE, - 0x0F,0x1D,0x45,0xB7,0xFF,0x58,0x5A,0xC5,0x4B,0xD4,0x07,0xB2,0x2B,0x41,0x54,0xAA, - 0xCC,0x8F,0x6D,0x7E,0xBF,0x48,0xE1,0xD8,0x14,0xCC,0x5E,0xD2,0x0F,0x80,0x37,0xE0, - 0xA7,0x97,0x15,0xEE,0xF2,0x9B,0xE3,0x28,0x06,0xA1,0xD5,0x8B,0xB7,0xC5,0xDA,0x76, - 0xF5,0x50,0xAA,0x3D,0x8A,0x1F,0xBF,0xF0,0xEB,0x19,0xCC,0xB1,0xA3,0x13,0xD5,0x5C, - 0xDA,0x56,0xC9,0xEC,0x2E,0xF2,0x96,0x32,0x38,0x7F,0xE8,0xD7,0x6E,0x3C,0x04,0x68, - 0x04,0x3E,0x8F,0x66,0x3F,0x48,0x60,0xEE,0x12,0xBF,0x2D,0x5B,0x0B,0x74,0x74,0xD6, - 0xE6,0x94,0xF9,0x1E,0x6D,0xCC,0x40,0x24,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF -}; - -/** - * Modulus of Group 18 (MODP_8192_BIT). - */ -static u_int8_t group18_modulus[] = { - 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34, - 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74, - 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD, - 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37, - 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6, - 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED, - 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6, - 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05, - 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F, - 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB, - 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04, - 0xF1,0x74,0x6C,0x08,0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B, - 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,0xEC,0x07,0xA2,0x8F, - 0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18, - 0x39,0x95,0x49,0x7C,0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10, - 0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,0x04,0x50,0x7A,0x33, - 0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A, - 0x8A,0xEA,0x71,0x57,0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7, - 0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,0x4A,0x25,0x61,0x9D, - 0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64, - 0xD8,0x76,0x02,0x73,0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C, - 0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,0xBA,0xD9,0x46,0xE2, - 0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E, - 0x4B,0x82,0xD1,0x20,0xA9,0x21,0x08,0x01,0x1A,0x72,0x3C,0x12,0xA7,0x87,0xE6,0xD7, - 0x88,0x71,0x9A,0x10,0xBD,0xBA,0x5B,0x26,0x99,0xC3,0x27,0x18,0x6A,0xF4,0xE2,0x3C, - 0x1A,0x94,0x68,0x34,0xB6,0x15,0x0B,0xDA,0x25,0x83,0xE9,0xCA,0x2A,0xD4,0x4C,0xE8, - 0xDB,0xBB,0xC2,0xDB,0x04,0xDE,0x8E,0xF9,0x2E,0x8E,0xFC,0x14,0x1F,0xBE,0xCA,0xA6, - 0x28,0x7C,0x59,0x47,0x4E,0x6B,0xC0,0x5D,0x99,0xB2,0x96,0x4F,0xA0,0x90,0xC3,0xA2, - 0x23,0x3B,0xA1,0x86,0x51,0x5B,0xE7,0xED,0x1F,0x61,0x29,0x70,0xCE,0xE2,0xD7,0xAF, - 0xB8,0x1B,0xDD,0x76,0x21,0x70,0x48,0x1C,0xD0,0x06,0x91,0x27,0xD5,0xB0,0x5A,0xA9, - 0x93,0xB4,0xEA,0x98,0x8D,0x8F,0xDD,0xC1,0x86,0xFF,0xB7,0xDC,0x90,0xA6,0xC0,0x8F, - 0x4D,0xF4,0x35,0xC9,0x34,0x02,0x84,0x92,0x36,0xC3,0xFA,0xB4,0xD2,0x7C,0x70,0x26, - 0xC1,0xD4,0xDC,0xB2,0x60,0x26,0x46,0xDE,0xC9,0x75,0x1E,0x76,0x3D,0xBA,0x37,0xBD, - 0xF8,0xFF,0x94,0x06,0xAD,0x9E,0x53,0x0E,0xE5,0xDB,0x38,0x2F,0x41,0x30,0x01,0xAE, - 0xB0,0x6A,0x53,0xED,0x90,0x27,0xD8,0x31,0x17,0x97,0x27,0xB0,0x86,0x5A,0x89,0x18, - 0xDA,0x3E,0xDB,0xEB,0xCF,0x9B,0x14,0xED,0x44,0xCE,0x6C,0xBA,0xCE,0xD4,0xBB,0x1B, - 0xDB,0x7F,0x14,0x47,0xE6,0xCC,0x25,0x4B,0x33,0x20,0x51,0x51,0x2B,0xD7,0xAF,0x42, - 0x6F,0xB8,0xF4,0x01,0x37,0x8C,0xD2,0xBF,0x59,0x83,0xCA,0x01,0xC6,0x4B,0x92,0xEC, - 0xF0,0x32,0xEA,0x15,0xD1,0x72,0x1D,0x03,0xF4,0x82,0xD7,0xCE,0x6E,0x74,0xFE,0xF6, - 0xD5,0x5E,0x70,0x2F,0x46,0x98,0x0C,0x82,0xB5,0xA8,0x40,0x31,0x90,0x0B,0x1C,0x9E, - 0x59,0xE7,0xC9,0x7F,0xBE,0xC7,0xE8,0xF3,0x23,0xA9,0x7A,0x7E,0x36,0xCC,0x88,0xBE, - 0x0F,0x1D,0x45,0xB7,0xFF,0x58,0x5A,0xC5,0x4B,0xD4,0x07,0xB2,0x2B,0x41,0x54,0xAA, - 0xCC,0x8F,0x6D,0x7E,0xBF,0x48,0xE1,0xD8,0x14,0xCC,0x5E,0xD2,0x0F,0x80,0x37,0xE0, - 0xA7,0x97,0x15,0xEE,0xF2,0x9B,0xE3,0x28,0x06,0xA1,0xD5,0x8B,0xB7,0xC5,0xDA,0x76, - 0xF5,0x50,0xAA,0x3D,0x8A,0x1F,0xBF,0xF0,0xEB,0x19,0xCC,0xB1,0xA3,0x13,0xD5,0x5C, - 0xDA,0x56,0xC9,0xEC,0x2E,0xF2,0x96,0x32,0x38,0x7F,0xE8,0xD7,0x6E,0x3C,0x04,0x68, - 0x04,0x3E,0x8F,0x66,0x3F,0x48,0x60,0xEE,0x12,0xBF,0x2D,0x5B,0x0B,0x74,0x74,0xD6, - 0xE6,0x94,0xF9,0x1E,0x6D,0xBE,0x11,0x59,0x74,0xA3,0x92,0x6F,0x12,0xFE,0xE5,0xE4, - 0x38,0x77,0x7C,0xB6,0xA9,0x32,0xDF,0x8C,0xD8,0xBE,0xC4,0xD0,0x73,0xB9,0x31,0xBA, - 0x3B,0xC8,0x32,0xB6,0x8D,0x9D,0xD3,0x00,0x74,0x1F,0xA7,0xBF,0x8A,0xFC,0x47,0xED, - 0x25,0x76,0xF6,0x93,0x6B,0xA4,0x24,0x66,0x3A,0xAB,0x63,0x9C,0x5A,0xE4,0xF5,0x68, - 0x34,0x23,0xB4,0x74,0x2B,0xF1,0xC9,0x78,0x23,0x8F,0x16,0xCB,0xE3,0x9D,0x65,0x2D, - 0xE3,0xFD,0xB8,0xBE,0xFC,0x84,0x8A,0xD9,0x22,0x22,0x2E,0x04,0xA4,0x03,0x7C,0x07, - 0x13,0xEB,0x57,0xA8,0x1A,0x23,0xF0,0xC7,0x34,0x73,0xFC,0x64,0x6C,0xEA,0x30,0x6B, - 0x4B,0xCB,0xC8,0x86,0x2F,0x83,0x85,0xDD,0xFA,0x9D,0x4B,0x7F,0xA2,0xC0,0x87,0xE8, - 0x79,0x68,0x33,0x03,0xED,0x5B,0xDD,0x3A,0x06,0x2B,0x3C,0xF5,0xB3,0xA2,0x78,0xA6, - 0x6D,0x2A,0x13,0xF8,0x3F,0x44,0xF8,0x2D,0xDF,0x31,0x0E,0xE0,0x74,0xAB,0x6A,0x36, - 0x45,0x97,0xE8,0x99,0xA0,0x25,0x5D,0xC1,0x64,0xF3,0x1C,0xC5,0x08,0x46,0x85,0x1D, - 0xF9,0xAB,0x48,0x19,0x5D,0xED,0x7E,0xA1,0xB1,0xD5,0x10,0xBD,0x7E,0xE7,0x4D,0x73, - 0xFA,0xF3,0x6B,0xC3,0x1E,0xCF,0xA2,0x68,0x35,0x90,0x46,0xF4,0xEB,0x87,0x9F,0x92, - 0x40,0x09,0x43,0x8B,0x48,0x1C,0x6C,0xD7,0x88,0x9A,0x00,0x2E,0xD5,0xEE,0x38,0x2B, - 0xC9,0x19,0x0D,0xA6,0xFC,0x02,0x6E,0x47,0x95,0x58,0xE4,0x47,0x56,0x77,0xE9,0xAA, - 0x9E,0x30,0x50,0xE2,0x76,0x56,0x94,0xDF,0xC8,0x1F,0x56,0xE8,0x80,0xB9,0x6E,0x71, - 0x60,0xC9,0x80,0xDD,0x98,0xED,0xD3,0xDF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF, -}; - -typedef struct modulus_entry_t modulus_entry_t; - -/** - * Entry of the modulus list. - */ -struct modulus_entry_t { - /** IKEv2 DH group */ - diffie_hellman_group_t group; - /** modulus */ - chunk_t modulus; - /** optimum length of exponent in bytes */ - size_t opt_len; - /** generator */ - u_int16_t g; -}; - -/** - * All supported modulus values - optimum exponent size according to RFC 3526. - */ -static modulus_entry_t modulus_entries[] = { - {MODP_768_BIT, {group1_modulus, sizeof(group1_modulus)}, 32, 2}, - {MODP_1024_BIT, {group2_modulus, sizeof(group2_modulus)}, 32, 2}, - {MODP_1536_BIT, {group5_modulus, sizeof(group5_modulus)}, 32, 2}, - {MODP_2048_BIT, {group14_modulus, sizeof(group14_modulus)}, 48, 2}, - {MODP_3072_BIT, {group15_modulus, sizeof(group15_modulus)}, 48, 2}, - {MODP_4096_BIT, {group16_modulus, sizeof(group16_modulus)}, 64, 2}, - {MODP_6144_BIT, {group17_modulus, sizeof(group17_modulus)}, 64, 2}, - {MODP_8192_BIT, {group18_modulus, sizeof(group18_modulus)}, 64, 2}, -}; - -/** - * Lookup the modulus in modulo table - */ -static modulus_entry_t *find_entry(diffie_hellman_group_t group) -{ - int i; - - for (i = 0; i < countof(modulus_entries); i++) - { - if (modulus_entries[i].group == group) - { - return &modulus_entries[i]; - } - } - return NULL; -} - typedef struct private_gcrypt_dh_t private_gcrypt_dh_t; /** @@ -392,7 +89,7 @@ static void set_other_public_value(private_gcrypt_dh_t *this, chunk_t value) err = gcry_mpi_scan(&this->yb, GCRYMPI_FMT_USG, value.ptr, value.len, NULL); if (err) { - DBG1("importing mpi yb failed: %s", gpg_strerror(err)); + DBG1(DBG_LIB, "importing mpi yb failed: %s", gpg_strerror(err)); return; } @@ -413,7 +110,8 @@ static void set_other_public_value(private_gcrypt_dh_t *this, chunk_t value) } else { - DBG1("public DH value verification failed: y < 2 || y > p - 1 "); + DBG1(DBG_LIB, "public DH value verification failed:" + " y < 2 || y > p - 1 "); } gcry_mpi_release(p_min_1); } @@ -485,14 +183,13 @@ static void destroy(private_gcrypt_dh_t *this) gcrypt_dh_t *gcrypt_dh_create(diffie_hellman_group_t group) { private_gcrypt_dh_t *this; - modulus_entry_t *entry; + diffie_hellman_params_t *params; gcry_error_t err; chunk_t random; rng_t *rng; - size_t len; - entry = find_entry(group); - if (!entry) + params = diffie_hellman_get_params(group); + if (!params) { return NULL; } @@ -506,53 +203,53 @@ gcrypt_dh_t *gcrypt_dh_create(diffie_hellman_group_t group) this->public.dh.destroy = (void (*)(diffie_hellman_t *)) destroy; this->group = group; - this->p_len = entry->modulus.len; + this->p_len = params->prime.len; err = gcry_mpi_scan(&this->p, GCRYMPI_FMT_USG, - entry->modulus.ptr, entry->modulus.len, NULL); + params->prime.ptr, params->prime.len, NULL); if (err) { - DBG1("importing mpi modulus failed: %s", gpg_strerror(err)); + DBG1(DBG_LIB, "importing mpi modulus failed: %s", gpg_strerror(err)); free(this); return NULL; } - if (lib->settings->get_int(lib->settings, - "libstrongswan.dh_exponent_ansi_x9_42", TRUE)) - { - len = this->p_len; - } - else + err = gcry_mpi_scan(&this->g, GCRYMPI_FMT_USG, + params->generator.ptr, params->generator.len, NULL); + if (err) { - len = entry->opt_len; + DBG1(DBG_LIB, "importing mpi generator failed: %s", gpg_strerror(err)); + gcry_mpi_release(this->p); + free(this); + return NULL; } rng = lib->crypto->create_rng(lib->crypto, RNG_STRONG); if (rng) { /* prefer external randomizer */ - rng->allocate_bytes(rng, len, &random); + rng->allocate_bytes(rng, params->exp_len, &random); rng->destroy(rng); err = gcry_mpi_scan(&this->xa, GCRYMPI_FMT_USG, random.ptr, random.len, NULL); chunk_clear(&random); if (err) { - DBG1("importing mpi xa failed: %s", gpg_strerror(err)); + DBG1(DBG_LIB, "importing mpi xa failed: %s", gpg_strerror(err)); gcry_mpi_release(this->p); + gcry_mpi_release(this->g); free(this); return NULL; } } else { /* fallback to gcrypt internal randomizer, shouldn't ever happen */ - this->xa = gcry_mpi_new(len * 8); - gcry_mpi_randomize(this->xa, len * 8, GCRY_STRONG_RANDOM); + this->xa = gcry_mpi_new(params->exp_len * 8); + gcry_mpi_randomize(this->xa, params->exp_len * 8, GCRY_STRONG_RANDOM); } - if (len == this->p_len) + if (params->exp_len == this->p_len) { /* achieve bitsof(p)-1 by setting MSB to 0 */ - gcry_mpi_clear_bit(this->xa, len * 8 - 1); + gcry_mpi_clear_bit(this->xa, params->exp_len * 8 - 1); } - this->g = gcry_mpi_set_ui(NULL, entry->g); this->ya = gcry_mpi_new(this->p_len * 8); this->yb = NULL; this->zz = NULL; diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_hasher.c b/src/libstrongswan/plugins/gcrypt/gcrypt_hasher.c index d12fe11d5..39609c16c 100644 --- a/src/libstrongswan/plugins/gcrypt/gcrypt_hasher.c +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_hasher.c @@ -137,7 +137,7 @@ gcrypt_hasher_t *gcrypt_hasher_create(hash_algorithm_t algo) err = gcry_md_open(&this->hd, gcrypt_alg, 0); if (err) { - DBG1("grcy_md_open(%N) failed: %s", + DBG1(DBG_LIB, "grcy_md_open(%N) failed: %s", hash_algorithm_names, algo, gpg_strerror(err)); free(this); return NULL; diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c b/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c index 8c9ea893b..039036b2c 100644 --- a/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c @@ -118,7 +118,7 @@ static void destroy(private_gcrypt_plugin_t *this) /* * see header file */ -plugin_t *plugin_create() +plugin_t *gcrypt_plugin_create() { private_gcrypt_plugin_t *this; @@ -126,7 +126,7 @@ plugin_t *plugin_create() if (!gcry_check_version(GCRYPT_VERSION)) { - DBG1("libgcrypt version mismatch"); + DBG1(DBG_LIB, "libgcrypt version mismatch"); return NULL; } @@ -190,6 +190,10 @@ plugin_t *plugin_create() /* diffie hellman groups, using modp */ lib->crypto->add_dh(lib->crypto, MODP_2048_BIT, (dh_constructor_t)gcrypt_dh_create); + lib->crypto->add_dh(lib->crypto, MODP_2048_224, + (dh_constructor_t)gcrypt_dh_create); + lib->crypto->add_dh(lib->crypto, MODP_2048_256, + (dh_constructor_t)gcrypt_dh_create); lib->crypto->add_dh(lib->crypto, MODP_1536_BIT, (dh_constructor_t)gcrypt_dh_create); lib->crypto->add_dh(lib->crypto, MODP_3072_BIT, @@ -202,6 +206,8 @@ plugin_t *plugin_create() (dh_constructor_t)gcrypt_dh_create); lib->crypto->add_dh(lib->crypto, MODP_1024_BIT, (dh_constructor_t)gcrypt_dh_create); + lib->crypto->add_dh(lib->crypto, MODP_1024_160, + (dh_constructor_t)gcrypt_dh_create); lib->crypto->add_dh(lib->crypto, MODP_768_BIT, (dh_constructor_t)gcrypt_dh_create); diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.h b/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.h index f2247ed5c..05e5e7014 100644 --- a/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.h +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.h @@ -39,9 +39,4 @@ struct gcrypt_plugin_t { plugin_t plugin; }; -/** - * Create a gcrypt_plugin instance. - */ -plugin_t *plugin_create(); - #endif /** GCRYPT_PLUGIN_H_ @}*/ diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c index cd156961e..2cb13c5f3 100644 --- a/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c @@ -130,14 +130,15 @@ static bool sign_raw(private_gcrypt_rsa_private_key_t *this, chunk_free(&em); if (err) { - DBG1("building signature S-expression failed: %s", gpg_strerror(err)); + DBG1(DBG_LIB, "building signature S-expression failed: %s", + gpg_strerror(err)); return FALSE; } err = gcry_pk_sign(&out, in, this->key); gcry_sexp_release(in); if (err) { - DBG1("creating pkcs1 signature failed: %s", gpg_strerror(err)); + DBG1(DBG_LIB, "creating pkcs1 signature failed: %s", gpg_strerror(err)); return FALSE; } *signature = gcrypt_rsa_find_token(out, "s", this->key); @@ -176,14 +177,14 @@ static bool sign_pkcs1(private_gcrypt_rsa_private_key_t *this, chunk_free(&hash); if (err) { - DBG1("building signature S-expression failed: %s", gpg_strerror(err)); + DBG1(DBG_LIB, "building signature S-expression failed: %s", gpg_strerror(err)); return FALSE; } err = gcry_pk_sign(&out, in, this->key); gcry_sexp_release(in); if (err) { - DBG1("creating pkcs1 signature failed: %s", gpg_strerror(err)); + DBG1(DBG_LIB, "creating pkcs1 signature failed: %s", gpg_strerror(err)); return FALSE; } *signature = gcrypt_rsa_find_token(out, "s", this->key); @@ -222,7 +223,7 @@ static bool sign(private_gcrypt_rsa_private_key_t *this, signature_scheme_t sche case SIGN_RSA_EMSA_PKCS1_MD5: return sign_pkcs1(this, HASH_MD5, "md5", data, sig); default: - DBG1("signature scheme %N not supported in RSA", + DBG1(DBG_LIB, "signature scheme %N not supported in RSA", signature_scheme_names, scheme); return FALSE; } @@ -243,14 +244,15 @@ static bool decrypt(private_gcrypt_rsa_private_key_t *this, encrypted.len, encrypted.ptr); if (err) { - DBG1("building decryption S-expression failed: %s", gpg_strerror(err)); + DBG1(DBG_LIB, "building decryption S-expression failed: %s", + gpg_strerror(err)); return FALSE; } err = gcry_pk_decrypt(&out, in, this->key); gcry_sexp_release(in); if (err) { - DBG1("decrypting pkcs1 data failed: %s", gpg_strerror(err)); + DBG1(DBG_LIB, "decrypting pkcs1 data failed: %s", gpg_strerror(err)); return FALSE; } padded.ptr = (u_char*)gcry_sexp_nth_data(out, 1, &padded.len); @@ -269,7 +271,7 @@ static bool decrypt(private_gcrypt_rsa_private_key_t *this, gcry_sexp_release(out); if (!pos) { - DBG1("decrypted data has invalid pkcs1 padding"); + DBG1(DBG_LIB, "decrypted data has invalid pkcs1 padding"); return FALSE; } return TRUE; @@ -329,7 +331,7 @@ static bool get_encoding(private_gcrypt_rsa_private_key_t *this, chunk_clear(&cp); chunk_clear(&cq); chunk_clear(&cd); - DBG1("scanning mpi for export failed: %s", gpg_strerror(err)); + DBG1(DBG_LIB, "scanning mpi for export failed: %s", gpg_strerror(err)); return FALSE; } @@ -340,7 +342,7 @@ static bool get_encoding(private_gcrypt_rsa_private_key_t *this, gcry_mpi_sub_ui(q, q, 1); exp2 = gcry_mpi_new(gcry_pk_get_nbits(this->key)); - gcry_mpi_mod(exp1, d, q); + gcry_mpi_mod(exp2, d, q); gcry_mpi_release(q); err = gcry_mpi_aprint(GCRYMPI_FMT_USG, &cexp1.ptr, &cexp1.len, exp1) @@ -352,7 +354,7 @@ static bool get_encoding(private_gcrypt_rsa_private_key_t *this, if (err) { - DBG1("printing mpi for export failed: %s", gpg_strerror(err)); + DBG1(DBG_LIB, "printing mpi for export failed: %s", gpg_strerror(err)); chunk_clear(&cp); chunk_clear(&cq); chunk_clear(&cd); @@ -488,7 +490,7 @@ gcrypt_rsa_private_key_t *gcrypt_rsa_private_key_gen(key_type_t type, err = gcry_sexp_build(¶m, NULL, "(genkey(rsa(nbits %d)))", key_size); if (err) { - DBG1("building S-expression failed: %s", gpg_strerror(err)); + DBG1(DBG_LIB, "building S-expression failed: %s", gpg_strerror(err)); return NULL; } this = gcrypt_rsa_private_key_create_empty(); @@ -497,7 +499,7 @@ gcrypt_rsa_private_key_t *gcrypt_rsa_private_key_gen(key_type_t type, if (err) { free(this); - DBG1("generating RSA key failed: %s", gpg_strerror(err)); + DBG1(DBG_LIB, "generating RSA key failed: %s", gpg_strerror(err)); return NULL; } return &this->public; @@ -557,14 +559,14 @@ gcrypt_rsa_private_key_t *gcrypt_rsa_private_key_load(key_type_t type, p.len, p.ptr, q.len, q.ptr, u.len, u.ptr); if (err) { - DBG1("loading private key failed: %s", gpg_strerror(err)); + DBG1(DBG_LIB, "loading private key failed: %s", gpg_strerror(err)); free(this); return NULL; } err = gcry_pk_testkey(this->key); if (err) { - DBG1("private key sanity check failed: %s", gpg_strerror(err)); + DBG1(DBG_LIB, "private key sanity check failed: %s", gpg_strerror(err)); destroy(this); return NULL; } diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_public_key.c b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_public_key.c index e083fac94..5fd15d9a3 100644 --- a/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_public_key.c +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_public_key.c @@ -83,14 +83,16 @@ static bool verify_raw(private_gcrypt_rsa_public_key_t *this, chunk_free(&em); if (err) { - DBG1("building data S-expression failed: %s", gpg_strerror(err)); + DBG1(DBG_LIB, "building data S-expression failed: %s", + gpg_strerror(err)); return FALSE; } err = gcry_sexp_build(&sig, NULL, "(sig-val(rsa(s %b)))", signature.len, signature.ptr); if (err) { - DBG1("building signature S-expression failed: %s", gpg_strerror(err)); + DBG1(DBG_LIB, "building signature S-expression failed: %s", + gpg_strerror(err)); gcry_sexp_release(in); return FALSE; } @@ -99,7 +101,8 @@ static bool verify_raw(private_gcrypt_rsa_public_key_t *this, gcry_sexp_release(sig); if (err) { - DBG1("RSA signature verification failed: %s", gpg_strerror(err)); + DBG1(DBG_LIB, "RSA signature verification failed: %s", + gpg_strerror(err)); return FALSE; } return TRUE; @@ -130,7 +133,8 @@ static bool verify_pkcs1(private_gcrypt_rsa_public_key_t *this, chunk_free(&hash); if (err) { - DBG1("building data S-expression failed: %s", gpg_strerror(err)); + DBG1(DBG_LIB, "building data S-expression failed: %s", + gpg_strerror(err)); return FALSE; } @@ -138,7 +142,8 @@ static bool verify_pkcs1(private_gcrypt_rsa_public_key_t *this, signature.len, signature.ptr); if (err) { - DBG1("building signature S-expression failed: %s", gpg_strerror(err)); + DBG1(DBG_LIB, "building signature S-expression failed: %s", + gpg_strerror(err)); gcry_sexp_release(in); return FALSE; } @@ -147,7 +152,8 @@ static bool verify_pkcs1(private_gcrypt_rsa_public_key_t *this, gcry_sexp_release(sig); if (err) { - DBG1("RSA signature verification failed: %s", gpg_strerror(err)); + DBG1(DBG_LIB, "RSA signature verification failed: %s", + gpg_strerror(err)); return FALSE; } return TRUE; @@ -184,7 +190,7 @@ static bool verify(private_gcrypt_rsa_public_key_t *this, case SIGN_RSA_EMSA_PKCS1_SHA512: return verify_pkcs1(this, HASH_SHA512, "sha512", data, signature); default: - DBG1("signature scheme %N not supported in RSA", + DBG1(DBG_LIB, "signature scheme %N not supported in RSA", signature_scheme_names, scheme); return FALSE; } @@ -205,14 +211,16 @@ static bool encrypt_(private_gcrypt_rsa_public_key_t *this, chunk_t plain, plain.len, plain.ptr); if (err) { - DBG1("building encryption S-expression failed: %s", gpg_strerror(err)); + DBG1(DBG_LIB, "building encryption S-expression failed: %s", + gpg_strerror(err)); return FALSE; } err = gcry_pk_encrypt(&out, in, this->key); gcry_sexp_release(in); if (err) { - DBG1("encrypting data using pkcs1 failed: %s", gpg_strerror(err)); + DBG1(DBG_LIB, "encrypting data using pkcs1 failed: %s", + gpg_strerror(err)); return FALSE; } *encrypted = gcrypt_rsa_find_token(out, "a", this->key); @@ -343,7 +351,7 @@ gcrypt_rsa_public_key_t *gcrypt_rsa_public_key_load(key_type_t type, n.len, n.ptr, e.len, e.ptr); if (err) { - DBG1("loading public key failed: %s", gpg_strerror(err)); + DBG1(DBG_LIB, "loading public key failed: %s", gpg_strerror(err)); free(this); return NULL; } diff --git a/src/libstrongswan/plugins/gmp/Makefile.am b/src/libstrongswan/plugins/gmp/Makefile.am index 1ab358328..cc8ad34db 100644 --- a/src/libstrongswan/plugins/gmp/Makefile.am +++ b/src/libstrongswan/plugins/gmp/Makefile.am @@ -3,13 +3,17 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic +if MONOLITHIC +noinst_LTLIBRARIES = libstrongswan-gmp.la +else plugin_LTLIBRARIES = libstrongswan-gmp.la +endif -libstrongswan_gmp_la_SOURCES = gmp_plugin.h gmp_plugin.c \ - gmp_diffie_hellman.c gmp_diffie_hellman.h \ - gmp_rsa_private_key.c gmp_rsa_private_key.h \ - gmp_rsa_public_key.c gmp_rsa_public_key.h +libstrongswan_gmp_la_SOURCES = \ + gmp_plugin.h gmp_plugin.c \ + gmp_diffie_hellman.c gmp_diffie_hellman.h \ + gmp_rsa_private_key.c gmp_rsa_private_key.h \ + gmp_rsa_public_key.c gmp_rsa_public_key.h libstrongswan_gmp_la_LDFLAGS = -module -avoid-version -libstrongswan_gmp_la_LIBADD = -lgmp - +libstrongswan_gmp_la_LIBADD = -lgmp diff --git a/src/libstrongswan/plugins/gmp/Makefile.in b/src/libstrongswan/plugins/gmp/Makefile.in index 3077ea7e8..5c1a1fcd9 100644 --- a/src/libstrongswan/plugins/gmp/Makefile.in +++ b/src/libstrongswan/plugins/gmp/Makefile.in @@ -72,7 +72,7 @@ am__base_list = \ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' am__installdirs = "$(DESTDIR)$(plugindir)" -LTLIBRARIES = $(plugin_LTLIBRARIES) +LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES) libstrongswan_gmp_la_DEPENDENCIES = am_libstrongswan_gmp_la_OBJECTS = gmp_plugin.lo gmp_diffie_hellman.lo \ gmp_rsa_private_key.lo gmp_rsa_public_key.lo @@ -80,6 +80,8 @@ libstrongswan_gmp_la_OBJECTS = $(am_libstrongswan_gmp_la_OBJECTS) libstrongswan_gmp_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(libstrongswan_gmp_la_LDFLAGS) $(LDFLAGS) -o $@ +@MONOLITHIC_FALSE@am_libstrongswan_gmp_la_rpath = -rpath $(plugindir) +@MONOLITHIC_TRUE@am_libstrongswan_gmp_la_rpath = DEFAULT_INCLUDES = -I.@am__isrc@ depcomp = $(SHELL) $(top_srcdir)/depcomp am__depfiles_maybe = depfiles @@ -218,6 +220,7 @@ ipsecuid = @ipsecuid@ ipsecuser = @ipsecuser@ libdir = @libdir@ libexecdir = @libexecdir@ +libhydra_plugins = @libhydra_plugins@ libstrongswan_plugins = @libstrongswan_plugins@ linux_headers = @linux_headers@ localedir = @localedir@ @@ -254,11 +257,13 @@ xml_CFLAGS = @xml_CFLAGS@ xml_LIBS = @xml_LIBS@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic -plugin_LTLIBRARIES = libstrongswan-gmp.la -libstrongswan_gmp_la_SOURCES = gmp_plugin.h gmp_plugin.c \ - gmp_diffie_hellman.c gmp_diffie_hellman.h \ - gmp_rsa_private_key.c gmp_rsa_private_key.h \ - gmp_rsa_public_key.c gmp_rsa_public_key.h +@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-gmp.la +@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-gmp.la +libstrongswan_gmp_la_SOURCES = \ + gmp_plugin.h gmp_plugin.c \ + gmp_diffie_hellman.c gmp_diffie_hellman.h \ + gmp_rsa_private_key.c gmp_rsa_private_key.h \ + gmp_rsa_public_key.c gmp_rsa_public_key.h libstrongswan_gmp_la_LDFLAGS = -module -avoid-version libstrongswan_gmp_la_LIBADD = -lgmp @@ -296,6 +301,15 @@ $(top_srcdir)/configure: $(am__configure_deps) $(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(am__aclocal_m4_deps): + +clean-noinstLTLIBRARIES: + -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES) + @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES) @$(NORMAL_INSTALL) test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)" @@ -328,7 +342,7 @@ clean-pluginLTLIBRARIES: rm -f "$${dir}/so_locations"; \ done libstrongswan-gmp.la: $(libstrongswan_gmp_la_OBJECTS) $(libstrongswan_gmp_la_DEPENDENCIES) - $(libstrongswan_gmp_la_LINK) -rpath $(plugindir) $(libstrongswan_gmp_la_OBJECTS) $(libstrongswan_gmp_la_LIBADD) $(LIBS) + $(libstrongswan_gmp_la_LINK) $(am_libstrongswan_gmp_la_rpath) $(libstrongswan_gmp_la_OBJECTS) $(libstrongswan_gmp_la_LIBADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) @@ -484,8 +498,8 @@ maintainer-clean-generic: @echo "it deletes files that may require special tools to rebuild." clean: clean-am -clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \ - mostlyclean-am +clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \ + clean-pluginLTLIBRARIES mostlyclean-am distclean: distclean-am -rm -rf ./$(DEPDIR) @@ -556,18 +570,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES .MAKE: install-am install-strip .PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ - clean-libtool clean-pluginLTLIBRARIES ctags distclean \ - distclean-compile distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-pluginLTLIBRARIES \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-pluginLTLIBRARIES + clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \ + ctags distclean distclean-compile distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-man install-pdf install-pdf-am \ + install-pluginLTLIBRARIES install-ps install-ps-am \ + install-strip installcheck installcheck-am installdirs \ + maintainer-clean maintainer-clean-generic mostlyclean \ + mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ + pdf pdf-am ps ps-am tags uninstall uninstall-am \ + uninstall-pluginLTLIBRARIES # Tell versions [3.59,3.63) of GNU make to not export all variables. diff --git a/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c b/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c index ea7e6fdd2..4ee449890 100644 --- a/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c +++ b/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c @@ -1,6 +1,7 @@ /* * Copyright (C) 1998-2002 D. Hugh Redelmeier. * Copyright (C) 1999, 2000, 2001 Henry Spencer. + * Copyright (C) 2010 Tobias Brunner * Copyright (C) 2005-2008 Martin Willi * Copyright (C) 2005 Jan Hutter * Hochschule fuer Technik Rapperswil @@ -22,309 +23,10 @@ #include <debug.h> - -/** - * Modulus of Group 1 (MODP_768_BIT). - */ -static u_int8_t group1_modulus[] = { - 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34, - 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74, - 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD, - 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37, - 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6, - 0xF4,0x4C,0x42,0xE9,0xA6,0x3A,0x36,0x20,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF -}; - -/** - * Modulus of Group 2 (MODP_1024_BIT). - */ -static u_int8_t group2_modulus[] = { - 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34, - 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74, - 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD, - 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37, - 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6, - 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED, - 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6, - 0x49,0x28,0x66,0x51,0xEC,0xE6,0x53,0x81,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF -}; - -/** - * Modulus of Group 5 (MODP_1536_BIT). - */ -static u_int8_t group5_modulus[] = { - 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34, - 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74, - 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD, - 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37, - 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6, - 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED, - 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6, - 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05, - 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F, - 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB, - 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04, - 0xF1,0x74,0x6C,0x08,0xCA,0x23,0x73,0x27,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF -}; -/** - * Modulus of Group 14 (MODP_2048_BIT). - */ -static u_int8_t group14_modulus[] = { - 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34, - 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74, - 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD, - 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37, - 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6, - 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED, - 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6, - 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05, - 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F, - 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB, - 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04, - 0xF1,0x74,0x6C,0x08,0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B, - 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,0xEC,0x07,0xA2,0x8F, - 0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18, - 0x39,0x95,0x49,0x7C,0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10, - 0x15,0x72,0x8E,0x5A,0x8A,0xAC,0xAA,0x68,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF -}; - -/** - * Modulus of Group 15 (MODP_3072_BIT). - */ -static u_int8_t group15_modulus[] = { - 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34, - 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74, - 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD, - 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37, - 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6, - 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED, - 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6, - 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05, - 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F, - 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB, - 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04, - 0xF1,0x74,0x6C,0x08,0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B, - 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,0xEC,0x07,0xA2,0x8F, - 0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18, - 0x39,0x95,0x49,0x7C,0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10, - 0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,0x04,0x50,0x7A,0x33, - 0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A, - 0x8A,0xEA,0x71,0x57,0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7, - 0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,0x4A,0x25,0x61,0x9D, - 0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64, - 0xD8,0x76,0x02,0x73,0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C, - 0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,0xBA,0xD9,0x46,0xE2, - 0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E, - 0x4B,0x82,0xD1,0x20,0xA9,0x3A,0xD2,0xCA,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF -}; - -/** - * Modulus of Group 16 (MODP_4096_BIT). - */ -static u_int8_t group16_modulus[] = { - 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34, - 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74, - 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD, - 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37, - 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6, - 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED, - 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6, - 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05, - 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F, - 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB, - 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04, - 0xF1,0x74,0x6C,0x08,0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B, - 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,0xEC,0x07,0xA2,0x8F, - 0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18, - 0x39,0x95,0x49,0x7C,0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10, - 0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,0x04,0x50,0x7A,0x33, - 0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A, - 0x8A,0xEA,0x71,0x57,0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7, - 0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,0x4A,0x25,0x61,0x9D, - 0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64, - 0xD8,0x76,0x02,0x73,0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C, - 0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,0xBA,0xD9,0x46,0xE2, - 0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E, - 0x4B,0x82,0xD1,0x20,0xA9,0x21,0x08,0x01,0x1A,0x72,0x3C,0x12,0xA7,0x87,0xE6,0xD7, - 0x88,0x71,0x9A,0x10,0xBD,0xBA,0x5B,0x26,0x99,0xC3,0x27,0x18,0x6A,0xF4,0xE2,0x3C, - 0x1A,0x94,0x68,0x34,0xB6,0x15,0x0B,0xDA,0x25,0x83,0xE9,0xCA,0x2A,0xD4,0x4C,0xE8, - 0xDB,0xBB,0xC2,0xDB,0x04,0xDE,0x8E,0xF9,0x2E,0x8E,0xFC,0x14,0x1F,0xBE,0xCA,0xA6, - 0x28,0x7C,0x59,0x47,0x4E,0x6B,0xC0,0x5D,0x99,0xB2,0x96,0x4F,0xA0,0x90,0xC3,0xA2, - 0x23,0x3B,0xA1,0x86,0x51,0x5B,0xE7,0xED,0x1F,0x61,0x29,0x70,0xCE,0xE2,0xD7,0xAF, - 0xB8,0x1B,0xDD,0x76,0x21,0x70,0x48,0x1C,0xD0,0x06,0x91,0x27,0xD5,0xB0,0x5A,0xA9, - 0x93,0xB4,0xEA,0x98,0x8D,0x8F,0xDD,0xC1,0x86,0xFF,0xB7,0xDC,0x90,0xA6,0xC0,0x8F, - 0x4D,0xF4,0x35,0xC9,0x34,0x06,0x31,0x99,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF -}; - -/** - * Modulus of Group 17 (MODP_6144_BIT). - */ -static u_int8_t group17_modulus[] = { - 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34, - 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74, - 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD, - 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37, - 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6, - 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED, - 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6, - 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05, - 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F, - 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB, - 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04, - 0xF1,0x74,0x6C,0x08,0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B, - 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,0xEC,0x07,0xA2,0x8F, - 0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18, - 0x39,0x95,0x49,0x7C,0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10, - 0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,0x04,0x50,0x7A,0x33, - 0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A, - 0x8A,0xEA,0x71,0x57,0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7, - 0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,0x4A,0x25,0x61,0x9D, - 0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64, - 0xD8,0x76,0x02,0x73,0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C, - 0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,0xBA,0xD9,0x46,0xE2, - 0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E, - 0x4B,0x82,0xD1,0x20,0xA9,0x21,0x08,0x01,0x1A,0x72,0x3C,0x12,0xA7,0x87,0xE6,0xD7, - 0x88,0x71,0x9A,0x10,0xBD,0xBA,0x5B,0x26,0x99,0xC3,0x27,0x18,0x6A,0xF4,0xE2,0x3C, - 0x1A,0x94,0x68,0x34,0xB6,0x15,0x0B,0xDA,0x25,0x83,0xE9,0xCA,0x2A,0xD4,0x4C,0xE8, - 0xDB,0xBB,0xC2,0xDB,0x04,0xDE,0x8E,0xF9,0x2E,0x8E,0xFC,0x14,0x1F,0xBE,0xCA,0xA6, - 0x28,0x7C,0x59,0x47,0x4E,0x6B,0xC0,0x5D,0x99,0xB2,0x96,0x4F,0xA0,0x90,0xC3,0xA2, - 0x23,0x3B,0xA1,0x86,0x51,0x5B,0xE7,0xED,0x1F,0x61,0x29,0x70,0xCE,0xE2,0xD7,0xAF, - 0xB8,0x1B,0xDD,0x76,0x21,0x70,0x48,0x1C,0xD0,0x06,0x91,0x27,0xD5,0xB0,0x5A,0xA9, - 0x93,0xB4,0xEA,0x98,0x8D,0x8F,0xDD,0xC1,0x86,0xFF,0xB7,0xDC,0x90,0xA6,0xC0,0x8F, - 0x4D,0xF4,0x35,0xC9,0x34,0x02,0x84,0x92,0x36,0xC3,0xFA,0xB4,0xD2,0x7C,0x70,0x26, - 0xC1,0xD4,0xDC,0xB2,0x60,0x26,0x46,0xDE,0xC9,0x75,0x1E,0x76,0x3D,0xBA,0x37,0xBD, - 0xF8,0xFF,0x94,0x06,0xAD,0x9E,0x53,0x0E,0xE5,0xDB,0x38,0x2F,0x41,0x30,0x01,0xAE, - 0xB0,0x6A,0x53,0xED,0x90,0x27,0xD8,0x31,0x17,0x97,0x27,0xB0,0x86,0x5A,0x89,0x18, - 0xDA,0x3E,0xDB,0xEB,0xCF,0x9B,0x14,0xED,0x44,0xCE,0x6C,0xBA,0xCE,0xD4,0xBB,0x1B, - 0xDB,0x7F,0x14,0x47,0xE6,0xCC,0x25,0x4B,0x33,0x20,0x51,0x51,0x2B,0xD7,0xAF,0x42, - 0x6F,0xB8,0xF4,0x01,0x37,0x8C,0xD2,0xBF,0x59,0x83,0xCA,0x01,0xC6,0x4B,0x92,0xEC, - 0xF0,0x32,0xEA,0x15,0xD1,0x72,0x1D,0x03,0xF4,0x82,0xD7,0xCE,0x6E,0x74,0xFE,0xF6, - 0xD5,0x5E,0x70,0x2F,0x46,0x98,0x0C,0x82,0xB5,0xA8,0x40,0x31,0x90,0x0B,0x1C,0x9E, - 0x59,0xE7,0xC9,0x7F,0xBE,0xC7,0xE8,0xF3,0x23,0xA9,0x7A,0x7E,0x36,0xCC,0x88,0xBE, - 0x0F,0x1D,0x45,0xB7,0xFF,0x58,0x5A,0xC5,0x4B,0xD4,0x07,0xB2,0x2B,0x41,0x54,0xAA, - 0xCC,0x8F,0x6D,0x7E,0xBF,0x48,0xE1,0xD8,0x14,0xCC,0x5E,0xD2,0x0F,0x80,0x37,0xE0, - 0xA7,0x97,0x15,0xEE,0xF2,0x9B,0xE3,0x28,0x06,0xA1,0xD5,0x8B,0xB7,0xC5,0xDA,0x76, - 0xF5,0x50,0xAA,0x3D,0x8A,0x1F,0xBF,0xF0,0xEB,0x19,0xCC,0xB1,0xA3,0x13,0xD5,0x5C, - 0xDA,0x56,0xC9,0xEC,0x2E,0xF2,0x96,0x32,0x38,0x7F,0xE8,0xD7,0x6E,0x3C,0x04,0x68, - 0x04,0x3E,0x8F,0x66,0x3F,0x48,0x60,0xEE,0x12,0xBF,0x2D,0x5B,0x0B,0x74,0x74,0xD6, - 0xE6,0x94,0xF9,0x1E,0x6D,0xCC,0x40,0x24,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF -}; - -/** - * Modulus of Group 18 (MODP_8192_BIT). - */ -static u_int8_t group18_modulus[] = { - 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34, - 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74, - 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD, - 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37, - 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6, - 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED, - 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6, - 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05, - 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F, - 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB, - 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04, - 0xF1,0x74,0x6C,0x08,0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B, - 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,0xEC,0x07,0xA2,0x8F, - 0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18, - 0x39,0x95,0x49,0x7C,0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10, - 0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,0x04,0x50,0x7A,0x33, - 0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A, - 0x8A,0xEA,0x71,0x57,0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7, - 0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,0x4A,0x25,0x61,0x9D, - 0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64, - 0xD8,0x76,0x02,0x73,0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C, - 0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,0xBA,0xD9,0x46,0xE2, - 0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E, - 0x4B,0x82,0xD1,0x20,0xA9,0x21,0x08,0x01,0x1A,0x72,0x3C,0x12,0xA7,0x87,0xE6,0xD7, - 0x88,0x71,0x9A,0x10,0xBD,0xBA,0x5B,0x26,0x99,0xC3,0x27,0x18,0x6A,0xF4,0xE2,0x3C, - 0x1A,0x94,0x68,0x34,0xB6,0x15,0x0B,0xDA,0x25,0x83,0xE9,0xCA,0x2A,0xD4,0x4C,0xE8, - 0xDB,0xBB,0xC2,0xDB,0x04,0xDE,0x8E,0xF9,0x2E,0x8E,0xFC,0x14,0x1F,0xBE,0xCA,0xA6, - 0x28,0x7C,0x59,0x47,0x4E,0x6B,0xC0,0x5D,0x99,0xB2,0x96,0x4F,0xA0,0x90,0xC3,0xA2, - 0x23,0x3B,0xA1,0x86,0x51,0x5B,0xE7,0xED,0x1F,0x61,0x29,0x70,0xCE,0xE2,0xD7,0xAF, - 0xB8,0x1B,0xDD,0x76,0x21,0x70,0x48,0x1C,0xD0,0x06,0x91,0x27,0xD5,0xB0,0x5A,0xA9, - 0x93,0xB4,0xEA,0x98,0x8D,0x8F,0xDD,0xC1,0x86,0xFF,0xB7,0xDC,0x90,0xA6,0xC0,0x8F, - 0x4D,0xF4,0x35,0xC9,0x34,0x02,0x84,0x92,0x36,0xC3,0xFA,0xB4,0xD2,0x7C,0x70,0x26, - 0xC1,0xD4,0xDC,0xB2,0x60,0x26,0x46,0xDE,0xC9,0x75,0x1E,0x76,0x3D,0xBA,0x37,0xBD, - 0xF8,0xFF,0x94,0x06,0xAD,0x9E,0x53,0x0E,0xE5,0xDB,0x38,0x2F,0x41,0x30,0x01,0xAE, - 0xB0,0x6A,0x53,0xED,0x90,0x27,0xD8,0x31,0x17,0x97,0x27,0xB0,0x86,0x5A,0x89,0x18, - 0xDA,0x3E,0xDB,0xEB,0xCF,0x9B,0x14,0xED,0x44,0xCE,0x6C,0xBA,0xCE,0xD4,0xBB,0x1B, - 0xDB,0x7F,0x14,0x47,0xE6,0xCC,0x25,0x4B,0x33,0x20,0x51,0x51,0x2B,0xD7,0xAF,0x42, - 0x6F,0xB8,0xF4,0x01,0x37,0x8C,0xD2,0xBF,0x59,0x83,0xCA,0x01,0xC6,0x4B,0x92,0xEC, - 0xF0,0x32,0xEA,0x15,0xD1,0x72,0x1D,0x03,0xF4,0x82,0xD7,0xCE,0x6E,0x74,0xFE,0xF6, - 0xD5,0x5E,0x70,0x2F,0x46,0x98,0x0C,0x82,0xB5,0xA8,0x40,0x31,0x90,0x0B,0x1C,0x9E, - 0x59,0xE7,0xC9,0x7F,0xBE,0xC7,0xE8,0xF3,0x23,0xA9,0x7A,0x7E,0x36,0xCC,0x88,0xBE, - 0x0F,0x1D,0x45,0xB7,0xFF,0x58,0x5A,0xC5,0x4B,0xD4,0x07,0xB2,0x2B,0x41,0x54,0xAA, - 0xCC,0x8F,0x6D,0x7E,0xBF,0x48,0xE1,0xD8,0x14,0xCC,0x5E,0xD2,0x0F,0x80,0x37,0xE0, - 0xA7,0x97,0x15,0xEE,0xF2,0x9B,0xE3,0x28,0x06,0xA1,0xD5,0x8B,0xB7,0xC5,0xDA,0x76, - 0xF5,0x50,0xAA,0x3D,0x8A,0x1F,0xBF,0xF0,0xEB,0x19,0xCC,0xB1,0xA3,0x13,0xD5,0x5C, - 0xDA,0x56,0xC9,0xEC,0x2E,0xF2,0x96,0x32,0x38,0x7F,0xE8,0xD7,0x6E,0x3C,0x04,0x68, - 0x04,0x3E,0x8F,0x66,0x3F,0x48,0x60,0xEE,0x12,0xBF,0x2D,0x5B,0x0B,0x74,0x74,0xD6, - 0xE6,0x94,0xF9,0x1E,0x6D,0xBE,0x11,0x59,0x74,0xA3,0x92,0x6F,0x12,0xFE,0xE5,0xE4, - 0x38,0x77,0x7C,0xB6,0xA9,0x32,0xDF,0x8C,0xD8,0xBE,0xC4,0xD0,0x73,0xB9,0x31,0xBA, - 0x3B,0xC8,0x32,0xB6,0x8D,0x9D,0xD3,0x00,0x74,0x1F,0xA7,0xBF,0x8A,0xFC,0x47,0xED, - 0x25,0x76,0xF6,0x93,0x6B,0xA4,0x24,0x66,0x3A,0xAB,0x63,0x9C,0x5A,0xE4,0xF5,0x68, - 0x34,0x23,0xB4,0x74,0x2B,0xF1,0xC9,0x78,0x23,0x8F,0x16,0xCB,0xE3,0x9D,0x65,0x2D, - 0xE3,0xFD,0xB8,0xBE,0xFC,0x84,0x8A,0xD9,0x22,0x22,0x2E,0x04,0xA4,0x03,0x7C,0x07, - 0x13,0xEB,0x57,0xA8,0x1A,0x23,0xF0,0xC7,0x34,0x73,0xFC,0x64,0x6C,0xEA,0x30,0x6B, - 0x4B,0xCB,0xC8,0x86,0x2F,0x83,0x85,0xDD,0xFA,0x9D,0x4B,0x7F,0xA2,0xC0,0x87,0xE8, - 0x79,0x68,0x33,0x03,0xED,0x5B,0xDD,0x3A,0x06,0x2B,0x3C,0xF5,0xB3,0xA2,0x78,0xA6, - 0x6D,0x2A,0x13,0xF8,0x3F,0x44,0xF8,0x2D,0xDF,0x31,0x0E,0xE0,0x74,0xAB,0x6A,0x36, - 0x45,0x97,0xE8,0x99,0xA0,0x25,0x5D,0xC1,0x64,0xF3,0x1C,0xC5,0x08,0x46,0x85,0x1D, - 0xF9,0xAB,0x48,0x19,0x5D,0xED,0x7E,0xA1,0xB1,0xD5,0x10,0xBD,0x7E,0xE7,0x4D,0x73, - 0xFA,0xF3,0x6B,0xC3,0x1E,0xCF,0xA2,0x68,0x35,0x90,0x46,0xF4,0xEB,0x87,0x9F,0x92, - 0x40,0x09,0x43,0x8B,0x48,0x1C,0x6C,0xD7,0x88,0x9A,0x00,0x2E,0xD5,0xEE,0x38,0x2B, - 0xC9,0x19,0x0D,0xA6,0xFC,0x02,0x6E,0x47,0x95,0x58,0xE4,0x47,0x56,0x77,0xE9,0xAA, - 0x9E,0x30,0x50,0xE2,0x76,0x56,0x94,0xDF,0xC8,0x1F,0x56,0xE8,0x80,0xB9,0x6E,0x71, - 0x60,0xC9,0x80,0xDD,0x98,0xED,0xD3,0xDF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF, -}; - -typedef struct modulus_entry_t modulus_entry_t; - -/** - * Entry of the modulus list. - */ -struct modulus_entry_t { - /** - * Group number as it is defined in file transform_substructure.h. - */ - diffie_hellman_group_t group; - - /** - * Pointer to first byte of modulus (network order). - */ - u_int8_t *modulus; - - /* - * Length of modulus in bytes. - */ - size_t modulus_len; - - /* - * Optimum length of exponent in bytes. - */ - size_t opt_exponent_len; - - /* - * Generator value. - */ - u_int16_t generator; -}; - -/** - * All supported modulus values - optimum exponent size according to RFC 3526. - */ -static modulus_entry_t modulus_entries[] = { - {MODP_768_BIT, group1_modulus, sizeof(group1_modulus), 32, 2}, - {MODP_1024_BIT, group2_modulus, sizeof(group2_modulus), 32, 2}, - {MODP_1536_BIT, group5_modulus, sizeof(group5_modulus), 32, 2}, - {MODP_2048_BIT, group14_modulus, sizeof(group14_modulus), 48, 2}, - {MODP_3072_BIT, group15_modulus, sizeof(group15_modulus), 48, 2}, - {MODP_4096_BIT, group16_modulus, sizeof(group16_modulus), 64, 2}, - {MODP_6144_BIT, group17_modulus, sizeof(group17_modulus), 64, 2}, - {MODP_8192_BIT, group18_modulus, sizeof(group18_modulus), 64, 2}, -}; +#ifdef HAVE_MPZ_POWM_SEC +# undef mpz_powm +# define mpz_powm mpz_powm_sec +#endif typedef struct private_gmp_diffie_hellman_t private_gmp_diffie_hellman_t; @@ -378,11 +80,6 @@ struct private_gmp_diffie_hellman_t { size_t p_len; /** - * Optimal exponent length. - */ - size_t opt_exponent_len; - - /** * True if shared secret is computed and stored in my_public_value. */ bool computed; @@ -409,10 +106,20 @@ static void set_other_public_value(private_gmp_diffie_hellman_t *this, chunk_t v #ifdef EXTENDED_DH_TEST /* 3. test if y ^ q mod p = 1, where q = (p - 1)/2. */ mpz_t q, one; + diffie_hellman_params_t *params; mpz_init(q); mpz_init(one); - mpz_fdiv_q_2exp(q, p_min_1, 1); + + params = diffie_hellman_get_params(this->group); + if (!params->subgroup.len) + { + mpz_fdiv_q_2exp(q, p_min_1, 1); + } + else + { + mpz_import(q, params->subgroup.len, 1, 1, 1, 0, params->subgroup.ptr); + } mpz_powm(one, this->yb, q, this->p); mpz_clear(q); if (mpz_cmp_ui(one, 1) == 0) @@ -422,7 +129,8 @@ static void set_other_public_value(private_gmp_diffie_hellman_t *this, chunk_t v } else { - DBG1("public DH value verification failed: y ^ q mod p != 1"); + DBG1(DBG_LIB, "public DH value verification failed:" + " y ^ q mod p != 1"); } mpz_clear(one); #else @@ -432,7 +140,8 @@ static void set_other_public_value(private_gmp_diffie_hellman_t *this, chunk_t v } else { - DBG1("public DH value verification failed: y < 2 || y > p - 1 "); + DBG1(DBG_LIB, "public DH value verification failed:" + " y < 2 || y > p - 1 "); } mpz_clear(p_min_1); } @@ -477,32 +186,6 @@ static diffie_hellman_group_t get_dh_group(private_gmp_diffie_hellman_t *this) } /** - * Lookup the modulus in modulo table - */ -static status_t set_modulus(private_gmp_diffie_hellman_t *this) -{ - int i; - status_t status = NOT_FOUND; - - for (i = 0; i < (sizeof(modulus_entries) / sizeof(modulus_entry_t)); i++) - { - if (modulus_entries[i].group == this->group) - { - chunk_t chunk; - chunk.ptr = modulus_entries[i].modulus; - chunk.len = modulus_entries[i].modulus_len; - mpz_import(this->p, chunk.len, 1, 1, 1, 0, chunk.ptr); - this->p_len = chunk.len; - this->opt_exponent_len = modulus_entries[i].opt_exponent_len; - mpz_set_ui(this->g, modulus_entries[i].generator); - status = SUCCESS; - break; - } - } - return status; -} - -/** * Implementation of gmp_diffie_hellman_t.destroy. */ static void destroy(private_gmp_diffie_hellman_t *this) @@ -521,11 +204,18 @@ static void destroy(private_gmp_diffie_hellman_t *this) */ gmp_diffie_hellman_t *gmp_diffie_hellman_create(diffie_hellman_group_t group) { - private_gmp_diffie_hellman_t *this = malloc_thing(private_gmp_diffie_hellman_t); + private_gmp_diffie_hellman_t *this; + diffie_hellman_params_t *params; rng_t *rng; chunk_t random; - bool ansi_x9_42; - size_t exponent_len; + + params = diffie_hellman_get_params(group); + if (!params) + { + return NULL; + } + + this = malloc_thing(private_gmp_diffie_hellman_t); /* public functions */ this->public.dh.get_shared_secret = (status_t (*)(diffie_hellman_t *, chunk_t *)) get_shared_secret; @@ -544,35 +234,31 @@ gmp_diffie_hellman_t *gmp_diffie_hellman_create(diffie_hellman_group_t group) mpz_init(this->g); this->computed = FALSE; + this->p_len = params->prime.len; + mpz_import(this->p, params->prime.len, 1, 1, 1, 0, params->prime.ptr); + mpz_import(this->g, params->generator.len, 1, 1, 1, 0, params->generator.ptr); - /* find a modulus according to group */ - if (set_modulus(this) != SUCCESS) - { - destroy(this); - return NULL; - } rng = lib->crypto->create_rng(lib->crypto, RNG_STRONG); if (!rng) { - DBG1("no RNG found for quality %N", rng_quality_names, RNG_STRONG); + DBG1(DBG_LIB, "no RNG found for quality %N", rng_quality_names, + RNG_STRONG); destroy(this); return NULL; } - ansi_x9_42 = lib->settings->get_int(lib->settings, - "libstrongswan.dh_exponent_ansi_x9_42", TRUE); - exponent_len = (ansi_x9_42) ? this->p_len : this->opt_exponent_len; - rng->allocate_bytes(rng, exponent_len, &random); + rng->allocate_bytes(rng, params->exp_len, &random); rng->destroy(rng); - if (ansi_x9_42) + if (params->exp_len == this->p_len) { /* achieve bitsof(p)-1 by setting MSB to 0 */ *random.ptr &= 0x7F; } mpz_import(this->xa, random.len, 1, 1, 1, 0, random.ptr); chunk_free(&random); - DBG2("size of DH secret exponent: %u bits", mpz_sizeinbase(this->xa, 2)); + DBG2(DBG_LIB, "size of DH secret exponent: %u bits", + mpz_sizeinbase(this->xa, 2)); mpz_powm(this->ya, this->g, this->xa, this->p); diff --git a/src/libstrongswan/plugins/gmp/gmp_plugin.c b/src/libstrongswan/plugins/gmp/gmp_plugin.c index b70ff881c..fbce9732f 100644 --- a/src/libstrongswan/plugins/gmp/gmp_plugin.c +++ b/src/libstrongswan/plugins/gmp/gmp_plugin.c @@ -52,7 +52,7 @@ static void destroy(private_gmp_plugin_t *this) /* * see header file */ -plugin_t *plugin_create() +plugin_t *gmp_plugin_create() { private_gmp_plugin_t *this = malloc_thing(private_gmp_plugin_t); @@ -60,6 +60,10 @@ plugin_t *plugin_create() lib->crypto->add_dh(lib->crypto, MODP_2048_BIT, (dh_constructor_t)gmp_diffie_hellman_create); + lib->crypto->add_dh(lib->crypto, MODP_2048_224, + (dh_constructor_t)gmp_diffie_hellman_create); + lib->crypto->add_dh(lib->crypto, MODP_2048_256, + (dh_constructor_t)gmp_diffie_hellman_create); lib->crypto->add_dh(lib->crypto, MODP_1536_BIT, (dh_constructor_t)gmp_diffie_hellman_create); lib->crypto->add_dh(lib->crypto, MODP_3072_BIT, @@ -72,6 +76,8 @@ plugin_t *plugin_create() (dh_constructor_t)gmp_diffie_hellman_create); lib->crypto->add_dh(lib->crypto, MODP_1024_BIT, (dh_constructor_t)gmp_diffie_hellman_create); + lib->crypto->add_dh(lib->crypto, MODP_1024_160, + (dh_constructor_t)gmp_diffie_hellman_create); lib->crypto->add_dh(lib->crypto, MODP_768_BIT, (dh_constructor_t)gmp_diffie_hellman_create); diff --git a/src/libstrongswan/plugins/gmp/gmp_plugin.h b/src/libstrongswan/plugins/gmp/gmp_plugin.h index 77d53965d..e4a87c8e2 100644 --- a/src/libstrongswan/plugins/gmp/gmp_plugin.h +++ b/src/libstrongswan/plugins/gmp/gmp_plugin.h @@ -39,9 +39,4 @@ struct gmp_plugin_t { plugin_t plugin; }; -/** - * Create a gmp_plugin instance. - */ -plugin_t *plugin_create(); - #endif /** GMP_PLUGIN_H_ @}*/ diff --git a/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c b/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c index 1829bd459..f70b0b545 100644 --- a/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c +++ b/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c @@ -27,6 +27,11 @@ #include <asn1/asn1.h> #include <asn1/asn1_parser.h> +#ifdef HAVE_MPZ_POWM_SEC +# undef mpz_powm +# define mpz_powm mpz_powm_sec +#endif + /** * Public exponent to use for key generation. */ @@ -136,7 +141,8 @@ static status_t compute_prime(private_gmp_rsa_private_key_t *this, rng = lib->crypto->create_rng(lib->crypto, RNG_TRUE); if (!rng) { - DBG1("no RNG of quality %N found", rng_quality_names, RNG_TRUE); + DBG1(DBG_LIB, "no RNG of quality %N found", rng_quality_names, + RNG_TRUE); return FAILED; } @@ -144,8 +150,8 @@ static status_t compute_prime(private_gmp_rsa_private_key_t *this, do { rng->allocate_bytes(rng, prime_size, &random_bytes); - /* make sure most significant bit is set */ - random_bytes.ptr[0] = random_bytes.ptr[0] | 0x80; + /* make sure the two most significant bits are set */ + random_bytes.ptr[0] = random_bytes.ptr[0] | 0xC0; mpz_import(*prime, random_bytes.len, 1, 1, 1, 0, random_bytes.ptr); mpz_nextprime (*prime, *prime); @@ -243,7 +249,8 @@ static bool build_emsa_pkcs1_signature(private_gmp_rsa_private_key_t *this, if (data.len > this->k - 3) { free(digestInfo.ptr); - DBG1("unable to sign %d bytes using a %dbit key", data.len, this->k * 8); + DBG1(DBG_LIB, "unable to sign %d bytes using a %dbit key", data.len, + this->k * 8); return FALSE; } @@ -304,7 +311,7 @@ static bool sign(private_gmp_rsa_private_key_t *this, signature_scheme_t scheme, case SIGN_RSA_EMSA_PKCS1_MD5: return build_emsa_pkcs1_signature(this, HASH_MD5, data, signature); default: - DBG1("signature scheme %N not supported in RSA", + DBG1(DBG_LIB, "signature scheme %N not supported in RSA", signature_scheme_names, scheme); return FALSE; } @@ -327,7 +334,7 @@ static bool decrypt(private_gmp_rsa_private_key_t *this, chunk_t crypto, /* check for hex pattern 00 02 in decrypted message */ if ((*stripped.ptr++ != 0x00) || (*(stripped.ptr++) != 0x02)) { - DBG1("incorrect padding - probably wrong rsa key"); + DBG1(DBG_LIB, "incorrect padding - probably wrong rsa key"); goto end; } stripped.len -= 2; @@ -337,7 +344,7 @@ static bool decrypt(private_gmp_rsa_private_key_t *this, chunk_t crypto, if (stripped.len == 0) { - DBG1("no plaintext data"); + DBG1(DBG_LIB, "no plaintext data"); goto end; } @@ -494,14 +501,14 @@ static status_t check(private_gmp_rsa_private_key_t *this) */ if (this->k < 512 / BITS_PER_BYTE) { - DBG1("key shorter than 512 bits"); + DBG1(DBG_LIB, "key shorter than 512 bits"); return FAILED; } /* we picked a max modulus size to simplify buffer allocation */ if (this->k > 8192 / BITS_PER_BYTE) { - DBG1("key larger than 8192 bits"); + DBG1(DBG_LIB, "key larger than 8192 bits"); return FAILED; } @@ -575,7 +582,7 @@ static status_t check(private_gmp_rsa_private_key_t *this) mpz_clear_sensitive(q1); if (status != SUCCESS) { - DBG1("key integrity tests failed"); + DBG1(DBG_LIB, "key integrity tests failed"); } return status; } @@ -664,7 +671,7 @@ gmp_rsa_private_key_t *gmp_rsa_private_key_gen(key_type_t type, va_list args) mpz_mul(n, p, q); /* n = p*q */ mpz_init_set_ui(e, PUBLIC_EXPONENT); /* assign public exponent */ - mpz_init_set(m, p); /* m = p */ + mpz_init_set(m, p); /* m = p */ mpz_sub_ui(m, m, 1); /* m = m -1 */ mpz_init_set(q1, q); /* q1 = q */ mpz_sub_ui(q1, q1, 1); /* q1 = q1 -1 */ diff --git a/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c b/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c index 5fea69131..98dbb1922 100644 --- a/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c +++ b/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c @@ -28,6 +28,11 @@ #include <asn1/asn1_parser.h> #include <crypto/hashers/hasher.h> +#ifdef HAVE_MPZ_POWM_SEC +# undef mpz_powm +# define mpz_powm mpz_powm_sec +#endif + typedef struct private_gmp_rsa_public_key_t private_gmp_rsa_public_key_t; /** @@ -178,8 +183,8 @@ static bool verify_emsa_pkcs1_signature(private_gmp_rsa_public_key_t *this, { /* IKEv1 signatures without digestInfo */ if (em.len != data.len) { - DBG1("hash size in signature is %u bytes instead of %u bytes", - em.len, data.len); + DBG1(DBG_LIB, "hash size in signature is %u bytes instead of" + " %u bytes", em.len, data.len); goto end; } success = memeq(em.ptr, data.ptr, data.len); @@ -191,7 +196,7 @@ static bool verify_emsa_pkcs1_signature(private_gmp_rsa_public_key_t *this, int objectID; hash_algorithm_t hash_algorithm = HASH_UNKNOWN; - DBG2("signature verification:"); + DBG2(DBG_LIB, "signature verification:"); parser = asn1_parser_create(digestInfoObjects, em); while (parser->iterate(parser, &objectID, &object)) @@ -202,7 +207,8 @@ static bool verify_emsa_pkcs1_signature(private_gmp_rsa_public_key_t *this, { if (em.len > object.len) { - DBG1("digestInfo field in signature is followed by %u surplus bytes", + DBG1(DBG_LIB, "digestInfo field in signature is" + " followed by %u surplus bytes", em.len - object.len); goto end_parser; } @@ -216,8 +222,8 @@ static bool verify_emsa_pkcs1_signature(private_gmp_rsa_public_key_t *this, hash_algorithm = hasher_algorithm_from_oid(hash_oid); if (hash_algorithm == HASH_UNKNOWN || hash_algorithm != algorithm) { - DBG1("expected hash algorithm %N, but found %N (OID: %#B)", - hash_algorithm_names, algorithm, + DBG1(DBG_LIB, "expected hash algorithm %N, but found" + " %N (OID: %#B)", hash_algorithm_names, algorithm, hash_algorithm_names, hash_algorithm, &object); goto end_parser; } @@ -231,15 +237,16 @@ static bool verify_emsa_pkcs1_signature(private_gmp_rsa_public_key_t *this, hasher = lib->crypto->create_hasher(lib->crypto, hash_algorithm); if (hasher == NULL) { - DBG1("hash algorithm %N not supported", + DBG1(DBG_LIB, "hash algorithm %N not supported", hash_algorithm_names, hash_algorithm); goto end_parser; } if (object.len != hasher->get_hash_size(hasher)) { - DBG1("hash size in signature is %u bytes instead of %u " - "bytes", object.len, hasher->get_hash_size(hasher)); + DBG1(DBG_LIB, "hash size in signature is %u bytes" + " instead of %u bytes", object.len, + hasher->get_hash_size(hasher)); hasher->destroy(hasher); goto end_parser; } @@ -297,7 +304,7 @@ static bool verify(private_gmp_rsa_public_key_t *this, signature_scheme_t scheme case SIGN_RSA_EMSA_PKCS1_SHA512: return verify_emsa_pkcs1_signature(this, HASH_SHA512, data, signature); default: - DBG1("signature scheme %N not supported in RSA", + DBG1(DBG_LIB, "signature scheme %N not supported in RSA", signature_scheme_names, scheme); return FALSE; } @@ -319,7 +326,7 @@ static bool encrypt_(private_gmp_rsa_public_key_t *this, chunk_t plain, rng = lib->crypto->create_rng(lib->crypto, RNG_WEAK); if (rng == NULL) { - DBG1("no random generator available"); + DBG1(DBG_LIB, "no random generator available"); return FALSE; } @@ -327,13 +334,14 @@ static bool encrypt_(private_gmp_rsa_public_key_t *this, chunk_t plain, padding = this->k - plain.len - 3; if (padding < MIN_PS_PADDING) { - DBG1("pseudo-random padding must be at least %d octets", MIN_PS_PADDING); + DBG1(DBG_LIB, "pseudo-random padding must be at least %d octets", + MIN_PS_PADDING); return FALSE; } /* padding according to PKCS#1 7.2.1 (RSAES-PKCS1-v1.5-ENCRYPT) */ - DBG2("padding %u bytes of data to the rsa modulus size of %u bytes", - plain.len, this->k); + DBG2(DBG_LIB, "padding %u bytes of data to the rsa modulus size of" + " %u bytes", plain.len, this->k); em.len = this->k; em.ptr = malloc(em.len); pos = em.ptr; @@ -359,11 +367,11 @@ static bool encrypt_(private_gmp_rsa_public_key_t *this, chunk_t plain, /* now add the data */ memcpy(pos, plain.ptr, plain.len); - DBG3("padded data before rsa encryption: %B", &em); + DBG3(DBG_LIB, "padded data before rsa encryption: %B", &em); /* rsa encryption using PKCS#1 RSAEP */ *crypto = rsaep(this, em); - DBG3("rsa encrypted data: %B", crypto); + DBG3(DBG_LIB, "rsa encrypted data: %B", crypto); chunk_clear(&em); return TRUE; } diff --git a/src/libstrongswan/plugins/hmac/Makefile.am b/src/libstrongswan/plugins/hmac/Makefile.am index 1856cad2d..77aa0ffd1 100644 --- a/src/libstrongswan/plugins/hmac/Makefile.am +++ b/src/libstrongswan/plugins/hmac/Makefile.am @@ -3,9 +3,14 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic +if MONOLITHIC +noinst_LTLIBRARIES = libstrongswan-hmac.la +else plugin_LTLIBRARIES = libstrongswan-hmac.la +endif -libstrongswan_hmac_la_SOURCES = hmac_plugin.h hmac_plugin.c hmac.h hmac.c \ +libstrongswan_hmac_la_SOURCES = \ + hmac_plugin.h hmac_plugin.c hmac.h hmac.c \ hmac_prf.h hmac_prf.c hmac_signer.h hmac_signer.c -libstrongswan_hmac_la_LDFLAGS = -module -avoid-version +libstrongswan_hmac_la_LDFLAGS = -module -avoid-version diff --git a/src/libstrongswan/plugins/hmac/Makefile.in b/src/libstrongswan/plugins/hmac/Makefile.in index 7dc8269a4..c965f7392 100644 --- a/src/libstrongswan/plugins/hmac/Makefile.in +++ b/src/libstrongswan/plugins/hmac/Makefile.in @@ -72,7 +72,7 @@ am__base_list = \ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' am__installdirs = "$(DESTDIR)$(plugindir)" -LTLIBRARIES = $(plugin_LTLIBRARIES) +LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES) libstrongswan_hmac_la_LIBADD = am_libstrongswan_hmac_la_OBJECTS = hmac_plugin.lo hmac.lo hmac_prf.lo \ hmac_signer.lo @@ -80,6 +80,8 @@ libstrongswan_hmac_la_OBJECTS = $(am_libstrongswan_hmac_la_OBJECTS) libstrongswan_hmac_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(libstrongswan_hmac_la_LDFLAGS) $(LDFLAGS) -o $@ +@MONOLITHIC_FALSE@am_libstrongswan_hmac_la_rpath = -rpath $(plugindir) +@MONOLITHIC_TRUE@am_libstrongswan_hmac_la_rpath = DEFAULT_INCLUDES = -I.@am__isrc@ depcomp = $(SHELL) $(top_srcdir)/depcomp am__depfiles_maybe = depfiles @@ -218,6 +220,7 @@ ipsecuid = @ipsecuid@ ipsecuser = @ipsecuser@ libdir = @libdir@ libexecdir = @libexecdir@ +libhydra_plugins = @libhydra_plugins@ libstrongswan_plugins = @libstrongswan_plugins@ linux_headers = @linux_headers@ localedir = @localedir@ @@ -254,8 +257,10 @@ xml_CFLAGS = @xml_CFLAGS@ xml_LIBS = @xml_LIBS@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic -plugin_LTLIBRARIES = libstrongswan-hmac.la -libstrongswan_hmac_la_SOURCES = hmac_plugin.h hmac_plugin.c hmac.h hmac.c \ +@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-hmac.la +@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-hmac.la +libstrongswan_hmac_la_SOURCES = \ + hmac_plugin.h hmac_plugin.c hmac.h hmac.c \ hmac_prf.h hmac_prf.c hmac_signer.h hmac_signer.c libstrongswan_hmac_la_LDFLAGS = -module -avoid-version @@ -293,6 +298,15 @@ $(top_srcdir)/configure: $(am__configure_deps) $(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(am__aclocal_m4_deps): + +clean-noinstLTLIBRARIES: + -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES) + @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES) @$(NORMAL_INSTALL) test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)" @@ -325,7 +339,7 @@ clean-pluginLTLIBRARIES: rm -f "$${dir}/so_locations"; \ done libstrongswan-hmac.la: $(libstrongswan_hmac_la_OBJECTS) $(libstrongswan_hmac_la_DEPENDENCIES) - $(libstrongswan_hmac_la_LINK) -rpath $(plugindir) $(libstrongswan_hmac_la_OBJECTS) $(libstrongswan_hmac_la_LIBADD) $(LIBS) + $(libstrongswan_hmac_la_LINK) $(am_libstrongswan_hmac_la_rpath) $(libstrongswan_hmac_la_OBJECTS) $(libstrongswan_hmac_la_LIBADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) @@ -481,8 +495,8 @@ maintainer-clean-generic: @echo "it deletes files that may require special tools to rebuild." clean: clean-am -clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \ - mostlyclean-am +clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \ + clean-pluginLTLIBRARIES mostlyclean-am distclean: distclean-am -rm -rf ./$(DEPDIR) @@ -553,18 +567,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES .MAKE: install-am install-strip .PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ - clean-libtool clean-pluginLTLIBRARIES ctags distclean \ - distclean-compile distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-pluginLTLIBRARIES \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-pluginLTLIBRARIES + clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \ + ctags distclean distclean-compile distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-man install-pdf install-pdf-am \ + install-pluginLTLIBRARIES install-ps install-ps-am \ + install-strip installcheck installcheck-am installdirs \ + maintainer-clean maintainer-clean-generic mostlyclean \ + mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ + pdf pdf-am ps ps-am tags uninstall uninstall-am \ + uninstall-pluginLTLIBRARIES # Tell versions [3.59,3.63) of GNU make to not export all variables. diff --git a/src/libstrongswan/plugins/hmac/hmac_plugin.c b/src/libstrongswan/plugins/hmac/hmac_plugin.c index 94332ee36..e6b9f7a74 100644 --- a/src/libstrongswan/plugins/hmac/hmac_plugin.c +++ b/src/libstrongswan/plugins/hmac/hmac_plugin.c @@ -47,7 +47,7 @@ static void destroy(private_hmac_plugin_t *this) /* * see header file */ -plugin_t *plugin_create() +plugin_t *hmac_plugin_create() { private_hmac_plugin_t *this = malloc_thing(private_hmac_plugin_t); diff --git a/src/libstrongswan/plugins/hmac/hmac_plugin.h b/src/libstrongswan/plugins/hmac/hmac_plugin.h index 5c3afa7d6..03d1d1cf9 100644 --- a/src/libstrongswan/plugins/hmac/hmac_plugin.h +++ b/src/libstrongswan/plugins/hmac/hmac_plugin.h @@ -39,9 +39,4 @@ struct hmac_plugin_t { plugin_t plugin; }; -/** - * Create a hmac_plugin instance. - */ -plugin_t *plugin_create(); - #endif /** HMAC_PLUGIN_H_ @}*/ diff --git a/src/libstrongswan/plugins/ldap/Makefile.am b/src/libstrongswan/plugins/ldap/Makefile.am index 6ad073d97..2b2f7d31d 100644 --- a/src/libstrongswan/plugins/ldap/Makefile.am +++ b/src/libstrongswan/plugins/ldap/Makefile.am @@ -3,9 +3,14 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic +if MONOLITHIC +noinst_LTLIBRARIES = libstrongswan-ldap.la +else plugin_LTLIBRARIES = libstrongswan-ldap.la +endif + +libstrongswan_ldap_la_SOURCES = \ + ldap_plugin.h ldap_plugin.c ldap_fetcher.h ldap_fetcher.c -libstrongswan_ldap_la_SOURCES = ldap_plugin.h ldap_plugin.c ldap_fetcher.h ldap_fetcher.c libstrongswan_ldap_la_LDFLAGS = -module -avoid-version libstrongswan_ldap_la_LIBADD = -lldap -llber - diff --git a/src/libstrongswan/plugins/ldap/Makefile.in b/src/libstrongswan/plugins/ldap/Makefile.in index d9ebb0147..3b69f082f 100644 --- a/src/libstrongswan/plugins/ldap/Makefile.in +++ b/src/libstrongswan/plugins/ldap/Makefile.in @@ -72,13 +72,15 @@ am__base_list = \ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' am__installdirs = "$(DESTDIR)$(plugindir)" -LTLIBRARIES = $(plugin_LTLIBRARIES) +LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES) libstrongswan_ldap_la_DEPENDENCIES = am_libstrongswan_ldap_la_OBJECTS = ldap_plugin.lo ldap_fetcher.lo libstrongswan_ldap_la_OBJECTS = $(am_libstrongswan_ldap_la_OBJECTS) libstrongswan_ldap_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(libstrongswan_ldap_la_LDFLAGS) $(LDFLAGS) -o $@ +@MONOLITHIC_FALSE@am_libstrongswan_ldap_la_rpath = -rpath $(plugindir) +@MONOLITHIC_TRUE@am_libstrongswan_ldap_la_rpath = DEFAULT_INCLUDES = -I.@am__isrc@ depcomp = $(SHELL) $(top_srcdir)/depcomp am__depfiles_maybe = depfiles @@ -217,6 +219,7 @@ ipsecuid = @ipsecuid@ ipsecuser = @ipsecuser@ libdir = @libdir@ libexecdir = @libexecdir@ +libhydra_plugins = @libhydra_plugins@ libstrongswan_plugins = @libstrongswan_plugins@ linux_headers = @linux_headers@ localedir = @localedir@ @@ -253,8 +256,11 @@ xml_CFLAGS = @xml_CFLAGS@ xml_LIBS = @xml_LIBS@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic -plugin_LTLIBRARIES = libstrongswan-ldap.la -libstrongswan_ldap_la_SOURCES = ldap_plugin.h ldap_plugin.c ldap_fetcher.h ldap_fetcher.c +@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-ldap.la +@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-ldap.la +libstrongswan_ldap_la_SOURCES = \ + ldap_plugin.h ldap_plugin.c ldap_fetcher.h ldap_fetcher.c + libstrongswan_ldap_la_LDFLAGS = -module -avoid-version libstrongswan_ldap_la_LIBADD = -lldap -llber all: all-am @@ -291,6 +297,15 @@ $(top_srcdir)/configure: $(am__configure_deps) $(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(am__aclocal_m4_deps): + +clean-noinstLTLIBRARIES: + -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES) + @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES) @$(NORMAL_INSTALL) test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)" @@ -323,7 +338,7 @@ clean-pluginLTLIBRARIES: rm -f "$${dir}/so_locations"; \ done libstrongswan-ldap.la: $(libstrongswan_ldap_la_OBJECTS) $(libstrongswan_ldap_la_DEPENDENCIES) - $(libstrongswan_ldap_la_LINK) -rpath $(plugindir) $(libstrongswan_ldap_la_OBJECTS) $(libstrongswan_ldap_la_LIBADD) $(LIBS) + $(libstrongswan_ldap_la_LINK) $(am_libstrongswan_ldap_la_rpath) $(libstrongswan_ldap_la_OBJECTS) $(libstrongswan_ldap_la_LIBADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) @@ -477,8 +492,8 @@ maintainer-clean-generic: @echo "it deletes files that may require special tools to rebuild." clean: clean-am -clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \ - mostlyclean-am +clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \ + clean-pluginLTLIBRARIES mostlyclean-am distclean: distclean-am -rm -rf ./$(DEPDIR) @@ -549,18 +564,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES .MAKE: install-am install-strip .PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ - clean-libtool clean-pluginLTLIBRARIES ctags distclean \ - distclean-compile distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-pluginLTLIBRARIES \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-pluginLTLIBRARIES + clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \ + ctags distclean distclean-compile distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-man install-pdf install-pdf-am \ + install-pluginLTLIBRARIES install-ps install-ps-am \ + install-strip installcheck installcheck-am installdirs \ + maintainer-clean maintainer-clean-generic mostlyclean \ + mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ + pdf pdf-am ps ps-am tags uninstall uninstall-am \ + uninstall-pluginLTLIBRARIES # Tell versions [3.59,3.63) of GNU make to not export all variables. diff --git a/src/libstrongswan/plugins/ldap/ldap_fetcher.c b/src/libstrongswan/plugins/ldap/ldap_fetcher.c index ce5b7d56b..59e655cd5 100644 --- a/src/libstrongswan/plugins/ldap/ldap_fetcher.c +++ b/src/libstrongswan/plugins/ldap/ldap_fetcher.c @@ -73,27 +73,27 @@ static bool parse(LDAP *ldap, LDAPMessage *result, chunk_t *response) } else { - DBG1("LDAP response contains no values"); + DBG1(DBG_LIB, "LDAP response contains no values"); } ldap_value_free_len(values); } else { - DBG1("getting LDAP values failed: %s", + DBG1(DBG_LIB, "getting LDAP values failed: %s", ldap_err2string(ldap_result2error(ldap, entry, 0))); } ldap_memfree(attr); } else { - DBG1("finding LDAP attributes failed: %s", + DBG1(DBG_LIB, "finding LDAP attributes failed: %s", ldap_err2string(ldap_result2error(ldap, entry, 0))); } ber_free(ber, 0); } else { - DBG1("finding first LDAP entry failed: %s", + DBG1(DBG_LIB, "finding first LDAP entry failed: %s", ldap_err2string(ldap_result2error(ldap, entry, 0))); } return success; @@ -122,7 +122,7 @@ static status_t fetch(private_ldap_fetcher_t *this, char *url, ldap = ldap_init(lurl->lud_host, lurl->lud_port); if (ldap == NULL) { - DBG1("LDAP initialization failed: %s", strerror(errno)); + DBG1(DBG_LIB, "LDAP initialization failed: %s", strerror(errno)); ldap_free_urldesc(lurl); return FAILED; } @@ -133,7 +133,7 @@ static status_t fetch(private_ldap_fetcher_t *this, char *url, ldap_set_option(ldap, LDAP_OPT_PROTOCOL_VERSION, &ldap_version); ldap_set_option(ldap, LDAP_OPT_NETWORK_TIMEOUT, &timeout); - DBG2("sending LDAP request to '%s'...", url); + DBG2(DBG_LIB, "sending LDAP request to '%s'...", url); res = ldap_simple_bind_s(ldap, NULL, NULL); if (res == LDAP_SUCCESS) @@ -152,12 +152,13 @@ static status_t fetch(private_ldap_fetcher_t *this, char *url, } else { - DBG1("LDAP search failed: %s", ldap_err2string(res)); + DBG1(DBG_LIB, "LDAP search failed: %s", ldap_err2string(res)); } } else { - DBG1("LDAP bind to '%s' failed: %s", url, ldap_err2string(res)); + DBG1(DBG_LIB, "LDAP bind to '%s' failed: %s", url, + ldap_err2string(res)); } ldap_unbind_s(ldap); ldap_free_urldesc(lurl); diff --git a/src/libstrongswan/plugins/ldap/ldap_plugin.c b/src/libstrongswan/plugins/ldap/ldap_plugin.c index a31308bbf..372ac9f93 100644 --- a/src/libstrongswan/plugins/ldap/ldap_plugin.c +++ b/src/libstrongswan/plugins/ldap/ldap_plugin.c @@ -44,7 +44,7 @@ static void destroy(private_ldap_plugin_t *this) /* * see header file */ -plugin_t *plugin_create() +plugin_t *ldap_plugin_create() { private_ldap_plugin_t *this = malloc_thing(private_ldap_plugin_t); diff --git a/src/libstrongswan/plugins/ldap/ldap_plugin.h b/src/libstrongswan/plugins/ldap/ldap_plugin.h index de4ff3422..e4fcebaa3 100644 --- a/src/libstrongswan/plugins/ldap/ldap_plugin.h +++ b/src/libstrongswan/plugins/ldap/ldap_plugin.h @@ -39,9 +39,4 @@ struct ldap_plugin_t { plugin_t plugin; }; -/** - * Create a ldap_plugin instance. - */ -plugin_t *plugin_create(); - #endif /** LDAP_PLUGIN_H_ @}*/ diff --git a/src/libstrongswan/plugins/md4/Makefile.am b/src/libstrongswan/plugins/md4/Makefile.am index a47da2e8e..904af70c0 100644 --- a/src/libstrongswan/plugins/md4/Makefile.am +++ b/src/libstrongswan/plugins/md4/Makefile.am @@ -3,8 +3,13 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic +if MONOLITHIC +noinst_LTLIBRARIES = libstrongswan-md4.la +else plugin_LTLIBRARIES = libstrongswan-md4.la +endif -libstrongswan_md4_la_SOURCES = md4_plugin.h md4_plugin.c md4_hasher.c md4_hasher.h -libstrongswan_md4_la_LDFLAGS = -module -avoid-version +libstrongswan_md4_la_SOURCES = \ + md4_plugin.h md4_plugin.c md4_hasher.c md4_hasher.h +libstrongswan_md4_la_LDFLAGS = -module -avoid-version diff --git a/src/libstrongswan/plugins/md4/Makefile.in b/src/libstrongswan/plugins/md4/Makefile.in index 6014ddcf8..cb3307bbc 100644 --- a/src/libstrongswan/plugins/md4/Makefile.in +++ b/src/libstrongswan/plugins/md4/Makefile.in @@ -72,13 +72,15 @@ am__base_list = \ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' am__installdirs = "$(DESTDIR)$(plugindir)" -LTLIBRARIES = $(plugin_LTLIBRARIES) +LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES) libstrongswan_md4_la_LIBADD = am_libstrongswan_md4_la_OBJECTS = md4_plugin.lo md4_hasher.lo libstrongswan_md4_la_OBJECTS = $(am_libstrongswan_md4_la_OBJECTS) libstrongswan_md4_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(libstrongswan_md4_la_LDFLAGS) $(LDFLAGS) -o $@ +@MONOLITHIC_FALSE@am_libstrongswan_md4_la_rpath = -rpath $(plugindir) +@MONOLITHIC_TRUE@am_libstrongswan_md4_la_rpath = DEFAULT_INCLUDES = -I.@am__isrc@ depcomp = $(SHELL) $(top_srcdir)/depcomp am__depfiles_maybe = depfiles @@ -217,6 +219,7 @@ ipsecuid = @ipsecuid@ ipsecuser = @ipsecuser@ libdir = @libdir@ libexecdir = @libexecdir@ +libhydra_plugins = @libhydra_plugins@ libstrongswan_plugins = @libstrongswan_plugins@ linux_headers = @linux_headers@ localedir = @localedir@ @@ -253,8 +256,11 @@ xml_CFLAGS = @xml_CFLAGS@ xml_LIBS = @xml_LIBS@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic -plugin_LTLIBRARIES = libstrongswan-md4.la -libstrongswan_md4_la_SOURCES = md4_plugin.h md4_plugin.c md4_hasher.c md4_hasher.h +@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-md4.la +@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-md4.la +libstrongswan_md4_la_SOURCES = \ + md4_plugin.h md4_plugin.c md4_hasher.c md4_hasher.h + libstrongswan_md4_la_LDFLAGS = -module -avoid-version all: all-am @@ -290,6 +296,15 @@ $(top_srcdir)/configure: $(am__configure_deps) $(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(am__aclocal_m4_deps): + +clean-noinstLTLIBRARIES: + -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES) + @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES) @$(NORMAL_INSTALL) test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)" @@ -322,7 +337,7 @@ clean-pluginLTLIBRARIES: rm -f "$${dir}/so_locations"; \ done libstrongswan-md4.la: $(libstrongswan_md4_la_OBJECTS) $(libstrongswan_md4_la_DEPENDENCIES) - $(libstrongswan_md4_la_LINK) -rpath $(plugindir) $(libstrongswan_md4_la_OBJECTS) $(libstrongswan_md4_la_LIBADD) $(LIBS) + $(libstrongswan_md4_la_LINK) $(am_libstrongswan_md4_la_rpath) $(libstrongswan_md4_la_OBJECTS) $(libstrongswan_md4_la_LIBADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) @@ -476,8 +491,8 @@ maintainer-clean-generic: @echo "it deletes files that may require special tools to rebuild." clean: clean-am -clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \ - mostlyclean-am +clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \ + clean-pluginLTLIBRARIES mostlyclean-am distclean: distclean-am -rm -rf ./$(DEPDIR) @@ -548,18 +563,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES .MAKE: install-am install-strip .PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ - clean-libtool clean-pluginLTLIBRARIES ctags distclean \ - distclean-compile distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-pluginLTLIBRARIES \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-pluginLTLIBRARIES + clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \ + ctags distclean distclean-compile distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-man install-pdf install-pdf-am \ + install-pluginLTLIBRARIES install-ps install-ps-am \ + install-strip installcheck installcheck-am installdirs \ + maintainer-clean maintainer-clean-generic mostlyclean \ + mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ + pdf pdf-am ps ps-am tags uninstall uninstall-am \ + uninstall-pluginLTLIBRARIES # Tell versions [3.59,3.63) of GNU make to not export all variables. diff --git a/src/libstrongswan/plugins/md4/md4_plugin.c b/src/libstrongswan/plugins/md4/md4_plugin.c index ba4041d2d..38ae0d4bc 100644 --- a/src/libstrongswan/plugins/md4/md4_plugin.c +++ b/src/libstrongswan/plugins/md4/md4_plugin.c @@ -44,7 +44,7 @@ static void destroy(private_md4_plugin_t *this) /* * see header file */ -plugin_t *plugin_create() +plugin_t *md4_plugin_create() { private_md4_plugin_t *this = malloc_thing(private_md4_plugin_t); diff --git a/src/libstrongswan/plugins/md4/md4_plugin.h b/src/libstrongswan/plugins/md4/md4_plugin.h index b13002d7b..9fde665e6 100644 --- a/src/libstrongswan/plugins/md4/md4_plugin.h +++ b/src/libstrongswan/plugins/md4/md4_plugin.h @@ -39,9 +39,4 @@ struct md4_plugin_t { plugin_t plugin; }; -/** - * Create a md4_plugin instance. - */ -plugin_t *plugin_create(); - #endif /** MD4_PLUGIN_H_ @}*/ diff --git a/src/libstrongswan/plugins/md5/Makefile.am b/src/libstrongswan/plugins/md5/Makefile.am index ce0611c13..b2eb2abd2 100644 --- a/src/libstrongswan/plugins/md5/Makefile.am +++ b/src/libstrongswan/plugins/md5/Makefile.am @@ -3,8 +3,13 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic +if MONOLITHIC +noinst_LTLIBRARIES = libstrongswan-md5.la +else plugin_LTLIBRARIES = libstrongswan-md5.la +endif -libstrongswan_md5_la_SOURCES = md5_plugin.h md5_plugin.c md5_hasher.c md5_hasher.h -libstrongswan_md5_la_LDFLAGS = -module -avoid-version +libstrongswan_md5_la_SOURCES = \ + md5_plugin.h md5_plugin.c md5_hasher.c md5_hasher.h +libstrongswan_md5_la_LDFLAGS = -module -avoid-version diff --git a/src/libstrongswan/plugins/md5/Makefile.in b/src/libstrongswan/plugins/md5/Makefile.in index fcb921316..8948ddcc5 100644 --- a/src/libstrongswan/plugins/md5/Makefile.in +++ b/src/libstrongswan/plugins/md5/Makefile.in @@ -72,13 +72,15 @@ am__base_list = \ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' am__installdirs = "$(DESTDIR)$(plugindir)" -LTLIBRARIES = $(plugin_LTLIBRARIES) +LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES) libstrongswan_md5_la_LIBADD = am_libstrongswan_md5_la_OBJECTS = md5_plugin.lo md5_hasher.lo libstrongswan_md5_la_OBJECTS = $(am_libstrongswan_md5_la_OBJECTS) libstrongswan_md5_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(libstrongswan_md5_la_LDFLAGS) $(LDFLAGS) -o $@ +@MONOLITHIC_FALSE@am_libstrongswan_md5_la_rpath = -rpath $(plugindir) +@MONOLITHIC_TRUE@am_libstrongswan_md5_la_rpath = DEFAULT_INCLUDES = -I.@am__isrc@ depcomp = $(SHELL) $(top_srcdir)/depcomp am__depfiles_maybe = depfiles @@ -217,6 +219,7 @@ ipsecuid = @ipsecuid@ ipsecuser = @ipsecuser@ libdir = @libdir@ libexecdir = @libexecdir@ +libhydra_plugins = @libhydra_plugins@ libstrongswan_plugins = @libstrongswan_plugins@ linux_headers = @linux_headers@ localedir = @localedir@ @@ -253,8 +256,11 @@ xml_CFLAGS = @xml_CFLAGS@ xml_LIBS = @xml_LIBS@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic -plugin_LTLIBRARIES = libstrongswan-md5.la -libstrongswan_md5_la_SOURCES = md5_plugin.h md5_plugin.c md5_hasher.c md5_hasher.h +@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-md5.la +@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-md5.la +libstrongswan_md5_la_SOURCES = \ + md5_plugin.h md5_plugin.c md5_hasher.c md5_hasher.h + libstrongswan_md5_la_LDFLAGS = -module -avoid-version all: all-am @@ -290,6 +296,15 @@ $(top_srcdir)/configure: $(am__configure_deps) $(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(am__aclocal_m4_deps): + +clean-noinstLTLIBRARIES: + -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES) + @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES) @$(NORMAL_INSTALL) test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)" @@ -322,7 +337,7 @@ clean-pluginLTLIBRARIES: rm -f "$${dir}/so_locations"; \ done libstrongswan-md5.la: $(libstrongswan_md5_la_OBJECTS) $(libstrongswan_md5_la_DEPENDENCIES) - $(libstrongswan_md5_la_LINK) -rpath $(plugindir) $(libstrongswan_md5_la_OBJECTS) $(libstrongswan_md5_la_LIBADD) $(LIBS) + $(libstrongswan_md5_la_LINK) $(am_libstrongswan_md5_la_rpath) $(libstrongswan_md5_la_OBJECTS) $(libstrongswan_md5_la_LIBADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) @@ -476,8 +491,8 @@ maintainer-clean-generic: @echo "it deletes files that may require special tools to rebuild." clean: clean-am -clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \ - mostlyclean-am +clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \ + clean-pluginLTLIBRARIES mostlyclean-am distclean: distclean-am -rm -rf ./$(DEPDIR) @@ -548,18 +563,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES .MAKE: install-am install-strip .PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ - clean-libtool clean-pluginLTLIBRARIES ctags distclean \ - distclean-compile distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-pluginLTLIBRARIES \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-pluginLTLIBRARIES + clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \ + ctags distclean distclean-compile distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-man install-pdf install-pdf-am \ + install-pluginLTLIBRARIES install-ps install-ps-am \ + install-strip installcheck installcheck-am installdirs \ + maintainer-clean maintainer-clean-generic mostlyclean \ + mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ + pdf pdf-am ps ps-am tags uninstall uninstall-am \ + uninstall-pluginLTLIBRARIES # Tell versions [3.59,3.63) of GNU make to not export all variables. diff --git a/src/libstrongswan/plugins/md5/md5_plugin.c b/src/libstrongswan/plugins/md5/md5_plugin.c index 7592c20df..cfbf6acea 100644 --- a/src/libstrongswan/plugins/md5/md5_plugin.c +++ b/src/libstrongswan/plugins/md5/md5_plugin.c @@ -44,7 +44,7 @@ static void destroy(private_md5_plugin_t *this) /* * see header file */ -plugin_t *plugin_create() +plugin_t *md5_plugin_create() { private_md5_plugin_t *this = malloc_thing(private_md5_plugin_t); diff --git a/src/libstrongswan/plugins/md5/md5_plugin.h b/src/libstrongswan/plugins/md5/md5_plugin.h index 057689ad3..c4ca619dc 100644 --- a/src/libstrongswan/plugins/md5/md5_plugin.h +++ b/src/libstrongswan/plugins/md5/md5_plugin.h @@ -39,9 +39,4 @@ struct md5_plugin_t { plugin_t plugin; }; -/** - * Create a md5_plugin instance. - */ -plugin_t *plugin_create(); - #endif /** MD5_PLUGIN_H_ @}*/ diff --git a/src/libstrongswan/plugins/mysql/Makefile.am b/src/libstrongswan/plugins/mysql/Makefile.am index c64481fd5..801a7a7be 100644 --- a/src/libstrongswan/plugins/mysql/Makefile.am +++ b/src/libstrongswan/plugins/mysql/Makefile.am @@ -3,10 +3,16 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic $(MYSQLCFLAG) +if MONOLITHIC +noinst_LTLIBRARIES = libstrongswan-mysql.la +else plugin_LTLIBRARIES = libstrongswan-mysql.la +endif -libstrongswan_mysql_la_SOURCES = mysql_plugin.h mysql_plugin.c \ +libstrongswan_mysql_la_SOURCES = \ + mysql_plugin.h mysql_plugin.c \ mysql_database.h mysql_database.c + libstrongswan_mysql_la_LDFLAGS = -module -avoid-version -libstrongswan_mysql_la_LIBADD = $(MYSQLLIB) +libstrongswan_mysql_la_LIBADD = $(MYSQLLIB) diff --git a/src/libstrongswan/plugins/mysql/Makefile.in b/src/libstrongswan/plugins/mysql/Makefile.in index dc56940d2..1a97c620e 100644 --- a/src/libstrongswan/plugins/mysql/Makefile.in +++ b/src/libstrongswan/plugins/mysql/Makefile.in @@ -72,7 +72,7 @@ am__base_list = \ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' am__installdirs = "$(DESTDIR)$(plugindir)" -LTLIBRARIES = $(plugin_LTLIBRARIES) +LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES) am__DEPENDENCIES_1 = libstrongswan_mysql_la_DEPENDENCIES = $(am__DEPENDENCIES_1) am_libstrongswan_mysql_la_OBJECTS = mysql_plugin.lo mysql_database.lo @@ -80,6 +80,9 @@ libstrongswan_mysql_la_OBJECTS = $(am_libstrongswan_mysql_la_OBJECTS) libstrongswan_mysql_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(libstrongswan_mysql_la_LDFLAGS) $(LDFLAGS) -o $@ +@MONOLITHIC_FALSE@am_libstrongswan_mysql_la_rpath = -rpath \ +@MONOLITHIC_FALSE@ $(plugindir) +@MONOLITHIC_TRUE@am_libstrongswan_mysql_la_rpath = DEFAULT_INCLUDES = -I.@am__isrc@ depcomp = $(SHELL) $(top_srcdir)/depcomp am__depfiles_maybe = depfiles @@ -218,6 +221,7 @@ ipsecuid = @ipsecuid@ ipsecuser = @ipsecuser@ libdir = @libdir@ libexecdir = @libexecdir@ +libhydra_plugins = @libhydra_plugins@ libstrongswan_plugins = @libstrongswan_plugins@ linux_headers = @linux_headers@ localedir = @localedir@ @@ -254,8 +258,10 @@ xml_CFLAGS = @xml_CFLAGS@ xml_LIBS = @xml_LIBS@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic $(MYSQLCFLAG) -plugin_LTLIBRARIES = libstrongswan-mysql.la -libstrongswan_mysql_la_SOURCES = mysql_plugin.h mysql_plugin.c \ +@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-mysql.la +@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-mysql.la +libstrongswan_mysql_la_SOURCES = \ + mysql_plugin.h mysql_plugin.c \ mysql_database.h mysql_database.c libstrongswan_mysql_la_LDFLAGS = -module -avoid-version @@ -294,6 +300,15 @@ $(top_srcdir)/configure: $(am__configure_deps) $(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(am__aclocal_m4_deps): + +clean-noinstLTLIBRARIES: + -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES) + @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES) @$(NORMAL_INSTALL) test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)" @@ -326,7 +341,7 @@ clean-pluginLTLIBRARIES: rm -f "$${dir}/so_locations"; \ done libstrongswan-mysql.la: $(libstrongswan_mysql_la_OBJECTS) $(libstrongswan_mysql_la_DEPENDENCIES) - $(libstrongswan_mysql_la_LINK) -rpath $(plugindir) $(libstrongswan_mysql_la_OBJECTS) $(libstrongswan_mysql_la_LIBADD) $(LIBS) + $(libstrongswan_mysql_la_LINK) $(am_libstrongswan_mysql_la_rpath) $(libstrongswan_mysql_la_OBJECTS) $(libstrongswan_mysql_la_LIBADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) @@ -480,8 +495,8 @@ maintainer-clean-generic: @echo "it deletes files that may require special tools to rebuild." clean: clean-am -clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \ - mostlyclean-am +clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \ + clean-pluginLTLIBRARIES mostlyclean-am distclean: distclean-am -rm -rf ./$(DEPDIR) @@ -552,18 +567,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES .MAKE: install-am install-strip .PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ - clean-libtool clean-pluginLTLIBRARIES ctags distclean \ - distclean-compile distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-pluginLTLIBRARIES \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-pluginLTLIBRARIES + clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \ + ctags distclean distclean-compile distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-man install-pdf install-pdf-am \ + install-pluginLTLIBRARIES install-ps install-ps-am \ + install-strip installcheck installcheck-am installdirs \ + maintainer-clean maintainer-clean-generic mostlyclean \ + mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ + pdf pdf-am ps ps-am tags uninstall uninstall-am \ + uninstall-pluginLTLIBRARIES # Tell versions [3.59,3.63) of GNU make to not export all variables. diff --git a/src/libstrongswan/plugins/mysql/mysql_database.c b/src/libstrongswan/plugins/mysql/mysql_database.c index 2338428f2..8005b9149 100644 --- a/src/libstrongswan/plugins/mysql/mysql_database.c +++ b/src/libstrongswan/plugins/mysql/mysql_database.c @@ -203,7 +203,7 @@ static conn_t *conn_get(private_mysql_database_t *this) this->password, this->database, this->port, NULL, 0)) { - DBG1("connecting to mysql://%s:***@%s:%d/%s failed: %s", + DBG1(DBG_LIB, "connecting to mysql://%s:***@%s:%d/%s failed: %s", this->username, this->host, this->port, this->database, mysql_error(found->mysql)); conn_destroy(found); @@ -213,7 +213,7 @@ static conn_t *conn_get(private_mysql_database_t *this) { this->mutex->lock(this->mutex); this->pool->insert_last(this->pool, found); - DBG2("increased MySQL connection pool size to %d", + DBG2(DBG_LIB, "increased MySQL connection pool size to %d", this->pool->get_count(this->pool)); this->mutex->unlock(this->mutex); } @@ -232,12 +232,14 @@ static MYSQL_STMT* run(MYSQL *mysql, char *sql, va_list *args) stmt = mysql_stmt_init(mysql); if (stmt == NULL) { - DBG1("creating MySQL statement failed: %s", mysql_error(mysql)); + DBG1(DBG_LIB, "creating MySQL statement failed: %s", + mysql_error(mysql)); return NULL; } if (mysql_stmt_prepare(stmt, sql, strlen(sql))) { - DBG1("preparing MySQL statement failed: %s", mysql_stmt_error(stmt)); + DBG1(DBG_LIB, "preparing MySQL statement failed: %s", + mysql_stmt_error(stmt)); mysql_stmt_close(stmt); return NULL; } @@ -303,21 +305,23 @@ static MYSQL_STMT* run(MYSQL *mysql, char *sql, va_list *args) break; } default: - DBG1("invalid data type supplied"); + DBG1(DBG_LIB, "invalid data type supplied"); mysql_stmt_close(stmt); return NULL; } } if (mysql_stmt_bind_param(stmt, bind)) { - DBG1("binding MySQL param failed: %s", mysql_stmt_error(stmt)); + DBG1(DBG_LIB, "binding MySQL param failed: %s", + mysql_stmt_error(stmt)); mysql_stmt_close(stmt); return NULL; } } if (mysql_stmt_execute(stmt)) { - DBG1("executing MySQL statement failed: %s", mysql_stmt_error(stmt)); + DBG1(DBG_LIB, "executing MySQL statement failed: %s", + mysql_stmt_error(stmt)); mysql_stmt_close(stmt); return NULL; } @@ -413,7 +417,8 @@ static bool mysql_enumerator_enumerate(mysql_enumerator_t *this, ...) case MYSQL_NO_DATA: return FALSE; default: - DBG1("fetching MySQL row failed: %s", mysql_stmt_error(this->stmt)); + DBG1(DBG_LIB, "fetching MySQL row failed: %s", + mysql_stmt_error(this->stmt)); return FALSE; } @@ -536,7 +541,7 @@ static enumerator_t* query(private_mysql_database_t *this, char *sql, ...) break; } default: - DBG1("invalid result data type supplied"); + DBG1(DBG_LIB, "invalid result data type supplied"); mysql_enumerator_destroy(enumerator); va_end(args); return NULL; @@ -544,7 +549,8 @@ static enumerator_t* query(private_mysql_database_t *this, char *sql, ...) } if (mysql_stmt_bind_result(stmt, enumerator->bind)) { - DBG1("binding MySQL result failed: %s", mysql_stmt_error(stmt)); + DBG1(DBG_LIB, "binding MySQL result failed: %s", + mysql_stmt_error(stmt)); mysql_enumerator_destroy(enumerator); enumerator = NULL; } @@ -653,7 +659,7 @@ static bool parse_uri(private_mysql_database_t *this, char *uri) } } } - DBG1("parsing MySQL database uri '%s' failed", uri); + DBG1(DBG_LIB, "parsing MySQL database uri '%s' failed", uri); return FALSE; } diff --git a/src/libstrongswan/plugins/mysql/mysql_plugin.c b/src/libstrongswan/plugins/mysql/mysql_plugin.c index 0e64bbc3d..a13aa8091 100644 --- a/src/libstrongswan/plugins/mysql/mysql_plugin.c +++ b/src/libstrongswan/plugins/mysql/mysql_plugin.c @@ -46,13 +46,13 @@ static void destroy(private_mysql_plugin_t *this) /* * see header file */ -plugin_t *plugin_create() +plugin_t *mysql_plugin_create() { private_mysql_plugin_t *this; if (!mysql_database_init()) { - DBG1("MySQL client library initialization failed"); + DBG1(DBG_LIB, "MySQL client library initialization failed"); return NULL; } diff --git a/src/libstrongswan/plugins/mysql/mysql_plugin.h b/src/libstrongswan/plugins/mysql/mysql_plugin.h index fa53c2b7a..d1f21870c 100644 --- a/src/libstrongswan/plugins/mysql/mysql_plugin.h +++ b/src/libstrongswan/plugins/mysql/mysql_plugin.h @@ -39,9 +39,4 @@ struct mysql_plugin_t { plugin_t plugin; }; -/** - * Create a mysql_plugin instance. - */ -plugin_t *plugin_create(); - #endif /** MYSQL_PLUGIN_H_ @}*/ diff --git a/src/libstrongswan/plugins/openssl/Makefile.am b/src/libstrongswan/plugins/openssl/Makefile.am index 25cc5aa1d..a50799798 100644 --- a/src/libstrongswan/plugins/openssl/Makefile.am +++ b/src/libstrongswan/plugins/openssl/Makefile.am @@ -3,12 +3,18 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic +if MONOLITHIC +noinst_LTLIBRARIES = libstrongswan-openssl.la +else plugin_LTLIBRARIES = libstrongswan-openssl.la +endif -libstrongswan_openssl_la_SOURCES = openssl_plugin.h openssl_plugin.c \ +libstrongswan_openssl_la_SOURCES = \ + openssl_plugin.h openssl_plugin.c \ openssl_util.c openssl_util.h \ openssl_crypter.c openssl_crypter.h \ openssl_hasher.c openssl_hasher.h \ + openssl_sha1_prf.c openssl_sha1_prf.h \ openssl_diffie_hellman.c openssl_diffie_hellman.h \ openssl_rsa_private_key.c openssl_rsa_private_key.h \ openssl_rsa_public_key.c openssl_rsa_public_key.h \ diff --git a/src/libstrongswan/plugins/openssl/Makefile.in b/src/libstrongswan/plugins/openssl/Makefile.in index aa8ecf06c..a2a931d42 100644 --- a/src/libstrongswan/plugins/openssl/Makefile.in +++ b/src/libstrongswan/plugins/openssl/Makefile.in @@ -72,18 +72,22 @@ am__base_list = \ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' am__installdirs = "$(DESTDIR)$(plugindir)" -LTLIBRARIES = $(plugin_LTLIBRARIES) +LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES) libstrongswan_openssl_la_DEPENDENCIES = am_libstrongswan_openssl_la_OBJECTS = openssl_plugin.lo \ openssl_util.lo openssl_crypter.lo openssl_hasher.lo \ - openssl_diffie_hellman.lo openssl_rsa_private_key.lo \ - openssl_rsa_public_key.lo openssl_ec_diffie_hellman.lo \ - openssl_ec_private_key.lo openssl_ec_public_key.lo + openssl_sha1_prf.lo openssl_diffie_hellman.lo \ + openssl_rsa_private_key.lo openssl_rsa_public_key.lo \ + openssl_ec_diffie_hellman.lo openssl_ec_private_key.lo \ + openssl_ec_public_key.lo libstrongswan_openssl_la_OBJECTS = \ $(am_libstrongswan_openssl_la_OBJECTS) libstrongswan_openssl_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(libstrongswan_openssl_la_LDFLAGS) $(LDFLAGS) -o $@ +@MONOLITHIC_FALSE@am_libstrongswan_openssl_la_rpath = -rpath \ +@MONOLITHIC_FALSE@ $(plugindir) +@MONOLITHIC_TRUE@am_libstrongswan_openssl_la_rpath = DEFAULT_INCLUDES = -I.@am__isrc@ depcomp = $(SHELL) $(top_srcdir)/depcomp am__depfiles_maybe = depfiles @@ -222,6 +226,7 @@ ipsecuid = @ipsecuid@ ipsecuser = @ipsecuser@ libdir = @libdir@ libexecdir = @libexecdir@ +libhydra_plugins = @libhydra_plugins@ libstrongswan_plugins = @libstrongswan_plugins@ linux_headers = @linux_headers@ localedir = @localedir@ @@ -258,11 +263,14 @@ xml_CFLAGS = @xml_CFLAGS@ xml_LIBS = @xml_LIBS@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic -plugin_LTLIBRARIES = libstrongswan-openssl.la -libstrongswan_openssl_la_SOURCES = openssl_plugin.h openssl_plugin.c \ +@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-openssl.la +@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-openssl.la +libstrongswan_openssl_la_SOURCES = \ + openssl_plugin.h openssl_plugin.c \ openssl_util.c openssl_util.h \ openssl_crypter.c openssl_crypter.h \ openssl_hasher.c openssl_hasher.h \ + openssl_sha1_prf.c openssl_sha1_prf.h \ openssl_diffie_hellman.c openssl_diffie_hellman.h \ openssl_rsa_private_key.c openssl_rsa_private_key.h \ openssl_rsa_public_key.c openssl_rsa_public_key.h \ @@ -306,6 +314,15 @@ $(top_srcdir)/configure: $(am__configure_deps) $(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(am__aclocal_m4_deps): + +clean-noinstLTLIBRARIES: + -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES) + @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES) @$(NORMAL_INSTALL) test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)" @@ -338,7 +355,7 @@ clean-pluginLTLIBRARIES: rm -f "$${dir}/so_locations"; \ done libstrongswan-openssl.la: $(libstrongswan_openssl_la_OBJECTS) $(libstrongswan_openssl_la_DEPENDENCIES) - $(libstrongswan_openssl_la_LINK) -rpath $(plugindir) $(libstrongswan_openssl_la_OBJECTS) $(libstrongswan_openssl_la_LIBADD) $(LIBS) + $(libstrongswan_openssl_la_LINK) $(am_libstrongswan_openssl_la_rpath) $(libstrongswan_openssl_la_OBJECTS) $(libstrongswan_openssl_la_LIBADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) @@ -355,6 +372,7 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openssl_plugin.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openssl_rsa_private_key.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openssl_rsa_public_key.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openssl_sha1_prf.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openssl_util.Plo@am__quote@ .c.o: @@ -500,8 +518,8 @@ maintainer-clean-generic: @echo "it deletes files that may require special tools to rebuild." clean: clean-am -clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \ - mostlyclean-am +clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \ + clean-pluginLTLIBRARIES mostlyclean-am distclean: distclean-am -rm -rf ./$(DEPDIR) @@ -572,18 +590,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES .MAKE: install-am install-strip .PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ - clean-libtool clean-pluginLTLIBRARIES ctags distclean \ - distclean-compile distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-pluginLTLIBRARIES \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-pluginLTLIBRARIES + clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \ + ctags distclean distclean-compile distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-man install-pdf install-pdf-am \ + install-pluginLTLIBRARIES install-ps install-ps-am \ + install-strip installcheck installcheck-am installdirs \ + maintainer-clean maintainer-clean-generic mostlyclean \ + mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ + pdf pdf-am ps ps-am tags uninstall uninstall-am \ + uninstall-pluginLTLIBRARIES # Tell versions [3.59,3.63) of GNU make to not export all variables. diff --git a/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c b/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c index 80a1ee878..9a032c54f 100644 --- a/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c +++ b/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2008 Tobias Brunner + * Copyright (C) 2008-2010 Tobias Brunner * Copyright (C) 2008 Martin Willi * Hochschule fuer Technik Rapperswil * @@ -20,47 +20,6 @@ #include <debug.h> -typedef struct modulus_entry_t modulus_entry_t; - -/** - * Entry of the modulus list. - */ -struct modulus_entry_t { - /** - * Group number as it is defined in file transform_substructure.h. - */ - diffie_hellman_group_t group; - - /** - * Pointer to the function to get the modulus. - */ - BIGNUM *(*get_prime)(BIGNUM *bn); - - /* - * Optimum length of exponent in bits. - */ - long opt_exponent_len; - - /* - * Generator value. - */ - u_int16_t generator; -}; - -/** - * All supported modulus values - optimum exponent size according to RFC 3526. - */ -static modulus_entry_t modulus_entries[] = { - {MODP_768_BIT, get_rfc2409_prime_768, 256, 2}, - {MODP_1024_BIT, get_rfc2409_prime_1024, 256, 2}, - {MODP_1536_BIT, get_rfc3526_prime_1536, 256, 2}, - {MODP_2048_BIT, get_rfc3526_prime_2048, 384, 2}, - {MODP_3072_BIT, get_rfc3526_prime_3072, 384, 2}, - {MODP_4096_BIT, get_rfc3526_prime_4096, 512, 2}, - {MODP_6144_BIT, get_rfc3526_prime_6144, 512, 2}, - {MODP_8192_BIT, get_rfc3526_prime_8192, 512, 2}, -}; - typedef struct private_openssl_diffie_hellman_t private_openssl_diffie_hellman_t; /** @@ -125,7 +84,6 @@ static status_t get_shared_secret(private_openssl_diffie_hellman_t *this, memset(secret->ptr, 0, secret->len); memcpy(secret->ptr + secret->len - this->shared_secret.len, this->shared_secret.ptr, this->shared_secret.len); - return SUCCESS; } @@ -145,7 +103,7 @@ static void set_other_public_value(private_openssl_diffie_hellman_t *this, len = DH_compute_key(this->shared_secret.ptr, this->pub_key, this->dh); if (len < 0) { - DBG1("DH shared secret computation failed"); + DBG1(DBG_LIB, "DH shared secret computation failed"); return; } this->shared_secret.len = len; @@ -165,27 +123,18 @@ static diffie_hellman_group_t get_dh_group(private_openssl_diffie_hellman_t *thi */ static status_t set_modulus(private_openssl_diffie_hellman_t *this) { - int i; - bool ansi_x9_42; - - ansi_x9_42 = lib->settings->get_bool(lib->settings, - "libstrongswan.dh_exponent_ansi_x9_42", TRUE); - - for (i = 0; i < (sizeof(modulus_entries) / sizeof(modulus_entry_t)); i++) + diffie_hellman_params_t *params = diffie_hellman_get_params(this->group); + if (!params) { - if (modulus_entries[i].group == this->group) - { - this->dh->p = modulus_entries[i].get_prime(NULL); - this->dh->g = BN_new(); - BN_set_word(this->dh->g, modulus_entries[i].generator); - if (!ansi_x9_42) - { - this->dh->length = modulus_entries[i].opt_exponent_len; - } - return SUCCESS; - } + return NOT_FOUND; } - return NOT_FOUND; + this->dh->p = BN_bin2bn(params->prime.ptr, params->prime.len, NULL); + this->dh->g = BN_bin2bn(params->generator.ptr, params->generator.len, NULL); + if (params->exp_len != params->prime.len) + { + this->dh->length = params->exp_len * 8; + } + return SUCCESS; } /** @@ -237,7 +186,8 @@ openssl_diffie_hellman_t *openssl_diffie_hellman_create(diffie_hellman_group_t g destroy(this); return NULL; } - DBG2("size of DH secret exponent: %d bits", BN_num_bits(this->dh->priv_key)); + DBG2(DBG_LIB, "size of DH secret exponent: %d bits", + BN_num_bits(this->dh->priv_key)); return &this->public; } diff --git a/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c b/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c index 671fa41e2..faec411cd 100644 --- a/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c +++ b/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c @@ -212,14 +212,14 @@ static void set_other_public_value(private_openssl_ec_diffie_hellman_t *this, ch { if (!chunk2ecp(this->ec_group, value, this->pub_key)) { - DBG1("ECDH public value is malformed"); + DBG1(DBG_LIB, "ECDH public value is malformed"); return; } chunk_free(&this->shared_secret); if (!compute_shared_key(this, &this->shared_secret)) { - DBG1("ECDH shared secret computation failed"); + DBG1(DBG_LIB, "ECDH shared secret computation failed"); return; } diff --git a/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c b/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c index 89ced5a9a..bdcfda974 100644 --- a/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c +++ b/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c @@ -84,14 +84,14 @@ static bool build_curve_signature(private_openssl_ec_private_key_t *this, req_group = EC_GROUP_new_by_curve_name(nid_curve); if (!req_group) { - DBG1("signature scheme %N not supported in EC (required curve " + DBG1(DBG_LIB, "signature scheme %N not supported in EC (required curve " "not supported)", signature_scheme_names, scheme); return FALSE; } my_group = EC_KEY_get0_group(this->ec); if (EC_GROUP_cmp(my_group, req_group, NULL) != 0) { - DBG1("signature scheme %N not supported by private key", + DBG1(DBG_LIB, "signature scheme %N not supported by private key", signature_scheme_names, scheme); return FALSE; } @@ -162,7 +162,7 @@ static bool sign(private_openssl_ec_private_key_t *this, return build_curve_signature(this, scheme, NID_sha512, NID_secp521r1, data, signature); default: - DBG1("signature scheme %N not supported", + DBG1(DBG_LIB, "signature scheme %N not supported", signature_scheme_names, scheme); return FALSE; } @@ -174,7 +174,7 @@ static bool sign(private_openssl_ec_private_key_t *this, static bool decrypt(private_openssl_ec_private_key_t *this, chunk_t crypto, chunk_t *plain) { - DBG1("EC private key decryption not implemented"); + DBG1(DBG_LIB, "EC private key decryption not implemented"); return FALSE; } @@ -233,11 +233,24 @@ static bool get_encoding(private_openssl_ec_private_key_t *this, switch (type) { case KEY_PRIV_ASN1_DER: + case KEY_PRIV_PEM: { + bool success = TRUE; + *encoding = chunk_alloc(i2d_ECPrivateKey(this->ec, NULL)); p = encoding->ptr; i2d_ECPrivateKey(this->ec, &p); - return TRUE; + + if (type == KEY_PRIV_PEM) + { + chunk_t asn1_encoding = *encoding; + + success = lib->encoding->encode(lib->encoding, KEY_PRIV_PEM, + NULL, encoding, KEY_PART_ECDSA_PRIV_ASN1_DER, + asn1_encoding, KEY_PART_END); + chunk_clear(&asn1_encoding); + } + return success; } default: return FALSE; @@ -335,13 +348,13 @@ openssl_ec_private_key_t *openssl_ec_private_key_gen(key_type_t type, this->ec = EC_KEY_new_by_curve_name(NID_secp521r1); break; default: - DBG1("EC private key size %d not supported", key_size); + DBG1(DBG_LIB, "EC private key size %d not supported", key_size); destroy(this); return NULL; } if (EC_KEY_generate_key(this->ec) != 1) { - DBG1("EC private key generation failed", key_size); + DBG1(DBG_LIB, "EC private key generation failed", key_size); destroy(this); return NULL; } diff --git a/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c b/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c index f37c736b1..790a8487d 100644 --- a/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c +++ b/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c @@ -82,14 +82,14 @@ static bool verify_curve_signature(private_openssl_ec_public_key_t *this, req_group = EC_GROUP_new_by_curve_name(nid_curve); if (!req_group) { - DBG1("signature scheme %N not supported in EC (required curve " + DBG1(DBG_LIB, "signature scheme %N not supported in EC (required curve " "not supported)", signature_scheme_names, scheme); return FALSE; } my_group = EC_KEY_get0_group(this->ec); if (EC_GROUP_cmp(my_group, req_group, NULL) != 0) { - DBG1("signature scheme %N not supported by private key", + DBG1(DBG_LIB, "signature scheme %N not supported by private key", signature_scheme_names, scheme); return FALSE; } @@ -162,7 +162,7 @@ static bool verify(private_openssl_ec_public_key_t *this, return verify_curve_signature(this, scheme, NID_sha512, NID_secp521r1, data, signature); default: - DBG1("signature scheme %N not supported in EC", + DBG1(DBG_LIB, "signature scheme %N not supported in EC", signature_scheme_names, scheme); return FALSE; } @@ -174,7 +174,7 @@ static bool verify(private_openssl_ec_public_key_t *this, static bool encrypt_(private_openssl_ec_public_key_t *this, chunk_t crypto, chunk_t *plain) { - DBG1("EC public key encryption not implemented"); + DBG1(DBG_LIB, "EC public key encryption not implemented"); return FALSE; } @@ -217,7 +217,7 @@ bool openssl_ec_fingerprint(EC_KEY *ec, key_encoding_type_t type, chunk_t *fp) hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1); if (!hasher) { - DBG1("SHA1 hash algorithm not supported, fingerprinting failed"); + DBG1(DBG_LIB, "SHA1 hash algorithm not supported, fingerprinting failed"); free(key.ptr); return FALSE; } @@ -248,11 +248,24 @@ static bool get_encoding(private_openssl_ec_public_key_t *this, switch (type) { case KEY_PUB_SPKI_ASN1_DER: + case KEY_PUB_PEM: { + bool success = TRUE; + *encoding = chunk_alloc(i2d_EC_PUBKEY(this->ec, NULL)); p = encoding->ptr; i2d_EC_PUBKEY(this->ec, &p); - return TRUE; + + if (type == KEY_PUB_PEM) + { + chunk_t asn1_encoding = *encoding; + + success = lib->encoding->encode(lib->encoding, KEY_PUB_PEM, + NULL, encoding, KEY_PART_ECDSA_PUB_ASN1_DER, + asn1_encoding, KEY_PART_END); + chunk_clear(&asn1_encoding); + } + return success; } default: return FALSE; diff --git a/src/libstrongswan/plugins/openssl/openssl_plugin.c b/src/libstrongswan/plugins/openssl/openssl_plugin.c index 548a76bb4..c1545ffb8 100644 --- a/src/libstrongswan/plugins/openssl/openssl_plugin.c +++ b/src/libstrongswan/plugins/openssl/openssl_plugin.c @@ -27,6 +27,7 @@ #include "openssl_util.h" #include "openssl_crypter.h" #include "openssl_hasher.h" +#include "openssl_sha1_prf.h" #include "openssl_diffie_hellman.h" #include "openssl_ec_diffie_hellman.h" #include "openssl_rsa_private_key.h" @@ -170,6 +171,8 @@ static void destroy(private_openssl_plugin_t *this) (crypter_constructor_t)openssl_crypter_create); lib->crypto->remove_hasher(lib->crypto, (hasher_constructor_t)openssl_hasher_create); + lib->crypto->remove_prf(lib->crypto, + (prf_constructor_t)openssl_sha1_prf_create); lib->crypto->remove_dh(lib->crypto, (dh_constructor_t)openssl_diffie_hellman_create); lib->crypto->remove_dh(lib->crypto, @@ -201,7 +204,7 @@ static void destroy(private_openssl_plugin_t *this) /* * see header file */ -plugin_t *plugin_create() +plugin_t *openssl_plugin_create() { private_openssl_plugin_t *this = malloc_thing(private_openssl_plugin_t); @@ -256,9 +259,17 @@ plugin_t *plugin_create() lib->crypto->add_hasher(lib->crypto, HASH_SHA512, (hasher_constructor_t)openssl_hasher_create); + /* prf */ + lib->crypto->add_prf(lib->crypto, PRF_KEYED_SHA1, + (prf_constructor_t)openssl_sha1_prf_create); + /* (ec) diffie hellman */ lib->crypto->add_dh(lib->crypto, MODP_2048_BIT, (dh_constructor_t)openssl_diffie_hellman_create); + lib->crypto->add_dh(lib->crypto, MODP_2048_224, + (dh_constructor_t)openssl_diffie_hellman_create); + lib->crypto->add_dh(lib->crypto, MODP_2048_256, + (dh_constructor_t)openssl_diffie_hellman_create); lib->crypto->add_dh(lib->crypto, MODP_1536_BIT, (dh_constructor_t)openssl_diffie_hellman_create); lib->crypto->add_dh(lib->crypto, ECP_256_BIT, @@ -281,6 +292,8 @@ plugin_t *plugin_create() (dh_constructor_t)openssl_diffie_hellman_create); lib->crypto->add_dh(lib->crypto, MODP_1024_BIT, (dh_constructor_t)openssl_diffie_hellman_create); + lib->crypto->add_dh(lib->crypto, MODP_1024_160, + (dh_constructor_t)openssl_diffie_hellman_create); lib->crypto->add_dh(lib->crypto, MODP_768_BIT, (dh_constructor_t)openssl_diffie_hellman_create); diff --git a/src/libstrongswan/plugins/openssl/openssl_plugin.h b/src/libstrongswan/plugins/openssl/openssl_plugin.h index 9f422c9d0..0762c37b9 100644 --- a/src/libstrongswan/plugins/openssl/openssl_plugin.h +++ b/src/libstrongswan/plugins/openssl/openssl_plugin.h @@ -39,9 +39,4 @@ struct openssl_plugin_t { plugin_t plugin; }; -/** - * Create a openssl_plugin instance. - */ -plugin_t *plugin_create(); - #endif /** OPENSSL_PLUGIN_H_ @}*/ diff --git a/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c b/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c index 078f889a6..de751fe89 100644 --- a/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c +++ b/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c @@ -160,7 +160,7 @@ static bool sign(private_openssl_rsa_private_key_t *this, signature_scheme_t sch case SIGN_RSA_EMSA_PKCS1_MD5: return build_emsa_pkcs1_signature(this, NID_md5, data, signature); default: - DBG1("signature scheme %N not supported in RSA", + DBG1(DBG_LIB, "signature scheme %N not supported in RSA", signature_scheme_names, scheme); return FALSE; } @@ -172,7 +172,7 @@ static bool sign(private_openssl_rsa_private_key_t *this, signature_scheme_t sch static bool decrypt(private_openssl_rsa_private_key_t *this, chunk_t crypto, chunk_t *plain) { - DBG1("RSA private key decryption not implemented"); + DBG1(DBG_LIB, "RSA private key decryption not implemented"); return FALSE; } @@ -226,11 +226,24 @@ static bool get_encoding(private_openssl_rsa_private_key_t *this, switch (type) { case KEY_PRIV_ASN1_DER: + case KEY_PRIV_PEM: { + bool success = TRUE; + *encoding = chunk_alloc(i2d_RSAPrivateKey(this->rsa, NULL)); p = encoding->ptr; i2d_RSAPrivateKey(this->rsa, &p); - return TRUE; + + if (type == KEY_PRIV_PEM) + { + chunk_t asn1_encoding = *encoding; + + success = lib->encoding->encode(lib->encoding, KEY_PRIV_PEM, + NULL, encoding, KEY_PART_RSA_PRIV_ASN1_DER, + asn1_encoding, KEY_PART_END); + chunk_clear(&asn1_encoding); + } + return success; } default: return FALSE; @@ -296,6 +309,8 @@ openssl_rsa_private_key_t *openssl_rsa_private_key_gen(key_type_t type, { private_openssl_rsa_private_key_t *this; u_int key_size = 0; + RSA *rsa = NULL; + BIGNUM *e = NULL; while (TRUE) { @@ -315,10 +330,31 @@ openssl_rsa_private_key_t *openssl_rsa_private_key_gen(key_type_t type, { return NULL; } + e = BN_new(); + if (!e || !BN_set_word(e, PUBLIC_EXPONENT)) + { + goto error; + } + rsa = RSA_new(); + if (!rsa || !RSA_generate_key_ex(rsa, key_size, e, NULL)) + { + goto error; + } this = create_empty(); - this->rsa = RSA_generate_key(key_size, PUBLIC_EXPONENT, NULL, NULL); - + this->rsa = rsa; + BN_free(e); return &this->public; + +error: + if (e) + { + BN_free(e); + } + if (rsa) + { + RSA_free(rsa); + } + return NULL; } /** @@ -440,22 +476,22 @@ openssl_rsa_private_key_t *openssl_rsa_private_key_connect(key_type_t type, } engine_id = lib->settings->get_str(lib->settings, - "library.plugins.openssl.engine_id", "pkcs11"); + "libstrongswan.plugins.openssl.engine_id", "pkcs11"); engine = ENGINE_by_id(engine_id); if (!engine) { - DBG1("engine '%s' is not available", engine_id); + DBG1(DBG_LIB, "engine '%s' is not available", engine_id); return NULL; } if (!ENGINE_init(engine)) { - DBG1("failed to initialize engine '%s'", engine_id); + DBG1(DBG_LIB, "failed to initialize engine '%s'", engine_id); ENGINE_free(engine); return NULL; } if (!ENGINE_ctrl_cmd_string(engine, "PIN", pin, 0)) { - DBG1("failed to set PIN on engine '%s'", engine_id); + DBG1(DBG_LIB, "failed to set PIN on engine '%s'", engine_id); ENGINE_free(engine); return NULL; } @@ -463,8 +499,8 @@ openssl_rsa_private_key_t *openssl_rsa_private_key_connect(key_type_t type, key = ENGINE_load_private_key(engine, keyid, NULL, NULL); if (!key) { - DBG1("failed to load private key with ID '%s' from engine '%s'", - keyid, engine_id); + DBG1(DBG_LIB, "failed to load private key with ID '%s' from " + "engine '%s'", keyid, engine_id); ENGINE_free(engine); return NULL; } diff --git a/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c b/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c index 422262b19..ffa575a97 100644 --- a/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c +++ b/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c @@ -145,7 +145,7 @@ static bool verify(private_openssl_rsa_public_key_t *this, signature_scheme_t sc case SIGN_RSA_EMSA_PKCS1_MD5: return verify_emsa_pkcs1_signature(this, NID_md5, data, signature); default: - DBG1("signature scheme %N not supported in RSA", + DBG1(DBG_LIB, "signature scheme %N not supported in RSA", signature_scheme_names, scheme); return FALSE; } @@ -157,7 +157,7 @@ static bool verify(private_openssl_rsa_public_key_t *this, signature_scheme_t sc static bool encrypt_(private_openssl_rsa_public_key_t *this, chunk_t crypto, chunk_t *plain) { - DBG1("RSA public key encryption not implemented"); + DBG1(DBG_LIB, "RSA public key encryption not implemented"); return FALSE; } @@ -200,7 +200,7 @@ bool openssl_rsa_fingerprint(RSA *rsa, key_encoding_type_t type, chunk_t *fp) hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1); if (!hasher) { - DBG1("SHA1 hash algorithm not supported, fingerprinting failed"); + DBG1(DBG_LIB, "SHA1 hash algorithm not supported, fingerprinting failed"); free(key.ptr); return FALSE; } @@ -231,11 +231,24 @@ static bool get_encoding(private_openssl_rsa_public_key_t *this, switch (type) { case KEY_PUB_SPKI_ASN1_DER: + case KEY_PUB_PEM: { + bool success = TRUE; + *encoding = chunk_alloc(i2d_RSA_PUBKEY(this->rsa, NULL)); p = encoding->ptr; i2d_RSA_PUBKEY(this->rsa, &p); - return TRUE; + + if (type == KEY_PUB_PEM) + { + chunk_t asn1_encoding = *encoding; + + success = lib->encoding->encode(lib->encoding, KEY_PUB_PEM, + NULL, encoding, KEY_PART_RSA_PUB_ASN1_DER, + asn1_encoding, KEY_PART_END); + chunk_clear(&asn1_encoding); + } + return success; } case KEY_PUB_ASN1_DER: { diff --git a/src/libstrongswan/plugins/openssl/openssl_sha1_prf.c b/src/libstrongswan/plugins/openssl/openssl_sha1_prf.c new file mode 100644 index 000000000..b65388010 --- /dev/null +++ b/src/libstrongswan/plugins/openssl/openssl_sha1_prf.c @@ -0,0 +1,139 @@ +/* + * Copyright (C) 2010 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "openssl_sha1_prf.h" + +#include <openssl/sha.h> + +typedef struct private_openssl_sha1_prf_t private_openssl_sha1_prf_t; + +/** + * Private data of an openssl_sha1_prf_t object. + */ +struct private_openssl_sha1_prf_t { + + /** + * Public openssl_sha1_prf_t interface. + */ + openssl_sha1_prf_t public; + + /** + * SHA1 context + */ + SHA_CTX ctx; +}; + +METHOD(prf_t, get_bytes, void, + private_openssl_sha1_prf_t *this, chunk_t seed, u_int8_t *bytes) +{ + SHA1_Update(&this->ctx, seed.ptr, seed.len); + + if (bytes) + { + u_int32_t *hash = (u_int32_t*)bytes; + + hash[0] = htonl(this->ctx.h0); + hash[1] = htonl(this->ctx.h1); + hash[2] = htonl(this->ctx.h2); + hash[3] = htonl(this->ctx.h3); + hash[4] = htonl(this->ctx.h4); + } +} + +METHOD(prf_t, get_block_size, size_t, + private_openssl_sha1_prf_t *this) +{ + return HASH_SIZE_SHA1; +} + +METHOD(prf_t, allocate_bytes, void, + private_openssl_sha1_prf_t *this, chunk_t seed, chunk_t *chunk) +{ + if (chunk) + { + *chunk = chunk_alloc(HASH_SIZE_SHA1); + get_bytes(this, seed, chunk->ptr); + } + else + { + get_bytes(this, seed, NULL); + } +} + +METHOD(prf_t, get_key_size, size_t, + private_openssl_sha1_prf_t *this) +{ + return HASH_SIZE_SHA1; +} + +METHOD(prf_t, set_key, void, + private_openssl_sha1_prf_t *this, chunk_t key) +{ + SHA1_Init(&this->ctx); + + if (key.len >= 4) + { + this->ctx.h0 ^= untoh32(key.ptr); + } + if (key.len >= 8) + { + this->ctx.h1 ^= untoh32(key.ptr + 4); + } + if (key.len >= 12) + { + this->ctx.h2 ^= untoh32(key.ptr + 8); + } + if (key.len >= 16) + { + this->ctx.h3 ^= untoh32(key.ptr + 12); + } + if (key.len >= 20) + { + this->ctx.h4 ^= untoh32(key.ptr + 16); + } +} + +METHOD(prf_t, destroy, void, + private_openssl_sha1_prf_t *this) +{ + free(this); +} + +/** + * See header + */ +openssl_sha1_prf_t *openssl_sha1_prf_create(pseudo_random_function_t algo) +{ + private_openssl_sha1_prf_t *this; + + if (algo != PRF_KEYED_SHA1) + { + return NULL; + } + + INIT(this, + .public.prf = { + .get_block_size = _get_block_size, + .get_bytes = _get_bytes, + .allocate_bytes = _allocate_bytes, + .get_key_size = _get_key_size, + .set_key = _set_key, + .destroy = _destroy, + }, + ); + + return &this->public; +} + diff --git a/src/libstrongswan/plugins/openssl/openssl_sha1_prf.h b/src/libstrongswan/plugins/openssl/openssl_sha1_prf.h new file mode 100644 index 000000000..9a24e7ee1 --- /dev/null +++ b/src/libstrongswan/plugins/openssl/openssl_sha1_prf.h @@ -0,0 +1,48 @@ +/* + * Copyright (C) 2010 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @defgroup openssl_sha1_prf openssl_sha1_prf + * @{ @ingroup sha1_p + */ + +#ifndef OPENSSL_SHA1_PRF_H_ +#define OPENSSL_SHA1_PRF_H_ + +typedef struct openssl_sha1_prf_t openssl_sha1_prf_t; + +#include <crypto/prfs/prf.h> + +/** + * Implementation of prf_t interface using keyed SHA1 algorithm as used + * in EAP-AKA/FIPS_PRF. + */ +struct openssl_sha1_prf_t { + + /** + * Implements prf_t interface. + */ + prf_t prf; +}; + +/** + * Creates a new openssl_sha1_prf_t. + * + * @param algo algorithm, must be PRF_KEYED_SHA1 + * @return sha1_keyed_prf_tobject + */ +openssl_sha1_prf_t *openssl_sha1_prf_create(pseudo_random_function_t algo); + +#endif /** OPENSSL_SHA1_PRF_H_ @}*/ diff --git a/src/libstrongswan/plugins/padlock/Makefile.am b/src/libstrongswan/plugins/padlock/Makefile.am index b2b1f9d85..6706d26cb 100644 --- a/src/libstrongswan/plugins/padlock/Makefile.am +++ b/src/libstrongswan/plugins/padlock/Makefile.am @@ -3,11 +3,16 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic +if MONOLITHIC +noinst_LTLIBRARIES = libstrongswan-padlock.la +else plugin_LTLIBRARIES = libstrongswan-padlock.la +endif -libstrongswan_padlock_la_SOURCES = padlock_plugin.h padlock_plugin.c \ +libstrongswan_padlock_la_SOURCES = \ + padlock_plugin.h padlock_plugin.c \ padlock_aes_crypter.c padlock_aes_crypter.h \ padlock_sha1_hasher.c padlock_sha1_hasher.h \ padlock_rng.c padlock_rng.h -libstrongswan_padlock_la_LDFLAGS = -module -avoid-version +libstrongswan_padlock_la_LDFLAGS = -module -avoid-version diff --git a/src/libstrongswan/plugins/padlock/Makefile.in b/src/libstrongswan/plugins/padlock/Makefile.in index 59ea98799..84c2ef2fb 100644 --- a/src/libstrongswan/plugins/padlock/Makefile.in +++ b/src/libstrongswan/plugins/padlock/Makefile.in @@ -72,7 +72,7 @@ am__base_list = \ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' am__installdirs = "$(DESTDIR)$(plugindir)" -LTLIBRARIES = $(plugin_LTLIBRARIES) +LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES) libstrongswan_padlock_la_LIBADD = am_libstrongswan_padlock_la_OBJECTS = padlock_plugin.lo \ padlock_aes_crypter.lo padlock_sha1_hasher.lo padlock_rng.lo @@ -81,6 +81,9 @@ libstrongswan_padlock_la_OBJECTS = \ libstrongswan_padlock_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(libstrongswan_padlock_la_LDFLAGS) $(LDFLAGS) -o $@ +@MONOLITHIC_FALSE@am_libstrongswan_padlock_la_rpath = -rpath \ +@MONOLITHIC_FALSE@ $(plugindir) +@MONOLITHIC_TRUE@am_libstrongswan_padlock_la_rpath = DEFAULT_INCLUDES = -I.@am__isrc@ depcomp = $(SHELL) $(top_srcdir)/depcomp am__depfiles_maybe = depfiles @@ -219,6 +222,7 @@ ipsecuid = @ipsecuid@ ipsecuser = @ipsecuser@ libdir = @libdir@ libexecdir = @libexecdir@ +libhydra_plugins = @libhydra_plugins@ libstrongswan_plugins = @libstrongswan_plugins@ linux_headers = @linux_headers@ localedir = @localedir@ @@ -255,8 +259,10 @@ xml_CFLAGS = @xml_CFLAGS@ xml_LIBS = @xml_LIBS@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic -plugin_LTLIBRARIES = libstrongswan-padlock.la -libstrongswan_padlock_la_SOURCES = padlock_plugin.h padlock_plugin.c \ +@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-padlock.la +@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-padlock.la +libstrongswan_padlock_la_SOURCES = \ + padlock_plugin.h padlock_plugin.c \ padlock_aes_crypter.c padlock_aes_crypter.h \ padlock_sha1_hasher.c padlock_sha1_hasher.h \ padlock_rng.c padlock_rng.h @@ -296,6 +302,15 @@ $(top_srcdir)/configure: $(am__configure_deps) $(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(am__aclocal_m4_deps): + +clean-noinstLTLIBRARIES: + -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES) + @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES) @$(NORMAL_INSTALL) test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)" @@ -328,7 +343,7 @@ clean-pluginLTLIBRARIES: rm -f "$${dir}/so_locations"; \ done libstrongswan-padlock.la: $(libstrongswan_padlock_la_OBJECTS) $(libstrongswan_padlock_la_DEPENDENCIES) - $(libstrongswan_padlock_la_LINK) -rpath $(plugindir) $(libstrongswan_padlock_la_OBJECTS) $(libstrongswan_padlock_la_LIBADD) $(LIBS) + $(libstrongswan_padlock_la_LINK) $(am_libstrongswan_padlock_la_rpath) $(libstrongswan_padlock_la_OBJECTS) $(libstrongswan_padlock_la_LIBADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) @@ -484,8 +499,8 @@ maintainer-clean-generic: @echo "it deletes files that may require special tools to rebuild." clean: clean-am -clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \ - mostlyclean-am +clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \ + clean-pluginLTLIBRARIES mostlyclean-am distclean: distclean-am -rm -rf ./$(DEPDIR) @@ -556,18 +571,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES .MAKE: install-am install-strip .PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ - clean-libtool clean-pluginLTLIBRARIES ctags distclean \ - distclean-compile distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-pluginLTLIBRARIES \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-pluginLTLIBRARIES + clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \ + ctags distclean distclean-compile distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-man install-pdf install-pdf-am \ + install-pluginLTLIBRARIES install-ps install-ps-am \ + install-strip installcheck installcheck-am installdirs \ + maintainer-clean maintainer-clean-generic mostlyclean \ + mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ + pdf pdf-am ps ps-am tags uninstall uninstall-am \ + uninstall-pluginLTLIBRARIES # Tell versions [3.59,3.63) of GNU make to not export all variables. diff --git a/src/libstrongswan/plugins/padlock/padlock_plugin.c b/src/libstrongswan/plugins/padlock/padlock_plugin.c index 32b18ec4b..c9606ae15 100644 --- a/src/libstrongswan/plugins/padlock/padlock_plugin.c +++ b/src/libstrongswan/plugins/padlock/padlock_plugin.c @@ -97,7 +97,7 @@ static padlock_feature_t get_padlock_features() return d; } } - DBG1("Padlock not found, CPU is %s", vendor); + DBG1(DBG_LIB, "Padlock not found, CPU is %s", vendor); return 0; } @@ -131,7 +131,7 @@ static void destroy(private_padlock_plugin_t *this) /* * see header file */ -plugin_t *plugin_create() +plugin_t *padlock_plugin_create() { private_padlock_plugin_t *this = malloc_thing(private_padlock_plugin_t); @@ -143,7 +143,7 @@ plugin_t *plugin_create() free(this); return NULL; } - DBG1("Padlock found, supports:%s%s%s%s%s, enabled:%s%s%s%s%s", + DBG1(DBG_LIB, "Padlock found, supports:%s%s%s%s%s, enabled:%s%s%s%s%s", this->features & PADLOCK_RNG_AVAILABLE ? " RNG" : "", this->features & PADLOCK_ACE_AVAILABLE ? " ACE" : "", this->features & PADLOCK_ACE2_AVAILABLE ? " ACE2" : "", diff --git a/src/libstrongswan/plugins/padlock/padlock_plugin.h b/src/libstrongswan/plugins/padlock/padlock_plugin.h index 76f4d1135..d99d4db0f 100644 --- a/src/libstrongswan/plugins/padlock/padlock_plugin.h +++ b/src/libstrongswan/plugins/padlock/padlock_plugin.h @@ -39,9 +39,4 @@ struct padlock_plugin_t { plugin_t plugin; }; -/** - * Create a padlock_plugin instance. - */ -plugin_t *plugin_create(); - #endif /** PADLOCK_PLUGIN_H_ @}*/ diff --git a/src/libstrongswan/plugins/pem/Makefile.am b/src/libstrongswan/plugins/pem/Makefile.am index 98f356aaf..b815b1e0b 100644 --- a/src/libstrongswan/plugins/pem/Makefile.am +++ b/src/libstrongswan/plugins/pem/Makefile.am @@ -3,10 +3,15 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic +if MONOLITHIC +noinst_LTLIBRARIES = libstrongswan-pem.la +else plugin_LTLIBRARIES = libstrongswan-pem.la +endif -libstrongswan_pem_la_SOURCES = pem_plugin.h pem_plugin.c \ - pem_builder.c pem_builder.h +libstrongswan_pem_la_SOURCES = \ + pem_plugin.h pem_plugin.c \ + pem_builder.c pem_builder.h \ + pem_encoder.c pem_encoder.h libstrongswan_pem_la_LDFLAGS = -module -avoid-version - diff --git a/src/libstrongswan/plugins/pem/Makefile.in b/src/libstrongswan/plugins/pem/Makefile.in index e81b4f78f..4e39c8f7b 100644 --- a/src/libstrongswan/plugins/pem/Makefile.in +++ b/src/libstrongswan/plugins/pem/Makefile.in @@ -72,13 +72,16 @@ am__base_list = \ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' am__installdirs = "$(DESTDIR)$(plugindir)" -LTLIBRARIES = $(plugin_LTLIBRARIES) +LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES) libstrongswan_pem_la_LIBADD = -am_libstrongswan_pem_la_OBJECTS = pem_plugin.lo pem_builder.lo +am_libstrongswan_pem_la_OBJECTS = pem_plugin.lo pem_builder.lo \ + pem_encoder.lo libstrongswan_pem_la_OBJECTS = $(am_libstrongswan_pem_la_OBJECTS) libstrongswan_pem_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(libstrongswan_pem_la_LDFLAGS) $(LDFLAGS) -o $@ +@MONOLITHIC_FALSE@am_libstrongswan_pem_la_rpath = -rpath $(plugindir) +@MONOLITHIC_TRUE@am_libstrongswan_pem_la_rpath = DEFAULT_INCLUDES = -I.@am__isrc@ depcomp = $(SHELL) $(top_srcdir)/depcomp am__depfiles_maybe = depfiles @@ -217,6 +220,7 @@ ipsecuid = @ipsecuid@ ipsecuser = @ipsecuser@ libdir = @libdir@ libexecdir = @libexecdir@ +libhydra_plugins = @libhydra_plugins@ libstrongswan_plugins = @libstrongswan_plugins@ linux_headers = @linux_headers@ localedir = @localedir@ @@ -253,9 +257,12 @@ xml_CFLAGS = @xml_CFLAGS@ xml_LIBS = @xml_LIBS@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic -plugin_LTLIBRARIES = libstrongswan-pem.la -libstrongswan_pem_la_SOURCES = pem_plugin.h pem_plugin.c \ - pem_builder.c pem_builder.h +@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-pem.la +@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-pem.la +libstrongswan_pem_la_SOURCES = \ + pem_plugin.h pem_plugin.c \ + pem_builder.c pem_builder.h \ + pem_encoder.c pem_encoder.h libstrongswan_pem_la_LDFLAGS = -module -avoid-version all: all-am @@ -292,6 +299,15 @@ $(top_srcdir)/configure: $(am__configure_deps) $(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(am__aclocal_m4_deps): + +clean-noinstLTLIBRARIES: + -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES) + @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES) @$(NORMAL_INSTALL) test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)" @@ -324,7 +340,7 @@ clean-pluginLTLIBRARIES: rm -f "$${dir}/so_locations"; \ done libstrongswan-pem.la: $(libstrongswan_pem_la_OBJECTS) $(libstrongswan_pem_la_DEPENDENCIES) - $(libstrongswan_pem_la_LINK) -rpath $(plugindir) $(libstrongswan_pem_la_OBJECTS) $(libstrongswan_pem_la_LIBADD) $(LIBS) + $(libstrongswan_pem_la_LINK) $(am_libstrongswan_pem_la_rpath) $(libstrongswan_pem_la_OBJECTS) $(libstrongswan_pem_la_LIBADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) @@ -333,6 +349,7 @@ distclean-compile: -rm -f *.tab.c @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pem_builder.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pem_encoder.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pem_plugin.Plo@am__quote@ .c.o: @@ -478,8 +495,8 @@ maintainer-clean-generic: @echo "it deletes files that may require special tools to rebuild." clean: clean-am -clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \ - mostlyclean-am +clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \ + clean-pluginLTLIBRARIES mostlyclean-am distclean: distclean-am -rm -rf ./$(DEPDIR) @@ -550,18 +567,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES .MAKE: install-am install-strip .PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ - clean-libtool clean-pluginLTLIBRARIES ctags distclean \ - distclean-compile distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-pluginLTLIBRARIES \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-pluginLTLIBRARIES + clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \ + ctags distclean distclean-compile distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-man install-pdf install-pdf-am \ + install-pluginLTLIBRARIES install-ps install-ps-am \ + install-strip installcheck installcheck-am installdirs \ + maintainer-clean maintainer-clean-generic mostlyclean \ + mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ + pdf pdf-am ps ps-am tags uninstall uninstall-am \ + uninstall-pluginLTLIBRARIES # Tell versions [3.59,3.63) of GNU make to not export all variables. diff --git a/src/libstrongswan/plugins/pem/pem_builder.c b/src/libstrongswan/plugins/pem/pem_builder.c index 2f285e9bc..65be9501b 100644 --- a/src/libstrongswan/plugins/pem/pem_builder.c +++ b/src/libstrongswan/plugins/pem/pem_builder.c @@ -73,7 +73,7 @@ static bool find_boundary(char* tag, chunk_t *line) { if (present("-----", line)) { - DBG2(" -----%s %.*s-----", tag, (int)name.len, name.ptr); + DBG2(DBG_LIB, " -----%s %.*s-----", tag, (int)name.len, name.ptr); return TRUE; } line->ptr++; line->len--; name.len++; @@ -99,7 +99,7 @@ static status_t pem_decrypt(chunk_t *blob, encryption_algorithm_t alg, hasher = lib->crypto->create_hasher(lib->crypto, HASH_MD5); if (hasher == NULL) { - DBG1(" MD5 hash algorithm not available"); + DBG1(DBG_LIB, " MD5 hash algorithm not available"); return NOT_SUPPORTED; } hash.len = hasher->get_hash_size(hasher); @@ -121,7 +121,7 @@ static status_t pem_decrypt(chunk_t *blob, encryption_algorithm_t alg, crypter = lib->crypto->create_crypter(lib->crypto, alg, key_size); if (crypter == NULL) { - DBG1(" %N encryption algorithm not available", + DBG1(DBG_LIB, " %N encryption algorithm not available", encryption_algorithm_names, alg); return NOT_SUPPORTED; } @@ -131,7 +131,7 @@ static status_t pem_decrypt(chunk_t *blob, encryption_algorithm_t alg, blob->len % iv.len) { crypter->destroy(crypter); - DBG1(" data size is not multiple of block size"); + DBG1(DBG_LIB, " data size is not multiple of block size"); return PARSE_ERROR; } crypter->decrypt(crypter, *blob, iv, &decrypted); @@ -155,7 +155,7 @@ static status_t pem_decrypt(chunk_t *blob, encryption_algorithm_t alg, { if (*last_padding_pos != padding) { - DBG1(" invalid passphrase"); + DBG1(DBG_LIB, " invalid passphrase"); return INVALID_ARG; } } @@ -234,7 +234,7 @@ static status_t pem_to_bin(chunk_t *blob, chunk_t(*cb)(void*,int), void *cb_data } /* we are looking for a parameter: value pair */ - DBG2(" %.*s", (int)line.len, line.ptr); + DBG2(DBG_LIB, " %.*s", (int)line.len, line.ptr); ugh = extract_parameter_value(&name, &value, &line); if (ugh != NULL) { @@ -274,8 +274,8 @@ static status_t pem_to_bin(chunk_t *blob, chunk_t(*cb)(void*,int), void *cb_data } else { - DBG1(" encryption algorithm '%.*s' not supported", - dek.len, dek.ptr); + DBG1(DBG_LIB, " encryption algorithm '%.*s'" + " not supported", dek.len, dek.ptr); return NOT_SUPPORTED; } eat_whitespace(&value); @@ -298,7 +298,8 @@ static status_t pem_to_bin(chunk_t *blob, chunk_t(*cb)(void*,int), void *cb_data *pgp = TRUE; data.ptr++; data.len--; - DBG2(" armor checksum: %.*s", (int)data.len, data.ptr); + DBG2(DBG_LIB, " armor checksum: %.*s", (int)data.len, + data.ptr); continue; } @@ -318,7 +319,7 @@ static status_t pem_to_bin(chunk_t *blob, chunk_t(*cb)(void*,int), void *cb_data if (state != PEM_POST) { - DBG1(" file coded in unknown format, discarded"); + DBG1(DBG_LIB, " file coded in unknown format, discarded"); return PARSE_ERROR; } if (!encrypted) @@ -327,7 +328,7 @@ static status_t pem_to_bin(chunk_t *blob, chunk_t(*cb)(void*,int), void *cb_data } if (!cb) { - DBG1(" missing passphrase"); + DBG1(DBG_LIB, " missing passphrase"); return INVALID_ARG; } while (TRUE) @@ -404,13 +405,14 @@ static void *load_from_file(char *file, credential_type_t type, int subtype, fd = open(file, O_RDONLY); if (fd == -1) { - DBG1(" opening '%s' failed: %s", file, strerror(errno)); + DBG1(DBG_LIB, " opening '%s' failed: %s", file, strerror(errno)); return NULL; } if (fstat(fd, &sb) == -1) { - DBG1(" getting file size of '%s' failed: %s", file, strerror(errno)); + DBG1(DBG_LIB, " getting file size of '%s' failed: %s", file, + strerror(errno)); close(fd); return NULL; } @@ -418,7 +420,7 @@ static void *load_from_file(char *file, credential_type_t type, int subtype, addr = mmap(NULL, sb.st_size, PROT_READ, MAP_PRIVATE, fd, 0); if (addr == MAP_FAILED) { - DBG1(" mapping '%s' failed: %s", file, strerror(errno)); + DBG1(DBG_LIB, " mapping '%s' failed: %s", file, strerror(errno)); close(fd); return NULL; } @@ -447,7 +449,8 @@ static void *load_from_fd(int fd, credential_type_t type, int subtype, len = read(fd, pos, buf + sizeof(buf) - pos); if (len < 0) { - DBG1("reading from file descriptor failed: %s", strerror(errno)); + DBG1(DBG_LIB, "reading from file descriptor failed: %s", + strerror(errno)); return NULL; } if (len == 0) @@ -457,7 +460,7 @@ static void *load_from_fd(int fd, credential_type_t type, int subtype, total += len; if (total == sizeof(buf)) { - DBG1("buffer too small to read from file descriptor"); + DBG1(DBG_LIB, "buffer too small to read from file descriptor"); return NULL; } } diff --git a/src/libstrongswan/plugins/pem/pem_builder.h b/src/libstrongswan/plugins/pem/pem_builder.h index 189a5430f..87f5a2c69 100644 --- a/src/libstrongswan/plugins/pem/pem_builder.h +++ b/src/libstrongswan/plugins/pem/pem_builder.h @@ -18,8 +18,8 @@ * @{ @ingroup pem_p */ -#ifndef PEM_PRIVATE_KEY_H_ -#define PEM_PRIVATE_KEY_H_ +#ifndef PEM_BUILDER_H_ +#define PEM_BUILDER_H_ #include <credentials/builder.h> #include <credentials/credential_factory.h> @@ -53,5 +53,5 @@ public_key_t *pem_public_key_load(key_type_t type, va_list args); */ certificate_t *pem_certificate_load(certificate_type_t type, va_list args); -#endif /** PEM_PRIVATE_KEY_H_ @}*/ +#endif /** PEM_BUILDER_H_ @}*/ diff --git a/src/libstrongswan/plugins/pem/pem_encoder.c b/src/libstrongswan/plugins/pem/pem_encoder.c new file mode 100644 index 000000000..13c99a958 --- /dev/null +++ b/src/libstrongswan/plugins/pem/pem_encoder.c @@ -0,0 +1,138 @@ +/* + * Copyright (C) 2010 Andreas Steffen + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "pem_encoder.h" + +#define BYTES_PER_LINE 48 + +/** + * See header. + */ +bool pem_encoder_encode(key_encoding_type_t type, chunk_t *encoding, + va_list args) +{ + chunk_t asn1; + char *label; + u_char *pos; + size_t len, written, pem_chars, pem_lines; + chunk_t n, e, d, p, q, exp1, exp2, coeff, to_free = chunk_empty; + + switch (type) + { + case KEY_PUB_PEM: + label ="PUBLIC KEY"; + /* direct PKCS#1 PEM encoding */ + if (key_encoding_args(args, KEY_PART_RSA_PUB_ASN1_DER, + &asn1, KEY_PART_END) || + key_encoding_args(args, KEY_PART_ECDSA_PUB_ASN1_DER, + &asn1, KEY_PART_END)) + { + break; + } + /* indirect PEM encoding from components */ + if (key_encoding_args(args, KEY_PART_RSA_MODULUS, &n, + KEY_PART_RSA_PUB_EXP, &e, KEY_PART_END)) + { + if (lib->encoding->encode(lib->encoding, KEY_PUB_SPKI_ASN1_DER, + NULL, &asn1, KEY_PART_RSA_MODULUS, n, + KEY_PART_RSA_PUB_EXP, e, KEY_PART_END)) + { + to_free = asn1; + break; + } + } + return FALSE; + case KEY_PRIV_PEM: + label ="RSA PRIVATE KEY"; + /* direct PKCS#1 PEM encoding */ + if (key_encoding_args(args, KEY_PART_RSA_PRIV_ASN1_DER, + &asn1, KEY_PART_END)) + { + break; + } + /* indirect PEM encoding from components */ + if (key_encoding_args(args, KEY_PART_RSA_MODULUS, &n, + KEY_PART_RSA_PUB_EXP, &e, KEY_PART_RSA_PRIV_EXP, &d, + KEY_PART_RSA_PRIME1, &p, KEY_PART_RSA_PRIME2, &q, + KEY_PART_RSA_EXP1, &exp1, KEY_PART_RSA_EXP2, &exp2, + KEY_PART_RSA_COEFF, &coeff, KEY_PART_END)) + { + if (lib->encoding->encode(lib->encoding, KEY_PRIV_ASN1_DER, NULL, + &asn1, KEY_PART_RSA_MODULUS, n, + KEY_PART_RSA_PUB_EXP, e, KEY_PART_RSA_PRIV_EXP, d, + KEY_PART_RSA_PRIME1, p, KEY_PART_RSA_PRIME2, q, + KEY_PART_RSA_EXP1, exp1, KEY_PART_RSA_EXP2, exp2, + KEY_PART_RSA_COEFF, coeff, KEY_PART_END)) + { + to_free = asn1; + break; + } + } + if (key_encoding_args(args, KEY_PART_ECDSA_PRIV_ASN1_DER, + &asn1, KEY_PART_END)) + { + label ="EC PRIVATE KEY"; + break; + } + return FALSE; + default: + return FALSE; + } + + /* compute and allocate maximum size of PEM object */ + pem_chars = 4*(asn1.len + 2)/3; + pem_lines = (asn1.len + BYTES_PER_LINE - 1) / BYTES_PER_LINE; + *encoding = chunk_alloc(5 + 2*(6 + strlen(label) + 6) + 3 + pem_chars + pem_lines); + pos = encoding->ptr; + len = encoding->len; + + /* write PEM header */ + written = snprintf(pos, len, "-----BEGIN %s-----\n", label); + pos += written; + len -= written; + + /* write PEM body */ + while (pem_lines--) + { + chunk_t asn1_line, pem_line; + + asn1_line = chunk_create(asn1.ptr, min(asn1.len, BYTES_PER_LINE)); + asn1.ptr += asn1_line.len; + asn1.len -= asn1_line.len; + pem_line = chunk_to_base64(asn1_line, pos); + pos += pem_line.len; + len -= pem_line.len; + *pos = '\n'; + pos++; + len--; + } + + chunk_clear(&to_free); + + /* write PEM trailer */ + written = snprintf(pos, len, "-----END %s-----", label); + pos += written; + len -= written; + + /* replace termination null character with newline */ + *pos = '\n'; + pos++; + len--; + + /* compute effective length of PEM object */ + encoding->len = pos - encoding->ptr; + return TRUE; +} + diff --git a/src/libstrongswan/plugins/attr_sql/attr_sql_plugin.h b/src/libstrongswan/plugins/pem/pem_encoder.h index 3a60ea0d2..a181133b7 100644 --- a/src/libstrongswan/plugins/attr_sql/attr_sql_plugin.h +++ b/src/libstrongswan/plugins/pem/pem_encoder.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2008 Martin Willi + * Copyright (C) 2010 Andreas Steffen * Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -14,34 +14,20 @@ */ /** - * @defgroup attr_sql attr_sql - * @ingroup plugins - * - * @defgroup sql_plugin sql_plugin - * @{ @ingroup attr_sql + * @defgroup pem_encoder pem_encoder + * @{ @ingroup pem_p */ -#ifndef ATTR_SQL_PLUGIN_H_ -#define ATTR_SQL_PLUGIN_H_ - -#include <plugins/plugin.h> +#ifndef PEM_ENCODER_H_ +#define PEM_ENCODER_H_ -typedef struct attr_sql_plugin_t attr_sql_plugin_t; +#include <credentials/keys/key_encoding.h> /** - * SQL database attribute configuration plugin + * Encoding from ASN.1 to PEM format. */ -struct attr_sql_plugin_t { - - /** - * implements plugin interface - */ - plugin_t plugin; -}; +bool pem_encoder_encode(key_encoding_type_t type, chunk_t *encoding, + va_list args); -/** - * Create a sql_plugin instance. - */ -plugin_t *plugin_create(); +#endif /** PEM_ENCODER_H_ @}*/ -#endif /** ATTR_SQL_PLUGIN_H_ @}*/ diff --git a/src/libstrongswan/plugins/pem/pem_plugin.c b/src/libstrongswan/plugins/pem/pem_plugin.c index 5a5149ca8..810901b7a 100644 --- a/src/libstrongswan/plugins/pem/pem_plugin.c +++ b/src/libstrongswan/plugins/pem/pem_plugin.c @@ -16,7 +16,9 @@ #include "pem_plugin.h" #include <library.h> + #include "pem_builder.h" +#include "pem_encoder.h" typedef struct private_pem_plugin_t private_pem_plugin_t; @@ -48,7 +50,7 @@ static void destroy(private_pem_plugin_t *this) /* * see header file */ -plugin_t *plugin_create() +plugin_t *pem_plugin_create() { private_pem_plugin_t *this = malloc_thing(private_pem_plugin_t); @@ -100,6 +102,9 @@ plugin_t *plugin_create() lib->creds->add_builder(lib->creds, CRED_CERTIFICATE, CERT_PLUTO_CRL, (builder_function_t)pem_certificate_load); + /* register PEM encoder */ + lib->encoding->add_encoder(lib->encoding, pem_encoder_encode); + return &this->public.plugin; } diff --git a/src/libstrongswan/plugins/pem/pem_plugin.h b/src/libstrongswan/plugins/pem/pem_plugin.h index 75616c496..944a3fc85 100644 --- a/src/libstrongswan/plugins/pem/pem_plugin.h +++ b/src/libstrongswan/plugins/pem/pem_plugin.h @@ -39,9 +39,4 @@ struct pem_plugin_t { plugin_t plugin; }; -/** - * Create a pem_plugin instance. - */ -plugin_t *plugin_create(); - #endif /** PEM_PLUGIN_H_ @}*/ diff --git a/src/libstrongswan/plugins/pgp/Makefile.am b/src/libstrongswan/plugins/pgp/Makefile.am index c232971bb..4b414616d 100644 --- a/src/libstrongswan/plugins/pgp/Makefile.am +++ b/src/libstrongswan/plugins/pgp/Makefile.am @@ -3,13 +3,17 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic +if MONOLITHIC +noinst_LTLIBRARIES = libstrongswan-pgp.la +else plugin_LTLIBRARIES = libstrongswan-pgp.la +endif -libstrongswan_pgp_la_SOURCES = pgp_plugin.h pgp_plugin.c \ - pgp_utils.h pgp_utils.c \ - pgp_cert.h pgp_cert.c \ - pgp_encoder.h pgp_encoder.c \ - pgp_builder.h pgp_builder.c +libstrongswan_pgp_la_SOURCES = \ + pgp_plugin.h pgp_plugin.c \ + pgp_utils.h pgp_utils.c \ + pgp_cert.h pgp_cert.c \ + pgp_encoder.h pgp_encoder.c \ + pgp_builder.h pgp_builder.c libstrongswan_pgp_la_LDFLAGS = -module -avoid-version - diff --git a/src/libstrongswan/plugins/pgp/Makefile.in b/src/libstrongswan/plugins/pgp/Makefile.in index 70840c400..5d487364f 100644 --- a/src/libstrongswan/plugins/pgp/Makefile.in +++ b/src/libstrongswan/plugins/pgp/Makefile.in @@ -72,7 +72,7 @@ am__base_list = \ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' am__installdirs = "$(DESTDIR)$(plugindir)" -LTLIBRARIES = $(plugin_LTLIBRARIES) +LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES) libstrongswan_pgp_la_LIBADD = am_libstrongswan_pgp_la_OBJECTS = pgp_plugin.lo pgp_utils.lo \ pgp_cert.lo pgp_encoder.lo pgp_builder.lo @@ -80,6 +80,8 @@ libstrongswan_pgp_la_OBJECTS = $(am_libstrongswan_pgp_la_OBJECTS) libstrongswan_pgp_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(libstrongswan_pgp_la_LDFLAGS) $(LDFLAGS) -o $@ +@MONOLITHIC_FALSE@am_libstrongswan_pgp_la_rpath = -rpath $(plugindir) +@MONOLITHIC_TRUE@am_libstrongswan_pgp_la_rpath = DEFAULT_INCLUDES = -I.@am__isrc@ depcomp = $(SHELL) $(top_srcdir)/depcomp am__depfiles_maybe = depfiles @@ -218,6 +220,7 @@ ipsecuid = @ipsecuid@ ipsecuser = @ipsecuser@ libdir = @libdir@ libexecdir = @libexecdir@ +libhydra_plugins = @libhydra_plugins@ libstrongswan_plugins = @libstrongswan_plugins@ linux_headers = @linux_headers@ localedir = @localedir@ @@ -254,12 +257,14 @@ xml_CFLAGS = @xml_CFLAGS@ xml_LIBS = @xml_LIBS@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic -plugin_LTLIBRARIES = libstrongswan-pgp.la -libstrongswan_pgp_la_SOURCES = pgp_plugin.h pgp_plugin.c \ - pgp_utils.h pgp_utils.c \ - pgp_cert.h pgp_cert.c \ - pgp_encoder.h pgp_encoder.c \ - pgp_builder.h pgp_builder.c +@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-pgp.la +@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-pgp.la +libstrongswan_pgp_la_SOURCES = \ + pgp_plugin.h pgp_plugin.c \ + pgp_utils.h pgp_utils.c \ + pgp_cert.h pgp_cert.c \ + pgp_encoder.h pgp_encoder.c \ + pgp_builder.h pgp_builder.c libstrongswan_pgp_la_LDFLAGS = -module -avoid-version all: all-am @@ -296,6 +301,15 @@ $(top_srcdir)/configure: $(am__configure_deps) $(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(am__aclocal_m4_deps): + +clean-noinstLTLIBRARIES: + -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES) + @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES) @$(NORMAL_INSTALL) test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)" @@ -328,7 +342,7 @@ clean-pluginLTLIBRARIES: rm -f "$${dir}/so_locations"; \ done libstrongswan-pgp.la: $(libstrongswan_pgp_la_OBJECTS) $(libstrongswan_pgp_la_DEPENDENCIES) - $(libstrongswan_pgp_la_LINK) -rpath $(plugindir) $(libstrongswan_pgp_la_OBJECTS) $(libstrongswan_pgp_la_LIBADD) $(LIBS) + $(libstrongswan_pgp_la_LINK) $(am_libstrongswan_pgp_la_rpath) $(libstrongswan_pgp_la_OBJECTS) $(libstrongswan_pgp_la_LIBADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) @@ -485,8 +499,8 @@ maintainer-clean-generic: @echo "it deletes files that may require special tools to rebuild." clean: clean-am -clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \ - mostlyclean-am +clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \ + clean-pluginLTLIBRARIES mostlyclean-am distclean: distclean-am -rm -rf ./$(DEPDIR) @@ -557,18 +571,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES .MAKE: install-am install-strip .PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ - clean-libtool clean-pluginLTLIBRARIES ctags distclean \ - distclean-compile distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-pluginLTLIBRARIES \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-pluginLTLIBRARIES + clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \ + ctags distclean distclean-compile distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-man install-pdf install-pdf-am \ + install-pluginLTLIBRARIES install-ps install-ps-am \ + install-strip installcheck installcheck-am installdirs \ + maintainer-clean maintainer-clean-generic mostlyclean \ + mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ + pdf pdf-am ps ps-am tags uninstall uninstall-am \ + uninstall-pluginLTLIBRARIES # Tell versions [3.59,3.63) of GNU make to not export all variables. diff --git a/src/libstrongswan/plugins/pgp/pgp_builder.c b/src/libstrongswan/plugins/pgp/pgp_builder.c index d262d18ff..84c9bfddd 100644 --- a/src/libstrongswan/plugins/pgp/pgp_builder.c +++ b/src/libstrongswan/plugins/pgp/pgp_builder.c @@ -41,7 +41,7 @@ static public_key_t *parse_public_key(chunk_t blob) BUILD_BLOB_PGP, blob, BUILD_END); break; default: - DBG1("PGP public key algorithm %N not supported", + DBG1(DBG_LIB, "PGP public key algorithm %N not supported", pgp_pubkey_alg_names, alg); return NULL; } @@ -90,12 +90,13 @@ static private_key_t *parse_rsa_private_key(chunk_t blob) } if (s2k == 255 || s2k == 254) { - DBG1("string-to-key specifiers not supported"); + DBG1(DBG_LIB, "string-to-key specifiers not supported"); return NULL; } if (s2k != PGP_SYM_ALG_PLAIN) { - DBG1("%N private key encryption not supported", pgp_sym_alg_names, s2k); + DBG1(DBG_LIB, "%N private key encryption not supported", + pgp_sym_alg_names, s2k); return NULL; } @@ -121,7 +122,7 @@ static private_key_t *parse_rsa_private_key(chunk_t blob) static bool sign_not_allowed(private_key_t *this, signature_scheme_t scheme, chunk_t data, chunk_t *signature) { - DBG1("signing failed - decryption only key"); + DBG1(DBG_LIB, "signing failed - decryption only key"); return FALSE; } @@ -131,7 +132,7 @@ static bool sign_not_allowed(private_key_t *this, signature_scheme_t scheme, static bool decrypt_not_allowed(private_key_t *this, chunk_t crypto, chunk_t *plain) { - DBG1("decryption failed - signature only key"); + DBG1(DBG_LIB, "decryption failed - signature only key"); return FALSE; } @@ -164,7 +165,7 @@ static private_key_t *parse_private_key(chunk_t blob) case 4: break; default: - DBG1("PGP packet version V%d not supported", version); + DBG1(DBG_LIB, "PGP packet version V%d not supported", version); return FALSE; } if (!pgp_read_scalar(&packet, 4, &created)) diff --git a/src/libstrongswan/plugins/pgp/pgp_cert.c b/src/libstrongswan/plugins/pgp/pgp_cert.c index fa2612285..cd04f3d1a 100644 --- a/src/libstrongswan/plugins/pgp/pgp_cert.c +++ b/src/libstrongswan/plugins/pgp/pgp_cert.c @@ -198,9 +198,9 @@ static bool is_newer(certificate_t *this, certificate_t *that) this->get_validity(this, &now, &this_update, NULL); that->get_validity(that, &now, &that_update, NULL); new = this_update > that_update; - DBG1(" certificate from %T is %s - existing certificate from %T %s", - &this_update, FALSE, new ? "newer":"not newer", - &that_update, FALSE, new ? "replaced":"retained"); + DBG1(DBG_LIB, " certificate from %T is %s - existing certificate" + " from %T %s", &this_update, FALSE, new ? "newer" : "not newer", + &that_update, FALSE, new ? "replaced" : "retained"); return new; } @@ -322,16 +322,18 @@ static bool parse_public_key(private_pgp_cert_t *this, chunk_t packet) } break; default: - DBG1("PGP packet version V%d not supported", this->version); + DBG1(DBG_LIB, "PGP packet version V%d not supported", + this->version); return FALSE; } if (this->valid) { - DBG2("L2 - created %T, valid %d days", &this->created, FALSE, this->valid); + DBG2(DBG_LIB, "L2 - created %T, valid %d days", &this->created, FALSE, + this->valid); } else { - DBG2("L2 - created %T, never expires", &this->created, FALSE); + DBG2(DBG_LIB, "L2 - created %T, never expires", &this->created, FALSE); } DESTROY_IF(this->key); this->key = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_ANY, @@ -352,13 +354,13 @@ static bool parse_public_key(private_pgp_cert_t *this, chunk_t packet) hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1); if (hasher == NULL) { - DBG1("no SHA-1 hasher available"); + DBG1(DBG_LIB, "no SHA-1 hasher available"); return FALSE; } hasher->allocate_hash(hasher, pubkey_packet_header, NULL); hasher->allocate_hash(hasher, pubkey_packet, &this->fingerprint); hasher->destroy(hasher); - DBG2("L2 - v4 fingerprint %#B", &this->fingerprint); + DBG2(DBG_LIB, "L2 - v4 fingerprint %#B", &this->fingerprint); } else { @@ -369,7 +371,7 @@ static bool parse_public_key(private_pgp_cert_t *this, chunk_t packet) return FALSE; } this->fingerprint = chunk_clone(this->fingerprint); - DBG2("L2 - v3 fingerprint %#B", &this->fingerprint); + DBG2(DBG_LIB, "L2 - v3 fingerprint %#B", &this->fingerprint); } return TRUE; } @@ -389,7 +391,7 @@ static bool parse_signature(private_pgp_cert_t *this, chunk_t packet) /* we parse only v3 or v4 signature packets */ if (version != 3 && version != 4) { - DBG2("L2 - v%d signature ignored", version); + DBG2(DBG_LIB, "L2 - v%d signature ignored", version); return TRUE; } if (version == 4) @@ -398,7 +400,7 @@ static bool parse_signature(private_pgp_cert_t *this, chunk_t packet) { return FALSE; } - DBG2("L2 - v%d signature of type 0x%02x", version, type); + DBG2(DBG_LIB, "L2 - v%d signature of type 0x%02x", version, type); } else { @@ -411,8 +413,8 @@ static bool parse_signature(private_pgp_cert_t *this, chunk_t packet) { return FALSE; } - DBG2("L2 - v3 signature of type 0x%02x, created %T", type, - &created, FALSE); + DBG2(DBG_LIB, "L2 - v3 signature of type 0x%02x, created %T", type, + &created, FALSE); } /* TODO: parse and save signature to a list */ return TRUE; @@ -425,7 +427,7 @@ static bool parse_user_id(private_pgp_cert_t *this, chunk_t packet) { DESTROY_IF(this->user_id); this->user_id = identification_create_from_encoding(ID_KEY_ID, packet); - DBG2("L2 - '%Y'", this->user_id); + DBG2(DBG_LIB, "L2 - '%Y'", this->user_id); return TRUE; } @@ -486,7 +488,7 @@ pgp_cert_t *pgp_cert_load(certificate_type_t type, va_list args) } break; default: - DBG1("ignoring %N packet in PGP certificate", + DBG1(DBG_LIB, "ignoring %N packet in PGP certificate", pgp_packet_tag_names, tag); break; } diff --git a/src/libstrongswan/plugins/pgp/pgp_encoder.c b/src/libstrongswan/plugins/pgp/pgp_encoder.c index 56acac597..d5c3df590 100644 --- a/src/libstrongswan/plugins/pgp/pgp_encoder.c +++ b/src/libstrongswan/plugins/pgp/pgp_encoder.c @@ -31,7 +31,8 @@ static bool build_v3_fingerprint(chunk_t *encoding, va_list args) hasher = lib->crypto->create_hasher(lib->crypto, HASH_MD5); if (!hasher) { - DBG1("MD5 hash algorithm not supported, PGP fingerprinting failed"); + DBG1(DBG_LIB, "MD5 hash algorithm not supported, PGP" + " fingerprinting failed"); return FALSE; } /* remove leading zero bytes before hashing modulus and exponent */ diff --git a/src/libstrongswan/plugins/pgp/pgp_plugin.c b/src/libstrongswan/plugins/pgp/pgp_plugin.c index eabb3695f..3ed1faf01 100644 --- a/src/libstrongswan/plugins/pgp/pgp_plugin.c +++ b/src/libstrongswan/plugins/pgp/pgp_plugin.c @@ -54,7 +54,7 @@ static void destroy(private_pgp_plugin_t *this) /* * see header file */ -plugin_t *plugin_create() +plugin_t *pgp_plugin_create() { private_pgp_plugin_t *this = malloc_thing(private_pgp_plugin_t); diff --git a/src/libstrongswan/plugins/pgp/pgp_plugin.h b/src/libstrongswan/plugins/pgp/pgp_plugin.h index 95765cd76..8a0ab89d6 100644 --- a/src/libstrongswan/plugins/pgp/pgp_plugin.h +++ b/src/libstrongswan/plugins/pgp/pgp_plugin.h @@ -39,9 +39,4 @@ struct pgp_plugin_t { plugin_t plugin; }; -/** - * Create a pgp_plugin instance. - */ -plugin_t *plugin_create(); - #endif /** PGP_PLUGIN_H_ @}*/ diff --git a/src/libstrongswan/plugins/pgp/pgp_utils.c b/src/libstrongswan/plugins/pgp/pgp_utils.c index 1658f3232..2d85cc0c8 100644 --- a/src/libstrongswan/plugins/pgp/pgp_utils.c +++ b/src/libstrongswan/plugins/pgp/pgp_utils.c @@ -79,7 +79,7 @@ bool pgp_read_scalar(chunk_t *blob, size_t bytes, u_int32_t *scalar) if (bytes > blob->len) { - DBG1("PGP data too short to read %d byte scalar", bytes); + DBG1(DBG_LIB, "PGP data too short to read %d byte scalar", bytes); return FALSE; } while (bytes-- > 0) @@ -100,13 +100,13 @@ bool pgp_read_mpi(chunk_t *blob, chunk_t *mpi) if (!pgp_read_scalar(blob, 2, &bits)) { - DBG1("PGP data too short to read MPI length"); + DBG1(DBG_LIB, "PGP data too short to read MPI length"); return FALSE; } bytes = (bits + 7) / 8; if (bytes > blob->len) { - DBG1("PGP data too short to read %d byte MPI", bytes); + DBG1(DBG_LIB, "PGP data too short to read %d byte MPI", bytes); return FALSE; } *mpi = chunk_create(blob->ptr, bytes); @@ -146,7 +146,7 @@ bool pgp_read_packet(chunk_t *blob, chunk_t *data, pgp_packet_tag_t *tag) if (!blob->len) { - DBG1("missing input"); + DBG1(DBG_LIB, "missing input"); return FALSE; } t = blob->ptr[0]; @@ -154,27 +154,27 @@ bool pgp_read_packet(chunk_t *blob, chunk_t *data, pgp_packet_tag_t *tag) /* bit 7 must be set */ if (!(t & 0x80)) { - DBG1("invalid packet tag"); + DBG1(DBG_LIB, "invalid packet tag"); return FALSE; } /* bit 6 set defines new packet format */ if (t & 0x40) { - DBG1("new PGP packet format not supported"); + DBG1(DBG_LIB, "new PGP packet format not supported"); return FALSE; } t = (t & 0x3C) >> 2; if (!pgp_old_packet_length(blob, &len) || len > blob->len) { - DBG1("invalid packet length"); + DBG1(DBG_LIB, "invalid packet length"); return FALSE; } *data = chunk_create(blob->ptr, len); *blob = chunk_skip(*blob, len); *tag = t; - DBG2("L1 - PGP %N (%u bytes)", pgp_packet_tag_names, t, len); - DBG3("%B", data); + DBG2(DBG_LIB, "L1 - PGP %N (%u bytes)", pgp_packet_tag_names, t, len); + DBG3(DBG_LIB, "%B", data); return TRUE; } diff --git a/src/libstrongswan/plugins/pkcs1/Makefile.am b/src/libstrongswan/plugins/pkcs1/Makefile.am index 88d25a26b..bd3203dae 100644 --- a/src/libstrongswan/plugins/pkcs1/Makefile.am +++ b/src/libstrongswan/plugins/pkcs1/Makefile.am @@ -3,11 +3,15 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic +if MONOLITHIC +noinst_LTLIBRARIES = libstrongswan-pkcs1.la +else plugin_LTLIBRARIES = libstrongswan-pkcs1.la +endif -libstrongswan_pkcs1_la_SOURCES = pkcs1_plugin.h pkcs1_plugin.c \ - pkcs1_encoder.h pkcs1_encoder.c \ - pkcs1_builder.h pkcs1_builder.c +libstrongswan_pkcs1_la_SOURCES = \ + pkcs1_plugin.h pkcs1_plugin.c \ + pkcs1_encoder.h pkcs1_encoder.c \ + pkcs1_builder.h pkcs1_builder.c libstrongswan_pkcs1_la_LDFLAGS = -module -avoid-version - diff --git a/src/libstrongswan/plugins/pkcs1/Makefile.in b/src/libstrongswan/plugins/pkcs1/Makefile.in index 4439cd60f..3fdcd0590 100644 --- a/src/libstrongswan/plugins/pkcs1/Makefile.in +++ b/src/libstrongswan/plugins/pkcs1/Makefile.in @@ -72,7 +72,7 @@ am__base_list = \ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' am__installdirs = "$(DESTDIR)$(plugindir)" -LTLIBRARIES = $(plugin_LTLIBRARIES) +LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES) libstrongswan_pkcs1_la_LIBADD = am_libstrongswan_pkcs1_la_OBJECTS = pkcs1_plugin.lo pkcs1_encoder.lo \ pkcs1_builder.lo @@ -80,6 +80,9 @@ libstrongswan_pkcs1_la_OBJECTS = $(am_libstrongswan_pkcs1_la_OBJECTS) libstrongswan_pkcs1_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(libstrongswan_pkcs1_la_LDFLAGS) $(LDFLAGS) -o $@ +@MONOLITHIC_FALSE@am_libstrongswan_pkcs1_la_rpath = -rpath \ +@MONOLITHIC_FALSE@ $(plugindir) +@MONOLITHIC_TRUE@am_libstrongswan_pkcs1_la_rpath = DEFAULT_INCLUDES = -I.@am__isrc@ depcomp = $(SHELL) $(top_srcdir)/depcomp am__depfiles_maybe = depfiles @@ -218,6 +221,7 @@ ipsecuid = @ipsecuid@ ipsecuser = @ipsecuser@ libdir = @libdir@ libexecdir = @libexecdir@ +libhydra_plugins = @libhydra_plugins@ libstrongswan_plugins = @libstrongswan_plugins@ linux_headers = @linux_headers@ localedir = @localedir@ @@ -254,10 +258,12 @@ xml_CFLAGS = @xml_CFLAGS@ xml_LIBS = @xml_LIBS@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic -plugin_LTLIBRARIES = libstrongswan-pkcs1.la -libstrongswan_pkcs1_la_SOURCES = pkcs1_plugin.h pkcs1_plugin.c \ - pkcs1_encoder.h pkcs1_encoder.c \ - pkcs1_builder.h pkcs1_builder.c +@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-pkcs1.la +@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-pkcs1.la +libstrongswan_pkcs1_la_SOURCES = \ + pkcs1_plugin.h pkcs1_plugin.c \ + pkcs1_encoder.h pkcs1_encoder.c \ + pkcs1_builder.h pkcs1_builder.c libstrongswan_pkcs1_la_LDFLAGS = -module -avoid-version all: all-am @@ -294,6 +300,15 @@ $(top_srcdir)/configure: $(am__configure_deps) $(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(am__aclocal_m4_deps): + +clean-noinstLTLIBRARIES: + -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES) + @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES) @$(NORMAL_INSTALL) test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)" @@ -326,7 +341,7 @@ clean-pluginLTLIBRARIES: rm -f "$${dir}/so_locations"; \ done libstrongswan-pkcs1.la: $(libstrongswan_pkcs1_la_OBJECTS) $(libstrongswan_pkcs1_la_DEPENDENCIES) - $(libstrongswan_pkcs1_la_LINK) -rpath $(plugindir) $(libstrongswan_pkcs1_la_OBJECTS) $(libstrongswan_pkcs1_la_LIBADD) $(LIBS) + $(libstrongswan_pkcs1_la_LINK) $(am_libstrongswan_pkcs1_la_rpath) $(libstrongswan_pkcs1_la_OBJECTS) $(libstrongswan_pkcs1_la_LIBADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) @@ -481,8 +496,8 @@ maintainer-clean-generic: @echo "it deletes files that may require special tools to rebuild." clean: clean-am -clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \ - mostlyclean-am +clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \ + clean-pluginLTLIBRARIES mostlyclean-am distclean: distclean-am -rm -rf ./$(DEPDIR) @@ -553,18 +568,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES .MAKE: install-am install-strip .PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ - clean-libtool clean-pluginLTLIBRARIES ctags distclean \ - distclean-compile distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-pluginLTLIBRARIES \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-pluginLTLIBRARIES + clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \ + ctags distclean distclean-compile distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-man install-pdf install-pdf-am \ + install-pluginLTLIBRARIES install-ps install-ps-am \ + install-strip installcheck installcheck-am installdirs \ + maintainer-clean maintainer-clean-generic mostlyclean \ + mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ + pdf pdf-am ps ps-am tags uninstall uninstall-am \ + uninstall-pluginLTLIBRARIES # Tell versions [3.59,3.63) of GNU make to not export all variables. diff --git a/src/libstrongswan/plugins/pkcs1/pkcs1_builder.c b/src/libstrongswan/plugins/pkcs1/pkcs1_builder.c index fbd35e830..88c848899 100644 --- a/src/libstrongswan/plugins/pkcs1/pkcs1_builder.c +++ b/src/libstrongswan/plugins/pkcs1/pkcs1_builder.c @@ -81,10 +81,10 @@ static public_key_t *parse_public_key(chunk_t blob) /* skip initial bit string octet defining 0 unused bits */ object = chunk_skip(object, 1); } - DBG2("-- > --"); + DBG2(DBG_LIB, "-- > --"); key = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, type, BUILD_BLOB_ASN1_DER, object, BUILD_END); - DBG2("-- < --"); + DBG2(DBG_LIB, "-- < --"); break; } } @@ -197,7 +197,7 @@ static private_key_t *parse_rsa_private_key(chunk_t blob) case PRIV_KEY_VERSION: if (object.len > 0 && *object.ptr != 0) { - DBG1("PKCS#1 private key format is not version 1"); + DBG1(DBG_LIB, "PKCS#1 private key format is not version 1"); goto end; } break; diff --git a/src/libstrongswan/plugins/pkcs1/pkcs1_builder.h b/src/libstrongswan/plugins/pkcs1/pkcs1_builder.h index 62ca9f351..9f251833e 100644 --- a/src/libstrongswan/plugins/pkcs1/pkcs1_builder.h +++ b/src/libstrongswan/plugins/pkcs1/pkcs1_builder.h @@ -14,7 +14,7 @@ */ /** - * @defgroup pkcs1_public_key pkcs1_public_key + * @defgroup pkcs1_builder pkcs1_builder * @{ @ingroup pkcs1 */ diff --git a/src/libstrongswan/plugins/pkcs1/pkcs1_encoder.c b/src/libstrongswan/plugins/pkcs1/pkcs1_encoder.c index 0a8da815a..e46062d97 100644 --- a/src/libstrongswan/plugins/pkcs1/pkcs1_encoder.c +++ b/src/libstrongswan/plugins/pkcs1/pkcs1_encoder.c @@ -97,7 +97,8 @@ static bool hash_pubkey(chunk_t pubkey, chunk_t *hash) if (hasher == NULL) { chunk_free(&pubkey); - DBG1("SHA1 hash algorithm not supported, fingerprinting failed"); + DBG1(DBG_LIB, "SHA1 hash algorithm not supported, " + "fingerprinting failed"); return FALSE; } hasher->allocate_hash(hasher, pubkey, hash); diff --git a/src/libstrongswan/plugins/pkcs1/pkcs1_plugin.c b/src/libstrongswan/plugins/pkcs1/pkcs1_plugin.c index 9d71e1388..35ec2d2bf 100644 --- a/src/libstrongswan/plugins/pkcs1/pkcs1_plugin.c +++ b/src/libstrongswan/plugins/pkcs1/pkcs1_plugin.c @@ -50,7 +50,7 @@ static void destroy(private_pkcs1_plugin_t *this) /* * see header file */ -plugin_t *plugin_create() +plugin_t *pkcs1_plugin_create() { private_pkcs1_plugin_t *this = malloc_thing(private_pkcs1_plugin_t); diff --git a/src/libstrongswan/plugins/pkcs1/pkcs1_plugin.h b/src/libstrongswan/plugins/pkcs1/pkcs1_plugin.h index 465c7ef2c..588bde559 100644 --- a/src/libstrongswan/plugins/pkcs1/pkcs1_plugin.h +++ b/src/libstrongswan/plugins/pkcs1/pkcs1_plugin.h @@ -39,9 +39,4 @@ struct pkcs1_plugin_t { plugin_t plugin; }; -/** - * Create a pkcs1_plugin instance. - */ -plugin_t *plugin_create(); - #endif /** PKCS1_PLUGIN_H_ @}*/ diff --git a/src/libstrongswan/plugins/plugin.h b/src/libstrongswan/plugins/plugin.h index 28c800c0c..6d8a370fb 100644 --- a/src/libstrongswan/plugins/plugin.h +++ b/src/libstrongswan/plugins/plugin.h @@ -38,9 +38,9 @@ struct plugin_t { /** * Plugin constructor function definiton. * - * Each plugin has a constructor functions. This function is called on daemon + * Each plugin has a constructor function. This function is called on daemon * startup to initialize each plugin. - * The plugin function is named plugin_create(). + * The plugin function is named plugin_name_plugin_create(). * * @return plugin_t instance */ diff --git a/src/libstrongswan/plugins/plugin_loader.c b/src/libstrongswan/plugins/plugin_loader.c index d4513f25a..cad279a9d 100644 --- a/src/libstrongswan/plugins/plugin_loader.c +++ b/src/libstrongswan/plugins/plugin_loader.c @@ -1,4 +1,5 @@ /* + * Copyright (C) 2010 Tobias Brunner * Copyright (C) 2007 Martin Willi * Hochschule fuer Technik Rapperswil * @@ -49,37 +50,83 @@ struct private_plugin_loader_t { linked_list_t *names; }; +#ifdef MONOLITHIC +/** + * load a single plugin in monolithic mode + */ +static plugin_t* load_plugin(private_plugin_loader_t *this, + char *path, char *name) +{ + char create[128]; + plugin_t *plugin; + plugin_constructor_t constructor; + + if (snprintf(create, sizeof(create), "%s_plugin_create", + name) >= sizeof(create)) + { + return NULL; + } + translate(create, "-", "_"); + constructor = dlsym(RTLD_DEFAULT, create); + if (constructor == NULL) + { + DBG1(DBG_LIB, "plugin '%s': failed to load - %s not found", name, + create); + return NULL; + } + plugin = constructor(); + if (plugin == NULL) + { + DBG1(DBG_LIB, "plugin '%s': failed to load - %s returned NULL", name, + create); + return NULL; + } + DBG2(DBG_LIB, "plugin '%s': loaded successfully", name); + + return plugin; +} +#else /** * load a single plugin */ static plugin_t* load_plugin(private_plugin_loader_t *this, char *path, char *name) { + char create[128]; char file[PATH_MAX]; void *handle; plugin_t *plugin; plugin_constructor_t constructor; - snprintf(file, sizeof(file), "%s/libstrongswan-%s.so", path, name); - + if (snprintf(file, sizeof(file), "%s/libstrongswan-%s.so", path, + name) >= sizeof(file) || + snprintf(create, sizeof(create), "%s_plugin_create", + name) >= sizeof(create)) + { + return NULL; + } + translate(create, "-", "_"); if (lib->integrity) { if (!lib->integrity->check_file(lib->integrity, name, file)) { - DBG1("plugin '%s': failed file integrity test of '%s'", name, file); + DBG1(DBG_LIB, "plugin '%s': failed file integrity test of '%s'", + name, file); return NULL; } } handle = dlopen(file, RTLD_LAZY); if (handle == NULL) { - DBG1("plugin '%s': failed to load '%s' - %s", name, file, dlerror()); + DBG1(DBG_LIB, "plugin '%s': failed to load '%s' - %s", name, file, + dlerror()); return NULL; } - constructor = dlsym(handle, "plugin_create"); + constructor = dlsym(handle, create); if (constructor == NULL) { - DBG1("plugin '%s': failed to load - no plugin_create() function", name); + DBG1(DBG_LIB, "plugin '%s': failed to load - %s not found", name, + create); dlclose(handle); return NULL; } @@ -87,25 +134,28 @@ static plugin_t* load_plugin(private_plugin_loader_t *this, { if (!lib->integrity->check_segment(lib->integrity, name, constructor)) { - DBG1("plugin '%s': failed segment integrity test", name); + DBG1(DBG_LIB, "plugin '%s': failed segment integrity test", name); dlclose(handle); return NULL; } - DBG1("plugin '%s': passed file and segment integrity tests", name); + DBG1(DBG_LIB, "plugin '%s': passed file and segment integrity tests", + name); } plugin = constructor(); if (plugin == NULL) { - DBG1("plugin '%s': failed to load - plugin_create() returned NULL", name); + DBG1(DBG_LIB, "plugin '%s': failed to load - %s returned NULL", name, + create); dlclose(handle); return NULL; } - DBG2("plugin '%s': loaded successfully", name); + DBG2(DBG_LIB, "plugin '%s': loaded successfully", name); /* we do not store or free dlopen() handles, leak_detective requires * the modules to keep loaded until leak report */ return plugin; } +#endif /** * Implementation of plugin_loader_t.load_plugins. @@ -116,10 +166,12 @@ static bool load(private_plugin_loader_t *this, char *path, char *list) char *token; bool critical_failed = FALSE; +#ifndef MONOLITHIC if (path == NULL) { path = PLUGINDIR; } +#endif enumerator = enumerator_create_token(list, " ", " "); while (!critical_failed && enumerator->enumerate(enumerator, &token)) @@ -147,7 +199,7 @@ static bool load(private_plugin_loader_t *this, char *path, char *list) if (critical) { critical_failed = TRUE; - DBG1("loading critical plugin '%s' failed", token); + DBG1(DBG_LIB, "loading critical plugin '%s' failed", token); } free(token); } diff --git a/src/libstrongswan/plugins/pubkey/Makefile.am b/src/libstrongswan/plugins/pubkey/Makefile.am index 770d77325..c2974a585 100644 --- a/src/libstrongswan/plugins/pubkey/Makefile.am +++ b/src/libstrongswan/plugins/pubkey/Makefile.am @@ -3,10 +3,14 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic +if MONOLITHIC +noinst_LTLIBRARIES = libstrongswan-pubkey.la +else plugin_LTLIBRARIES = libstrongswan-pubkey.la +endif -libstrongswan_pubkey_la_SOURCES = pubkey_plugin.h pubkey_plugin.c \ - pubkey_cert.h pubkey_cert.c +libstrongswan_pubkey_la_SOURCES = \ + pubkey_plugin.h pubkey_plugin.c \ + pubkey_cert.h pubkey_cert.c libstrongswan_pubkey_la_LDFLAGS = -module -avoid-version - diff --git a/src/libstrongswan/plugins/pubkey/Makefile.in b/src/libstrongswan/plugins/pubkey/Makefile.in index f95e7b357..5fe3d58f1 100644 --- a/src/libstrongswan/plugins/pubkey/Makefile.in +++ b/src/libstrongswan/plugins/pubkey/Makefile.in @@ -72,7 +72,7 @@ am__base_list = \ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' am__installdirs = "$(DESTDIR)$(plugindir)" -LTLIBRARIES = $(plugin_LTLIBRARIES) +LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES) libstrongswan_pubkey_la_LIBADD = am_libstrongswan_pubkey_la_OBJECTS = pubkey_plugin.lo pubkey_cert.lo libstrongswan_pubkey_la_OBJECTS = \ @@ -80,6 +80,9 @@ libstrongswan_pubkey_la_OBJECTS = \ libstrongswan_pubkey_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(libstrongswan_pubkey_la_LDFLAGS) $(LDFLAGS) -o $@ +@MONOLITHIC_FALSE@am_libstrongswan_pubkey_la_rpath = -rpath \ +@MONOLITHIC_FALSE@ $(plugindir) +@MONOLITHIC_TRUE@am_libstrongswan_pubkey_la_rpath = DEFAULT_INCLUDES = -I.@am__isrc@ depcomp = $(SHELL) $(top_srcdir)/depcomp am__depfiles_maybe = depfiles @@ -218,6 +221,7 @@ ipsecuid = @ipsecuid@ ipsecuser = @ipsecuser@ libdir = @libdir@ libexecdir = @libexecdir@ +libhydra_plugins = @libhydra_plugins@ libstrongswan_plugins = @libstrongswan_plugins@ linux_headers = @linux_headers@ localedir = @localedir@ @@ -254,9 +258,11 @@ xml_CFLAGS = @xml_CFLAGS@ xml_LIBS = @xml_LIBS@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic -plugin_LTLIBRARIES = libstrongswan-pubkey.la -libstrongswan_pubkey_la_SOURCES = pubkey_plugin.h pubkey_plugin.c \ - pubkey_cert.h pubkey_cert.c +@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-pubkey.la +@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-pubkey.la +libstrongswan_pubkey_la_SOURCES = \ + pubkey_plugin.h pubkey_plugin.c \ + pubkey_cert.h pubkey_cert.c libstrongswan_pubkey_la_LDFLAGS = -module -avoid-version all: all-am @@ -293,6 +299,15 @@ $(top_srcdir)/configure: $(am__configure_deps) $(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(am__aclocal_m4_deps): + +clean-noinstLTLIBRARIES: + -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES) + @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES) @$(NORMAL_INSTALL) test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)" @@ -325,7 +340,7 @@ clean-pluginLTLIBRARIES: rm -f "$${dir}/so_locations"; \ done libstrongswan-pubkey.la: $(libstrongswan_pubkey_la_OBJECTS) $(libstrongswan_pubkey_la_DEPENDENCIES) - $(libstrongswan_pubkey_la_LINK) -rpath $(plugindir) $(libstrongswan_pubkey_la_OBJECTS) $(libstrongswan_pubkey_la_LIBADD) $(LIBS) + $(libstrongswan_pubkey_la_LINK) $(am_libstrongswan_pubkey_la_rpath) $(libstrongswan_pubkey_la_OBJECTS) $(libstrongswan_pubkey_la_LIBADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) @@ -479,8 +494,8 @@ maintainer-clean-generic: @echo "it deletes files that may require special tools to rebuild." clean: clean-am -clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \ - mostlyclean-am +clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \ + clean-pluginLTLIBRARIES mostlyclean-am distclean: distclean-am -rm -rf ./$(DEPDIR) @@ -551,18 +566,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES .MAKE: install-am install-strip .PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ - clean-libtool clean-pluginLTLIBRARIES ctags distclean \ - distclean-compile distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-pluginLTLIBRARIES \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-pluginLTLIBRARIES + clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \ + ctags distclean distclean-compile distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-man install-pdf install-pdf-am \ + install-pluginLTLIBRARIES install-ps install-ps-am \ + install-strip installcheck installcheck-am installdirs \ + maintainer-clean maintainer-clean-generic mostlyclean \ + mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ + pdf pdf-am ps ps-am tags uninstall uninstall-am \ + uninstall-pluginLTLIBRARIES # Tell versions [3.59,3.63) of GNU make to not export all variables. diff --git a/src/libstrongswan/plugins/pubkey/pubkey_plugin.c b/src/libstrongswan/plugins/pubkey/pubkey_plugin.c index ad84eed99..b0eabc9ee 100644 --- a/src/libstrongswan/plugins/pubkey/pubkey_plugin.c +++ b/src/libstrongswan/plugins/pubkey/pubkey_plugin.c @@ -44,7 +44,7 @@ static void destroy(private_pubkey_plugin_t *this) /* * see header file */ -plugin_t *plugin_create() +plugin_t *pubkey_plugin_create() { private_pubkey_plugin_t *this = malloc_thing(private_pubkey_plugin_t); diff --git a/src/libstrongswan/plugins/pubkey/pubkey_plugin.h b/src/libstrongswan/plugins/pubkey/pubkey_plugin.h index a3fd2f155..db71bddc0 100644 --- a/src/libstrongswan/plugins/pubkey/pubkey_plugin.h +++ b/src/libstrongswan/plugins/pubkey/pubkey_plugin.h @@ -39,9 +39,4 @@ struct pubkey_plugin_t { plugin_t plugin; }; -/** - * Create a pubkey_plugin instance. - */ -plugin_t *plugin_create(); - #endif /** PUBKEY_PLUGIN_H_ @}*/ diff --git a/src/libstrongswan/plugins/random/Makefile.am b/src/libstrongswan/plugins/random/Makefile.am index 7c2283ae7..5df992718 100644 --- a/src/libstrongswan/plugins/random/Makefile.am +++ b/src/libstrongswan/plugins/random/Makefile.am @@ -5,9 +5,14 @@ AM_CFLAGS = -rdynamic \ -DDEV_RANDOM=\"${random_device}\" \ -DDEV_URANDOM=\"${urandom_device}\" +if MONOLITHIC +noinst_LTLIBRARIES = libstrongswan-random.la +else plugin_LTLIBRARIES = libstrongswan-random.la +endif -libstrongswan_random_la_SOURCES = random_plugin.h random_plugin.c \ - random_rng.c random_rng.h -libstrongswan_random_la_LDFLAGS = -module -avoid-version +libstrongswan_random_la_SOURCES = \ + random_plugin.h random_plugin.c \ + random_rng.c random_rng.h +libstrongswan_random_la_LDFLAGS = -module -avoid-version diff --git a/src/libstrongswan/plugins/random/Makefile.in b/src/libstrongswan/plugins/random/Makefile.in index 355ab14bc..27360aa8c 100644 --- a/src/libstrongswan/plugins/random/Makefile.in +++ b/src/libstrongswan/plugins/random/Makefile.in @@ -72,7 +72,7 @@ am__base_list = \ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' am__installdirs = "$(DESTDIR)$(plugindir)" -LTLIBRARIES = $(plugin_LTLIBRARIES) +LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES) libstrongswan_random_la_LIBADD = am_libstrongswan_random_la_OBJECTS = random_plugin.lo random_rng.lo libstrongswan_random_la_OBJECTS = \ @@ -80,6 +80,9 @@ libstrongswan_random_la_OBJECTS = \ libstrongswan_random_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(libstrongswan_random_la_LDFLAGS) $(LDFLAGS) -o $@ +@MONOLITHIC_FALSE@am_libstrongswan_random_la_rpath = -rpath \ +@MONOLITHIC_FALSE@ $(plugindir) +@MONOLITHIC_TRUE@am_libstrongswan_random_la_rpath = DEFAULT_INCLUDES = -I.@am__isrc@ depcomp = $(SHELL) $(top_srcdir)/depcomp am__depfiles_maybe = depfiles @@ -218,6 +221,7 @@ ipsecuid = @ipsecuid@ ipsecuser = @ipsecuser@ libdir = @libdir@ libexecdir = @libexecdir@ +libhydra_plugins = @libhydra_plugins@ libstrongswan_plugins = @libstrongswan_plugins@ linux_headers = @linux_headers@ localedir = @localedir@ @@ -257,9 +261,11 @@ AM_CFLAGS = -rdynamic \ -DDEV_RANDOM=\"${random_device}\" \ -DDEV_URANDOM=\"${urandom_device}\" -plugin_LTLIBRARIES = libstrongswan-random.la -libstrongswan_random_la_SOURCES = random_plugin.h random_plugin.c \ - random_rng.c random_rng.h +@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-random.la +@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-random.la +libstrongswan_random_la_SOURCES = \ + random_plugin.h random_plugin.c \ + random_rng.c random_rng.h libstrongswan_random_la_LDFLAGS = -module -avoid-version all: all-am @@ -296,6 +302,15 @@ $(top_srcdir)/configure: $(am__configure_deps) $(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(am__aclocal_m4_deps): + +clean-noinstLTLIBRARIES: + -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES) + @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES) @$(NORMAL_INSTALL) test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)" @@ -328,7 +343,7 @@ clean-pluginLTLIBRARIES: rm -f "$${dir}/so_locations"; \ done libstrongswan-random.la: $(libstrongswan_random_la_OBJECTS) $(libstrongswan_random_la_DEPENDENCIES) - $(libstrongswan_random_la_LINK) -rpath $(plugindir) $(libstrongswan_random_la_OBJECTS) $(libstrongswan_random_la_LIBADD) $(LIBS) + $(libstrongswan_random_la_LINK) $(am_libstrongswan_random_la_rpath) $(libstrongswan_random_la_OBJECTS) $(libstrongswan_random_la_LIBADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) @@ -482,8 +497,8 @@ maintainer-clean-generic: @echo "it deletes files that may require special tools to rebuild." clean: clean-am -clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \ - mostlyclean-am +clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \ + clean-pluginLTLIBRARIES mostlyclean-am distclean: distclean-am -rm -rf ./$(DEPDIR) @@ -554,18 +569,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES .MAKE: install-am install-strip .PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ - clean-libtool clean-pluginLTLIBRARIES ctags distclean \ - distclean-compile distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-pluginLTLIBRARIES \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-pluginLTLIBRARIES + clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \ + ctags distclean distclean-compile distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-man install-pdf install-pdf-am \ + install-pluginLTLIBRARIES install-ps install-ps-am \ + install-strip installcheck installcheck-am installdirs \ + maintainer-clean maintainer-clean-generic mostlyclean \ + mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ + pdf pdf-am ps ps-am tags uninstall uninstall-am \ + uninstall-pluginLTLIBRARIES # Tell versions [3.59,3.63) of GNU make to not export all variables. diff --git a/src/libstrongswan/plugins/random/random_plugin.c b/src/libstrongswan/plugins/random/random_plugin.c index df0a8f556..39678ba71 100644 --- a/src/libstrongswan/plugins/random/random_plugin.c +++ b/src/libstrongswan/plugins/random/random_plugin.c @@ -44,7 +44,7 @@ static void destroy(private_random_plugin_t *this) /* * see header file */ -plugin_t *plugin_create() +plugin_t *random_plugin_create() { private_random_plugin_t *this = malloc_thing(private_random_plugin_t); diff --git a/src/libstrongswan/plugins/random/random_plugin.h b/src/libstrongswan/plugins/random/random_plugin.h index 6ce0f71be..7e22c3e5f 100644 --- a/src/libstrongswan/plugins/random/random_plugin.h +++ b/src/libstrongswan/plugins/random/random_plugin.h @@ -39,9 +39,4 @@ struct random_plugin_t { plugin_t plugin; }; -/** - * Create a random_plugin instance. - */ -plugin_t *plugin_create(); - #endif /** RANDOM_PLUGIN_H_ @}*/ diff --git a/src/libstrongswan/plugins/random/random_rng.c b/src/libstrongswan/plugins/random/random_rng.c index 34f300296..b09f3f57a 100644 --- a/src/libstrongswan/plugins/random/random_rng.c +++ b/src/libstrongswan/plugins/random/random_rng.c @@ -71,7 +71,7 @@ static void get_bytes(private_random_rng_t *this, size_t bytes, got = read(this->dev, buffer + done, bytes - done); if (got <= 0) { - DBG1("reading from \"%s\" failed: %s, retrying...", + DBG1(DBG_LIB, "reading from \"%s\" failed: %s, retrying...", this->file, strerror(errno)); close(this->dev); sleep(1); @@ -124,7 +124,7 @@ random_rng_t *random_rng_create(rng_quality_t quality) this->dev = open(this->file, 0); if (this->dev < 0) { - DBG1("opening \"%s\" failed: %s", this->file, strerror(errno)); + DBG1(DBG_LIB, "opening \"%s\" failed: %s", this->file, strerror(errno)); free(this); return NULL; } diff --git a/src/libstrongswan/plugins/sha1/Makefile.am b/src/libstrongswan/plugins/sha1/Makefile.am index ead51a45a..4e539fd83 100644 --- a/src/libstrongswan/plugins/sha1/Makefile.am +++ b/src/libstrongswan/plugins/sha1/Makefile.am @@ -3,9 +3,14 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic +if MONOLITHIC +noinst_LTLIBRARIES = libstrongswan-sha1.la +else plugin_LTLIBRARIES = libstrongswan-sha1.la +endif -libstrongswan_sha1_la_SOURCES = sha1_plugin.h sha1_plugin.c \ +libstrongswan_sha1_la_SOURCES = \ + sha1_plugin.h sha1_plugin.c \ sha1_hasher.c sha1_hasher.h sha1_prf.c sha1_prf.h -libstrongswan_sha1_la_LDFLAGS = -module -avoid-version +libstrongswan_sha1_la_LDFLAGS = -module -avoid-version diff --git a/src/libstrongswan/plugins/sha1/Makefile.in b/src/libstrongswan/plugins/sha1/Makefile.in index 4f08b882c..dacb5be4b 100644 --- a/src/libstrongswan/plugins/sha1/Makefile.in +++ b/src/libstrongswan/plugins/sha1/Makefile.in @@ -72,7 +72,7 @@ am__base_list = \ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' am__installdirs = "$(DESTDIR)$(plugindir)" -LTLIBRARIES = $(plugin_LTLIBRARIES) +LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES) libstrongswan_sha1_la_LIBADD = am_libstrongswan_sha1_la_OBJECTS = sha1_plugin.lo sha1_hasher.lo \ sha1_prf.lo @@ -80,6 +80,8 @@ libstrongswan_sha1_la_OBJECTS = $(am_libstrongswan_sha1_la_OBJECTS) libstrongswan_sha1_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(libstrongswan_sha1_la_LDFLAGS) $(LDFLAGS) -o $@ +@MONOLITHIC_FALSE@am_libstrongswan_sha1_la_rpath = -rpath $(plugindir) +@MONOLITHIC_TRUE@am_libstrongswan_sha1_la_rpath = DEFAULT_INCLUDES = -I.@am__isrc@ depcomp = $(SHELL) $(top_srcdir)/depcomp am__depfiles_maybe = depfiles @@ -218,6 +220,7 @@ ipsecuid = @ipsecuid@ ipsecuser = @ipsecuser@ libdir = @libdir@ libexecdir = @libexecdir@ +libhydra_plugins = @libhydra_plugins@ libstrongswan_plugins = @libstrongswan_plugins@ linux_headers = @linux_headers@ localedir = @localedir@ @@ -254,8 +257,10 @@ xml_CFLAGS = @xml_CFLAGS@ xml_LIBS = @xml_LIBS@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic -plugin_LTLIBRARIES = libstrongswan-sha1.la -libstrongswan_sha1_la_SOURCES = sha1_plugin.h sha1_plugin.c \ +@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-sha1.la +@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-sha1.la +libstrongswan_sha1_la_SOURCES = \ + sha1_plugin.h sha1_plugin.c \ sha1_hasher.c sha1_hasher.h sha1_prf.c sha1_prf.h libstrongswan_sha1_la_LDFLAGS = -module -avoid-version @@ -293,6 +298,15 @@ $(top_srcdir)/configure: $(am__configure_deps) $(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(am__aclocal_m4_deps): + +clean-noinstLTLIBRARIES: + -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES) + @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES) @$(NORMAL_INSTALL) test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)" @@ -325,7 +339,7 @@ clean-pluginLTLIBRARIES: rm -f "$${dir}/so_locations"; \ done libstrongswan-sha1.la: $(libstrongswan_sha1_la_OBJECTS) $(libstrongswan_sha1_la_DEPENDENCIES) - $(libstrongswan_sha1_la_LINK) -rpath $(plugindir) $(libstrongswan_sha1_la_OBJECTS) $(libstrongswan_sha1_la_LIBADD) $(LIBS) + $(libstrongswan_sha1_la_LINK) $(am_libstrongswan_sha1_la_rpath) $(libstrongswan_sha1_la_OBJECTS) $(libstrongswan_sha1_la_LIBADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) @@ -480,8 +494,8 @@ maintainer-clean-generic: @echo "it deletes files that may require special tools to rebuild." clean: clean-am -clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \ - mostlyclean-am +clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \ + clean-pluginLTLIBRARIES mostlyclean-am distclean: distclean-am -rm -rf ./$(DEPDIR) @@ -552,18 +566,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES .MAKE: install-am install-strip .PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ - clean-libtool clean-pluginLTLIBRARIES ctags distclean \ - distclean-compile distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-pluginLTLIBRARIES \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-pluginLTLIBRARIES + clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \ + ctags distclean distclean-compile distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-man install-pdf install-pdf-am \ + install-pluginLTLIBRARIES install-ps install-ps-am \ + install-strip installcheck installcheck-am installdirs \ + maintainer-clean maintainer-clean-generic mostlyclean \ + mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ + pdf pdf-am ps ps-am tags uninstall uninstall-am \ + uninstall-pluginLTLIBRARIES # Tell versions [3.59,3.63) of GNU make to not export all variables. diff --git a/src/libstrongswan/plugins/sha1/sha1_plugin.c b/src/libstrongswan/plugins/sha1/sha1_plugin.c index a038228da..7b9cf878f 100644 --- a/src/libstrongswan/plugins/sha1/sha1_plugin.c +++ b/src/libstrongswan/plugins/sha1/sha1_plugin.c @@ -47,7 +47,7 @@ static void destroy(private_sha1_plugin_t *this) /* * see header file */ -plugin_t *plugin_create() +plugin_t *sha1_plugin_create() { private_sha1_plugin_t *this = malloc_thing(private_sha1_plugin_t); diff --git a/src/libstrongswan/plugins/sha1/sha1_plugin.h b/src/libstrongswan/plugins/sha1/sha1_plugin.h index 36b12b91e..cd1ff615d 100644 --- a/src/libstrongswan/plugins/sha1/sha1_plugin.h +++ b/src/libstrongswan/plugins/sha1/sha1_plugin.h @@ -39,9 +39,4 @@ struct sha1_plugin_t { plugin_t plugin; }; -/** - * Create a sha1_plugin instance. - */ -plugin_t *plugin_create(); - #endif /** SHA1_PLUGIN_H_ @}*/ diff --git a/src/libstrongswan/plugins/sha2/Makefile.am b/src/libstrongswan/plugins/sha2/Makefile.am index 5422e1d4e..a255d0609 100644 --- a/src/libstrongswan/plugins/sha2/Makefile.am +++ b/src/libstrongswan/plugins/sha2/Makefile.am @@ -3,8 +3,13 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic +if MONOLITHIC +noinst_LTLIBRARIES = libstrongswan-sha2.la +else plugin_LTLIBRARIES = libstrongswan-sha2.la +endif -libstrongswan_sha2_la_SOURCES = sha2_plugin.h sha2_plugin.c sha2_hasher.c sha2_hasher.h -libstrongswan_sha2_la_LDFLAGS = -module -avoid-version +libstrongswan_sha2_la_SOURCES = \ + sha2_plugin.h sha2_plugin.c sha2_hasher.c sha2_hasher.h +libstrongswan_sha2_la_LDFLAGS = -module -avoid-version diff --git a/src/libstrongswan/plugins/sha2/Makefile.in b/src/libstrongswan/plugins/sha2/Makefile.in index e4ea58094..6db4374c8 100644 --- a/src/libstrongswan/plugins/sha2/Makefile.in +++ b/src/libstrongswan/plugins/sha2/Makefile.in @@ -72,13 +72,15 @@ am__base_list = \ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' am__installdirs = "$(DESTDIR)$(plugindir)" -LTLIBRARIES = $(plugin_LTLIBRARIES) +LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES) libstrongswan_sha2_la_LIBADD = am_libstrongswan_sha2_la_OBJECTS = sha2_plugin.lo sha2_hasher.lo libstrongswan_sha2_la_OBJECTS = $(am_libstrongswan_sha2_la_OBJECTS) libstrongswan_sha2_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(libstrongswan_sha2_la_LDFLAGS) $(LDFLAGS) -o $@ +@MONOLITHIC_FALSE@am_libstrongswan_sha2_la_rpath = -rpath $(plugindir) +@MONOLITHIC_TRUE@am_libstrongswan_sha2_la_rpath = DEFAULT_INCLUDES = -I.@am__isrc@ depcomp = $(SHELL) $(top_srcdir)/depcomp am__depfiles_maybe = depfiles @@ -217,6 +219,7 @@ ipsecuid = @ipsecuid@ ipsecuser = @ipsecuser@ libdir = @libdir@ libexecdir = @libexecdir@ +libhydra_plugins = @libhydra_plugins@ libstrongswan_plugins = @libstrongswan_plugins@ linux_headers = @linux_headers@ localedir = @localedir@ @@ -253,8 +256,11 @@ xml_CFLAGS = @xml_CFLAGS@ xml_LIBS = @xml_LIBS@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic -plugin_LTLIBRARIES = libstrongswan-sha2.la -libstrongswan_sha2_la_SOURCES = sha2_plugin.h sha2_plugin.c sha2_hasher.c sha2_hasher.h +@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-sha2.la +@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-sha2.la +libstrongswan_sha2_la_SOURCES = \ + sha2_plugin.h sha2_plugin.c sha2_hasher.c sha2_hasher.h + libstrongswan_sha2_la_LDFLAGS = -module -avoid-version all: all-am @@ -290,6 +296,15 @@ $(top_srcdir)/configure: $(am__configure_deps) $(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(am__aclocal_m4_deps): + +clean-noinstLTLIBRARIES: + -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES) + @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES) @$(NORMAL_INSTALL) test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)" @@ -322,7 +337,7 @@ clean-pluginLTLIBRARIES: rm -f "$${dir}/so_locations"; \ done libstrongswan-sha2.la: $(libstrongswan_sha2_la_OBJECTS) $(libstrongswan_sha2_la_DEPENDENCIES) - $(libstrongswan_sha2_la_LINK) -rpath $(plugindir) $(libstrongswan_sha2_la_OBJECTS) $(libstrongswan_sha2_la_LIBADD) $(LIBS) + $(libstrongswan_sha2_la_LINK) $(am_libstrongswan_sha2_la_rpath) $(libstrongswan_sha2_la_OBJECTS) $(libstrongswan_sha2_la_LIBADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) @@ -476,8 +491,8 @@ maintainer-clean-generic: @echo "it deletes files that may require special tools to rebuild." clean: clean-am -clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \ - mostlyclean-am +clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \ + clean-pluginLTLIBRARIES mostlyclean-am distclean: distclean-am -rm -rf ./$(DEPDIR) @@ -548,18 +563,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES .MAKE: install-am install-strip .PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ - clean-libtool clean-pluginLTLIBRARIES ctags distclean \ - distclean-compile distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-pluginLTLIBRARIES \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-pluginLTLIBRARIES + clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \ + ctags distclean distclean-compile distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-man install-pdf install-pdf-am \ + install-pluginLTLIBRARIES install-ps install-ps-am \ + install-strip installcheck installcheck-am installdirs \ + maintainer-clean maintainer-clean-generic mostlyclean \ + mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ + pdf pdf-am ps ps-am tags uninstall uninstall-am \ + uninstall-pluginLTLIBRARIES # Tell versions [3.59,3.63) of GNU make to not export all variables. diff --git a/src/libstrongswan/plugins/sha2/sha2_plugin.c b/src/libstrongswan/plugins/sha2/sha2_plugin.c index 90f7cec77..810d9922a 100644 --- a/src/libstrongswan/plugins/sha2/sha2_plugin.c +++ b/src/libstrongswan/plugins/sha2/sha2_plugin.c @@ -44,7 +44,7 @@ static void destroy(private_sha2_plugin_t *this) /* * see header file */ -plugin_t *plugin_create() +plugin_t *sha2_plugin_create() { private_sha2_plugin_t *this = malloc_thing(private_sha2_plugin_t); diff --git a/src/libstrongswan/plugins/sha2/sha2_plugin.h b/src/libstrongswan/plugins/sha2/sha2_plugin.h index b80f7560e..48ee2d94c 100644 --- a/src/libstrongswan/plugins/sha2/sha2_plugin.h +++ b/src/libstrongswan/plugins/sha2/sha2_plugin.h @@ -39,9 +39,4 @@ struct sha2_plugin_t { plugin_t plugin; }; -/** - * Create a sha2_plugin instance. - */ -plugin_t *plugin_create(); - #endif /** SHA2_PLUGIN_H_ @}*/ diff --git a/src/libstrongswan/plugins/sqlite/Makefile.am b/src/libstrongswan/plugins/sqlite/Makefile.am index f26e31294..2e1d9733f 100644 --- a/src/libstrongswan/plugins/sqlite/Makefile.am +++ b/src/libstrongswan/plugins/sqlite/Makefile.am @@ -3,10 +3,16 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic +if MONOLITHIC +noinst_LTLIBRARIES = libstrongswan-sqlite.la +else plugin_LTLIBRARIES = libstrongswan-sqlite.la +endif -libstrongswan_sqlite_la_SOURCES = sqlite_plugin.h sqlite_plugin.c \ +libstrongswan_sqlite_la_SOURCES = \ + sqlite_plugin.h sqlite_plugin.c \ sqlite_database.h sqlite_database.c + libstrongswan_sqlite_la_LDFLAGS = -module -avoid-version -libstrongswan_sqlite_la_LIBADD = -lsqlite3 +libstrongswan_sqlite_la_LIBADD = -lsqlite3 diff --git a/src/libstrongswan/plugins/sqlite/Makefile.in b/src/libstrongswan/plugins/sqlite/Makefile.in index 831408c9e..cb466ad03 100644 --- a/src/libstrongswan/plugins/sqlite/Makefile.in +++ b/src/libstrongswan/plugins/sqlite/Makefile.in @@ -72,7 +72,7 @@ am__base_list = \ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' am__installdirs = "$(DESTDIR)$(plugindir)" -LTLIBRARIES = $(plugin_LTLIBRARIES) +LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES) libstrongswan_sqlite_la_DEPENDENCIES = am_libstrongswan_sqlite_la_OBJECTS = sqlite_plugin.lo \ sqlite_database.lo @@ -81,6 +81,9 @@ libstrongswan_sqlite_la_OBJECTS = \ libstrongswan_sqlite_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(libstrongswan_sqlite_la_LDFLAGS) $(LDFLAGS) -o $@ +@MONOLITHIC_FALSE@am_libstrongswan_sqlite_la_rpath = -rpath \ +@MONOLITHIC_FALSE@ $(plugindir) +@MONOLITHIC_TRUE@am_libstrongswan_sqlite_la_rpath = DEFAULT_INCLUDES = -I.@am__isrc@ depcomp = $(SHELL) $(top_srcdir)/depcomp am__depfiles_maybe = depfiles @@ -219,6 +222,7 @@ ipsecuid = @ipsecuid@ ipsecuser = @ipsecuser@ libdir = @libdir@ libexecdir = @libexecdir@ +libhydra_plugins = @libhydra_plugins@ libstrongswan_plugins = @libstrongswan_plugins@ linux_headers = @linux_headers@ localedir = @localedir@ @@ -255,8 +259,10 @@ xml_CFLAGS = @xml_CFLAGS@ xml_LIBS = @xml_LIBS@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic -plugin_LTLIBRARIES = libstrongswan-sqlite.la -libstrongswan_sqlite_la_SOURCES = sqlite_plugin.h sqlite_plugin.c \ +@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-sqlite.la +@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-sqlite.la +libstrongswan_sqlite_la_SOURCES = \ + sqlite_plugin.h sqlite_plugin.c \ sqlite_database.h sqlite_database.c libstrongswan_sqlite_la_LDFLAGS = -module -avoid-version @@ -295,6 +301,15 @@ $(top_srcdir)/configure: $(am__configure_deps) $(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(am__aclocal_m4_deps): + +clean-noinstLTLIBRARIES: + -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES) + @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES) @$(NORMAL_INSTALL) test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)" @@ -327,7 +342,7 @@ clean-pluginLTLIBRARIES: rm -f "$${dir}/so_locations"; \ done libstrongswan-sqlite.la: $(libstrongswan_sqlite_la_OBJECTS) $(libstrongswan_sqlite_la_DEPENDENCIES) - $(libstrongswan_sqlite_la_LINK) -rpath $(plugindir) $(libstrongswan_sqlite_la_OBJECTS) $(libstrongswan_sqlite_la_LIBADD) $(LIBS) + $(libstrongswan_sqlite_la_LINK) $(am_libstrongswan_sqlite_la_rpath) $(libstrongswan_sqlite_la_OBJECTS) $(libstrongswan_sqlite_la_LIBADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) @@ -481,8 +496,8 @@ maintainer-clean-generic: @echo "it deletes files that may require special tools to rebuild." clean: clean-am -clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \ - mostlyclean-am +clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \ + clean-pluginLTLIBRARIES mostlyclean-am distclean: distclean-am -rm -rf ./$(DEPDIR) @@ -553,18 +568,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES .MAKE: install-am install-strip .PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ - clean-libtool clean-pluginLTLIBRARIES ctags distclean \ - distclean-compile distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-pluginLTLIBRARIES \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-pluginLTLIBRARIES + clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \ + ctags distclean distclean-compile distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-man install-pdf install-pdf-am \ + install-pluginLTLIBRARIES install-ps install-ps-am \ + install-strip installcheck installcheck-am installdirs \ + maintainer-clean maintainer-clean-generic mostlyclean \ + mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ + pdf pdf-am ps ps-am tags uninstall uninstall-am \ + uninstall-pluginLTLIBRARIES # Tell versions [3.59,3.63) of GNU make to not export all variables. diff --git a/src/libstrongswan/plugins/sqlite/sqlite_database.c b/src/libstrongswan/plugins/sqlite/sqlite_database.c index 721f1a126..3e20dbb51 100644 --- a/src/libstrongswan/plugins/sqlite/sqlite_database.c +++ b/src/libstrongswan/plugins/sqlite/sqlite_database.c @@ -110,11 +110,13 @@ static sqlite3_stmt* run(private_sqlite_database_t *this, char *sql, } else { - DBG1("preparing sqlite statement failed: %s", sqlite3_errmsg(this->db)); + DBG1(DBG_LIB, "preparing sqlite statement failed: %s", + sqlite3_errmsg(this->db)); } if (res != SQLITE_OK) { - DBG1("binding sqlite statement failed: %s", sqlite3_errmsg(this->db)); + DBG1(DBG_LIB, "binding sqlite statement failed: %s", + sqlite3_errmsg(this->db)); sqlite3_finalize(stmt); return NULL; } @@ -160,7 +162,7 @@ static bool sqlite_enumerator_enumerate(sqlite_enumerator_t *this, ...) case SQLITE_ROW: break; default: - DBG1("stepping sqlite statement failed: %s", + DBG1(DBG_LIB, "stepping sqlite statement failed: %s", sqlite3_errmsg(this->database->db)); /* fall */ case SQLITE_DONE: @@ -203,7 +205,7 @@ static bool sqlite_enumerator_enumerate(sqlite_enumerator_t *this, ...) break; } default: - DBG1("invalid result type supplied"); + DBG1(DBG_LIB, "invalid result type supplied"); return FALSE; } } @@ -272,7 +274,8 @@ static int execute(private_sqlite_database_t *this, int *rowid, char *sql, ...) } else { - DBG1("sqlite execute failed: %s", sqlite3_errmsg(this->db)); + DBG1(DBG_LIB, "sqlite execute failed: %s", + sqlite3_errmsg(this->db)); } sqlite3_finalize(stmt); } @@ -337,7 +340,7 @@ sqlite_database_t *sqlite_database_create(char *uri) if (sqlite3_open(file, &this->db) != SQLITE_OK) { - DBG1("opening SQLite database '%s' failed: %s", + DBG1(DBG_LIB, "opening SQLite database '%s' failed: %s", file, sqlite3_errmsg(this->db)); destroy(this); return NULL; diff --git a/src/libstrongswan/plugins/sqlite/sqlite_plugin.c b/src/libstrongswan/plugins/sqlite/sqlite_plugin.c index 955402bf9..332d82318 100644 --- a/src/libstrongswan/plugins/sqlite/sqlite_plugin.c +++ b/src/libstrongswan/plugins/sqlite/sqlite_plugin.c @@ -44,7 +44,7 @@ static void destroy(private_sqlite_plugin_t *this) /* * see header file */ -plugin_t *plugin_create() +plugin_t *sqlite_plugin_create() { private_sqlite_plugin_t *this = malloc_thing(private_sqlite_plugin_t); diff --git a/src/libstrongswan/plugins/sqlite/sqlite_plugin.h b/src/libstrongswan/plugins/sqlite/sqlite_plugin.h index 82735a311..dbc461cf4 100644 --- a/src/libstrongswan/plugins/sqlite/sqlite_plugin.h +++ b/src/libstrongswan/plugins/sqlite/sqlite_plugin.h @@ -39,9 +39,4 @@ struct sqlite_plugin_t { plugin_t plugin; }; -/** - * Create a sqlite_plugin instance. - */ -plugin_t *plugin_create(); - #endif /** SQLITE_PLUGIN_H_ @}*/ diff --git a/src/libstrongswan/plugins/test_vectors/Makefile.am b/src/libstrongswan/plugins/test_vectors/Makefile.am index 6028805c4..6d3b05d19 100644 --- a/src/libstrongswan/plugins/test_vectors/Makefile.am +++ b/src/libstrongswan/plugins/test_vectors/Makefile.am @@ -3,7 +3,11 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic +if MONOLITHIC +noinst_LTLIBRARIES = libstrongswan-test-vectors.la +else plugin_LTLIBRARIES = libstrongswan-test-vectors.la +endif libstrongswan_test_vectors_la_SOURCES = \ test_vectors_plugin.h test_vectors_plugin.c test_vectors.h \ @@ -29,5 +33,5 @@ libstrongswan_test_vectors_la_SOURCES = \ test_vectors/sha2_hmac.c \ test_vectors/fips_prf.c \ test_vectors/rng.c -libstrongswan_test_vectors_la_LDFLAGS = -module -avoid-version +libstrongswan_test_vectors_la_LDFLAGS = -module -avoid-version diff --git a/src/libstrongswan/plugins/test_vectors/Makefile.in b/src/libstrongswan/plugins/test_vectors/Makefile.in index a8674d282..dbe62c056 100644 --- a/src/libstrongswan/plugins/test_vectors/Makefile.in +++ b/src/libstrongswan/plugins/test_vectors/Makefile.in @@ -72,7 +72,7 @@ am__base_list = \ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' am__installdirs = "$(DESTDIR)$(plugindir)" -LTLIBRARIES = $(plugin_LTLIBRARIES) +LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES) libstrongswan_test_vectors_la_LIBADD = am_libstrongswan_test_vectors_la_OBJECTS = test_vectors_plugin.lo \ 3des_cbc.lo aes_cbc.lo aes_xcbc.lo blowfish.lo camellia_cbc.lo \ @@ -85,6 +85,9 @@ libstrongswan_test_vectors_la_LINK = $(LIBTOOL) --tag=CC \ $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \ $(AM_CFLAGS) $(CFLAGS) \ $(libstrongswan_test_vectors_la_LDFLAGS) $(LDFLAGS) -o $@ +@MONOLITHIC_FALSE@am_libstrongswan_test_vectors_la_rpath = -rpath \ +@MONOLITHIC_FALSE@ $(plugindir) +@MONOLITHIC_TRUE@am_libstrongswan_test_vectors_la_rpath = DEFAULT_INCLUDES = -I.@am__isrc@ depcomp = $(SHELL) $(top_srcdir)/depcomp am__depfiles_maybe = depfiles @@ -223,6 +226,7 @@ ipsecuid = @ipsecuid@ ipsecuser = @ipsecuser@ libdir = @libdir@ libexecdir = @libexecdir@ +libhydra_plugins = @libhydra_plugins@ libstrongswan_plugins = @libstrongswan_plugins@ linux_headers = @linux_headers@ localedir = @localedir@ @@ -259,7 +263,8 @@ xml_CFLAGS = @xml_CFLAGS@ xml_LIBS = @xml_LIBS@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic -plugin_LTLIBRARIES = libstrongswan-test-vectors.la +@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-test-vectors.la +@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-test-vectors.la libstrongswan_test_vectors_la_SOURCES = \ test_vectors_plugin.h test_vectors_plugin.c test_vectors.h \ test_vectors/3des_cbc.c \ @@ -320,6 +325,15 @@ $(top_srcdir)/configure: $(am__configure_deps) $(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(am__aclocal_m4_deps): + +clean-noinstLTLIBRARIES: + -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES) + @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES) @$(NORMAL_INSTALL) test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)" @@ -352,7 +366,7 @@ clean-pluginLTLIBRARIES: rm -f "$${dir}/so_locations"; \ done libstrongswan-test-vectors.la: $(libstrongswan_test_vectors_la_OBJECTS) $(libstrongswan_test_vectors_la_DEPENDENCIES) - $(libstrongswan_test_vectors_la_LINK) -rpath $(plugindir) $(libstrongswan_test_vectors_la_OBJECTS) $(libstrongswan_test_vectors_la_LIBADD) $(LIBS) + $(libstrongswan_test_vectors_la_LINK) $(am_libstrongswan_test_vectors_la_rpath) $(libstrongswan_test_vectors_la_OBJECTS) $(libstrongswan_test_vectors_la_LIBADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) @@ -681,8 +695,8 @@ maintainer-clean-generic: @echo "it deletes files that may require special tools to rebuild." clean: clean-am -clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \ - mostlyclean-am +clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \ + clean-pluginLTLIBRARIES mostlyclean-am distclean: distclean-am -rm -rf ./$(DEPDIR) @@ -753,18 +767,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES .MAKE: install-am install-strip .PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ - clean-libtool clean-pluginLTLIBRARIES ctags distclean \ - distclean-compile distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-pluginLTLIBRARIES \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-pluginLTLIBRARIES + clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \ + ctags distclean distclean-compile distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-man install-pdf install-pdf-am \ + install-pluginLTLIBRARIES install-ps install-ps-am \ + install-strip installcheck installcheck-am installdirs \ + maintainer-clean maintainer-clean-generic mostlyclean \ + mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ + pdf pdf-am ps ps-am tags uninstall uninstall-am \ + uninstall-pluginLTLIBRARIES # Tell versions [3.59,3.63) of GNU make to not export all variables. diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/rng.c b/src/libstrongswan/plugins/test_vectors/test_vectors/rng.c index 4dc1cc174..18e0c9278 100644 --- a/src/libstrongswan/plugins/test_vectors/test_vectors/rng.c +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/rng.c @@ -44,7 +44,7 @@ static bool test_monobit(monobit_t *param, chunk_t data) } } } - DBG2(" Monobit: %d/%d bits set", bits, data.len * 8); + DBG2(DBG_LIB, " Monobit: %d/%d bits set", bits, data.len * 8); if (bits > param->lower && bits < param->upper) { return TRUE; @@ -101,7 +101,7 @@ static bool test_poker(poker_t *param, chunk_t data) sum += (counter[i] * counter[i]) / 5000.0 * 16.0; } sum -= 5000.0; - DBG2(" Poker: %f", sum); + DBG2(DBG_LIB, " Poker: %f", sum); if (sum > param->lower && sum < param->upper) { return TRUE; @@ -190,7 +190,7 @@ static bool test_runs(runs_t *param, chunk_t data) } } - DBG2(" Runs: zero: %d/%d/%d/%d/%d/%d, one: %d/%d/%d/%d/%d/%d, " + DBG2(DBG_LIB, " Runs: zero: %d/%d/%d/%d/%d/%d, one: %d/%d/%d/%d/%d/%d, " "longruns: %d", zero_runs[1], zero_runs[2], zero_runs[3], zero_runs[4], zero_runs[5], zero_runs[6], diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors_plugin.c b/src/libstrongswan/plugins/test_vectors/test_vectors_plugin.c index 7ad8c3c73..234d237f3 100644 --- a/src/libstrongswan/plugins/test_vectors/test_vectors_plugin.c +++ b/src/libstrongswan/plugins/test_vectors/test_vectors_plugin.c @@ -104,7 +104,7 @@ static void destroy(private_test_vectors_plugin_t *this) /* * see header file */ -plugin_t *plugin_create() +plugin_t *test_vectors_plugin_create() { private_test_vectors_plugin_t *this = malloc_thing(private_test_vectors_plugin_t); int i; diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors_plugin.h b/src/libstrongswan/plugins/test_vectors/test_vectors_plugin.h index 9cb959c88..661529295 100644 --- a/src/libstrongswan/plugins/test_vectors/test_vectors_plugin.h +++ b/src/libstrongswan/plugins/test_vectors/test_vectors_plugin.h @@ -39,9 +39,4 @@ struct test_vectors_plugin_t { plugin_t plugin; }; -/** - * Create a test_vectors_plugin instance. - */ -plugin_t *plugin_create(); - #endif /** TEST_VECTORS_PLUGIN_H_ @}*/ diff --git a/src/libstrongswan/plugins/x509/Makefile.am b/src/libstrongswan/plugins/x509/Makefile.am index 853b1cebc..4b50d78dc 100644 --- a/src/libstrongswan/plugins/x509/Makefile.am +++ b/src/libstrongswan/plugins/x509/Makefile.am @@ -3,14 +3,19 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic +if MONOLITHIC +noinst_LTLIBRARIES = libstrongswan-x509.la +else plugin_LTLIBRARIES = libstrongswan-x509.la +endif -libstrongswan_x509_la_SOURCES = x509_plugin.h x509_plugin.c \ - x509_cert.h x509_cert.c \ - x509_crl.h x509_crl.c \ - x509_ac.h x509_ac.c \ - x509_pkcs10.h x509_pkcs10.c \ - x509_ocsp_request.h x509_ocsp_request.c \ - x509_ocsp_response.h x509_ocsp_response.c -libstrongswan_x509_la_LDFLAGS = -module -avoid-version +libstrongswan_x509_la_SOURCES = \ + x509_plugin.h x509_plugin.c \ + x509_cert.h x509_cert.c \ + x509_crl.h x509_crl.c \ + x509_ac.h x509_ac.c \ + x509_pkcs10.h x509_pkcs10.c \ + x509_ocsp_request.h x509_ocsp_request.c \ + x509_ocsp_response.h x509_ocsp_response.c +libstrongswan_x509_la_LDFLAGS = -module -avoid-version diff --git a/src/libstrongswan/plugins/x509/Makefile.in b/src/libstrongswan/plugins/x509/Makefile.in index 428643254..2bee453cd 100644 --- a/src/libstrongswan/plugins/x509/Makefile.in +++ b/src/libstrongswan/plugins/x509/Makefile.in @@ -72,7 +72,7 @@ am__base_list = \ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' am__installdirs = "$(DESTDIR)$(plugindir)" -LTLIBRARIES = $(plugin_LTLIBRARIES) +LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES) libstrongswan_x509_la_LIBADD = am_libstrongswan_x509_la_OBJECTS = x509_plugin.lo x509_cert.lo \ x509_crl.lo x509_ac.lo x509_pkcs10.lo x509_ocsp_request.lo \ @@ -81,6 +81,8 @@ libstrongswan_x509_la_OBJECTS = $(am_libstrongswan_x509_la_OBJECTS) libstrongswan_x509_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(libstrongswan_x509_la_LDFLAGS) $(LDFLAGS) -o $@ +@MONOLITHIC_FALSE@am_libstrongswan_x509_la_rpath = -rpath $(plugindir) +@MONOLITHIC_TRUE@am_libstrongswan_x509_la_rpath = DEFAULT_INCLUDES = -I.@am__isrc@ depcomp = $(SHELL) $(top_srcdir)/depcomp am__depfiles_maybe = depfiles @@ -219,6 +221,7 @@ ipsecuid = @ipsecuid@ ipsecuser = @ipsecuser@ libdir = @libdir@ libexecdir = @libexecdir@ +libhydra_plugins = @libhydra_plugins@ libstrongswan_plugins = @libstrongswan_plugins@ linux_headers = @linux_headers@ localedir = @localedir@ @@ -255,14 +258,16 @@ xml_CFLAGS = @xml_CFLAGS@ xml_LIBS = @xml_LIBS@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic -plugin_LTLIBRARIES = libstrongswan-x509.la -libstrongswan_x509_la_SOURCES = x509_plugin.h x509_plugin.c \ - x509_cert.h x509_cert.c \ - x509_crl.h x509_crl.c \ - x509_ac.h x509_ac.c \ - x509_pkcs10.h x509_pkcs10.c \ - x509_ocsp_request.h x509_ocsp_request.c \ - x509_ocsp_response.h x509_ocsp_response.c +@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-x509.la +@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-x509.la +libstrongswan_x509_la_SOURCES = \ + x509_plugin.h x509_plugin.c \ + x509_cert.h x509_cert.c \ + x509_crl.h x509_crl.c \ + x509_ac.h x509_ac.c \ + x509_pkcs10.h x509_pkcs10.c \ + x509_ocsp_request.h x509_ocsp_request.c \ + x509_ocsp_response.h x509_ocsp_response.c libstrongswan_x509_la_LDFLAGS = -module -avoid-version all: all-am @@ -299,6 +304,15 @@ $(top_srcdir)/configure: $(am__configure_deps) $(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(am__aclocal_m4_deps): + +clean-noinstLTLIBRARIES: + -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES) + @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES) @$(NORMAL_INSTALL) test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)" @@ -331,7 +345,7 @@ clean-pluginLTLIBRARIES: rm -f "$${dir}/so_locations"; \ done libstrongswan-x509.la: $(libstrongswan_x509_la_OBJECTS) $(libstrongswan_x509_la_DEPENDENCIES) - $(libstrongswan_x509_la_LINK) -rpath $(plugindir) $(libstrongswan_x509_la_OBJECTS) $(libstrongswan_x509_la_LIBADD) $(LIBS) + $(libstrongswan_x509_la_LINK) $(am_libstrongswan_x509_la_rpath) $(libstrongswan_x509_la_OBJECTS) $(libstrongswan_x509_la_LIBADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) @@ -490,8 +504,8 @@ maintainer-clean-generic: @echo "it deletes files that may require special tools to rebuild." clean: clean-am -clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \ - mostlyclean-am +clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \ + clean-pluginLTLIBRARIES mostlyclean-am distclean: distclean-am -rm -rf ./$(DEPDIR) @@ -562,18 +576,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES .MAKE: install-am install-strip .PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ - clean-libtool clean-pluginLTLIBRARIES ctags distclean \ - distclean-compile distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-pluginLTLIBRARIES \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-pluginLTLIBRARIES + clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \ + ctags distclean distclean-compile distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-man install-pdf install-pdf-am \ + install-pluginLTLIBRARIES install-ps install-ps-am \ + install-strip installcheck installcheck-am installdirs \ + maintainer-clean maintainer-clean-generic mostlyclean \ + mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ + pdf pdf-am ps ps-am tags uninstall uninstall-am \ + uninstall-pluginLTLIBRARIES # Tell versions [3.59,3.63) of GNU make to not export all variables. diff --git a/src/libstrongswan/plugins/x509/x509_ac.c b/src/libstrongswan/plugins/x509/x509_ac.c index 79ff80933..95e72789e 100644 --- a/src/libstrongswan/plugins/x509/x509_ac.c +++ b/src/libstrongswan/plugins/x509/x509_ac.c @@ -192,7 +192,7 @@ static bool parse_directoryName(chunk_t blob, int level, bool implicit, identifi } else { - DBG1("more than one directory name - first selected"); + DBG1(DBG_LIB, "more than one directory name - first selected"); directoryName->destroy(directoryName); } } @@ -200,7 +200,7 @@ static bool parse_directoryName(chunk_t blob, int level, bool implicit, identifi } else { - DBG1("no directoryName found"); + DBG1(DBG_LIB, "no directoryName found"); } list->destroy(list); @@ -359,10 +359,11 @@ static bool parse_certificate(private_x509_ac_t *this) break; case AC_OBJ_VERSION: this->version = (object.len) ? (1 + (u_int)*object.ptr) : 1; - DBG2(" v%d", this->version); + DBG2(DBG_LIB, " v%d", this->version); if (this->version != 2) { - DBG1("v%d attribute certificates are not supported", this->version); + DBG1(DBG_LIB, "v%d attribute certificates are not " + "supported", this->version); goto end; } break; @@ -407,20 +408,20 @@ static bool parse_certificate(private_x509_ac_t *this) switch (type) { case OID_AUTHENTICATION_INFO: - DBG2(" need to parse authenticationInfo"); + DBG2(DBG_LIB, " need to parse authenticationInfo"); break; case OID_ACCESS_IDENTITY: - DBG2(" need to parse accessIdentity"); + DBG2(DBG_LIB, " need to parse accessIdentity"); break; case OID_CHARGING_IDENTITY: - DBG2("-- > --"); + DBG2(DBG_LIB, "-- > --"); this->charging = ietf_attributes_create_from_encoding(object); - DBG2("-- < --"); + DBG2(DBG_LIB, "-- < --"); break; case OID_GROUP: - DBG2("-- > --"); + DBG2(DBG_LIB, "-- > --"); this->groups = ietf_attributes_create_from_encoding(object); - DBG2("-- < --"); + DBG2(DBG_LIB, "-- < --"); break; case OID_ROLE: parse_roleSyntax(object, level); @@ -435,21 +436,21 @@ static bool parse_certificate(private_x509_ac_t *this) break; case AC_OBJ_CRITICAL: critical = object.len && *object.ptr; - DBG2(" %s",(critical)?"TRUE":"FALSE"); + DBG2(DBG_LIB, " %s",(critical)?"TRUE":"FALSE"); break; case AC_OBJ_EXTN_VALUE: { switch (extn_oid) { case OID_CRL_DISTRIBUTION_POINTS: - DBG2(" need to parse crlDistributionPoints"); + DBG2(DBG_LIB, " need to parse crlDistributionPoints"); break; case OID_AUTHORITY_KEY_ID: this->authKeyIdentifier = x509_parse_authorityKeyIdentifier(object, level, &this->authKeySerialNumber); break; case OID_TARGET_INFORMATION: - DBG2(" need to parse targetInformation"); + DBG2(DBG_LIB, " need to parse targetInformation"); break; case OID_NO_REV_AVAIL: this->noRevAvail = TRUE; @@ -464,7 +465,7 @@ static bool parse_certificate(private_x509_ac_t *this) NULL); if (this->algorithm != sig_alg) { - DBG1(" signature algorithms do not agree"); + DBG1(DBG_LIB, " signature algorithms do not agree"); success = FALSE; goto end; } @@ -824,9 +825,9 @@ static bool is_newer(private_x509_ac_t *this, ac_t *that) this_cert->get_validity(this_cert, &now, &this_update, NULL); that_cert->get_validity(that_cert, &now, &that_update, NULL); new = this_update > that_update; - DBG1(" attr cert from %T is %s - existing attr cert from %T %s", - &this_update, FALSE, new ? "newer":"not newer", - &that_update, FALSE, new ? "replaced":"retained"); + DBG1(DBG_LIB, " attr cert from %T is %s - existing attr cert from %T %s", + &this_update, FALSE, new ? "newer":"not newer", + &that_update, FALSE, new ? "replaced":"retained"); return new; } diff --git a/src/libstrongswan/plugins/x509/x509_cert.c b/src/libstrongswan/plugins/x509/x509_cert.c index 3b729236e..bdbaa8d4a 100644 --- a/src/libstrongswan/plugins/x509/x509_cert.c +++ b/src/libstrongswan/plugins/x509/x509_cert.c @@ -219,7 +219,7 @@ static void parse_basicConstraints(chunk_t blob, int level0, { case BASIC_CONSTRAINTS_CA: isCA = object.len && *object.ptr; - DBG2(" %s", isCA ? "TRUE" : "FALSE"); + DBG2(DBG_LIB, " %s", isCA ? "TRUE" : "FALSE"); if (isCA) { this->flags |= X509_CA; @@ -383,7 +383,7 @@ static identification_t *parse_generalName(chunk_t blob, int level0) if (id_type != ID_ANY) { gn = identification_create_from_encoding(id_type, object); - DBG2(" '%Y'", gn); + DBG2(DBG_LIB, " '%Y'", gn); goto end; } } @@ -539,7 +539,7 @@ static void parse_authorityInfoAccess(chunk_t blob, int level0, /* parsing went wrong - abort */ goto end; } - DBG2(" '%Y'", id); + DBG2(DBG_LIB, " '%Y'", id); if (accessMethod == OID_OCSP && asprintf(&uri, "%Y", id) > 0) { @@ -704,34 +704,36 @@ static bool check_address_object(ts_type_t ts_type, chunk_t object) case TS_IPV4_ADDR_RANGE: if (object.len > 5) { - DBG1("IPv4 address object is larger than 5 octets"); + DBG1(DBG_LIB, "IPv4 address object is larger than 5 octets"); return FALSE; } break; case TS_IPV6_ADDR_RANGE: if (object.len > 17) { - DBG1("IPv6 address object is larger than 17 octets"); + DBG1(DBG_LIB, "IPv6 address object is larger than 17 octets"); return FALSE; } break; default: - DBG1("unknown address family"); + DBG1(DBG_LIB, "unknown address family"); return FALSE; } if (object.len == 0) { - DBG1("An ASN.1 bit string must contain at least the initial octet"); + DBG1(DBG_LIB, "An ASN.1 bit string must contain at least the " + "initial octet"); return FALSE; } if (object.len == 1 && object.ptr[0] != 0) { - DBG1("An empty ASN.1 bit string must contain a zero initial octet"); + DBG1(DBG_LIB, "An empty ASN.1 bit string must contain a zero " + "initial octet"); return FALSE; } if (object.ptr[0] > 7) { - DBG1("number of unused bits is too large"); + DBG1(DBG_LIB, "number of unused bits is too large"); return FALSE; } return TRUE; @@ -769,11 +771,11 @@ static void parse_ipAddrBlocks(chunk_t blob, int level0, { break; } - DBG2(" %N", ts_type_name, ts_type); + DBG2(DBG_LIB, " %N", ts_type_name, ts_type); } break; case IP_ADDR_BLOCKS_INHERIT: - DBG1("inherit choice is not supported"); + DBG1(DBG_LIB, "inherit choice is not supported"); break; case IP_ADDR_BLOCKS_PREFIX: if (!check_address_object(ts_type, object)) @@ -782,7 +784,7 @@ static void parse_ipAddrBlocks(chunk_t blob, int level0, } ts = traffic_selector_create_from_rfc3779_format(ts_type, object, object); - DBG2(" %R", ts); + DBG2(DBG_LIB, " %R", ts); this->ipAddrBlocks->insert_last(this->ipAddrBlocks, ts); break; case IP_ADDR_BLOCKS_MIN: @@ -799,7 +801,7 @@ static void parse_ipAddrBlocks(chunk_t blob, int level0, } ts = traffic_selector_create_from_rfc3779_format(ts_type, min_object, object); - DBG2(" %R", ts); + DBG2(DBG_LIB, " %R", ts); this->ipAddrBlocks->insert_last(this->ipAddrBlocks, ts); break; default: @@ -893,12 +895,12 @@ static bool parse_certificate(private_x509_cert_t *this) this->version = (object.len) ? (1+(u_int)*object.ptr) : 1; if (this->version < 1 || this->version > 3) { - DBG1("X.509v%d not supported", this->version); + DBG1(DBG_LIB, "X.509v%d not supported", this->version); goto end; } else { - DBG2(" X.509v%d", this->version); + DBG2(DBG_LIB, " X.509v%d", this->version); } break; case X509_OBJ_SERIAL_NUMBER: @@ -909,7 +911,7 @@ static bool parse_certificate(private_x509_cert_t *this) break; case X509_OBJ_ISSUER: this->issuer = identification_create_from_encoding(ID_DER_ASN1_DN, object); - DBG2(" '%Y'", this->issuer); + DBG2(DBG_LIB, " '%Y'", this->issuer); break; case X509_OBJ_NOT_BEFORE: this->notBefore = asn1_parse_time(object, level); @@ -919,13 +921,13 @@ static bool parse_certificate(private_x509_cert_t *this) break; case X509_OBJ_SUBJECT: this->subject = identification_create_from_encoding(ID_DER_ASN1_DN, object); - DBG2(" '%Y'", this->subject); + DBG2(DBG_LIB, " '%Y'", this->subject); break; case X509_OBJ_SUBJECT_PUBLIC_KEY_INFO: - DBG2("-- > --"); + DBG2(DBG_LIB, "-- > --"); this->public_key = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_ANY, BUILD_BLOB_ASN1_DER, object, BUILD_END); - DBG2("-- < --"); + DBG2(DBG_LIB, "-- < --"); if (this->public_key == NULL) { goto end; @@ -934,7 +936,7 @@ static bool parse_certificate(private_x509_cert_t *this) case X509_OBJ_OPTIONAL_EXTENSIONS: if (this->version != 3) { - DBG1("Only X.509v3 certificates have extensions"); + DBG1(DBG_LIB, "Only X.509v3 certificates have extensions"); goto end; } break; @@ -943,7 +945,7 @@ static bool parse_certificate(private_x509_cert_t *this) break; case X509_OBJ_CRITICAL: critical = object.len && *object.ptr; - DBG2(" %s", critical ? "TRUE" : "FALSE"); + DBG2(DBG_LIB, " %s", critical ? "TRUE" : "FALSE"); break; case X509_OBJ_EXTN_VALUE: { @@ -974,6 +976,9 @@ static bool parse_certificate(private_x509_cert_t *this) case OID_AUTHORITY_INFO_ACCESS: parse_authorityInfoAccess(object, level, this); break; + case OID_KEY_USAGE: + /* TODO parse the flags */ + break; case OID_EXTENDED_KEY_USAGE: parse_extendedKeyUsage(object, level, this); break; @@ -994,7 +999,7 @@ static bool parse_certificate(private_x509_cert_t *this) if (critical && lib->settings->get_bool(lib->settings, "libstrongswan.plugins.x509.enforce_critical", FALSE)) { - DBG1("critical %s extension not supported", + DBG1(DBG_LIB, "critical %s extension not supported", (extn_oid == OID_UNKNOWN) ? "unknown" : (char*)oid_names[extn_oid].name); goto end; @@ -1007,7 +1012,7 @@ static bool parse_certificate(private_x509_cert_t *this) this->algorithm = asn1_parse_algorithmIdentifier(object, level, NULL); if (this->algorithm != sig_alg) { - DBG1(" signature algorithms do not agree"); + DBG1(DBG_LIB, " signature algorithms do not agree"); goto end; } break; @@ -1035,7 +1040,7 @@ end: hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1); if (hasher == NULL) { - DBG1(" unable to create hash of certificate, SHA1 not supported"); + DBG1(DBG_LIB, " unable to create hash of certificate, SHA1 not supported"); return NULL; } hasher->allocate_hash(hasher, this->encoding, &this->encoding_hash); @@ -1214,9 +1219,9 @@ static bool is_newer(certificate_t *this, certificate_t *that) this->get_validity(this, &now, &this_update, NULL); that->get_validity(that, &now, &that_update, NULL); new = this_update > that_update; - DBG1(" certificate from %T is %s - existing certificate from %T %s", - &this_update, FALSE, new ? "newer":"not newer", - &that_update, FALSE, new ? "replaced":"retained"); + DBG1(DBG_LIB, " certificate from %T is %s - existing certificate " + "from %T %s", &this_update, FALSE, new ? "newer":"not newer", + &that_update, FALSE, new ? "replaced":"retained"); return new; } @@ -1453,7 +1458,7 @@ chunk_t x509_build_subjectAltNames(linked_list_t *list) context = ASN1_CONTEXT_S_7; break; default: - DBG1("encoding %N as subjectAltName not supported", + DBG1(DBG_LIB, "encoding %N as subjectAltName not supported", id_type_names, id->get_type(id)); enumerator->destroy(enumerator); free(subjectAltNames.ptr); @@ -1481,7 +1486,9 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert, chunk_t extensions = chunk_empty, extendedKeyUsage = chunk_empty; chunk_t serverAuth = chunk_empty, clientAuth = chunk_empty; chunk_t ocspSigning = chunk_empty; - chunk_t basicConstraints = chunk_empty, subjectAltNames = chunk_empty; + chunk_t basicConstraints = chunk_empty; + chunk_t keyUsage = chunk_empty; + chunk_t subjectAltNames = chunk_empty; chunk_t subjectKeyIdentifier = chunk_empty, authKeyIdentifier = chunk_empty; chunk_t crlDistributionPoints = chunk_empty, authorityInfoAccess = chunk_empty; identification_t *issuer, *subject; @@ -1583,7 +1590,7 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert, asn1_wrap(ASN1_SEQUENCE, "m", authorityInfoAccess))); } - /* build CA basicConstraint for CA certificates */ + /* build CA basicConstraint and keyUsage flags for CA certificates */ if (cert->flags & X509_CA) { chunk_t pathLenConstraint = chunk_empty; @@ -1603,6 +1610,13 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert, asn1_wrap(ASN1_BOOLEAN, "c", chunk_from_chars(0xFF)), pathLenConstraint))); + keyUsage = asn1_wrap(ASN1_SEQUENCE, "mmm", + asn1_build_known_oid(OID_KEY_USAGE), + asn1_wrap(ASN1_BOOLEAN, "c", + chunk_from_chars(0xFF)), + asn1_wrap(ASN1_OCTET_STRING, "m", + asn1_wrap(ASN1_BIT_STRING, "c", + chunk_from_chars(0x01, 0x06)))); } /* add serverAuth extendedKeyUsage flag */ @@ -1663,8 +1677,8 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert, crlDistributionPoints.ptr) { extensions = asn1_wrap(ASN1_CONTEXT_C_3, "m", - asn1_wrap(ASN1_SEQUENCE, "mmmmmmm", - basicConstraints, subjectKeyIdentifier, + asn1_wrap(ASN1_SEQUENCE, "mmmmmmmm", + basicConstraints, keyUsage, subjectKeyIdentifier, authKeyIdentifier, subjectAltNames, extendedKeyUsage, crlDistributionPoints, authorityInfoAccess)); diff --git a/src/libstrongswan/plugins/x509/x509_crl.c b/src/libstrongswan/plugins/x509/x509_crl.c index b9ef3218b..c755d7f63 100644 --- a/src/libstrongswan/plugins/x509/x509_crl.c +++ b/src/libstrongswan/plugins/x509/x509_crl.c @@ -216,14 +216,14 @@ static bool parse(private_x509_crl_t *this) break; case CRL_OBJ_VERSION: this->version = (object.len) ? (1+(u_int)*object.ptr) : 1; - DBG2(" v%d", this->version); + DBG2(DBG_LIB, " v%d", this->version); break; case CRL_OBJ_SIG_ALG: sig_alg = asn1_parse_algorithmIdentifier(object, level, NULL); break; case CRL_OBJ_ISSUER: this->issuer = identification_create_from_encoding(ID_DER_ASN1_DN, object); - DBG2(" '%Y'", this->issuer); + DBG2(DBG_LIB, " '%Y'", this->issuer); break; case CRL_OBJ_THIS_UPDATE: this->thisUpdate = asn1_parse_time(object, level); @@ -248,7 +248,7 @@ static bool parse(private_x509_crl_t *this) case CRL_OBJ_CRL_ENTRY_CRITICAL: case CRL_OBJ_CRITICAL: critical = object.len && *object.ptr; - DBG2(" %s", critical ? "TRUE" : "FALSE"); + DBG2(DBG_LIB, " %s", critical ? "TRUE" : "FALSE"); break; case CRL_OBJ_CRL_ENTRY_EXTN_VALUE: case CRL_OBJ_EXTN_VALUE: @@ -262,7 +262,8 @@ static bool parse(private_x509_crl_t *this) { revoked->reason = *object.ptr; } - DBG2(" '%N'", crl_reason_names, revoked->reason); + DBG2(DBG_LIB, " '%N'", crl_reason_names, + revoked->reason); } else if (extn_oid == OID_AUTHORITY_KEY_ID) { @@ -286,7 +287,7 @@ static bool parse(private_x509_crl_t *this) this->algorithm = asn1_parse_algorithmIdentifier(object, level, NULL); if (this->algorithm != sig_alg) { - DBG1(" signature algorithms do not agree"); + DBG1(DBG_LIB, " signature algorithms do not agree"); goto end; } break; @@ -483,7 +484,7 @@ static bool is_newer(private_x509_crl_t *this, crl_t *that) if (this->crlNumber.ptr != NULL && that_crlNumber.ptr != NULL) { new = chunk_compare(this->crlNumber, that_crlNumber) > 0; - DBG1(" crl #%#B is %s - existing crl #%#B %s", + DBG1(DBG_LIB, " crl #%#B is %s - existing crl #%#B %s", &this->crlNumber, new ? "newer":"not newer", &that_crlNumber, new ? "replaced":"retained"); } @@ -497,7 +498,7 @@ static bool is_newer(private_x509_crl_t *this, crl_t *that) this_cert->get_validity(this_cert, &now, &this_update, NULL); that_cert->get_validity(that_cert, &now, &that_update, NULL); new = this_update > that_update; - DBG1(" crl from %T is %s - existing crl from %T %s", + DBG1(DBG_LIB, " crl from %T is %s - existing crl from %T %s", &this_update, FALSE, new ? "newer":"not newer", &that_update, FALSE, new ? "replaced":"retained"); } diff --git a/src/libstrongswan/plugins/x509/x509_ocsp_request.c b/src/libstrongswan/plugins/x509/x509_ocsp_request.c index f86f87751..c835d5dc8 100644 --- a/src/libstrongswan/plugins/x509/x509_ocsp_request.c +++ b/src/libstrongswan/plugins/x509/x509_ocsp_request.c @@ -179,13 +179,14 @@ static chunk_t build_requestList(private_x509_ocsp_request_t *this) } else { - DBG1("creating OCSP request failed, SHA1 not supported"); + DBG1(DBG_LIB, "creating OCSP request failed, SHA1 not supported"); } public->destroy(public); } else { - DBG1("creating OCSP request failed, CA certificate has no public key"); + DBG1(DBG_LIB, "creating OCSP request failed, CA certificate has " + "no public key"); } return asn1_wrap(ASN1_SEQUENCE, "m", list); } @@ -205,7 +206,7 @@ static chunk_t build_nonce(private_x509_ocsp_request_t *this) return asn1_wrap(ASN1_SEQUENCE, "cm", ASN1_nonce_oid, asn1_simple_object(ASN1_OCTET_STRING, this->nonce)); } - DBG1("creating OCSP request nonce failed, no RNG found"); + DBG1(DBG_LIB, "creating OCSP request nonce failed, no RNG found"); return chunk_empty; } @@ -263,14 +264,14 @@ static chunk_t build_optionalSignature(private_x509_ocsp_request_t *this, scheme = SIGN_ECDSA_WITH_SHA1_DER; break; default: - DBG1("unable to sign OCSP request, %N signature not supported", - key_type_names, this->key->get_type(this->key)); + DBG1(DBG_LIB, "unable to sign OCSP request, %N signature not " + "supported", key_type_names, this->key->get_type(this->key)); return chunk_empty; } if (!this->key->sign(this->key, scheme, tbsRequest, &signature)) { - DBG1("creating OCSP signature failed, skipped"); + DBG1(DBG_LIB, "creating OCSP signature failed, skipped"); return chunk_empty; } if (this->cert) @@ -378,7 +379,7 @@ static id_match_t has_issuer(private_x509_ocsp_request_t *this, */ static bool issued_by(private_x509_ocsp_request_t *this, certificate_t *issuer) { - DBG1("OCSP request validation not implemented!"); + DBG1(DBG_LIB, "OCSP request validation not implemented!"); return FALSE; } diff --git a/src/libstrongswan/plugins/x509/x509_ocsp_response.c b/src/libstrongswan/plugins/x509/x509_ocsp_response.c index 948d7ad85..c70d461df 100644 --- a/src/libstrongswan/plugins/x509/x509_ocsp_response.c +++ b/src/libstrongswan/plugins/x509/x509_ocsp_response.c @@ -509,7 +509,8 @@ static bool parse_basicOCSPResponse(private_x509_ocsp_response_t *this, if (version != OCSP_BASIC_RESPONSE_VERSION) { - DBG1(" ocsp ResponseData version %d not supported", version); + DBG1(DBG_LIB, " ocsp ResponseData version %d not " + "supported", version); goto end; } break; @@ -517,12 +518,12 @@ static bool parse_basicOCSPResponse(private_x509_ocsp_response_t *this, case BASIC_RESPONSE_ID_BY_NAME: this->responderId = identification_create_from_encoding( ID_DER_ASN1_DN, object); - DBG2(" '%Y'", this->responderId); + DBG2(DBG_LIB, " '%Y'", this->responderId); break; case BASIC_RESPONSE_ID_BY_KEY: this->responderId = identification_create_from_encoding( ID_KEY_ID, object); - DBG2(" '%Y'", this->responderId); + DBG2(DBG_LIB, " '%Y'", this->responderId); break; case BASIC_RESPONSE_PRODUCED_AT: this->producedAt = asn1_to_time(&object, ASN1_GENERALIZEDTIME); @@ -536,7 +537,7 @@ static bool parse_basicOCSPResponse(private_x509_ocsp_response_t *this, break; case BASIC_RESPONSE_CRITICAL: critical = object.len && *object.ptr; - DBG2(" %s", critical ? "TRUE" : "FALSE"); + DBG2(DBG_LIB, " %s", critical ? "TRUE" : "FALSE"); break; case BASIC_RESPONSE_EXT_VALUE: if (extn_oid == OID_NONCE) @@ -622,7 +623,7 @@ static bool parse_OCSPResponse(private_x509_ocsp_response_t *this) case OCSP_SUCCESSFUL: break; default: - DBG1(" ocsp response status: %N", + DBG1(DBG_LIB, " ocsp response status: %N", ocsp_status_names, status); goto end; } @@ -638,7 +639,8 @@ static bool parse_OCSPResponse(private_x509_ocsp_response_t *this) parser->get_level(parser)+1); break; default: - DBG1(" ocsp response type %#B not supported", &object); + DBG1(DBG_LIB, " ocsp response type %#B not supported", + &object); goto end; } break; @@ -772,9 +774,9 @@ static bool is_newer(certificate_t *this, certificate_t *that) this->get_validity(this, &now, &this_update, NULL); that->get_validity(that, &now, &that_update, NULL); new = this_update > that_update; - DBG1(" ocsp response from %T is %s - existing ocsp response from %T %s", - &this_update, FALSE, new ? "newer":"not newer", - &that_update, FALSE, new ? "replaced":"retained"); + DBG1(DBG_LIB, " ocsp response from %T is %s - existing ocsp response " + "from %T %s", &this_update, FALSE, new ? "newer" : "not newer", + &that_update, FALSE, new ? "replaced" : "retained"); return new; } diff --git a/src/libstrongswan/plugins/x509/x509_pkcs10.c b/src/libstrongswan/plugins/x509/x509_pkcs10.c index 6d750c98c..1009ec931 100644 --- a/src/libstrongswan/plugins/x509/x509_pkcs10.c +++ b/src/libstrongswan/plugins/x509/x509_pkcs10.c @@ -297,7 +297,7 @@ static bool parse_extension_request(private_x509_pkcs10_t *this, chunk_t blob, i break; case PKCS10_EXTN_CRITICAL: critical = object.len && *object.ptr; - DBG2(" %s", critical ? "TRUE" : "FALSE"); + DBG2(DBG_LIB, " %s", critical ? "TRUE" : "FALSE"); break; case PKCS10_EXTN_VALUE: { @@ -330,25 +330,25 @@ static bool parse_challengePassword(private_x509_pkcs10_t *this, chunk_t blob, i if (blob.len < 2) { - DBG1("L%d - challengePassword: ASN.1 object smaller than 2 octets", - level); + DBG1(DBG_LIB, "L%d - challengePassword: ASN.1 object smaller " + "than 2 octets", level); return FALSE; } tag = *blob.ptr; if (tag < ASN1_UTF8STRING || tag > ASN1_IA5STRING) { - DBG1("L%d - challengePassword: ASN.1 object is not a character string", - level); + DBG1(DBG_LIB, "L%d - challengePassword: ASN.1 object is not " + "a character string", level); return FALSE; } if (asn1_length(&blob) == ASN1_INVALID_LENGTH) { - DBG1("L%d - challengePassword: ASN.1 object has an invalid length", - level); + DBG1(DBG_LIB, "L%d - challengePassword: ASN.1 object has an " + "invalid length", level); return FALSE; - } - DBG2("L%d - challengePassword:", level); - DBG4(" '%.*s'", blob.len, blob.ptr); + } + DBG2(DBG_LIB, "L%d - challengePassword:", level); + DBG4(DBG_LIB, " '%.*s'", blob.len, blob.ptr); return TRUE; } @@ -406,13 +406,14 @@ static bool parse_certificate_request(private_x509_pkcs10_t *this) case PKCS10_VERSION: if (object.len > 0 && *object.ptr != 0) { - DBG1("PKCS#10 certificate request format is not version 1"); + DBG1(DBG_LIB, "PKCS#10 certificate request format is " + "not version 1"); goto end; } break; case PKCS10_SUBJECT: this->subject = identification_create_from_encoding(ID_DER_ASN1_DN, object); - DBG2(" '%Y'", this->subject); + DBG2(DBG_LIB, " '%Y'", this->subject); break; case PKCS10_SUBJECT_PUBLIC_KEY_INFO: this->public_key = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, @@ -467,7 +468,7 @@ end: } else { - DBG1("certificate request is not self-signed"); + DBG1(DBG_LIB, "certificate request is not self-signed"); success = FALSE; } } diff --git a/src/libstrongswan/plugins/x509/x509_plugin.c b/src/libstrongswan/plugins/x509/x509_plugin.c index 94c49b1e1..e71c55efc 100644 --- a/src/libstrongswan/plugins/x509/x509_plugin.c +++ b/src/libstrongswan/plugins/x509/x509_plugin.c @@ -65,7 +65,7 @@ static void destroy(private_x509_plugin_t *this) /* * see header file */ -plugin_t *plugin_create() +plugin_t *x509_plugin_create() { private_x509_plugin_t *this = malloc_thing(private_x509_plugin_t); diff --git a/src/libstrongswan/plugins/x509/x509_plugin.h b/src/libstrongswan/plugins/x509/x509_plugin.h index fe8c0b31f..e3f959ffa 100644 --- a/src/libstrongswan/plugins/x509/x509_plugin.h +++ b/src/libstrongswan/plugins/x509/x509_plugin.h @@ -39,9 +39,4 @@ struct x509_plugin_t { plugin_t plugin; }; -/** - * Create a x509_plugin instance. - */ -plugin_t *plugin_create(); - #endif /** X509_PLUGIN_H_ @}*/ diff --git a/src/libstrongswan/plugins/xcbc/Makefile.am b/src/libstrongswan/plugins/xcbc/Makefile.am index 515b75031..7de306832 100644 --- a/src/libstrongswan/plugins/xcbc/Makefile.am +++ b/src/libstrongswan/plugins/xcbc/Makefile.am @@ -3,9 +3,14 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic +if MONOLITHIC +noinst_LTLIBRARIES = libstrongswan-xcbc.la +else plugin_LTLIBRARIES = libstrongswan-xcbc.la +endif -libstrongswan_xcbc_la_SOURCES = xcbc_plugin.h xcbc_plugin.c xcbc.h xcbc.c \ +libstrongswan_xcbc_la_SOURCES = \ + xcbc_plugin.h xcbc_plugin.c xcbc.h xcbc.c \ xcbc_prf.h xcbc_prf.c xcbc_signer.h xcbc_signer.c -libstrongswan_xcbc_la_LDFLAGS = -module -avoid-version +libstrongswan_xcbc_la_LDFLAGS = -module -avoid-version diff --git a/src/libstrongswan/plugins/xcbc/Makefile.in b/src/libstrongswan/plugins/xcbc/Makefile.in index 3720aeaeb..c49e2b76a 100644 --- a/src/libstrongswan/plugins/xcbc/Makefile.in +++ b/src/libstrongswan/plugins/xcbc/Makefile.in @@ -72,7 +72,7 @@ am__base_list = \ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' am__installdirs = "$(DESTDIR)$(plugindir)" -LTLIBRARIES = $(plugin_LTLIBRARIES) +LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES) libstrongswan_xcbc_la_LIBADD = am_libstrongswan_xcbc_la_OBJECTS = xcbc_plugin.lo xcbc.lo xcbc_prf.lo \ xcbc_signer.lo @@ -80,6 +80,8 @@ libstrongswan_xcbc_la_OBJECTS = $(am_libstrongswan_xcbc_la_OBJECTS) libstrongswan_xcbc_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(libstrongswan_xcbc_la_LDFLAGS) $(LDFLAGS) -o $@ +@MONOLITHIC_FALSE@am_libstrongswan_xcbc_la_rpath = -rpath $(plugindir) +@MONOLITHIC_TRUE@am_libstrongswan_xcbc_la_rpath = DEFAULT_INCLUDES = -I.@am__isrc@ depcomp = $(SHELL) $(top_srcdir)/depcomp am__depfiles_maybe = depfiles @@ -218,6 +220,7 @@ ipsecuid = @ipsecuid@ ipsecuser = @ipsecuser@ libdir = @libdir@ libexecdir = @libexecdir@ +libhydra_plugins = @libhydra_plugins@ libstrongswan_plugins = @libstrongswan_plugins@ linux_headers = @linux_headers@ localedir = @localedir@ @@ -254,8 +257,10 @@ xml_CFLAGS = @xml_CFLAGS@ xml_LIBS = @xml_LIBS@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic -plugin_LTLIBRARIES = libstrongswan-xcbc.la -libstrongswan_xcbc_la_SOURCES = xcbc_plugin.h xcbc_plugin.c xcbc.h xcbc.c \ +@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-xcbc.la +@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-xcbc.la +libstrongswan_xcbc_la_SOURCES = \ + xcbc_plugin.h xcbc_plugin.c xcbc.h xcbc.c \ xcbc_prf.h xcbc_prf.c xcbc_signer.h xcbc_signer.c libstrongswan_xcbc_la_LDFLAGS = -module -avoid-version @@ -293,6 +298,15 @@ $(top_srcdir)/configure: $(am__configure_deps) $(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(am__aclocal_m4_deps): + +clean-noinstLTLIBRARIES: + -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES) + @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES) @$(NORMAL_INSTALL) test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)" @@ -325,7 +339,7 @@ clean-pluginLTLIBRARIES: rm -f "$${dir}/so_locations"; \ done libstrongswan-xcbc.la: $(libstrongswan_xcbc_la_OBJECTS) $(libstrongswan_xcbc_la_DEPENDENCIES) - $(libstrongswan_xcbc_la_LINK) -rpath $(plugindir) $(libstrongswan_xcbc_la_OBJECTS) $(libstrongswan_xcbc_la_LIBADD) $(LIBS) + $(libstrongswan_xcbc_la_LINK) $(am_libstrongswan_xcbc_la_rpath) $(libstrongswan_xcbc_la_OBJECTS) $(libstrongswan_xcbc_la_LIBADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) @@ -481,8 +495,8 @@ maintainer-clean-generic: @echo "it deletes files that may require special tools to rebuild." clean: clean-am -clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \ - mostlyclean-am +clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \ + clean-pluginLTLIBRARIES mostlyclean-am distclean: distclean-am -rm -rf ./$(DEPDIR) @@ -553,18 +567,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES .MAKE: install-am install-strip .PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ - clean-libtool clean-pluginLTLIBRARIES ctags distclean \ - distclean-compile distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-pluginLTLIBRARIES \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-pluginLTLIBRARIES + clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \ + ctags distclean distclean-compile distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-man install-pdf install-pdf-am \ + install-pluginLTLIBRARIES install-ps install-ps-am \ + install-strip installcheck installcheck-am installdirs \ + maintainer-clean maintainer-clean-generic mostlyclean \ + mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ + pdf pdf-am ps ps-am tags uninstall uninstall-am \ + uninstall-pluginLTLIBRARIES # Tell versions [3.59,3.63) of GNU make to not export all variables. diff --git a/src/libstrongswan/plugins/xcbc/xcbc_plugin.c b/src/libstrongswan/plugins/xcbc/xcbc_plugin.c index 3eb7f0927..9d903bfaa 100644 --- a/src/libstrongswan/plugins/xcbc/xcbc_plugin.c +++ b/src/libstrongswan/plugins/xcbc/xcbc_plugin.c @@ -47,7 +47,7 @@ static void destroy(private_xcbc_plugin_t *this) /* * see header file */ -plugin_t *plugin_create() +plugin_t *xcbc_plugin_create() { private_xcbc_plugin_t *this = malloc_thing(private_xcbc_plugin_t); diff --git a/src/libstrongswan/plugins/xcbc/xcbc_plugin.h b/src/libstrongswan/plugins/xcbc/xcbc_plugin.h index 803d847aa..9824088c6 100644 --- a/src/libstrongswan/plugins/xcbc/xcbc_plugin.h +++ b/src/libstrongswan/plugins/xcbc/xcbc_plugin.h @@ -39,9 +39,4 @@ struct xcbc_plugin_t { plugin_t plugin; }; -/** - * Create a xcbc_plugin instance. - */ -plugin_t *plugin_create(); - #endif /** XCBC_PLUGIN_H_ @}*/ diff --git a/src/libstrongswan/printf_hook.c b/src/libstrongswan/printf_hook.c index 0b516c99e..037f0b918 100644 --- a/src/libstrongswan/printf_hook.c +++ b/src/libstrongswan/printf_hook.c @@ -16,8 +16,8 @@ #include "printf_hook.h" -#include <utils.h> -#include <debug.h> +#include "utils.h" +#include "debug.h" #include <stdio.h> #include <stdarg.h> @@ -333,7 +333,8 @@ static void add_handler(private_printf_hook_t *this, char spec, if (!IS_VALID_SPEC(spec)) { - DBG1("'%c' is not a valid printf hook specifier, not registered!", spec); + DBG1(DBG_LIB, "'%c' is not a valid printf hook specifier, " + "not registered!", spec); return; } @@ -345,7 +346,8 @@ static void add_handler(private_printf_hook_t *this, char spec, { if (++i >= ARGS_MAX) { - DBG1("Too many arguments for printf hook with specifier '%c', not registered!", spec); + DBG1(DBG_LIB, "Too many arguments for printf hook with " + "specifier '%c', not registered!", spec); va_end(args); free(handler); return; @@ -427,7 +429,7 @@ printf_hook_t *printf_hook_create() #ifdef USE_VSTR if (!vstr_init()) { - DBG1("failed to initialize Vstr library!"); + DBG1(DBG_LIB, "failed to initialize Vstr library!"); free(this); return NULL; } diff --git a/src/libstrongswan/selectors/traffic_selector.h b/src/libstrongswan/selectors/traffic_selector.h index b5964b541..257da3f24 100644 --- a/src/libstrongswan/selectors/traffic_selector.h +++ b/src/libstrongswan/selectors/traffic_selector.h @@ -74,8 +74,8 @@ struct traffic_selector_t { * * @param other traffic selector to compare * @return - * - created subset of them - * - or NULL if no match between this and other + * - created subset of them + * - or NULL if no match between this and other */ traffic_selector_t *(*get_subset) (traffic_selector_t *this, traffic_selector_t *other); @@ -173,7 +173,7 @@ struct traffic_selector_t { * Compare two traffic selectors for equality. * * @param other ts to compare with this - * @return TRUE if equal, FALSE otherwise + * @return TRUE if equal, FALSE otherwise */ bool (*equals) (traffic_selector_t *this, traffic_selector_t *other); @@ -215,15 +215,15 @@ struct traffic_selector_t { /** * Create a new traffic selector using human readable params. * - * @param protocol protocol for this ts, such as TCP or UDP + * @param protocol protocol for this ts, such as TCP or UDP * @param type type of following addresses, such as TS_IPV4_ADDR_RANGE * @param from_addr start of address range as string * @param from_port port number in host order * @param to_addr end of address range as string * @param to_port port number in host order * @return - * - traffic_selector_t object - * - NULL if invalid address strings/protocol + * - traffic_selector_t object + * - NULL if invalid address strings/protocol */ traffic_selector_t *traffic_selector_create_from_string( u_int8_t protocol, ts_type_t type, @@ -237,11 +237,11 @@ traffic_selector_t *traffic_selector_create_from_string( * But the parser gives us this data in this format, so we * don't have to convert twice. * - * @param protocol protocol for this ts, such as TCP or UDP + * @param protocol protocol for this ts, such as TCP or UDP * @param type type of following addresses, such as TS_IPV4_ADDR_RANGE - * @param from_addr start of address range, network order + * @param from_address start of address range, network order * @param from_port port number, host order - * @param to_addr end of address range, network order + * @param to_address end of address range, network order * @param to_port port number, host order * @return traffic_selector_t object */ @@ -273,11 +273,11 @@ traffic_selector_t *traffic_selector_create_from_rfc3779_format(ts_type_t type, * * @param net subnet to use * @param netbits size of the subnet, as used in e.g. 192.168.0.0/24 notation - * @param protocol protocol for this ts, such as TCP or UDP + * @param protocol protocol for this ts, such as TCP or UDP * @param port port number, host order * @return - * - traffic_selector_t object - * - NULL if address family of net not supported + * - traffic_selector_t object + * - NULL if address family of net not supported */ traffic_selector_t *traffic_selector_create_from_subnet( host_t *net, u_int8_t netbits, @@ -295,8 +295,8 @@ traffic_selector_t *traffic_selector_create_from_subnet( * @param from_port start of allowed port range * @param to_port end of range * @return - * - traffic_selector_t object - * - NULL if type not supported + * - traffic_selector_t object + * - NULL if type not supported */ traffic_selector_t *traffic_selector_create_dynamic(u_int8_t protocol, u_int16_t from_port, u_int16_t to_port); diff --git a/src/libstrongswan/settings.c b/src/libstrongswan/settings.c index 4a822bcbf..610e2b8ea 100644 --- a/src/libstrongswan/settings.c +++ b/src/libstrongswan/settings.c @@ -21,8 +21,8 @@ #include "settings.h" -#include <debug.h> -#include <utils/linked_list.h> +#include "debug.h" +#include "utils/linked_list.h" typedef struct private_settings_t private_settings_t; @@ -293,8 +293,8 @@ static u_int32_t get_time(private_settings_t *this, char *key, u_int32_t def, .. if (value) { errno = 0; - timeval = strtol(value, &endptr, 10); - if (errno == 0 && timeval >= 0) + timeval = strtoul(value, &endptr, 10); + if (errno == 0) { switch (*endptr) { @@ -497,7 +497,7 @@ static section_t* parse_section(char **text, char *name) continue; } } - DBG1("matching '}' not found near %s", *text); + DBG1(DBG_LIB, "matching '}' not found near %s", *text); break; case '=': if (parse(text, "\t ", "\n", NULL, &value)) @@ -508,7 +508,7 @@ static section_t* parse_section(char **text, char *name) section->kv->insert_last(section->kv, kv); continue; } - DBG1("parsing value failed near %s", *text); + DBG1(DBG_LIB, "parsing value failed near %s", *text); break; case '#': parse(text, "", "\n", NULL, &value); @@ -566,7 +566,7 @@ settings_t *settings_create(char *file) fd = fopen(file, "r"); if (fd == NULL) { - DBG1("'%s' does not exist or is not readable", file); + DBG1(DBG_LIB, "'%s' does not exist or is not readable", file); return &this->public; } fseek(fd, 0, SEEK_END); diff --git a/src/libstrongswan/settings.h b/src/libstrongswan/settings.h index 9e8d75cc0..f274fb33c 100644 --- a/src/libstrongswan/settings.h +++ b/src/libstrongswan/settings.h @@ -23,8 +23,8 @@ typedef struct settings_t settings_t; -#include <utils.h> -#include <utils/enumerator.h> +#include "utils.h" +#include "utils/enumerator.h" /** * Generic configuration options read from a config file. diff --git a/src/libstrongswan/threading/mutex.c b/src/libstrongswan/threading/mutex.c index a35695624..8597abb44 100644 --- a/src/libstrongswan/threading/mutex.c +++ b/src/libstrongswan/threading/mutex.c @@ -108,7 +108,7 @@ static void lock(private_mutex_t *this) err = pthread_mutex_lock(&this->mutex); if (err) { - DBG1("!!! MUTEX LOCK ERROR: %s !!!", strerror(err)); + DBG1(DBG_LIB, "!!! MUTEX LOCK ERROR: %s !!!", strerror(err)); } profiler_end(&this->profile); } @@ -123,7 +123,7 @@ static void unlock(private_mutex_t *this) err = pthread_mutex_unlock(&this->mutex); if (err) { - DBG1("!!! MUTEX UNLOCK ERROR: %s !!!", strerror(err)); + DBG1(DBG_LIB, "!!! MUTEX UNLOCK ERROR: %s !!!", strerror(err)); } } diff --git a/src/libstrongswan/threading/rwlock.c b/src/libstrongswan/threading/rwlock.c index ee9fb10be..cec43f59c 100644 --- a/src/libstrongswan/threading/rwlock.c +++ b/src/libstrongswan/threading/rwlock.c @@ -98,7 +98,7 @@ static void read_lock(private_rwlock_t *this) err = pthread_rwlock_rdlock(&this->rwlock); if (err != 0) { - DBG1("!!! RWLOCK READ LOCK ERROR: %s !!!", strerror(err)); + DBG1(DBG_LIB, "!!! RWLOCK READ LOCK ERROR: %s !!!", strerror(err)); } profiler_end(&this->profile); } @@ -114,7 +114,7 @@ static void write_lock(private_rwlock_t *this) err = pthread_rwlock_wrlock(&this->rwlock); if (err != 0) { - DBG1("!!! RWLOCK WRITE LOCK ERROR: %s !!!", strerror(err)); + DBG1(DBG_LIB, "!!! RWLOCK WRITE LOCK ERROR: %s !!!", strerror(err)); } profiler_end(&this->profile); } @@ -137,7 +137,7 @@ static void rw_unlock(private_rwlock_t *this) err = pthread_rwlock_unlock(&this->rwlock); if (err != 0) { - DBG1("!!! RWLOCK UNLOCK ERROR: %s !!!", strerror(err)); + DBG1(DBG_LIB, "!!! RWLOCK UNLOCK ERROR: %s !!!", strerror(err)); } } diff --git a/src/libstrongswan/threading/thread.c b/src/libstrongswan/threading/thread.c index bbfb2c2c6..3751bb749 100644 --- a/src/libstrongswan/threading/thread.c +++ b/src/libstrongswan/threading/thread.c @@ -155,7 +155,7 @@ static void cancel(private_thread_t *this) if (pthread_equal(this->thread_id, pthread_self())) { this->mutex->unlock(this->mutex); - DBG1("!!! CANNOT CANCEL CURRENT THREAD !!!"); + DBG1(DBG_LIB, "!!! CANNOT CANCEL CURRENT THREAD !!!"); return; } #ifdef HAVE_PTHREAD_CANCEL @@ -180,7 +180,7 @@ static void _kill(private_thread_t *this, int sig) * returned, so depending on the signal, the lock might not get * unlocked. */ this->mutex->unlock(this->mutex); - DBG1("!!! CANNOT SEND SIGNAL TO CURRENT THREAD !!!"); + DBG1(DBG_LIB, "!!! CANNOT SEND SIGNAL TO CURRENT THREAD !!!"); return; } pthread_kill(this->thread_id, sig); @@ -209,13 +209,13 @@ static void *join(private_thread_t *this) if (pthread_equal(this->thread_id, pthread_self())) { this->mutex->unlock(this->mutex); - DBG1("!!! CANNOT JOIN CURRENT THREAD !!!"); + DBG1(DBG_LIB, "!!! CANNOT JOIN CURRENT THREAD !!!"); return NULL; } if (this->detached_or_joined) { this->mutex->unlock(this->mutex); - DBG1("!!! CANNOT JOIN DETACHED THREAD !!!"); + DBG1(DBG_LIB, "!!! CANNOT JOIN DETACHED THREAD !!!"); return NULL; } thread_id = this->thread_id; @@ -299,7 +299,8 @@ thread_t *thread_create(thread_main_t main, void *arg) this->arg = arg; if (pthread_create(&this->thread_id, NULL, (void*)thread_main, this) != 0) { - DBG1("failed to create thread!"); + DBG1(DBG_LIB, "failed to create thread!"); + this->mutex->lock(this->mutex); thread_destroy(this); return NULL; } @@ -354,7 +355,7 @@ void thread_cleanup_pop(bool execute) (void**)&handler) != SUCCESS) { this->mutex->unlock(this->mutex); - DBG1("!!! THREAD CLEANUP ERROR !!!"); + DBG1(DBG_LIB, "!!! THREAD CLEANUP ERROR !!!"); return; } this->mutex->unlock(this->mutex); @@ -433,6 +434,7 @@ void threads_init() void threads_deinit() { private_thread_t *main_thread = (private_thread_t*)thread_current(); + main_thread->mutex->lock(main_thread->mutex); thread_destroy(main_thread); current_thread->destroy(current_thread); id_mutex->destroy(id_mutex); diff --git a/src/libstrongswan/threading/thread.h b/src/libstrongswan/threading/thread.h index 6bf8fac79..31b9e1b3a 100644 --- a/src/libstrongswan/threading/thread.h +++ b/src/libstrongswan/threading/thread.h @@ -24,6 +24,12 @@ typedef struct thread_t thread_t; #ifdef __APPLE__ +/* thread_create is a syscall used to create Mach kernel threads and although + * there are no errors or warnings during compilation or linkage the dynamic + * linker does not use our implementation, therefore we rename it here + */ +#define thread_create(main, arg) strongswan_thread_create(main, arg) + /* on Mac OS X 10.5 several system calls we use are no cancellation points. * fortunately, select isn't one of them, so we wrap some of the others with * calls to select(2). diff --git a/src/libstrongswan/utils.c b/src/libstrongswan/utils.c index e331ac0d0..63958593d 100644 --- a/src/libstrongswan/utils.c +++ b/src/libstrongswan/utils.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2008-2009 Tobias Brunner + * Copyright (C) 2008-2010 Tobias Brunner * Copyright (C) 2005-2008 Martin Willi * Hochschule fuer Technik Rapperswil * @@ -25,8 +25,8 @@ #include <dirent.h> #include <time.h> -#include <enum.h> -#include <debug.h> +#include "enum.h" +#include "debug.h" ENUM(status_names, SUCCESS, DESTROY_ME, "SUCCESS", @@ -119,9 +119,31 @@ void *memstr(const void *haystack, const char *needle, size_t n) /** * Described in header. */ +char* translate(char *str, const char *from, const char *to) +{ + char *pos = str; + if (strlen(from) != strlen(to)) + { + return str; + } + while (pos && *pos) + { + char *match; + if ((match = strchr(from, *pos)) != NULL) + { + *pos = to[match - from]; + } + pos++; + } + return str; +} + +/** + * Described in header. + */ bool mkdir_p(const char *path, mode_t mode) { - size_t len; + int len; char *pos, full[PATH_MAX]; pos = full; if (!path || *path == '\0') @@ -131,7 +153,7 @@ bool mkdir_p(const char *path, mode_t mode) len = snprintf(full, sizeof(full)-1, "%s", path); if (len < 0 || len >= sizeof(full)-1) { - DBG1("path string %s too long", path); + DBG1(DBG_LIB, "path string %s too long", path); return FALSE; } /* ensure that the path ends with a '/' */ @@ -152,7 +174,7 @@ bool mkdir_p(const char *path, mode_t mode) { if (mkdir(full, mode) < 0) { - DBG1("failed to create directory %s", full); + DBG1(DBG_LIB, "failed to create directory %s", full); return FALSE; } } diff --git a/src/libstrongswan/utils.h b/src/libstrongswan/utils.h index 964cbd1d2..04551835e 100644 --- a/src/libstrongswan/utils.h +++ b/src/libstrongswan/utils.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2008-2009 Tobias Brunner + * Copyright (C) 2008-2010 Tobias Brunner * Copyright (C) 2008 Martin Willi * Hochschule fuer Technik Rapperswil * @@ -29,7 +29,7 @@ #include <arpa/inet.h> #include <string.h> -#include <enum.h> +#include "enum.h" /** * strongSwan program return codes @@ -125,7 +125,7 @@ #define METHOD(iface, name, ret, this, ...) \ static ret name(union {iface *_public; this;} \ __attribute__((transparent_union)), ##__VA_ARGS__); \ - const static typeof(name) *_##name = (const typeof(name)*)name; \ + static const typeof(name) *_##name = (const typeof(name)*)name; \ static ret name(this, ##__VA_ARGS__) /** @@ -134,7 +134,7 @@ #define METHOD2(iface1, iface2, name, ret, this, ...) \ static ret name(union {iface1 *_public1; iface2 *_public2; this;} \ __attribute__((transparent_union)), ##__VA_ARGS__); \ - const static typeof(name) *_##name = (const typeof(name)*)name; \ + static const typeof(name) *_##name = (const typeof(name)*)name; \ static ret name(this, ##__VA_ARGS__) /** @@ -150,7 +150,7 @@ /** * Ignore result of functions tagged with warn_unused_result attributes */ -#define ignore_result(call) { if(call); } +#define ignore_result(call) { if(call){}; } /** * Assign a function as a class method @@ -311,6 +311,14 @@ void memxor(u_int8_t dest[], u_int8_t src[], size_t n); void *memstr(const void *haystack, const char *needle, size_t n); /** + * Translates the characters in the given string, searching for characters + * in 'from' and mapping them to characters in 'to'. + * The two characters sets 'from' and 'to' must contain the same number of + * characters. + */ +char *translate(char *str, const char *from, const char *to); + +/** * Creates a directory and all required parent directories. * * @param path path to the new directory diff --git a/src/libstrongswan/utils/enumerator.c b/src/libstrongswan/utils/enumerator.c index 7efdd883e..fb461b448 100644 --- a/src/libstrongswan/utils/enumerator.c +++ b/src/libstrongswan/utils/enumerator.c @@ -76,7 +76,8 @@ static bool enumerate_dir_enum(dir_enum_t *this, char **relative, char **absolute, struct stat *st) { struct dirent *entry = readdir(this->dir); - size_t len, remaining; + size_t remaining; + int len; if (!entry) { @@ -96,7 +97,8 @@ static bool enumerate_dir_enum(dir_enum_t *this, char **relative, len = snprintf(this->full_end, remaining, "%s", entry->d_name); if (len < 0 || len >= remaining) { - DBG1("buffer too small to enumerate file '%s'", entry->d_name); + DBG1(DBG_LIB, "buffer too small to enumerate file '%s'", + entry->d_name); return FALSE; } if (absolute) @@ -107,7 +109,8 @@ static bool enumerate_dir_enum(dir_enum_t *this, char **relative, { if (stat(this->full, st)) { - DBG1("stat() on '%s' failed: %s", this->full, strerror(errno)); + DBG1(DBG_LIB, "stat() on '%s' failed: %s", this->full, + strerror(errno)); return FALSE; } } @@ -120,7 +123,7 @@ static bool enumerate_dir_enum(dir_enum_t *this, char **relative, */ enumerator_t* enumerator_create_directory(char *path) { - size_t len; + int len; dir_enum_t *this = malloc_thing(dir_enum_t); this->public.enumerate = (void*)enumerate_dir_enum; this->public.destroy = (void*)destroy_dir_enum; @@ -132,7 +135,7 @@ enumerator_t* enumerator_create_directory(char *path) len = snprintf(this->full, sizeof(this->full)-1, "%s", path); if (len < 0 || len >= sizeof(this->full)-1) { - DBG1("path string '%s' too long", path); + DBG1(DBG_LIB, "path string '%s' too long", path); free(this); return NULL; } @@ -147,7 +150,7 @@ enumerator_t* enumerator_create_directory(char *path) this->dir = opendir(path); if (this->dir == NULL) { - DBG1("opening directory '%s' failed: %s", path, strerror(errno)); + DBG1(DBG_LIB, "opening directory '%s' failed: %s", path, strerror(errno)); free(this); return NULL; } diff --git a/src/libstrongswan/utils/enumerator.h b/src/libstrongswan/utils/enumerator.h index 3056498b1..537bf69e1 100644 --- a/src/libstrongswan/utils/enumerator.h +++ b/src/libstrongswan/utils/enumerator.h @@ -23,7 +23,7 @@ typedef struct enumerator_t enumerator_t; -#include <utils.h> +#include "../utils.h" /** * Enumerate is simpler, but more flexible than iterator. diff --git a/src/libstrongswan/utils/host.c b/src/libstrongswan/utils/host.c index a610b3a4d..112d07e5c 100644 --- a/src/libstrongswan/utils/host.c +++ b/src/libstrongswan/utils/host.c @@ -482,7 +482,7 @@ host_t *host_create_from_dns(char *string, int af, u_int16_t port) error = getaddrinfo(string, NULL, &hints, &result); if (error != 0) { - DBG1("resolving '%s' failed: %s", string, gai_strerror(error)); + DBG1(DBG_LIB, "resolving '%s' failed: %s", string, gai_strerror(error)); return NULL; } /* result is a linked list, but we use only the first address */ diff --git a/src/libstrongswan/utils/identification.c b/src/libstrongswan/utils/identification.c index b0da340bc..6a3c3936c 100644 --- a/src/libstrongswan/utils/identification.c +++ b/src/libstrongswan/utils/identification.c @@ -798,7 +798,7 @@ int identification_printf_hook(char *dst, size_t len, printf_hook_spec_t *spec, return print_in_hook(dst, len, "%*s", spec->width, buf); } -METHOD(identification_t, clone, identification_t*, +METHOD(identification_t, clone_, identification_t*, private_identification_t *this) { private_identification_t *clone = malloc_thing(private_identification_t); @@ -830,7 +830,7 @@ static private_identification_t *identification_create(id_type_t type) .get_encoding = _get_encoding, .get_type = _get_type, .create_part_enumerator = _create_part_enumerator, - .clone = _clone, + .clone = _clone_, .destroy = _destroy, }, .type = type, diff --git a/src/libstrongswan/utils/leak_detective.c b/src/libstrongswan/utils/leak_detective.c index 2c2a36af3..2f8a7187c 100644 --- a/src/libstrongswan/utils/leak_detective.c +++ b/src/libstrongswan/utils/leak_detective.c @@ -167,6 +167,7 @@ char *whitelist[] = { "tzset", "inet_ntoa", "strerror", + "getprotobyname", "getprotobynumber", "getservbyport", "getservbyname", diff --git a/src/libstrongswan/utils/optionsfrom.c b/src/libstrongswan/utils/optionsfrom.c index bf528caa0..d8f635c62 100644 --- a/src/libstrongswan/utils/optionsfrom.c +++ b/src/libstrongswan/utils/optionsfrom.c @@ -80,14 +80,15 @@ bool from(private_options_t *this, char *filename, int *argcp, char **argvp[], this->nuses++; if (this->nuses >= MAX_USES) { - DBG1("optionsfrom called %d times by \"%s\" - looping?", this->nuses + 1, (*argvp)[0]); + DBG1(DBG_LIB, "optionsfrom called %d times by \"%s\" - looping?", + this->nuses + 1, (*argvp)[0]); return FALSE; } fd = fopen(filename, "r"); if (fd == NULL) { - DBG1("optionsfrom: unable to open file '%s': %s", + DBG1(DBG_LIB, "optionsfrom: unable to open file '%s': %s", filename, strerror(errno)); return FALSE; } @@ -132,7 +133,7 @@ bool from(private_options_t *this, char *filename, int *argcp, char **argvp[], line.len--; if (!extract_token(&token, delimiter, &line)) { - DBG1("optionsfrom: missing terminator at %s:%d", + DBG1(DBG_LIB, "optionsfrom: missing terminator at %s:%d", filename, linepos); good = FALSE; break; |