summaryrefslogtreecommitdiff
path: root/src/libstrongswan
diff options
context:
space:
mode:
Diffstat (limited to 'src/libstrongswan')
-rw-r--r--src/libstrongswan/Android.mk121
-rw-r--r--src/libstrongswan/AndroidConfigLocal.h9
-rw-r--r--src/libstrongswan/Makefile.am99
-rw-r--r--src/libstrongswan/Makefile.in187
-rw-r--r--src/libstrongswan/asn1/asn1.c36
-rw-r--r--src/libstrongswan/asn1/asn1.h3
-rw-r--r--src/libstrongswan/asn1/asn1_parser.c19
-rw-r--r--src/libstrongswan/asn1/asn1_parser.h6
-rw-r--r--src/libstrongswan/asn1/oid.h1
-rw-r--r--src/libstrongswan/asn1/oid.txt2
-rw-r--r--src/libstrongswan/attributes/attribute_handler.h72
-rw-r--r--src/libstrongswan/attributes/attribute_manager.c374
-rw-r--r--src/libstrongswan/attributes/attribute_manager.h149
-rw-r--r--src/libstrongswan/attributes/attribute_provider.h67
-rw-r--r--src/libstrongswan/attributes/attributes.c43
-rw-r--r--src/libstrongswan/attributes/attributes.h62
-rw-r--r--src/libstrongswan/chunk.c14
-rw-r--r--src/libstrongswan/chunk.h2
-rw-r--r--src/libstrongswan/credentials/credential_factory.c2
-rw-r--r--src/libstrongswan/credentials/keys/key_encoding.h2
-rw-r--r--src/libstrongswan/credentials/keys/shared_key.h2
-rw-r--r--src/libstrongswan/crypto/crypto_factory.c2
-rw-r--r--src/libstrongswan/crypto/crypto_tester.c40
-rw-r--r--src/libstrongswan/crypto/diffie_hellman.c407
-rw-r--r--src/libstrongswan/crypto/diffie_hellman.h45
-rw-r--r--src/libstrongswan/crypto/proposal/proposal_keywords.c263
-rw-r--r--src/libstrongswan/crypto/proposal/proposal_keywords.txt184
-rw-r--r--src/libstrongswan/debug.c34
-rw-r--r--src/libstrongswan/debug.h83
-rw-r--r--src/libstrongswan/enum.h2
-rw-r--r--src/libstrongswan/fetcher/fetcher_manager.c2
-rw-r--r--src/libstrongswan/integrity_checker.c41
-rw-r--r--src/libstrongswan/integrity_checker.h4
-rw-r--r--src/libstrongswan/library.c18
-rw-r--r--src/libstrongswan/library.h28
-rw-r--r--src/libstrongswan/plugins/aes/Makefile.am9
-rw-r--r--src/libstrongswan/plugins/aes/Makefile.in52
-rw-r--r--src/libstrongswan/plugins/aes/aes_plugin.c2
-rw-r--r--src/libstrongswan/plugins/aes/aes_plugin.h5
-rw-r--r--src/libstrongswan/plugins/agent/Makefile.am10
-rw-r--r--src/libstrongswan/plugins/agent/Makefile.in54
-rw-r--r--src/libstrongswan/plugins/agent/agent_plugin.c2
-rw-r--r--src/libstrongswan/plugins/agent/agent_plugin.h5
-rw-r--r--src/libstrongswan/plugins/agent/agent_private_key.c26
-rw-r--r--src/libstrongswan/plugins/attr_sql/Makefile.am15
-rw-r--r--src/libstrongswan/plugins/attr_sql/Makefile.in633
-rw-r--r--src/libstrongswan/plugins/attr_sql/attr_sql_plugin.c88
-rw-r--r--src/libstrongswan/plugins/attr_sql/pool.c1050
-rw-r--r--src/libstrongswan/plugins/attr_sql/sql_attribute.c384
-rw-r--r--src/libstrongswan/plugins/attr_sql/sql_attribute.h50
-rw-r--r--src/libstrongswan/plugins/blowfish/Makefile.am10
-rw-r--r--src/libstrongswan/plugins/blowfish/Makefile.in53
-rw-r--r--src/libstrongswan/plugins/blowfish/blowfish_plugin.c2
-rw-r--r--src/libstrongswan/plugins/blowfish/blowfish_plugin.h5
-rw-r--r--src/libstrongswan/plugins/curl/Makefile.am9
-rw-r--r--src/libstrongswan/plugins/curl/Makefile.in52
-rw-r--r--src/libstrongswan/plugins/curl/curl_fetcher.c4
-rw-r--r--src/libstrongswan/plugins/curl/curl_plugin.c4
-rw-r--r--src/libstrongswan/plugins/curl/curl_plugin.h5
-rw-r--r--src/libstrongswan/plugins/des/Makefile.am9
-rw-r--r--src/libstrongswan/plugins/des/Makefile.in52
-rw-r--r--src/libstrongswan/plugins/des/des_plugin.c2
-rw-r--r--src/libstrongswan/plugins/des/des_plugin.h5
-rw-r--r--src/libstrongswan/plugins/dnskey/Makefile.am10
-rw-r--r--src/libstrongswan/plugins/dnskey/Makefile.in54
-rw-r--r--src/libstrongswan/plugins/dnskey/dnskey_builder.c9
-rw-r--r--src/libstrongswan/plugins/dnskey/dnskey_plugin.c2
-rw-r--r--src/libstrongswan/plugins/dnskey/dnskey_plugin.h5
-rw-r--r--src/libstrongswan/plugins/fips_prf/Makefile.am9
-rw-r--r--src/libstrongswan/plugins/fips_prf/Makefile.in53
-rw-r--r--src/libstrongswan/plugins/fips_prf/fips_prf.c6
-rw-r--r--src/libstrongswan/plugins/fips_prf/fips_prf_plugin.c2
-rw-r--r--src/libstrongswan/plugins/fips_prf/fips_prf_plugin.h5
-rw-r--r--src/libstrongswan/plugins/gcrypt/Makefile.am7
-rw-r--r--src/libstrongswan/plugins/gcrypt/Makefile.in52
-rw-r--r--src/libstrongswan/plugins/gcrypt/gcrypt_crypter.c2
-rw-r--r--src/libstrongswan/plugins/gcrypt/gcrypt_dh.c351
-rw-r--r--src/libstrongswan/plugins/gcrypt/gcrypt_hasher.c2
-rw-r--r--src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c10
-rw-r--r--src/libstrongswan/plugins/gcrypt/gcrypt_plugin.h5
-rw-r--r--src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c32
-rw-r--r--src/libstrongswan/plugins/gcrypt/gcrypt_rsa_public_key.c28
-rw-r--r--src/libstrongswan/plugins/gmp/Makefile.am16
-rw-r--r--src/libstrongswan/plugins/gmp/Makefile.in57
-rw-r--r--src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c392
-rw-r--r--src/libstrongswan/plugins/gmp/gmp_plugin.c8
-rw-r--r--src/libstrongswan/plugins/gmp/gmp_plugin.h5
-rw-r--r--src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c29
-rw-r--r--src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c40
-rw-r--r--src/libstrongswan/plugins/hmac/Makefile.am9
-rw-r--r--src/libstrongswan/plugins/hmac/Makefile.in51
-rw-r--r--src/libstrongswan/plugins/hmac/hmac_plugin.c2
-rw-r--r--src/libstrongswan/plugins/hmac/hmac_plugin.h5
-rw-r--r--src/libstrongswan/plugins/ldap/Makefile.am9
-rw-r--r--src/libstrongswan/plugins/ldap/Makefile.in52
-rw-r--r--src/libstrongswan/plugins/ldap/ldap_fetcher.c17
-rw-r--r--src/libstrongswan/plugins/ldap/ldap_plugin.c2
-rw-r--r--src/libstrongswan/plugins/ldap/ldap_plugin.h5
-rw-r--r--src/libstrongswan/plugins/md4/Makefile.am9
-rw-r--r--src/libstrongswan/plugins/md4/Makefile.in52
-rw-r--r--src/libstrongswan/plugins/md4/md4_plugin.c2
-rw-r--r--src/libstrongswan/plugins/md4/md4_plugin.h5
-rw-r--r--src/libstrongswan/plugins/md5/Makefile.am9
-rw-r--r--src/libstrongswan/plugins/md5/Makefile.in52
-rw-r--r--src/libstrongswan/plugins/md5/md5_plugin.c2
-rw-r--r--src/libstrongswan/plugins/md5/md5_plugin.h5
-rw-r--r--src/libstrongswan/plugins/mysql/Makefile.am10
-rw-r--r--src/libstrongswan/plugins/mysql/Makefile.in52
-rw-r--r--src/libstrongswan/plugins/mysql/mysql_database.c28
-rw-r--r--src/libstrongswan/plugins/mysql/mysql_plugin.c4
-rw-r--r--src/libstrongswan/plugins/mysql/mysql_plugin.h5
-rw-r--r--src/libstrongswan/plugins/openssl/Makefile.am8
-rw-r--r--src/libstrongswan/plugins/openssl/Makefile.in61
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c78
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c4
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_ec_private_key.c27
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_ec_public_key.c25
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_plugin.c15
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_plugin.h5
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c58
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c21
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_sha1_prf.c139
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_sha1_prf.h48
-rw-r--r--src/libstrongswan/plugins/padlock/Makefile.am9
-rw-r--r--src/libstrongswan/plugins/padlock/Makefile.in52
-rw-r--r--src/libstrongswan/plugins/padlock/padlock_plugin.c6
-rw-r--r--src/libstrongswan/plugins/padlock/padlock_plugin.h5
-rw-r--r--src/libstrongswan/plugins/pem/Makefile.am11
-rw-r--r--src/libstrongswan/plugins/pem/Makefile.in58
-rw-r--r--src/libstrongswan/plugins/pem/pem_builder.c35
-rw-r--r--src/libstrongswan/plugins/pem/pem_builder.h6
-rw-r--r--src/libstrongswan/plugins/pem/pem_encoder.c138
-rw-r--r--src/libstrongswan/plugins/pem/pem_encoder.h (renamed from src/libstrongswan/plugins/attr_sql/attr_sql_plugin.h)34
-rw-r--r--src/libstrongswan/plugins/pem/pem_plugin.c7
-rw-r--r--src/libstrongswan/plugins/pem/pem_plugin.h5
-rw-r--r--src/libstrongswan/plugins/pgp/Makefile.am16
-rw-r--r--src/libstrongswan/plugins/pgp/Makefile.in59
-rw-r--r--src/libstrongswan/plugins/pgp/pgp_builder.c13
-rw-r--r--src/libstrongswan/plugins/pgp/pgp_cert.c32
-rw-r--r--src/libstrongswan/plugins/pgp/pgp_encoder.c3
-rw-r--r--src/libstrongswan/plugins/pgp/pgp_plugin.c2
-rw-r--r--src/libstrongswan/plugins/pgp/pgp_plugin.h5
-rw-r--r--src/libstrongswan/plugins/pgp/pgp_utils.c18
-rw-r--r--src/libstrongswan/plugins/pkcs1/Makefile.am12
-rw-r--r--src/libstrongswan/plugins/pkcs1/Makefile.in56
-rw-r--r--src/libstrongswan/plugins/pkcs1/pkcs1_builder.c6
-rw-r--r--src/libstrongswan/plugins/pkcs1/pkcs1_builder.h2
-rw-r--r--src/libstrongswan/plugins/pkcs1/pkcs1_encoder.c3
-rw-r--r--src/libstrongswan/plugins/pkcs1/pkcs1_plugin.c2
-rw-r--r--src/libstrongswan/plugins/pkcs1/pkcs1_plugin.h5
-rw-r--r--src/libstrongswan/plugins/plugin.h4
-rw-r--r--src/libstrongswan/plugins/plugin_loader.c74
-rw-r--r--src/libstrongswan/plugins/pubkey/Makefile.am10
-rw-r--r--src/libstrongswan/plugins/pubkey/Makefile.in54
-rw-r--r--src/libstrongswan/plugins/pubkey/pubkey_plugin.c2
-rw-r--r--src/libstrongswan/plugins/pubkey/pubkey_plugin.h5
-rw-r--r--src/libstrongswan/plugins/random/Makefile.am11
-rw-r--r--src/libstrongswan/plugins/random/Makefile.in54
-rw-r--r--src/libstrongswan/plugins/random/random_plugin.c2
-rw-r--r--src/libstrongswan/plugins/random/random_plugin.h5
-rw-r--r--src/libstrongswan/plugins/random/random_rng.c4
-rw-r--r--src/libstrongswan/plugins/sha1/Makefile.am9
-rw-r--r--src/libstrongswan/plugins/sha1/Makefile.in51
-rw-r--r--src/libstrongswan/plugins/sha1/sha1_plugin.c2
-rw-r--r--src/libstrongswan/plugins/sha1/sha1_plugin.h5
-rw-r--r--src/libstrongswan/plugins/sha2/Makefile.am9
-rw-r--r--src/libstrongswan/plugins/sha2/Makefile.in52
-rw-r--r--src/libstrongswan/plugins/sha2/sha2_plugin.c2
-rw-r--r--src/libstrongswan/plugins/sha2/sha2_plugin.h5
-rw-r--r--src/libstrongswan/plugins/sqlite/Makefile.am10
-rw-r--r--src/libstrongswan/plugins/sqlite/Makefile.in52
-rw-r--r--src/libstrongswan/plugins/sqlite/sqlite_database.c15
-rw-r--r--src/libstrongswan/plugins/sqlite/sqlite_plugin.c2
-rw-r--r--src/libstrongswan/plugins/sqlite/sqlite_plugin.h5
-rw-r--r--src/libstrongswan/plugins/test_vectors/Makefile.am6
-rw-r--r--src/libstrongswan/plugins/test_vectors/Makefile.in49
-rw-r--r--src/libstrongswan/plugins/test_vectors/test_vectors/rng.c6
-rw-r--r--src/libstrongswan/plugins/test_vectors/test_vectors_plugin.c2
-rw-r--r--src/libstrongswan/plugins/test_vectors/test_vectors_plugin.h5
-rw-r--r--src/libstrongswan/plugins/x509/Makefile.am21
-rw-r--r--src/libstrongswan/plugins/x509/Makefile.in63
-rw-r--r--src/libstrongswan/plugins/x509/x509_ac.c35
-rw-r--r--src/libstrongswan/plugins/x509/x509_cert.c78
-rw-r--r--src/libstrongswan/plugins/x509/x509_crl.c15
-rw-r--r--src/libstrongswan/plugins/x509/x509_ocsp_request.c15
-rw-r--r--src/libstrongswan/plugins/x509/x509_ocsp_response.c20
-rw-r--r--src/libstrongswan/plugins/x509/x509_pkcs10.c27
-rw-r--r--src/libstrongswan/plugins/x509/x509_plugin.c2
-rw-r--r--src/libstrongswan/plugins/x509/x509_plugin.h5
-rw-r--r--src/libstrongswan/plugins/xcbc/Makefile.am9
-rw-r--r--src/libstrongswan/plugins/xcbc/Makefile.in51
-rw-r--r--src/libstrongswan/plugins/xcbc/xcbc_plugin.c2
-rw-r--r--src/libstrongswan/plugins/xcbc/xcbc_plugin.h5
-rw-r--r--src/libstrongswan/printf_hook.c12
-rw-r--r--src/libstrongswan/selectors/traffic_selector.h28
-rw-r--r--src/libstrongswan/settings.c14
-rw-r--r--src/libstrongswan/settings.h4
-rw-r--r--src/libstrongswan/threading/mutex.c4
-rw-r--r--src/libstrongswan/threading/rwlock.c6
-rw-r--r--src/libstrongswan/threading/thread.c14
-rw-r--r--src/libstrongswan/threading/thread.h6
-rw-r--r--src/libstrongswan/utils.c34
-rw-r--r--src/libstrongswan/utils.h18
-rw-r--r--src/libstrongswan/utils/enumerator.c15
-rw-r--r--src/libstrongswan/utils/enumerator.h2
-rw-r--r--src/libstrongswan/utils/host.c2
-rw-r--r--src/libstrongswan/utils/identification.c4
-rw-r--r--src/libstrongswan/utils/leak_detective.c1
-rw-r--r--src/libstrongswan/utils/optionsfrom.c7
209 files changed, 3432 insertions, 5288 deletions
diff --git a/src/libstrongswan/Android.mk b/src/libstrongswan/Android.mk
new file mode 100644
index 000000000..d639220e3
--- /dev/null
+++ b/src/libstrongswan/Android.mk
@@ -0,0 +1,121 @@
+LOCAL_PATH := $(call my-dir)
+include $(CLEAR_VARS)
+
+# copy-n-paste from Makefile.am
+LOCAL_SRC_FILES := \
+library.c library.h \
+chunk.c chunk.h \
+debug.c debug.h \
+enum.c enum.h \
+settings.h settings.c \
+printf_hook.c printf_hook.h \
+asn1/asn1.c asn1/asn1.h \
+asn1/asn1_parser.c asn1/asn1_parser.h \
+asn1/oid.c asn1/oid.h \
+crypto/crypters/crypter.c crypto/crypters/crypter.h \
+crypto/hashers/hasher.h crypto/hashers/hasher.c \
+crypto/pkcs9.c crypto/pkcs9.h \
+crypto/proposal/proposal_keywords.c crypto/proposal/proposal_keywords.h \
+crypto/prfs/prf.c crypto/prfs/prf.h \
+crypto/rngs/rng.c crypto/rngs/rng.h \
+crypto/prf_plus.h crypto/prf_plus.c \
+crypto/signers/signer.c crypto/signers/signer.h \
+crypto/crypto_factory.c crypto/crypto_factory.h \
+crypto/crypto_tester.c crypto/crypto_tester.h \
+crypto/diffie_hellman.c crypto/diffie_hellman.h \
+crypto/transform.c crypto/transform.h \
+credentials/credential_factory.c credentials/credential_factory.h \
+credentials/builder.c credentials/builder.h \
+credentials/keys/key_encoding.c credentials/keys/key_encoding.h \
+credentials/keys/private_key.c credentials/keys/private_key.h \
+credentials/keys/public_key.c credentials/keys/public_key.h \
+credentials/keys/shared_key.c credentials/keys/shared_key.h \
+credentials/certificates/certificate.c credentials/certificates/certificate.h \
+credentials/certificates/x509.h credentials/certificates/x509.c \
+credentials/certificates/ac.h \
+credentials/certificates/crl.h credentials/certificates/crl.c \
+credentials/certificates/pkcs10.h \
+credentials/certificates/ocsp_request.h \
+credentials/certificates/ocsp_response.h credentials/certificates/ocsp_response.c \
+credentials/certificates/pgp_certificate.h \
+credentials/ietf_attributes/ietf_attributes.c credentials/ietf_attributes/ietf_attributes.h \
+database/database.h database/database_factory.h database/database_factory.c \
+fetcher/fetcher.h fetcher/fetcher_manager.h fetcher/fetcher_manager.c \
+selectors/traffic_selector.c selectors/traffic_selector.h \
+threading/thread.h threading/thread.c \
+threading/thread_value.h threading/thread_value.c \
+threading/mutex.h threading/mutex.c threading/condvar.h \
+threading/rwlock.h threading/rwlock.c \
+threading/lock_profiler.h \
+utils.h utils.c \
+utils/host.c utils/host.h \
+utils/identification.c utils/identification.h \
+utils/iterator.h \
+utils/lexparser.c utils/lexparser.h \
+utils/linked_list.c utils/linked_list.h \
+utils/hashtable.c utils/hashtable.h \
+utils/enumerator.c utils/enumerator.h \
+utils/optionsfrom.c utils/optionsfrom.h \
+utils/backtrace.c utils/backtrace.h \
+plugins/plugin_loader.c plugins/plugin_loader.h plugins/plugin.h
+
+# adding the plugin source files
+
+LOCAL_SRC_FILES += $(call add_plugin, aes)
+
+LOCAL_SRC_FILES += $(call add_plugin, des)
+
+LOCAL_SRC_FILES += $(call add_plugin, fips-prf)
+
+LOCAL_SRC_FILES += $(call add_plugin, gmp)
+ifneq ($(call plugin_enabled, gmp)),)
+LOCAL_C_INCLUDES += $(libgmp_PATH)
+LOCAL_SHARED_LIBRARIES += libgmp
+endif
+
+LOCAL_SRC_FILES += $(call add_plugin, hmac)
+
+LOCAL_SRC_FILES += $(call add_plugin, md4)
+
+LOCAL_SRC_FILES += $(call add_plugin, md5)
+
+LOCAL_SRC_FILES += $(call add_plugin, openssl)
+ifneq ($(call plugin_enabled, openssl)),)
+LOCAL_C_INCLUDES += external/openssl/include
+LOCAL_SHARED_LIBRARIES += libcrypto
+endif
+
+LOCAL_SRC_FILES += $(call add_plugin, pem)
+
+LOCAL_SRC_FILES += $(call add_plugin, pkcs1)
+
+LOCAL_SRC_FILES += $(call add_plugin, pubkey)
+
+LOCAL_SRC_FILES += $(call add_plugin, random)
+
+LOCAL_SRC_FILES += $(call add_plugin, sha1)
+
+LOCAL_SRC_FILES += $(call add_plugin, sha2)
+
+LOCAL_SRC_FILES += $(call add_plugin, x509)
+
+LOCAL_SRC_FILES += $(call add_plugin, xcbc)
+
+# build libstrongswan ----------------------------------------------------------
+
+LOCAL_C_INCLUDES += \
+ $(libvstr_PATH)
+
+LOCAL_CFLAGS := $(strongswan_CFLAGS) \
+ -include $(LOCAL_PATH)/AndroidConfigLocal.h
+
+LOCAL_MODULE := libstrongswan
+
+LOCAL_ARM_MODE := arm
+
+LOCAL_PRELINK_MODULE := false
+
+LOCAL_SHARED_LIBRARIES += libdl libvstr
+
+include $(BUILD_SHARED_LIBRARY)
+
diff --git a/src/libstrongswan/AndroidConfigLocal.h b/src/libstrongswan/AndroidConfigLocal.h
new file mode 100644
index 000000000..a6da3276a
--- /dev/null
+++ b/src/libstrongswan/AndroidConfigLocal.h
@@ -0,0 +1,9 @@
+/* stuff defined in AndroidConfig.h, which is included using the -include
+ * command-line option, thus cannot be undefined using -U CFLAGS options.
+ * the reason we have to undefine these flags in the first place, is that
+ * AndroidConfig.h defines them as 0, which in turn means that they are
+ * actually defined. */
+
+#undef HAVE_BACKTRACE
+#undef HAVE_DLADDR
+
diff --git a/src/libstrongswan/Makefile.am b/src/libstrongswan/Makefile.am
index 7ee15052c..157d37b5e 100644
--- a/src/libstrongswan/Makefile.am
+++ b/src/libstrongswan/Makefile.am
@@ -10,9 +10,6 @@ printf_hook.c printf_hook.h \
asn1/asn1.c asn1/asn1.h \
asn1/asn1_parser.c asn1/asn1_parser.h \
asn1/oid.c asn1/oid.h \
-attributes/attributes.c attributes/attributes.h \
-attributes/attribute_provider.h attributes/attribute_handler.h \
-attributes/attribute_manager.c attributes/attribute_manager.h \
crypto/crypters/crypter.c crypto/crypters/crypter.h \
crypto/hashers/hasher.h crypto/hashers/hasher.c \
crypto/pkcs9.c crypto/pkcs9.h \
@@ -90,7 +87,8 @@ endif
EXTRA_DIST = \
asn1/oid.txt asn1/oid.pl \
-crypto/proposal/proposal_keywords.txt
+crypto/proposal/proposal_keywords.txt \
+Android.mk AndroidConfigLocal.h
BUILT_SOURCES = \
$(srcdir)/asn1/oid.c $(srcdir)/asn1/oid.h \
@@ -115,116 +113,197 @@ $(srcdir)/crypto/proposal/proposal_keywords.c: $(srcdir)/crypto/proposal/proposa
# build plugins with their own Makefile
#######################################
+if MONOLITHIC
+SUBDIRS =
+else
SUBDIRS = .
+endif
if USE_AES
SUBDIRS += plugins/aes
+if MONOLITHIC
+ libstrongswan_la_LIBADD += plugins/aes/libstrongswan-aes.la
+endif
endif
if USE_DES
SUBDIRS += plugins/des
+if MONOLITHIC
+ libstrongswan_la_LIBADD += plugins/des/libstrongswan-des.la
+endif
endif
if USE_BLOWFISH
SUBDIRS += plugins/blowfish
+if MONOLITHIC
+ libstrongswan_la_LIBADD += plugins/blowfish/libstrongswan-blowfish.la
+endif
endif
if USE_MD4
SUBDIRS += plugins/md4
+if MONOLITHIC
+ libstrongswan_la_LIBADD += plugins/md4/libstrongswan-md4.la
+endif
endif
if USE_MD5
SUBDIRS += plugins/md5
+if MONOLITHIC
+ libstrongswan_la_LIBADD += plugins/md5/libstrongswan-md5.la
+endif
endif
if USE_SHA1
SUBDIRS += plugins/sha1
+if MONOLITHIC
+ libstrongswan_la_LIBADD += plugins/sha1/libstrongswan-sha1.la
+endif
endif
if USE_SHA2
SUBDIRS += plugins/sha2
+if MONOLITHIC
+ libstrongswan_la_LIBADD += plugins/sha2/libstrongswan-sha2.la
endif
-
-if USE_FIPS_PRF
- SUBDIRS += plugins/fips_prf
endif
if USE_GMP
SUBDIRS += plugins/gmp
+if MONOLITHIC
+ libstrongswan_la_LIBADD += plugins/gmp/libstrongswan-gmp.la
+endif
endif
if USE_RANDOM
SUBDIRS += plugins/random
+if MONOLITHIC
+ libstrongswan_la_LIBADD += plugins/random/libstrongswan-random.la
+endif
endif
if USE_HMAC
SUBDIRS += plugins/hmac
+if MONOLITHIC
+ libstrongswan_la_LIBADD += plugins/hmac/libstrongswan-hmac.la
+endif
endif
if USE_XCBC
SUBDIRS += plugins/xcbc
+if MONOLITHIC
+ libstrongswan_la_LIBADD += plugins/xcbc/libstrongswan-xcbc.la
+endif
endif
if USE_X509
SUBDIRS += plugins/x509
+if MONOLITHIC
+ libstrongswan_la_LIBADD += plugins/x509/libstrongswan-x509.la
+endif
endif
if USE_PUBKEY
SUBDIRS += plugins/pubkey
+if MONOLITHIC
+ libstrongswan_la_LIBADD += plugins/pubkey/libstrongswan-pubkey.la
+endif
endif
if USE_PKCS1
SUBDIRS += plugins/pkcs1
+if MONOLITHIC
+ libstrongswan_la_LIBADD += plugins/pkcs1/libstrongswan-pkcs1.la
+endif
endif
if USE_PGP
SUBDIRS += plugins/pgp
+if MONOLITHIC
+ libstrongswan_la_LIBADD += plugins/pgp/libstrongswan-pgp.la
+endif
endif
if USE_DNSKEY
SUBDIRS += plugins/dnskey
+if MONOLITHIC
+ libstrongswan_la_LIBADD += plugins/dnskey/libstrongswan-dnskey.la
+endif
endif
if USE_PEM
SUBDIRS += plugins/pem
+if MONOLITHIC
+ libstrongswan_la_LIBADD += plugins/pem/libstrongswan-pem.la
+endif
endif
if USE_CURL
SUBDIRS += plugins/curl
+if MONOLITHIC
+ libstrongswan_la_LIBADD += plugins/curl/libstrongswan-curl.la
+endif
endif
if USE_LDAP
SUBDIRS += plugins/ldap
+if MONOLITHIC
+ libstrongswan_la_LIBADD += plugins/ldap/libstrongswan-ldap.la
+endif
endif
if USE_MYSQL
SUBDIRS += plugins/mysql
+if MONOLITHIC
+ libstrongswan_la_LIBADD += plugins/mysql/libstrongswan-mysql.la
+endif
endif
if USE_SQLITE
SUBDIRS += plugins/sqlite
+if MONOLITHIC
+ libstrongswan_la_LIBADD += plugins/sqlite/libstrongswan-sqlite.la
endif
-
-if USE_ATTR_SQL
- SUBDIRS += plugins/attr_sql
endif
if USE_PADLOCK
SUBDIRS += plugins/padlock
+if MONOLITHIC
+ libstrongswan_la_LIBADD += plugins/padlock/libstrongswan-padlock.la
+endif
endif
if USE_OPENSSL
SUBDIRS += plugins/openssl
+if MONOLITHIC
+ libstrongswan_la_LIBADD += plugins/openssl/libstrongswan-openssl.la
+endif
endif
if USE_GCRYPT
SUBDIRS += plugins/gcrypt
+if MONOLITHIC
+ libstrongswan_la_LIBADD += plugins/gcrypt/libstrongswan-gcrypt.la
+endif
+endif
+
+if USE_FIPS_PRF
+ SUBDIRS += plugins/fips_prf
+if MONOLITHIC
+ libstrongswan_la_LIBADD += plugins/fips_prf/libstrongswan-fips-prf.la
+endif
endif
if USE_AGENT
SUBDIRS += plugins/agent
+if MONOLITHIC
+ libstrongswan_la_LIBADD += plugins/agent/libstrongswan-agent.la
+endif
endif
if USE_TEST_VECTORS
SUBDIRS += plugins/test_vectors
+if MONOLITHIC
+ libstrongswan_la_LIBADD += plugins/test_vectors/libstrongswan-test-vectors.la
+endif
endif
diff --git a/src/libstrongswan/Makefile.in b/src/libstrongswan/Makefile.in
index 729d32eb3..b8d967d4a 100644
--- a/src/libstrongswan/Makefile.in
+++ b/src/libstrongswan/Makefile.in
@@ -45,33 +45,59 @@ host_triplet = @host@
@USE_VSTR_TRUE@am__append_6 = -lvstr
@USE_AES_TRUE@am__append_7 = plugins/aes
-@USE_DES_TRUE@am__append_8 = plugins/des
-@USE_BLOWFISH_TRUE@am__append_9 = plugins/blowfish
-@USE_MD4_TRUE@am__append_10 = plugins/md4
-@USE_MD5_TRUE@am__append_11 = plugins/md5
-@USE_SHA1_TRUE@am__append_12 = plugins/sha1
-@USE_SHA2_TRUE@am__append_13 = plugins/sha2
-@USE_FIPS_PRF_TRUE@am__append_14 = plugins/fips_prf
-@USE_GMP_TRUE@am__append_15 = plugins/gmp
-@USE_RANDOM_TRUE@am__append_16 = plugins/random
-@USE_HMAC_TRUE@am__append_17 = plugins/hmac
-@USE_XCBC_TRUE@am__append_18 = plugins/xcbc
-@USE_X509_TRUE@am__append_19 = plugins/x509
-@USE_PUBKEY_TRUE@am__append_20 = plugins/pubkey
-@USE_PKCS1_TRUE@am__append_21 = plugins/pkcs1
-@USE_PGP_TRUE@am__append_22 = plugins/pgp
-@USE_DNSKEY_TRUE@am__append_23 = plugins/dnskey
-@USE_PEM_TRUE@am__append_24 = plugins/pem
-@USE_CURL_TRUE@am__append_25 = plugins/curl
-@USE_LDAP_TRUE@am__append_26 = plugins/ldap
-@USE_MYSQL_TRUE@am__append_27 = plugins/mysql
-@USE_SQLITE_TRUE@am__append_28 = plugins/sqlite
-@USE_ATTR_SQL_TRUE@am__append_29 = plugins/attr_sql
-@USE_PADLOCK_TRUE@am__append_30 = plugins/padlock
-@USE_OPENSSL_TRUE@am__append_31 = plugins/openssl
-@USE_GCRYPT_TRUE@am__append_32 = plugins/gcrypt
-@USE_AGENT_TRUE@am__append_33 = plugins/agent
-@USE_TEST_VECTORS_TRUE@am__append_34 = plugins/test_vectors
+@MONOLITHIC_TRUE@@USE_AES_TRUE@am__append_8 = plugins/aes/libstrongswan-aes.la
+@USE_DES_TRUE@am__append_9 = plugins/des
+@MONOLITHIC_TRUE@@USE_DES_TRUE@am__append_10 = plugins/des/libstrongswan-des.la
+@USE_BLOWFISH_TRUE@am__append_11 = plugins/blowfish
+@MONOLITHIC_TRUE@@USE_BLOWFISH_TRUE@am__append_12 = plugins/blowfish/libstrongswan-blowfish.la
+@USE_MD4_TRUE@am__append_13 = plugins/md4
+@MONOLITHIC_TRUE@@USE_MD4_TRUE@am__append_14 = plugins/md4/libstrongswan-md4.la
+@USE_MD5_TRUE@am__append_15 = plugins/md5
+@MONOLITHIC_TRUE@@USE_MD5_TRUE@am__append_16 = plugins/md5/libstrongswan-md5.la
+@USE_SHA1_TRUE@am__append_17 = plugins/sha1
+@MONOLITHIC_TRUE@@USE_SHA1_TRUE@am__append_18 = plugins/sha1/libstrongswan-sha1.la
+@USE_SHA2_TRUE@am__append_19 = plugins/sha2
+@MONOLITHIC_TRUE@@USE_SHA2_TRUE@am__append_20 = plugins/sha2/libstrongswan-sha2.la
+@USE_GMP_TRUE@am__append_21 = plugins/gmp
+@MONOLITHIC_TRUE@@USE_GMP_TRUE@am__append_22 = plugins/gmp/libstrongswan-gmp.la
+@USE_RANDOM_TRUE@am__append_23 = plugins/random
+@MONOLITHIC_TRUE@@USE_RANDOM_TRUE@am__append_24 = plugins/random/libstrongswan-random.la
+@USE_HMAC_TRUE@am__append_25 = plugins/hmac
+@MONOLITHIC_TRUE@@USE_HMAC_TRUE@am__append_26 = plugins/hmac/libstrongswan-hmac.la
+@USE_XCBC_TRUE@am__append_27 = plugins/xcbc
+@MONOLITHIC_TRUE@@USE_XCBC_TRUE@am__append_28 = plugins/xcbc/libstrongswan-xcbc.la
+@USE_X509_TRUE@am__append_29 = plugins/x509
+@MONOLITHIC_TRUE@@USE_X509_TRUE@am__append_30 = plugins/x509/libstrongswan-x509.la
+@USE_PUBKEY_TRUE@am__append_31 = plugins/pubkey
+@MONOLITHIC_TRUE@@USE_PUBKEY_TRUE@am__append_32 = plugins/pubkey/libstrongswan-pubkey.la
+@USE_PKCS1_TRUE@am__append_33 = plugins/pkcs1
+@MONOLITHIC_TRUE@@USE_PKCS1_TRUE@am__append_34 = plugins/pkcs1/libstrongswan-pkcs1.la
+@USE_PGP_TRUE@am__append_35 = plugins/pgp
+@MONOLITHIC_TRUE@@USE_PGP_TRUE@am__append_36 = plugins/pgp/libstrongswan-pgp.la
+@USE_DNSKEY_TRUE@am__append_37 = plugins/dnskey
+@MONOLITHIC_TRUE@@USE_DNSKEY_TRUE@am__append_38 = plugins/dnskey/libstrongswan-dnskey.la
+@USE_PEM_TRUE@am__append_39 = plugins/pem
+@MONOLITHIC_TRUE@@USE_PEM_TRUE@am__append_40 = plugins/pem/libstrongswan-pem.la
+@USE_CURL_TRUE@am__append_41 = plugins/curl
+@MONOLITHIC_TRUE@@USE_CURL_TRUE@am__append_42 = plugins/curl/libstrongswan-curl.la
+@USE_LDAP_TRUE@am__append_43 = plugins/ldap
+@MONOLITHIC_TRUE@@USE_LDAP_TRUE@am__append_44 = plugins/ldap/libstrongswan-ldap.la
+@USE_MYSQL_TRUE@am__append_45 = plugins/mysql
+@MONOLITHIC_TRUE@@USE_MYSQL_TRUE@am__append_46 = plugins/mysql/libstrongswan-mysql.la
+@USE_SQLITE_TRUE@am__append_47 = plugins/sqlite
+@MONOLITHIC_TRUE@@USE_SQLITE_TRUE@am__append_48 = plugins/sqlite/libstrongswan-sqlite.la
+@USE_PADLOCK_TRUE@am__append_49 = plugins/padlock
+@MONOLITHIC_TRUE@@USE_PADLOCK_TRUE@am__append_50 = plugins/padlock/libstrongswan-padlock.la
+@USE_OPENSSL_TRUE@am__append_51 = plugins/openssl
+@MONOLITHIC_TRUE@@USE_OPENSSL_TRUE@am__append_52 = plugins/openssl/libstrongswan-openssl.la
+@USE_GCRYPT_TRUE@am__append_53 = plugins/gcrypt
+@MONOLITHIC_TRUE@@USE_GCRYPT_TRUE@am__append_54 = plugins/gcrypt/libstrongswan-gcrypt.la
+@USE_FIPS_PRF_TRUE@am__append_55 = plugins/fips_prf
+@MONOLITHIC_TRUE@@USE_FIPS_PRF_TRUE@am__append_56 = plugins/fips_prf/libstrongswan-fips-prf.la
+@USE_AGENT_TRUE@am__append_57 = plugins/agent
+@MONOLITHIC_TRUE@@USE_AGENT_TRUE@am__append_58 = plugins/agent/libstrongswan-agent.la
+@USE_TEST_VECTORS_TRUE@am__append_59 = plugins/test_vectors
+@MONOLITHIC_TRUE@@USE_TEST_VECTORS_TRUE@am__append_60 = plugins/test_vectors/libstrongswan-test-vectors.la
subdir = src/libstrongswan
DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
@@ -115,14 +141,20 @@ am__DEPENDENCIES_1 =
libstrongswan_la_DEPENDENCIES = $(am__DEPENDENCIES_1) \
$(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \
$(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \
- $(am__DEPENDENCIES_1)
+ $(am__DEPENDENCIES_1) $(am__append_8) $(am__append_10) \
+ $(am__append_12) $(am__append_14) $(am__append_16) \
+ $(am__append_18) $(am__append_20) $(am__append_22) \
+ $(am__append_24) $(am__append_26) $(am__append_28) \
+ $(am__append_30) $(am__append_32) $(am__append_34) \
+ $(am__append_36) $(am__append_38) $(am__append_40) \
+ $(am__append_42) $(am__append_44) $(am__append_46) \
+ $(am__append_48) $(am__append_50) $(am__append_52) \
+ $(am__append_54) $(am__append_56) $(am__append_58) \
+ $(am__append_60)
am__libstrongswan_la_SOURCES_DIST = library.c library.h chunk.c \
chunk.h debug.c debug.h enum.c enum.h settings.h settings.c \
printf_hook.c printf_hook.h asn1/asn1.c asn1/asn1.h \
asn1/asn1_parser.c asn1/asn1_parser.h asn1/oid.c asn1/oid.h \
- attributes/attributes.c attributes/attributes.h \
- attributes/attribute_provider.h attributes/attribute_handler.h \
- attributes/attribute_manager.c attributes/attribute_manager.h \
crypto/crypters/crypter.c crypto/crypters/crypter.h \
crypto/hashers/hasher.h crypto/hashers/hasher.c crypto/pkcs9.c \
crypto/pkcs9.h crypto/proposal/proposal_keywords.c \
@@ -173,10 +205,10 @@ am__libstrongswan_la_SOURCES_DIST = library.c library.h chunk.c \
@USE_INTEGRITY_TEST_TRUE@am__objects_2 = integrity_checker.lo
am_libstrongswan_la_OBJECTS = library.lo chunk.lo debug.lo enum.lo \
settings.lo printf_hook.lo asn1.lo asn1_parser.lo oid.lo \
- attributes.lo attribute_manager.lo crypter.lo hasher.lo \
- pkcs9.lo proposal_keywords.lo prf.lo rng.lo prf_plus.lo \
- signer.lo crypto_factory.lo crypto_tester.lo diffie_hellman.lo \
- transform.lo credential_factory.lo builder.lo key_encoding.lo \
+ crypter.lo hasher.lo pkcs9.lo proposal_keywords.lo prf.lo \
+ rng.lo prf_plus.lo signer.lo crypto_factory.lo \
+ crypto_tester.lo diffie_hellman.lo transform.lo \
+ credential_factory.lo builder.lo key_encoding.lo \
private_key.lo public_key.lo shared_key.lo certificate.lo \
x509.lo crl.lo ocsp_response.lo ietf_attributes.lo \
database_factory.lo fetcher_manager.lo traffic_selector.lo \
@@ -215,13 +247,12 @@ AM_RECURSIVE_TARGETS = $(RECURSIVE_TARGETS:-recursive=) \
ETAGS = etags
CTAGS = ctags
DIST_SUBDIRS = . plugins/aes plugins/des plugins/blowfish plugins/md4 \
- plugins/md5 plugins/sha1 plugins/sha2 plugins/fips_prf \
- plugins/gmp plugins/random plugins/hmac plugins/xcbc \
- plugins/x509 plugins/pubkey plugins/pkcs1 plugins/pgp \
- plugins/dnskey plugins/pem plugins/curl plugins/ldap \
- plugins/mysql plugins/sqlite plugins/attr_sql plugins/padlock \
- plugins/openssl plugins/gcrypt plugins/agent \
- plugins/test_vectors
+ plugins/md5 plugins/sha1 plugins/sha2 plugins/gmp \
+ plugins/random plugins/hmac plugins/xcbc plugins/x509 \
+ plugins/pubkey plugins/pkcs1 plugins/pgp plugins/dnskey \
+ plugins/pem plugins/curl plugins/ldap plugins/mysql \
+ plugins/sqlite plugins/padlock plugins/openssl plugins/gcrypt \
+ plugins/fips_prf plugins/agent plugins/test_vectors
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
am__relativize = \
dir0=`pwd`; \
@@ -368,6 +399,7 @@ ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
+libhydra_plugins = @libhydra_plugins@
libstrongswan_plugins = @libstrongswan_plugins@
linux_headers = @linux_headers@
localedir = @localedir@
@@ -407,9 +439,6 @@ libstrongswan_la_SOURCES = library.c library.h chunk.c chunk.h debug.c \
debug.h enum.c enum.h settings.h settings.c printf_hook.c \
printf_hook.h asn1/asn1.c asn1/asn1.h asn1/asn1_parser.c \
asn1/asn1_parser.h asn1/oid.c asn1/oid.h \
- attributes/attributes.c attributes/attributes.h \
- attributes/attribute_provider.h attributes/attribute_handler.h \
- attributes/attribute_manager.c attributes/attribute_manager.h \
crypto/crypters/crypter.c crypto/crypters/crypter.h \
crypto/hashers/hasher.h crypto/hashers/hasher.c crypto/pkcs9.c \
crypto/pkcs9.h crypto/proposal/proposal_keywords.c \
@@ -456,14 +485,24 @@ libstrongswan_la_SOURCES = library.c library.h chunk.c chunk.h debug.c \
plugins/plugin_loader.h plugins/plugin.h $(am__append_2) \
$(am__append_5)
libstrongswan_la_LIBADD = $(PTHREADLIB) $(DLLIB) $(BTLIB) $(SOCKLIB) \
- $(RTLIB) $(am__append_6)
+ $(RTLIB) $(am__append_6) $(am__append_8) $(am__append_10) \
+ $(am__append_12) $(am__append_14) $(am__append_16) \
+ $(am__append_18) $(am__append_20) $(am__append_22) \
+ $(am__append_24) $(am__append_26) $(am__append_28) \
+ $(am__append_30) $(am__append_32) $(am__append_34) \
+ $(am__append_36) $(am__append_38) $(am__append_40) \
+ $(am__append_42) $(am__append_44) $(am__append_46) \
+ $(am__append_48) $(am__append_50) $(am__append_52) \
+ $(am__append_54) $(am__append_56) $(am__append_58) \
+ $(am__append_60)
INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -DIPSEC_DIR=\"${ipsecdir}\" -DPLUGINDIR=\"${plugindir}\" \
-DSTRONGSWAN_CONF=\"${strongswan_conf}\" $(am__append_1) \
$(am__append_3) $(am__append_4)
EXTRA_DIST = \
asn1/oid.txt asn1/oid.pl \
-crypto/proposal/proposal_keywords.txt
+crypto/proposal/proposal_keywords.txt \
+Android.mk AndroidConfigLocal.h
BUILT_SOURCES = \
$(srcdir)/asn1/oid.c $(srcdir)/asn1/oid.h \
@@ -473,19 +512,37 @@ MAINTAINERCLEANFILES = \
$(srcdir)/asn1/oid.c $(srcdir)/asn1/oid.h \
$(srcdir)/crypto/proposal/proposal_keywords.c
+@MONOLITHIC_FALSE@SUBDIRS = . $(am__append_7) $(am__append_9) \
+@MONOLITHIC_FALSE@ $(am__append_11) $(am__append_13) \
+@MONOLITHIC_FALSE@ $(am__append_15) $(am__append_17) \
+@MONOLITHIC_FALSE@ $(am__append_19) $(am__append_21) \
+@MONOLITHIC_FALSE@ $(am__append_23) $(am__append_25) \
+@MONOLITHIC_FALSE@ $(am__append_27) $(am__append_29) \
+@MONOLITHIC_FALSE@ $(am__append_31) $(am__append_33) \
+@MONOLITHIC_FALSE@ $(am__append_35) $(am__append_37) \
+@MONOLITHIC_FALSE@ $(am__append_39) $(am__append_41) \
+@MONOLITHIC_FALSE@ $(am__append_43) $(am__append_45) \
+@MONOLITHIC_FALSE@ $(am__append_47) $(am__append_49) \
+@MONOLITHIC_FALSE@ $(am__append_51) $(am__append_53) \
+@MONOLITHIC_FALSE@ $(am__append_55) $(am__append_57) \
+@MONOLITHIC_FALSE@ $(am__append_59)
# build plugins with their own Makefile
#######################################
-SUBDIRS = . $(am__append_7) $(am__append_8) $(am__append_9) \
- $(am__append_10) $(am__append_11) $(am__append_12) \
- $(am__append_13) $(am__append_14) $(am__append_15) \
- $(am__append_16) $(am__append_17) $(am__append_18) \
- $(am__append_19) $(am__append_20) $(am__append_21) \
- $(am__append_22) $(am__append_23) $(am__append_24) \
- $(am__append_25) $(am__append_26) $(am__append_27) \
- $(am__append_28) $(am__append_29) $(am__append_30) \
- $(am__append_31) $(am__append_32) $(am__append_33) \
- $(am__append_34)
+@MONOLITHIC_TRUE@SUBDIRS = $(am__append_7) $(am__append_9) \
+@MONOLITHIC_TRUE@ $(am__append_11) $(am__append_13) \
+@MONOLITHIC_TRUE@ $(am__append_15) $(am__append_17) \
+@MONOLITHIC_TRUE@ $(am__append_19) $(am__append_21) \
+@MONOLITHIC_TRUE@ $(am__append_23) $(am__append_25) \
+@MONOLITHIC_TRUE@ $(am__append_27) $(am__append_29) \
+@MONOLITHIC_TRUE@ $(am__append_31) $(am__append_33) \
+@MONOLITHIC_TRUE@ $(am__append_35) $(am__append_37) \
+@MONOLITHIC_TRUE@ $(am__append_39) $(am__append_41) \
+@MONOLITHIC_TRUE@ $(am__append_43) $(am__append_45) \
+@MONOLITHIC_TRUE@ $(am__append_47) $(am__append_49) \
+@MONOLITHIC_TRUE@ $(am__append_51) $(am__append_53) \
+@MONOLITHIC_TRUE@ $(am__append_55) $(am__append_57) \
+@MONOLITHIC_TRUE@ $(am__append_59)
all: $(BUILT_SOURCES)
$(MAKE) $(AM_MAKEFLAGS) all-recursive
@@ -563,8 +620,6 @@ distclean-compile:
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_parser.Plo@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/attribute_manager.Plo@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/attributes.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/backtrace.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/builder.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/certificate.Plo@am__quote@
@@ -657,20 +712,6 @@ oid.lo: asn1/oid.c
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o oid.lo `test -f 'asn1/oid.c' || echo '$(srcdir)/'`asn1/oid.c
-attributes.lo: attributes/attributes.c
-@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT attributes.lo -MD -MP -MF $(DEPDIR)/attributes.Tpo -c -o attributes.lo `test -f 'attributes/attributes.c' || echo '$(srcdir)/'`attributes/attributes.c
-@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/attributes.Tpo $(DEPDIR)/attributes.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='attributes/attributes.c' object='attributes.lo' libtool=yes @AMDEPBACKSLASH@
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o attributes.lo `test -f 'attributes/attributes.c' || echo '$(srcdir)/'`attributes/attributes.c
-
-attribute_manager.lo: attributes/attribute_manager.c
-@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT attribute_manager.lo -MD -MP -MF $(DEPDIR)/attribute_manager.Tpo -c -o attribute_manager.lo `test -f 'attributes/attribute_manager.c' || echo '$(srcdir)/'`attributes/attribute_manager.c
-@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/attribute_manager.Tpo $(DEPDIR)/attribute_manager.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='attributes/attribute_manager.c' object='attribute_manager.lo' libtool=yes @AMDEPBACKSLASH@
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o attribute_manager.lo `test -f 'attributes/attribute_manager.c' || echo '$(srcdir)/'`attributes/attribute_manager.c
-
crypter.lo: crypto/crypters/crypter.c
@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT crypter.lo -MD -MP -MF $(DEPDIR)/crypter.Tpo -c -o crypter.lo `test -f 'crypto/crypters/crypter.c' || echo '$(srcdir)/'`crypto/crypters/crypter.c
@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/crypter.Tpo $(DEPDIR)/crypter.Plo
diff --git a/src/libstrongswan/asn1/asn1.c b/src/libstrongswan/asn1/asn1.c
index 763caafc4..6264bdc54 100644
--- a/src/libstrongswan/asn1/asn1.c
+++ b/src/libstrongswan/asn1/asn1.c
@@ -19,7 +19,6 @@
#include <string.h>
#include <time.h>
-#include <utils.h>
#include <debug.h>
#include "oid.h"
@@ -134,7 +133,7 @@ size_t asn1_length(chunk_t *blob)
if (blob->len < 2)
{
- DBG2("insufficient number of octets to parse ASN.1 length");
+ DBG2(DBG_LIB, "insufficient number of octets to parse ASN.1 length");
return ASN1_INVALID_LENGTH;
}
@@ -146,7 +145,7 @@ size_t asn1_length(chunk_t *blob)
{ /* single length octet */
if (n > blob->len)
{
- DBG2("length is larger than remaining blob size");
+ DBG2(DBG_LIB, "length is larger than remaining blob size");
return ASN1_INVALID_LENGTH;
}
return n;
@@ -157,14 +156,14 @@ size_t asn1_length(chunk_t *blob)
if (n == 0 || n > blob->len)
{
- DBG2("number of length octets invalid");
+ DBG2(DBG_LIB, "number of length octets invalid");
return ASN1_INVALID_LENGTH;
}
if (n > sizeof(len))
{
- DBG2("number of length octets is larger than limit of %d octets",
- (int)sizeof(len));
+ DBG2(DBG_LIB, "number of length octets is larger than limit of"
+ " %d octets", (int)sizeof(len));
return ASN1_INVALID_LENGTH;
}
@@ -177,7 +176,7 @@ size_t asn1_length(chunk_t *blob)
}
if (len > blob->len)
{
- DBG2("length is larger than remaining blob size");
+ DBG2(DBG_LIB, "length is larger than remaining blob size");
return ASN1_INVALID_LENGTH;
}
return len;
@@ -377,7 +376,7 @@ void asn1_debug_simple_object(chunk_t object, asn1_t type, bool private)
oid = asn1_known_oid(object);
if (oid != OID_UNKNOWN)
{
- DBG2(" '%s'", oid_names[oid].name);
+ DBG2(DBG_LIB, " '%s'", oid_names[oid].name);
return;
}
break;
@@ -386,14 +385,14 @@ void asn1_debug_simple_object(chunk_t object, asn1_t type, bool private)
case ASN1_PRINTABLESTRING:
case ASN1_T61STRING:
case ASN1_VISIBLESTRING:
- DBG2(" '%.*s'", (int)object.len, object.ptr);
+ DBG2(DBG_LIB, " '%.*s'", (int)object.len, object.ptr);
return;
case ASN1_UTCTIME:
case ASN1_GENERALIZEDTIME:
{
time_t time = asn1_to_time(&object, type);
- DBG2(" '%T'", &time, TRUE);
+ DBG2(DBG_LIB, " '%T'", &time, TRUE);
}
return;
default:
@@ -401,11 +400,11 @@ void asn1_debug_simple_object(chunk_t object, asn1_t type, bool private)
}
if (private)
{
- DBG4("%B", &object);
+ DBG4(DBG_LIB, "%B", &object);
}
else
{
- DBG3("%B", &object);
+ DBG3(DBG_LIB, "%B", &object);
}
}
@@ -419,13 +418,14 @@ bool asn1_parse_simple_object(chunk_t *object, asn1_t type, u_int level, const c
/* an ASN.1 object must possess at least a tag and length field */
if (object->len < 2)
{
- DBG2("L%d - %s: ASN.1 object smaller than 2 octets", level, name);
+ DBG2(DBG_LIB, "L%d - %s: ASN.1 object smaller than 2 octets", level,
+ name);
return FALSE;
}
if (*object->ptr != type)
{
- DBG2("L%d - %s: ASN1 tag 0x%02x expected, but is 0x%02x",
+ DBG2(DBG_LIB, "L%d - %s: ASN1 tag 0x%02x expected, but is 0x%02x",
level, name, type, *object->ptr);
return FALSE;
}
@@ -434,12 +434,12 @@ bool asn1_parse_simple_object(chunk_t *object, asn1_t type, u_int level, const c
if (len == ASN1_INVALID_LENGTH || object->len < len)
{
- DBG2("L%d - %s: length of ASN.1 object invalid or too large",
+ DBG2(DBG_LIB, "L%d - %s: length of ASN.1 object invalid or too large",
level, name);
return FALSE;
}
- DBG2("L%d - %s:", level, name);
+ DBG2(DBG_LIB, "L%d - %s:", level, name);
asn1_debug_simple_object(*object, type, FALSE);
return TRUE;
}
@@ -501,7 +501,7 @@ bool is_asn1(chunk_t blob)
if (tag != ASN1_SEQUENCE && tag != ASN1_SET && tag != ASN1_OCTET_STRING)
{
- DBG2(" file content is not binary ASN.1");
+ DBG2(DBG_LIB, " file content is not binary ASN.1");
return FALSE;
}
@@ -519,7 +519,7 @@ bool is_asn1(chunk_t blob)
return TRUE;
}
- DBG2(" file size does not match ASN.1 coded length");
+ DBG2(DBG_LIB, " file size does not match ASN.1 coded length");
return FALSE;
}
diff --git a/src/libstrongswan/asn1/asn1.h b/src/libstrongswan/asn1/asn1.h
index d29190df7..866c28095 100644
--- a/src/libstrongswan/asn1/asn1.h
+++ b/src/libstrongswan/asn1/asn1.h
@@ -25,8 +25,7 @@
#include <stdarg.h>
-#include <utils.h>
-#include <chunk.h>
+#include <library.h>
/**
* Definition of some primitive ASN1 types
diff --git a/src/libstrongswan/asn1/asn1_parser.c b/src/libstrongswan/asn1/asn1_parser.c
index dc7726ad7..3e5bbbabd 100644
--- a/src/libstrongswan/asn1/asn1_parser.c
+++ b/src/libstrongswan/asn1/asn1_parser.c
@@ -19,7 +19,6 @@
#include <string.h>
#include <time.h>
-#include <utils.h>
#include <debug.h>
#include "asn1.h"
@@ -123,7 +122,7 @@ static bool iterate(private_asn1_parser_t *this, int *objectID, chunk_t *object)
if ((obj.flags & ASN1_DEF) && (blob->len == 0 || *start_ptr != obj.type) )
{
/* field is missing */
- DBG2("L%d - %s:", level, obj.name);
+ DBG2(DBG_LIB, "L%d - %s:", level, obj.name);
if (obj.type & ASN1_CONSTRUCTED)
{
this->line++ ; /* skip context-specific tag */
@@ -150,7 +149,7 @@ static bool iterate(private_asn1_parser_t *this, int *objectID, chunk_t *object)
if (blob->len < 2)
{
- DBG1("L%d - %s: ASN.1 object smaller than 2 octets",
+ DBG1(DBG_LIB, "L%d - %s: ASN.1 object smaller than 2 octets",
level, obj.name);
this->success = FALSE;
goto end;
@@ -160,7 +159,7 @@ static bool iterate(private_asn1_parser_t *this, int *objectID, chunk_t *object)
if (blob1->len == ASN1_INVALID_LENGTH)
{
- DBG1("L%d - %s: length of ASN.1 object invalid or too large",
+ DBG1(DBG_LIB, "L%d - %s: length of ASN.1 object invalid or too large",
level, obj.name);
this->success = FALSE;
}
@@ -173,7 +172,7 @@ static bool iterate(private_asn1_parser_t *this, int *objectID, chunk_t *object)
if (obj.flags & ASN1_RAW)
{
- DBG2("L%d - %s:", level, obj.name);
+ DBG2(DBG_LIB, "L%d - %s:", level, obj.name);
object->ptr = start_ptr;
object->len = (size_t)(blob->ptr - start_ptr);
goto end;
@@ -181,14 +180,14 @@ static bool iterate(private_asn1_parser_t *this, int *objectID, chunk_t *object)
if (*start_ptr != obj.type && !(this->implicit && this->line == 0))
{
- DBG1("L%d - %s: ASN1 tag 0x%02x expected, but is 0x%02x",
+ DBG1(DBG_LIB, "L%d - %s: ASN1 tag 0x%02x expected, but is 0x%02x",
level, obj.name, obj.type, *start_ptr);
- DBG3("%b", start_ptr, (u_int)(blob->ptr - start_ptr));
+ DBG3(DBG_LIB, "%b", start_ptr, (u_int)(blob->ptr - start_ptr));
this->success = FALSE;
goto end;
}
- DBG2("L%d - %s:", level, obj.name);
+ DBG2(DBG_LIB, "L%d - %s:", level, obj.name);
/* In case of "SEQUENCE OF" or "SET OF" start a loop */
if (obj.flags & ASN1_LOOP)
@@ -217,11 +216,11 @@ static bool iterate(private_asn1_parser_t *this, int *objectID, chunk_t *object)
object->len = (size_t)(blob->ptr - start_ptr);
if (this->private)
{
- DBG4("%B", object);
+ DBG4(DBG_LIB, "%B", object);
}
else
{
- DBG3("%B", object);
+ DBG3(DBG_LIB, "%B", object);
}
}
else if (obj.flags & ASN1_BODY)
diff --git a/src/libstrongswan/asn1/asn1_parser.h b/src/libstrongswan/asn1/asn1_parser.h
index 49325232d..0edc22c23 100644
--- a/src/libstrongswan/asn1/asn1_parser.h
+++ b/src/libstrongswan/asn1/asn1_parser.h
@@ -25,9 +25,9 @@
#include <stdarg.h>
-#include <utils.h>
-#include <chunk.h>
-#include <asn1/asn1.h>
+#include <library.h>
+
+#include "asn1.h"
/**
* Definition of ASN.1 flags
diff --git a/src/libstrongswan/asn1/oid.h b/src/libstrongswan/asn1/oid.h
index 32e2eb033..aa1fd31b0 100644
--- a/src/libstrongswan/asn1/oid.h
+++ b/src/libstrongswan/asn1/oid.h
@@ -41,6 +41,7 @@ extern const oid_t oid_names[];
#define OID_UNIQUE_IDENTIFIER 34
#define OID_ROLE 35
#define OID_SUBJECT_KEY_ID 38
+#define OID_KEY_USAGE 39
#define OID_SUBJECT_ALT_NAME 41
#define OID_BASIC_CONSTRAINTS 43
#define OID_CRL_NUMBER 44
diff --git a/src/libstrongswan/asn1/oid.txt b/src/libstrongswan/asn1/oid.txt
index 203bc1f28..5d729c2eb 100644
--- a/src/libstrongswan/asn1/oid.txt
+++ b/src/libstrongswan/asn1/oid.txt
@@ -37,7 +37,7 @@
0x1D "id-ce"
0x09 "subjectDirectoryAttrs"
0x0E "subjectKeyIdentifier" OID_SUBJECT_KEY_ID
- 0x0F "keyUsage"
+ 0x0F "keyUsage" OID_KEY_USAGE
0x10 "privateKeyUsagePeriod"
0x11 "subjectAltName" OID_SUBJECT_ALT_NAME
0x12 "issuerAltName"
diff --git a/src/libstrongswan/attributes/attribute_handler.h b/src/libstrongswan/attributes/attribute_handler.h
deleted file mode 100644
index d042f47ef..000000000
--- a/src/libstrongswan/attributes/attribute_handler.h
+++ /dev/null
@@ -1,72 +0,0 @@
-/*
- * Copyright (C) 2009 Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-/**
- * @defgroup attribute_handler attribute_handler
- * @{ @ingroup attributes
- */
-
-#ifndef ATTRIBUTE_HANDLER_H_
-#define ATTRIBUTE_HANDLER_H_
-
-#include <chunk.h>
-#include <utils/host.h>
-#include <utils/identification.h>
-
-#include "attributes.h"
-
-typedef struct attribute_handler_t attribute_handler_t;
-
-/**
- * Interface to handle configuration payload attributes.
- */
-struct attribute_handler_t {
-
- /**
- * Handle a configuration attribute.
- *
- * After receiving a configuration attriubte, it is passed to each
- * attribute handler until it is handled.
- *
- * @param server server from which the attribute was received
- * @param type type of configuration attribute to handle
- * @param data associated attribute data
- * @return TRUE if attribute handled
- */
- bool (*handle)(attribute_handler_t *this, identification_t *server,
- configuration_attribute_type_t type, chunk_t data);
-
- /**
- * Release an attribute handled during handle().
- *
- * A handler that handle()d an attribute gets a call to release() when the
- * connection gets closed. Depending on the implementation, this is required
- * to remove the attribute.
- */
- void (*release)(attribute_handler_t *this, identification_t *server,
- configuration_attribute_type_t type, chunk_t data);
-
- /**
- * Enumerate attributes to request from a server.
- *
- * @param server server identity to request attributes from
- * @param vip virtual IP we are requesting, if any
- * @return enumerator (configuration_attribute_type_t, chunk_t)
- */
- enumerator_t* (*create_attribute_enumerator)(attribute_handler_t *this,
- identification_t *server, host_t *vip);
-};
-
-#endif /** ATTRIBUTE_HANDLER_H_ @}*/
diff --git a/src/libstrongswan/attributes/attribute_manager.c b/src/libstrongswan/attributes/attribute_manager.c
deleted file mode 100644
index 91fa1ebb5..000000000
--- a/src/libstrongswan/attributes/attribute_manager.c
+++ /dev/null
@@ -1,374 +0,0 @@
-/*
- * Copyright (C) 2008 Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include "attribute_manager.h"
-
-#include <debug.h>
-#include <utils/linked_list.h>
-#include <threading/rwlock.h>
-
-typedef struct private_attribute_manager_t private_attribute_manager_t;
-
-/**
- * private data of attribute_manager
- */
-struct private_attribute_manager_t {
-
- /**
- * public functions
- */
- attribute_manager_t public;
-
- /**
- * list of registered providers
- */
- linked_list_t *providers;
-
- /**
- * list of registered handlers
- */
- linked_list_t *handlers;
-
- /**
- * rwlock provider list
- */
- rwlock_t *lock;
-};
-
-/**
- * Data to pass to enumerator filters
- */
-typedef struct {
- /** server/peer identity */
- identification_t *id;
- /** requesting/assigned virtual IP */
- host_t *vip;
-} enum_data_t;
-
-/**
- * Implementation of attribute_manager_t.acquire_address.
- */
-static host_t* acquire_address(private_attribute_manager_t *this,
- char *pool, identification_t *id,
- host_t *requested)
-{
- enumerator_t *enumerator;
- attribute_provider_t *current;
- host_t *host = NULL;
-
- this->lock->read_lock(this->lock);
- enumerator = this->providers->create_enumerator(this->providers);
- while (enumerator->enumerate(enumerator, &current))
- {
- host = current->acquire_address(current, pool, id, requested);
- if (host)
- {
- break;
- }
- }
- enumerator->destroy(enumerator);
- this->lock->unlock(this->lock);
-
- if (!host)
- {
- DBG1("acquiring address from pool '%s' failed", pool);
- }
- return host;
-}
-
-/**
- * Implementation of attribute_manager_t.release_address.
- */
-static void release_address(private_attribute_manager_t *this,
- char *pool, host_t *address, identification_t *id)
-{
- enumerator_t *enumerator;
- attribute_provider_t *current;
- bool found = FALSE;
-
- this->lock->read_lock(this->lock);
- enumerator = this->providers->create_enumerator(this->providers);
- while (enumerator->enumerate(enumerator, &current))
- {
- if (current->release_address(current, pool, address, id))
- {
- found = TRUE;
- break;
- }
- }
- enumerator->destroy(enumerator);
- this->lock->unlock(this->lock);
-
- if (!found)
- {
- DBG1("releasing address to pool '%s' failed", pool);
- }
-}
-
-/**
- * inner enumerator constructor for responder attributes
- */
-static enumerator_t *responder_enum_create(attribute_provider_t *provider,
- enum_data_t *data)
-{
- return provider->create_attribute_enumerator(provider, data->id, data->vip);
-}
-
-/**
- * Implementation of attribute_manager_t.create_responder_enumerator
- */
-static enumerator_t* create_responder_enumerator(
- private_attribute_manager_t *this, identification_t *id, host_t *vip)
-{
- enum_data_t *data = malloc_thing(enum_data_t);
-
- data->id = id;
- data->vip = vip;
- this->lock->read_lock(this->lock);
- return enumerator_create_cleaner(
- enumerator_create_nested(
- this->providers->create_enumerator(this->providers),
- (void*)responder_enum_create, data, free),
- (void*)this->lock->unlock, this->lock);
-}
-
-/**
- * Implementation of attribute_manager_t.add_provider.
- */
-static void add_provider(private_attribute_manager_t *this,
- attribute_provider_t *provider)
-{
- this->lock->write_lock(this->lock);
- this->providers->insert_last(this->providers, provider);
- this->lock->unlock(this->lock);
-}
-
-/**
- * Implementation of attribute_manager_t.remove_provider.
- */
-static void remove_provider(private_attribute_manager_t *this,
- attribute_provider_t *provider)
-{
- this->lock->write_lock(this->lock);
- this->providers->remove(this->providers, provider, NULL);
- this->lock->unlock(this->lock);
-}
-
-/**
- * Implementation of attribute_manager_t.handle
- */
-static attribute_handler_t* handle(private_attribute_manager_t *this,
- identification_t *server, attribute_handler_t *handler,
- configuration_attribute_type_t type, chunk_t data)
-{
- enumerator_t *enumerator;
- attribute_handler_t *current, *handled = NULL;
-
- this->lock->read_lock(this->lock);
-
- /* try to find the passed handler */
- enumerator = this->handlers->create_enumerator(this->handlers);
- while (enumerator->enumerate(enumerator, &current))
- {
- if (current == handler && current->handle(current, server, type, data))
- {
- handled = current;
- break;
- }
- }
- enumerator->destroy(enumerator);
- if (!handled)
- { /* handler requesting this attribute not found, try any other */
- enumerator = this->handlers->create_enumerator(this->handlers);
- while (enumerator->enumerate(enumerator, &current))
- {
- if (current->handle(current, server, type, data))
- {
- handled = current;
- break;
- }
- }
- enumerator->destroy(enumerator);
- }
- this->lock->unlock(this->lock);
-
- if (!handled)
- {
- DBG1("handling %N attribute failed",
- configuration_attribute_type_names, type);
- }
- return handled;
-}
-
-/**
- * Implementation of attribute_manager_t.release
- */
-static void release(private_attribute_manager_t *this,
- attribute_handler_t *handler,
- identification_t *server,
- configuration_attribute_type_t type, chunk_t data)
-{
- enumerator_t *enumerator;
- attribute_handler_t *current;
-
- this->lock->read_lock(this->lock);
- enumerator = this->handlers->create_enumerator(this->handlers);
- while (enumerator->enumerate(enumerator, &current))
- {
- if (current == handler)
- {
- current->release(current, server, type, data);
- break;
- }
- }
- enumerator->destroy(enumerator);
- this->lock->unlock(this->lock);
-}
-
-/**
- * Enumerator implementation to enumerate nested initiator attributes
- */
-typedef struct {
- /** implements enumerator_t */
- enumerator_t public;
- /** back ref */
- private_attribute_manager_t *this;
- /** currently processing handler */
- attribute_handler_t *handler;
- /** outer enumerator over handlers */
- enumerator_t *outer;
- /** inner enumerator over current handlers attributes */
- enumerator_t *inner;
- /** server ID we want attributes for */
- identification_t *id;
- /** virtual IP we are requesting along with attriubutes */
- host_t *vip;
-} initiator_enumerator_t;
-
-/**
- * Enumerator implementation for initiator attributes
- */
-static bool initiator_enumerate(initiator_enumerator_t *this,
- attribute_handler_t **handler,
- configuration_attribute_type_t *type,
- chunk_t *value)
-{
- /* enumerate inner attributes using outer handler enumerator */
- while (!this->inner || !this->inner->enumerate(this->inner, type, value))
- {
- if (!this->outer->enumerate(this->outer, &this->handler))
- {
- return FALSE;
- }
- DESTROY_IF(this->inner);
- this->inner = this->handler->create_attribute_enumerator(this->handler,
- this->id, this->vip);
- }
- /* inject the handler as additional attribute */
- *handler = this->handler;
- return TRUE;
-}
-
-/**
- * Cleanup function of initiator attribute enumerator
- */
-static void initiator_destroy(initiator_enumerator_t *this)
-{
- this->this->lock->unlock(this->this->lock);
- this->outer->destroy(this->outer);
- DESTROY_IF(this->inner);
- free(this);
-}
-
-/**
- * Implementation of attribute_manager_t.create_initiator_enumerator
- */
-static enumerator_t* create_initiator_enumerator(
- private_attribute_manager_t *this, identification_t *id, host_t *vip)
-{
- initiator_enumerator_t *enumerator = malloc_thing(initiator_enumerator_t);
-
- this->lock->read_lock(this->lock);
- enumerator->public.enumerate = (void*)initiator_enumerate;
- enumerator->public.destroy = (void*)initiator_destroy;
- enumerator->this = this;
- enumerator->id = id;
- enumerator->vip = vip;
- enumerator->outer = this->handlers->create_enumerator(this->handlers);
- enumerator->inner = NULL;
- enumerator->handler = NULL;
-
- return &enumerator->public;
-}
-
-/**
- * Implementation of attribute_manager_t.add_handler
- */
-static void add_handler(private_attribute_manager_t *this,
- attribute_handler_t *handler)
-{
- this->lock->write_lock(this->lock);
- this->handlers->insert_last(this->handlers, handler);
- this->lock->unlock(this->lock);
-}
-
-/**
- * Implementation of attribute_manager_t.remove_handler
- */
-static void remove_handler(private_attribute_manager_t *this,
- attribute_handler_t *handler)
-{
- this->lock->write_lock(this->lock);
- this->handlers->remove(this->handlers, handler, NULL);
- this->lock->unlock(this->lock);
-}
-
-/**
- * Implementation of attribute_manager_t.destroy
- */
-static void destroy(private_attribute_manager_t *this)
-{
- this->providers->destroy(this->providers);
- this->handlers->destroy(this->handlers);
- this->lock->destroy(this->lock);
- free(this);
-}
-
-/*
- * see header file
- */
-attribute_manager_t *attribute_manager_create()
-{
- private_attribute_manager_t *this = malloc_thing(private_attribute_manager_t);
-
- this->public.acquire_address = (host_t*(*)(attribute_manager_t*, char*, identification_t*,host_t*))acquire_address;
- this->public.release_address = (void(*)(attribute_manager_t*, char *, host_t*, identification_t*))release_address;
- this->public.create_responder_enumerator = (enumerator_t*(*)(attribute_manager_t*, identification_t*, host_t*))create_responder_enumerator;
- this->public.add_provider = (void(*)(attribute_manager_t*, attribute_provider_t *provider))add_provider;
- this->public.remove_provider = (void(*)(attribute_manager_t*, attribute_provider_t *provider))remove_provider;
- this->public.handle = (attribute_handler_t*(*)(attribute_manager_t*,identification_t*, attribute_handler_t*, configuration_attribute_type_t, chunk_t))handle;
- this->public.release = (void(*)(attribute_manager_t*, attribute_handler_t*, identification_t*, configuration_attribute_type_t, chunk_t))release;
- this->public.create_initiator_enumerator = (enumerator_t*(*)(attribute_manager_t*, identification_t*, host_t*))create_initiator_enumerator;
- this->public.add_handler = (void(*)(attribute_manager_t*, attribute_handler_t*))add_handler;
- this->public.remove_handler = (void(*)(attribute_manager_t*, attribute_handler_t*))remove_handler;
- this->public.destroy = (void(*)(attribute_manager_t*))destroy;
-
- this->providers = linked_list_create();
- this->handlers = linked_list_create();
- this->lock = rwlock_create(RWLOCK_TYPE_DEFAULT);
-
- return &this->public;
-}
-
diff --git a/src/libstrongswan/attributes/attribute_manager.h b/src/libstrongswan/attributes/attribute_manager.h
deleted file mode 100644
index 642662366..000000000
--- a/src/libstrongswan/attributes/attribute_manager.h
+++ /dev/null
@@ -1,149 +0,0 @@
-/*
- * Copyright (C) 2008-2009 Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-/**
- * @defgroup attribute_manager attribute_manager
- * @{ @ingroup attributes
- */
-
-#ifndef ATTRIBUTE_MANAGER_H_
-#define ATTRIBUTE_MANAGER_H_
-
-#include "attribute_provider.h"
-#include "attribute_handler.h"
-
-typedef struct attribute_manager_t attribute_manager_t;
-
-/**
- * The attribute manager hands out attributes or handles them.
- *
- * The attribute manager manages both, attribute providers and attribute
- * handlers. Attribute providers are responsible to hand out attributes if
- * a connecting peer requests them. Handlers handle such attributes if they
- * are received on the requesting peer.
- */
-struct attribute_manager_t {
-
- /**
- * Acquire a virtual IP address to assign to a peer.
- *
- * @param pool pool name to acquire address from
- * @param id peer identity to get address forua
- * @param requested IP in configuration request
- * @return allocated address, NULL to serve none
- */
- host_t* (*acquire_address)(attribute_manager_t *this,
- char *pool, identification_t *id,
- host_t *requested);
-
- /**
- * Release a previously acquired address.
- *
- * @param pool pool name from which the address was acquired
- * @param address address to release
- * @param id peer identity to get address for
- */
- void (*release_address)(attribute_manager_t *this,
- char *pool, host_t *address, identification_t *id);
-
- /**
- * Create an enumerator over attributes to hand out to a peer.
- *
- * @param id peer identity to hand out attributes to
- * @param vip virtual IP to assign to peer, if any
- * @return enumerator (configuration_attribute_type_t, chunk_t)
- */
- enumerator_t* (*create_responder_enumerator)(attribute_manager_t *this,
- identification_t *id, host_t *vip);
-
- /**
- * Register an attribute provider to the manager.
- *
- * @param provider attribute provider to register
- */
- void (*add_provider)(attribute_manager_t *this,
- attribute_provider_t *provider);
- /**
- * Unregister an attribute provider from the manager.
- *
- * @param provider attribute provider to unregister
- */
- void (*remove_provider)(attribute_manager_t *this,
- attribute_provider_t *provider);
-
- /**
- * Handle a configuration attribute by passing them to the handlers.
- *
- * @param server server from which the attribute was received
- * @param handler handler we requested the attribute for, if any
- * @param type type of configuration attribute
- * @param data associated attribute data
- * @return handler which handled this attribute, NULL if none
- */
- attribute_handler_t* (*handle)(attribute_manager_t *this,
- identification_t *server, attribute_handler_t *handler,
- configuration_attribute_type_t type, chunk_t data);
-
- /**
- * Release an attribute previously handle()d by a handler.
- *
- * @param handler handler returned by handle() for this attribute
- * @param server server from which the attribute was received
- * @param type type of attribute to release
- * @param data associated attribute data
- */
- void (*release)(attribute_manager_t *this, attribute_handler_t *handler,
- identification_t *server,
- configuration_attribute_type_t type,
- chunk_t data);
-
- /**
- * Create an enumerator over attributes to request from server.
- *
- * @param id server identity to hand out attributes to
- * @param vip virtual IP going to request, if any
- * @return enumerator (attribute_handler_t, ca_type_t, chunk_t)
- */
- enumerator_t* (*create_initiator_enumerator)(attribute_manager_t *this,
- identification_t *id, host_t *vip);
-
- /**
- * Register an attribute handler to the manager.
- *
- * @param handler attribute handler to register
- */
- void (*add_handler)(attribute_manager_t *this,
- attribute_handler_t *handler);
-
- /**
- * Unregister an attribute handler from the manager.
- *
- * @param handler attribute handler to unregister
- */
- void (*remove_handler)(attribute_manager_t *this,
- attribute_handler_t *handler);
-
- /**
- * Destroy a attribute_manager instance.
- */
- void (*destroy)(attribute_manager_t *this);
-};
-
-/**
- * Create a attribute_manager instance.
- */
-attribute_manager_t *attribute_manager_create();
-
-#endif /** ATTRIBUTE_MANAGER_H_ @}*/
diff --git a/src/libstrongswan/attributes/attribute_provider.h b/src/libstrongswan/attributes/attribute_provider.h
deleted file mode 100644
index f8485cc6c..000000000
--- a/src/libstrongswan/attributes/attribute_provider.h
+++ /dev/null
@@ -1,67 +0,0 @@
-/*
- * Copyright (C) 2008 Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-/**
- * @defgroup attribute_provider attribute_provider
- * @{ @ingroup attributes
- */
-
-#ifndef ATTRIBUTE_PROVIDER_H_
-#define ATTRIBUTE_PROVIDER_H_
-
-#include <utils/host.h>
-#include <utils/identification.h>
-
-typedef struct attribute_provider_t attribute_provider_t;
-
-/**
- * Interface to provide attributes to peers through attribute manager.
- */
-struct attribute_provider_t {
-
- /**
- * Acquire a virtual IP address to assign to a peer.
- *
- * @param pool name of the pool to acquire address from
- * @param id peer ID
- * @param requested IP in configuration request
- * @return allocated address, NULL to serve none
- */
- host_t* (*acquire_address)(attribute_provider_t *this,
- char *pool, identification_t *id,
- host_t *requested);
- /**
- * Release a previously acquired address.
- *
- * @param pool name of the pool this address was acquired from
- * @param address address to release
- * @param id peer ID
- * @return TRUE if the address has been released by the provider
- */
- bool (*release_address)(attribute_provider_t *this,
- char *pool, host_t *address, identification_t *id);
-
- /**
- * Create an enumerator over attributes to hand out to a peer.
- *
- * @param id peer ID
- * @param vip virtual IP to assign to peer, if any
- * @return enumerator (configuration_attribute_type_t, chunk_t)
- */
- enumerator_t* (*create_attribute_enumerator)(attribute_provider_t *this,
- identification_t *id, host_t *vip);
-};
-
-#endif /** ATTRIBUTE_PROVIDER_H_ @}*/
diff --git a/src/libstrongswan/attributes/attributes.c b/src/libstrongswan/attributes/attributes.c
deleted file mode 100644
index 83feed17e..000000000
--- a/src/libstrongswan/attributes/attributes.c
+++ /dev/null
@@ -1,43 +0,0 @@
-/*
- * Copyright (C) 2005-2006 Martin Willi
- * Copyright (C) 2005 Jan Hutter
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-
-#include "attributes.h"
-
-ENUM_BEGIN(configuration_attribute_type_names, INTERNAL_IP4_ADDRESS, INTERNAL_IP6_PREFIX,
- "INTERNAL_IP4_ADDRESS",
- "INTERNAL_IP4_NETMASK",
- "INTERNAL_IP4_DNS",
- "INTERNAL_IP4_NBNS",
- "INTERNAL_ADDRESS_EXPIRY",
- "INTERNAL_IP4_DHCP",
- "APPLICATION_VERSION",
- "INTERNAL_IP6_ADDRESS",
- "INTERNAL_IP6_NETMASK",
- "INTERNAL_IP6_DNS",
- "INTERNAL_IP6_NBNS",
- "INTERNAL_IP6_DHCP",
- "INTERNAL_IP4_SUBNET",
- "SUPPORTED_ATTRIBUTES",
- "INTERNAL_IP6_SUBNET",
- "MIP6_HOME_PREFIX",
- "INTERNAL_IP6_LINK",
- "INTERNAL_IP6_PREFIX");
-ENUM_NEXT(configuration_attribute_type_names, INTERNAL_IP4_SERVER, INTERNAL_IP6_SERVER, INTERNAL_IP6_PREFIX,
- "INTERNAL_IP4_SERVER",
- "INTERNAL_IP6_SERVER");
-ENUM_END(configuration_attribute_type_names, INTERNAL_IP6_SERVER);
-
diff --git a/src/libstrongswan/attributes/attributes.h b/src/libstrongswan/attributes/attributes.h
deleted file mode 100644
index f4a396f21..000000000
--- a/src/libstrongswan/attributes/attributes.h
+++ /dev/null
@@ -1,62 +0,0 @@
-/*
- * Copyright (C) 2005-2006 Martin Willi
- * Copyright (C) 2005 Jan Hutter
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-/**
- * @defgroup attributes_g attributes
- * @{ @ingroup attributes
- */
-
-#ifndef ATTRIBUTES_H_
-#define ATTRIBUTES_H_
-
-typedef enum configuration_attribute_type_t configuration_attribute_type_t;
-
-#include <enum.h>
-
-/**
- * Type of the attribute, as in IKEv2 RFC 3.15.1 or IKEv1 ModeConfig.
- */
-enum configuration_attribute_type_t {
- INTERNAL_IP4_ADDRESS = 1,
- INTERNAL_IP4_NETMASK = 2,
- INTERNAL_IP4_DNS = 3,
- INTERNAL_IP4_NBNS = 4,
- INTERNAL_ADDRESS_EXPIRY = 5,
- INTERNAL_IP4_DHCP = 6,
- APPLICATION_VERSION = 7,
- INTERNAL_IP6_ADDRESS = 8,
- INTERNAL_IP6_NETMASK = 9,
- INTERNAL_IP6_DNS = 10,
- INTERNAL_IP6_NBNS = 11,
- INTERNAL_IP6_DHCP = 12,
- INTERNAL_IP4_SUBNET = 13,
- SUPPORTED_ATTRIBUTES = 14,
- INTERNAL_IP6_SUBNET = 15,
- MIP6_HOME_PREFIX = 16,
- INTERNAL_IP6_LINK = 17,
- INTERNAL_IP6_PREFIX = 18,
- /* proprietary Microsoft attributes */
- INTERNAL_IP4_SERVER = 23456,
- INTERNAL_IP6_SERVER = 23457
-};
-
-/**
- * enum names for configuration_attribute_type_t.
- */
-extern enum_name_t *configuration_attribute_type_names;
-
-
-#endif /** ATTRIBUTES_H_ @}*/
diff --git a/src/libstrongswan/chunk.c b/src/libstrongswan/chunk.c
index 86436e997..ef69eb4e7 100644
--- a/src/libstrongswan/chunk.c
+++ b/src/libstrongswan/chunk.c
@@ -22,8 +22,7 @@
#include <ctype.h>
#include "chunk.h"
-
-#include <debug.h>
+#include "debug.h"
/* required for chunk_hash */
#undef get16bits
@@ -222,7 +221,7 @@ bool chunk_write(chunk_t chunk, char *path, char *label, mode_t mask, bool force
if (!force && access(path, F_OK) == 0)
{
- DBG1(" %s file '%s' already exists", label, path);
+ DBG1(DBG_LIB, " %s file '%s' already exists", label, path);
return FALSE;
}
oldmask = umask(mask);
@@ -231,20 +230,21 @@ bool chunk_write(chunk_t chunk, char *path, char *label, mode_t mask, bool force
{
if (fwrite(chunk.ptr, sizeof(u_char), chunk.len, fd) == chunk.len)
{
- DBG1(" written %s file '%s' (%d bytes)",
+ DBG1(DBG_LIB, " written %s file '%s' (%d bytes)",
label, path, chunk.len);
good = TRUE;
}
else
{
- DBG1(" writing %s file '%s' failed: %s",
+ DBG1(DBG_LIB, " writing %s file '%s' failed: %s",
label, path, strerror(errno));
}
fclose(fd);
}
else
{
- DBG1(" could not open %s file '%s': %s", label, path, strerror(errno));
+ DBG1(DBG_LIB, " could not open %s file '%s': %s", label, path,
+ strerror(errno));
}
umask(oldmask);
return good;
@@ -497,7 +497,7 @@ bool chunk_printable(chunk_t chunk, chunk_t *sane, char replace)
* Described in header.
*
* The implementation is based on Paul Hsieh's SuperFastHash:
- * http://www.azillionmonkeys.com/qed/hash.html
+ * http://www.azillionmonkeys.com/qed/hash.html
*/
u_int32_t chunk_hash_inc(chunk_t chunk, u_int32_t hash)
{
diff --git a/src/libstrongswan/chunk.h b/src/libstrongswan/chunk.h
index a526f4a89..f0f9a7366 100644
--- a/src/libstrongswan/chunk.h
+++ b/src/libstrongswan/chunk.h
@@ -42,7 +42,7 @@ struct chunk_t {
size_t len;
};
-#include <utils.h>
+#include "utils.h"
/**
* A { NULL, 0 }-chunk handy for initialization.
diff --git a/src/libstrongswan/credentials/credential_factory.c b/src/libstrongswan/credentials/credential_factory.c
index 5139ad504..7cc7dbe0e 100644
--- a/src/libstrongswan/credentials/credential_factory.c
+++ b/src/libstrongswan/credentials/credential_factory.c
@@ -151,7 +151,7 @@ static void* create(private_credential_factory_t *this, credential_type_t type,
{
names = certificate_type_names;
}
- DBG1("building %N - %N failed, tried %d builders",
+ DBG1(DBG_LIB, "building %N - %N failed, tried %d builders",
credential_type_names, type, names, subtype, failures);
}
this->recursive->set(this->recursive, (void*)level);
diff --git a/src/libstrongswan/credentials/keys/key_encoding.h b/src/libstrongswan/credentials/keys/key_encoding.h
index 384117166..d8435f4b4 100644
--- a/src/libstrongswan/credentials/keys/key_encoding.h
+++ b/src/libstrongswan/credentials/keys/key_encoding.h
@@ -79,7 +79,7 @@ enum key_encoding_type_t {
KEY_PRIV_ASN1_DER,
/** subjectPublicKeyInfo encoding */
KEY_PUB_SPKI_ASN1_DER,
- /** PEM oncoded PKCS#1 key */
+ /** PEM encoded PKCS#1 key */
KEY_PUB_PEM,
KEY_PRIV_PEM,
/** PGP key encoding */
diff --git a/src/libstrongswan/credentials/keys/shared_key.h b/src/libstrongswan/credentials/keys/shared_key.h
index fe7bc86be..d00b8d12e 100644
--- a/src/libstrongswan/credentials/keys/shared_key.h
+++ b/src/libstrongswan/credentials/keys/shared_key.h
@@ -41,6 +41,8 @@ enum shared_key_type_t {
SHARED_PRIVATE_KEY_PASS,
/** PIN to unlock a smartcard */
SHARED_PIN,
+ /** Calculated NT Hash = MD4(UTF-16LE(password)) */
+ SHARED_NT_HASH,
};
/**
diff --git a/src/libstrongswan/crypto/crypto_factory.c b/src/libstrongswan/crypto/crypto_factory.c
index 46b50329d..fee71953d 100644
--- a/src/libstrongswan/crypto/crypto_factory.c
+++ b/src/libstrongswan/crypto/crypto_factory.c
@@ -686,7 +686,7 @@ static void add_test_vector(private_crypto_factory_t *this,
case RANDOM_NUMBER_GENERATOR:
return this->tester->add_rng_vector(this->tester, vector);
default:
- DBG1("%N test vectors not supported, ignored",
+ DBG1(DBG_LIB, "%N test vectors not supported, ignored",
transform_type_names, type);
}
}
diff --git a/src/libstrongswan/crypto/crypto_tester.c b/src/libstrongswan/crypto/crypto_tester.c
index 86daf65f9..76cc1cf2c 100644
--- a/src/libstrongswan/crypto/crypto_tester.c
+++ b/src/libstrongswan/crypto/crypto_tester.c
@@ -136,7 +136,7 @@ static bool test_crypter(private_crypto_tester_t *this,
crypter->destroy(crypter);
if (failed)
{
- DBG1("disabled %N: test vector %u failed",
+ DBG1(DBG_LIB, "disabled %N: test vector %u failed",
encryption_algorithm_names, alg, tested);
break;
}
@@ -144,14 +144,14 @@ static bool test_crypter(private_crypto_tester_t *this,
enumerator->destroy(enumerator);
if (!tested)
{
- DBG1("%s %N: no test vectors found",
+ DBG1(DBG_LIB, "%s %N: no test vectors found",
this->required ? "disabled" : "enabled ",
encryption_algorithm_names, alg);
return !this->required;
}
if (!failed)
{
- DBG1("enabled %N: passed %u test vectors",
+ DBG1(DBG_LIB, "enabled %N: passed %u test vectors",
encryption_algorithm_names, alg, tested);
}
return !failed;
@@ -183,7 +183,7 @@ static bool test_signer(private_crypto_tester_t *this,
signer = create(alg);
if (!signer)
{
- DBG1("disabled %N: creating instance failed",
+ DBG1(DBG_LIB, "disabled %N: creating instance failed",
integrity_algorithm_names, alg);
failed = TRUE;
break;
@@ -240,7 +240,7 @@ static bool test_signer(private_crypto_tester_t *this,
signer->destroy(signer);
if (failed)
{
- DBG1("disabled %N: test vector %u failed",
+ DBG1(DBG_LIB, "disabled %N: test vector %u failed",
integrity_algorithm_names, alg, tested);
break;
}
@@ -248,14 +248,14 @@ static bool test_signer(private_crypto_tester_t *this,
enumerator->destroy(enumerator);
if (!tested)
{
- DBG1("%s %N: no test vectors found",
+ DBG1(DBG_LIB, "%s %N: no test vectors found",
this->required ? "disabled" : "enabled ",
integrity_algorithm_names, alg);
return !this->required;
}
if (!failed)
{
- DBG1("enabled %N: passed %u test vectors",
+ DBG1(DBG_LIB, "enabled %N: passed %u test vectors",
integrity_algorithm_names, alg, tested);
}
return !failed;
@@ -287,7 +287,7 @@ static bool test_hasher(private_crypto_tester_t *this, hash_algorithm_t alg,
hasher = create(alg);
if (!hasher)
{
- DBG1("disabled %N: creating instance failed",
+ DBG1(DBG_LIB, "disabled %N: creating instance failed",
hash_algorithm_names, alg);
failed = TRUE;
break;
@@ -330,7 +330,7 @@ static bool test_hasher(private_crypto_tester_t *this, hash_algorithm_t alg,
hasher->destroy(hasher);
if (failed)
{
- DBG1("disabled %N: test vector %u failed",
+ DBG1(DBG_LIB, "disabled %N: test vector %u failed",
hash_algorithm_names, alg, tested);
break;
}
@@ -338,14 +338,14 @@ static bool test_hasher(private_crypto_tester_t *this, hash_algorithm_t alg,
enumerator->destroy(enumerator);
if (!tested)
{
- DBG1("%s %N: no test vectors found",
+ DBG1(DBG_LIB, "%s %N: no test vectors found",
this->required ? "disabled" : "enabled ",
hash_algorithm_names, alg);
return !this->required;
}
if (!failed)
{
- DBG1("enabled %N: passed %u test vectors",
+ DBG1(DBG_LIB, "enabled %N: passed %u test vectors",
hash_algorithm_names, alg, tested);
}
return !failed;
@@ -377,7 +377,7 @@ static bool test_prf(private_crypto_tester_t *this,
prf = create(alg);
if (!prf)
{
- DBG1("disabled %N: creating instance failed",
+ DBG1(DBG_LIB, "disabled %N: creating instance failed",
pseudo_random_function_names, alg);
failed = TRUE;
break;
@@ -431,7 +431,7 @@ static bool test_prf(private_crypto_tester_t *this,
prf->destroy(prf);
if (failed)
{
- DBG1("disabled %N: test vector %u failed",
+ DBG1(DBG_LIB, "disabled %N: test vector %u failed",
pseudo_random_function_names, alg, tested);
break;
}
@@ -439,14 +439,14 @@ static bool test_prf(private_crypto_tester_t *this,
enumerator->destroy(enumerator);
if (!tested)
{
- DBG1("%s %N: no test vectors found",
+ DBG1(DBG_LIB, "%s %N: no test vectors found",
this->required ? "disabled" : "enabled ",
pseudo_random_function_names, alg);
return !this->required;
}
if (!failed)
{
- DBG1("enabled %N: passed %u test vectors",
+ DBG1(DBG_LIB, "enabled %N: passed %u test vectors",
pseudo_random_function_names, alg, tested);
}
return !failed;
@@ -465,7 +465,7 @@ static bool test_rng(private_crypto_tester_t *this, rng_quality_t quality,
if (!this->rng_true && quality == RNG_TRUE)
{
- DBG1("enabled %N: skipping test (disabled by config)",
+ DBG1(DBG_LIB, "enabled %N: skipping test (disabled by config)",
rng_quality_names, quality);
return TRUE;
}
@@ -485,7 +485,7 @@ static bool test_rng(private_crypto_tester_t *this, rng_quality_t quality,
rng = create(quality);
if (!rng)
{
- DBG1("disabled %N: creating instance failed",
+ DBG1(DBG_LIB, "disabled %N: creating instance failed",
rng_quality_names, quality);
failed = TRUE;
break;
@@ -515,7 +515,7 @@ static bool test_rng(private_crypto_tester_t *this, rng_quality_t quality,
rng->destroy(rng);
if (failed)
{
- DBG1("disabled %N: test vector %u failed",
+ DBG1(DBG_LIB, "disabled %N: test vector %u failed",
rng_quality_names, quality, tested);
break;
}
@@ -523,14 +523,14 @@ static bool test_rng(private_crypto_tester_t *this, rng_quality_t quality,
enumerator->destroy(enumerator);
if (!tested)
{
- DBG1("%s %N: no test vectors found",
+ DBG1(DBG_LIB, "%s %N: no test vectors found",
this->required ? ", disabled" : "enabled ",
rng_quality_names, quality);
return !this->required;
}
if (!failed)
{
- DBG1("enabled %N: passed %u test vectors",
+ DBG1(DBG_LIB, "enabled %N: passed %u test vectors",
rng_quality_names, quality, tested);
}
return !failed;
diff --git a/src/libstrongswan/crypto/diffie_hellman.c b/src/libstrongswan/crypto/diffie_hellman.c
index 18d532697..9bd8991fc 100644
--- a/src/libstrongswan/crypto/diffie_hellman.c
+++ b/src/libstrongswan/crypto/diffie_hellman.c
@@ -1,5 +1,6 @@
/*
- * Copyright (C) 2005-2008 Martin Willi
+ * Copyright (C) 2010 Tobias Brunner
+ * Copyright (C) 2005-2010 Martin Willi
* Copyright (C) 2005 Jan Hutter
* Hochschule fuer Technik Rapperswil
*
@@ -31,10 +32,412 @@ ENUM_NEXT(diffie_hellman_group_names, MODP_2048_BIT, ECP_521_BIT, MODP_1536_BIT,
"ECP_256",
"ECP_384",
"ECP_521");
-ENUM_NEXT(diffie_hellman_group_names, ECP_192_BIT, ECP_224_BIT, ECP_521_BIT,
+ENUM_NEXT(diffie_hellman_group_names, MODP_1024_160, ECP_224_BIT, ECP_521_BIT,
+ "MODP_1024_160",
+ "MODP_2048_224",
+ "MODP_2048_256",
"ECP_192",
"ECP_224");
ENUM_NEXT(diffie_hellman_group_names, MODP_NULL, MODP_NULL, ECP_224_BIT,
"MODP_NULL");
ENUM_END(diffie_hellman_group_names, MODP_NULL);
+
+/**
+ * List of known diffie hellman group parameters.
+ */
+static struct {
+ /* Public part of the struct */
+ diffie_hellman_params_t public;
+ /* The group identifier as specified in IKEv2 */
+ diffie_hellman_group_t group;
+ /* Optimal length of the exponent (in bytes), as specified in RFC 3526. */
+ size_t opt_exp;
+} dh_params[] = {
+ {
+ .group = MODP_768_BIT, .opt_exp = 32, .public = {
+ .generator = chunk_from_chars(0x02),
+ .prime = chunk_from_chars(
+ 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34,
+ 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,
+ 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
+ 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37,
+ 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,
+ 0xF4,0x4C,0x42,0xE9,0xA6,0x3A,0x36,0x20,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF)
+ },
+ },{
+ .group = MODP_1024_BIT, .opt_exp = 32, .public = {
+ .generator = chunk_from_chars(0x02),
+ .prime = chunk_from_chars(
+ 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34,
+ 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,
+ 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
+ 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37,
+ 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,
+ 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
+ 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6,
+ 0x49,0x28,0x66,0x51,0xEC,0xE6,0x53,0x81,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF)
+ },
+ },{
+ .group = MODP_1536_BIT, .opt_exp = 32, .public = {
+ .generator = chunk_from_chars(0x02),
+ .prime = chunk_from_chars(
+ 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34,
+ 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,
+ 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
+ 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37,
+ 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,
+ 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
+ 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6,
+ 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,
+ 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
+ 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB,
+ 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,
+ 0xF1,0x74,0x6C,0x08,0xCA,0x23,0x73,0x27,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF)
+ },
+ },{
+ .group = MODP_2048_BIT, .opt_exp = 48, .public = {
+ .generator = chunk_from_chars(0x02),
+ .prime = chunk_from_chars(
+ 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34,
+ 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,
+ 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
+ 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37,
+ 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,
+ 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
+ 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6,
+ 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,
+ 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
+ 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB,
+ 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,
+ 0xF1,0x74,0x6C,0x08,0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B,
+ 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,0xEC,0x07,0xA2,0x8F,
+ 0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18,
+ 0x39,0x95,0x49,0x7C,0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10,
+ 0x15,0x72,0x8E,0x5A,0x8A,0xAC,0xAA,0x68,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF)
+ },
+ },{
+ .group = MODP_3072_BIT, .opt_exp = 48, .public = {
+ .generator = chunk_from_chars(0x02),
+ .prime = chunk_from_chars(
+ 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34,
+ 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,
+ 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
+ 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37,
+ 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,
+ 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
+ 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6,
+ 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,
+ 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
+ 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB,
+ 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,
+ 0xF1,0x74,0x6C,0x08,0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B,
+ 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,0xEC,0x07,0xA2,0x8F,
+ 0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18,
+ 0x39,0x95,0x49,0x7C,0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10,
+ 0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,0x04,0x50,0x7A,0x33,
+ 0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A,
+ 0x8A,0xEA,0x71,0x57,0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7,
+ 0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,0x4A,0x25,0x61,0x9D,
+ 0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64,
+ 0xD8,0x76,0x02,0x73,0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C,
+ 0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,0xBA,0xD9,0x46,0xE2,
+ 0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E,
+ 0x4B,0x82,0xD1,0x20,0xA9,0x3A,0xD2,0xCA,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF)
+ },
+ },{
+ .group = MODP_4096_BIT, .opt_exp = 64, .public = {
+ .generator = chunk_from_chars(0x02),
+ .prime = chunk_from_chars(
+ 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34,
+ 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,
+ 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
+ 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37,
+ 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,
+ 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
+ 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6,
+ 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,
+ 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
+ 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB,
+ 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,
+ 0xF1,0x74,0x6C,0x08,0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B,
+ 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,0xEC,0x07,0xA2,0x8F,
+ 0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18,
+ 0x39,0x95,0x49,0x7C,0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10,
+ 0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,0x04,0x50,0x7A,0x33,
+ 0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A,
+ 0x8A,0xEA,0x71,0x57,0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7,
+ 0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,0x4A,0x25,0x61,0x9D,
+ 0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64,
+ 0xD8,0x76,0x02,0x73,0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C,
+ 0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,0xBA,0xD9,0x46,0xE2,
+ 0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E,
+ 0x4B,0x82,0xD1,0x20,0xA9,0x21,0x08,0x01,0x1A,0x72,0x3C,0x12,0xA7,0x87,0xE6,0xD7,
+ 0x88,0x71,0x9A,0x10,0xBD,0xBA,0x5B,0x26,0x99,0xC3,0x27,0x18,0x6A,0xF4,0xE2,0x3C,
+ 0x1A,0x94,0x68,0x34,0xB6,0x15,0x0B,0xDA,0x25,0x83,0xE9,0xCA,0x2A,0xD4,0x4C,0xE8,
+ 0xDB,0xBB,0xC2,0xDB,0x04,0xDE,0x8E,0xF9,0x2E,0x8E,0xFC,0x14,0x1F,0xBE,0xCA,0xA6,
+ 0x28,0x7C,0x59,0x47,0x4E,0x6B,0xC0,0x5D,0x99,0xB2,0x96,0x4F,0xA0,0x90,0xC3,0xA2,
+ 0x23,0x3B,0xA1,0x86,0x51,0x5B,0xE7,0xED,0x1F,0x61,0x29,0x70,0xCE,0xE2,0xD7,0xAF,
+ 0xB8,0x1B,0xDD,0x76,0x21,0x70,0x48,0x1C,0xD0,0x06,0x91,0x27,0xD5,0xB0,0x5A,0xA9,
+ 0x93,0xB4,0xEA,0x98,0x8D,0x8F,0xDD,0xC1,0x86,0xFF,0xB7,0xDC,0x90,0xA6,0xC0,0x8F,
+ 0x4D,0xF4,0x35,0xC9,0x34,0x06,0x31,0x99,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF)
+ },
+ },{
+ .group = MODP_6144_BIT, .opt_exp = 64, .public = {
+ .generator = chunk_from_chars(0x02),
+ .prime = chunk_from_chars(
+ 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34,
+ 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,
+ 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
+ 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37,
+ 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,
+ 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
+ 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6,
+ 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,
+ 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
+ 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB,
+ 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,
+ 0xF1,0x74,0x6C,0x08,0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B,
+ 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,0xEC,0x07,0xA2,0x8F,
+ 0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18,
+ 0x39,0x95,0x49,0x7C,0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10,
+ 0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,0x04,0x50,0x7A,0x33,
+ 0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A,
+ 0x8A,0xEA,0x71,0x57,0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7,
+ 0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,0x4A,0x25,0x61,0x9D,
+ 0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64,
+ 0xD8,0x76,0x02,0x73,0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C,
+ 0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,0xBA,0xD9,0x46,0xE2,
+ 0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E,
+ 0x4B,0x82,0xD1,0x20,0xA9,0x21,0x08,0x01,0x1A,0x72,0x3C,0x12,0xA7,0x87,0xE6,0xD7,
+ 0x88,0x71,0x9A,0x10,0xBD,0xBA,0x5B,0x26,0x99,0xC3,0x27,0x18,0x6A,0xF4,0xE2,0x3C,
+ 0x1A,0x94,0x68,0x34,0xB6,0x15,0x0B,0xDA,0x25,0x83,0xE9,0xCA,0x2A,0xD4,0x4C,0xE8,
+ 0xDB,0xBB,0xC2,0xDB,0x04,0xDE,0x8E,0xF9,0x2E,0x8E,0xFC,0x14,0x1F,0xBE,0xCA,0xA6,
+ 0x28,0x7C,0x59,0x47,0x4E,0x6B,0xC0,0x5D,0x99,0xB2,0x96,0x4F,0xA0,0x90,0xC3,0xA2,
+ 0x23,0x3B,0xA1,0x86,0x51,0x5B,0xE7,0xED,0x1F,0x61,0x29,0x70,0xCE,0xE2,0xD7,0xAF,
+ 0xB8,0x1B,0xDD,0x76,0x21,0x70,0x48,0x1C,0xD0,0x06,0x91,0x27,0xD5,0xB0,0x5A,0xA9,
+ 0x93,0xB4,0xEA,0x98,0x8D,0x8F,0xDD,0xC1,0x86,0xFF,0xB7,0xDC,0x90,0xA6,0xC0,0x8F,
+ 0x4D,0xF4,0x35,0xC9,0x34,0x02,0x84,0x92,0x36,0xC3,0xFA,0xB4,0xD2,0x7C,0x70,0x26,
+ 0xC1,0xD4,0xDC,0xB2,0x60,0x26,0x46,0xDE,0xC9,0x75,0x1E,0x76,0x3D,0xBA,0x37,0xBD,
+ 0xF8,0xFF,0x94,0x06,0xAD,0x9E,0x53,0x0E,0xE5,0xDB,0x38,0x2F,0x41,0x30,0x01,0xAE,
+ 0xB0,0x6A,0x53,0xED,0x90,0x27,0xD8,0x31,0x17,0x97,0x27,0xB0,0x86,0x5A,0x89,0x18,
+ 0xDA,0x3E,0xDB,0xEB,0xCF,0x9B,0x14,0xED,0x44,0xCE,0x6C,0xBA,0xCE,0xD4,0xBB,0x1B,
+ 0xDB,0x7F,0x14,0x47,0xE6,0xCC,0x25,0x4B,0x33,0x20,0x51,0x51,0x2B,0xD7,0xAF,0x42,
+ 0x6F,0xB8,0xF4,0x01,0x37,0x8C,0xD2,0xBF,0x59,0x83,0xCA,0x01,0xC6,0x4B,0x92,0xEC,
+ 0xF0,0x32,0xEA,0x15,0xD1,0x72,0x1D,0x03,0xF4,0x82,0xD7,0xCE,0x6E,0x74,0xFE,0xF6,
+ 0xD5,0x5E,0x70,0x2F,0x46,0x98,0x0C,0x82,0xB5,0xA8,0x40,0x31,0x90,0x0B,0x1C,0x9E,
+ 0x59,0xE7,0xC9,0x7F,0xBE,0xC7,0xE8,0xF3,0x23,0xA9,0x7A,0x7E,0x36,0xCC,0x88,0xBE,
+ 0x0F,0x1D,0x45,0xB7,0xFF,0x58,0x5A,0xC5,0x4B,0xD4,0x07,0xB2,0x2B,0x41,0x54,0xAA,
+ 0xCC,0x8F,0x6D,0x7E,0xBF,0x48,0xE1,0xD8,0x14,0xCC,0x5E,0xD2,0x0F,0x80,0x37,0xE0,
+ 0xA7,0x97,0x15,0xEE,0xF2,0x9B,0xE3,0x28,0x06,0xA1,0xD5,0x8B,0xB7,0xC5,0xDA,0x76,
+ 0xF5,0x50,0xAA,0x3D,0x8A,0x1F,0xBF,0xF0,0xEB,0x19,0xCC,0xB1,0xA3,0x13,0xD5,0x5C,
+ 0xDA,0x56,0xC9,0xEC,0x2E,0xF2,0x96,0x32,0x38,0x7F,0xE8,0xD7,0x6E,0x3C,0x04,0x68,
+ 0x04,0x3E,0x8F,0x66,0x3F,0x48,0x60,0xEE,0x12,0xBF,0x2D,0x5B,0x0B,0x74,0x74,0xD6,
+ 0xE6,0x94,0xF9,0x1E,0x6D,0xCC,0x40,0x24,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF)
+ },
+ },{
+ .group = MODP_8192_BIT, .opt_exp = 64, .public = {
+ .generator = chunk_from_chars(0x02),
+ .prime = chunk_from_chars(
+ 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34,
+ 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,
+ 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
+ 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37,
+ 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,
+ 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
+ 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6,
+ 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,
+ 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
+ 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB,
+ 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,
+ 0xF1,0x74,0x6C,0x08,0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B,
+ 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,0xEC,0x07,0xA2,0x8F,
+ 0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18,
+ 0x39,0x95,0x49,0x7C,0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10,
+ 0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,0x04,0x50,0x7A,0x33,
+ 0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A,
+ 0x8A,0xEA,0x71,0x57,0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7,
+ 0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,0x4A,0x25,0x61,0x9D,
+ 0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64,
+ 0xD8,0x76,0x02,0x73,0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C,
+ 0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,0xBA,0xD9,0x46,0xE2,
+ 0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E,
+ 0x4B,0x82,0xD1,0x20,0xA9,0x21,0x08,0x01,0x1A,0x72,0x3C,0x12,0xA7,0x87,0xE6,0xD7,
+ 0x88,0x71,0x9A,0x10,0xBD,0xBA,0x5B,0x26,0x99,0xC3,0x27,0x18,0x6A,0xF4,0xE2,0x3C,
+ 0x1A,0x94,0x68,0x34,0xB6,0x15,0x0B,0xDA,0x25,0x83,0xE9,0xCA,0x2A,0xD4,0x4C,0xE8,
+ 0xDB,0xBB,0xC2,0xDB,0x04,0xDE,0x8E,0xF9,0x2E,0x8E,0xFC,0x14,0x1F,0xBE,0xCA,0xA6,
+ 0x28,0x7C,0x59,0x47,0x4E,0x6B,0xC0,0x5D,0x99,0xB2,0x96,0x4F,0xA0,0x90,0xC3,0xA2,
+ 0x23,0x3B,0xA1,0x86,0x51,0x5B,0xE7,0xED,0x1F,0x61,0x29,0x70,0xCE,0xE2,0xD7,0xAF,
+ 0xB8,0x1B,0xDD,0x76,0x21,0x70,0x48,0x1C,0xD0,0x06,0x91,0x27,0xD5,0xB0,0x5A,0xA9,
+ 0x93,0xB4,0xEA,0x98,0x8D,0x8F,0xDD,0xC1,0x86,0xFF,0xB7,0xDC,0x90,0xA6,0xC0,0x8F,
+ 0x4D,0xF4,0x35,0xC9,0x34,0x02,0x84,0x92,0x36,0xC3,0xFA,0xB4,0xD2,0x7C,0x70,0x26,
+ 0xC1,0xD4,0xDC,0xB2,0x60,0x26,0x46,0xDE,0xC9,0x75,0x1E,0x76,0x3D,0xBA,0x37,0xBD,
+ 0xF8,0xFF,0x94,0x06,0xAD,0x9E,0x53,0x0E,0xE5,0xDB,0x38,0x2F,0x41,0x30,0x01,0xAE,
+ 0xB0,0x6A,0x53,0xED,0x90,0x27,0xD8,0x31,0x17,0x97,0x27,0xB0,0x86,0x5A,0x89,0x18,
+ 0xDA,0x3E,0xDB,0xEB,0xCF,0x9B,0x14,0xED,0x44,0xCE,0x6C,0xBA,0xCE,0xD4,0xBB,0x1B,
+ 0xDB,0x7F,0x14,0x47,0xE6,0xCC,0x25,0x4B,0x33,0x20,0x51,0x51,0x2B,0xD7,0xAF,0x42,
+ 0x6F,0xB8,0xF4,0x01,0x37,0x8C,0xD2,0xBF,0x59,0x83,0xCA,0x01,0xC6,0x4B,0x92,0xEC,
+ 0xF0,0x32,0xEA,0x15,0xD1,0x72,0x1D,0x03,0xF4,0x82,0xD7,0xCE,0x6E,0x74,0xFE,0xF6,
+ 0xD5,0x5E,0x70,0x2F,0x46,0x98,0x0C,0x82,0xB5,0xA8,0x40,0x31,0x90,0x0B,0x1C,0x9E,
+ 0x59,0xE7,0xC9,0x7F,0xBE,0xC7,0xE8,0xF3,0x23,0xA9,0x7A,0x7E,0x36,0xCC,0x88,0xBE,
+ 0x0F,0x1D,0x45,0xB7,0xFF,0x58,0x5A,0xC5,0x4B,0xD4,0x07,0xB2,0x2B,0x41,0x54,0xAA,
+ 0xCC,0x8F,0x6D,0x7E,0xBF,0x48,0xE1,0xD8,0x14,0xCC,0x5E,0xD2,0x0F,0x80,0x37,0xE0,
+ 0xA7,0x97,0x15,0xEE,0xF2,0x9B,0xE3,0x28,0x06,0xA1,0xD5,0x8B,0xB7,0xC5,0xDA,0x76,
+ 0xF5,0x50,0xAA,0x3D,0x8A,0x1F,0xBF,0xF0,0xEB,0x19,0xCC,0xB1,0xA3,0x13,0xD5,0x5C,
+ 0xDA,0x56,0xC9,0xEC,0x2E,0xF2,0x96,0x32,0x38,0x7F,0xE8,0xD7,0x6E,0x3C,0x04,0x68,
+ 0x04,0x3E,0x8F,0x66,0x3F,0x48,0x60,0xEE,0x12,0xBF,0x2D,0x5B,0x0B,0x74,0x74,0xD6,
+ 0xE6,0x94,0xF9,0x1E,0x6D,0xBE,0x11,0x59,0x74,0xA3,0x92,0x6F,0x12,0xFE,0xE5,0xE4,
+ 0x38,0x77,0x7C,0xB6,0xA9,0x32,0xDF,0x8C,0xD8,0xBE,0xC4,0xD0,0x73,0xB9,0x31,0xBA,
+ 0x3B,0xC8,0x32,0xB6,0x8D,0x9D,0xD3,0x00,0x74,0x1F,0xA7,0xBF,0x8A,0xFC,0x47,0xED,
+ 0x25,0x76,0xF6,0x93,0x6B,0xA4,0x24,0x66,0x3A,0xAB,0x63,0x9C,0x5A,0xE4,0xF5,0x68,
+ 0x34,0x23,0xB4,0x74,0x2B,0xF1,0xC9,0x78,0x23,0x8F,0x16,0xCB,0xE3,0x9D,0x65,0x2D,
+ 0xE3,0xFD,0xB8,0xBE,0xFC,0x84,0x8A,0xD9,0x22,0x22,0x2E,0x04,0xA4,0x03,0x7C,0x07,
+ 0x13,0xEB,0x57,0xA8,0x1A,0x23,0xF0,0xC7,0x34,0x73,0xFC,0x64,0x6C,0xEA,0x30,0x6B,
+ 0x4B,0xCB,0xC8,0x86,0x2F,0x83,0x85,0xDD,0xFA,0x9D,0x4B,0x7F,0xA2,0xC0,0x87,0xE8,
+ 0x79,0x68,0x33,0x03,0xED,0x5B,0xDD,0x3A,0x06,0x2B,0x3C,0xF5,0xB3,0xA2,0x78,0xA6,
+ 0x6D,0x2A,0x13,0xF8,0x3F,0x44,0xF8,0x2D,0xDF,0x31,0x0E,0xE0,0x74,0xAB,0x6A,0x36,
+ 0x45,0x97,0xE8,0x99,0xA0,0x25,0x5D,0xC1,0x64,0xF3,0x1C,0xC5,0x08,0x46,0x85,0x1D,
+ 0xF9,0xAB,0x48,0x19,0x5D,0xED,0x7E,0xA1,0xB1,0xD5,0x10,0xBD,0x7E,0xE7,0x4D,0x73,
+ 0xFA,0xF3,0x6B,0xC3,0x1E,0xCF,0xA2,0x68,0x35,0x90,0x46,0xF4,0xEB,0x87,0x9F,0x92,
+ 0x40,0x09,0x43,0x8B,0x48,0x1C,0x6C,0xD7,0x88,0x9A,0x00,0x2E,0xD5,0xEE,0x38,0x2B,
+ 0xC9,0x19,0x0D,0xA6,0xFC,0x02,0x6E,0x47,0x95,0x58,0xE4,0x47,0x56,0x77,0xE9,0xAA,
+ 0x9E,0x30,0x50,0xE2,0x76,0x56,0x94,0xDF,0xC8,0x1F,0x56,0xE8,0x80,0xB9,0x6E,0x71,
+ 0x60,0xC9,0x80,0xDD,0x98,0xED,0xD3,0xDF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF)
+ },
+ },{
+ .group = MODP_1024_160, .opt_exp = 20, .public = {
+ .subgroup = chunk_from_chars(
+ 0xF5,0x18,0xAA,0x87,0x81,0xA8,0xDF,0x27,0x8A,0xBA,0x4E,0x7D,0x64,0xB7,0xCB,0x9D,
+ 0x49,0x46,0x23,0x53),
+ .generator = chunk_from_chars(
+ 0xA4,0xD1,0xCB,0xD5,0xC3,0xFD,0x34,0x12,0x67,0x65,0xA4,0x42,0xEF,0xB9,0x99,0x05,
+ 0xF8,0x10,0x4D,0xD2,0x58,0xAC,0x50,0x7F,0xD6,0x40,0x6C,0xFF,0x14,0x26,0x6D,0x31,
+ 0x26,0x6F,0xEA,0x1E,0x5C,0x41,0x56,0x4B,0x77,0x7E,0x69,0x0F,0x55,0x04,0xF2,0x13,
+ 0x16,0x02,0x17,0xB4,0xB0,0x1B,0x88,0x6A,0x5E,0x91,0x54,0x7F,0x9E,0x27,0x49,0xF4,
+ 0xD7,0xFB,0xD7,0xD3,0xB9,0xA9,0x2E,0xE1,0x90,0x9D,0x0D,0x22,0x63,0xF8,0x0A,0x76,
+ 0xA6,0xA2,0x4C,0x08,0x7A,0x09,0x1F,0x53,0x1D,0xBF,0x0A,0x01,0x69,0xB6,0xA2,0x8A,
+ 0xD6,0x62,0xA4,0xD1,0x8E,0x73,0xAF,0xA3,0x2D,0x77,0x9D,0x59,0x18,0xD0,0x8B,0xC8,
+ 0x85,0x8F,0x4D,0xCE,0xF9,0x7C,0x2A,0x24,0x85,0x5E,0x6E,0xEB,0x22,0xB3,0xB2,0xE5),
+ .prime = chunk_from_chars(
+ 0xB1,0x0B,0x8F,0x96,0xA0,0x80,0xE0,0x1D,0xDE,0x92,0xDE,0x5E,0xAE,0x5D,0x54,0xEC,
+ 0x52,0xC9,0x9F,0xBC,0xFB,0x06,0xA3,0xC6,0x9A,0x6A,0x9D,0xCA,0x52,0xD2,0x3B,0x61,
+ 0x60,0x73,0xE2,0x86,0x75,0xA2,0x3D,0x18,0x98,0x38,0xEF,0x1E,0x2E,0xE6,0x52,0xC0,
+ 0x13,0xEC,0xB4,0xAE,0xA9,0x06,0x11,0x23,0x24,0x97,0x5C,0x3C,0xD4,0x9B,0x83,0xBF,
+ 0xAC,0xCB,0xDD,0x7D,0x90,0xC4,0xBD,0x70,0x98,0x48,0x8E,0x9C,0x21,0x9A,0x73,0x72,
+ 0x4E,0xFF,0xD6,0xFA,0xE5,0x64,0x47,0x38,0xFA,0xA3,0x1A,0x4F,0xF5,0x5B,0xCC,0xC0,
+ 0xA1,0x51,0xAF,0x5F,0x0D,0xC8,0xB4,0xBD,0x45,0xBF,0x37,0xDF,0x36,0x5C,0x1A,0x65,
+ 0xE6,0x8C,0xFD,0xA7,0x6D,0x4D,0xA7,0x08,0xDF,0x1F,0xB2,0xBC,0x2E,0x4A,0x43,0x71),
+ },
+ }, {
+ .group = MODP_2048_224, .opt_exp = 28, .public = {
+ .subgroup = chunk_from_chars(
+ 0x80,0x1C,0x0D,0x34,0xC5,0x8D,0x93,0xFE,0x99,0x71,0x77,0x10,0x1F,0x80,0x53,0x5A,
+ 0x47,0x38,0xCE,0xBC,0xBF,0x38,0x9A,0x99,0xB3,0x63,0x71,0xEB),
+ .generator = chunk_from_chars(
+ 0xAC,0x40,0x32,0xEF,0x4F,0x2D,0x9A,0xE3,0x9D,0xF3,0x0B,0x5C,0x8F,0xFD,0xAC,0x50,
+ 0x6C,0xDE,0xBE,0x7B,0x89,0x99,0x8C,0xAF,0x74,0x86,0x6A,0x08,0xCF,0xE4,0xFF,0xE3,
+ 0xA6,0x82,0x4A,0x4E,0x10,0xB9,0xA6,0xF0,0xDD,0x92,0x1F,0x01,0xA7,0x0C,0x4A,0xFA,
+ 0xAB,0x73,0x9D,0x77,0x00,0xC2,0x9F,0x52,0xC5,0x7D,0xB1,0x7C,0x62,0x0A,0x86,0x52,
+ 0xBE,0x5E,0x90,0x01,0xA8,0xD6,0x6A,0xD7,0xC1,0x76,0x69,0x10,0x19,0x99,0x02,0x4A,
+ 0xF4,0xD0,0x27,0x27,0x5A,0xC1,0x34,0x8B,0xB8,0xA7,0x62,0xD0,0x52,0x1B,0xC9,0x8A,
+ 0xE2,0x47,0x15,0x04,0x22,0xEA,0x1E,0xD4,0x09,0x93,0x9D,0x54,0xDA,0x74,0x60,0xCD,
+ 0xB5,0xF6,0xC6,0xB2,0x50,0x71,0x7C,0xBE,0xF1,0x80,0xEB,0x34,0x11,0x8E,0x98,0xD1,
+ 0x19,0x52,0x9A,0x45,0xD6,0xF8,0x34,0x56,0x6E,0x30,0x25,0xE3,0x16,0xA3,0x30,0xEF,
+ 0xBB,0x77,0xA8,0x6F,0x0C,0x1A,0xB1,0x5B,0x05,0x1A,0xE3,0xD4,0x28,0xC8,0xF8,0xAC,
+ 0xB7,0x0A,0x81,0x37,0x15,0x0B,0x8E,0xEB,0x10,0xE1,0x83,0xED,0xD1,0x99,0x63,0xDD,
+ 0xD9,0xE2,0x63,0xE4,0x77,0x05,0x89,0xEF,0x6A,0xA2,0x1E,0x7F,0x5F,0x2F,0xF3,0x81,
+ 0xB5,0x39,0xCC,0xE3,0x40,0x9D,0x13,0xCD,0x56,0x6A,0xFB,0xB4,0x8D,0x6C,0x01,0x91,
+ 0x81,0xE1,0xBC,0xFE,0x94,0xB3,0x02,0x69,0xED,0xFE,0x72,0xFE,0x9B,0x6A,0xA4,0xBD,
+ 0x7B,0x5A,0x0F,0x1C,0x71,0xCF,0xFF,0x4C,0x19,0xC4,0x18,0xE1,0xF6,0xEC,0x01,0x79,
+ 0x81,0xBC,0x08,0x7F,0x2A,0x70,0x65,0xB3,0x84,0xB8,0x90,0xD3,0x19,0x1F,0x2B,0xFA),
+ .prime = chunk_from_chars(
+ 0xAD,0x10,0x7E,0x1E,0x91,0x23,0xA9,0xD0,0xD6,0x60,0xFA,0xA7,0x95,0x59,0xC5,0x1F,
+ 0xA2,0x0D,0x64,0xE5,0x68,0x3B,0x9F,0xD1,0xB5,0x4B,0x15,0x97,0xB6,0x1D,0x0A,0x75,
+ 0xE6,0xFA,0x14,0x1D,0xF9,0x5A,0x56,0xDB,0xAF,0x9A,0x3C,0x40,0x7B,0xA1,0xDF,0x15,
+ 0xEB,0x3D,0x68,0x8A,0x30,0x9C,0x18,0x0E,0x1D,0xE6,0xB8,0x5A,0x12,0x74,0xA0,0xA6,
+ 0x6D,0x3F,0x81,0x52,0xAD,0x6A,0xC2,0x12,0x90,0x37,0xC9,0xED,0xEF,0xDA,0x4D,0xF8,
+ 0xD9,0x1E,0x8F,0xEF,0x55,0xB7,0x39,0x4B,0x7A,0xD5,0xB7,0xD0,0xB6,0xC1,0x22,0x07,
+ 0xC9,0xF9,0x8D,0x11,0xED,0x34,0xDB,0xF6,0xC6,0xBA,0x0B,0x2C,0x8B,0xBC,0x27,0xBE,
+ 0x6A,0x00,0xE0,0xA0,0xB9,0xC4,0x97,0x08,0xB3,0xBF,0x8A,0x31,0x70,0x91,0x88,0x36,
+ 0x81,0x28,0x61,0x30,0xBC,0x89,0x85,0xDB,0x16,0x02,0xE7,0x14,0x41,0x5D,0x93,0x30,
+ 0x27,0x82,0x73,0xC7,0xDE,0x31,0xEF,0xDC,0x73,0x10,0xF7,0x12,0x1F,0xD5,0xA0,0x74,
+ 0x15,0x98,0x7D,0x9A,0xDC,0x0A,0x48,0x6D,0xCD,0xF9,0x3A,0xCC,0x44,0x32,0x83,0x87,
+ 0x31,0x5D,0x75,0xE1,0x98,0xC6,0x41,0xA4,0x80,0xCD,0x86,0xA1,0xB9,0xE5,0x87,0xE8,
+ 0xBE,0x60,0xE6,0x9C,0xC9,0x28,0xB2,0xB9,0xC5,0x21,0x72,0xE4,0x13,0x04,0x2E,0x9B,
+ 0x23,0xF1,0x0B,0x0E,0x16,0xE7,0x97,0x63,0xC9,0xB5,0x3D,0xCF,0x4B,0xA8,0x0A,0x29,
+ 0xE3,0xFB,0x73,0xC1,0x6B,0x8E,0x75,0xB9,0x7E,0xF3,0x63,0xE2,0xFF,0xA3,0x1F,0x71,
+ 0xCF,0x9D,0xE5,0x38,0x4E,0x71,0xB8,0x1C,0x0A,0xC4,0xDF,0xFE,0x0C,0x10,0xE6,0x4F)
+ },
+ },{
+ .group = MODP_2048_256, .opt_exp = 32, .public = {
+ .subgroup = chunk_from_chars(
+ 0x8C,0xF8,0x36,0x42,0xA7,0x09,0xA0,0x97,0xB4,0x47,0x99,0x76,0x40,0x12,0x9D,0xA2,
+ 0x99,0xB1,0xA4,0x7D,0x1E,0xB3,0x75,0x0B,0xA3,0x08,0xB0,0xFE,0x64,0xF5,0xFB,0xD3),
+ .generator = chunk_from_chars(
+ 0x3F,0xB3,0x2C,0x9B,0x73,0x13,0x4D,0x0B,0x2E,0x77,0x50,0x66,0x60,0xED,0xBD,0x48,
+ 0x4C,0xA7,0xB1,0x8F,0x21,0xEF,0x20,0x54,0x07,0xF4,0x79,0x3A,0x1A,0x0B,0xA1,0x25,
+ 0x10,0xDB,0xC1,0x50,0x77,0xBE,0x46,0x3F,0xFF,0x4F,0xED,0x4A,0xAC,0x0B,0xB5,0x55,
+ 0xBE,0x3A,0x6C,0x1B,0x0C,0x6B,0x47,0xB1,0xBC,0x37,0x73,0xBF,0x7E,0x8C,0x6F,0x62,
+ 0x90,0x12,0x28,0xF8,0xC2,0x8C,0xBB,0x18,0xA5,0x5A,0xE3,0x13,0x41,0x00,0x0A,0x65,
+ 0x01,0x96,0xF9,0x31,0xC7,0x7A,0x57,0xF2,0xDD,0xF4,0x63,0xE5,0xE9,0xEC,0x14,0x4B,
+ 0x77,0x7D,0xE6,0x2A,0xAA,0xB8,0xA8,0x62,0x8A,0xC3,0x76,0xD2,0x82,0xD6,0xED,0x38,
+ 0x64,0xE6,0x79,0x82,0x42,0x8E,0xBC,0x83,0x1D,0x14,0x34,0x8F,0x6F,0x2F,0x91,0x93,
+ 0xB5,0x04,0x5A,0xF2,0x76,0x71,0x64,0xE1,0xDF,0xC9,0x67,0xC1,0xFB,0x3F,0x2E,0x55,
+ 0xA4,0xBD,0x1B,0xFF,0xE8,0x3B,0x9C,0x80,0xD0,0x52,0xB9,0x85,0xD1,0x82,0xEA,0x0A,
+ 0xDB,0x2A,0x3B,0x73,0x13,0xD3,0xFE,0x14,0xC8,0x48,0x4B,0x1E,0x05,0x25,0x88,0xB9,
+ 0xB7,0xD2,0xBB,0xD2,0xDF,0x01,0x61,0x99,0xEC,0xD0,0x6E,0x15,0x57,0xCD,0x09,0x15,
+ 0xB3,0x35,0x3B,0xBB,0x64,0xE0,0xEC,0x37,0x7F,0xD0,0x28,0x37,0x0D,0xF9,0x2B,0x52,
+ 0xC7,0x89,0x14,0x28,0xCD,0xC6,0x7E,0xB6,0x18,0x4B,0x52,0x3D,0x1D,0xB2,0x46,0xC3,
+ 0x2F,0x63,0x07,0x84,0x90,0xF0,0x0E,0xF8,0xD6,0x47,0xD1,0x48,0xD4,0x79,0x54,0x51,
+ 0x5E,0x23,0x27,0xCF,0xEF,0x98,0xC5,0x82,0x66,0x4B,0x4C,0x0F,0x6C,0xC4,0x16,0x59),
+ .prime = chunk_from_chars(
+ 0x87,0xA8,0xE6,0x1D,0xB4,0xB6,0x66,0x3C,0xFF,0xBB,0xD1,0x9C,0x65,0x19,0x59,0x99,
+ 0x8C,0xEE,0xF6,0x08,0x66,0x0D,0xD0,0xF2,0x5D,0x2C,0xEE,0xD4,0x43,0x5E,0x3B,0x00,
+ 0xE0,0x0D,0xF8,0xF1,0xD6,0x19,0x57,0xD4,0xFA,0xF7,0xDF,0x45,0x61,0xB2,0xAA,0x30,
+ 0x16,0xC3,0xD9,0x11,0x34,0x09,0x6F,0xAA,0x3B,0xF4,0x29,0x6D,0x83,0x0E,0x9A,0x7C,
+ 0x20,0x9E,0x0C,0x64,0x97,0x51,0x7A,0xBD,0x5A,0x8A,0x9D,0x30,0x6B,0xCF,0x67,0xED,
+ 0x91,0xF9,0xE6,0x72,0x5B,0x47,0x58,0xC0,0x22,0xE0,0xB1,0xEF,0x42,0x75,0xBF,0x7B,
+ 0x6C,0x5B,0xFC,0x11,0xD4,0x5F,0x90,0x88,0xB9,0x41,0xF5,0x4E,0xB1,0xE5,0x9B,0xB8,
+ 0xBC,0x39,0xA0,0xBF,0x12,0x30,0x7F,0x5C,0x4F,0xDB,0x70,0xC5,0x81,0xB2,0x3F,0x76,
+ 0xB6,0x3A,0xCA,0xE1,0xCA,0xA6,0xB7,0x90,0x2D,0x52,0x52,0x67,0x35,0x48,0x8A,0x0E,
+ 0xF1,0x3C,0x6D,0x9A,0x51,0xBF,0xA4,0xAB,0x3A,0xD8,0x34,0x77,0x96,0x52,0x4D,0x8E,
+ 0xF6,0xA1,0x67,0xB5,0xA4,0x18,0x25,0xD9,0x67,0xE1,0x44,0xE5,0x14,0x05,0x64,0x25,
+ 0x1C,0xCA,0xCB,0x83,0xE6,0xB4,0x86,0xF6,0xB3,0xCA,0x3F,0x79,0x71,0x50,0x60,0x26,
+ 0xC0,0xB8,0x57,0xF6,0x89,0x96,0x28,0x56,0xDE,0xD4,0x01,0x0A,0xBD,0x0B,0xE6,0x21,
+ 0xC3,0xA3,0x96,0x0A,0x54,0xE7,0x10,0xC3,0x75,0xF2,0x63,0x75,0xD7,0x01,0x41,0x03,
+ 0xA4,0xB5,0x43,0x30,0xC1,0x98,0xAF,0x12,0x61,0x16,0xD2,0x27,0x6E,0x11,0x71,0x5F,
+ 0x69,0x38,0x77,0xFA,0xD7,0xEF,0x09,0xCA,0xDB,0x09,0x4A,0xE9,0x1E,0x1A,0x15,0x97)
+ },
+ },
+};
+
+/**
+ * Described in header.
+ */
+diffie_hellman_params_t *diffie_hellman_get_params(diffie_hellman_group_t group)
+{
+ int i;
+
+ for (i = 0; i < countof(dh_params); i++)
+ {
+ if (dh_params[i].group == group)
+ {
+ if (!dh_params[i].public.exp_len)
+ {
+ if (!dh_params[i].public.subgroup.len &&
+ lib->settings->get_int(lib->settings,
+ "libstrongswan.dh_exponent_ansi_x9_42", TRUE))
+ {
+ dh_params[i].public.exp_len = dh_params[i].public.prime.len;
+ }
+ else
+ {
+ dh_params[i].public.exp_len = dh_params[i].opt_exp;
+ }
+ }
+ return &dh_params[i].public;
+ }
+ }
+ return NULL;
+}
+
diff --git a/src/libstrongswan/crypto/diffie_hellman.h b/src/libstrongswan/crypto/diffie_hellman.h
index 842938c3b..cdc9c785e 100644
--- a/src/libstrongswan/crypto/diffie_hellman.h
+++ b/src/libstrongswan/crypto/diffie_hellman.h
@@ -1,4 +1,5 @@
/*
+ * Copyright (C) 2010 Tobias Brunner
* Copyright (C) 2005-2007 Martin Willi
* Copyright (C) 2005 Jan Hutter
* Hochschule fuer Technik Rapperswil
@@ -24,6 +25,7 @@
typedef enum diffie_hellman_group_t diffie_hellman_group_t;
typedef struct diffie_hellman_t diffie_hellman_t;
+typedef struct diffie_hellman_params_t diffie_hellman_params_t;
#include <library.h>
@@ -48,6 +50,9 @@ enum diffie_hellman_group_t {
ECP_256_BIT = 19,
ECP_384_BIT = 20,
ECP_521_BIT = 21,
+ MODP_1024_160 = 22,
+ MODP_2048_224 = 23,
+ MODP_2048_256 = 24,
ECP_192_BIT = 25,
ECP_224_BIT = 26,
/** insecure NULL diffie hellman group for testing, in PRIVATE USE */
@@ -70,8 +75,8 @@ struct diffie_hellman_t {
* Space for returned secret is allocated and must be
* freed by the caller.
*
- * @param secret shared secret will be written into this chunk
- * @return SUCCESS, FAILED if not both DH values are set
+ * @param secret shared secret will be written into this chunk
+ * @return SUCCESS, FAILED if not both DH values are set
*/
status_t (*get_shared_secret) (diffie_hellman_t *this, chunk_t *secret);
@@ -80,7 +85,7 @@ struct diffie_hellman_t {
*
* Chunk gets cloned and can be destroyed afterwards.
*
- * @param value public value of partner
+ * @param value public value of partner
*/
void (*set_other_public_value) (diffie_hellman_t *this, chunk_t value);
@@ -106,4 +111,38 @@ struct diffie_hellman_t {
void (*destroy) (diffie_hellman_t *this);
};
+/**
+ * Parameters for a specific diffie hellman group.
+ */
+struct diffie_hellman_params_t {
+
+ /**
+ * The prime of the group
+ */
+ const chunk_t prime;
+
+ /**
+ * Generator of the group
+ */
+ const chunk_t generator;
+
+ /**
+ * Exponent length to use
+ */
+ size_t exp_len;
+
+ /**
+ * Prime order subgroup; for MODP Groups 22-24
+ */
+ const chunk_t subgroup;
+};
+
+/**
+ * Get the parameters associated with the specified diffie hellman group.
+ *
+ * @param group DH group
+ * @return The parameters or NULL, if the group is not supported
+ */
+diffie_hellman_params_t *diffie_hellman_get_params(diffie_hellman_group_t group);
+
#endif /** DIFFIE_HELLMAN_H_ @}*/
diff --git a/src/libstrongswan/crypto/proposal/proposal_keywords.c b/src/libstrongswan/crypto/proposal/proposal_keywords.c
index 75816e8b3..a43dde7ea 100644
--- a/src/libstrongswan/crypto/proposal/proposal_keywords.c
+++ b/src/libstrongswan/crypto/proposal/proposal_keywords.c
@@ -59,12 +59,12 @@ struct proposal_token {
u_int16_t keysize;
};
-#define TOTAL_KEYWORDS 89
+#define TOTAL_KEYWORDS 95
#define MIN_WORD_LENGTH 3
#define MAX_WORD_LENGTH 12
-#define MIN_HASH_VALUE 4
-#define MAX_HASH_VALUE 123
-/* maximum key range = 120, duplicates = 0 */
+#define MIN_HASH_VALUE 5
+#define MAX_HASH_VALUE 137
+/* maximum key range = 133, duplicates = 0 */
#ifdef __GNUC__
__inline
@@ -80,32 +80,32 @@ hash (str, len)
{
static const unsigned char asso_values[] =
{
- 124, 124, 124, 124, 124, 124, 124, 124, 124, 124,
- 124, 124, 124, 124, 124, 124, 124, 124, 124, 124,
- 124, 124, 124, 124, 124, 124, 124, 124, 124, 124,
- 124, 124, 124, 124, 124, 124, 124, 124, 124, 124,
- 124, 124, 124, 124, 124, 124, 124, 124, 124, 11,
- 2, 23, 5, 27, 21, 8, 5, 0, 124, 124,
- 124, 124, 124, 124, 124, 124, 124, 124, 124, 124,
- 124, 124, 124, 124, 124, 124, 124, 124, 124, 124,
- 124, 124, 124, 124, 124, 124, 124, 124, 124, 124,
- 124, 124, 124, 124, 124, 22, 124, 24, 0, 1,
- 8, 2, 50, 0, 11, 54, 124, 124, 0, 124,
- 42, 0, 124, 124, 5, 9, 34, 6, 124, 124,
- 124, 124, 124, 124, 124, 124, 124, 124, 124, 124,
- 124, 124, 124, 124, 124, 124, 124, 124, 124, 124,
- 124, 124, 124, 124, 124, 124, 124, 124, 124, 124,
- 124, 124, 124, 124, 124, 124, 124, 124, 124, 124,
- 124, 124, 124, 124, 124, 124, 124, 124, 124, 124,
- 124, 124, 124, 124, 124, 124, 124, 124, 124, 124,
- 124, 124, 124, 124, 124, 124, 124, 124, 124, 124,
- 124, 124, 124, 124, 124, 124, 124, 124, 124, 124,
- 124, 124, 124, 124, 124, 124, 124, 124, 124, 124,
- 124, 124, 124, 124, 124, 124, 124, 124, 124, 124,
- 124, 124, 124, 124, 124, 124, 124, 124, 124, 124,
- 124, 124, 124, 124, 124, 124, 124, 124, 124, 124,
- 124, 124, 124, 124, 124, 124, 124, 124, 124, 124,
- 124, 124, 124, 124, 124, 124, 124
+ 138, 138, 138, 138, 138, 138, 138, 138, 138, 138,
+ 138, 138, 138, 138, 138, 138, 138, 138, 138, 138,
+ 138, 138, 138, 138, 138, 138, 138, 138, 138, 138,
+ 138, 138, 138, 138, 138, 138, 138, 138, 138, 138,
+ 138, 138, 138, 138, 138, 138, 138, 138, 3, 11,
+ 2, 23, 29, 27, 21, 16, 5, 0, 138, 138,
+ 138, 138, 138, 138, 138, 138, 138, 138, 138, 138,
+ 138, 138, 138, 138, 138, 138, 138, 138, 138, 138,
+ 138, 138, 138, 138, 138, 138, 138, 138, 138, 138,
+ 138, 138, 138, 138, 138, 17, 138, 1, 0, 1,
+ 9, 9, 50, 0, 4, 54, 138, 138, 1, 138,
+ 35, 0, 138, 138, 71, 3, 38, 22, 138, 138,
+ 138, 138, 138, 138, 138, 138, 138, 138, 138, 138,
+ 138, 138, 138, 138, 138, 138, 138, 138, 138, 138,
+ 138, 138, 138, 138, 138, 138, 138, 138, 138, 138,
+ 138, 138, 138, 138, 138, 138, 138, 138, 138, 138,
+ 138, 138, 138, 138, 138, 138, 138, 138, 138, 138,
+ 138, 138, 138, 138, 138, 138, 138, 138, 138, 138,
+ 138, 138, 138, 138, 138, 138, 138, 138, 138, 138,
+ 138, 138, 138, 138, 138, 138, 138, 138, 138, 138,
+ 138, 138, 138, 138, 138, 138, 138, 138, 138, 138,
+ 138, 138, 138, 138, 138, 138, 138, 138, 138, 138,
+ 138, 138, 138, 138, 138, 138, 138, 138, 138, 138,
+ 138, 138, 138, 138, 138, 138, 138, 138, 138, 138,
+ 138, 138, 138, 138, 138, 138, 138, 138, 138, 138,
+ 138, 138, 138, 138, 138, 138, 138
};
register int hval = len;
@@ -135,108 +135,115 @@ hash (str, len)
static const struct proposal_token wordlist[] =
{
- {"null", ENCRYPTION_ALGORITHM, ENCR_NULL, 0},
- {"aes192", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 192},
- {"aesxcbc", INTEGRITY_ALGORITHM, AUTH_AES_XCBC_96, 0},
- {"aes", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128},
- {"aes128", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128},
- {"des", ENCRYPTION_ALGORITHM, ENCR_DES, 0},
- {"aes192ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 192},
- {"aes128ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 128},
- {"3des", ENCRYPTION_ALGORITHM, ENCR_3DES, 0},
- {"aes192gcm8", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 192},
- {"aes192ccm8", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 192},
- {"aes128gcm8", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 128},
- {"aes128ccm8", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 128},
- {"aes192gcm12", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 192},
- {"aes192ccm12", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 192},
- {"aes128gcm12", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 128},
- {"aes128ccm12", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 128},
- {"aes192gcm128", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 192},
- {"aes192ccm128", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 192},
- {"aes128gcm128", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 128},
- {"aes128ccm128", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 128},
- {"aes192gcm96", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 192},
- {"aes192ccm96", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 192},
- {"aes128gcm96", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 128},
- {"aes128ccm96", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 128},
- {"cast128", ENCRYPTION_ALGORITHM, ENCR_CAST, 128},
- {"aes192gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 192},
- {"aes192ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 192},
- {"aes128gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 128},
- {"aes128ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 128},
- {"aes256ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 256},
- {"aes192gcm16", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 192},
- {"aes192ccm16", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 192},
- {"aes128gcm16", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 128},
- {"aes128ccm16", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 128},
- {"aes256gcm8", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 256},
- {"aes256ccm8", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 256},
- {"sha1", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0},
- {"sha384", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0},
- {"aes256gcm12", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 256},
- {"aes256ccm12", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 256},
- {"sha512", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0},
- {"aes256", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 256},
- {"aes256gcm128", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 256},
- {"aes256ccm128", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 256},
- {"modp8192", DIFFIE_HELLMAN_GROUP, MODP_8192_BIT, 0},
- {"ecp192", DIFFIE_HELLMAN_GROUP, ECP_192_BIT, 0},
- {"aes256gcm96", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 256},
- {"aes256ccm96", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 256},
- {"sha", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0},
- {"modp2048", DIFFIE_HELLMAN_GROUP, MODP_2048_BIT, 0},
- {"ecp224", DIFFIE_HELLMAN_GROUP, ECP_224_BIT, 0},
- {"aes256gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 256},
- {"aes256ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 256},
- {"ecp384", DIFFIE_HELLMAN_GROUP, ECP_384_BIT, 0},
- {"modp768", DIFFIE_HELLMAN_GROUP, MODP_768_BIT, 0},
- {"modp1024", DIFFIE_HELLMAN_GROUP, MODP_1024_BIT, 0},
- {"ecp521", DIFFIE_HELLMAN_GROUP, ECP_521_BIT, 0},
- {"aes256gcm16", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 256},
- {"aes256ccm16", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 256},
- {"md5", INTEGRITY_ALGORITHM, AUTH_HMAC_MD5_96, 0},
- {"blowfish192", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 192},
- {"sha2_384", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0},
- {"camellia192", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 192},
- {"modp4096", DIFFIE_HELLMAN_GROUP, MODP_4096_BIT, 0},
- {"sha2_512", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0},
- {"blowfish128", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128},
- {"blowfish", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128},
- {"camellia128", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 128},
- {"modp6144", DIFFIE_HELLMAN_GROUP, MODP_6144_BIT, 0},
- {"modp3072", DIFFIE_HELLMAN_GROUP, MODP_3072_BIT, 0},
- {"serpent192", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 192},
- {"twofish192", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 192},
- {"sha256", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0},
- {"twofish", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 128},
- {"serpent128", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128},
- {"twofish128", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 128},
- {"modpnull", DIFFIE_HELLMAN_GROUP, MODP_NULL, 0},
- {"camellia", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 128},
- {"ecp256", DIFFIE_HELLMAN_GROUP, ECP_256_BIT, 0},
- {"modp1536", DIFFIE_HELLMAN_GROUP, MODP_1536_BIT, 0},
- {"serpent", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128},
- {"sha2_256", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0},
- {"sha256_96", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_96, 0},
- {"sha2_256_96", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_96, 0},
- {"blowfish256", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 256},
- {"camellia256", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 256},
- {"serpent256", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 256},
- {"twofish256", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 256}
+ {"null", ENCRYPTION_ALGORITHM, ENCR_NULL, 0},
+ {"aes", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128},
+ {"aes192", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 192},
+ {"aesxcbc", INTEGRITY_ALGORITHM, AUTH_AES_XCBC_96, 0},
+ {"aes192gmac", ENCRYPTION_ALGORITHM, ENCR_NULL_AUTH_AES_GMAC, 192},
+ {"aes128", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128},
+ {"aes128gmac", ENCRYPTION_ALGORITHM, ENCR_NULL_AUTH_AES_GMAC, 128},
+ {"des", ENCRYPTION_ALGORITHM, ENCR_DES, 0},
+ {"aes192gcm8", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 192},
+ {"aes192ccm8", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 192},
+ {"aes128gcm8", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 128},
+ {"aes128ccm8", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 128},
+ {"aes192gcm12", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 192},
+ {"aes192ccm12", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 192},
+ {"aes128gcm12", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 128},
+ {"aes128ccm12", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 128},
+ {"aes192gcm128", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 192},
+ {"aes192ccm128", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 192},
+ {"aes128gcm128", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 128},
+ {"aes128ccm128", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 128},
+ {"aes192gcm96", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 192},
+ {"aes192ccm96", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 192},
+ {"aes128gcm96", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 128},
+ {"aes128ccm96", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 128},
+ {"3des", ENCRYPTION_ALGORITHM, ENCR_3DES, 0},
+ {"cast128", ENCRYPTION_ALGORITHM, ENCR_CAST, 128},
+ {"aes256gmac", ENCRYPTION_ALGORITHM, ENCR_NULL_AUTH_AES_GMAC, 256},
+ {"sha", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0},
+ {"aes192gcm16", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 192},
+ {"aes192ccm16", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 192},
+ {"aes128gcm16", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 128},
+ {"aes128ccm16", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 128},
+ {"aes256gcm8", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 256},
+ {"aes256ccm8", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 256},
+ {"modp8192", DIFFIE_HELLMAN_GROUP, MODP_8192_BIT, 0},
+ {"aes256gcm12", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 256},
+ {"aes256ccm12", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 256},
+ {"sha1", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0},
+ {"aes256", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 256},
+ {"aes256gcm128", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 256},
+ {"aes256ccm128", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 256},
+ {"sha512", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0},
+ {"ecp192", DIFFIE_HELLMAN_GROUP, ECP_192_BIT, 0},
+ {"aes256gcm96", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 256},
+ {"aes256ccm96", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 256},
+ {"aes192gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 192},
+ {"aes192ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 192},
+ {"aes128gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 128},
+ {"aes128ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 128},
+ {"md5", INTEGRITY_ALGORITHM, AUTH_HMAC_MD5_96, 0},
+ {"blowfish", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128},
+ {"blowfish192", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 192},
+ {"modp768", DIFFIE_HELLMAN_GROUP, MODP_768_BIT, 0},
+ {"ecp521", DIFFIE_HELLMAN_GROUP, ECP_521_BIT, 0},
+ {"aes256gcm16", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 256},
+ {"aes256ccm16", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 256},
+ {"blowfish128", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128},
+ {"camellia", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 128},
+ {"modp1024s160", DIFFIE_HELLMAN_GROUP, MODP_1024_160, 0},
+ {"sha2_512", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0},
+ {"camellia192", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 192},
+ {"sha384", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0},
+ {"modp2048", DIFFIE_HELLMAN_GROUP, MODP_2048_BIT, 0},
+ {"modpnull", DIFFIE_HELLMAN_GROUP, MODP_NULL, 0},
+ {"aes192ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 192},
+ {"camellia128", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 128},
+ {"aes128ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 128},
+ {"modp3072", DIFFIE_HELLMAN_GROUP, MODP_3072_BIT, 0},
+ {"modp1024", DIFFIE_HELLMAN_GROUP, MODP_1024_BIT, 0},
+ {"ecp224", DIFFIE_HELLMAN_GROUP, ECP_224_BIT, 0},
+ {"aes256gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 256},
+ {"aes256ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 256},
+ {"ecp384", DIFFIE_HELLMAN_GROUP, ECP_384_BIT, 0},
+ {"twofish", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 128},
+ {"sha256", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0},
+ {"modp4096", DIFFIE_HELLMAN_GROUP, MODP_4096_BIT, 0},
+ {"twofish192", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 192},
+ {"sha2_384", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0},
+ {"modp1536", DIFFIE_HELLMAN_GROUP, MODP_1536_BIT, 0},
+ {"serpent192", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 192},
+ {"twofish128", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 128},
+ {"modp2048s256", DIFFIE_HELLMAN_GROUP, MODP_2048_256, 0},
+ {"ecp256", DIFFIE_HELLMAN_GROUP, ECP_256_BIT, 0},
+ {"serpent128", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128},
+ {"aes256ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 256},
+ {"modp2048s224", DIFFIE_HELLMAN_GROUP, MODP_2048_224, 0},
+ {"sha2_256", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0},
+ {"sha256_96", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_96, 0},
+ {"blowfish256", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 256},
+ {"sha2_256_96", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_96, 0},
+ {"modp6144", DIFFIE_HELLMAN_GROUP, MODP_6144_BIT, 0},
+ {"camellia256", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 256},
+ {"serpent", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128},
+ {"twofish256", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 256},
+ {"serpent256", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 256}
};
static const short lookup[] =
{
- -1, -1, -1, -1, 0, -1, -1, -1, 1, -1, 2, -1, 3, 4,
- 5, 6, -1, 7, 8, -1, 9, 10, 11, 12, 13, 14, 15, 16,
- 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, -1,
- 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43,
- 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57,
- 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, -1, 70,
- 71, 72, -1, -1, 73, 74, 75, 76, 77, -1, 78, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, 79, 80, -1, -1, -1, -1, -1, 81,
- 82, 83, -1, 84, -1, -1, -1, 85, -1, 86, 87, 88
+ -1, -1, -1, -1, -1, 0, 1, -1, 2, -1, 3, -1, 4, 5,
+ 6, 7, -1, -1, -1, -1, 8, 9, 10, 11, 12, 13, 14, 15,
+ 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, -1, 26, -1, -1,
+ 27, 28, 29, 30, 31, 32, 33, -1, 34, 35, 36, 37, 38, 39,
+ 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53,
+ 54, 55, 56, 57, 58, -1, 59, 60, 61, 62, 63, 64, 65, 66,
+ 67, 68, -1, 69, 70, 71, 72, 73, 74, 75, 76, -1, -1, 77,
+ 78, 79, 80, 81, -1, -1, 82, 83, -1, -1, 84, 85, -1, 86,
+ 87, 88, 89, -1, -1, -1, -1, -1, -1, -1, 90, 91, -1, -1,
+ -1, -1, -1, -1, 92, -1, 93, -1, -1, -1, -1, 94
};
#ifdef __GNUC__
diff --git a/src/libstrongswan/crypto/proposal/proposal_keywords.txt b/src/libstrongswan/crypto/proposal/proposal_keywords.txt
index 139d689ca..338993821 100644
--- a/src/libstrongswan/crypto/proposal/proposal_keywords.txt
+++ b/src/libstrongswan/crypto/proposal/proposal_keywords.txt
@@ -29,92 +29,98 @@ struct proposal_token {
u_int16_t keysize;
};
%%
-null, ENCRYPTION_ALGORITHM, ENCR_NULL, 0
-des, ENCRYPTION_ALGORITHM, ENCR_DES, 0
-3des, ENCRYPTION_ALGORITHM, ENCR_3DES, 0
-aes, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128
-aes128, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128
-aes192, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 192
-aes256, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 256
-aes128ctr, ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 128
-aes192ctr, ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 192
-aes256ctr, ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 256
-aes128ccm8, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 128
-aes128ccm64, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 128
-aes128ccm12, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 128
-aes128ccm96, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 128
-aes128ccm16, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 128
-aes128ccm128, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 128
-aes192ccm8, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 192
-aes192ccm64, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 192
-aes192ccm12, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 192
-aes192ccm96, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 192
-aes192ccm16, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 192
-aes192ccm128, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 192
-aes256ccm8, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 256
-aes256ccm64, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 256
-aes256ccm12, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 256
-aes256ccm96, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 256
-aes256ccm16, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 256
-aes256ccm128, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 256
-aes128gcm8, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 128
-aes128gcm64, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 128
-aes128gcm12, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 128
-aes128gcm96, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 128
-aes128gcm16, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 128
-aes128gcm128, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 128
-aes192gcm8, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 192
-aes192gcm64, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 192
-aes192gcm12, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 192
-aes192gcm96, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 192
-aes192gcm16, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 192
-aes192gcm128, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 192
-aes256gcm8, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 256
-aes256gcm64, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 256
-aes256gcm12, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 256
-aes256gcm96, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 256
-aes256gcm16, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 256
-aes256gcm128, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 256
-blowfish, ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128
-blowfish128, ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128
-blowfish192, ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 192
-blowfish256, ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 256
-camellia, ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 128
-camellia128, ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 128
-camellia192, ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 192
-camellia256, ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 256
-cast128, ENCRYPTION_ALGORITHM, ENCR_CAST, 128
-serpent, ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128
-serpent128, ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128
-serpent192, ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 192
-serpent256, ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 256
-twofish, ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 128
-twofish128, ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 128
-twofish192, ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 192
-twofish256, ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 256
-sha, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0
-sha1, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0
-sha256, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0
-sha2_256, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0
-sha256_96, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_96, 0
-sha2_256_96, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_96, 0
-sha384, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0
-sha2_384, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0
-sha512, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0
-sha2_512, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0
-md5, INTEGRITY_ALGORITHM, AUTH_HMAC_MD5_96, 0
-aesxcbc, INTEGRITY_ALGORITHM, AUTH_AES_XCBC_96, 0
-modpnull, DIFFIE_HELLMAN_GROUP, MODP_NULL, 0
-modp768, DIFFIE_HELLMAN_GROUP, MODP_768_BIT, 0
-modp1024, DIFFIE_HELLMAN_GROUP, MODP_1024_BIT, 0
-modp1536, DIFFIE_HELLMAN_GROUP, MODP_1536_BIT, 0
-modp2048, DIFFIE_HELLMAN_GROUP, MODP_2048_BIT, 0
-modp3072, DIFFIE_HELLMAN_GROUP, MODP_3072_BIT, 0
-modp4096, DIFFIE_HELLMAN_GROUP, MODP_4096_BIT, 0
-modp6144, DIFFIE_HELLMAN_GROUP, MODP_6144_BIT, 0
-modp8192, DIFFIE_HELLMAN_GROUP, MODP_8192_BIT, 0
-ecp192, DIFFIE_HELLMAN_GROUP, ECP_192_BIT, 0
-ecp224, DIFFIE_HELLMAN_GROUP, ECP_224_BIT, 0
-ecp256, DIFFIE_HELLMAN_GROUP, ECP_256_BIT, 0
-ecp384, DIFFIE_HELLMAN_GROUP, ECP_384_BIT, 0
-ecp521, DIFFIE_HELLMAN_GROUP, ECP_521_BIT, 0
+null, ENCRYPTION_ALGORITHM, ENCR_NULL, 0
+des, ENCRYPTION_ALGORITHM, ENCR_DES, 0
+3des, ENCRYPTION_ALGORITHM, ENCR_3DES, 0
+aes, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128
+aes128, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128
+aes192, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 192
+aes256, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 256
+aes128ctr, ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 128
+aes192ctr, ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 192
+aes256ctr, ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 256
+aes128ccm8, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 128
+aes128ccm64, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 128
+aes128ccm12, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 128
+aes128ccm96, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 128
+aes128ccm16, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 128
+aes128ccm128, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 128
+aes192ccm8, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 192
+aes192ccm64, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 192
+aes192ccm12, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 192
+aes192ccm96, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 192
+aes192ccm16, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 192
+aes192ccm128, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 192
+aes256ccm8, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 256
+aes256ccm64, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 256
+aes256ccm12, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 256
+aes256ccm96, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 256
+aes256ccm16, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 256
+aes256ccm128, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 256
+aes128gcm8, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 128
+aes128gcm64, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 128
+aes128gcm12, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 128
+aes128gcm96, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 128
+aes128gcm16, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 128
+aes128gcm128, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 128
+aes192gcm8, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 192
+aes192gcm64, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 192
+aes192gcm12, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 192
+aes192gcm96, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 192
+aes192gcm16, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 192
+aes192gcm128, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 192
+aes256gcm8, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 256
+aes256gcm64, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 256
+aes256gcm12, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 256
+aes256gcm96, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 256
+aes256gcm16, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 256
+aes256gcm128, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 256
+aes128gmac, ENCRYPTION_ALGORITHM, ENCR_NULL_AUTH_AES_GMAC, 128
+aes192gmac, ENCRYPTION_ALGORITHM, ENCR_NULL_AUTH_AES_GMAC, 192
+aes256gmac, ENCRYPTION_ALGORITHM, ENCR_NULL_AUTH_AES_GMAC, 256
+blowfish, ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128
+blowfish128, ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128
+blowfish192, ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 192
+blowfish256, ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 256
+camellia, ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 128
+camellia128, ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 128
+camellia192, ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 192
+camellia256, ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 256
+cast128, ENCRYPTION_ALGORITHM, ENCR_CAST, 128
+serpent, ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128
+serpent128, ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128
+serpent192, ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 192
+serpent256, ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 256
+twofish, ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 128
+twofish128, ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 128
+twofish192, ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 192
+twofish256, ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 256
+sha, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0
+sha1, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0
+sha256, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0
+sha2_256, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0
+sha256_96, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_96, 0
+sha2_256_96, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_96, 0
+sha384, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0
+sha2_384, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0
+sha512, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0
+sha2_512, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0
+md5, INTEGRITY_ALGORITHM, AUTH_HMAC_MD5_96, 0
+aesxcbc, INTEGRITY_ALGORITHM, AUTH_AES_XCBC_96, 0
+modpnull, DIFFIE_HELLMAN_GROUP, MODP_NULL, 0
+modp768, DIFFIE_HELLMAN_GROUP, MODP_768_BIT, 0
+modp1024, DIFFIE_HELLMAN_GROUP, MODP_1024_BIT, 0
+modp1536, DIFFIE_HELLMAN_GROUP, MODP_1536_BIT, 0
+modp2048, DIFFIE_HELLMAN_GROUP, MODP_2048_BIT, 0
+modp3072, DIFFIE_HELLMAN_GROUP, MODP_3072_BIT, 0
+modp4096, DIFFIE_HELLMAN_GROUP, MODP_4096_BIT, 0
+modp6144, DIFFIE_HELLMAN_GROUP, MODP_6144_BIT, 0
+modp8192, DIFFIE_HELLMAN_GROUP, MODP_8192_BIT, 0
+ecp192, DIFFIE_HELLMAN_GROUP, ECP_192_BIT, 0
+ecp224, DIFFIE_HELLMAN_GROUP, ECP_224_BIT, 0
+ecp256, DIFFIE_HELLMAN_GROUP, ECP_256_BIT, 0
+ecp384, DIFFIE_HELLMAN_GROUP, ECP_384_BIT, 0
+ecp521, DIFFIE_HELLMAN_GROUP, ECP_521_BIT, 0
+modp1024s160, DIFFIE_HELLMAN_GROUP, MODP_1024_160, 0
+modp2048s224, DIFFIE_HELLMAN_GROUP, MODP_2048_224, 0
+modp2048s256, DIFFIE_HELLMAN_GROUP, MODP_2048_256, 0
diff --git a/src/libstrongswan/debug.c b/src/libstrongswan/debug.c
index 51b7875d8..21a7e63dd 100644
--- a/src/libstrongswan/debug.c
+++ b/src/libstrongswan/debug.c
@@ -17,10 +17,36 @@
#include "debug.h"
+ENUM(debug_names, DBG_DMN, DBG_LIB,
+ "DMN",
+ "MGR",
+ "IKE",
+ "CHD",
+ "JOB",
+ "CFG",
+ "KNL",
+ "NET",
+ "ENC",
+ "LIB",
+);
+
+ENUM(debug_lower_names, DBG_DMN, DBG_LIB,
+ "dmn",
+ "mgr",
+ "ike",
+ "chd",
+ "job",
+ "cfg",
+ "knl",
+ "net",
+ "enc",
+ "lib",
+);
+
/**
* level logged by the default logger
*/
-static int default_level = 1;
+static level_t default_level = 1;
/**
* stream logged to by the default logger
@@ -30,7 +56,7 @@ static FILE *default_stream = NULL;
/**
* default dbg function which printf all to stderr
*/
-void dbg_default(int level, char *fmt, ...)
+void dbg_default(debug_t group, level_t level, char *fmt, ...)
{
if (!default_stream)
{
@@ -50,7 +76,7 @@ void dbg_default(int level, char *fmt, ...)
/**
* set the level logged by the default stderr logger
*/
-void dbg_default_set_level(int level)
+void dbg_default_set_level(level_t level)
{
default_level = level;
}
@@ -66,5 +92,5 @@ void dbg_default_set_stream(FILE *stream)
/**
* The registered debug hook.
*/
-void (*dbg) (int level, char *fmt, ...) = dbg_default;
+void (*dbg) (debug_t group, level_t level, char *fmt, ...) = dbg_default;
diff --git a/src/libstrongswan/debug.h b/src/libstrongswan/debug.h
index 085795acb..a21111d93 100644
--- a/src/libstrongswan/debug.h
+++ b/src/libstrongswan/debug.h
@@ -21,26 +21,95 @@
#ifndef DEBUG_H_
#define DEBUG_H_
+typedef enum debug_t debug_t;
+typedef enum level_t level_t;
+
#include <stdio.h>
+#include "enum.h"
+
+/**
+ * Debug message group.
+ */
+enum debug_t {
+ /** daemon specific */
+ DBG_DMN,
+ /** IKE_SA_MANAGER */
+ DBG_MGR,
+ /** IKE_SA */
+ DBG_IKE,
+ /** CHILD_SA */
+ DBG_CHD,
+ /** job processing */
+ DBG_JOB,
+ /** configuration backends */
+ DBG_CFG,
+ /** kernel interface */
+ DBG_KNL,
+ /** networking/sockets */
+ DBG_NET,
+ /** message encoding/decoding */
+ DBG_ENC,
+ /** libstrongswan */
+ DBG_LIB,
+ /** number of groups */
+ DBG_MAX,
+ /** pseudo group with all groups */
+ DBG_ANY = DBG_MAX,
+};
+
+/**
+ * short names of debug message group.
+ */
+extern enum_name_t *debug_names;
+
+/**
+ * short names of debug message group, lower case.
+ */
+extern enum_name_t *debug_lower_names;
+
+/**
+ * Debug levels used to control output verbosity.
+ */
+enum level_t {
+ /** absolutely silent */
+ LEVEL_SILENT = -1,
+ /** most important auditing logs */
+ LEVEL_AUDIT = 0,
+ /** control flow */
+ LEVEL_CTRL = 1,
+ /** diagnose problems */
+ LEVEL_DIAG = 2,
+ /** raw binary blobs */
+ LEVEL_RAW = 3,
+ /** including sensitive data (private keys) */
+ LEVEL_PRIVATE = 4,
+};
+
#ifndef DEBUG_LEVEL
# define DEBUG_LEVEL 4
#endif /* DEBUG_LEVEL */
/** debug macros, they call the dbg function hook */
+#if DEBUG_LEVEL >= 0
+# define DBG0(group, fmt, ...) dbg(group, 0, fmt, ##__VA_ARGS__)
+#endif /* DEBUG_LEVEL */
#if DEBUG_LEVEL >= 1
-# define DBG1(fmt, ...) dbg(1, fmt, ##__VA_ARGS__)
+# define DBG1(group, fmt, ...) dbg(group, 1, fmt, ##__VA_ARGS__)
#endif /* DEBUG_LEVEL */
#if DEBUG_LEVEL >= 2
-# define DBG2(fmt, ...) dbg(2, fmt, ##__VA_ARGS__)
+# define DBG2(group, fmt, ...) dbg(group, 2, fmt, ##__VA_ARGS__)
#endif /* DEBUG_LEVEL */
#if DEBUG_LEVEL >= 3
-# define DBG3(fmt, ...) dbg(3, fmt, ##__VA_ARGS__)
+# define DBG3(group, fmt, ...) dbg(group, 3, fmt, ##__VA_ARGS__)
#endif /* DEBUG_LEVEL */
#if DEBUG_LEVEL >= 4
-# define DBG4(fmt, ...) dbg(4, fmt, ##__VA_ARGS__)
+# define DBG4(group, fmt, ...) dbg(group, 4, fmt, ##__VA_ARGS__)
#endif /* DEBUG_LEVEL */
+#ifndef DBG0
+# define DBG0(...) {}
+#endif
#ifndef DBG1
# define DBG1(...) {}
#endif
@@ -55,13 +124,13 @@
#endif
/** dbg function hook, uses dbg_default() by default */
-extern void (*dbg) (int level, char *fmt, ...);
+extern void (*dbg) (debug_t group, level_t level, char *fmt, ...);
/** default logging function */
-void dbg_default(int level, char *fmt, ...);
+void dbg_default(debug_t group, level_t level, char *fmt, ...);
/** set the level logged by dbg_default() */
-void dbg_default_set_level(int level);
+void dbg_default_set_level(level_t level);
/** set the stream logged by dbg_default() to */
void dbg_default_set_stream(FILE *stream);
diff --git a/src/libstrongswan/enum.h b/src/libstrongswan/enum.h
index 6b9fd7eaa..691f9f2bc 100644
--- a/src/libstrongswan/enum.h
+++ b/src/libstrongswan/enum.h
@@ -22,7 +22,7 @@
#ifndef ENUM_H_
#define ENUM_H_
-#include <printf_hook.h>
+#include "printf_hook.h"
typedef struct enum_name_t enum_name_t;
diff --git a/src/libstrongswan/fetcher/fetcher_manager.c b/src/libstrongswan/fetcher/fetcher_manager.c
index b73bfacf6..c81de032c 100644
--- a/src/libstrongswan/fetcher/fetcher_manager.c
+++ b/src/libstrongswan/fetcher/fetcher_manager.c
@@ -134,7 +134,7 @@ static status_t fetch(private_fetcher_manager_t *this,
this->lock->unlock(this->lock);
if (!capable)
{
- DBG1("unable to fetch from %s, no capable fetcher found", url);
+ DBG1(DBG_LIB, "unable to fetch from %s, no capable fetcher found", url);
}
return status;
}
diff --git a/src/libstrongswan/integrity_checker.c b/src/libstrongswan/integrity_checker.c
index 51da4e725..c9cad44ae 100644
--- a/src/libstrongswan/integrity_checker.c
+++ b/src/libstrongswan/integrity_checker.c
@@ -26,8 +26,8 @@
#include <sys/stat.h>
#include <sys/types.h>
-#include <debug.h>
-#include <library.h>
+#include "debug.h"
+#include "library.h"
typedef struct private_integrity_checker_t private_integrity_checker_t;
@@ -72,13 +72,14 @@ static u_int32_t build_file(private_integrity_checker_t *this, char *file,
fd = open(file, O_RDONLY);
if (fd == -1)
{
- DBG1(" opening '%s' failed: %s", file, strerror(errno));
+ DBG1(DBG_LIB, " opening '%s' failed: %s", file, strerror(errno));
return 0;
}
if (fstat(fd, &sb) == -1)
{
- DBG1(" getting file size of '%s' failed: %s", file, strerror(errno));
+ DBG1(DBG_LIB, " getting file size of '%s' failed: %s", file,
+ strerror(errno));
close(fd);
return 0;
}
@@ -86,7 +87,7 @@ static u_int32_t build_file(private_integrity_checker_t *this, char *file,
addr = mmap(NULL, sb.st_size, PROT_READ, MAP_PRIVATE, fd, 0);
if (addr == MAP_FAILED)
{
- DBG1(" mapping '%s' failed: %s", file, strerror(errno));
+ DBG1(DBG_LIB, " mapping '%s' failed: %s", file, strerror(errno));
close(fd);
return 0;
}
@@ -146,13 +147,13 @@ static u_int32_t build_segment(private_integrity_checker_t *this, void *sym,
if (dladdr(sym, &dli) == 0)
{
- DBG1(" unable to locate symbol: %s", dlerror());
+ DBG1(DBG_LIB, " unable to locate symbol: %s", dlerror());
return 0;
}
/* we reuse the Dl_info struct as in/out parameter */
if (!dl_iterate_phdr((void*)callback, &dli))
{
- DBG1(" executable section not found");
+ DBG1(DBG_LIB, " executable section not found");
return 0;
}
@@ -192,7 +193,7 @@ static bool check_file(private_integrity_checker_t *this,
cs = find_checksum(this, name);
if (!cs)
{
- DBG1(" '%s' file checksum not found", name);
+ DBG1(DBG_LIB, " '%s' file checksum not found", name);
return FALSE;
}
sum = build_file(this, file, &len);
@@ -202,17 +203,17 @@ static bool check_file(private_integrity_checker_t *this,
}
if (cs->file_len != len)
{
- DBG1(" invalid '%s' file size: %u bytes, expected %u bytes",
+ DBG1(DBG_LIB, " invalid '%s' file size: %u bytes, expected %u bytes",
name, len, cs->file_len);
return FALSE;
}
if (cs->file != sum)
{
- DBG1(" invalid '%s' file checksum: %08x, expected %08x",
+ DBG1(DBG_LIB, " invalid '%s' file checksum: %08x, expected %08x",
name, sum, cs->file);
return FALSE;
}
- DBG2(" valid '%s' file checksum: %08x", name, sum);
+ DBG2(DBG_LIB, " valid '%s' file checksum: %08x", name, sum);
return TRUE;
}
@@ -229,7 +230,7 @@ static bool check_segment(private_integrity_checker_t *this,
cs = find_checksum(this, name);
if (!cs)
{
- DBG1(" '%s' segment checksum not found", name);
+ DBG1(DBG_LIB, " '%s' segment checksum not found", name);
return FALSE;
}
sum = build_segment(this, sym, &len);
@@ -239,17 +240,17 @@ static bool check_segment(private_integrity_checker_t *this,
}
if (cs->segment_len != len)
{
- DBG1(" invalid '%s' segment size: %u bytes, expected %u bytes",
- name, len, cs->segment_len);
+ DBG1(DBG_LIB, " invalid '%s' segment size: %u bytes,"
+ " expected %u bytes", name, len, cs->segment_len);
return FALSE;
}
if (cs->segment != sum)
{
- DBG1(" invalid '%s' segment checksum: %08x, expected %08x",
+ DBG1(DBG_LIB, " invalid '%s' segment checksum: %08x, expected %08x",
name, sum, cs->segment);
return FALSE;
}
- DBG2(" valid '%s' segment checksum: %08x", name, sum);
+ DBG2(DBG_LIB, " valid '%s' segment checksum: %08x", name, sum);
return TRUE;
}
@@ -262,7 +263,7 @@ static bool check(private_integrity_checker_t *this, char *name, void *sym)
if (dladdr(sym, &dli) == 0)
{
- DBG1("unable to locate symbol: %s", dlerror());
+ DBG1(DBG_LIB, "unable to locate symbol: %s", dlerror());
return FALSE;
}
if (!check_file(this, name, (char*)dli.dli_fname))
@@ -319,12 +320,14 @@ integrity_checker_t *integrity_checker_create(char *checksum_library)
}
else
{
- DBG1("checksum library '%s' invalid", checksum_library);
+ DBG1(DBG_LIB, "checksum library '%s' invalid",
+ checksum_library);
}
}
else
{
- DBG1("loading checksum library '%s' failed", checksum_library);
+ DBG1(DBG_LIB, "loading checksum library '%s' failed",
+ checksum_library);
}
}
return &this->public;
diff --git a/src/libstrongswan/integrity_checker.h b/src/libstrongswan/integrity_checker.h
index 7349353f3..55a4658f7 100644
--- a/src/libstrongswan/integrity_checker.h
+++ b/src/libstrongswan/integrity_checker.h
@@ -21,8 +21,8 @@
#ifndef INTEGRITY_CHECKER_H_
#define INTEGRITY_CHECKER_H_
-#include <utils.h>
-#include <plugins/plugin.h>
+#include "utils.h"
+#include "plugins/plugin.h"
typedef struct integrity_checker_t integrity_checker_t;
typedef struct integrity_checksum_t integrity_checksum_t;
diff --git a/src/libstrongswan/library.c b/src/libstrongswan/library.c
index 4e8bb87d0..108ac2ca0 100644
--- a/src/libstrongswan/library.c
+++ b/src/libstrongswan/library.c
@@ -18,14 +18,12 @@
#include <stdlib.h>
-#include <utils.h>
-#include <chunk.h>
-#include <debug.h>
-#include <threading/thread.h>
-#include <utils/identification.h>
-#include <utils/host.h>
+#include "debug.h"
+#include "threading/thread.h"
+#include "utils/identification.h"
+#include "utils/host.h"
#ifdef LEAK_DETECTIVE
-#include <utils/leak_detective.h>
+#include "utils/leak_detective.h"
#endif
#define CHECKSUM_LIBRARY IPSEC_DIR"/libchecksum.so"
@@ -68,7 +66,6 @@ void library_deinit()
this->public.encoding->destroy(this->public.encoding);
this->public.crypto->destroy(this->public.crypto);
this->public.fetcher->destroy(this->public.fetcher);
- this->public.attributes->destroy(this->public.attributes);
this->public.db->destroy(this->public.db);
this->public.printf_hook->destroy(this->public.printf_hook);
if (this->public.integrity)
@@ -133,7 +130,6 @@ bool library_init(char *settings)
this->public.creds = credential_factory_create();
this->public.encoding = key_encoding_create();
this->public.fetcher = fetcher_manager_create();
- this->public.attributes = attribute_manager_create();
this->public.db = database_factory_create();
this->public.plugins = plugin_loader_create();
this->public.integrity = NULL;
@@ -145,11 +141,11 @@ bool library_init(char *settings)
this->public.integrity = integrity_checker_create(CHECKSUM_LIBRARY);
if (!lib->integrity->check(lib->integrity, "libstrongswan", library_init))
{
- DBG1("integrity check of libstrongswan failed");
+ DBG1(DBG_LIB, "integrity check of libstrongswan failed");
return FALSE;
}
#else /* !INTEGRITY_TEST */
- DBG1("integrity test enabled, but not supported");
+ DBG1(DBG_LIB, "integrity test enabled, but not supported");
return FALSE;
#endif /* INTEGRITY_TEST */
}
diff --git a/src/libstrongswan/library.h b/src/libstrongswan/library.h
index 78a6fe0a9..241084155 100644
--- a/src/libstrongswan/library.h
+++ b/src/libstrongswan/library.h
@@ -55,18 +55,17 @@
#ifndef LIBRARY_H_
#define LIBRARY_H_
-#include <printf_hook.h>
-#include <utils.h>
-#include <chunk.h>
-#include <settings.h>
-#include <integrity_checker.h>
-#include <plugins/plugin_loader.h>
-#include <crypto/crypto_factory.h>
-#include <fetcher/fetcher_manager.h>
-#include <attributes/attribute_manager.h>
-#include <database/database_factory.h>
-#include <credentials/credential_factory.h>
-#include <credentials/keys/key_encoding.h>
+#include "printf_hook.h"
+#include "utils.h"
+#include "chunk.h"
+#include "settings.h"
+#include "integrity_checker.h"
+#include "plugins/plugin_loader.h"
+#include "crypto/crypto_factory.h"
+#include "fetcher/fetcher_manager.h"
+#include "database/database_factory.h"
+#include "credentials/credential_factory.h"
+#include "credentials/keys/key_encoding.h"
typedef struct library_t library_t;
@@ -101,11 +100,6 @@ struct library_t {
fetcher_manager_t *fetcher;
/**
- * manager for payload attributes
- */
- attribute_manager_t *attributes;
-
- /**
* database construction factory
*/
database_factory_t *db;
diff --git a/src/libstrongswan/plugins/aes/Makefile.am b/src/libstrongswan/plugins/aes/Makefile.am
index a3101172f..e72daeb44 100644
--- a/src/libstrongswan/plugins/aes/Makefile.am
+++ b/src/libstrongswan/plugins/aes/Makefile.am
@@ -3,8 +3,13 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
+if MONOLITHIC
+noinst_LTLIBRARIES = libstrongswan-aes.la
+else
plugin_LTLIBRARIES = libstrongswan-aes.la
+endif
-libstrongswan_aes_la_SOURCES = aes_plugin.h aes_plugin.c aes_crypter.c aes_crypter.h
-libstrongswan_aes_la_LDFLAGS = -module -avoid-version
+libstrongswan_aes_la_SOURCES = \
+ aes_plugin.h aes_plugin.c aes_crypter.c aes_crypter.h
+libstrongswan_aes_la_LDFLAGS = -module -avoid-version
diff --git a/src/libstrongswan/plugins/aes/Makefile.in b/src/libstrongswan/plugins/aes/Makefile.in
index 03ef465e0..391d23049 100644
--- a/src/libstrongswan/plugins/aes/Makefile.in
+++ b/src/libstrongswan/plugins/aes/Makefile.in
@@ -72,13 +72,15 @@ am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
am__installdirs = "$(DESTDIR)$(plugindir)"
-LTLIBRARIES = $(plugin_LTLIBRARIES)
+LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_aes_la_LIBADD =
am_libstrongswan_aes_la_OBJECTS = aes_plugin.lo aes_crypter.lo
libstrongswan_aes_la_OBJECTS = $(am_libstrongswan_aes_la_OBJECTS)
libstrongswan_aes_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
$(libstrongswan_aes_la_LDFLAGS) $(LDFLAGS) -o $@
+@MONOLITHIC_FALSE@am_libstrongswan_aes_la_rpath = -rpath $(plugindir)
+@MONOLITHIC_TRUE@am_libstrongswan_aes_la_rpath =
DEFAULT_INCLUDES = -I.@am__isrc@
depcomp = $(SHELL) $(top_srcdir)/depcomp
am__depfiles_maybe = depfiles
@@ -217,6 +219,7 @@ ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
+libhydra_plugins = @libhydra_plugins@
libstrongswan_plugins = @libstrongswan_plugins@
linux_headers = @linux_headers@
localedir = @localedir@
@@ -253,8 +256,11 @@ xml_CFLAGS = @xml_CFLAGS@
xml_LIBS = @xml_LIBS@
INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
-plugin_LTLIBRARIES = libstrongswan-aes.la
-libstrongswan_aes_la_SOURCES = aes_plugin.h aes_plugin.c aes_crypter.c aes_crypter.h
+@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-aes.la
+@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-aes.la
+libstrongswan_aes_la_SOURCES = \
+ aes_plugin.h aes_plugin.c aes_crypter.c aes_crypter.h
+
libstrongswan_aes_la_LDFLAGS = -module -avoid-version
all: all-am
@@ -290,6 +296,15 @@ $(top_srcdir)/configure: $(am__configure_deps)
$(ACLOCAL_M4): $(am__aclocal_m4_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(am__aclocal_m4_deps):
+
+clean-noinstLTLIBRARIES:
+ -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES)
+ @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES)
@$(NORMAL_INSTALL)
test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)"
@@ -322,7 +337,7 @@ clean-pluginLTLIBRARIES:
rm -f "$${dir}/so_locations"; \
done
libstrongswan-aes.la: $(libstrongswan_aes_la_OBJECTS) $(libstrongswan_aes_la_DEPENDENCIES)
- $(libstrongswan_aes_la_LINK) -rpath $(plugindir) $(libstrongswan_aes_la_OBJECTS) $(libstrongswan_aes_la_LIBADD) $(LIBS)
+ $(libstrongswan_aes_la_LINK) $(am_libstrongswan_aes_la_rpath) $(libstrongswan_aes_la_OBJECTS) $(libstrongswan_aes_la_LIBADD) $(LIBS)
mostlyclean-compile:
-rm -f *.$(OBJEXT)
@@ -476,8 +491,8 @@ maintainer-clean-generic:
@echo "it deletes files that may require special tools to rebuild."
clean: clean-am
-clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \
- mostlyclean-am
+clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \
+ clean-pluginLTLIBRARIES mostlyclean-am
distclean: distclean-am
-rm -rf ./$(DEPDIR)
@@ -548,18 +563,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES
.MAKE: install-am install-strip
.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
- clean-libtool clean-pluginLTLIBRARIES ctags distclean \
- distclean-compile distclean-generic distclean-libtool \
- distclean-tags distdir dvi dvi-am html html-am info info-am \
- install install-am install-data install-data-am install-dvi \
- install-dvi-am install-exec install-exec-am install-html \
- install-html-am install-info install-info-am install-man \
- install-pdf install-pdf-am install-pluginLTLIBRARIES \
- install-ps install-ps-am install-strip installcheck \
- installcheck-am installdirs maintainer-clean \
- maintainer-clean-generic mostlyclean mostlyclean-compile \
- mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
- tags uninstall uninstall-am uninstall-pluginLTLIBRARIES
+ clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \
+ ctags distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-pdf install-pdf-am \
+ install-pluginLTLIBRARIES install-ps install-ps-am \
+ install-strip installcheck installcheck-am installdirs \
+ maintainer-clean maintainer-clean-generic mostlyclean \
+ mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
+ pdf pdf-am ps ps-am tags uninstall uninstall-am \
+ uninstall-pluginLTLIBRARIES
# Tell versions [3.59,3.63) of GNU make to not export all variables.
diff --git a/src/libstrongswan/plugins/aes/aes_plugin.c b/src/libstrongswan/plugins/aes/aes_plugin.c
index c6215cc7f..1e920f8cc 100644
--- a/src/libstrongswan/plugins/aes/aes_plugin.c
+++ b/src/libstrongswan/plugins/aes/aes_plugin.c
@@ -44,7 +44,7 @@ static void destroy(private_aes_plugin_t *this)
/*
* see header file
*/
-plugin_t *plugin_create()
+plugin_t *aes_plugin_create()
{
private_aes_plugin_t *this = malloc_thing(private_aes_plugin_t);
diff --git a/src/libstrongswan/plugins/aes/aes_plugin.h b/src/libstrongswan/plugins/aes/aes_plugin.h
index a6ff620ed..f0f0e8154 100644
--- a/src/libstrongswan/plugins/aes/aes_plugin.h
+++ b/src/libstrongswan/plugins/aes/aes_plugin.h
@@ -39,9 +39,4 @@ struct aes_plugin_t {
plugin_t plugin;
};
-/**
- * Create a aes_plugin instance.
- */
-plugin_t *plugin_create();
-
#endif /** AES_PLUGIN_H_ @}*/
diff --git a/src/libstrongswan/plugins/agent/Makefile.am b/src/libstrongswan/plugins/agent/Makefile.am
index e1000e562..ffa6e8b7f 100644
--- a/src/libstrongswan/plugins/agent/Makefile.am
+++ b/src/libstrongswan/plugins/agent/Makefile.am
@@ -3,10 +3,14 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
+if MONOLITHIC
+noinst_LTLIBRARIES = libstrongswan-agent.la
+else
plugin_LTLIBRARIES = libstrongswan-agent.la
+endif
-libstrongswan_agent_la_SOURCES = agent_plugin.h agent_plugin.c \
- agent_private_key.c agent_private_key.h
+libstrongswan_agent_la_SOURCES = \
+ agent_plugin.h agent_plugin.c \
+ agent_private_key.c agent_private_key.h
libstrongswan_agent_la_LDFLAGS = -module -avoid-version
-
diff --git a/src/libstrongswan/plugins/agent/Makefile.in b/src/libstrongswan/plugins/agent/Makefile.in
index 5bf52aa56..bd6465374 100644
--- a/src/libstrongswan/plugins/agent/Makefile.in
+++ b/src/libstrongswan/plugins/agent/Makefile.in
@@ -72,7 +72,7 @@ am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
am__installdirs = "$(DESTDIR)$(plugindir)"
-LTLIBRARIES = $(plugin_LTLIBRARIES)
+LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_agent_la_LIBADD =
am_libstrongswan_agent_la_OBJECTS = agent_plugin.lo \
agent_private_key.lo
@@ -80,6 +80,9 @@ libstrongswan_agent_la_OBJECTS = $(am_libstrongswan_agent_la_OBJECTS)
libstrongswan_agent_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
$(libstrongswan_agent_la_LDFLAGS) $(LDFLAGS) -o $@
+@MONOLITHIC_FALSE@am_libstrongswan_agent_la_rpath = -rpath \
+@MONOLITHIC_FALSE@ $(plugindir)
+@MONOLITHIC_TRUE@am_libstrongswan_agent_la_rpath =
DEFAULT_INCLUDES = -I.@am__isrc@
depcomp = $(SHELL) $(top_srcdir)/depcomp
am__depfiles_maybe = depfiles
@@ -218,6 +221,7 @@ ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
+libhydra_plugins = @libhydra_plugins@
libstrongswan_plugins = @libstrongswan_plugins@
linux_headers = @linux_headers@
localedir = @localedir@
@@ -254,9 +258,11 @@ xml_CFLAGS = @xml_CFLAGS@
xml_LIBS = @xml_LIBS@
INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
-plugin_LTLIBRARIES = libstrongswan-agent.la
-libstrongswan_agent_la_SOURCES = agent_plugin.h agent_plugin.c \
- agent_private_key.c agent_private_key.h
+@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-agent.la
+@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-agent.la
+libstrongswan_agent_la_SOURCES = \
+ agent_plugin.h agent_plugin.c \
+ agent_private_key.c agent_private_key.h
libstrongswan_agent_la_LDFLAGS = -module -avoid-version
all: all-am
@@ -293,6 +299,15 @@ $(top_srcdir)/configure: $(am__configure_deps)
$(ACLOCAL_M4): $(am__aclocal_m4_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(am__aclocal_m4_deps):
+
+clean-noinstLTLIBRARIES:
+ -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES)
+ @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES)
@$(NORMAL_INSTALL)
test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)"
@@ -325,7 +340,7 @@ clean-pluginLTLIBRARIES:
rm -f "$${dir}/so_locations"; \
done
libstrongswan-agent.la: $(libstrongswan_agent_la_OBJECTS) $(libstrongswan_agent_la_DEPENDENCIES)
- $(libstrongswan_agent_la_LINK) -rpath $(plugindir) $(libstrongswan_agent_la_OBJECTS) $(libstrongswan_agent_la_LIBADD) $(LIBS)
+ $(libstrongswan_agent_la_LINK) $(am_libstrongswan_agent_la_rpath) $(libstrongswan_agent_la_OBJECTS) $(libstrongswan_agent_la_LIBADD) $(LIBS)
mostlyclean-compile:
-rm -f *.$(OBJEXT)
@@ -479,8 +494,8 @@ maintainer-clean-generic:
@echo "it deletes files that may require special tools to rebuild."
clean: clean-am
-clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \
- mostlyclean-am
+clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \
+ clean-pluginLTLIBRARIES mostlyclean-am
distclean: distclean-am
-rm -rf ./$(DEPDIR)
@@ -551,18 +566,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES
.MAKE: install-am install-strip
.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
- clean-libtool clean-pluginLTLIBRARIES ctags distclean \
- distclean-compile distclean-generic distclean-libtool \
- distclean-tags distdir dvi dvi-am html html-am info info-am \
- install install-am install-data install-data-am install-dvi \
- install-dvi-am install-exec install-exec-am install-html \
- install-html-am install-info install-info-am install-man \
- install-pdf install-pdf-am install-pluginLTLIBRARIES \
- install-ps install-ps-am install-strip installcheck \
- installcheck-am installdirs maintainer-clean \
- maintainer-clean-generic mostlyclean mostlyclean-compile \
- mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
- tags uninstall uninstall-am uninstall-pluginLTLIBRARIES
+ clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \
+ ctags distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-pdf install-pdf-am \
+ install-pluginLTLIBRARIES install-ps install-ps-am \
+ install-strip installcheck installcheck-am installdirs \
+ maintainer-clean maintainer-clean-generic mostlyclean \
+ mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
+ pdf pdf-am ps ps-am tags uninstall uninstall-am \
+ uninstall-pluginLTLIBRARIES
# Tell versions [3.59,3.63) of GNU make to not export all variables.
diff --git a/src/libstrongswan/plugins/agent/agent_plugin.c b/src/libstrongswan/plugins/agent/agent_plugin.c
index 299b2cc1d..d40b437bb 100644
--- a/src/libstrongswan/plugins/agent/agent_plugin.c
+++ b/src/libstrongswan/plugins/agent/agent_plugin.c
@@ -44,7 +44,7 @@ static void destroy(private_agent_plugin_t *this)
/*
* see header file
*/
-plugin_t *plugin_create()
+plugin_t *agent_plugin_create()
{
private_agent_plugin_t *this = malloc_thing(private_agent_plugin_t);
diff --git a/src/libstrongswan/plugins/agent/agent_plugin.h b/src/libstrongswan/plugins/agent/agent_plugin.h
index e49af42d8..d352c305c 100644
--- a/src/libstrongswan/plugins/agent/agent_plugin.h
+++ b/src/libstrongswan/plugins/agent/agent_plugin.h
@@ -39,9 +39,4 @@ struct agent_plugin_t {
plugin_t plugin;
};
-/**
- * Create a agent_plugin instance.
- */
-plugin_t *plugin_create();
-
#endif /** AGENT_PLUGIN_H_ @}*/
diff --git a/src/libstrongswan/plugins/agent/agent_private_key.c b/src/libstrongswan/plugins/agent/agent_private_key.c
index d0a2da87f..4247f849e 100644
--- a/src/libstrongswan/plugins/agent/agent_private_key.c
+++ b/src/libstrongswan/plugins/agent/agent_private_key.c
@@ -137,7 +137,8 @@ static int open_connection(char *path)
s = socket(AF_UNIX, SOCK_STREAM, 0);
if (s == -1)
{
- DBG1("opening ssh-agent socket %s failed: %s:", path, strerror(errno));
+ DBG1(DBG_LIB, "opening ssh-agent socket %s failed: %s:", path,
+ strerror(errno));
return -1;
}
@@ -147,7 +148,8 @@ static int open_connection(char *path)
if (connect(s, (struct sockaddr*)&addr, SUN_LEN(&addr)) != 0)
{
- DBG1("connecting to ssh-agent socket failed: %s", strerror(errno));
+ DBG1(DBG_LIB, "connecting to ssh-agent socket failed: %s",
+ strerror(errno));
close(s);
return -1;
}
@@ -168,7 +170,7 @@ static bool read_key(private_agent_private_key_t *this, public_key_t *pubkey)
if (write(this->socket, &len, sizeof(len)) != sizeof(len) ||
write(this->socket, &buf, 1) != 1)
{
- DBG1("writing to ssh-agent failed");
+ DBG1(DBG_LIB, "writing to ssh-agent failed");
return FALSE;
}
@@ -179,7 +181,7 @@ static bool read_key(private_agent_private_key_t *this, public_key_t *pubkey)
read_uint32(&blob) != blob.len ||
read_byte(&blob) != SSH_AGENT_ID_RESPONSE)
{
- DBG1("received invalid ssh-agent identity response");
+ DBG1(DBG_LIB, "received invalid ssh-agent identity response");
return FALSE;
}
count = read_uint32(&blob);
@@ -231,7 +233,7 @@ static bool sign(private_agent_private_key_t *this, signature_scheme_t scheme,
if (scheme != SIGN_RSA_EMSA_PKCS1_SHA1)
{
- DBG1("signature scheme %N not supported by ssh-agent",
+ DBG1(DBG_LIB, "signature scheme %N not supported by ssh-agent",
signature_scheme_names, scheme);
return FALSE;
}
@@ -241,7 +243,7 @@ static bool sign(private_agent_private_key_t *this, signature_scheme_t scheme,
if (write(this->socket, &len, sizeof(len)) != sizeof(len) ||
write(this->socket, &buf, 1) != 1)
{
- DBG1("writing to ssh-agent failed");
+ DBG1(DBG_LIB, "writing to ssh-agent failed");
return FALSE;
}
@@ -249,7 +251,7 @@ static bool sign(private_agent_private_key_t *this, signature_scheme_t scheme,
if (write(this->socket, &len, sizeof(len)) != sizeof(len) ||
write(this->socket, this->key.ptr, this->key.len) != this->key.len)
{
- DBG1("writing to ssh-agent failed");
+ DBG1(DBG_LIB, "writing to ssh-agent failed");
return FALSE;
}
@@ -257,14 +259,14 @@ static bool sign(private_agent_private_key_t *this, signature_scheme_t scheme,
if (write(this->socket, &len, sizeof(len)) != sizeof(len) ||
write(this->socket, data.ptr, data.len) != data.len)
{
- DBG1("writing to ssh-agent failed");
+ DBG1(DBG_LIB, "writing to ssh-agent failed");
return FALSE;
}
flags = htonl(0);
if (write(this->socket, &flags, sizeof(flags)) != sizeof(flags))
{
- DBG1("writing to ssh-agent failed");
+ DBG1(DBG_LIB, "writing to ssh-agent failed");
return FALSE;
}
@@ -274,7 +276,7 @@ static bool sign(private_agent_private_key_t *this, signature_scheme_t scheme,
read_uint32(&blob) != blob.len ||
read_byte(&blob) != SSH_AGENT_SIGN_RESPONSE)
{
- DBG1("received invalid ssh-agent signature response");
+ DBG1(DBG_LIB, "received invalid ssh-agent signature response");
return FALSE;
}
/* parse length */
@@ -285,7 +287,7 @@ static bool sign(private_agent_private_key_t *this, signature_scheme_t scheme,
blob = read_string(&blob);
if (!blob.len)
{
- DBG1("received invalid ssh-agent signature response");
+ DBG1(DBG_LIB, "received invalid ssh-agent signature response");
return FALSE;
}
*signature = chunk_clone(blob);
@@ -306,7 +308,7 @@ static key_type_t get_type(private_agent_private_key_t *this)
static bool decrypt(private_agent_private_key_t *this,
chunk_t crypto, chunk_t *plain)
{
- DBG1("private key decryption not supported by ssh-agent");
+ DBG1(DBG_LIB, "private key decryption not supported by ssh-agent");
return FALSE;
}
diff --git a/src/libstrongswan/plugins/attr_sql/Makefile.am b/src/libstrongswan/plugins/attr_sql/Makefile.am
deleted file mode 100644
index 5be310abf..000000000
--- a/src/libstrongswan/plugins/attr_sql/Makefile.am
+++ /dev/null
@@ -1,15 +0,0 @@
-
-INCLUDES = -I$(top_srcdir)/src/libstrongswan
-
-AM_CFLAGS = -rdynamic \
- -DPLUGINS=\""${libstrongswan_plugins}\""
-
-plugin_LTLIBRARIES = libstrongswan-attr-sql.la
-libstrongswan_attr_sql_la_SOURCES = \
- attr_sql_plugin.h attr_sql_plugin.c \
- sql_attribute.h sql_attribute.c
-libstrongswan_attr_sql_la_LDFLAGS = -module -avoid-version
-
-ipsec_PROGRAMS = pool
-pool_SOURCES = pool.c
-pool_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la
diff --git a/src/libstrongswan/plugins/attr_sql/Makefile.in b/src/libstrongswan/plugins/attr_sql/Makefile.in
deleted file mode 100644
index e157a9b78..000000000
--- a/src/libstrongswan/plugins/attr_sql/Makefile.in
+++ /dev/null
@@ -1,633 +0,0 @@
-# Makefile.in generated by automake 1.11 from Makefile.am.
-# @configure_input@
-
-# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
-# Inc.
-# This Makefile.in is free software; the Free Software Foundation
-# gives unlimited permission to copy and/or distribute it,
-# with or without modifications, as long as this notice is preserved.
-
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
-# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
-# PARTICULAR PURPOSE.
-
-@SET_MAKE@
-
-
-VPATH = @srcdir@
-pkgdatadir = $(datadir)/@PACKAGE@
-pkgincludedir = $(includedir)/@PACKAGE@
-pkglibdir = $(libdir)/@PACKAGE@
-pkglibexecdir = $(libexecdir)/@PACKAGE@
-am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
-install_sh_DATA = $(install_sh) -c -m 644
-install_sh_PROGRAM = $(install_sh) -c
-install_sh_SCRIPT = $(install_sh) -c
-INSTALL_HEADER = $(INSTALL_DATA)
-transform = $(program_transform_name)
-NORMAL_INSTALL = :
-PRE_INSTALL = :
-POST_INSTALL = :
-NORMAL_UNINSTALL = :
-PRE_UNINSTALL = :
-POST_UNINSTALL = :
-build_triplet = @build@
-host_triplet = @host@
-ipsec_PROGRAMS = pool$(EXEEXT)
-subdir = src/libstrongswan/plugins/attr_sql
-DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
-ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
-am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
- $(top_srcdir)/m4/config/ltoptions.m4 \
- $(top_srcdir)/m4/config/ltsugar.m4 \
- $(top_srcdir)/m4/config/ltversion.m4 \
- $(top_srcdir)/m4/config/lt~obsolete.m4 \
- $(top_srcdir)/m4/macros/with.m4 \
- $(top_srcdir)/m4/macros/enable-disable.m4 \
- $(top_srcdir)/configure.in
-am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
- $(ACLOCAL_M4)
-mkinstalldirs = $(install_sh) -d
-CONFIG_CLEAN_FILES =
-CONFIG_CLEAN_VPATH_FILES =
-am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
-am__vpath_adj = case $$p in \
- $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
- *) f=$$p;; \
- esac;
-am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`;
-am__install_max = 40
-am__nobase_strip_setup = \
- srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'`
-am__nobase_strip = \
- for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||"
-am__nobase_list = $(am__nobase_strip_setup); \
- for p in $$list; do echo "$$p $$p"; done | \
- sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \
- $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \
- if (++n[$$2] == $(am__install_max)) \
- { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \
- END { for (dir in files) print dir, files[dir] }'
-am__base_list = \
- sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
- sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
-am__installdirs = "$(DESTDIR)$(plugindir)" "$(DESTDIR)$(ipsecdir)"
-LTLIBRARIES = $(plugin_LTLIBRARIES)
-libstrongswan_attr_sql_la_LIBADD =
-am_libstrongswan_attr_sql_la_OBJECTS = attr_sql_plugin.lo \
- sql_attribute.lo
-libstrongswan_attr_sql_la_OBJECTS = \
- $(am_libstrongswan_attr_sql_la_OBJECTS)
-libstrongswan_attr_sql_la_LINK = $(LIBTOOL) --tag=CC \
- $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \
- $(AM_CFLAGS) $(CFLAGS) $(libstrongswan_attr_sql_la_LDFLAGS) \
- $(LDFLAGS) -o $@
-PROGRAMS = $(ipsec_PROGRAMS)
-am_pool_OBJECTS = pool.$(OBJEXT)
-pool_OBJECTS = $(am_pool_OBJECTS)
-pool_DEPENDENCIES = \
- $(top_builddir)/src/libstrongswan/libstrongswan.la
-DEFAULT_INCLUDES = -I.@am__isrc@
-depcomp = $(SHELL) $(top_srcdir)/depcomp
-am__depfiles_maybe = depfiles
-am__mv = mv -f
-COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
- $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
-LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
- --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
- $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
-CCLD = $(CC)
-LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
- --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
- $(LDFLAGS) -o $@
-SOURCES = $(libstrongswan_attr_sql_la_SOURCES) $(pool_SOURCES)
-DIST_SOURCES = $(libstrongswan_attr_sql_la_SOURCES) $(pool_SOURCES)
-ETAGS = etags
-CTAGS = ctags
-DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
-ACLOCAL = @ACLOCAL@
-ALLOCA = @ALLOCA@
-AMTAR = @AMTAR@
-AR = @AR@
-AUTOCONF = @AUTOCONF@
-AUTOHEADER = @AUTOHEADER@
-AUTOMAKE = @AUTOMAKE@
-AWK = @AWK@
-BTLIB = @BTLIB@
-CC = @CC@
-CCDEPMODE = @CCDEPMODE@
-CFLAGS = @CFLAGS@
-CPP = @CPP@
-CPPFLAGS = @CPPFLAGS@
-CYGPATH_W = @CYGPATH_W@
-DEFS = @DEFS@
-DEPDIR = @DEPDIR@
-DLLIB = @DLLIB@
-DSYMUTIL = @DSYMUTIL@
-DUMPBIN = @DUMPBIN@
-ECHO_C = @ECHO_C@
-ECHO_N = @ECHO_N@
-ECHO_T = @ECHO_T@
-EGREP = @EGREP@
-EXEEXT = @EXEEXT@
-FGREP = @FGREP@
-GPERF = @GPERF@
-GREP = @GREP@
-INSTALL = @INSTALL@
-INSTALL_DATA = @INSTALL_DATA@
-INSTALL_PROGRAM = @INSTALL_PROGRAM@
-INSTALL_SCRIPT = @INSTALL_SCRIPT@
-INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
-LD = @LD@
-LDFLAGS = @LDFLAGS@
-LEX = @LEX@
-LEXLIB = @LEXLIB@
-LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
-LIBOBJS = @LIBOBJS@
-LIBS = @LIBS@
-LIBTOOL = @LIBTOOL@
-LIPO = @LIPO@
-LN_S = @LN_S@
-LTLIBOBJS = @LTLIBOBJS@
-MAKEINFO = @MAKEINFO@
-MKDIR_P = @MKDIR_P@
-MYSQLCFLAG = @MYSQLCFLAG@
-MYSQLCONFIG = @MYSQLCONFIG@
-MYSQLLIB = @MYSQLLIB@
-NM = @NM@
-NMEDIT = @NMEDIT@
-OBJDUMP = @OBJDUMP@
-OBJEXT = @OBJEXT@
-OTOOL = @OTOOL@
-OTOOL64 = @OTOOL64@
-PACKAGE = @PACKAGE@
-PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
-PACKAGE_NAME = @PACKAGE_NAME@
-PACKAGE_STRING = @PACKAGE_STRING@
-PACKAGE_TARNAME = @PACKAGE_TARNAME@
-PACKAGE_URL = @PACKAGE_URL@
-PACKAGE_VERSION = @PACKAGE_VERSION@
-PATH_SEPARATOR = @PATH_SEPARATOR@
-PERL = @PERL@
-PKG_CONFIG = @PKG_CONFIG@
-PTHREADLIB = @PTHREADLIB@
-RANLIB = @RANLIB@
-RTLIB = @RTLIB@
-RUBY = @RUBY@
-RUBYINCLUDE = @RUBYINCLUDE@
-SED = @SED@
-SET_MAKE = @SET_MAKE@
-SHELL = @SHELL@
-SOCKLIB = @SOCKLIB@
-STRIP = @STRIP@
-VERSION = @VERSION@
-YACC = @YACC@
-YFLAGS = @YFLAGS@
-abs_builddir = @abs_builddir@
-abs_srcdir = @abs_srcdir@
-abs_top_builddir = @abs_top_builddir@
-abs_top_srcdir = @abs_top_srcdir@
-ac_ct_CC = @ac_ct_CC@
-ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
-am__include = @am__include@
-am__leading_dot = @am__leading_dot@
-am__quote = @am__quote@
-am__tar = @am__tar@
-am__untar = @am__untar@
-bindir = @bindir@
-build = @build@
-build_alias = @build_alias@
-build_cpu = @build_cpu@
-build_os = @build_os@
-build_vendor = @build_vendor@
-builddir = @builddir@
-datadir = @datadir@
-datarootdir = @datarootdir@
-default_pkcs11 = @default_pkcs11@
-docdir = @docdir@
-dvidir = @dvidir@
-exec_prefix = @exec_prefix@
-gtk_CFLAGS = @gtk_CFLAGS@
-gtk_LIBS = @gtk_LIBS@
-host = @host@
-host_alias = @host_alias@
-host_cpu = @host_cpu@
-host_os = @host_os@
-host_vendor = @host_vendor@
-htmldir = @htmldir@
-includedir = @includedir@
-infodir = @infodir@
-install_sh = @install_sh@
-ipsecdir = @ipsecdir@
-ipsecgid = @ipsecgid@
-ipsecgroup = @ipsecgroup@
-ipsecuid = @ipsecuid@
-ipsecuser = @ipsecuser@
-libdir = @libdir@
-libexecdir = @libexecdir@
-libstrongswan_plugins = @libstrongswan_plugins@
-linux_headers = @linux_headers@
-localedir = @localedir@
-localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
-mandir = @mandir@
-mkdir_p = @mkdir_p@
-nm_CFLAGS = @nm_CFLAGS@
-nm_LIBS = @nm_LIBS@
-nm_ca_dir = @nm_ca_dir@
-oldincludedir = @oldincludedir@
-pdfdir = @pdfdir@
-piddir = @piddir@
-plugindir = @plugindir@
-pluto_plugins = @pluto_plugins@
-prefix = @prefix@
-program_transform_name = @program_transform_name@
-psdir = @psdir@
-random_device = @random_device@
-resolv_conf = @resolv_conf@
-routing_table = @routing_table@
-routing_table_prio = @routing_table_prio@
-sbindir = @sbindir@
-sharedstatedir = @sharedstatedir@
-srcdir = @srcdir@
-strongswan_conf = @strongswan_conf@
-sysconfdir = @sysconfdir@
-target_alias = @target_alias@
-top_build_prefix = @top_build_prefix@
-top_builddir = @top_builddir@
-top_srcdir = @top_srcdir@
-urandom_device = @urandom_device@
-xml_CFLAGS = @xml_CFLAGS@
-xml_LIBS = @xml_LIBS@
-INCLUDES = -I$(top_srcdir)/src/libstrongswan
-AM_CFLAGS = -rdynamic \
- -DPLUGINS=\""${libstrongswan_plugins}\""
-
-plugin_LTLIBRARIES = libstrongswan-attr-sql.la
-libstrongswan_attr_sql_la_SOURCES = \
- attr_sql_plugin.h attr_sql_plugin.c \
- sql_attribute.h sql_attribute.c
-
-libstrongswan_attr_sql_la_LDFLAGS = -module -avoid-version
-pool_SOURCES = pool.c
-pool_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la
-all: all-am
-
-.SUFFIXES:
-.SUFFIXES: .c .lo .o .obj
-$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
- @for dep in $?; do \
- case '$(am__configure_deps)' in \
- *$$dep*) \
- ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
- && { if test -f $@; then exit 0; else break; fi; }; \
- exit 1;; \
- esac; \
- done; \
- echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/attr_sql/Makefile'; \
- $(am__cd) $(top_srcdir) && \
- $(AUTOMAKE) --gnu src/libstrongswan/plugins/attr_sql/Makefile
-.PRECIOUS: Makefile
-Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
- @case '$?' in \
- *config.status*) \
- cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
- *) \
- echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
- cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
- esac;
-
-$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
- cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
-
-$(top_srcdir)/configure: $(am__configure_deps)
- cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
-$(ACLOCAL_M4): $(am__aclocal_m4_deps)
- cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
-$(am__aclocal_m4_deps):
-install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES)
- @$(NORMAL_INSTALL)
- test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)"
- @list='$(plugin_LTLIBRARIES)'; test -n "$(plugindir)" || list=; \
- list2=; for p in $$list; do \
- if test -f $$p; then \
- list2="$$list2 $$p"; \
- else :; fi; \
- done; \
- test -z "$$list2" || { \
- echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(plugindir)'"; \
- $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(plugindir)"; \
- }
-
-uninstall-pluginLTLIBRARIES:
- @$(NORMAL_UNINSTALL)
- @list='$(plugin_LTLIBRARIES)'; test -n "$(plugindir)" || list=; \
- for p in $$list; do \
- $(am__strip_dir) \
- echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(plugindir)/$$f'"; \
- $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(plugindir)/$$f"; \
- done
-
-clean-pluginLTLIBRARIES:
- -test -z "$(plugin_LTLIBRARIES)" || rm -f $(plugin_LTLIBRARIES)
- @list='$(plugin_LTLIBRARIES)'; for p in $$list; do \
- dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
- test "$$dir" != "$$p" || dir=.; \
- echo "rm -f \"$${dir}/so_locations\""; \
- rm -f "$${dir}/so_locations"; \
- done
-libstrongswan-attr-sql.la: $(libstrongswan_attr_sql_la_OBJECTS) $(libstrongswan_attr_sql_la_DEPENDENCIES)
- $(libstrongswan_attr_sql_la_LINK) -rpath $(plugindir) $(libstrongswan_attr_sql_la_OBJECTS) $(libstrongswan_attr_sql_la_LIBADD) $(LIBS)
-install-ipsecPROGRAMS: $(ipsec_PROGRAMS)
- @$(NORMAL_INSTALL)
- test -z "$(ipsecdir)" || $(MKDIR_P) "$(DESTDIR)$(ipsecdir)"
- @list='$(ipsec_PROGRAMS)'; test -n "$(ipsecdir)" || list=; \
- for p in $$list; do echo "$$p $$p"; done | \
- sed 's/$(EXEEXT)$$//' | \
- while read p p1; do if test -f $$p || test -f $$p1; \
- then echo "$$p"; echo "$$p"; else :; fi; \
- done | \
- sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \
- -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \
- sed 'N;N;N;s,\n, ,g' | \
- $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \
- { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \
- if ($$2 == $$4) files[d] = files[d] " " $$1; \
- else { print "f", $$3 "/" $$4, $$1; } } \
- END { for (d in files) print "f", d, files[d] }' | \
- while read type dir files; do \
- if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \
- test -z "$$files" || { \
- echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(ipsecdir)$$dir'"; \
- $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(ipsecdir)$$dir" || exit $$?; \
- } \
- ; done
-
-uninstall-ipsecPROGRAMS:
- @$(NORMAL_UNINSTALL)
- @list='$(ipsec_PROGRAMS)'; test -n "$(ipsecdir)" || list=; \
- files=`for p in $$list; do echo "$$p"; done | \
- sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \
- -e 's/$$/$(EXEEXT)/' `; \
- test -n "$$list" || exit 0; \
- echo " ( cd '$(DESTDIR)$(ipsecdir)' && rm -f" $$files ")"; \
- cd "$(DESTDIR)$(ipsecdir)" && rm -f $$files
-
-clean-ipsecPROGRAMS:
- @list='$(ipsec_PROGRAMS)'; test -n "$$list" || exit 0; \
- echo " rm -f" $$list; \
- rm -f $$list || exit $$?; \
- test -n "$(EXEEXT)" || exit 0; \
- list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \
- echo " rm -f" $$list; \
- rm -f $$list
-pool$(EXEEXT): $(pool_OBJECTS) $(pool_DEPENDENCIES)
- @rm -f pool$(EXEEXT)
- $(LINK) $(pool_OBJECTS) $(pool_LDADD) $(LIBS)
-
-mostlyclean-compile:
- -rm -f *.$(OBJEXT)
-
-distclean-compile:
- -rm -f *.tab.c
-
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/attr_sql_plugin.Plo@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pool.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sql_attribute.Plo@am__quote@
-
-.c.o:
-@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
-@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(COMPILE) -c $<
-
-.c.obj:
-@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
-@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
-
-.c.lo:
-@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
-@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
-
-mostlyclean-libtool:
- -rm -f *.lo
-
-clean-libtool:
- -rm -rf .libs _libs
-
-ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
- list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
- unique=`for i in $$list; do \
- if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
- done | \
- $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
- END { if (nonempty) { for (i in files) print i; }; }'`; \
- mkid -fID $$unique
-tags: TAGS
-
-TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
- $(TAGS_FILES) $(LISP)
- set x; \
- here=`pwd`; \
- list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
- unique=`for i in $$list; do \
- if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
- done | \
- $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
- END { if (nonempty) { for (i in files) print i; }; }'`; \
- shift; \
- if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
- test -n "$$unique" || unique=$$empty_fix; \
- if test $$# -gt 0; then \
- $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
- "$$@" $$unique; \
- else \
- $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
- $$unique; \
- fi; \
- fi
-ctags: CTAGS
-CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
- $(TAGS_FILES) $(LISP)
- list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
- unique=`for i in $$list; do \
- if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
- done | \
- $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
- END { if (nonempty) { for (i in files) print i; }; }'`; \
- test -z "$(CTAGS_ARGS)$$unique" \
- || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
- $$unique
-
-GTAGS:
- here=`$(am__cd) $(top_builddir) && pwd` \
- && $(am__cd) $(top_srcdir) \
- && gtags -i $(GTAGS_ARGS) "$$here"
-
-distclean-tags:
- -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
-
-distdir: $(DISTFILES)
- @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
- topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
- list='$(DISTFILES)'; \
- dist_files=`for file in $$list; do echo $$file; done | \
- sed -e "s|^$$srcdirstrip/||;t" \
- -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
- case $$dist_files in \
- */*) $(MKDIR_P) `echo "$$dist_files" | \
- sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
- sort -u` ;; \
- esac; \
- for file in $$dist_files; do \
- if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
- if test -d $$d/$$file; then \
- dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
- if test -d "$(distdir)/$$file"; then \
- find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
- fi; \
- if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
- cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
- find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
- fi; \
- cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
- else \
- test -f "$(distdir)/$$file" \
- || cp -p $$d/$$file "$(distdir)/$$file" \
- || exit 1; \
- fi; \
- done
-check-am: all-am
-check: check-am
-all-am: Makefile $(LTLIBRARIES) $(PROGRAMS)
-installdirs:
- for dir in "$(DESTDIR)$(plugindir)" "$(DESTDIR)$(ipsecdir)"; do \
- test -z "$$dir" || $(MKDIR_P) "$$dir"; \
- done
-install: install-am
-install-exec: install-exec-am
-install-data: install-data-am
-uninstall: uninstall-am
-
-install-am: all-am
- @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
-
-installcheck: installcheck-am
-install-strip:
- $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
- install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
- `test -z '$(STRIP)' || \
- echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
-mostlyclean-generic:
-
-clean-generic:
-
-distclean-generic:
- -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
- -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
-
-maintainer-clean-generic:
- @echo "This command is intended for maintainers to use"
- @echo "it deletes files that may require special tools to rebuild."
-clean: clean-am
-
-clean-am: clean-generic clean-ipsecPROGRAMS clean-libtool \
- clean-pluginLTLIBRARIES mostlyclean-am
-
-distclean: distclean-am
- -rm -rf ./$(DEPDIR)
- -rm -f Makefile
-distclean-am: clean-am distclean-compile distclean-generic \
- distclean-tags
-
-dvi: dvi-am
-
-dvi-am:
-
-html: html-am
-
-html-am:
-
-info: info-am
-
-info-am:
-
-install-data-am: install-ipsecPROGRAMS install-pluginLTLIBRARIES
-
-install-dvi: install-dvi-am
-
-install-dvi-am:
-
-install-exec-am:
-
-install-html: install-html-am
-
-install-html-am:
-
-install-info: install-info-am
-
-install-info-am:
-
-install-man:
-
-install-pdf: install-pdf-am
-
-install-pdf-am:
-
-install-ps: install-ps-am
-
-install-ps-am:
-
-installcheck-am:
-
-maintainer-clean: maintainer-clean-am
- -rm -rf ./$(DEPDIR)
- -rm -f Makefile
-maintainer-clean-am: distclean-am maintainer-clean-generic
-
-mostlyclean: mostlyclean-am
-
-mostlyclean-am: mostlyclean-compile mostlyclean-generic \
- mostlyclean-libtool
-
-pdf: pdf-am
-
-pdf-am:
-
-ps: ps-am
-
-ps-am:
-
-uninstall-am: uninstall-ipsecPROGRAMS uninstall-pluginLTLIBRARIES
-
-.MAKE: install-am install-strip
-
-.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
- clean-ipsecPROGRAMS clean-libtool clean-pluginLTLIBRARIES \
- ctags distclean distclean-compile distclean-generic \
- distclean-libtool distclean-tags distdir dvi dvi-am html \
- html-am info info-am install install-am install-data \
- install-data-am install-dvi install-dvi-am install-exec \
- install-exec-am install-html install-html-am install-info \
- install-info-am install-ipsecPROGRAMS install-man install-pdf \
- install-pdf-am install-pluginLTLIBRARIES install-ps \
- install-ps-am install-strip installcheck installcheck-am \
- installdirs maintainer-clean maintainer-clean-generic \
- mostlyclean mostlyclean-compile mostlyclean-generic \
- mostlyclean-libtool pdf pdf-am ps ps-am tags uninstall \
- uninstall-am uninstall-ipsecPROGRAMS \
- uninstall-pluginLTLIBRARIES
-
-
-# Tell versions [3.59,3.63) of GNU make to not export all variables.
-# Otherwise a system limit (for SysV at least) may be exceeded.
-.NOEXPORT:
diff --git a/src/libstrongswan/plugins/attr_sql/attr_sql_plugin.c b/src/libstrongswan/plugins/attr_sql/attr_sql_plugin.c
deleted file mode 100644
index 66b309c67..000000000
--- a/src/libstrongswan/plugins/attr_sql/attr_sql_plugin.c
+++ /dev/null
@@ -1,88 +0,0 @@
-/*
- * Copyright (C) 2008 Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include <library.h>
-#include <debug.h>
-
-#include "attr_sql_plugin.h"
-#include "sql_attribute.h"
-
-typedef struct private_attr_sql_plugin_t private_attr_sql_plugin_t;
-
-/**
- * private data of attr_sql plugin
- */
-struct private_attr_sql_plugin_t {
-
- /**
- * implements plugin interface
- */
- attr_sql_plugin_t public;
-
- /**
- * database connection instance
- */
- database_t *db;
-
- /**
- * configuration attributes
- */
- sql_attribute_t *attribute;
-
-};
-
-/**
- * Implementation of plugin_t.destroy
- */
-static void destroy(private_attr_sql_plugin_t *this)
-{
- lib->attributes->remove_provider(lib->attributes, &this->attribute->provider);
- this->attribute->destroy(this->attribute);
- this->db->destroy(this->db);
- free(this);
-}
-
-/*
- * see header file
- */
-plugin_t *plugin_create()
-{
- char *uri;
- private_attr_sql_plugin_t *this;
-
- uri = lib->settings->get_str(lib->settings, "libstrongswan.plugins.attr-sql.database", NULL);
- if (!uri)
- {
- DBG1("attr-sql plugin: database URI not set");
- return NULL;
- }
-
- this = malloc_thing(private_attr_sql_plugin_t);
-
- this->public.plugin.destroy = (void(*)(plugin_t*))destroy;
-
- this->db = lib->db->create(lib->db, uri);
- if (!this->db)
- {
- DBG1("attr-sql plugin failed to connect to database");
- free(this);
- return NULL;
- }
- this->attribute = sql_attribute_create(this->db);
- lib->attributes->add_provider(lib->attributes, &this->attribute->provider);
-
- return &this->public.plugin;
-}
-
diff --git a/src/libstrongswan/plugins/attr_sql/pool.c b/src/libstrongswan/plugins/attr_sql/pool.c
deleted file mode 100644
index 85b30a70f..000000000
--- a/src/libstrongswan/plugins/attr_sql/pool.c
+++ /dev/null
@@ -1,1050 +0,0 @@
-/*
- * Copyright (C) 2008 Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#define _GNU_SOURCE
-#include <getopt.h>
-#include <unistd.h>
-#include <stdio.h>
-#include <time.h>
-
-#include <debug.h>
-#include <library.h>
-#include <utils/host.h>
-#include <utils/identification.h>
-#include <attributes/attributes.h>
-
-/**
- * global database handle
- */
-database_t *db;
-
-/**
- * --start/--end/--server addresses of various subcommands
- */
-host_t *start = NULL, *end = NULL, *server = NULL;
-
-/**
- * instead of a pool handle a DNS or NBNS attribute
- */
-static bool is_attribute(char *name)
-{
- return strcaseeq(name, "dns") || strcaseeq(name, "nbns") ||
- strcaseeq(name, "wins");
-}
-
-/**
- * determine configuration attribute type
- */
-static configuration_attribute_type_t get_attribute_type(char *name, host_t* addr)
-{
- if (strcaseeq(name, "dns"))
- {
- return (addr->get_family(addr) == AF_INET) ? INTERNAL_IP4_DNS :
- INTERNAL_IP6_DNS;
- }
- else
- {
- return (addr->get_family(addr) == AF_INET) ? INTERNAL_IP4_NBNS :
- INTERNAL_IP6_NBNS;
- }
-}
-
-/**
- * calculate the size of a pool using start and end address chunk
- */
-static u_int get_pool_size(chunk_t start, chunk_t end)
-{
- u_int *start_ptr, *end_ptr;
-
- if (start.len < sizeof(u_int) || end.len < sizeof(u_int))
- {
- return 0;
- }
- start_ptr = (u_int*)(start.ptr + start.len - sizeof(u_int));
- end_ptr = (u_int*)(end.ptr + end.len - sizeof(u_int));
- return ntohl(*end_ptr) - ntohl(*start_ptr) + 1;
-}
-
-/**
- * print usage info
- */
-static void usage(void)
-{
- printf("\
-Usage:\n\
- ipsec pool --status|--add|--del|--resize|--purge [options]\n\
- \n\
- ipsec pool --status\n\
- Show a list of installed pools with statistics.\n\
- \n\
- ipsec pool --add <name> --start <start> --end <end> [--timeout <timeout>]\n\
- Add a new pool to the database.\n\
- name: Name of the pool, as used in ipsec.conf rightsourceip=%%name\n\
- start: Start address of the pool\n\
- end: End address of the pool\n\
- timeout: Lease time in hours, 0 for static leases\n\
- \n\
- ipsec pool --add dns|nbns|wins --server <server>\n\
- Add a new DNS or NBNS server to the database.\n\
- server: IP address of the name server\n\
- \n\
- ipsec pool --del <name>\n\
- Delete a pool from the database.\n\
- name: Name of the pool to delete\n\
- \n\
- ipsec pool --del dns|nbns|wins [--server <server>]\n\
- Delete a specific or all DNS or NBNS servers from the database.\n\
- server: IP address of the name server to delete\n\
- \n\
- ipsec pool --resize <name> --end <end>\n\
- Grow or shrink an existing pool.\n\
- name: Name of the pool to resize\n\
- end: New end address for the pool\n\
- \n\
- ipsec pool --leases [--filter <filter>] [--utc]\n\
- Show lease information using filters:\n\
- filter: Filter string containing comma separated key=value filters,\n\
- e.g. id=alice@strongswan.org,addr=1.1.1.1\n\
- pool: name of the pool\n\
- id: assigned identity of the lease\n\
- addr: lease IP address\n\
- tstamp: UNIX timestamp when lease was valid, as integer\n\
- status: status of the lease: online|valid|expired\n\
- utc: Show times in UTC instead of local time\n\
- \n\
- ipsec pool --purge <name>\n\
- Delete lease history of a pool:\n\
- name: Name of the pool to purge\n\
- \n");
- exit(0);
-}
-
-/**
- * ipsec pool --status - show pool overview
- */
-static void status(void)
-{
- enumerator_t *ns, *pool, *lease;
- host_t *server;
- chunk_t value;
- bool found = FALSE;
-
- /* enumerate IPv4 DNS servers */
- ns = db->query(db, "SELECT value FROM attributes WHERE type = ?",
- DB_INT, INTERNAL_IP4_DNS, DB_BLOB);
- if (ns)
- {
- while (ns->enumerate(ns, &value))
- {
- if (!found)
- {
- printf("dns servers:");
- found = TRUE;
- }
- server = host_create_from_chunk(AF_INET, value, 0);
- if (server)
- {
- printf(" %H", server);
- server->destroy(server);
- }
- }
- ns->destroy(ns);
- }
-
- /* enumerate IPv6 DNS servers */
- ns = db->query(db, "SELECT value FROM attributes WHERE type = ?",
- DB_INT, INTERNAL_IP6_DNS, DB_BLOB);
- if (ns)
- {
- while (ns->enumerate(ns, &value))
- {
- if (!found)
- {
- printf("dns servers:");
- found = TRUE;
- }
- server = host_create_from_chunk(AF_INET6, value, 0);
- if (server)
- {
- printf(" %H", server);
- server->destroy(server);
- }
- }
- ns->destroy(ns);
- }
- if (found)
- {
- printf("\n");
- }
- else
- {
- printf("no dns servers found.\n");
- }
- found = FALSE;
-
- /* enumerate IPv4 NBNS servers */
- ns = db->query(db, "SELECT value FROM attributes WHERE type = ?",
- DB_INT, INTERNAL_IP4_NBNS, DB_BLOB);
- if (ns)
- {
- while (ns->enumerate(ns, &value))
- {
- if (!found)
- {
- printf("nbns servers:");
- found = TRUE;
- }
- server = host_create_from_chunk(AF_INET, value, 0);
- if (server)
- {
- printf(" %H", server);
- server->destroy(server);
- }
- }
- ns->destroy(ns);
- }
-
- /* enumerate IPv6 NBNS servers */
- ns = db->query(db, "SELECT value FROM attributes WHERE type = ?",
- DB_INT, INTERNAL_IP6_NBNS, DB_BLOB);
- if (ns)
- {
- while (ns->enumerate(ns, &value))
- {
- if (!found)
- {
- printf("nbns servers:");
- found = TRUE;
- }
- server = host_create_from_chunk(AF_INET6, value, 0);
- if (server)
- {
- printf(" %H", server);
- server->destroy(server);
- }
- }
- ns->destroy(ns);
- }
- if (found)
- {
- printf("\n");
- }
- else
- {
- printf("no nbns servers found.\n");
- }
- found = FALSE;
-
- pool = db->query(db, "SELECT id, name, start, end, timeout FROM pools",
- DB_INT, DB_TEXT, DB_BLOB, DB_BLOB, DB_UINT);
- if (pool)
- {
- char *name;
- chunk_t start_chunk, end_chunk;
- host_t *start, *end;
- u_int id, timeout, online = 0, used = 0, size = 0;
-
- while (pool->enumerate(pool, &id, &name,
- &start_chunk, &end_chunk, &timeout))
- {
- if (!found)
- {
- printf("%8s %15s %15s %8s %6s %11s %11s\n", "name", "start",
- "end", "timeout", "size", "online", "usage");
- found = TRUE;
- }
-
- start = host_create_from_chunk(AF_UNSPEC, start_chunk, 0);
- end = host_create_from_chunk(AF_UNSPEC, end_chunk, 0);
- size = get_pool_size(start_chunk, end_chunk);
- printf("%8s %15H %15H ", name, start, end);
- if (timeout)
- {
- printf("%7dh ", timeout/3600);
- }
- else
- {
- printf("%8s ", "static");
- }
- printf("%6d ", size);
- /* get number of online hosts */
- lease = db->query(db, "SELECT COUNT(*) FROM addresses "
- "WHERE pool = ? AND released = 0",
- DB_UINT, id, DB_INT);
- if (lease)
- {
- lease->enumerate(lease, &online);
- lease->destroy(lease);
- }
- printf("%5d (%2d%%) ", online, online*100/size);
- /* get number of online or valid lieases */
- lease = db->query(db, "SELECT COUNT(*) FROM addresses "
- "WHERE addresses.pool = ? "
- "AND ((? AND acquired != 0) "
- " OR released = 0 OR released > ?) ",
- DB_UINT, id, DB_UINT, !timeout,
- DB_UINT, time(NULL) - timeout, DB_UINT);
- if (lease)
- {
- lease->enumerate(lease, &used);
- lease->destroy(lease);
- }
- printf("%5d (%2d%%) ", used, used*100/size);
-
- printf("\n");
- DESTROY_IF(start);
- DESTROY_IF(end);
- }
- pool->destroy(pool);
- }
- if (!found)
- {
- printf("no pools found.\n");
- }
- exit(0);
-}
-
-/**
- * ipsec pool --add - add a new pool
- */
-static void add(char *name, host_t *start, host_t *end, int timeout)
-{
- chunk_t start_addr, end_addr, cur_addr;
- u_int id, count;
-
- start_addr = start->get_address(start);
- end_addr = end->get_address(end);
- cur_addr = chunk_clonea(start_addr);
- count = get_pool_size(start_addr, end_addr);
-
- if (start_addr.len != end_addr.len ||
- memcmp(start_addr.ptr, end_addr.ptr, start_addr.len) > 0)
- {
- fprintf(stderr, "invalid start/end pair specified.\n");
- exit(-1);
- }
- if (db->execute(db, &id,
- "INSERT INTO pools (name, start, end, timeout) "
- "VALUES (?, ?, ?, ?)",
- DB_TEXT, name, DB_BLOB, start_addr,
- DB_BLOB, end_addr, DB_INT, timeout*3600) != 1)
- {
- fprintf(stderr, "creating pool failed.\n");
- exit(-1);
- }
- printf("allocating %d addresses... ", count);
- fflush(stdout);
- if (db->get_driver(db) == DB_SQLITE)
- { /* run population in a transaction for sqlite */
- db->execute(db, NULL, "BEGIN TRANSACTION");
- }
- while (TRUE)
- {
- db->execute(db, NULL,
- "INSERT INTO addresses (pool, address, identity, acquired, released) "
- "VALUES (?, ?, ?, ?, ?)",
- DB_UINT, id, DB_BLOB, cur_addr, DB_UINT, 0, DB_UINT, 0, DB_UINT, 1);
- if (chunk_equals(cur_addr, end_addr))
- {
- break;
- }
- chunk_increment(cur_addr);
- }
- if (db->get_driver(db) == DB_SQLITE)
- {
- db->execute(db, NULL, "END TRANSACTION");
- }
- printf("done.\n", count);
-
- exit(0);
-}
-
-/**
- * ipsec pool --add dns|nbns|wins - add a DNS or NBNS server entry
- */
-static void add_attr(char *name, host_t *server)
-{
- configuration_attribute_type_t type;
- chunk_t value;
-
- type = get_attribute_type(name, server);
- value = server->get_address(server);
- if (db->execute(db, NULL,
- "INSERT INTO attributes (type, value) VALUES (?, ?)",
- DB_INT, type, DB_BLOB, value) != 1)
- {
- fprintf(stderr, "adding %s server %H failed.\n", name, server);
- exit(-1);
- }
- printf("added %s server %H\n", name, server);
- exit(0);
-}
-
-/**
- * ipsec pool --del - delete a pool
- */
-static void del(char *name)
-{
- enumerator_t *query;
- u_int id;
- bool found = FALSE;
-
- query = db->query(db, "SELECT id FROM pools WHERE name = ?",
- DB_TEXT, name, DB_UINT);
- if (!query)
- {
- fprintf(stderr, "deleting pool failed.\n");
- exit(-1);
- }
- while (query->enumerate(query, &id))
- {
- found = TRUE;
- if (db->execute(db, NULL,
- "DELETE FROM leases WHERE address IN ("
- " SELECT id FROM addresses WHERE pool = ?)", DB_UINT, id) < 0 ||
- db->execute(db, NULL,
- "DELETE FROM addresses WHERE pool = ?", DB_UINT, id) < 0 ||
- db->execute(db, NULL,
- "DELETE FROM pools WHERE id = ?", DB_UINT, id) < 0)
- {
- fprintf(stderr, "deleting pool failed.\n");
- query->destroy(query);
- exit(-1);
- }
- }
- query->destroy(query);
- if (!found)
- {
- fprintf(stderr, "pool '%s' not found.\n", name);
- exit(-1);
- }
- exit(0);
-}
-
-/**
- * ipsec pool --del dns|nbns|wins - delete a DNS or NBNS server entry
- */
-static void del_attr(char *name, host_t *server)
-{
- configuration_attribute_type_t type;
- chunk_t value;
- u_int id;
- enumerator_t *query;
- bool found = FALSE;
-
- if (server)
- {
- type = get_attribute_type(name, server);
- value = server->get_address(server);
- query = db->query(db,
- "SELECT id, type, value FROM attributes "
- "WHERE type = ? AND value = ?",
- DB_INT, type, DB_BLOB, value,
- DB_UINT, DB_INT, DB_BLOB);
- }
- else
- {
- configuration_attribute_type_t type_ip4, type_ip6;
-
- if (strcaseeq(name, "dns"))
- {
- type_ip4 = INTERNAL_IP4_DNS;
- type_ip6 = INTERNAL_IP6_DNS;
- }
- else
- {
- type_ip4 = INTERNAL_IP4_NBNS;
- type_ip6 = INTERNAL_IP6_NBNS;
- }
-
- query = db->query(db,
- "SELECT id, type, value FROM attributes "
- "WHERE type = ? OR type = ?",
- DB_INT, type_ip4, DB_INT, type_ip6,
- DB_UINT, DB_INT, DB_BLOB);
- }
- if (!query)
- {
- fprintf(stderr, "deleting %s servers failed.\n", name);
- exit(-1);
- }
-
- while (query->enumerate(query, &id, &type, &value))
- {
- int family;
- host_t *host;
-
- found = TRUE;
- family = (type == INTERNAL_IP4_DNS || type == INTERNAL_IP4_NBNS) ?
- AF_INET : AF_INET6;
- host = host_create_from_chunk(family, value, 0);
- if (db->execute(db, NULL,
- "DELETE FROM attributes WHERE id = ?",
- DB_UINT, id) != 1)
- {
- fprintf(stderr, "deleting %s server %H failed\n", name, host);
- query->destroy(query);
- DESTROY_IF(host);
- exit(-1);
- }
- printf("deleted %s server %H\n", name, host);
- DESTROY_IF(host);
- }
- query->destroy(query);
-
- if (!found)
- {
- printf("no matching %s servers found\n", name);
- exit(-1);
- }
- exit(0);
-}
-
-/**
- * ipsec pool --resize - resize a pool if (db->execute(db, NULL,
- "DELETE FROM attributes WHERE type = ? AND value = ?",
- DB_INT, type, DB_BLOB, value) != 1)
- {
- fprintf(stderr, "deleting %s server %H failed\n", name, server);
- exit(-1);
- }
- printf("deleted %s server %H\n", name, server);
- if (db->execute(db, NULL,
- "DELETE FROM attributes WHERE type = ? AND value = ?",
- DB_INT, type, DB_BLOB, value) != 1)
- {
- fprintf(stderr, "deleting %s server %H failed\n", name, server);
- exit(-1);
- }
- printf("deleted %s server %H\n", name, server);
-
- */
-static void resize(char *name, host_t *end)
-{
- enumerator_t *query;
- chunk_t old_addr, new_addr, cur_addr;
- u_int id, count;
-
- new_addr = end->get_address(end);
-
- query = db->query(db, "SELECT id, end FROM pools WHERE name = ?",
- DB_TEXT, name, DB_UINT, DB_BLOB);
- if (!query || !query->enumerate(query, &id, &old_addr))
- {
- DESTROY_IF(query);
- fprintf(stderr, "resizing pool failed.\n");
- exit(-1);
- }
- if (old_addr.len != new_addr.len ||
- memcmp(new_addr.ptr, old_addr.ptr, old_addr.len) < 0)
- {
- fprintf(stderr, "shrinking of pools not supported.\n");
- query->destroy(query);
- exit(-1);
- }
- cur_addr = chunk_clonea(old_addr);
- count = get_pool_size(old_addr, new_addr) - 1;
- query->destroy(query);
-
- if (db->execute(db, NULL,
- "UPDATE pools SET end = ? WHERE name = ?",
- DB_BLOB, new_addr, DB_TEXT, name) <= 0)
- {
- fprintf(stderr, "pool '%s' not found.\n", name);
- exit(-1);
- }
-
- printf("allocating %d new addresses... ", count);
- fflush(stdout);
- if (db->get_driver(db) == DB_SQLITE)
- { /* run population in a transaction for sqlite */
- db->execute(db, NULL, "BEGIN TRANSACTION");
- }
- while (count-- > 0)
- {
- chunk_increment(cur_addr);
- db->execute(db, NULL,
- "INSERT INTO addresses (pool, address, identity, acquired, released) "
- "VALUES (?, ?, ?, ?, ?)",
- DB_UINT, id, DB_BLOB, cur_addr, DB_UINT, 0, DB_UINT, 0, DB_UINT, 1);
- }
- if (db->get_driver(db) == DB_SQLITE)
- {
- db->execute(db, NULL, "END TRANSACTION");
- }
- printf("done.\n", count);
-
- exit(0);
-}
-
-/**
- * create the lease query using the filter string
- */
-static enumerator_t *create_lease_query(char *filter)
-{
- enumerator_t *query;
- identification_t *id = NULL;
- host_t *addr = NULL;
- u_int tstamp = 0;
- bool online = FALSE, valid = FALSE, expired = FALSE;
- char *value, *pos, *pool = NULL;
- enum {
- FIL_POOL = 0,
- FIL_ID,
- FIL_ADDR,
- FIL_TSTAMP,
- FIL_STATE,
- };
- char *const token[] = {
- [FIL_POOL] = "pool",
- [FIL_ID] = "id",
- [FIL_ADDR] = "addr",
- [FIL_TSTAMP] = "tstamp",
- [FIL_STATE] = "status",
- NULL
- };
-
- /* if the filter string contains a distinguished name as a ID, we replace
- * ", " by "/ " in order to not confuse the getsubopt parser */
- pos = filter;
- while ((pos = strchr(pos, ',')))
- {
- if (pos[1] == ' ')
- {
- pos[0] = '/';
- }
- pos++;
- }
-
- while (filter && *filter != '\0')
- {
- switch (getsubopt(&filter, token, &value))
- {
- case FIL_POOL:
- if (value)
- {
- pool = value;
- }
- break;
- case FIL_ID:
- if (value)
- {
- id = identification_create_from_string(value);
- }
- break;
- case FIL_ADDR:
- if (value)
- {
- addr = host_create_from_string(value, 0);
- }
- if (!addr)
- {
- fprintf(stderr, "invalid 'addr' in filter string.\n");
- exit(-1);
- }
- break;
- case FIL_TSTAMP:
- if (value)
- {
- tstamp = atoi(value);
- }
- if (tstamp == 0)
- {
- online = TRUE;
- }
- break;
- case FIL_STATE:
- if (value)
- {
- if (streq(value, "online"))
- {
- online = TRUE;
- }
- else if (streq(value, "valid"))
- {
- valid = TRUE;
- }
- else if (streq(value, "expired"))
- {
- expired = TRUE;
- }
- else
- {
- fprintf(stderr, "invalid 'state' in filter string.\n");
- exit(-1);
- }
- }
- break;
- default:
- fprintf(stderr, "invalid filter string.\n");
- exit(-1);
- break;
- }
- }
- query = db->query(db,
- "SELECT name, addresses.address, identities.type, "
- "identities.data, leases.acquired, leases.released, timeout "
- "FROM leases JOIN addresses ON leases.address = addresses.id "
- "JOIN pools ON addresses.pool = pools.id "
- "JOIN identities ON leases.identity = identities.id "
- "WHERE (? OR name = ?) "
- "AND (? OR (identities.type = ? AND identities.data = ?)) "
- "AND (? OR addresses.address = ?) "
- "AND (? OR (? >= leases.acquired AND (? <= leases.released))) "
- "AND (? OR leases.released > ? - timeout) "
- "AND (? OR leases.released < ? - timeout) "
- "AND ? "
- "UNION "
- "SELECT name, address, identities.type, identities.data, "
- "acquired, released, timeout FROM addresses "
- "JOIN pools ON addresses.pool = pools.id "
- "JOIN identities ON addresses.identity = identities.id "
- "WHERE ? AND released = 0 "
- "AND (? OR name = ?) "
- "AND (? OR (identities.type = ? AND identities.data = ?)) "
- "AND (? OR address = ?)",
- DB_INT, pool == NULL, DB_TEXT, pool,
- DB_INT, id == NULL,
- DB_INT, id ? id->get_type(id) : 0,
- DB_BLOB, id ? id->get_encoding(id) : chunk_empty,
- DB_INT, addr == NULL,
- DB_BLOB, addr ? addr->get_address(addr) : chunk_empty,
- DB_INT, tstamp == 0, DB_UINT, tstamp, DB_UINT, tstamp,
- DB_INT, !valid, DB_INT, time(NULL),
- DB_INT, !expired, DB_INT, time(NULL),
- DB_INT, !online,
- /* union */
- DB_INT, !(valid || expired),
- DB_INT, pool == NULL, DB_TEXT, pool,
- DB_INT, id == NULL,
- DB_INT, id ? id->get_type(id) : 0,
- DB_BLOB, id ? id->get_encoding(id) : chunk_empty,
- DB_INT, addr == NULL,
- DB_BLOB, addr ? addr->get_address(addr) : chunk_empty,
- /* res */
- DB_TEXT, DB_BLOB, DB_INT, DB_BLOB, DB_UINT, DB_UINT, DB_UINT);
- /* id and addr leak but we can't destroy them until query is destroyed. */
- return query;
-}
-
-/**
- * ipsec pool --leases - show lease information of a pool
- */
-static void leases(char *filter, bool utc)
-{
- enumerator_t *query;
- chunk_t address_chunk, identity_chunk;
- int identity_type;
- char *name;
- u_int acquired, released, timeout;
- host_t *address;
- identification_t *identity;
- bool found = FALSE;
-
- query = create_lease_query(filter);
- if (!query)
- {
- fprintf(stderr, "querying leases failed.\n");
- exit(-1);
- }
- while (query->enumerate(query, &name, &address_chunk, &identity_type,
- &identity_chunk, &acquired, &released, &timeout))
- {
- if (!found)
- {
- int len = utc ? 25 : 21;
-
- found = TRUE;
- printf("%-8s %-15s %-7s %-*s %-*s %s\n",
- "name", "address", "status", len, "start", len, "end", "identity");
- }
- address = host_create_from_chunk(AF_UNSPEC, address_chunk, 0);
- identity = identification_create_from_encoding(identity_type, identity_chunk);
-
- printf("%-8s %-15H ", name, address);
- if (released == 0)
- {
- printf("%-7s ", "online");
- }
- else if (timeout == 0)
- {
- printf("%-7s ", "static");
- }
- else if (released >= time(NULL) - timeout)
- {
- printf("%-7s ", "valid");
- }
- else
- {
- printf("%-7s ", "expired");
- }
-
- printf(" %T ", &acquired, utc);
- if (released)
- {
- printf("%T ", &released, utc);
- }
- else
- {
- printf(" ");
- if (utc)
- {
- printf(" ");
- }
- }
- printf("%Y\n", identity);
- DESTROY_IF(address);
- identity->destroy(identity);
- }
- query->destroy(query);
- if (!found)
- {
- fprintf(stderr, "no matching leases found.\n");
- exit(-1);
- }
- exit(0);
-}
-
-/**
- * ipsec pool --purge - delete expired leases
- */
-static void purge(char *name)
-{
- int purged = 0;
-
- purged = db->execute(db, NULL,
- "DELETE FROM leases WHERE address IN ("
- " SELECT id FROM addresses WHERE pool IN ("
- " SELECT id FROM pools WHERE name = ?))",
- DB_TEXT, name);
- if (purged < 0)
- {
- fprintf(stderr, "purging pool '%s' failed.\n", name);
- exit(-1);
- }
- fprintf(stderr, "purged %d leases in pool '%s'.\n", purged, name);
- exit(0);
-}
-
-/**
- * atexit handler to close db on shutdown
- */
-static void cleanup(void)
-{
- db->destroy(db);
- DESTROY_IF(start);
- DESTROY_IF(end);
- DESTROY_IF(server);
-}
-
-int main(int argc, char *argv[])
-{
- char *uri, *name = "", *filter = "";
- int timeout = 0;
- bool utc = FALSE;
- enum {
- OP_USAGE,
- OP_STATUS,
- OP_ADD,
- OP_ADD_ATTR,
- OP_DEL,
- OP_DEL_ATTR,
- OP_RESIZE,
- OP_LEASES,
- OP_PURGE
- } operation = OP_USAGE;
-
- atexit(library_deinit);
-
- /* initialize library */
- if (!library_init(NULL))
- {
- exit(SS_RC_LIBSTRONGSWAN_INTEGRITY);
- }
- if (lib->integrity &&
- !lib->integrity->check_file(lib->integrity, "pool", argv[0]))
- {
- fprintf(stderr, "integrity check of pool failed\n");
- exit(SS_RC_DAEMON_INTEGRITY);
- }
- if (!lib->plugins->load(lib->plugins, NULL,
- lib->settings->get_str(lib->settings, "pool.load", PLUGINS)))
- {
- exit(SS_RC_INITIALIZATION_FAILED);
- }
-
- uri = lib->settings->get_str(lib->settings, "libstrongswan.plugins.attr-sql.database", NULL);
- if (!uri)
- {
- fprintf(stderr, "database URI libstrongswan.plugins.attr-sql.database not set.\n");
- exit(SS_RC_INITIALIZATION_FAILED);
- }
- db = lib->db->create(lib->db, uri);
- if (!db)
- {
- fprintf(stderr, "opening database failed.\n");
- exit(SS_RC_INITIALIZATION_FAILED);
- }
- atexit(cleanup);
-
- while (TRUE)
- {
- int c;
-
- struct option long_opts[] = {
- { "help", no_argument, NULL, 'h' },
-
- { "utc", no_argument, NULL, 'u' },
- { "status", no_argument, NULL, 'w' },
- { "add", required_argument, NULL, 'a' },
- { "del", required_argument, NULL, 'd' },
- { "resize", required_argument, NULL, 'r' },
- { "leases", no_argument, NULL, 'l' },
- { "purge", required_argument, NULL, 'p' },
-
- { "start", required_argument, NULL, 's' },
- { "end", required_argument, NULL, 'e' },
- { "timeout", required_argument, NULL, 't' },
- { "filter", required_argument, NULL, 'f' },
- { "server", required_argument, NULL, 'v' },
- { 0,0,0,0 }
- };
-
- c = getopt_long(argc, argv, "", long_opts, NULL);
- switch (c)
- {
- case EOF:
- break;
- case 'h':
- break;
- case 'w':
- operation = OP_STATUS;
- break;
- case 'u':
- utc = TRUE;
- continue;
- case 'a':
- name = optarg;
- operation = is_attribute(name) ? OP_ADD_ATTR : OP_ADD;
- continue;
- case 'd':
- name = optarg;
- operation = is_attribute(name) ? OP_DEL_ATTR : OP_DEL;
- continue;
- case 'r':
- name = optarg;
- operation = OP_RESIZE;
- continue;
- case 'l':
- operation = OP_LEASES;
- continue;
- case 'p':
- name = optarg;
- operation = OP_PURGE;
- continue;
- case 's':
- start = host_create_from_string(optarg, 0);
- if (start == NULL)
- {
- fprintf(stderr, "invalid start address: '%s'.\n", optarg);
- operation = OP_USAGE;
- break;
- }
- continue;
- case 'e':
- end = host_create_from_string(optarg, 0);
- if (end == NULL)
- {
- fprintf(stderr, "invalid end address: '%s'.\n", optarg);
- operation = OP_USAGE;
- break;
- }
- continue;
- case 't':
- timeout = atoi(optarg);
- if (timeout == 0 && strcmp(optarg, "0") != 0)
- {
- fprintf(stderr, "invalid timeout '%s'.\n", optarg);
- operation = OP_USAGE;
- break;
- }
- continue;
- case 'f':
- filter = optarg;
- continue;
- case 'v':
- server = host_create_from_string(optarg, 0);
- if (server == NULL)
- {
- fprintf(stderr, "invalid server address: '%s'.\n", optarg);
- operation = OP_USAGE;
- break;
- }
- continue;
- default:
- operation = OP_USAGE;
- break;
- }
- break;
- }
-
- switch (operation)
- {
- case OP_USAGE:
- usage();
- break;
- case OP_STATUS:
- status();
- break;
- case OP_ADD:
- if (start == NULL || end == NULL)
- {
- fprintf(stderr, "missing arguments.\n");
- usage();
- }
- add(name, start, end, timeout);
- break;
- case OP_ADD_ATTR:
- if (server == NULL)
- {
- fprintf(stderr, "missing arguments.\n");
- usage();
- }
- add_attr(name, server);
- break;
- case OP_DEL:
- del(name);
- break;
- case OP_DEL_ATTR:
- del_attr(name, server);
- break;
- case OP_RESIZE:
- if (end == NULL)
- {
- fprintf(stderr, "missing arguments.\n");
- usage();
- }
- resize(name, end);
- break;
- case OP_LEASES:
- leases(filter, utc);
- break;
- case OP_PURGE:
- purge(name);
- break;
- }
- exit(0);
-}
-
diff --git a/src/libstrongswan/plugins/attr_sql/sql_attribute.c b/src/libstrongswan/plugins/attr_sql/sql_attribute.c
deleted file mode 100644
index a89195b6d..000000000
--- a/src/libstrongswan/plugins/attr_sql/sql_attribute.c
+++ /dev/null
@@ -1,384 +0,0 @@
-/*
- * Copyright (C) 2008 Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include <time.h>
-
-#include <debug.h>
-#include <library.h>
-
-#include "sql_attribute.h"
-
-typedef struct private_sql_attribute_t private_sql_attribute_t;
-
-/**
- * private data of sql_attribute
- */
-struct private_sql_attribute_t {
-
- /**
- * public functions
- */
- sql_attribute_t public;
-
- /**
- * database connection
- */
- database_t *db;
-
- /**
- * wheter to record lease history in lease table
- */
- bool history;
-};
-
-/**
- * lookup/insert an identity
- */
-static u_int get_identity(private_sql_attribute_t *this, identification_t *id)
-{
- enumerator_t *e;
- u_int row;
-
- /* look for peer identity in the identities table */
- e = this->db->query(this->db,
- "SELECT id FROM identities WHERE type = ? AND data = ?",
- DB_INT, id->get_type(id), DB_BLOB, id->get_encoding(id),
- DB_UINT);
-
- if (e && e->enumerate(e, &row))
- {
- e->destroy(e);
- return row;
- }
- DESTROY_IF(e);
- /* not found, insert new one */
- if (this->db->execute(this->db, &row,
- "INSERT INTO identities (type, data) VALUES (?, ?)",
- DB_INT, id->get_type(id), DB_BLOB, id->get_encoding(id)) == 1)
- {
- return row;
- }
- return 0;
-}
-
-/**
- * Lookup pool by name
- */
-static u_int get_pool(private_sql_attribute_t *this, char *name, u_int *timeout)
-{
- enumerator_t *e;
- u_int pool;
-
- e = this->db->query(this->db, "SELECT id, timeout FROM pools WHERE name = ?",
- DB_TEXT, name, DB_UINT, DB_UINT);
- if (e && e->enumerate(e, &pool, timeout))
- {
- e->destroy(e);
- return pool;
- }
- DESTROY_IF(e);
- return 0;
-}
-
-/**
- * Look up an existing lease
- */
-static host_t* check_lease(private_sql_attribute_t *this, char *name,
- u_int pool, u_int identity)
-{
- while (TRUE)
- {
- u_int id;
- chunk_t address;
- enumerator_t *e;
- time_t now = time(NULL);
-
- e = this->db->query(this->db,
- "SELECT id, address FROM addresses "
- "WHERE pool = ? AND identity = ? AND released != 0 LIMIT 1",
- DB_UINT, pool, DB_UINT, identity, DB_UINT, DB_BLOB);
- if (!e || !e->enumerate(e, &id, &address))
- {
- DESTROY_IF(e);
- break;
- }
- address = chunk_clonea(address);
- e->destroy(e);
-
- if (this->db->execute(this->db, NULL,
- "UPDATE addresses SET acquired = ?, released = 0 "
- "WHERE id = ? AND identity = ? AND released != 0",
- DB_UINT, now, DB_UINT, id, DB_UINT, identity) > 0)
- {
- host_t *host;
-
- host = host_create_from_chunk(AF_UNSPEC, address, 0);
- if (host)
- {
- DBG1("acquired existing lease for address %H in pool '%s'",
- host, name);
- return host;
- }
- }
- }
- return NULL;
-}
-
-/**
- * We check for unallocated addresses or expired leases. First we select an
- * address as a candidate, but double check later on if it is still available
- * during the update operation. This allows us to work without locking.
- */
-static host_t* get_lease(private_sql_attribute_t *this, char *name,
- u_int pool, u_int timeout, u_int identity)
-{
- while (TRUE)
- {
- u_int id;
- chunk_t address;
- enumerator_t *e;
- time_t now = time(NULL);
- int hits;
-
- if (timeout)
- {
- /* check for an expired lease */
- e = this->db->query(this->db,
- "SELECT id, address FROM addresses "
- "WHERE pool = ? AND released != 0 AND released < ? LIMIT 1",
- DB_UINT, pool, DB_UINT, now - timeout, DB_UINT, DB_BLOB);
- }
- else
- {
- /* with static leases, check for an unallocated address */
- e = this->db->query(this->db,
- "SELECT id, address FROM addresses "
- "WHERE pool = ? AND identity = 0 LIMIT 1",
- DB_UINT, pool, DB_UINT, DB_BLOB);
-
- }
-
- if (!e || !e->enumerate(e, &id, &address))
- {
- DESTROY_IF(e);
- break;
- }
- address = chunk_clonea(address);
- e->destroy(e);
-
- if (timeout)
- {
- hits = this->db->execute(this->db, NULL,
- "UPDATE addresses SET "
- "acquired = ?, released = 0, identity = ? "
- "WHERE id = ? AND released != 0 AND released < ?",
- DB_UINT, now, DB_UINT, identity,
- DB_UINT, id, DB_UINT, now - timeout);
- }
- else
- {
- hits = this->db->execute(this->db, NULL,
- "UPDATE addresses SET "
- "acquired = ?, released = 0, identity = ? "
- "WHERE id = ? AND identity = 0",
- DB_UINT, now, DB_UINT, identity, DB_UINT, id);
- }
- if (hits > 0)
- {
- host_t *host;
-
- host = host_create_from_chunk(AF_UNSPEC, address, 0);
- if (host)
- {
- DBG1("acquired new lease for address %H in pool '%s'",
- host, name);
- return host;
- }
- }
- }
- DBG1("no available address found in pool '%s'", name);
- return NULL;
-}
-
-/**
- * Implementation of attribute_provider_t.acquire_address
- */
-static host_t* acquire_address(private_sql_attribute_t *this,
- char *names, identification_t *id,
- host_t *requested)
-{
- host_t *address = NULL;
- u_int identity, pool, timeout;
-
- identity = get_identity(this, id);
- if (identity)
- {
- /* check for a single pool first (no concatenation and enumeration) */
- if (strchr(names, ',') == NULL)
- {
- pool = get_pool(this, names, &timeout);
- if (pool)
- {
- /* check for an existing lease */
- address = check_lease(this, names, pool, identity);
- if (address == NULL)
- {
- /* get an unallocated address or expired lease */
- address = get_lease(this, names, pool, timeout, identity);
- }
- }
- }
- else
- {
- enumerator_t *enumerator;
- char *name;
-
- /* in a first step check for an existing lease over all pools */
- enumerator = enumerator_create_token(names, ",", " ");
- while (enumerator->enumerate(enumerator, &name))
- {
- pool = get_pool(this, name, &timeout);
- if (pool)
- {
- address = check_lease(this, name, pool, identity);
- if (address)
- {
- enumerator->destroy(enumerator);
- return address;
- }
- }
- }
- enumerator->destroy(enumerator);
-
- /* in a second step get an unallocated address or expired lease */
- enumerator = enumerator_create_token(names, ",", " ");
- while (enumerator->enumerate(enumerator, &name))
- {
- pool = get_pool(this, name, &timeout);
- if (pool)
- {
- address = get_lease(this, name, pool, timeout, identity);
- if (address)
- {
- break;
- }
- }
- }
- enumerator->destroy(enumerator);
- }
- }
- return address;
-}
-
-/**
- * Implementation of attribute_provider_t.release_address
- */
-static bool release_address(private_sql_attribute_t *this,
- char *name, host_t *address, identification_t *id)
-{
- enumerator_t *enumerator;
- bool found = FALSE;
- time_t now = time(NULL);
-
- enumerator = enumerator_create_token(name, ",", " ");
- while (enumerator->enumerate(enumerator, &name))
- {
- u_int pool, timeout;
-
- pool = get_pool(this, name, &timeout);
- if (pool)
- {
- if (this->history)
- {
- this->db->execute(this->db, NULL,
- "INSERT INTO leases (address, identity, acquired, released)"
- " SELECT id, identity, acquired, ? FROM addresses "
- " WHERE pool = ? AND address = ?",
- DB_UINT, now, DB_UINT, pool,
- DB_BLOB, address->get_address(address));
- }
- if (this->db->execute(this->db, NULL,
- "UPDATE addresses SET released = ? WHERE "
- "pool = ? AND address = ?", DB_UINT, time(NULL),
- DB_UINT, pool, DB_BLOB, address->get_address(address)) > 0)
- {
- found = TRUE;
- break;
- }
- }
- }
- enumerator->destroy(enumerator);
- return found;
-}
-
-/**
- * Implementation of sql_attribute_t.create_attribute_enumerator
- */
-static enumerator_t* create_attribute_enumerator(private_sql_attribute_t *this,
- identification_t *id, host_t *vip)
-{
- if (vip)
- {
- enumerator_t *enumerator;
-
- enumerator = this->db->query(this->db,
- "SELECT type, value FROM attributes", DB_INT, DB_BLOB);
- if (enumerator)
- {
- return enumerator;
- }
- }
- return enumerator_create_empty();
-}
-
-/**
- * Implementation of sql_attribute_t.destroy
- */
-static void destroy(private_sql_attribute_t *this)
-{
- free(this);
-}
-
-/*
- * see header file
- */
-sql_attribute_t *sql_attribute_create(database_t *db)
-{
- private_sql_attribute_t *this = malloc_thing(private_sql_attribute_t);
- time_t now = time(NULL);
-
- this->public.provider.acquire_address = (host_t*(*)(attribute_provider_t *this, char*, identification_t *, host_t *))acquire_address;
- this->public.provider.release_address = (bool(*)(attribute_provider_t *this, char*,host_t *, identification_t*))release_address;
- this->public.provider.create_attribute_enumerator = (enumerator_t*(*)(attribute_provider_t*, identification_t *id, host_t *host))create_attribute_enumerator;
- this->public.destroy = (void(*)(sql_attribute_t*))destroy;
-
- this->db = db;
- this->history = lib->settings->get_bool(lib->settings,
- "libstrongswan.plugins.attr-sql.lease_history", TRUE);
-
- /* close any "online" leases in the case we crashed */
- if (this->history)
- {
- this->db->execute(this->db, NULL,
- "INSERT INTO leases (address, identity, acquired, released)"
- " SELECT id, identity, acquired, ? FROM addresses "
- " WHERE released = 0", DB_UINT, now);
- }
- this->db->execute(this->db, NULL,
- "UPDATE addresses SET released = ? WHERE released = 0",
- DB_UINT, now);
- return &this->public;
-}
-
diff --git a/src/libstrongswan/plugins/attr_sql/sql_attribute.h b/src/libstrongswan/plugins/attr_sql/sql_attribute.h
deleted file mode 100644
index ca87eb27e..000000000
--- a/src/libstrongswan/plugins/attr_sql/sql_attribute.h
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * Copyright (C) 2008 Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-/**
- * @defgroup sql_attribute sql_attribute
- * @{ @ingroup attr_sql
- */
-
-#ifndef SQL_ATTRIBUTE_H_
-#define SQL_ATTRIBUTE_H_
-
-#include <attributes/attribute_provider.h>
-#include <database/database.h>
-
-typedef struct sql_attribute_t sql_attribute_t;
-
-/**
- * SQL database based IKEv2 cfg attribute provider.
- */
-struct sql_attribute_t {
-
- /**
- * Implements attribute provider interface
- */
- attribute_provider_t provider;
-
- /**
- * Destroy a sql_attribute instance.
- */
- void (*destroy)(sql_attribute_t *this);
-};
-
-/**
- * Create a sql_attribute instance.
- */
-sql_attribute_t *sql_attribute_create(database_t *db);
-
-#endif /** SQL_ATTRIBUTE_H_ @}*/
diff --git a/src/libstrongswan/plugins/blowfish/Makefile.am b/src/libstrongswan/plugins/blowfish/Makefile.am
index de8948445..95c414204 100644
--- a/src/libstrongswan/plugins/blowfish/Makefile.am
+++ b/src/libstrongswan/plugins/blowfish/Makefile.am
@@ -3,10 +3,14 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
+if MONOLITHIC
+noinst_LTLIBRARIES = libstrongswan-blowfish.la
+else
plugin_LTLIBRARIES = libstrongswan-blowfish.la
+endif
libstrongswan_blowfish_la_SOURCES = \
-blowfish_plugin.h blowfish_plugin.c blowfish_crypter.c blowfish_crypter.h \
-bf_skey.c blowfish.h bf_pi.h bf_locl.h bf_enc.c
-libstrongswan_blowfish_la_LDFLAGS = -module -avoid-version
+ blowfish_plugin.h blowfish_plugin.c blowfish_crypter.c blowfish_crypter.h \
+ bf_skey.c blowfish.h bf_pi.h bf_locl.h bf_enc.c
+libstrongswan_blowfish_la_LDFLAGS = -module -avoid-version
diff --git a/src/libstrongswan/plugins/blowfish/Makefile.in b/src/libstrongswan/plugins/blowfish/Makefile.in
index 7b55d69c7..f95a4abe5 100644
--- a/src/libstrongswan/plugins/blowfish/Makefile.in
+++ b/src/libstrongswan/plugins/blowfish/Makefile.in
@@ -72,7 +72,7 @@ am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
am__installdirs = "$(DESTDIR)$(plugindir)"
-LTLIBRARIES = $(plugin_LTLIBRARIES)
+LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_blowfish_la_LIBADD =
am_libstrongswan_blowfish_la_OBJECTS = blowfish_plugin.lo \
blowfish_crypter.lo bf_skey.lo bf_enc.lo
@@ -82,6 +82,9 @@ libstrongswan_blowfish_la_LINK = $(LIBTOOL) --tag=CC \
$(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \
$(AM_CFLAGS) $(CFLAGS) $(libstrongswan_blowfish_la_LDFLAGS) \
$(LDFLAGS) -o $@
+@MONOLITHIC_FALSE@am_libstrongswan_blowfish_la_rpath = -rpath \
+@MONOLITHIC_FALSE@ $(plugindir)
+@MONOLITHIC_TRUE@am_libstrongswan_blowfish_la_rpath =
DEFAULT_INCLUDES = -I.@am__isrc@
depcomp = $(SHELL) $(top_srcdir)/depcomp
am__depfiles_maybe = depfiles
@@ -220,6 +223,7 @@ ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
+libhydra_plugins = @libhydra_plugins@
libstrongswan_plugins = @libstrongswan_plugins@
linux_headers = @linux_headers@
localedir = @localedir@
@@ -256,10 +260,11 @@ xml_CFLAGS = @xml_CFLAGS@
xml_LIBS = @xml_LIBS@
INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
-plugin_LTLIBRARIES = libstrongswan-blowfish.la
+@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-blowfish.la
+@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-blowfish.la
libstrongswan_blowfish_la_SOURCES = \
-blowfish_plugin.h blowfish_plugin.c blowfish_crypter.c blowfish_crypter.h \
-bf_skey.c blowfish.h bf_pi.h bf_locl.h bf_enc.c
+ blowfish_plugin.h blowfish_plugin.c blowfish_crypter.c blowfish_crypter.h \
+ bf_skey.c blowfish.h bf_pi.h bf_locl.h bf_enc.c
libstrongswan_blowfish_la_LDFLAGS = -module -avoid-version
all: all-am
@@ -296,6 +301,15 @@ $(top_srcdir)/configure: $(am__configure_deps)
$(ACLOCAL_M4): $(am__aclocal_m4_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(am__aclocal_m4_deps):
+
+clean-noinstLTLIBRARIES:
+ -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES)
+ @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES)
@$(NORMAL_INSTALL)
test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)"
@@ -328,7 +342,7 @@ clean-pluginLTLIBRARIES:
rm -f "$${dir}/so_locations"; \
done
libstrongswan-blowfish.la: $(libstrongswan_blowfish_la_OBJECTS) $(libstrongswan_blowfish_la_DEPENDENCIES)
- $(libstrongswan_blowfish_la_LINK) -rpath $(plugindir) $(libstrongswan_blowfish_la_OBJECTS) $(libstrongswan_blowfish_la_LIBADD) $(LIBS)
+ $(libstrongswan_blowfish_la_LINK) $(am_libstrongswan_blowfish_la_rpath) $(libstrongswan_blowfish_la_OBJECTS) $(libstrongswan_blowfish_la_LIBADD) $(LIBS)
mostlyclean-compile:
-rm -f *.$(OBJEXT)
@@ -484,8 +498,8 @@ maintainer-clean-generic:
@echo "it deletes files that may require special tools to rebuild."
clean: clean-am
-clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \
- mostlyclean-am
+clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \
+ clean-pluginLTLIBRARIES mostlyclean-am
distclean: distclean-am
-rm -rf ./$(DEPDIR)
@@ -556,18 +570,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES
.MAKE: install-am install-strip
.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
- clean-libtool clean-pluginLTLIBRARIES ctags distclean \
- distclean-compile distclean-generic distclean-libtool \
- distclean-tags distdir dvi dvi-am html html-am info info-am \
- install install-am install-data install-data-am install-dvi \
- install-dvi-am install-exec install-exec-am install-html \
- install-html-am install-info install-info-am install-man \
- install-pdf install-pdf-am install-pluginLTLIBRARIES \
- install-ps install-ps-am install-strip installcheck \
- installcheck-am installdirs maintainer-clean \
- maintainer-clean-generic mostlyclean mostlyclean-compile \
- mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
- tags uninstall uninstall-am uninstall-pluginLTLIBRARIES
+ clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \
+ ctags distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-pdf install-pdf-am \
+ install-pluginLTLIBRARIES install-ps install-ps-am \
+ install-strip installcheck installcheck-am installdirs \
+ maintainer-clean maintainer-clean-generic mostlyclean \
+ mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
+ pdf pdf-am ps ps-am tags uninstall uninstall-am \
+ uninstall-pluginLTLIBRARIES
# Tell versions [3.59,3.63) of GNU make to not export all variables.
diff --git a/src/libstrongswan/plugins/blowfish/blowfish_plugin.c b/src/libstrongswan/plugins/blowfish/blowfish_plugin.c
index 993dc8b3b..f9fb605b3 100644
--- a/src/libstrongswan/plugins/blowfish/blowfish_plugin.c
+++ b/src/libstrongswan/plugins/blowfish/blowfish_plugin.c
@@ -45,7 +45,7 @@ static void destroy(private_blowfish_plugin_t *this)
/*
* see header file
*/
-plugin_t *plugin_create()
+plugin_t *blowfish_plugin_create()
{
private_blowfish_plugin_t *this = malloc_thing(private_blowfish_plugin_t);
diff --git a/src/libstrongswan/plugins/blowfish/blowfish_plugin.h b/src/libstrongswan/plugins/blowfish/blowfish_plugin.h
index 596a7c791..6a87f42ee 100644
--- a/src/libstrongswan/plugins/blowfish/blowfish_plugin.h
+++ b/src/libstrongswan/plugins/blowfish/blowfish_plugin.h
@@ -40,9 +40,4 @@ struct blowfish_plugin_t {
plugin_t plugin;
};
-/**
- * Create a blowfish_plugin instance.
- */
-plugin_t *plugin_create();
-
#endif /** BLOWFISH_PLUGIN_H_ @}*/
diff --git a/src/libstrongswan/plugins/curl/Makefile.am b/src/libstrongswan/plugins/curl/Makefile.am
index f0a41e4ad..43718f678 100644
--- a/src/libstrongswan/plugins/curl/Makefile.am
+++ b/src/libstrongswan/plugins/curl/Makefile.am
@@ -3,9 +3,14 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
+if MONOLITHIC
+noinst_LTLIBRARIES = libstrongswan-curl.la
+else
plugin_LTLIBRARIES = libstrongswan-curl.la
+endif
+
+libstrongswan_curl_la_SOURCES = \
+ curl_plugin.h curl_plugin.c curl_fetcher.c curl_fetcher.h
-libstrongswan_curl_la_SOURCES = curl_plugin.h curl_plugin.c curl_fetcher.c curl_fetcher.h
libstrongswan_curl_la_LDFLAGS = -module -avoid-version
libstrongswan_curl_la_LIBADD = -lcurl
-
diff --git a/src/libstrongswan/plugins/curl/Makefile.in b/src/libstrongswan/plugins/curl/Makefile.in
index 32b2504fe..1952b22e7 100644
--- a/src/libstrongswan/plugins/curl/Makefile.in
+++ b/src/libstrongswan/plugins/curl/Makefile.in
@@ -72,13 +72,15 @@ am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
am__installdirs = "$(DESTDIR)$(plugindir)"
-LTLIBRARIES = $(plugin_LTLIBRARIES)
+LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_curl_la_DEPENDENCIES =
am_libstrongswan_curl_la_OBJECTS = curl_plugin.lo curl_fetcher.lo
libstrongswan_curl_la_OBJECTS = $(am_libstrongswan_curl_la_OBJECTS)
libstrongswan_curl_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
$(libstrongswan_curl_la_LDFLAGS) $(LDFLAGS) -o $@
+@MONOLITHIC_FALSE@am_libstrongswan_curl_la_rpath = -rpath $(plugindir)
+@MONOLITHIC_TRUE@am_libstrongswan_curl_la_rpath =
DEFAULT_INCLUDES = -I.@am__isrc@
depcomp = $(SHELL) $(top_srcdir)/depcomp
am__depfiles_maybe = depfiles
@@ -217,6 +219,7 @@ ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
+libhydra_plugins = @libhydra_plugins@
libstrongswan_plugins = @libstrongswan_plugins@
linux_headers = @linux_headers@
localedir = @localedir@
@@ -253,8 +256,11 @@ xml_CFLAGS = @xml_CFLAGS@
xml_LIBS = @xml_LIBS@
INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
-plugin_LTLIBRARIES = libstrongswan-curl.la
-libstrongswan_curl_la_SOURCES = curl_plugin.h curl_plugin.c curl_fetcher.c curl_fetcher.h
+@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-curl.la
+@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-curl.la
+libstrongswan_curl_la_SOURCES = \
+ curl_plugin.h curl_plugin.c curl_fetcher.c curl_fetcher.h
+
libstrongswan_curl_la_LDFLAGS = -module -avoid-version
libstrongswan_curl_la_LIBADD = -lcurl
all: all-am
@@ -291,6 +297,15 @@ $(top_srcdir)/configure: $(am__configure_deps)
$(ACLOCAL_M4): $(am__aclocal_m4_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(am__aclocal_m4_deps):
+
+clean-noinstLTLIBRARIES:
+ -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES)
+ @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES)
@$(NORMAL_INSTALL)
test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)"
@@ -323,7 +338,7 @@ clean-pluginLTLIBRARIES:
rm -f "$${dir}/so_locations"; \
done
libstrongswan-curl.la: $(libstrongswan_curl_la_OBJECTS) $(libstrongswan_curl_la_DEPENDENCIES)
- $(libstrongswan_curl_la_LINK) -rpath $(plugindir) $(libstrongswan_curl_la_OBJECTS) $(libstrongswan_curl_la_LIBADD) $(LIBS)
+ $(libstrongswan_curl_la_LINK) $(am_libstrongswan_curl_la_rpath) $(libstrongswan_curl_la_OBJECTS) $(libstrongswan_curl_la_LIBADD) $(LIBS)
mostlyclean-compile:
-rm -f *.$(OBJEXT)
@@ -477,8 +492,8 @@ maintainer-clean-generic:
@echo "it deletes files that may require special tools to rebuild."
clean: clean-am
-clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \
- mostlyclean-am
+clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \
+ clean-pluginLTLIBRARIES mostlyclean-am
distclean: distclean-am
-rm -rf ./$(DEPDIR)
@@ -549,18 +564,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES
.MAKE: install-am install-strip
.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
- clean-libtool clean-pluginLTLIBRARIES ctags distclean \
- distclean-compile distclean-generic distclean-libtool \
- distclean-tags distdir dvi dvi-am html html-am info info-am \
- install install-am install-data install-data-am install-dvi \
- install-dvi-am install-exec install-exec-am install-html \
- install-html-am install-info install-info-am install-man \
- install-pdf install-pdf-am install-pluginLTLIBRARIES \
- install-ps install-ps-am install-strip installcheck \
- installcheck-am installdirs maintainer-clean \
- maintainer-clean-generic mostlyclean mostlyclean-compile \
- mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
- tags uninstall uninstall-am uninstall-pluginLTLIBRARIES
+ clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \
+ ctags distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-pdf install-pdf-am \
+ install-pluginLTLIBRARIES install-ps install-ps-am \
+ install-strip installcheck installcheck-am installdirs \
+ maintainer-clean maintainer-clean-generic mostlyclean \
+ mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
+ pdf pdf-am ps ps-am tags uninstall uninstall-am \
+ uninstall-pluginLTLIBRARIES
# Tell versions [3.59,3.63) of GNU make to not export all variables.
diff --git a/src/libstrongswan/plugins/curl/curl_fetcher.c b/src/libstrongswan/plugins/curl/curl_fetcher.c
index 08315e932..2341c9052 100644
--- a/src/libstrongswan/plugins/curl/curl_fetcher.c
+++ b/src/libstrongswan/plugins/curl/curl_fetcher.c
@@ -84,7 +84,7 @@ METHOD(fetcher_t, fetch, status_t,
curl_easy_setopt(this->curl, CURLOPT_HTTPHEADER, this->headers);
}
- DBG2(" sending http request to '%s'...", uri);
+ DBG2(DBG_LIB, " sending http request to '%s'...", uri);
switch (curl_easy_perform(this->curl))
{
case CURLE_UNSUPPORTED_PROTOCOL:
@@ -94,7 +94,7 @@ METHOD(fetcher_t, fetch, status_t,
status = SUCCESS;
break;
default:
- DBG1("libcurl http request failed: %s", error);
+ DBG1(DBG_LIB, "libcurl http request failed: %s", error);
status = FAILED;
break;
}
diff --git a/src/libstrongswan/plugins/curl/curl_plugin.c b/src/libstrongswan/plugins/curl/curl_plugin.c
index 13dfa053f..e00fcfc03 100644
--- a/src/libstrongswan/plugins/curl/curl_plugin.c
+++ b/src/libstrongswan/plugins/curl/curl_plugin.c
@@ -48,7 +48,7 @@ static void destroy(private_curl_plugin_t *this)
/*
* see header file
*/
-plugin_t *plugin_create()
+plugin_t *curl_plugin_create()
{
CURLcode res;
private_curl_plugin_t *this = malloc_thing(private_curl_plugin_t);
@@ -69,7 +69,7 @@ plugin_t *plugin_create()
}
else
{
- DBG1("global libcurl initializing failed: %s, curl disabled",
+ DBG1(DBG_LIB, "global libcurl initializing failed: %s, curl disabled",
curl_easy_strerror(res));
}
return &this->public.plugin;
diff --git a/src/libstrongswan/plugins/curl/curl_plugin.h b/src/libstrongswan/plugins/curl/curl_plugin.h
index 1b748446b..ae17285c2 100644
--- a/src/libstrongswan/plugins/curl/curl_plugin.h
+++ b/src/libstrongswan/plugins/curl/curl_plugin.h
@@ -39,9 +39,4 @@ struct curl_plugin_t {
plugin_t plugin;
};
-/**
- * Create a curl_plugin instance.
- */
-plugin_t *plugin_create();
-
#endif /** CURL_PLUGIN_H_ @}*/
diff --git a/src/libstrongswan/plugins/des/Makefile.am b/src/libstrongswan/plugins/des/Makefile.am
index 76cfbc419..c7d9ce915 100644
--- a/src/libstrongswan/plugins/des/Makefile.am
+++ b/src/libstrongswan/plugins/des/Makefile.am
@@ -3,8 +3,13 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
+if MONOLITHIC
+noinst_LTLIBRARIES = libstrongswan-des.la
+else
plugin_LTLIBRARIES = libstrongswan-des.la
+endif
-libstrongswan_des_la_SOURCES = des_plugin.h des_plugin.c des_crypter.c des_crypter.h
-libstrongswan_des_la_LDFLAGS = -module -avoid-version
+libstrongswan_des_la_SOURCES = \
+ des_plugin.h des_plugin.c des_crypter.c des_crypter.h
+libstrongswan_des_la_LDFLAGS = -module -avoid-version
diff --git a/src/libstrongswan/plugins/des/Makefile.in b/src/libstrongswan/plugins/des/Makefile.in
index f68b4bd03..af351cfe3 100644
--- a/src/libstrongswan/plugins/des/Makefile.in
+++ b/src/libstrongswan/plugins/des/Makefile.in
@@ -72,13 +72,15 @@ am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
am__installdirs = "$(DESTDIR)$(plugindir)"
-LTLIBRARIES = $(plugin_LTLIBRARIES)
+LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_des_la_LIBADD =
am_libstrongswan_des_la_OBJECTS = des_plugin.lo des_crypter.lo
libstrongswan_des_la_OBJECTS = $(am_libstrongswan_des_la_OBJECTS)
libstrongswan_des_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
$(libstrongswan_des_la_LDFLAGS) $(LDFLAGS) -o $@
+@MONOLITHIC_FALSE@am_libstrongswan_des_la_rpath = -rpath $(plugindir)
+@MONOLITHIC_TRUE@am_libstrongswan_des_la_rpath =
DEFAULT_INCLUDES = -I.@am__isrc@
depcomp = $(SHELL) $(top_srcdir)/depcomp
am__depfiles_maybe = depfiles
@@ -217,6 +219,7 @@ ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
+libhydra_plugins = @libhydra_plugins@
libstrongswan_plugins = @libstrongswan_plugins@
linux_headers = @linux_headers@
localedir = @localedir@
@@ -253,8 +256,11 @@ xml_CFLAGS = @xml_CFLAGS@
xml_LIBS = @xml_LIBS@
INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
-plugin_LTLIBRARIES = libstrongswan-des.la
-libstrongswan_des_la_SOURCES = des_plugin.h des_plugin.c des_crypter.c des_crypter.h
+@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-des.la
+@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-des.la
+libstrongswan_des_la_SOURCES = \
+ des_plugin.h des_plugin.c des_crypter.c des_crypter.h
+
libstrongswan_des_la_LDFLAGS = -module -avoid-version
all: all-am
@@ -290,6 +296,15 @@ $(top_srcdir)/configure: $(am__configure_deps)
$(ACLOCAL_M4): $(am__aclocal_m4_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(am__aclocal_m4_deps):
+
+clean-noinstLTLIBRARIES:
+ -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES)
+ @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES)
@$(NORMAL_INSTALL)
test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)"
@@ -322,7 +337,7 @@ clean-pluginLTLIBRARIES:
rm -f "$${dir}/so_locations"; \
done
libstrongswan-des.la: $(libstrongswan_des_la_OBJECTS) $(libstrongswan_des_la_DEPENDENCIES)
- $(libstrongswan_des_la_LINK) -rpath $(plugindir) $(libstrongswan_des_la_OBJECTS) $(libstrongswan_des_la_LIBADD) $(LIBS)
+ $(libstrongswan_des_la_LINK) $(am_libstrongswan_des_la_rpath) $(libstrongswan_des_la_OBJECTS) $(libstrongswan_des_la_LIBADD) $(LIBS)
mostlyclean-compile:
-rm -f *.$(OBJEXT)
@@ -476,8 +491,8 @@ maintainer-clean-generic:
@echo "it deletes files that may require special tools to rebuild."
clean: clean-am
-clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \
- mostlyclean-am
+clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \
+ clean-pluginLTLIBRARIES mostlyclean-am
distclean: distclean-am
-rm -rf ./$(DEPDIR)
@@ -548,18 +563,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES
.MAKE: install-am install-strip
.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
- clean-libtool clean-pluginLTLIBRARIES ctags distclean \
- distclean-compile distclean-generic distclean-libtool \
- distclean-tags distdir dvi dvi-am html html-am info info-am \
- install install-am install-data install-data-am install-dvi \
- install-dvi-am install-exec install-exec-am install-html \
- install-html-am install-info install-info-am install-man \
- install-pdf install-pdf-am install-pluginLTLIBRARIES \
- install-ps install-ps-am install-strip installcheck \
- installcheck-am installdirs maintainer-clean \
- maintainer-clean-generic mostlyclean mostlyclean-compile \
- mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
- tags uninstall uninstall-am uninstall-pluginLTLIBRARIES
+ clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \
+ ctags distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-pdf install-pdf-am \
+ install-pluginLTLIBRARIES install-ps install-ps-am \
+ install-strip installcheck installcheck-am installdirs \
+ maintainer-clean maintainer-clean-generic mostlyclean \
+ mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
+ pdf pdf-am ps ps-am tags uninstall uninstall-am \
+ uninstall-pluginLTLIBRARIES
# Tell versions [3.59,3.63) of GNU make to not export all variables.
diff --git a/src/libstrongswan/plugins/des/des_plugin.c b/src/libstrongswan/plugins/des/des_plugin.c
index 649d224ab..afc82e8d4 100644
--- a/src/libstrongswan/plugins/des/des_plugin.c
+++ b/src/libstrongswan/plugins/des/des_plugin.c
@@ -44,7 +44,7 @@ static void destroy(private_des_plugin_t *this)
/*
* see header file
*/
-plugin_t *plugin_create()
+plugin_t *des_plugin_create()
{
private_des_plugin_t *this = malloc_thing(private_des_plugin_t);
diff --git a/src/libstrongswan/plugins/des/des_plugin.h b/src/libstrongswan/plugins/des/des_plugin.h
index 17df220bc..cfff420c0 100644
--- a/src/libstrongswan/plugins/des/des_plugin.h
+++ b/src/libstrongswan/plugins/des/des_plugin.h
@@ -39,9 +39,4 @@ struct des_plugin_t {
plugin_t plugin;
};
-/**
- * Create a des_plugin instance.
- */
-plugin_t *plugin_create();
-
#endif /** DES_PLUGIN_H_ @}*/
diff --git a/src/libstrongswan/plugins/dnskey/Makefile.am b/src/libstrongswan/plugins/dnskey/Makefile.am
index fd020f505..fbba95e0a 100644
--- a/src/libstrongswan/plugins/dnskey/Makefile.am
+++ b/src/libstrongswan/plugins/dnskey/Makefile.am
@@ -3,10 +3,14 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
+if MONOLITHIC
+noinst_LTLIBRARIES = libstrongswan-dnskey.la
+else
plugin_LTLIBRARIES = libstrongswan-dnskey.la
+endif
-libstrongswan_dnskey_la_SOURCES = dnskey_plugin.h dnskey_plugin.c \
- dnskey_builder.h dnskey_builder.c
+libstrongswan_dnskey_la_SOURCES = \
+ dnskey_plugin.h dnskey_plugin.c \
+ dnskey_builder.h dnskey_builder.c
libstrongswan_dnskey_la_LDFLAGS = -module -avoid-version
-
diff --git a/src/libstrongswan/plugins/dnskey/Makefile.in b/src/libstrongswan/plugins/dnskey/Makefile.in
index d7d5ff29b..1f1f90127 100644
--- a/src/libstrongswan/plugins/dnskey/Makefile.in
+++ b/src/libstrongswan/plugins/dnskey/Makefile.in
@@ -72,7 +72,7 @@ am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
am__installdirs = "$(DESTDIR)$(plugindir)"
-LTLIBRARIES = $(plugin_LTLIBRARIES)
+LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_dnskey_la_LIBADD =
am_libstrongswan_dnskey_la_OBJECTS = dnskey_plugin.lo \
dnskey_builder.lo
@@ -81,6 +81,9 @@ libstrongswan_dnskey_la_OBJECTS = \
libstrongswan_dnskey_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
$(libstrongswan_dnskey_la_LDFLAGS) $(LDFLAGS) -o $@
+@MONOLITHIC_FALSE@am_libstrongswan_dnskey_la_rpath = -rpath \
+@MONOLITHIC_FALSE@ $(plugindir)
+@MONOLITHIC_TRUE@am_libstrongswan_dnskey_la_rpath =
DEFAULT_INCLUDES = -I.@am__isrc@
depcomp = $(SHELL) $(top_srcdir)/depcomp
am__depfiles_maybe = depfiles
@@ -219,6 +222,7 @@ ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
+libhydra_plugins = @libhydra_plugins@
libstrongswan_plugins = @libstrongswan_plugins@
linux_headers = @linux_headers@
localedir = @localedir@
@@ -255,9 +259,11 @@ xml_CFLAGS = @xml_CFLAGS@
xml_LIBS = @xml_LIBS@
INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
-plugin_LTLIBRARIES = libstrongswan-dnskey.la
-libstrongswan_dnskey_la_SOURCES = dnskey_plugin.h dnskey_plugin.c \
- dnskey_builder.h dnskey_builder.c
+@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-dnskey.la
+@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-dnskey.la
+libstrongswan_dnskey_la_SOURCES = \
+ dnskey_plugin.h dnskey_plugin.c \
+ dnskey_builder.h dnskey_builder.c
libstrongswan_dnskey_la_LDFLAGS = -module -avoid-version
all: all-am
@@ -294,6 +300,15 @@ $(top_srcdir)/configure: $(am__configure_deps)
$(ACLOCAL_M4): $(am__aclocal_m4_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(am__aclocal_m4_deps):
+
+clean-noinstLTLIBRARIES:
+ -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES)
+ @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES)
@$(NORMAL_INSTALL)
test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)"
@@ -326,7 +341,7 @@ clean-pluginLTLIBRARIES:
rm -f "$${dir}/so_locations"; \
done
libstrongswan-dnskey.la: $(libstrongswan_dnskey_la_OBJECTS) $(libstrongswan_dnskey_la_DEPENDENCIES)
- $(libstrongswan_dnskey_la_LINK) -rpath $(plugindir) $(libstrongswan_dnskey_la_OBJECTS) $(libstrongswan_dnskey_la_LIBADD) $(LIBS)
+ $(libstrongswan_dnskey_la_LINK) $(am_libstrongswan_dnskey_la_rpath) $(libstrongswan_dnskey_la_OBJECTS) $(libstrongswan_dnskey_la_LIBADD) $(LIBS)
mostlyclean-compile:
-rm -f *.$(OBJEXT)
@@ -480,8 +495,8 @@ maintainer-clean-generic:
@echo "it deletes files that may require special tools to rebuild."
clean: clean-am
-clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \
- mostlyclean-am
+clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \
+ clean-pluginLTLIBRARIES mostlyclean-am
distclean: distclean-am
-rm -rf ./$(DEPDIR)
@@ -552,18 +567,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES
.MAKE: install-am install-strip
.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
- clean-libtool clean-pluginLTLIBRARIES ctags distclean \
- distclean-compile distclean-generic distclean-libtool \
- distclean-tags distdir dvi dvi-am html html-am info info-am \
- install install-am install-data install-data-am install-dvi \
- install-dvi-am install-exec install-exec-am install-html \
- install-html-am install-info install-info-am install-man \
- install-pdf install-pdf-am install-pluginLTLIBRARIES \
- install-ps install-ps-am install-strip installcheck \
- installcheck-am installdirs maintainer-clean \
- maintainer-clean-generic mostlyclean mostlyclean-compile \
- mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
- tags uninstall uninstall-am uninstall-pluginLTLIBRARIES
+ clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \
+ ctags distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-pdf install-pdf-am \
+ install-pluginLTLIBRARIES install-ps install-ps-am \
+ install-strip installcheck installcheck-am installdirs \
+ maintainer-clean maintainer-clean-generic mostlyclean \
+ mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
+ pdf pdf-am ps ps-am tags uninstall uninstall-am \
+ uninstall-pluginLTLIBRARIES
# Tell versions [3.59,3.63) of GNU make to not export all variables.
diff --git a/src/libstrongswan/plugins/dnskey/dnskey_builder.c b/src/libstrongswan/plugins/dnskey/dnskey_builder.c
index ba20e7158..ea4eb6cda 100644
--- a/src/libstrongswan/plugins/dnskey/dnskey_builder.c
+++ b/src/libstrongswan/plugins/dnskey/dnskey_builder.c
@@ -52,7 +52,7 @@ static dnskey_public_key_t *parse_public_key(chunk_t blob)
if (blob.len < sizeof(dnskey_rr_t))
{
- DBG1("DNSKEY too short");
+ DBG1(DBG_LIB, "DNSKEY too short");
return NULL;
}
blob = chunk_skip(blob, sizeof(dnskey_rr_t));
@@ -63,7 +63,8 @@ static dnskey_public_key_t *parse_public_key(chunk_t blob)
return lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_RSA,
BUILD_BLOB_DNSKEY, blob, BUILD_END);
default:
- DBG1("DNSKEY public key algorithm %d not supported", rr->algorithm);
+ DBG1(DBG_LIB, "DNSKEY public key algorithm %d not supported",
+ rr->algorithm);
return NULL;
}
}
@@ -77,7 +78,7 @@ static dnskey_public_key_t *parse_rsa_public_key(chunk_t blob)
if (blob.len < 3)
{
- DBG1("RFC 3110 public key blob too short for exponent length");
+ DBG1(DBG_LIB, "RFC 3110 public key blob too short for exponent length");
return NULL;
}
@@ -94,7 +95,7 @@ static dnskey_public_key_t *parse_rsa_public_key(chunk_t blob)
e.ptr = blob.ptr;
if (e.len >= blob.len)
{
- DBG1("RFC 3110 public key blob too short for exponent");
+ DBG1(DBG_LIB, "RFC 3110 public key blob too short for exponent");
return NULL;
}
n = chunk_skip(blob, e.len);
diff --git a/src/libstrongswan/plugins/dnskey/dnskey_plugin.c b/src/libstrongswan/plugins/dnskey/dnskey_plugin.c
index 83dbe31a1..125047b05 100644
--- a/src/libstrongswan/plugins/dnskey/dnskey_plugin.c
+++ b/src/libstrongswan/plugins/dnskey/dnskey_plugin.c
@@ -44,7 +44,7 @@ static void destroy(private_dnskey_plugin_t *this)
/*
* see header file
*/
-plugin_t *plugin_create()
+plugin_t *dnskey_plugin_create()
{
private_dnskey_plugin_t *this = malloc_thing(private_dnskey_plugin_t);
diff --git a/src/libstrongswan/plugins/dnskey/dnskey_plugin.h b/src/libstrongswan/plugins/dnskey/dnskey_plugin.h
index 17790e1c6..8b49bd6cb 100644
--- a/src/libstrongswan/plugins/dnskey/dnskey_plugin.h
+++ b/src/libstrongswan/plugins/dnskey/dnskey_plugin.h
@@ -39,9 +39,4 @@ struct dnskey_plugin_t {
plugin_t plugin;
};
-/**
- * Create a dnskey_plugin instance.
- */
-plugin_t *plugin_create();
-
#endif /** DNSKEY_PLUGIN_H_ @}*/
diff --git a/src/libstrongswan/plugins/fips_prf/Makefile.am b/src/libstrongswan/plugins/fips_prf/Makefile.am
index d9431947e..c9cf2c977 100644
--- a/src/libstrongswan/plugins/fips_prf/Makefile.am
+++ b/src/libstrongswan/plugins/fips_prf/Makefile.am
@@ -3,8 +3,13 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
+if MONOLITHIC
+noinst_LTLIBRARIES = libstrongswan-fips-prf.la
+else
plugin_LTLIBRARIES = libstrongswan-fips-prf.la
+endif
-libstrongswan_fips_prf_la_SOURCES = fips_prf_plugin.h fips_prf_plugin.c fips_prf.c fips_prf.h
-libstrongswan_fips_prf_la_LDFLAGS = -module -avoid-version
+libstrongswan_fips_prf_la_SOURCES = \
+ fips_prf_plugin.h fips_prf_plugin.c fips_prf.c fips_prf.h
+libstrongswan_fips_prf_la_LDFLAGS = -module -avoid-version
diff --git a/src/libstrongswan/plugins/fips_prf/Makefile.in b/src/libstrongswan/plugins/fips_prf/Makefile.in
index b23af6def..70553fbd8 100644
--- a/src/libstrongswan/plugins/fips_prf/Makefile.in
+++ b/src/libstrongswan/plugins/fips_prf/Makefile.in
@@ -72,7 +72,7 @@ am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
am__installdirs = "$(DESTDIR)$(plugindir)"
-LTLIBRARIES = $(plugin_LTLIBRARIES)
+LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_fips_prf_la_LIBADD =
am_libstrongswan_fips_prf_la_OBJECTS = fips_prf_plugin.lo fips_prf.lo
libstrongswan_fips_prf_la_OBJECTS = \
@@ -81,6 +81,9 @@ libstrongswan_fips_prf_la_LINK = $(LIBTOOL) --tag=CC \
$(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \
$(AM_CFLAGS) $(CFLAGS) $(libstrongswan_fips_prf_la_LDFLAGS) \
$(LDFLAGS) -o $@
+@MONOLITHIC_FALSE@am_libstrongswan_fips_prf_la_rpath = -rpath \
+@MONOLITHIC_FALSE@ $(plugindir)
+@MONOLITHIC_TRUE@am_libstrongswan_fips_prf_la_rpath =
DEFAULT_INCLUDES = -I.@am__isrc@
depcomp = $(SHELL) $(top_srcdir)/depcomp
am__depfiles_maybe = depfiles
@@ -219,6 +222,7 @@ ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
+libhydra_plugins = @libhydra_plugins@
libstrongswan_plugins = @libstrongswan_plugins@
linux_headers = @linux_headers@
localedir = @localedir@
@@ -255,8 +259,11 @@ xml_CFLAGS = @xml_CFLAGS@
xml_LIBS = @xml_LIBS@
INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
-plugin_LTLIBRARIES = libstrongswan-fips-prf.la
-libstrongswan_fips_prf_la_SOURCES = fips_prf_plugin.h fips_prf_plugin.c fips_prf.c fips_prf.h
+@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-fips-prf.la
+@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-fips-prf.la
+libstrongswan_fips_prf_la_SOURCES = \
+ fips_prf_plugin.h fips_prf_plugin.c fips_prf.c fips_prf.h
+
libstrongswan_fips_prf_la_LDFLAGS = -module -avoid-version
all: all-am
@@ -292,6 +299,15 @@ $(top_srcdir)/configure: $(am__configure_deps)
$(ACLOCAL_M4): $(am__aclocal_m4_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(am__aclocal_m4_deps):
+
+clean-noinstLTLIBRARIES:
+ -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES)
+ @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES)
@$(NORMAL_INSTALL)
test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)"
@@ -324,7 +340,7 @@ clean-pluginLTLIBRARIES:
rm -f "$${dir}/so_locations"; \
done
libstrongswan-fips-prf.la: $(libstrongswan_fips_prf_la_OBJECTS) $(libstrongswan_fips_prf_la_DEPENDENCIES)
- $(libstrongswan_fips_prf_la_LINK) -rpath $(plugindir) $(libstrongswan_fips_prf_la_OBJECTS) $(libstrongswan_fips_prf_la_LIBADD) $(LIBS)
+ $(libstrongswan_fips_prf_la_LINK) $(am_libstrongswan_fips_prf_la_rpath) $(libstrongswan_fips_prf_la_OBJECTS) $(libstrongswan_fips_prf_la_LIBADD) $(LIBS)
mostlyclean-compile:
-rm -f *.$(OBJEXT)
@@ -478,8 +494,8 @@ maintainer-clean-generic:
@echo "it deletes files that may require special tools to rebuild."
clean: clean-am
-clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \
- mostlyclean-am
+clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \
+ clean-pluginLTLIBRARIES mostlyclean-am
distclean: distclean-am
-rm -rf ./$(DEPDIR)
@@ -550,18 +566,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES
.MAKE: install-am install-strip
.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
- clean-libtool clean-pluginLTLIBRARIES ctags distclean \
- distclean-compile distclean-generic distclean-libtool \
- distclean-tags distdir dvi dvi-am html html-am info info-am \
- install install-am install-data install-data-am install-dvi \
- install-dvi-am install-exec install-exec-am install-html \
- install-html-am install-info install-info-am install-man \
- install-pdf install-pdf-am install-pluginLTLIBRARIES \
- install-ps install-ps-am install-strip installcheck \
- installcheck-am installdirs maintainer-clean \
- maintainer-clean-generic mostlyclean mostlyclean-compile \
- mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
- tags uninstall uninstall-am uninstall-pluginLTLIBRARIES
+ clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \
+ ctags distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-pdf install-pdf-am \
+ install-pluginLTLIBRARIES install-ps install-ps-am \
+ install-strip installcheck installcheck-am installdirs \
+ maintainer-clean maintainer-clean-generic mostlyclean \
+ mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
+ pdf pdf-am ps ps-am tags uninstall uninstall-am \
+ uninstall-pluginLTLIBRARIES
# Tell versions [3.59,3.63) of GNU make to not export all variables.
diff --git a/src/libstrongswan/plugins/fips_prf/fips_prf.c b/src/libstrongswan/plugins/fips_prf/fips_prf.c
index 123d2a244..ad03fa585 100644
--- a/src/libstrongswan/plugins/fips_prf/fips_prf.c
+++ b/src/libstrongswan/plugins/fips_prf/fips_prf.c
@@ -126,14 +126,14 @@ static void get_bytes(private_fips_prf_t *this, chunk_t seed, u_int8_t w[])
{
/* a. XVAL = (XKEY + XSEED j) mod 2^b */
add_mod(this->b, xkey, xseed, xval);
- DBG3("XVAL %b", xval, this->b);
+ DBG3(DBG_LIB, "XVAL %b", xval, this->b);
/* b. wi = G(t, XVAL ) */
this->g(this, chunk_create(xval, this->b), &w[i * this->b]);
- DBG3("w[%d] %b", i, &w[i * this->b], this->b);
+ DBG3(DBG_LIB, "w[%d] %b", i, &w[i * this->b], this->b);
/* c. XKEY = (1 + XKEY + wi) mod 2b */
add_mod(this->b, xkey, &w[i * this->b], sum);
add_mod(this->b, sum, one, xkey);
- DBG3("XKEY %b", xkey, this->b);
+ DBG3(DBG_LIB, "XKEY %b", xkey, this->b);
}
/* 3.3 done already, mod q not used */
diff --git a/src/libstrongswan/plugins/fips_prf/fips_prf_plugin.c b/src/libstrongswan/plugins/fips_prf/fips_prf_plugin.c
index 6c0842f81..f41265637 100644
--- a/src/libstrongswan/plugins/fips_prf/fips_prf_plugin.c
+++ b/src/libstrongswan/plugins/fips_prf/fips_prf_plugin.c
@@ -44,7 +44,7 @@ static void destroy(private_fips_prf_plugin_t *this)
/*
* see header file
*/
-plugin_t *plugin_create()
+plugin_t *fips_prf_plugin_create()
{
private_fips_prf_plugin_t *this = malloc_thing(private_fips_prf_plugin_t);
diff --git a/src/libstrongswan/plugins/fips_prf/fips_prf_plugin.h b/src/libstrongswan/plugins/fips_prf/fips_prf_plugin.h
index 8d65254ba..3bd26ad45 100644
--- a/src/libstrongswan/plugins/fips_prf/fips_prf_plugin.h
+++ b/src/libstrongswan/plugins/fips_prf/fips_prf_plugin.h
@@ -39,9 +39,4 @@ struct fips_prf_plugin_t {
plugin_t plugin;
};
-/**
- * Create a fips_prf_plugin instance.
- */
-plugin_t *plugin_create();
-
#endif /** FIPS_PRF_PLUGIN_H_ @}*/
diff --git a/src/libstrongswan/plugins/gcrypt/Makefile.am b/src/libstrongswan/plugins/gcrypt/Makefile.am
index a468a5ed9..48bf916ab 100644
--- a/src/libstrongswan/plugins/gcrypt/Makefile.am
+++ b/src/libstrongswan/plugins/gcrypt/Makefile.am
@@ -3,9 +3,14 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
+if MONOLITHIC
+noinst_LTLIBRARIES = libstrongswan-gcrypt.la
+else
plugin_LTLIBRARIES = libstrongswan-gcrypt.la
+endif
-libstrongswan_gcrypt_la_SOURCES = gcrypt_plugin.h gcrypt_plugin.c \
+libstrongswan_gcrypt_la_SOURCES = \
+ gcrypt_plugin.h gcrypt_plugin.c \
gcrypt_rsa_public_key.h gcrypt_rsa_public_key.c \
gcrypt_rsa_private_key.h gcrypt_rsa_private_key.c \
gcrypt_dh.h gcrypt_dh.c \
diff --git a/src/libstrongswan/plugins/gcrypt/Makefile.in b/src/libstrongswan/plugins/gcrypt/Makefile.in
index c3081e2dd..35829c950 100644
--- a/src/libstrongswan/plugins/gcrypt/Makefile.in
+++ b/src/libstrongswan/plugins/gcrypt/Makefile.in
@@ -72,7 +72,7 @@ am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
am__installdirs = "$(DESTDIR)$(plugindir)"
-LTLIBRARIES = $(plugin_LTLIBRARIES)
+LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_gcrypt_la_DEPENDENCIES =
am_libstrongswan_gcrypt_la_OBJECTS = gcrypt_plugin.lo \
gcrypt_rsa_public_key.lo gcrypt_rsa_private_key.lo \
@@ -82,6 +82,9 @@ libstrongswan_gcrypt_la_OBJECTS = \
libstrongswan_gcrypt_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
$(libstrongswan_gcrypt_la_LDFLAGS) $(LDFLAGS) -o $@
+@MONOLITHIC_FALSE@am_libstrongswan_gcrypt_la_rpath = -rpath \
+@MONOLITHIC_FALSE@ $(plugindir)
+@MONOLITHIC_TRUE@am_libstrongswan_gcrypt_la_rpath =
DEFAULT_INCLUDES = -I.@am__isrc@
depcomp = $(SHELL) $(top_srcdir)/depcomp
am__depfiles_maybe = depfiles
@@ -220,6 +223,7 @@ ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
+libhydra_plugins = @libhydra_plugins@
libstrongswan_plugins = @libstrongswan_plugins@
linux_headers = @linux_headers@
localedir = @localedir@
@@ -256,8 +260,10 @@ xml_CFLAGS = @xml_CFLAGS@
xml_LIBS = @xml_LIBS@
INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
-plugin_LTLIBRARIES = libstrongswan-gcrypt.la
-libstrongswan_gcrypt_la_SOURCES = gcrypt_plugin.h gcrypt_plugin.c \
+@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-gcrypt.la
+@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-gcrypt.la
+libstrongswan_gcrypt_la_SOURCES = \
+ gcrypt_plugin.h gcrypt_plugin.c \
gcrypt_rsa_public_key.h gcrypt_rsa_public_key.c \
gcrypt_rsa_private_key.h gcrypt_rsa_private_key.c \
gcrypt_dh.h gcrypt_dh.c \
@@ -301,6 +307,15 @@ $(top_srcdir)/configure: $(am__configure_deps)
$(ACLOCAL_M4): $(am__aclocal_m4_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(am__aclocal_m4_deps):
+
+clean-noinstLTLIBRARIES:
+ -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES)
+ @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES)
@$(NORMAL_INSTALL)
test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)"
@@ -333,7 +348,7 @@ clean-pluginLTLIBRARIES:
rm -f "$${dir}/so_locations"; \
done
libstrongswan-gcrypt.la: $(libstrongswan_gcrypt_la_OBJECTS) $(libstrongswan_gcrypt_la_DEPENDENCIES)
- $(libstrongswan_gcrypt_la_LINK) -rpath $(plugindir) $(libstrongswan_gcrypt_la_OBJECTS) $(libstrongswan_gcrypt_la_LIBADD) $(LIBS)
+ $(libstrongswan_gcrypt_la_LINK) $(am_libstrongswan_gcrypt_la_rpath) $(libstrongswan_gcrypt_la_OBJECTS) $(libstrongswan_gcrypt_la_LIBADD) $(LIBS)
mostlyclean-compile:
-rm -f *.$(OBJEXT)
@@ -492,8 +507,8 @@ maintainer-clean-generic:
@echo "it deletes files that may require special tools to rebuild."
clean: clean-am
-clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \
- mostlyclean-am
+clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \
+ clean-pluginLTLIBRARIES mostlyclean-am
distclean: distclean-am
-rm -rf ./$(DEPDIR)
@@ -564,18 +579,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES
.MAKE: install-am install-strip
.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
- clean-libtool clean-pluginLTLIBRARIES ctags distclean \
- distclean-compile distclean-generic distclean-libtool \
- distclean-tags distdir dvi dvi-am html html-am info info-am \
- install install-am install-data install-data-am install-dvi \
- install-dvi-am install-exec install-exec-am install-html \
- install-html-am install-info install-info-am install-man \
- install-pdf install-pdf-am install-pluginLTLIBRARIES \
- install-ps install-ps-am install-strip installcheck \
- installcheck-am installdirs maintainer-clean \
- maintainer-clean-generic mostlyclean mostlyclean-compile \
- mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
- tags uninstall uninstall-am uninstall-pluginLTLIBRARIES
+ clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \
+ ctags distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-pdf install-pdf-am \
+ install-pluginLTLIBRARIES install-ps install-ps-am \
+ install-strip installcheck installcheck-am installdirs \
+ maintainer-clean maintainer-clean-generic mostlyclean \
+ mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
+ pdf pdf-am ps ps-am tags uninstall uninstall-am \
+ uninstall-pluginLTLIBRARIES
# Tell versions [3.59,3.63) of GNU make to not export all variables.
diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_crypter.c b/src/libstrongswan/plugins/gcrypt/gcrypt_crypter.c
index 1eee6226d..5dbdde32c 100644
--- a/src/libstrongswan/plugins/gcrypt/gcrypt_crypter.c
+++ b/src/libstrongswan/plugins/gcrypt/gcrypt_crypter.c
@@ -234,7 +234,7 @@ gcrypt_crypter_t *gcrypt_crypter_create(encryption_algorithm_t algo,
err = gcry_cipher_open(&this->h, gcrypt_alg, mode, 0);
if (err)
{
- DBG1("grcy_cipher_open(%N) failed: %s",
+ DBG1(DBG_LIB, "grcy_cipher_open(%N) failed: %s",
encryption_algorithm_names, algo, gpg_strerror(err));
free(this);
return NULL;
diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_dh.c b/src/libstrongswan/plugins/gcrypt/gcrypt_dh.c
index 59c82f1e7..08d6239ad 100644
--- a/src/libstrongswan/plugins/gcrypt/gcrypt_dh.c
+++ b/src/libstrongswan/plugins/gcrypt/gcrypt_dh.c
@@ -1,4 +1,5 @@
/*
+ * Copyright (C) 2010 Tobias Brunner
* Copyright (C) 2009 Martin Willi
* Hochschule fuer Technik Rapperswil
*
@@ -19,310 +20,6 @@
#include <debug.h>
-/**
- * Modulus of Group 1 (MODP_768_BIT).
- */
-static u_int8_t group1_modulus[] = {
- 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34,
- 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,
- 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
- 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37,
- 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,
- 0xF4,0x4C,0x42,0xE9,0xA6,0x3A,0x36,0x20,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF
-};
-
-/**
- * Modulus of Group 2 (MODP_1024_BIT).
- */
-static u_int8_t group2_modulus[] = {
- 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34,
- 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,
- 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
- 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37,
- 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,
- 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
- 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6,
- 0x49,0x28,0x66,0x51,0xEC,0xE6,0x53,0x81,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF
-};
-
-/**
- * Modulus of Group 5 (MODP_1536_BIT).
- */
-static u_int8_t group5_modulus[] = {
- 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34,
- 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,
- 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
- 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37,
- 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,
- 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
- 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6,
- 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,
- 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
- 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB,
- 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,
- 0xF1,0x74,0x6C,0x08,0xCA,0x23,0x73,0x27,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF
-};
-/**
- * Modulus of Group 14 (MODP_2048_BIT).
- */
-static u_int8_t group14_modulus[] = {
- 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34,
- 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,
- 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
- 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37,
- 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,
- 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
- 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6,
- 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,
- 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
- 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB,
- 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,
- 0xF1,0x74,0x6C,0x08,0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B,
- 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,0xEC,0x07,0xA2,0x8F,
- 0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18,
- 0x39,0x95,0x49,0x7C,0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10,
- 0x15,0x72,0x8E,0x5A,0x8A,0xAC,0xAA,0x68,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF
-};
-
-/**
- * Modulus of Group 15 (MODP_3072_BIT).
- */
-static u_int8_t group15_modulus[] = {
- 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34,
- 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,
- 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
- 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37,
- 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,
- 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
- 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6,
- 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,
- 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
- 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB,
- 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,
- 0xF1,0x74,0x6C,0x08,0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B,
- 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,0xEC,0x07,0xA2,0x8F,
- 0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18,
- 0x39,0x95,0x49,0x7C,0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10,
- 0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,0x04,0x50,0x7A,0x33,
- 0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A,
- 0x8A,0xEA,0x71,0x57,0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7,
- 0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,0x4A,0x25,0x61,0x9D,
- 0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64,
- 0xD8,0x76,0x02,0x73,0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C,
- 0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,0xBA,0xD9,0x46,0xE2,
- 0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E,
- 0x4B,0x82,0xD1,0x20,0xA9,0x3A,0xD2,0xCA,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF
-};
-
-/**
- * Modulus of Group 16 (MODP_4096_BIT).
- */
-static u_int8_t group16_modulus[] = {
- 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34,
- 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,
- 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
- 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37,
- 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,
- 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
- 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6,
- 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,
- 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
- 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB,
- 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,
- 0xF1,0x74,0x6C,0x08,0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B,
- 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,0xEC,0x07,0xA2,0x8F,
- 0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18,
- 0x39,0x95,0x49,0x7C,0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10,
- 0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,0x04,0x50,0x7A,0x33,
- 0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A,
- 0x8A,0xEA,0x71,0x57,0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7,
- 0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,0x4A,0x25,0x61,0x9D,
- 0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64,
- 0xD8,0x76,0x02,0x73,0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C,
- 0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,0xBA,0xD9,0x46,0xE2,
- 0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E,
- 0x4B,0x82,0xD1,0x20,0xA9,0x21,0x08,0x01,0x1A,0x72,0x3C,0x12,0xA7,0x87,0xE6,0xD7,
- 0x88,0x71,0x9A,0x10,0xBD,0xBA,0x5B,0x26,0x99,0xC3,0x27,0x18,0x6A,0xF4,0xE2,0x3C,
- 0x1A,0x94,0x68,0x34,0xB6,0x15,0x0B,0xDA,0x25,0x83,0xE9,0xCA,0x2A,0xD4,0x4C,0xE8,
- 0xDB,0xBB,0xC2,0xDB,0x04,0xDE,0x8E,0xF9,0x2E,0x8E,0xFC,0x14,0x1F,0xBE,0xCA,0xA6,
- 0x28,0x7C,0x59,0x47,0x4E,0x6B,0xC0,0x5D,0x99,0xB2,0x96,0x4F,0xA0,0x90,0xC3,0xA2,
- 0x23,0x3B,0xA1,0x86,0x51,0x5B,0xE7,0xED,0x1F,0x61,0x29,0x70,0xCE,0xE2,0xD7,0xAF,
- 0xB8,0x1B,0xDD,0x76,0x21,0x70,0x48,0x1C,0xD0,0x06,0x91,0x27,0xD5,0xB0,0x5A,0xA9,
- 0x93,0xB4,0xEA,0x98,0x8D,0x8F,0xDD,0xC1,0x86,0xFF,0xB7,0xDC,0x90,0xA6,0xC0,0x8F,
- 0x4D,0xF4,0x35,0xC9,0x34,0x06,0x31,0x99,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF
-};
-
-/**
- * Modulus of Group 17 (MODP_6144_BIT).
- */
-static u_int8_t group17_modulus[] = {
- 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34,
- 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,
- 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
- 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37,
- 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,
- 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
- 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6,
- 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,
- 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
- 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB,
- 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,
- 0xF1,0x74,0x6C,0x08,0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B,
- 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,0xEC,0x07,0xA2,0x8F,
- 0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18,
- 0x39,0x95,0x49,0x7C,0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10,
- 0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,0x04,0x50,0x7A,0x33,
- 0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A,
- 0x8A,0xEA,0x71,0x57,0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7,
- 0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,0x4A,0x25,0x61,0x9D,
- 0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64,
- 0xD8,0x76,0x02,0x73,0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C,
- 0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,0xBA,0xD9,0x46,0xE2,
- 0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E,
- 0x4B,0x82,0xD1,0x20,0xA9,0x21,0x08,0x01,0x1A,0x72,0x3C,0x12,0xA7,0x87,0xE6,0xD7,
- 0x88,0x71,0x9A,0x10,0xBD,0xBA,0x5B,0x26,0x99,0xC3,0x27,0x18,0x6A,0xF4,0xE2,0x3C,
- 0x1A,0x94,0x68,0x34,0xB6,0x15,0x0B,0xDA,0x25,0x83,0xE9,0xCA,0x2A,0xD4,0x4C,0xE8,
- 0xDB,0xBB,0xC2,0xDB,0x04,0xDE,0x8E,0xF9,0x2E,0x8E,0xFC,0x14,0x1F,0xBE,0xCA,0xA6,
- 0x28,0x7C,0x59,0x47,0x4E,0x6B,0xC0,0x5D,0x99,0xB2,0x96,0x4F,0xA0,0x90,0xC3,0xA2,
- 0x23,0x3B,0xA1,0x86,0x51,0x5B,0xE7,0xED,0x1F,0x61,0x29,0x70,0xCE,0xE2,0xD7,0xAF,
- 0xB8,0x1B,0xDD,0x76,0x21,0x70,0x48,0x1C,0xD0,0x06,0x91,0x27,0xD5,0xB0,0x5A,0xA9,
- 0x93,0xB4,0xEA,0x98,0x8D,0x8F,0xDD,0xC1,0x86,0xFF,0xB7,0xDC,0x90,0xA6,0xC0,0x8F,
- 0x4D,0xF4,0x35,0xC9,0x34,0x02,0x84,0x92,0x36,0xC3,0xFA,0xB4,0xD2,0x7C,0x70,0x26,
- 0xC1,0xD4,0xDC,0xB2,0x60,0x26,0x46,0xDE,0xC9,0x75,0x1E,0x76,0x3D,0xBA,0x37,0xBD,
- 0xF8,0xFF,0x94,0x06,0xAD,0x9E,0x53,0x0E,0xE5,0xDB,0x38,0x2F,0x41,0x30,0x01,0xAE,
- 0xB0,0x6A,0x53,0xED,0x90,0x27,0xD8,0x31,0x17,0x97,0x27,0xB0,0x86,0x5A,0x89,0x18,
- 0xDA,0x3E,0xDB,0xEB,0xCF,0x9B,0x14,0xED,0x44,0xCE,0x6C,0xBA,0xCE,0xD4,0xBB,0x1B,
- 0xDB,0x7F,0x14,0x47,0xE6,0xCC,0x25,0x4B,0x33,0x20,0x51,0x51,0x2B,0xD7,0xAF,0x42,
- 0x6F,0xB8,0xF4,0x01,0x37,0x8C,0xD2,0xBF,0x59,0x83,0xCA,0x01,0xC6,0x4B,0x92,0xEC,
- 0xF0,0x32,0xEA,0x15,0xD1,0x72,0x1D,0x03,0xF4,0x82,0xD7,0xCE,0x6E,0x74,0xFE,0xF6,
- 0xD5,0x5E,0x70,0x2F,0x46,0x98,0x0C,0x82,0xB5,0xA8,0x40,0x31,0x90,0x0B,0x1C,0x9E,
- 0x59,0xE7,0xC9,0x7F,0xBE,0xC7,0xE8,0xF3,0x23,0xA9,0x7A,0x7E,0x36,0xCC,0x88,0xBE,
- 0x0F,0x1D,0x45,0xB7,0xFF,0x58,0x5A,0xC5,0x4B,0xD4,0x07,0xB2,0x2B,0x41,0x54,0xAA,
- 0xCC,0x8F,0x6D,0x7E,0xBF,0x48,0xE1,0xD8,0x14,0xCC,0x5E,0xD2,0x0F,0x80,0x37,0xE0,
- 0xA7,0x97,0x15,0xEE,0xF2,0x9B,0xE3,0x28,0x06,0xA1,0xD5,0x8B,0xB7,0xC5,0xDA,0x76,
- 0xF5,0x50,0xAA,0x3D,0x8A,0x1F,0xBF,0xF0,0xEB,0x19,0xCC,0xB1,0xA3,0x13,0xD5,0x5C,
- 0xDA,0x56,0xC9,0xEC,0x2E,0xF2,0x96,0x32,0x38,0x7F,0xE8,0xD7,0x6E,0x3C,0x04,0x68,
- 0x04,0x3E,0x8F,0x66,0x3F,0x48,0x60,0xEE,0x12,0xBF,0x2D,0x5B,0x0B,0x74,0x74,0xD6,
- 0xE6,0x94,0xF9,0x1E,0x6D,0xCC,0x40,0x24,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF
-};
-
-/**
- * Modulus of Group 18 (MODP_8192_BIT).
- */
-static u_int8_t group18_modulus[] = {
- 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34,
- 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,
- 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
- 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37,
- 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,
- 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
- 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6,
- 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,
- 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
- 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB,
- 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,
- 0xF1,0x74,0x6C,0x08,0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B,
- 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,0xEC,0x07,0xA2,0x8F,
- 0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18,
- 0x39,0x95,0x49,0x7C,0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10,
- 0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,0x04,0x50,0x7A,0x33,
- 0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A,
- 0x8A,0xEA,0x71,0x57,0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7,
- 0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,0x4A,0x25,0x61,0x9D,
- 0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64,
- 0xD8,0x76,0x02,0x73,0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C,
- 0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,0xBA,0xD9,0x46,0xE2,
- 0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E,
- 0x4B,0x82,0xD1,0x20,0xA9,0x21,0x08,0x01,0x1A,0x72,0x3C,0x12,0xA7,0x87,0xE6,0xD7,
- 0x88,0x71,0x9A,0x10,0xBD,0xBA,0x5B,0x26,0x99,0xC3,0x27,0x18,0x6A,0xF4,0xE2,0x3C,
- 0x1A,0x94,0x68,0x34,0xB6,0x15,0x0B,0xDA,0x25,0x83,0xE9,0xCA,0x2A,0xD4,0x4C,0xE8,
- 0xDB,0xBB,0xC2,0xDB,0x04,0xDE,0x8E,0xF9,0x2E,0x8E,0xFC,0x14,0x1F,0xBE,0xCA,0xA6,
- 0x28,0x7C,0x59,0x47,0x4E,0x6B,0xC0,0x5D,0x99,0xB2,0x96,0x4F,0xA0,0x90,0xC3,0xA2,
- 0x23,0x3B,0xA1,0x86,0x51,0x5B,0xE7,0xED,0x1F,0x61,0x29,0x70,0xCE,0xE2,0xD7,0xAF,
- 0xB8,0x1B,0xDD,0x76,0x21,0x70,0x48,0x1C,0xD0,0x06,0x91,0x27,0xD5,0xB0,0x5A,0xA9,
- 0x93,0xB4,0xEA,0x98,0x8D,0x8F,0xDD,0xC1,0x86,0xFF,0xB7,0xDC,0x90,0xA6,0xC0,0x8F,
- 0x4D,0xF4,0x35,0xC9,0x34,0x02,0x84,0x92,0x36,0xC3,0xFA,0xB4,0xD2,0x7C,0x70,0x26,
- 0xC1,0xD4,0xDC,0xB2,0x60,0x26,0x46,0xDE,0xC9,0x75,0x1E,0x76,0x3D,0xBA,0x37,0xBD,
- 0xF8,0xFF,0x94,0x06,0xAD,0x9E,0x53,0x0E,0xE5,0xDB,0x38,0x2F,0x41,0x30,0x01,0xAE,
- 0xB0,0x6A,0x53,0xED,0x90,0x27,0xD8,0x31,0x17,0x97,0x27,0xB0,0x86,0x5A,0x89,0x18,
- 0xDA,0x3E,0xDB,0xEB,0xCF,0x9B,0x14,0xED,0x44,0xCE,0x6C,0xBA,0xCE,0xD4,0xBB,0x1B,
- 0xDB,0x7F,0x14,0x47,0xE6,0xCC,0x25,0x4B,0x33,0x20,0x51,0x51,0x2B,0xD7,0xAF,0x42,
- 0x6F,0xB8,0xF4,0x01,0x37,0x8C,0xD2,0xBF,0x59,0x83,0xCA,0x01,0xC6,0x4B,0x92,0xEC,
- 0xF0,0x32,0xEA,0x15,0xD1,0x72,0x1D,0x03,0xF4,0x82,0xD7,0xCE,0x6E,0x74,0xFE,0xF6,
- 0xD5,0x5E,0x70,0x2F,0x46,0x98,0x0C,0x82,0xB5,0xA8,0x40,0x31,0x90,0x0B,0x1C,0x9E,
- 0x59,0xE7,0xC9,0x7F,0xBE,0xC7,0xE8,0xF3,0x23,0xA9,0x7A,0x7E,0x36,0xCC,0x88,0xBE,
- 0x0F,0x1D,0x45,0xB7,0xFF,0x58,0x5A,0xC5,0x4B,0xD4,0x07,0xB2,0x2B,0x41,0x54,0xAA,
- 0xCC,0x8F,0x6D,0x7E,0xBF,0x48,0xE1,0xD8,0x14,0xCC,0x5E,0xD2,0x0F,0x80,0x37,0xE0,
- 0xA7,0x97,0x15,0xEE,0xF2,0x9B,0xE3,0x28,0x06,0xA1,0xD5,0x8B,0xB7,0xC5,0xDA,0x76,
- 0xF5,0x50,0xAA,0x3D,0x8A,0x1F,0xBF,0xF0,0xEB,0x19,0xCC,0xB1,0xA3,0x13,0xD5,0x5C,
- 0xDA,0x56,0xC9,0xEC,0x2E,0xF2,0x96,0x32,0x38,0x7F,0xE8,0xD7,0x6E,0x3C,0x04,0x68,
- 0x04,0x3E,0x8F,0x66,0x3F,0x48,0x60,0xEE,0x12,0xBF,0x2D,0x5B,0x0B,0x74,0x74,0xD6,
- 0xE6,0x94,0xF9,0x1E,0x6D,0xBE,0x11,0x59,0x74,0xA3,0x92,0x6F,0x12,0xFE,0xE5,0xE4,
- 0x38,0x77,0x7C,0xB6,0xA9,0x32,0xDF,0x8C,0xD8,0xBE,0xC4,0xD0,0x73,0xB9,0x31,0xBA,
- 0x3B,0xC8,0x32,0xB6,0x8D,0x9D,0xD3,0x00,0x74,0x1F,0xA7,0xBF,0x8A,0xFC,0x47,0xED,
- 0x25,0x76,0xF6,0x93,0x6B,0xA4,0x24,0x66,0x3A,0xAB,0x63,0x9C,0x5A,0xE4,0xF5,0x68,
- 0x34,0x23,0xB4,0x74,0x2B,0xF1,0xC9,0x78,0x23,0x8F,0x16,0xCB,0xE3,0x9D,0x65,0x2D,
- 0xE3,0xFD,0xB8,0xBE,0xFC,0x84,0x8A,0xD9,0x22,0x22,0x2E,0x04,0xA4,0x03,0x7C,0x07,
- 0x13,0xEB,0x57,0xA8,0x1A,0x23,0xF0,0xC7,0x34,0x73,0xFC,0x64,0x6C,0xEA,0x30,0x6B,
- 0x4B,0xCB,0xC8,0x86,0x2F,0x83,0x85,0xDD,0xFA,0x9D,0x4B,0x7F,0xA2,0xC0,0x87,0xE8,
- 0x79,0x68,0x33,0x03,0xED,0x5B,0xDD,0x3A,0x06,0x2B,0x3C,0xF5,0xB3,0xA2,0x78,0xA6,
- 0x6D,0x2A,0x13,0xF8,0x3F,0x44,0xF8,0x2D,0xDF,0x31,0x0E,0xE0,0x74,0xAB,0x6A,0x36,
- 0x45,0x97,0xE8,0x99,0xA0,0x25,0x5D,0xC1,0x64,0xF3,0x1C,0xC5,0x08,0x46,0x85,0x1D,
- 0xF9,0xAB,0x48,0x19,0x5D,0xED,0x7E,0xA1,0xB1,0xD5,0x10,0xBD,0x7E,0xE7,0x4D,0x73,
- 0xFA,0xF3,0x6B,0xC3,0x1E,0xCF,0xA2,0x68,0x35,0x90,0x46,0xF4,0xEB,0x87,0x9F,0x92,
- 0x40,0x09,0x43,0x8B,0x48,0x1C,0x6C,0xD7,0x88,0x9A,0x00,0x2E,0xD5,0xEE,0x38,0x2B,
- 0xC9,0x19,0x0D,0xA6,0xFC,0x02,0x6E,0x47,0x95,0x58,0xE4,0x47,0x56,0x77,0xE9,0xAA,
- 0x9E,0x30,0x50,0xE2,0x76,0x56,0x94,0xDF,0xC8,0x1F,0x56,0xE8,0x80,0xB9,0x6E,0x71,
- 0x60,0xC9,0x80,0xDD,0x98,0xED,0xD3,0xDF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
-};
-
-typedef struct modulus_entry_t modulus_entry_t;
-
-/**
- * Entry of the modulus list.
- */
-struct modulus_entry_t {
- /** IKEv2 DH group */
- diffie_hellman_group_t group;
- /** modulus */
- chunk_t modulus;
- /** optimum length of exponent in bytes */
- size_t opt_len;
- /** generator */
- u_int16_t g;
-};
-
-/**
- * All supported modulus values - optimum exponent size according to RFC 3526.
- */
-static modulus_entry_t modulus_entries[] = {
- {MODP_768_BIT, {group1_modulus, sizeof(group1_modulus)}, 32, 2},
- {MODP_1024_BIT, {group2_modulus, sizeof(group2_modulus)}, 32, 2},
- {MODP_1536_BIT, {group5_modulus, sizeof(group5_modulus)}, 32, 2},
- {MODP_2048_BIT, {group14_modulus, sizeof(group14_modulus)}, 48, 2},
- {MODP_3072_BIT, {group15_modulus, sizeof(group15_modulus)}, 48, 2},
- {MODP_4096_BIT, {group16_modulus, sizeof(group16_modulus)}, 64, 2},
- {MODP_6144_BIT, {group17_modulus, sizeof(group17_modulus)}, 64, 2},
- {MODP_8192_BIT, {group18_modulus, sizeof(group18_modulus)}, 64, 2},
-};
-
-/**
- * Lookup the modulus in modulo table
- */
-static modulus_entry_t *find_entry(diffie_hellman_group_t group)
-{
- int i;
-
- for (i = 0; i < countof(modulus_entries); i++)
- {
- if (modulus_entries[i].group == group)
- {
- return &modulus_entries[i];
- }
- }
- return NULL;
-}
-
typedef struct private_gcrypt_dh_t private_gcrypt_dh_t;
/**
@@ -392,7 +89,7 @@ static void set_other_public_value(private_gcrypt_dh_t *this, chunk_t value)
err = gcry_mpi_scan(&this->yb, GCRYMPI_FMT_USG, value.ptr, value.len, NULL);
if (err)
{
- DBG1("importing mpi yb failed: %s", gpg_strerror(err));
+ DBG1(DBG_LIB, "importing mpi yb failed: %s", gpg_strerror(err));
return;
}
@@ -413,7 +110,8 @@ static void set_other_public_value(private_gcrypt_dh_t *this, chunk_t value)
}
else
{
- DBG1("public DH value verification failed: y < 2 || y > p - 1 ");
+ DBG1(DBG_LIB, "public DH value verification failed:"
+ " y < 2 || y > p - 1 ");
}
gcry_mpi_release(p_min_1);
}
@@ -485,14 +183,13 @@ static void destroy(private_gcrypt_dh_t *this)
gcrypt_dh_t *gcrypt_dh_create(diffie_hellman_group_t group)
{
private_gcrypt_dh_t *this;
- modulus_entry_t *entry;
+ diffie_hellman_params_t *params;
gcry_error_t err;
chunk_t random;
rng_t *rng;
- size_t len;
- entry = find_entry(group);
- if (!entry)
+ params = diffie_hellman_get_params(group);
+ if (!params)
{
return NULL;
}
@@ -506,53 +203,53 @@ gcrypt_dh_t *gcrypt_dh_create(diffie_hellman_group_t group)
this->public.dh.destroy = (void (*)(diffie_hellman_t *)) destroy;
this->group = group;
- this->p_len = entry->modulus.len;
+ this->p_len = params->prime.len;
err = gcry_mpi_scan(&this->p, GCRYMPI_FMT_USG,
- entry->modulus.ptr, entry->modulus.len, NULL);
+ params->prime.ptr, params->prime.len, NULL);
if (err)
{
- DBG1("importing mpi modulus failed: %s", gpg_strerror(err));
+ DBG1(DBG_LIB, "importing mpi modulus failed: %s", gpg_strerror(err));
free(this);
return NULL;
}
- if (lib->settings->get_int(lib->settings,
- "libstrongswan.dh_exponent_ansi_x9_42", TRUE))
- {
- len = this->p_len;
- }
- else
+ err = gcry_mpi_scan(&this->g, GCRYMPI_FMT_USG,
+ params->generator.ptr, params->generator.len, NULL);
+ if (err)
{
- len = entry->opt_len;
+ DBG1(DBG_LIB, "importing mpi generator failed: %s", gpg_strerror(err));
+ gcry_mpi_release(this->p);
+ free(this);
+ return NULL;
}
rng = lib->crypto->create_rng(lib->crypto, RNG_STRONG);
if (rng)
{ /* prefer external randomizer */
- rng->allocate_bytes(rng, len, &random);
+ rng->allocate_bytes(rng, params->exp_len, &random);
rng->destroy(rng);
err = gcry_mpi_scan(&this->xa, GCRYMPI_FMT_USG,
random.ptr, random.len, NULL);
chunk_clear(&random);
if (err)
{
- DBG1("importing mpi xa failed: %s", gpg_strerror(err));
+ DBG1(DBG_LIB, "importing mpi xa failed: %s", gpg_strerror(err));
gcry_mpi_release(this->p);
+ gcry_mpi_release(this->g);
free(this);
return NULL;
}
}
else
{ /* fallback to gcrypt internal randomizer, shouldn't ever happen */
- this->xa = gcry_mpi_new(len * 8);
- gcry_mpi_randomize(this->xa, len * 8, GCRY_STRONG_RANDOM);
+ this->xa = gcry_mpi_new(params->exp_len * 8);
+ gcry_mpi_randomize(this->xa, params->exp_len * 8, GCRY_STRONG_RANDOM);
}
- if (len == this->p_len)
+ if (params->exp_len == this->p_len)
{
/* achieve bitsof(p)-1 by setting MSB to 0 */
- gcry_mpi_clear_bit(this->xa, len * 8 - 1);
+ gcry_mpi_clear_bit(this->xa, params->exp_len * 8 - 1);
}
- this->g = gcry_mpi_set_ui(NULL, entry->g);
this->ya = gcry_mpi_new(this->p_len * 8);
this->yb = NULL;
this->zz = NULL;
diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_hasher.c b/src/libstrongswan/plugins/gcrypt/gcrypt_hasher.c
index d12fe11d5..39609c16c 100644
--- a/src/libstrongswan/plugins/gcrypt/gcrypt_hasher.c
+++ b/src/libstrongswan/plugins/gcrypt/gcrypt_hasher.c
@@ -137,7 +137,7 @@ gcrypt_hasher_t *gcrypt_hasher_create(hash_algorithm_t algo)
err = gcry_md_open(&this->hd, gcrypt_alg, 0);
if (err)
{
- DBG1("grcy_md_open(%N) failed: %s",
+ DBG1(DBG_LIB, "grcy_md_open(%N) failed: %s",
hash_algorithm_names, algo, gpg_strerror(err));
free(this);
return NULL;
diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c b/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c
index 8c9ea893b..039036b2c 100644
--- a/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c
+++ b/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c
@@ -118,7 +118,7 @@ static void destroy(private_gcrypt_plugin_t *this)
/*
* see header file
*/
-plugin_t *plugin_create()
+plugin_t *gcrypt_plugin_create()
{
private_gcrypt_plugin_t *this;
@@ -126,7 +126,7 @@ plugin_t *plugin_create()
if (!gcry_check_version(GCRYPT_VERSION))
{
- DBG1("libgcrypt version mismatch");
+ DBG1(DBG_LIB, "libgcrypt version mismatch");
return NULL;
}
@@ -190,6 +190,10 @@ plugin_t *plugin_create()
/* diffie hellman groups, using modp */
lib->crypto->add_dh(lib->crypto, MODP_2048_BIT,
(dh_constructor_t)gcrypt_dh_create);
+ lib->crypto->add_dh(lib->crypto, MODP_2048_224,
+ (dh_constructor_t)gcrypt_dh_create);
+ lib->crypto->add_dh(lib->crypto, MODP_2048_256,
+ (dh_constructor_t)gcrypt_dh_create);
lib->crypto->add_dh(lib->crypto, MODP_1536_BIT,
(dh_constructor_t)gcrypt_dh_create);
lib->crypto->add_dh(lib->crypto, MODP_3072_BIT,
@@ -202,6 +206,8 @@ plugin_t *plugin_create()
(dh_constructor_t)gcrypt_dh_create);
lib->crypto->add_dh(lib->crypto, MODP_1024_BIT,
(dh_constructor_t)gcrypt_dh_create);
+ lib->crypto->add_dh(lib->crypto, MODP_1024_160,
+ (dh_constructor_t)gcrypt_dh_create);
lib->crypto->add_dh(lib->crypto, MODP_768_BIT,
(dh_constructor_t)gcrypt_dh_create);
diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.h b/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.h
index f2247ed5c..05e5e7014 100644
--- a/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.h
+++ b/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.h
@@ -39,9 +39,4 @@ struct gcrypt_plugin_t {
plugin_t plugin;
};
-/**
- * Create a gcrypt_plugin instance.
- */
-plugin_t *plugin_create();
-
#endif /** GCRYPT_PLUGIN_H_ @}*/
diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c
index cd156961e..2cb13c5f3 100644
--- a/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c
+++ b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c
@@ -130,14 +130,15 @@ static bool sign_raw(private_gcrypt_rsa_private_key_t *this,
chunk_free(&em);
if (err)
{
- DBG1("building signature S-expression failed: %s", gpg_strerror(err));
+ DBG1(DBG_LIB, "building signature S-expression failed: %s",
+ gpg_strerror(err));
return FALSE;
}
err = gcry_pk_sign(&out, in, this->key);
gcry_sexp_release(in);
if (err)
{
- DBG1("creating pkcs1 signature failed: %s", gpg_strerror(err));
+ DBG1(DBG_LIB, "creating pkcs1 signature failed: %s", gpg_strerror(err));
return FALSE;
}
*signature = gcrypt_rsa_find_token(out, "s", this->key);
@@ -176,14 +177,14 @@ static bool sign_pkcs1(private_gcrypt_rsa_private_key_t *this,
chunk_free(&hash);
if (err)
{
- DBG1("building signature S-expression failed: %s", gpg_strerror(err));
+ DBG1(DBG_LIB, "building signature S-expression failed: %s", gpg_strerror(err));
return FALSE;
}
err = gcry_pk_sign(&out, in, this->key);
gcry_sexp_release(in);
if (err)
{
- DBG1("creating pkcs1 signature failed: %s", gpg_strerror(err));
+ DBG1(DBG_LIB, "creating pkcs1 signature failed: %s", gpg_strerror(err));
return FALSE;
}
*signature = gcrypt_rsa_find_token(out, "s", this->key);
@@ -222,7 +223,7 @@ static bool sign(private_gcrypt_rsa_private_key_t *this, signature_scheme_t sche
case SIGN_RSA_EMSA_PKCS1_MD5:
return sign_pkcs1(this, HASH_MD5, "md5", data, sig);
default:
- DBG1("signature scheme %N not supported in RSA",
+ DBG1(DBG_LIB, "signature scheme %N not supported in RSA",
signature_scheme_names, scheme);
return FALSE;
}
@@ -243,14 +244,15 @@ static bool decrypt(private_gcrypt_rsa_private_key_t *this,
encrypted.len, encrypted.ptr);
if (err)
{
- DBG1("building decryption S-expression failed: %s", gpg_strerror(err));
+ DBG1(DBG_LIB, "building decryption S-expression failed: %s",
+ gpg_strerror(err));
return FALSE;
}
err = gcry_pk_decrypt(&out, in, this->key);
gcry_sexp_release(in);
if (err)
{
- DBG1("decrypting pkcs1 data failed: %s", gpg_strerror(err));
+ DBG1(DBG_LIB, "decrypting pkcs1 data failed: %s", gpg_strerror(err));
return FALSE;
}
padded.ptr = (u_char*)gcry_sexp_nth_data(out, 1, &padded.len);
@@ -269,7 +271,7 @@ static bool decrypt(private_gcrypt_rsa_private_key_t *this,
gcry_sexp_release(out);
if (!pos)
{
- DBG1("decrypted data has invalid pkcs1 padding");
+ DBG1(DBG_LIB, "decrypted data has invalid pkcs1 padding");
return FALSE;
}
return TRUE;
@@ -329,7 +331,7 @@ static bool get_encoding(private_gcrypt_rsa_private_key_t *this,
chunk_clear(&cp);
chunk_clear(&cq);
chunk_clear(&cd);
- DBG1("scanning mpi for export failed: %s", gpg_strerror(err));
+ DBG1(DBG_LIB, "scanning mpi for export failed: %s", gpg_strerror(err));
return FALSE;
}
@@ -340,7 +342,7 @@ static bool get_encoding(private_gcrypt_rsa_private_key_t *this,
gcry_mpi_sub_ui(q, q, 1);
exp2 = gcry_mpi_new(gcry_pk_get_nbits(this->key));
- gcry_mpi_mod(exp1, d, q);
+ gcry_mpi_mod(exp2, d, q);
gcry_mpi_release(q);
err = gcry_mpi_aprint(GCRYMPI_FMT_USG, &cexp1.ptr, &cexp1.len, exp1)
@@ -352,7 +354,7 @@ static bool get_encoding(private_gcrypt_rsa_private_key_t *this,
if (err)
{
- DBG1("printing mpi for export failed: %s", gpg_strerror(err));
+ DBG1(DBG_LIB, "printing mpi for export failed: %s", gpg_strerror(err));
chunk_clear(&cp);
chunk_clear(&cq);
chunk_clear(&cd);
@@ -488,7 +490,7 @@ gcrypt_rsa_private_key_t *gcrypt_rsa_private_key_gen(key_type_t type,
err = gcry_sexp_build(&param, NULL, "(genkey(rsa(nbits %d)))", key_size);
if (err)
{
- DBG1("building S-expression failed: %s", gpg_strerror(err));
+ DBG1(DBG_LIB, "building S-expression failed: %s", gpg_strerror(err));
return NULL;
}
this = gcrypt_rsa_private_key_create_empty();
@@ -497,7 +499,7 @@ gcrypt_rsa_private_key_t *gcrypt_rsa_private_key_gen(key_type_t type,
if (err)
{
free(this);
- DBG1("generating RSA key failed: %s", gpg_strerror(err));
+ DBG1(DBG_LIB, "generating RSA key failed: %s", gpg_strerror(err));
return NULL;
}
return &this->public;
@@ -557,14 +559,14 @@ gcrypt_rsa_private_key_t *gcrypt_rsa_private_key_load(key_type_t type,
p.len, p.ptr, q.len, q.ptr, u.len, u.ptr);
if (err)
{
- DBG1("loading private key failed: %s", gpg_strerror(err));
+ DBG1(DBG_LIB, "loading private key failed: %s", gpg_strerror(err));
free(this);
return NULL;
}
err = gcry_pk_testkey(this->key);
if (err)
{
- DBG1("private key sanity check failed: %s", gpg_strerror(err));
+ DBG1(DBG_LIB, "private key sanity check failed: %s", gpg_strerror(err));
destroy(this);
return NULL;
}
diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_public_key.c b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_public_key.c
index e083fac94..5fd15d9a3 100644
--- a/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_public_key.c
+++ b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_public_key.c
@@ -83,14 +83,16 @@ static bool verify_raw(private_gcrypt_rsa_public_key_t *this,
chunk_free(&em);
if (err)
{
- DBG1("building data S-expression failed: %s", gpg_strerror(err));
+ DBG1(DBG_LIB, "building data S-expression failed: %s",
+ gpg_strerror(err));
return FALSE;
}
err = gcry_sexp_build(&sig, NULL, "(sig-val(rsa(s %b)))",
signature.len, signature.ptr);
if (err)
{
- DBG1("building signature S-expression failed: %s", gpg_strerror(err));
+ DBG1(DBG_LIB, "building signature S-expression failed: %s",
+ gpg_strerror(err));
gcry_sexp_release(in);
return FALSE;
}
@@ -99,7 +101,8 @@ static bool verify_raw(private_gcrypt_rsa_public_key_t *this,
gcry_sexp_release(sig);
if (err)
{
- DBG1("RSA signature verification failed: %s", gpg_strerror(err));
+ DBG1(DBG_LIB, "RSA signature verification failed: %s",
+ gpg_strerror(err));
return FALSE;
}
return TRUE;
@@ -130,7 +133,8 @@ static bool verify_pkcs1(private_gcrypt_rsa_public_key_t *this,
chunk_free(&hash);
if (err)
{
- DBG1("building data S-expression failed: %s", gpg_strerror(err));
+ DBG1(DBG_LIB, "building data S-expression failed: %s",
+ gpg_strerror(err));
return FALSE;
}
@@ -138,7 +142,8 @@ static bool verify_pkcs1(private_gcrypt_rsa_public_key_t *this,
signature.len, signature.ptr);
if (err)
{
- DBG1("building signature S-expression failed: %s", gpg_strerror(err));
+ DBG1(DBG_LIB, "building signature S-expression failed: %s",
+ gpg_strerror(err));
gcry_sexp_release(in);
return FALSE;
}
@@ -147,7 +152,8 @@ static bool verify_pkcs1(private_gcrypt_rsa_public_key_t *this,
gcry_sexp_release(sig);
if (err)
{
- DBG1("RSA signature verification failed: %s", gpg_strerror(err));
+ DBG1(DBG_LIB, "RSA signature verification failed: %s",
+ gpg_strerror(err));
return FALSE;
}
return TRUE;
@@ -184,7 +190,7 @@ static bool verify(private_gcrypt_rsa_public_key_t *this,
case SIGN_RSA_EMSA_PKCS1_SHA512:
return verify_pkcs1(this, HASH_SHA512, "sha512", data, signature);
default:
- DBG1("signature scheme %N not supported in RSA",
+ DBG1(DBG_LIB, "signature scheme %N not supported in RSA",
signature_scheme_names, scheme);
return FALSE;
}
@@ -205,14 +211,16 @@ static bool encrypt_(private_gcrypt_rsa_public_key_t *this, chunk_t plain,
plain.len, plain.ptr);
if (err)
{
- DBG1("building encryption S-expression failed: %s", gpg_strerror(err));
+ DBG1(DBG_LIB, "building encryption S-expression failed: %s",
+ gpg_strerror(err));
return FALSE;
}
err = gcry_pk_encrypt(&out, in, this->key);
gcry_sexp_release(in);
if (err)
{
- DBG1("encrypting data using pkcs1 failed: %s", gpg_strerror(err));
+ DBG1(DBG_LIB, "encrypting data using pkcs1 failed: %s",
+ gpg_strerror(err));
return FALSE;
}
*encrypted = gcrypt_rsa_find_token(out, "a", this->key);
@@ -343,7 +351,7 @@ gcrypt_rsa_public_key_t *gcrypt_rsa_public_key_load(key_type_t type,
n.len, n.ptr, e.len, e.ptr);
if (err)
{
- DBG1("loading public key failed: %s", gpg_strerror(err));
+ DBG1(DBG_LIB, "loading public key failed: %s", gpg_strerror(err));
free(this);
return NULL;
}
diff --git a/src/libstrongswan/plugins/gmp/Makefile.am b/src/libstrongswan/plugins/gmp/Makefile.am
index 1ab358328..cc8ad34db 100644
--- a/src/libstrongswan/plugins/gmp/Makefile.am
+++ b/src/libstrongswan/plugins/gmp/Makefile.am
@@ -3,13 +3,17 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
+if MONOLITHIC
+noinst_LTLIBRARIES = libstrongswan-gmp.la
+else
plugin_LTLIBRARIES = libstrongswan-gmp.la
+endif
-libstrongswan_gmp_la_SOURCES = gmp_plugin.h gmp_plugin.c \
- gmp_diffie_hellman.c gmp_diffie_hellman.h \
- gmp_rsa_private_key.c gmp_rsa_private_key.h \
- gmp_rsa_public_key.c gmp_rsa_public_key.h
+libstrongswan_gmp_la_SOURCES = \
+ gmp_plugin.h gmp_plugin.c \
+ gmp_diffie_hellman.c gmp_diffie_hellman.h \
+ gmp_rsa_private_key.c gmp_rsa_private_key.h \
+ gmp_rsa_public_key.c gmp_rsa_public_key.h
libstrongswan_gmp_la_LDFLAGS = -module -avoid-version
-libstrongswan_gmp_la_LIBADD = -lgmp
-
+libstrongswan_gmp_la_LIBADD = -lgmp
diff --git a/src/libstrongswan/plugins/gmp/Makefile.in b/src/libstrongswan/plugins/gmp/Makefile.in
index 3077ea7e8..5c1a1fcd9 100644
--- a/src/libstrongswan/plugins/gmp/Makefile.in
+++ b/src/libstrongswan/plugins/gmp/Makefile.in
@@ -72,7 +72,7 @@ am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
am__installdirs = "$(DESTDIR)$(plugindir)"
-LTLIBRARIES = $(plugin_LTLIBRARIES)
+LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_gmp_la_DEPENDENCIES =
am_libstrongswan_gmp_la_OBJECTS = gmp_plugin.lo gmp_diffie_hellman.lo \
gmp_rsa_private_key.lo gmp_rsa_public_key.lo
@@ -80,6 +80,8 @@ libstrongswan_gmp_la_OBJECTS = $(am_libstrongswan_gmp_la_OBJECTS)
libstrongswan_gmp_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
$(libstrongswan_gmp_la_LDFLAGS) $(LDFLAGS) -o $@
+@MONOLITHIC_FALSE@am_libstrongswan_gmp_la_rpath = -rpath $(plugindir)
+@MONOLITHIC_TRUE@am_libstrongswan_gmp_la_rpath =
DEFAULT_INCLUDES = -I.@am__isrc@
depcomp = $(SHELL) $(top_srcdir)/depcomp
am__depfiles_maybe = depfiles
@@ -218,6 +220,7 @@ ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
+libhydra_plugins = @libhydra_plugins@
libstrongswan_plugins = @libstrongswan_plugins@
linux_headers = @linux_headers@
localedir = @localedir@
@@ -254,11 +257,13 @@ xml_CFLAGS = @xml_CFLAGS@
xml_LIBS = @xml_LIBS@
INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
-plugin_LTLIBRARIES = libstrongswan-gmp.la
-libstrongswan_gmp_la_SOURCES = gmp_plugin.h gmp_plugin.c \
- gmp_diffie_hellman.c gmp_diffie_hellman.h \
- gmp_rsa_private_key.c gmp_rsa_private_key.h \
- gmp_rsa_public_key.c gmp_rsa_public_key.h
+@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-gmp.la
+@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-gmp.la
+libstrongswan_gmp_la_SOURCES = \
+ gmp_plugin.h gmp_plugin.c \
+ gmp_diffie_hellman.c gmp_diffie_hellman.h \
+ gmp_rsa_private_key.c gmp_rsa_private_key.h \
+ gmp_rsa_public_key.c gmp_rsa_public_key.h
libstrongswan_gmp_la_LDFLAGS = -module -avoid-version
libstrongswan_gmp_la_LIBADD = -lgmp
@@ -296,6 +301,15 @@ $(top_srcdir)/configure: $(am__configure_deps)
$(ACLOCAL_M4): $(am__aclocal_m4_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(am__aclocal_m4_deps):
+
+clean-noinstLTLIBRARIES:
+ -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES)
+ @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES)
@$(NORMAL_INSTALL)
test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)"
@@ -328,7 +342,7 @@ clean-pluginLTLIBRARIES:
rm -f "$${dir}/so_locations"; \
done
libstrongswan-gmp.la: $(libstrongswan_gmp_la_OBJECTS) $(libstrongswan_gmp_la_DEPENDENCIES)
- $(libstrongswan_gmp_la_LINK) -rpath $(plugindir) $(libstrongswan_gmp_la_OBJECTS) $(libstrongswan_gmp_la_LIBADD) $(LIBS)
+ $(libstrongswan_gmp_la_LINK) $(am_libstrongswan_gmp_la_rpath) $(libstrongswan_gmp_la_OBJECTS) $(libstrongswan_gmp_la_LIBADD) $(LIBS)
mostlyclean-compile:
-rm -f *.$(OBJEXT)
@@ -484,8 +498,8 @@ maintainer-clean-generic:
@echo "it deletes files that may require special tools to rebuild."
clean: clean-am
-clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \
- mostlyclean-am
+clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \
+ clean-pluginLTLIBRARIES mostlyclean-am
distclean: distclean-am
-rm -rf ./$(DEPDIR)
@@ -556,18 +570,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES
.MAKE: install-am install-strip
.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
- clean-libtool clean-pluginLTLIBRARIES ctags distclean \
- distclean-compile distclean-generic distclean-libtool \
- distclean-tags distdir dvi dvi-am html html-am info info-am \
- install install-am install-data install-data-am install-dvi \
- install-dvi-am install-exec install-exec-am install-html \
- install-html-am install-info install-info-am install-man \
- install-pdf install-pdf-am install-pluginLTLIBRARIES \
- install-ps install-ps-am install-strip installcheck \
- installcheck-am installdirs maintainer-clean \
- maintainer-clean-generic mostlyclean mostlyclean-compile \
- mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
- tags uninstall uninstall-am uninstall-pluginLTLIBRARIES
+ clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \
+ ctags distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-pdf install-pdf-am \
+ install-pluginLTLIBRARIES install-ps install-ps-am \
+ install-strip installcheck installcheck-am installdirs \
+ maintainer-clean maintainer-clean-generic mostlyclean \
+ mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
+ pdf pdf-am ps ps-am tags uninstall uninstall-am \
+ uninstall-pluginLTLIBRARIES
# Tell versions [3.59,3.63) of GNU make to not export all variables.
diff --git a/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c b/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c
index ea7e6fdd2..4ee449890 100644
--- a/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c
+++ b/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c
@@ -1,6 +1,7 @@
/*
* Copyright (C) 1998-2002 D. Hugh Redelmeier.
* Copyright (C) 1999, 2000, 2001 Henry Spencer.
+ * Copyright (C) 2010 Tobias Brunner
* Copyright (C) 2005-2008 Martin Willi
* Copyright (C) 2005 Jan Hutter
* Hochschule fuer Technik Rapperswil
@@ -22,309 +23,10 @@
#include <debug.h>
-
-/**
- * Modulus of Group 1 (MODP_768_BIT).
- */
-static u_int8_t group1_modulus[] = {
- 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34,
- 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,
- 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
- 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37,
- 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,
- 0xF4,0x4C,0x42,0xE9,0xA6,0x3A,0x36,0x20,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF
-};
-
-/**
- * Modulus of Group 2 (MODP_1024_BIT).
- */
-static u_int8_t group2_modulus[] = {
- 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34,
- 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,
- 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
- 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37,
- 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,
- 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
- 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6,
- 0x49,0x28,0x66,0x51,0xEC,0xE6,0x53,0x81,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF
-};
-
-/**
- * Modulus of Group 5 (MODP_1536_BIT).
- */
-static u_int8_t group5_modulus[] = {
- 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34,
- 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,
- 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
- 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37,
- 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,
- 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
- 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6,
- 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,
- 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
- 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB,
- 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,
- 0xF1,0x74,0x6C,0x08,0xCA,0x23,0x73,0x27,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF
-};
-/**
- * Modulus of Group 14 (MODP_2048_BIT).
- */
-static u_int8_t group14_modulus[] = {
- 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34,
- 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,
- 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
- 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37,
- 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,
- 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
- 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6,
- 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,
- 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
- 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB,
- 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,
- 0xF1,0x74,0x6C,0x08,0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B,
- 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,0xEC,0x07,0xA2,0x8F,
- 0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18,
- 0x39,0x95,0x49,0x7C,0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10,
- 0x15,0x72,0x8E,0x5A,0x8A,0xAC,0xAA,0x68,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF
-};
-
-/**
- * Modulus of Group 15 (MODP_3072_BIT).
- */
-static u_int8_t group15_modulus[] = {
- 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34,
- 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,
- 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
- 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37,
- 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,
- 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
- 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6,
- 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,
- 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
- 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB,
- 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,
- 0xF1,0x74,0x6C,0x08,0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B,
- 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,0xEC,0x07,0xA2,0x8F,
- 0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18,
- 0x39,0x95,0x49,0x7C,0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10,
- 0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,0x04,0x50,0x7A,0x33,
- 0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A,
- 0x8A,0xEA,0x71,0x57,0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7,
- 0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,0x4A,0x25,0x61,0x9D,
- 0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64,
- 0xD8,0x76,0x02,0x73,0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C,
- 0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,0xBA,0xD9,0x46,0xE2,
- 0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E,
- 0x4B,0x82,0xD1,0x20,0xA9,0x3A,0xD2,0xCA,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF
-};
-
-/**
- * Modulus of Group 16 (MODP_4096_BIT).
- */
-static u_int8_t group16_modulus[] = {
- 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34,
- 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,
- 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
- 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37,
- 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,
- 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
- 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6,
- 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,
- 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
- 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB,
- 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,
- 0xF1,0x74,0x6C,0x08,0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B,
- 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,0xEC,0x07,0xA2,0x8F,
- 0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18,
- 0x39,0x95,0x49,0x7C,0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10,
- 0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,0x04,0x50,0x7A,0x33,
- 0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A,
- 0x8A,0xEA,0x71,0x57,0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7,
- 0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,0x4A,0x25,0x61,0x9D,
- 0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64,
- 0xD8,0x76,0x02,0x73,0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C,
- 0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,0xBA,0xD9,0x46,0xE2,
- 0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E,
- 0x4B,0x82,0xD1,0x20,0xA9,0x21,0x08,0x01,0x1A,0x72,0x3C,0x12,0xA7,0x87,0xE6,0xD7,
- 0x88,0x71,0x9A,0x10,0xBD,0xBA,0x5B,0x26,0x99,0xC3,0x27,0x18,0x6A,0xF4,0xE2,0x3C,
- 0x1A,0x94,0x68,0x34,0xB6,0x15,0x0B,0xDA,0x25,0x83,0xE9,0xCA,0x2A,0xD4,0x4C,0xE8,
- 0xDB,0xBB,0xC2,0xDB,0x04,0xDE,0x8E,0xF9,0x2E,0x8E,0xFC,0x14,0x1F,0xBE,0xCA,0xA6,
- 0x28,0x7C,0x59,0x47,0x4E,0x6B,0xC0,0x5D,0x99,0xB2,0x96,0x4F,0xA0,0x90,0xC3,0xA2,
- 0x23,0x3B,0xA1,0x86,0x51,0x5B,0xE7,0xED,0x1F,0x61,0x29,0x70,0xCE,0xE2,0xD7,0xAF,
- 0xB8,0x1B,0xDD,0x76,0x21,0x70,0x48,0x1C,0xD0,0x06,0x91,0x27,0xD5,0xB0,0x5A,0xA9,
- 0x93,0xB4,0xEA,0x98,0x8D,0x8F,0xDD,0xC1,0x86,0xFF,0xB7,0xDC,0x90,0xA6,0xC0,0x8F,
- 0x4D,0xF4,0x35,0xC9,0x34,0x06,0x31,0x99,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF
-};
-
-/**
- * Modulus of Group 17 (MODP_6144_BIT).
- */
-static u_int8_t group17_modulus[] = {
- 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34,
- 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,
- 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
- 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37,
- 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,
- 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
- 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6,
- 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,
- 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
- 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB,
- 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,
- 0xF1,0x74,0x6C,0x08,0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B,
- 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,0xEC,0x07,0xA2,0x8F,
- 0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18,
- 0x39,0x95,0x49,0x7C,0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10,
- 0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,0x04,0x50,0x7A,0x33,
- 0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A,
- 0x8A,0xEA,0x71,0x57,0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7,
- 0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,0x4A,0x25,0x61,0x9D,
- 0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64,
- 0xD8,0x76,0x02,0x73,0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C,
- 0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,0xBA,0xD9,0x46,0xE2,
- 0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E,
- 0x4B,0x82,0xD1,0x20,0xA9,0x21,0x08,0x01,0x1A,0x72,0x3C,0x12,0xA7,0x87,0xE6,0xD7,
- 0x88,0x71,0x9A,0x10,0xBD,0xBA,0x5B,0x26,0x99,0xC3,0x27,0x18,0x6A,0xF4,0xE2,0x3C,
- 0x1A,0x94,0x68,0x34,0xB6,0x15,0x0B,0xDA,0x25,0x83,0xE9,0xCA,0x2A,0xD4,0x4C,0xE8,
- 0xDB,0xBB,0xC2,0xDB,0x04,0xDE,0x8E,0xF9,0x2E,0x8E,0xFC,0x14,0x1F,0xBE,0xCA,0xA6,
- 0x28,0x7C,0x59,0x47,0x4E,0x6B,0xC0,0x5D,0x99,0xB2,0x96,0x4F,0xA0,0x90,0xC3,0xA2,
- 0x23,0x3B,0xA1,0x86,0x51,0x5B,0xE7,0xED,0x1F,0x61,0x29,0x70,0xCE,0xE2,0xD7,0xAF,
- 0xB8,0x1B,0xDD,0x76,0x21,0x70,0x48,0x1C,0xD0,0x06,0x91,0x27,0xD5,0xB0,0x5A,0xA9,
- 0x93,0xB4,0xEA,0x98,0x8D,0x8F,0xDD,0xC1,0x86,0xFF,0xB7,0xDC,0x90,0xA6,0xC0,0x8F,
- 0x4D,0xF4,0x35,0xC9,0x34,0x02,0x84,0x92,0x36,0xC3,0xFA,0xB4,0xD2,0x7C,0x70,0x26,
- 0xC1,0xD4,0xDC,0xB2,0x60,0x26,0x46,0xDE,0xC9,0x75,0x1E,0x76,0x3D,0xBA,0x37,0xBD,
- 0xF8,0xFF,0x94,0x06,0xAD,0x9E,0x53,0x0E,0xE5,0xDB,0x38,0x2F,0x41,0x30,0x01,0xAE,
- 0xB0,0x6A,0x53,0xED,0x90,0x27,0xD8,0x31,0x17,0x97,0x27,0xB0,0x86,0x5A,0x89,0x18,
- 0xDA,0x3E,0xDB,0xEB,0xCF,0x9B,0x14,0xED,0x44,0xCE,0x6C,0xBA,0xCE,0xD4,0xBB,0x1B,
- 0xDB,0x7F,0x14,0x47,0xE6,0xCC,0x25,0x4B,0x33,0x20,0x51,0x51,0x2B,0xD7,0xAF,0x42,
- 0x6F,0xB8,0xF4,0x01,0x37,0x8C,0xD2,0xBF,0x59,0x83,0xCA,0x01,0xC6,0x4B,0x92,0xEC,
- 0xF0,0x32,0xEA,0x15,0xD1,0x72,0x1D,0x03,0xF4,0x82,0xD7,0xCE,0x6E,0x74,0xFE,0xF6,
- 0xD5,0x5E,0x70,0x2F,0x46,0x98,0x0C,0x82,0xB5,0xA8,0x40,0x31,0x90,0x0B,0x1C,0x9E,
- 0x59,0xE7,0xC9,0x7F,0xBE,0xC7,0xE8,0xF3,0x23,0xA9,0x7A,0x7E,0x36,0xCC,0x88,0xBE,
- 0x0F,0x1D,0x45,0xB7,0xFF,0x58,0x5A,0xC5,0x4B,0xD4,0x07,0xB2,0x2B,0x41,0x54,0xAA,
- 0xCC,0x8F,0x6D,0x7E,0xBF,0x48,0xE1,0xD8,0x14,0xCC,0x5E,0xD2,0x0F,0x80,0x37,0xE0,
- 0xA7,0x97,0x15,0xEE,0xF2,0x9B,0xE3,0x28,0x06,0xA1,0xD5,0x8B,0xB7,0xC5,0xDA,0x76,
- 0xF5,0x50,0xAA,0x3D,0x8A,0x1F,0xBF,0xF0,0xEB,0x19,0xCC,0xB1,0xA3,0x13,0xD5,0x5C,
- 0xDA,0x56,0xC9,0xEC,0x2E,0xF2,0x96,0x32,0x38,0x7F,0xE8,0xD7,0x6E,0x3C,0x04,0x68,
- 0x04,0x3E,0x8F,0x66,0x3F,0x48,0x60,0xEE,0x12,0xBF,0x2D,0x5B,0x0B,0x74,0x74,0xD6,
- 0xE6,0x94,0xF9,0x1E,0x6D,0xCC,0x40,0x24,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF
-};
-
-/**
- * Modulus of Group 18 (MODP_8192_BIT).
- */
-static u_int8_t group18_modulus[] = {
- 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34,
- 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,
- 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
- 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37,
- 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,
- 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
- 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6,
- 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,
- 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
- 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB,
- 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,
- 0xF1,0x74,0x6C,0x08,0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B,
- 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,0xEC,0x07,0xA2,0x8F,
- 0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18,
- 0x39,0x95,0x49,0x7C,0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10,
- 0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,0x04,0x50,0x7A,0x33,
- 0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A,
- 0x8A,0xEA,0x71,0x57,0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7,
- 0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,0x4A,0x25,0x61,0x9D,
- 0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64,
- 0xD8,0x76,0x02,0x73,0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C,
- 0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,0xBA,0xD9,0x46,0xE2,
- 0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E,
- 0x4B,0x82,0xD1,0x20,0xA9,0x21,0x08,0x01,0x1A,0x72,0x3C,0x12,0xA7,0x87,0xE6,0xD7,
- 0x88,0x71,0x9A,0x10,0xBD,0xBA,0x5B,0x26,0x99,0xC3,0x27,0x18,0x6A,0xF4,0xE2,0x3C,
- 0x1A,0x94,0x68,0x34,0xB6,0x15,0x0B,0xDA,0x25,0x83,0xE9,0xCA,0x2A,0xD4,0x4C,0xE8,
- 0xDB,0xBB,0xC2,0xDB,0x04,0xDE,0x8E,0xF9,0x2E,0x8E,0xFC,0x14,0x1F,0xBE,0xCA,0xA6,
- 0x28,0x7C,0x59,0x47,0x4E,0x6B,0xC0,0x5D,0x99,0xB2,0x96,0x4F,0xA0,0x90,0xC3,0xA2,
- 0x23,0x3B,0xA1,0x86,0x51,0x5B,0xE7,0xED,0x1F,0x61,0x29,0x70,0xCE,0xE2,0xD7,0xAF,
- 0xB8,0x1B,0xDD,0x76,0x21,0x70,0x48,0x1C,0xD0,0x06,0x91,0x27,0xD5,0xB0,0x5A,0xA9,
- 0x93,0xB4,0xEA,0x98,0x8D,0x8F,0xDD,0xC1,0x86,0xFF,0xB7,0xDC,0x90,0xA6,0xC0,0x8F,
- 0x4D,0xF4,0x35,0xC9,0x34,0x02,0x84,0x92,0x36,0xC3,0xFA,0xB4,0xD2,0x7C,0x70,0x26,
- 0xC1,0xD4,0xDC,0xB2,0x60,0x26,0x46,0xDE,0xC9,0x75,0x1E,0x76,0x3D,0xBA,0x37,0xBD,
- 0xF8,0xFF,0x94,0x06,0xAD,0x9E,0x53,0x0E,0xE5,0xDB,0x38,0x2F,0x41,0x30,0x01,0xAE,
- 0xB0,0x6A,0x53,0xED,0x90,0x27,0xD8,0x31,0x17,0x97,0x27,0xB0,0x86,0x5A,0x89,0x18,
- 0xDA,0x3E,0xDB,0xEB,0xCF,0x9B,0x14,0xED,0x44,0xCE,0x6C,0xBA,0xCE,0xD4,0xBB,0x1B,
- 0xDB,0x7F,0x14,0x47,0xE6,0xCC,0x25,0x4B,0x33,0x20,0x51,0x51,0x2B,0xD7,0xAF,0x42,
- 0x6F,0xB8,0xF4,0x01,0x37,0x8C,0xD2,0xBF,0x59,0x83,0xCA,0x01,0xC6,0x4B,0x92,0xEC,
- 0xF0,0x32,0xEA,0x15,0xD1,0x72,0x1D,0x03,0xF4,0x82,0xD7,0xCE,0x6E,0x74,0xFE,0xF6,
- 0xD5,0x5E,0x70,0x2F,0x46,0x98,0x0C,0x82,0xB5,0xA8,0x40,0x31,0x90,0x0B,0x1C,0x9E,
- 0x59,0xE7,0xC9,0x7F,0xBE,0xC7,0xE8,0xF3,0x23,0xA9,0x7A,0x7E,0x36,0xCC,0x88,0xBE,
- 0x0F,0x1D,0x45,0xB7,0xFF,0x58,0x5A,0xC5,0x4B,0xD4,0x07,0xB2,0x2B,0x41,0x54,0xAA,
- 0xCC,0x8F,0x6D,0x7E,0xBF,0x48,0xE1,0xD8,0x14,0xCC,0x5E,0xD2,0x0F,0x80,0x37,0xE0,
- 0xA7,0x97,0x15,0xEE,0xF2,0x9B,0xE3,0x28,0x06,0xA1,0xD5,0x8B,0xB7,0xC5,0xDA,0x76,
- 0xF5,0x50,0xAA,0x3D,0x8A,0x1F,0xBF,0xF0,0xEB,0x19,0xCC,0xB1,0xA3,0x13,0xD5,0x5C,
- 0xDA,0x56,0xC9,0xEC,0x2E,0xF2,0x96,0x32,0x38,0x7F,0xE8,0xD7,0x6E,0x3C,0x04,0x68,
- 0x04,0x3E,0x8F,0x66,0x3F,0x48,0x60,0xEE,0x12,0xBF,0x2D,0x5B,0x0B,0x74,0x74,0xD6,
- 0xE6,0x94,0xF9,0x1E,0x6D,0xBE,0x11,0x59,0x74,0xA3,0x92,0x6F,0x12,0xFE,0xE5,0xE4,
- 0x38,0x77,0x7C,0xB6,0xA9,0x32,0xDF,0x8C,0xD8,0xBE,0xC4,0xD0,0x73,0xB9,0x31,0xBA,
- 0x3B,0xC8,0x32,0xB6,0x8D,0x9D,0xD3,0x00,0x74,0x1F,0xA7,0xBF,0x8A,0xFC,0x47,0xED,
- 0x25,0x76,0xF6,0x93,0x6B,0xA4,0x24,0x66,0x3A,0xAB,0x63,0x9C,0x5A,0xE4,0xF5,0x68,
- 0x34,0x23,0xB4,0x74,0x2B,0xF1,0xC9,0x78,0x23,0x8F,0x16,0xCB,0xE3,0x9D,0x65,0x2D,
- 0xE3,0xFD,0xB8,0xBE,0xFC,0x84,0x8A,0xD9,0x22,0x22,0x2E,0x04,0xA4,0x03,0x7C,0x07,
- 0x13,0xEB,0x57,0xA8,0x1A,0x23,0xF0,0xC7,0x34,0x73,0xFC,0x64,0x6C,0xEA,0x30,0x6B,
- 0x4B,0xCB,0xC8,0x86,0x2F,0x83,0x85,0xDD,0xFA,0x9D,0x4B,0x7F,0xA2,0xC0,0x87,0xE8,
- 0x79,0x68,0x33,0x03,0xED,0x5B,0xDD,0x3A,0x06,0x2B,0x3C,0xF5,0xB3,0xA2,0x78,0xA6,
- 0x6D,0x2A,0x13,0xF8,0x3F,0x44,0xF8,0x2D,0xDF,0x31,0x0E,0xE0,0x74,0xAB,0x6A,0x36,
- 0x45,0x97,0xE8,0x99,0xA0,0x25,0x5D,0xC1,0x64,0xF3,0x1C,0xC5,0x08,0x46,0x85,0x1D,
- 0xF9,0xAB,0x48,0x19,0x5D,0xED,0x7E,0xA1,0xB1,0xD5,0x10,0xBD,0x7E,0xE7,0x4D,0x73,
- 0xFA,0xF3,0x6B,0xC3,0x1E,0xCF,0xA2,0x68,0x35,0x90,0x46,0xF4,0xEB,0x87,0x9F,0x92,
- 0x40,0x09,0x43,0x8B,0x48,0x1C,0x6C,0xD7,0x88,0x9A,0x00,0x2E,0xD5,0xEE,0x38,0x2B,
- 0xC9,0x19,0x0D,0xA6,0xFC,0x02,0x6E,0x47,0x95,0x58,0xE4,0x47,0x56,0x77,0xE9,0xAA,
- 0x9E,0x30,0x50,0xE2,0x76,0x56,0x94,0xDF,0xC8,0x1F,0x56,0xE8,0x80,0xB9,0x6E,0x71,
- 0x60,0xC9,0x80,0xDD,0x98,0xED,0xD3,0xDF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
-};
-
-typedef struct modulus_entry_t modulus_entry_t;
-
-/**
- * Entry of the modulus list.
- */
-struct modulus_entry_t {
- /**
- * Group number as it is defined in file transform_substructure.h.
- */
- diffie_hellman_group_t group;
-
- /**
- * Pointer to first byte of modulus (network order).
- */
- u_int8_t *modulus;
-
- /*
- * Length of modulus in bytes.
- */
- size_t modulus_len;
-
- /*
- * Optimum length of exponent in bytes.
- */
- size_t opt_exponent_len;
-
- /*
- * Generator value.
- */
- u_int16_t generator;
-};
-
-/**
- * All supported modulus values - optimum exponent size according to RFC 3526.
- */
-static modulus_entry_t modulus_entries[] = {
- {MODP_768_BIT, group1_modulus, sizeof(group1_modulus), 32, 2},
- {MODP_1024_BIT, group2_modulus, sizeof(group2_modulus), 32, 2},
- {MODP_1536_BIT, group5_modulus, sizeof(group5_modulus), 32, 2},
- {MODP_2048_BIT, group14_modulus, sizeof(group14_modulus), 48, 2},
- {MODP_3072_BIT, group15_modulus, sizeof(group15_modulus), 48, 2},
- {MODP_4096_BIT, group16_modulus, sizeof(group16_modulus), 64, 2},
- {MODP_6144_BIT, group17_modulus, sizeof(group17_modulus), 64, 2},
- {MODP_8192_BIT, group18_modulus, sizeof(group18_modulus), 64, 2},
-};
+#ifdef HAVE_MPZ_POWM_SEC
+# undef mpz_powm
+# define mpz_powm mpz_powm_sec
+#endif
typedef struct private_gmp_diffie_hellman_t private_gmp_diffie_hellman_t;
@@ -378,11 +80,6 @@ struct private_gmp_diffie_hellman_t {
size_t p_len;
/**
- * Optimal exponent length.
- */
- size_t opt_exponent_len;
-
- /**
* True if shared secret is computed and stored in my_public_value.
*/
bool computed;
@@ -409,10 +106,20 @@ static void set_other_public_value(private_gmp_diffie_hellman_t *this, chunk_t v
#ifdef EXTENDED_DH_TEST
/* 3. test if y ^ q mod p = 1, where q = (p - 1)/2. */
mpz_t q, one;
+ diffie_hellman_params_t *params;
mpz_init(q);
mpz_init(one);
- mpz_fdiv_q_2exp(q, p_min_1, 1);
+
+ params = diffie_hellman_get_params(this->group);
+ if (!params->subgroup.len)
+ {
+ mpz_fdiv_q_2exp(q, p_min_1, 1);
+ }
+ else
+ {
+ mpz_import(q, params->subgroup.len, 1, 1, 1, 0, params->subgroup.ptr);
+ }
mpz_powm(one, this->yb, q, this->p);
mpz_clear(q);
if (mpz_cmp_ui(one, 1) == 0)
@@ -422,7 +129,8 @@ static void set_other_public_value(private_gmp_diffie_hellman_t *this, chunk_t v
}
else
{
- DBG1("public DH value verification failed: y ^ q mod p != 1");
+ DBG1(DBG_LIB, "public DH value verification failed:"
+ " y ^ q mod p != 1");
}
mpz_clear(one);
#else
@@ -432,7 +140,8 @@ static void set_other_public_value(private_gmp_diffie_hellman_t *this, chunk_t v
}
else
{
- DBG1("public DH value verification failed: y < 2 || y > p - 1 ");
+ DBG1(DBG_LIB, "public DH value verification failed:"
+ " y < 2 || y > p - 1 ");
}
mpz_clear(p_min_1);
}
@@ -477,32 +186,6 @@ static diffie_hellman_group_t get_dh_group(private_gmp_diffie_hellman_t *this)
}
/**
- * Lookup the modulus in modulo table
- */
-static status_t set_modulus(private_gmp_diffie_hellman_t *this)
-{
- int i;
- status_t status = NOT_FOUND;
-
- for (i = 0; i < (sizeof(modulus_entries) / sizeof(modulus_entry_t)); i++)
- {
- if (modulus_entries[i].group == this->group)
- {
- chunk_t chunk;
- chunk.ptr = modulus_entries[i].modulus;
- chunk.len = modulus_entries[i].modulus_len;
- mpz_import(this->p, chunk.len, 1, 1, 1, 0, chunk.ptr);
- this->p_len = chunk.len;
- this->opt_exponent_len = modulus_entries[i].opt_exponent_len;
- mpz_set_ui(this->g, modulus_entries[i].generator);
- status = SUCCESS;
- break;
- }
- }
- return status;
-}
-
-/**
* Implementation of gmp_diffie_hellman_t.destroy.
*/
static void destroy(private_gmp_diffie_hellman_t *this)
@@ -521,11 +204,18 @@ static void destroy(private_gmp_diffie_hellman_t *this)
*/
gmp_diffie_hellman_t *gmp_diffie_hellman_create(diffie_hellman_group_t group)
{
- private_gmp_diffie_hellman_t *this = malloc_thing(private_gmp_diffie_hellman_t);
+ private_gmp_diffie_hellman_t *this;
+ diffie_hellman_params_t *params;
rng_t *rng;
chunk_t random;
- bool ansi_x9_42;
- size_t exponent_len;
+
+ params = diffie_hellman_get_params(group);
+ if (!params)
+ {
+ return NULL;
+ }
+
+ this = malloc_thing(private_gmp_diffie_hellman_t);
/* public functions */
this->public.dh.get_shared_secret = (status_t (*)(diffie_hellman_t *, chunk_t *)) get_shared_secret;
@@ -544,35 +234,31 @@ gmp_diffie_hellman_t *gmp_diffie_hellman_create(diffie_hellman_group_t group)
mpz_init(this->g);
this->computed = FALSE;
+ this->p_len = params->prime.len;
+ mpz_import(this->p, params->prime.len, 1, 1, 1, 0, params->prime.ptr);
+ mpz_import(this->g, params->generator.len, 1, 1, 1, 0, params->generator.ptr);
- /* find a modulus according to group */
- if (set_modulus(this) != SUCCESS)
- {
- destroy(this);
- return NULL;
- }
rng = lib->crypto->create_rng(lib->crypto, RNG_STRONG);
if (!rng)
{
- DBG1("no RNG found for quality %N", rng_quality_names, RNG_STRONG);
+ DBG1(DBG_LIB, "no RNG found for quality %N", rng_quality_names,
+ RNG_STRONG);
destroy(this);
return NULL;
}
- ansi_x9_42 = lib->settings->get_int(lib->settings,
- "libstrongswan.dh_exponent_ansi_x9_42", TRUE);
- exponent_len = (ansi_x9_42) ? this->p_len : this->opt_exponent_len;
- rng->allocate_bytes(rng, exponent_len, &random);
+ rng->allocate_bytes(rng, params->exp_len, &random);
rng->destroy(rng);
- if (ansi_x9_42)
+ if (params->exp_len == this->p_len)
{
/* achieve bitsof(p)-1 by setting MSB to 0 */
*random.ptr &= 0x7F;
}
mpz_import(this->xa, random.len, 1, 1, 1, 0, random.ptr);
chunk_free(&random);
- DBG2("size of DH secret exponent: %u bits", mpz_sizeinbase(this->xa, 2));
+ DBG2(DBG_LIB, "size of DH secret exponent: %u bits",
+ mpz_sizeinbase(this->xa, 2));
mpz_powm(this->ya, this->g, this->xa, this->p);
diff --git a/src/libstrongswan/plugins/gmp/gmp_plugin.c b/src/libstrongswan/plugins/gmp/gmp_plugin.c
index b70ff881c..fbce9732f 100644
--- a/src/libstrongswan/plugins/gmp/gmp_plugin.c
+++ b/src/libstrongswan/plugins/gmp/gmp_plugin.c
@@ -52,7 +52,7 @@ static void destroy(private_gmp_plugin_t *this)
/*
* see header file
*/
-plugin_t *plugin_create()
+plugin_t *gmp_plugin_create()
{
private_gmp_plugin_t *this = malloc_thing(private_gmp_plugin_t);
@@ -60,6 +60,10 @@ plugin_t *plugin_create()
lib->crypto->add_dh(lib->crypto, MODP_2048_BIT,
(dh_constructor_t)gmp_diffie_hellman_create);
+ lib->crypto->add_dh(lib->crypto, MODP_2048_224,
+ (dh_constructor_t)gmp_diffie_hellman_create);
+ lib->crypto->add_dh(lib->crypto, MODP_2048_256,
+ (dh_constructor_t)gmp_diffie_hellman_create);
lib->crypto->add_dh(lib->crypto, MODP_1536_BIT,
(dh_constructor_t)gmp_diffie_hellman_create);
lib->crypto->add_dh(lib->crypto, MODP_3072_BIT,
@@ -72,6 +76,8 @@ plugin_t *plugin_create()
(dh_constructor_t)gmp_diffie_hellman_create);
lib->crypto->add_dh(lib->crypto, MODP_1024_BIT,
(dh_constructor_t)gmp_diffie_hellman_create);
+ lib->crypto->add_dh(lib->crypto, MODP_1024_160,
+ (dh_constructor_t)gmp_diffie_hellman_create);
lib->crypto->add_dh(lib->crypto, MODP_768_BIT,
(dh_constructor_t)gmp_diffie_hellman_create);
diff --git a/src/libstrongswan/plugins/gmp/gmp_plugin.h b/src/libstrongswan/plugins/gmp/gmp_plugin.h
index 77d53965d..e4a87c8e2 100644
--- a/src/libstrongswan/plugins/gmp/gmp_plugin.h
+++ b/src/libstrongswan/plugins/gmp/gmp_plugin.h
@@ -39,9 +39,4 @@ struct gmp_plugin_t {
plugin_t plugin;
};
-/**
- * Create a gmp_plugin instance.
- */
-plugin_t *plugin_create();
-
#endif /** GMP_PLUGIN_H_ @}*/
diff --git a/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c b/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c
index 1829bd459..f70b0b545 100644
--- a/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c
+++ b/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c
@@ -27,6 +27,11 @@
#include <asn1/asn1.h>
#include <asn1/asn1_parser.h>
+#ifdef HAVE_MPZ_POWM_SEC
+# undef mpz_powm
+# define mpz_powm mpz_powm_sec
+#endif
+
/**
* Public exponent to use for key generation.
*/
@@ -136,7 +141,8 @@ static status_t compute_prime(private_gmp_rsa_private_key_t *this,
rng = lib->crypto->create_rng(lib->crypto, RNG_TRUE);
if (!rng)
{
- DBG1("no RNG of quality %N found", rng_quality_names, RNG_TRUE);
+ DBG1(DBG_LIB, "no RNG of quality %N found", rng_quality_names,
+ RNG_TRUE);
return FAILED;
}
@@ -144,8 +150,8 @@ static status_t compute_prime(private_gmp_rsa_private_key_t *this,
do
{
rng->allocate_bytes(rng, prime_size, &random_bytes);
- /* make sure most significant bit is set */
- random_bytes.ptr[0] = random_bytes.ptr[0] | 0x80;
+ /* make sure the two most significant bits are set */
+ random_bytes.ptr[0] = random_bytes.ptr[0] | 0xC0;
mpz_import(*prime, random_bytes.len, 1, 1, 1, 0, random_bytes.ptr);
mpz_nextprime (*prime, *prime);
@@ -243,7 +249,8 @@ static bool build_emsa_pkcs1_signature(private_gmp_rsa_private_key_t *this,
if (data.len > this->k - 3)
{
free(digestInfo.ptr);
- DBG1("unable to sign %d bytes using a %dbit key", data.len, this->k * 8);
+ DBG1(DBG_LIB, "unable to sign %d bytes using a %dbit key", data.len,
+ this->k * 8);
return FALSE;
}
@@ -304,7 +311,7 @@ static bool sign(private_gmp_rsa_private_key_t *this, signature_scheme_t scheme,
case SIGN_RSA_EMSA_PKCS1_MD5:
return build_emsa_pkcs1_signature(this, HASH_MD5, data, signature);
default:
- DBG1("signature scheme %N not supported in RSA",
+ DBG1(DBG_LIB, "signature scheme %N not supported in RSA",
signature_scheme_names, scheme);
return FALSE;
}
@@ -327,7 +334,7 @@ static bool decrypt(private_gmp_rsa_private_key_t *this, chunk_t crypto,
/* check for hex pattern 00 02 in decrypted message */
if ((*stripped.ptr++ != 0x00) || (*(stripped.ptr++) != 0x02))
{
- DBG1("incorrect padding - probably wrong rsa key");
+ DBG1(DBG_LIB, "incorrect padding - probably wrong rsa key");
goto end;
}
stripped.len -= 2;
@@ -337,7 +344,7 @@ static bool decrypt(private_gmp_rsa_private_key_t *this, chunk_t crypto,
if (stripped.len == 0)
{
- DBG1("no plaintext data");
+ DBG1(DBG_LIB, "no plaintext data");
goto end;
}
@@ -494,14 +501,14 @@ static status_t check(private_gmp_rsa_private_key_t *this)
*/
if (this->k < 512 / BITS_PER_BYTE)
{
- DBG1("key shorter than 512 bits");
+ DBG1(DBG_LIB, "key shorter than 512 bits");
return FAILED;
}
/* we picked a max modulus size to simplify buffer allocation */
if (this->k > 8192 / BITS_PER_BYTE)
{
- DBG1("key larger than 8192 bits");
+ DBG1(DBG_LIB, "key larger than 8192 bits");
return FAILED;
}
@@ -575,7 +582,7 @@ static status_t check(private_gmp_rsa_private_key_t *this)
mpz_clear_sensitive(q1);
if (status != SUCCESS)
{
- DBG1("key integrity tests failed");
+ DBG1(DBG_LIB, "key integrity tests failed");
}
return status;
}
@@ -664,7 +671,7 @@ gmp_rsa_private_key_t *gmp_rsa_private_key_gen(key_type_t type, va_list args)
mpz_mul(n, p, q); /* n = p*q */
mpz_init_set_ui(e, PUBLIC_EXPONENT); /* assign public exponent */
- mpz_init_set(m, p); /* m = p */
+ mpz_init_set(m, p); /* m = p */
mpz_sub_ui(m, m, 1); /* m = m -1 */
mpz_init_set(q1, q); /* q1 = q */
mpz_sub_ui(q1, q1, 1); /* q1 = q1 -1 */
diff --git a/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c b/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c
index 5fea69131..98dbb1922 100644
--- a/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c
+++ b/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c
@@ -28,6 +28,11 @@
#include <asn1/asn1_parser.h>
#include <crypto/hashers/hasher.h>
+#ifdef HAVE_MPZ_POWM_SEC
+# undef mpz_powm
+# define mpz_powm mpz_powm_sec
+#endif
+
typedef struct private_gmp_rsa_public_key_t private_gmp_rsa_public_key_t;
/**
@@ -178,8 +183,8 @@ static bool verify_emsa_pkcs1_signature(private_gmp_rsa_public_key_t *this,
{ /* IKEv1 signatures without digestInfo */
if (em.len != data.len)
{
- DBG1("hash size in signature is %u bytes instead of %u bytes",
- em.len, data.len);
+ DBG1(DBG_LIB, "hash size in signature is %u bytes instead of"
+ " %u bytes", em.len, data.len);
goto end;
}
success = memeq(em.ptr, data.ptr, data.len);
@@ -191,7 +196,7 @@ static bool verify_emsa_pkcs1_signature(private_gmp_rsa_public_key_t *this,
int objectID;
hash_algorithm_t hash_algorithm = HASH_UNKNOWN;
- DBG2("signature verification:");
+ DBG2(DBG_LIB, "signature verification:");
parser = asn1_parser_create(digestInfoObjects, em);
while (parser->iterate(parser, &objectID, &object))
@@ -202,7 +207,8 @@ static bool verify_emsa_pkcs1_signature(private_gmp_rsa_public_key_t *this,
{
if (em.len > object.len)
{
- DBG1("digestInfo field in signature is followed by %u surplus bytes",
+ DBG1(DBG_LIB, "digestInfo field in signature is"
+ " followed by %u surplus bytes",
em.len - object.len);
goto end_parser;
}
@@ -216,8 +222,8 @@ static bool verify_emsa_pkcs1_signature(private_gmp_rsa_public_key_t *this,
hash_algorithm = hasher_algorithm_from_oid(hash_oid);
if (hash_algorithm == HASH_UNKNOWN || hash_algorithm != algorithm)
{
- DBG1("expected hash algorithm %N, but found %N (OID: %#B)",
- hash_algorithm_names, algorithm,
+ DBG1(DBG_LIB, "expected hash algorithm %N, but found"
+ " %N (OID: %#B)", hash_algorithm_names, algorithm,
hash_algorithm_names, hash_algorithm, &object);
goto end_parser;
}
@@ -231,15 +237,16 @@ static bool verify_emsa_pkcs1_signature(private_gmp_rsa_public_key_t *this,
hasher = lib->crypto->create_hasher(lib->crypto, hash_algorithm);
if (hasher == NULL)
{
- DBG1("hash algorithm %N not supported",
+ DBG1(DBG_LIB, "hash algorithm %N not supported",
hash_algorithm_names, hash_algorithm);
goto end_parser;
}
if (object.len != hasher->get_hash_size(hasher))
{
- DBG1("hash size in signature is %u bytes instead of %u "
- "bytes", object.len, hasher->get_hash_size(hasher));
+ DBG1(DBG_LIB, "hash size in signature is %u bytes"
+ " instead of %u bytes", object.len,
+ hasher->get_hash_size(hasher));
hasher->destroy(hasher);
goto end_parser;
}
@@ -297,7 +304,7 @@ static bool verify(private_gmp_rsa_public_key_t *this, signature_scheme_t scheme
case SIGN_RSA_EMSA_PKCS1_SHA512:
return verify_emsa_pkcs1_signature(this, HASH_SHA512, data, signature);
default:
- DBG1("signature scheme %N not supported in RSA",
+ DBG1(DBG_LIB, "signature scheme %N not supported in RSA",
signature_scheme_names, scheme);
return FALSE;
}
@@ -319,7 +326,7 @@ static bool encrypt_(private_gmp_rsa_public_key_t *this, chunk_t plain,
rng = lib->crypto->create_rng(lib->crypto, RNG_WEAK);
if (rng == NULL)
{
- DBG1("no random generator available");
+ DBG1(DBG_LIB, "no random generator available");
return FALSE;
}
@@ -327,13 +334,14 @@ static bool encrypt_(private_gmp_rsa_public_key_t *this, chunk_t plain,
padding = this->k - plain.len - 3;
if (padding < MIN_PS_PADDING)
{
- DBG1("pseudo-random padding must be at least %d octets", MIN_PS_PADDING);
+ DBG1(DBG_LIB, "pseudo-random padding must be at least %d octets",
+ MIN_PS_PADDING);
return FALSE;
}
/* padding according to PKCS#1 7.2.1 (RSAES-PKCS1-v1.5-ENCRYPT) */
- DBG2("padding %u bytes of data to the rsa modulus size of %u bytes",
- plain.len, this->k);
+ DBG2(DBG_LIB, "padding %u bytes of data to the rsa modulus size of"
+ " %u bytes", plain.len, this->k);
em.len = this->k;
em.ptr = malloc(em.len);
pos = em.ptr;
@@ -359,11 +367,11 @@ static bool encrypt_(private_gmp_rsa_public_key_t *this, chunk_t plain,
/* now add the data */
memcpy(pos, plain.ptr, plain.len);
- DBG3("padded data before rsa encryption: %B", &em);
+ DBG3(DBG_LIB, "padded data before rsa encryption: %B", &em);
/* rsa encryption using PKCS#1 RSAEP */
*crypto = rsaep(this, em);
- DBG3("rsa encrypted data: %B", crypto);
+ DBG3(DBG_LIB, "rsa encrypted data: %B", crypto);
chunk_clear(&em);
return TRUE;
}
diff --git a/src/libstrongswan/plugins/hmac/Makefile.am b/src/libstrongswan/plugins/hmac/Makefile.am
index 1856cad2d..77aa0ffd1 100644
--- a/src/libstrongswan/plugins/hmac/Makefile.am
+++ b/src/libstrongswan/plugins/hmac/Makefile.am
@@ -3,9 +3,14 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
+if MONOLITHIC
+noinst_LTLIBRARIES = libstrongswan-hmac.la
+else
plugin_LTLIBRARIES = libstrongswan-hmac.la
+endif
-libstrongswan_hmac_la_SOURCES = hmac_plugin.h hmac_plugin.c hmac.h hmac.c \
+libstrongswan_hmac_la_SOURCES = \
+ hmac_plugin.h hmac_plugin.c hmac.h hmac.c \
hmac_prf.h hmac_prf.c hmac_signer.h hmac_signer.c
-libstrongswan_hmac_la_LDFLAGS = -module -avoid-version
+libstrongswan_hmac_la_LDFLAGS = -module -avoid-version
diff --git a/src/libstrongswan/plugins/hmac/Makefile.in b/src/libstrongswan/plugins/hmac/Makefile.in
index 7dc8269a4..c965f7392 100644
--- a/src/libstrongswan/plugins/hmac/Makefile.in
+++ b/src/libstrongswan/plugins/hmac/Makefile.in
@@ -72,7 +72,7 @@ am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
am__installdirs = "$(DESTDIR)$(plugindir)"
-LTLIBRARIES = $(plugin_LTLIBRARIES)
+LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_hmac_la_LIBADD =
am_libstrongswan_hmac_la_OBJECTS = hmac_plugin.lo hmac.lo hmac_prf.lo \
hmac_signer.lo
@@ -80,6 +80,8 @@ libstrongswan_hmac_la_OBJECTS = $(am_libstrongswan_hmac_la_OBJECTS)
libstrongswan_hmac_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
$(libstrongswan_hmac_la_LDFLAGS) $(LDFLAGS) -o $@
+@MONOLITHIC_FALSE@am_libstrongswan_hmac_la_rpath = -rpath $(plugindir)
+@MONOLITHIC_TRUE@am_libstrongswan_hmac_la_rpath =
DEFAULT_INCLUDES = -I.@am__isrc@
depcomp = $(SHELL) $(top_srcdir)/depcomp
am__depfiles_maybe = depfiles
@@ -218,6 +220,7 @@ ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
+libhydra_plugins = @libhydra_plugins@
libstrongswan_plugins = @libstrongswan_plugins@
linux_headers = @linux_headers@
localedir = @localedir@
@@ -254,8 +257,10 @@ xml_CFLAGS = @xml_CFLAGS@
xml_LIBS = @xml_LIBS@
INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
-plugin_LTLIBRARIES = libstrongswan-hmac.la
-libstrongswan_hmac_la_SOURCES = hmac_plugin.h hmac_plugin.c hmac.h hmac.c \
+@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-hmac.la
+@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-hmac.la
+libstrongswan_hmac_la_SOURCES = \
+ hmac_plugin.h hmac_plugin.c hmac.h hmac.c \
hmac_prf.h hmac_prf.c hmac_signer.h hmac_signer.c
libstrongswan_hmac_la_LDFLAGS = -module -avoid-version
@@ -293,6 +298,15 @@ $(top_srcdir)/configure: $(am__configure_deps)
$(ACLOCAL_M4): $(am__aclocal_m4_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(am__aclocal_m4_deps):
+
+clean-noinstLTLIBRARIES:
+ -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES)
+ @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES)
@$(NORMAL_INSTALL)
test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)"
@@ -325,7 +339,7 @@ clean-pluginLTLIBRARIES:
rm -f "$${dir}/so_locations"; \
done
libstrongswan-hmac.la: $(libstrongswan_hmac_la_OBJECTS) $(libstrongswan_hmac_la_DEPENDENCIES)
- $(libstrongswan_hmac_la_LINK) -rpath $(plugindir) $(libstrongswan_hmac_la_OBJECTS) $(libstrongswan_hmac_la_LIBADD) $(LIBS)
+ $(libstrongswan_hmac_la_LINK) $(am_libstrongswan_hmac_la_rpath) $(libstrongswan_hmac_la_OBJECTS) $(libstrongswan_hmac_la_LIBADD) $(LIBS)
mostlyclean-compile:
-rm -f *.$(OBJEXT)
@@ -481,8 +495,8 @@ maintainer-clean-generic:
@echo "it deletes files that may require special tools to rebuild."
clean: clean-am
-clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \
- mostlyclean-am
+clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \
+ clean-pluginLTLIBRARIES mostlyclean-am
distclean: distclean-am
-rm -rf ./$(DEPDIR)
@@ -553,18 +567,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES
.MAKE: install-am install-strip
.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
- clean-libtool clean-pluginLTLIBRARIES ctags distclean \
- distclean-compile distclean-generic distclean-libtool \
- distclean-tags distdir dvi dvi-am html html-am info info-am \
- install install-am install-data install-data-am install-dvi \
- install-dvi-am install-exec install-exec-am install-html \
- install-html-am install-info install-info-am install-man \
- install-pdf install-pdf-am install-pluginLTLIBRARIES \
- install-ps install-ps-am install-strip installcheck \
- installcheck-am installdirs maintainer-clean \
- maintainer-clean-generic mostlyclean mostlyclean-compile \
- mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
- tags uninstall uninstall-am uninstall-pluginLTLIBRARIES
+ clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \
+ ctags distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-pdf install-pdf-am \
+ install-pluginLTLIBRARIES install-ps install-ps-am \
+ install-strip installcheck installcheck-am installdirs \
+ maintainer-clean maintainer-clean-generic mostlyclean \
+ mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
+ pdf pdf-am ps ps-am tags uninstall uninstall-am \
+ uninstall-pluginLTLIBRARIES
# Tell versions [3.59,3.63) of GNU make to not export all variables.
diff --git a/src/libstrongswan/plugins/hmac/hmac_plugin.c b/src/libstrongswan/plugins/hmac/hmac_plugin.c
index 94332ee36..e6b9f7a74 100644
--- a/src/libstrongswan/plugins/hmac/hmac_plugin.c
+++ b/src/libstrongswan/plugins/hmac/hmac_plugin.c
@@ -47,7 +47,7 @@ static void destroy(private_hmac_plugin_t *this)
/*
* see header file
*/
-plugin_t *plugin_create()
+plugin_t *hmac_plugin_create()
{
private_hmac_plugin_t *this = malloc_thing(private_hmac_plugin_t);
diff --git a/src/libstrongswan/plugins/hmac/hmac_plugin.h b/src/libstrongswan/plugins/hmac/hmac_plugin.h
index 5c3afa7d6..03d1d1cf9 100644
--- a/src/libstrongswan/plugins/hmac/hmac_plugin.h
+++ b/src/libstrongswan/plugins/hmac/hmac_plugin.h
@@ -39,9 +39,4 @@ struct hmac_plugin_t {
plugin_t plugin;
};
-/**
- * Create a hmac_plugin instance.
- */
-plugin_t *plugin_create();
-
#endif /** HMAC_PLUGIN_H_ @}*/
diff --git a/src/libstrongswan/plugins/ldap/Makefile.am b/src/libstrongswan/plugins/ldap/Makefile.am
index 6ad073d97..2b2f7d31d 100644
--- a/src/libstrongswan/plugins/ldap/Makefile.am
+++ b/src/libstrongswan/plugins/ldap/Makefile.am
@@ -3,9 +3,14 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
+if MONOLITHIC
+noinst_LTLIBRARIES = libstrongswan-ldap.la
+else
plugin_LTLIBRARIES = libstrongswan-ldap.la
+endif
+
+libstrongswan_ldap_la_SOURCES = \
+ ldap_plugin.h ldap_plugin.c ldap_fetcher.h ldap_fetcher.c
-libstrongswan_ldap_la_SOURCES = ldap_plugin.h ldap_plugin.c ldap_fetcher.h ldap_fetcher.c
libstrongswan_ldap_la_LDFLAGS = -module -avoid-version
libstrongswan_ldap_la_LIBADD = -lldap -llber
-
diff --git a/src/libstrongswan/plugins/ldap/Makefile.in b/src/libstrongswan/plugins/ldap/Makefile.in
index d9ebb0147..3b69f082f 100644
--- a/src/libstrongswan/plugins/ldap/Makefile.in
+++ b/src/libstrongswan/plugins/ldap/Makefile.in
@@ -72,13 +72,15 @@ am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
am__installdirs = "$(DESTDIR)$(plugindir)"
-LTLIBRARIES = $(plugin_LTLIBRARIES)
+LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_ldap_la_DEPENDENCIES =
am_libstrongswan_ldap_la_OBJECTS = ldap_plugin.lo ldap_fetcher.lo
libstrongswan_ldap_la_OBJECTS = $(am_libstrongswan_ldap_la_OBJECTS)
libstrongswan_ldap_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
$(libstrongswan_ldap_la_LDFLAGS) $(LDFLAGS) -o $@
+@MONOLITHIC_FALSE@am_libstrongswan_ldap_la_rpath = -rpath $(plugindir)
+@MONOLITHIC_TRUE@am_libstrongswan_ldap_la_rpath =
DEFAULT_INCLUDES = -I.@am__isrc@
depcomp = $(SHELL) $(top_srcdir)/depcomp
am__depfiles_maybe = depfiles
@@ -217,6 +219,7 @@ ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
+libhydra_plugins = @libhydra_plugins@
libstrongswan_plugins = @libstrongswan_plugins@
linux_headers = @linux_headers@
localedir = @localedir@
@@ -253,8 +256,11 @@ xml_CFLAGS = @xml_CFLAGS@
xml_LIBS = @xml_LIBS@
INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
-plugin_LTLIBRARIES = libstrongswan-ldap.la
-libstrongswan_ldap_la_SOURCES = ldap_plugin.h ldap_plugin.c ldap_fetcher.h ldap_fetcher.c
+@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-ldap.la
+@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-ldap.la
+libstrongswan_ldap_la_SOURCES = \
+ ldap_plugin.h ldap_plugin.c ldap_fetcher.h ldap_fetcher.c
+
libstrongswan_ldap_la_LDFLAGS = -module -avoid-version
libstrongswan_ldap_la_LIBADD = -lldap -llber
all: all-am
@@ -291,6 +297,15 @@ $(top_srcdir)/configure: $(am__configure_deps)
$(ACLOCAL_M4): $(am__aclocal_m4_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(am__aclocal_m4_deps):
+
+clean-noinstLTLIBRARIES:
+ -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES)
+ @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES)
@$(NORMAL_INSTALL)
test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)"
@@ -323,7 +338,7 @@ clean-pluginLTLIBRARIES:
rm -f "$${dir}/so_locations"; \
done
libstrongswan-ldap.la: $(libstrongswan_ldap_la_OBJECTS) $(libstrongswan_ldap_la_DEPENDENCIES)
- $(libstrongswan_ldap_la_LINK) -rpath $(plugindir) $(libstrongswan_ldap_la_OBJECTS) $(libstrongswan_ldap_la_LIBADD) $(LIBS)
+ $(libstrongswan_ldap_la_LINK) $(am_libstrongswan_ldap_la_rpath) $(libstrongswan_ldap_la_OBJECTS) $(libstrongswan_ldap_la_LIBADD) $(LIBS)
mostlyclean-compile:
-rm -f *.$(OBJEXT)
@@ -477,8 +492,8 @@ maintainer-clean-generic:
@echo "it deletes files that may require special tools to rebuild."
clean: clean-am
-clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \
- mostlyclean-am
+clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \
+ clean-pluginLTLIBRARIES mostlyclean-am
distclean: distclean-am
-rm -rf ./$(DEPDIR)
@@ -549,18 +564,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES
.MAKE: install-am install-strip
.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
- clean-libtool clean-pluginLTLIBRARIES ctags distclean \
- distclean-compile distclean-generic distclean-libtool \
- distclean-tags distdir dvi dvi-am html html-am info info-am \
- install install-am install-data install-data-am install-dvi \
- install-dvi-am install-exec install-exec-am install-html \
- install-html-am install-info install-info-am install-man \
- install-pdf install-pdf-am install-pluginLTLIBRARIES \
- install-ps install-ps-am install-strip installcheck \
- installcheck-am installdirs maintainer-clean \
- maintainer-clean-generic mostlyclean mostlyclean-compile \
- mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
- tags uninstall uninstall-am uninstall-pluginLTLIBRARIES
+ clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \
+ ctags distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-pdf install-pdf-am \
+ install-pluginLTLIBRARIES install-ps install-ps-am \
+ install-strip installcheck installcheck-am installdirs \
+ maintainer-clean maintainer-clean-generic mostlyclean \
+ mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
+ pdf pdf-am ps ps-am tags uninstall uninstall-am \
+ uninstall-pluginLTLIBRARIES
# Tell versions [3.59,3.63) of GNU make to not export all variables.
diff --git a/src/libstrongswan/plugins/ldap/ldap_fetcher.c b/src/libstrongswan/plugins/ldap/ldap_fetcher.c
index ce5b7d56b..59e655cd5 100644
--- a/src/libstrongswan/plugins/ldap/ldap_fetcher.c
+++ b/src/libstrongswan/plugins/ldap/ldap_fetcher.c
@@ -73,27 +73,27 @@ static bool parse(LDAP *ldap, LDAPMessage *result, chunk_t *response)
}
else
{
- DBG1("LDAP response contains no values");
+ DBG1(DBG_LIB, "LDAP response contains no values");
}
ldap_value_free_len(values);
}
else
{
- DBG1("getting LDAP values failed: %s",
+ DBG1(DBG_LIB, "getting LDAP values failed: %s",
ldap_err2string(ldap_result2error(ldap, entry, 0)));
}
ldap_memfree(attr);
}
else
{
- DBG1("finding LDAP attributes failed: %s",
+ DBG1(DBG_LIB, "finding LDAP attributes failed: %s",
ldap_err2string(ldap_result2error(ldap, entry, 0)));
}
ber_free(ber, 0);
}
else
{
- DBG1("finding first LDAP entry failed: %s",
+ DBG1(DBG_LIB, "finding first LDAP entry failed: %s",
ldap_err2string(ldap_result2error(ldap, entry, 0)));
}
return success;
@@ -122,7 +122,7 @@ static status_t fetch(private_ldap_fetcher_t *this, char *url,
ldap = ldap_init(lurl->lud_host, lurl->lud_port);
if (ldap == NULL)
{
- DBG1("LDAP initialization failed: %s", strerror(errno));
+ DBG1(DBG_LIB, "LDAP initialization failed: %s", strerror(errno));
ldap_free_urldesc(lurl);
return FAILED;
}
@@ -133,7 +133,7 @@ static status_t fetch(private_ldap_fetcher_t *this, char *url,
ldap_set_option(ldap, LDAP_OPT_PROTOCOL_VERSION, &ldap_version);
ldap_set_option(ldap, LDAP_OPT_NETWORK_TIMEOUT, &timeout);
- DBG2("sending LDAP request to '%s'...", url);
+ DBG2(DBG_LIB, "sending LDAP request to '%s'...", url);
res = ldap_simple_bind_s(ldap, NULL, NULL);
if (res == LDAP_SUCCESS)
@@ -152,12 +152,13 @@ static status_t fetch(private_ldap_fetcher_t *this, char *url,
}
else
{
- DBG1("LDAP search failed: %s", ldap_err2string(res));
+ DBG1(DBG_LIB, "LDAP search failed: %s", ldap_err2string(res));
}
}
else
{
- DBG1("LDAP bind to '%s' failed: %s", url, ldap_err2string(res));
+ DBG1(DBG_LIB, "LDAP bind to '%s' failed: %s", url,
+ ldap_err2string(res));
}
ldap_unbind_s(ldap);
ldap_free_urldesc(lurl);
diff --git a/src/libstrongswan/plugins/ldap/ldap_plugin.c b/src/libstrongswan/plugins/ldap/ldap_plugin.c
index a31308bbf..372ac9f93 100644
--- a/src/libstrongswan/plugins/ldap/ldap_plugin.c
+++ b/src/libstrongswan/plugins/ldap/ldap_plugin.c
@@ -44,7 +44,7 @@ static void destroy(private_ldap_plugin_t *this)
/*
* see header file
*/
-plugin_t *plugin_create()
+plugin_t *ldap_plugin_create()
{
private_ldap_plugin_t *this = malloc_thing(private_ldap_plugin_t);
diff --git a/src/libstrongswan/plugins/ldap/ldap_plugin.h b/src/libstrongswan/plugins/ldap/ldap_plugin.h
index de4ff3422..e4fcebaa3 100644
--- a/src/libstrongswan/plugins/ldap/ldap_plugin.h
+++ b/src/libstrongswan/plugins/ldap/ldap_plugin.h
@@ -39,9 +39,4 @@ struct ldap_plugin_t {
plugin_t plugin;
};
-/**
- * Create a ldap_plugin instance.
- */
-plugin_t *plugin_create();
-
#endif /** LDAP_PLUGIN_H_ @}*/
diff --git a/src/libstrongswan/plugins/md4/Makefile.am b/src/libstrongswan/plugins/md4/Makefile.am
index a47da2e8e..904af70c0 100644
--- a/src/libstrongswan/plugins/md4/Makefile.am
+++ b/src/libstrongswan/plugins/md4/Makefile.am
@@ -3,8 +3,13 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
+if MONOLITHIC
+noinst_LTLIBRARIES = libstrongswan-md4.la
+else
plugin_LTLIBRARIES = libstrongswan-md4.la
+endif
-libstrongswan_md4_la_SOURCES = md4_plugin.h md4_plugin.c md4_hasher.c md4_hasher.h
-libstrongswan_md4_la_LDFLAGS = -module -avoid-version
+libstrongswan_md4_la_SOURCES = \
+ md4_plugin.h md4_plugin.c md4_hasher.c md4_hasher.h
+libstrongswan_md4_la_LDFLAGS = -module -avoid-version
diff --git a/src/libstrongswan/plugins/md4/Makefile.in b/src/libstrongswan/plugins/md4/Makefile.in
index 6014ddcf8..cb3307bbc 100644
--- a/src/libstrongswan/plugins/md4/Makefile.in
+++ b/src/libstrongswan/plugins/md4/Makefile.in
@@ -72,13 +72,15 @@ am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
am__installdirs = "$(DESTDIR)$(plugindir)"
-LTLIBRARIES = $(plugin_LTLIBRARIES)
+LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_md4_la_LIBADD =
am_libstrongswan_md4_la_OBJECTS = md4_plugin.lo md4_hasher.lo
libstrongswan_md4_la_OBJECTS = $(am_libstrongswan_md4_la_OBJECTS)
libstrongswan_md4_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
$(libstrongswan_md4_la_LDFLAGS) $(LDFLAGS) -o $@
+@MONOLITHIC_FALSE@am_libstrongswan_md4_la_rpath = -rpath $(plugindir)
+@MONOLITHIC_TRUE@am_libstrongswan_md4_la_rpath =
DEFAULT_INCLUDES = -I.@am__isrc@
depcomp = $(SHELL) $(top_srcdir)/depcomp
am__depfiles_maybe = depfiles
@@ -217,6 +219,7 @@ ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
+libhydra_plugins = @libhydra_plugins@
libstrongswan_plugins = @libstrongswan_plugins@
linux_headers = @linux_headers@
localedir = @localedir@
@@ -253,8 +256,11 @@ xml_CFLAGS = @xml_CFLAGS@
xml_LIBS = @xml_LIBS@
INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
-plugin_LTLIBRARIES = libstrongswan-md4.la
-libstrongswan_md4_la_SOURCES = md4_plugin.h md4_plugin.c md4_hasher.c md4_hasher.h
+@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-md4.la
+@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-md4.la
+libstrongswan_md4_la_SOURCES = \
+ md4_plugin.h md4_plugin.c md4_hasher.c md4_hasher.h
+
libstrongswan_md4_la_LDFLAGS = -module -avoid-version
all: all-am
@@ -290,6 +296,15 @@ $(top_srcdir)/configure: $(am__configure_deps)
$(ACLOCAL_M4): $(am__aclocal_m4_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(am__aclocal_m4_deps):
+
+clean-noinstLTLIBRARIES:
+ -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES)
+ @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES)
@$(NORMAL_INSTALL)
test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)"
@@ -322,7 +337,7 @@ clean-pluginLTLIBRARIES:
rm -f "$${dir}/so_locations"; \
done
libstrongswan-md4.la: $(libstrongswan_md4_la_OBJECTS) $(libstrongswan_md4_la_DEPENDENCIES)
- $(libstrongswan_md4_la_LINK) -rpath $(plugindir) $(libstrongswan_md4_la_OBJECTS) $(libstrongswan_md4_la_LIBADD) $(LIBS)
+ $(libstrongswan_md4_la_LINK) $(am_libstrongswan_md4_la_rpath) $(libstrongswan_md4_la_OBJECTS) $(libstrongswan_md4_la_LIBADD) $(LIBS)
mostlyclean-compile:
-rm -f *.$(OBJEXT)
@@ -476,8 +491,8 @@ maintainer-clean-generic:
@echo "it deletes files that may require special tools to rebuild."
clean: clean-am
-clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \
- mostlyclean-am
+clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \
+ clean-pluginLTLIBRARIES mostlyclean-am
distclean: distclean-am
-rm -rf ./$(DEPDIR)
@@ -548,18 +563,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES
.MAKE: install-am install-strip
.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
- clean-libtool clean-pluginLTLIBRARIES ctags distclean \
- distclean-compile distclean-generic distclean-libtool \
- distclean-tags distdir dvi dvi-am html html-am info info-am \
- install install-am install-data install-data-am install-dvi \
- install-dvi-am install-exec install-exec-am install-html \
- install-html-am install-info install-info-am install-man \
- install-pdf install-pdf-am install-pluginLTLIBRARIES \
- install-ps install-ps-am install-strip installcheck \
- installcheck-am installdirs maintainer-clean \
- maintainer-clean-generic mostlyclean mostlyclean-compile \
- mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
- tags uninstall uninstall-am uninstall-pluginLTLIBRARIES
+ clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \
+ ctags distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-pdf install-pdf-am \
+ install-pluginLTLIBRARIES install-ps install-ps-am \
+ install-strip installcheck installcheck-am installdirs \
+ maintainer-clean maintainer-clean-generic mostlyclean \
+ mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
+ pdf pdf-am ps ps-am tags uninstall uninstall-am \
+ uninstall-pluginLTLIBRARIES
# Tell versions [3.59,3.63) of GNU make to not export all variables.
diff --git a/src/libstrongswan/plugins/md4/md4_plugin.c b/src/libstrongswan/plugins/md4/md4_plugin.c
index ba4041d2d..38ae0d4bc 100644
--- a/src/libstrongswan/plugins/md4/md4_plugin.c
+++ b/src/libstrongswan/plugins/md4/md4_plugin.c
@@ -44,7 +44,7 @@ static void destroy(private_md4_plugin_t *this)
/*
* see header file
*/
-plugin_t *plugin_create()
+plugin_t *md4_plugin_create()
{
private_md4_plugin_t *this = malloc_thing(private_md4_plugin_t);
diff --git a/src/libstrongswan/plugins/md4/md4_plugin.h b/src/libstrongswan/plugins/md4/md4_plugin.h
index b13002d7b..9fde665e6 100644
--- a/src/libstrongswan/plugins/md4/md4_plugin.h
+++ b/src/libstrongswan/plugins/md4/md4_plugin.h
@@ -39,9 +39,4 @@ struct md4_plugin_t {
plugin_t plugin;
};
-/**
- * Create a md4_plugin instance.
- */
-plugin_t *plugin_create();
-
#endif /** MD4_PLUGIN_H_ @}*/
diff --git a/src/libstrongswan/plugins/md5/Makefile.am b/src/libstrongswan/plugins/md5/Makefile.am
index ce0611c13..b2eb2abd2 100644
--- a/src/libstrongswan/plugins/md5/Makefile.am
+++ b/src/libstrongswan/plugins/md5/Makefile.am
@@ -3,8 +3,13 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
+if MONOLITHIC
+noinst_LTLIBRARIES = libstrongswan-md5.la
+else
plugin_LTLIBRARIES = libstrongswan-md5.la
+endif
-libstrongswan_md5_la_SOURCES = md5_plugin.h md5_plugin.c md5_hasher.c md5_hasher.h
-libstrongswan_md5_la_LDFLAGS = -module -avoid-version
+libstrongswan_md5_la_SOURCES = \
+ md5_plugin.h md5_plugin.c md5_hasher.c md5_hasher.h
+libstrongswan_md5_la_LDFLAGS = -module -avoid-version
diff --git a/src/libstrongswan/plugins/md5/Makefile.in b/src/libstrongswan/plugins/md5/Makefile.in
index fcb921316..8948ddcc5 100644
--- a/src/libstrongswan/plugins/md5/Makefile.in
+++ b/src/libstrongswan/plugins/md5/Makefile.in
@@ -72,13 +72,15 @@ am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
am__installdirs = "$(DESTDIR)$(plugindir)"
-LTLIBRARIES = $(plugin_LTLIBRARIES)
+LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_md5_la_LIBADD =
am_libstrongswan_md5_la_OBJECTS = md5_plugin.lo md5_hasher.lo
libstrongswan_md5_la_OBJECTS = $(am_libstrongswan_md5_la_OBJECTS)
libstrongswan_md5_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
$(libstrongswan_md5_la_LDFLAGS) $(LDFLAGS) -o $@
+@MONOLITHIC_FALSE@am_libstrongswan_md5_la_rpath = -rpath $(plugindir)
+@MONOLITHIC_TRUE@am_libstrongswan_md5_la_rpath =
DEFAULT_INCLUDES = -I.@am__isrc@
depcomp = $(SHELL) $(top_srcdir)/depcomp
am__depfiles_maybe = depfiles
@@ -217,6 +219,7 @@ ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
+libhydra_plugins = @libhydra_plugins@
libstrongswan_plugins = @libstrongswan_plugins@
linux_headers = @linux_headers@
localedir = @localedir@
@@ -253,8 +256,11 @@ xml_CFLAGS = @xml_CFLAGS@
xml_LIBS = @xml_LIBS@
INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
-plugin_LTLIBRARIES = libstrongswan-md5.la
-libstrongswan_md5_la_SOURCES = md5_plugin.h md5_plugin.c md5_hasher.c md5_hasher.h
+@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-md5.la
+@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-md5.la
+libstrongswan_md5_la_SOURCES = \
+ md5_plugin.h md5_plugin.c md5_hasher.c md5_hasher.h
+
libstrongswan_md5_la_LDFLAGS = -module -avoid-version
all: all-am
@@ -290,6 +296,15 @@ $(top_srcdir)/configure: $(am__configure_deps)
$(ACLOCAL_M4): $(am__aclocal_m4_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(am__aclocal_m4_deps):
+
+clean-noinstLTLIBRARIES:
+ -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES)
+ @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES)
@$(NORMAL_INSTALL)
test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)"
@@ -322,7 +337,7 @@ clean-pluginLTLIBRARIES:
rm -f "$${dir}/so_locations"; \
done
libstrongswan-md5.la: $(libstrongswan_md5_la_OBJECTS) $(libstrongswan_md5_la_DEPENDENCIES)
- $(libstrongswan_md5_la_LINK) -rpath $(plugindir) $(libstrongswan_md5_la_OBJECTS) $(libstrongswan_md5_la_LIBADD) $(LIBS)
+ $(libstrongswan_md5_la_LINK) $(am_libstrongswan_md5_la_rpath) $(libstrongswan_md5_la_OBJECTS) $(libstrongswan_md5_la_LIBADD) $(LIBS)
mostlyclean-compile:
-rm -f *.$(OBJEXT)
@@ -476,8 +491,8 @@ maintainer-clean-generic:
@echo "it deletes files that may require special tools to rebuild."
clean: clean-am
-clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \
- mostlyclean-am
+clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \
+ clean-pluginLTLIBRARIES mostlyclean-am
distclean: distclean-am
-rm -rf ./$(DEPDIR)
@@ -548,18 +563,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES
.MAKE: install-am install-strip
.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
- clean-libtool clean-pluginLTLIBRARIES ctags distclean \
- distclean-compile distclean-generic distclean-libtool \
- distclean-tags distdir dvi dvi-am html html-am info info-am \
- install install-am install-data install-data-am install-dvi \
- install-dvi-am install-exec install-exec-am install-html \
- install-html-am install-info install-info-am install-man \
- install-pdf install-pdf-am install-pluginLTLIBRARIES \
- install-ps install-ps-am install-strip installcheck \
- installcheck-am installdirs maintainer-clean \
- maintainer-clean-generic mostlyclean mostlyclean-compile \
- mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
- tags uninstall uninstall-am uninstall-pluginLTLIBRARIES
+ clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \
+ ctags distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-pdf install-pdf-am \
+ install-pluginLTLIBRARIES install-ps install-ps-am \
+ install-strip installcheck installcheck-am installdirs \
+ maintainer-clean maintainer-clean-generic mostlyclean \
+ mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
+ pdf pdf-am ps ps-am tags uninstall uninstall-am \
+ uninstall-pluginLTLIBRARIES
# Tell versions [3.59,3.63) of GNU make to not export all variables.
diff --git a/src/libstrongswan/plugins/md5/md5_plugin.c b/src/libstrongswan/plugins/md5/md5_plugin.c
index 7592c20df..cfbf6acea 100644
--- a/src/libstrongswan/plugins/md5/md5_plugin.c
+++ b/src/libstrongswan/plugins/md5/md5_plugin.c
@@ -44,7 +44,7 @@ static void destroy(private_md5_plugin_t *this)
/*
* see header file
*/
-plugin_t *plugin_create()
+plugin_t *md5_plugin_create()
{
private_md5_plugin_t *this = malloc_thing(private_md5_plugin_t);
diff --git a/src/libstrongswan/plugins/md5/md5_plugin.h b/src/libstrongswan/plugins/md5/md5_plugin.h
index 057689ad3..c4ca619dc 100644
--- a/src/libstrongswan/plugins/md5/md5_plugin.h
+++ b/src/libstrongswan/plugins/md5/md5_plugin.h
@@ -39,9 +39,4 @@ struct md5_plugin_t {
plugin_t plugin;
};
-/**
- * Create a md5_plugin instance.
- */
-plugin_t *plugin_create();
-
#endif /** MD5_PLUGIN_H_ @}*/
diff --git a/src/libstrongswan/plugins/mysql/Makefile.am b/src/libstrongswan/plugins/mysql/Makefile.am
index c64481fd5..801a7a7be 100644
--- a/src/libstrongswan/plugins/mysql/Makefile.am
+++ b/src/libstrongswan/plugins/mysql/Makefile.am
@@ -3,10 +3,16 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic $(MYSQLCFLAG)
+if MONOLITHIC
+noinst_LTLIBRARIES = libstrongswan-mysql.la
+else
plugin_LTLIBRARIES = libstrongswan-mysql.la
+endif
-libstrongswan_mysql_la_SOURCES = mysql_plugin.h mysql_plugin.c \
+libstrongswan_mysql_la_SOURCES = \
+ mysql_plugin.h mysql_plugin.c \
mysql_database.h mysql_database.c
+
libstrongswan_mysql_la_LDFLAGS = -module -avoid-version
-libstrongswan_mysql_la_LIBADD = $(MYSQLLIB)
+libstrongswan_mysql_la_LIBADD = $(MYSQLLIB)
diff --git a/src/libstrongswan/plugins/mysql/Makefile.in b/src/libstrongswan/plugins/mysql/Makefile.in
index dc56940d2..1a97c620e 100644
--- a/src/libstrongswan/plugins/mysql/Makefile.in
+++ b/src/libstrongswan/plugins/mysql/Makefile.in
@@ -72,7 +72,7 @@ am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
am__installdirs = "$(DESTDIR)$(plugindir)"
-LTLIBRARIES = $(plugin_LTLIBRARIES)
+LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
am__DEPENDENCIES_1 =
libstrongswan_mysql_la_DEPENDENCIES = $(am__DEPENDENCIES_1)
am_libstrongswan_mysql_la_OBJECTS = mysql_plugin.lo mysql_database.lo
@@ -80,6 +80,9 @@ libstrongswan_mysql_la_OBJECTS = $(am_libstrongswan_mysql_la_OBJECTS)
libstrongswan_mysql_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
$(libstrongswan_mysql_la_LDFLAGS) $(LDFLAGS) -o $@
+@MONOLITHIC_FALSE@am_libstrongswan_mysql_la_rpath = -rpath \
+@MONOLITHIC_FALSE@ $(plugindir)
+@MONOLITHIC_TRUE@am_libstrongswan_mysql_la_rpath =
DEFAULT_INCLUDES = -I.@am__isrc@
depcomp = $(SHELL) $(top_srcdir)/depcomp
am__depfiles_maybe = depfiles
@@ -218,6 +221,7 @@ ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
+libhydra_plugins = @libhydra_plugins@
libstrongswan_plugins = @libstrongswan_plugins@
linux_headers = @linux_headers@
localedir = @localedir@
@@ -254,8 +258,10 @@ xml_CFLAGS = @xml_CFLAGS@
xml_LIBS = @xml_LIBS@
INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic $(MYSQLCFLAG)
-plugin_LTLIBRARIES = libstrongswan-mysql.la
-libstrongswan_mysql_la_SOURCES = mysql_plugin.h mysql_plugin.c \
+@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-mysql.la
+@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-mysql.la
+libstrongswan_mysql_la_SOURCES = \
+ mysql_plugin.h mysql_plugin.c \
mysql_database.h mysql_database.c
libstrongswan_mysql_la_LDFLAGS = -module -avoid-version
@@ -294,6 +300,15 @@ $(top_srcdir)/configure: $(am__configure_deps)
$(ACLOCAL_M4): $(am__aclocal_m4_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(am__aclocal_m4_deps):
+
+clean-noinstLTLIBRARIES:
+ -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES)
+ @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES)
@$(NORMAL_INSTALL)
test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)"
@@ -326,7 +341,7 @@ clean-pluginLTLIBRARIES:
rm -f "$${dir}/so_locations"; \
done
libstrongswan-mysql.la: $(libstrongswan_mysql_la_OBJECTS) $(libstrongswan_mysql_la_DEPENDENCIES)
- $(libstrongswan_mysql_la_LINK) -rpath $(plugindir) $(libstrongswan_mysql_la_OBJECTS) $(libstrongswan_mysql_la_LIBADD) $(LIBS)
+ $(libstrongswan_mysql_la_LINK) $(am_libstrongswan_mysql_la_rpath) $(libstrongswan_mysql_la_OBJECTS) $(libstrongswan_mysql_la_LIBADD) $(LIBS)
mostlyclean-compile:
-rm -f *.$(OBJEXT)
@@ -480,8 +495,8 @@ maintainer-clean-generic:
@echo "it deletes files that may require special tools to rebuild."
clean: clean-am
-clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \
- mostlyclean-am
+clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \
+ clean-pluginLTLIBRARIES mostlyclean-am
distclean: distclean-am
-rm -rf ./$(DEPDIR)
@@ -552,18 +567,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES
.MAKE: install-am install-strip
.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
- clean-libtool clean-pluginLTLIBRARIES ctags distclean \
- distclean-compile distclean-generic distclean-libtool \
- distclean-tags distdir dvi dvi-am html html-am info info-am \
- install install-am install-data install-data-am install-dvi \
- install-dvi-am install-exec install-exec-am install-html \
- install-html-am install-info install-info-am install-man \
- install-pdf install-pdf-am install-pluginLTLIBRARIES \
- install-ps install-ps-am install-strip installcheck \
- installcheck-am installdirs maintainer-clean \
- maintainer-clean-generic mostlyclean mostlyclean-compile \
- mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
- tags uninstall uninstall-am uninstall-pluginLTLIBRARIES
+ clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \
+ ctags distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-pdf install-pdf-am \
+ install-pluginLTLIBRARIES install-ps install-ps-am \
+ install-strip installcheck installcheck-am installdirs \
+ maintainer-clean maintainer-clean-generic mostlyclean \
+ mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
+ pdf pdf-am ps ps-am tags uninstall uninstall-am \
+ uninstall-pluginLTLIBRARIES
# Tell versions [3.59,3.63) of GNU make to not export all variables.
diff --git a/src/libstrongswan/plugins/mysql/mysql_database.c b/src/libstrongswan/plugins/mysql/mysql_database.c
index 2338428f2..8005b9149 100644
--- a/src/libstrongswan/plugins/mysql/mysql_database.c
+++ b/src/libstrongswan/plugins/mysql/mysql_database.c
@@ -203,7 +203,7 @@ static conn_t *conn_get(private_mysql_database_t *this)
this->password, this->database, this->port,
NULL, 0))
{
- DBG1("connecting to mysql://%s:***@%s:%d/%s failed: %s",
+ DBG1(DBG_LIB, "connecting to mysql://%s:***@%s:%d/%s failed: %s",
this->username, this->host, this->port, this->database,
mysql_error(found->mysql));
conn_destroy(found);
@@ -213,7 +213,7 @@ static conn_t *conn_get(private_mysql_database_t *this)
{
this->mutex->lock(this->mutex);
this->pool->insert_last(this->pool, found);
- DBG2("increased MySQL connection pool size to %d",
+ DBG2(DBG_LIB, "increased MySQL connection pool size to %d",
this->pool->get_count(this->pool));
this->mutex->unlock(this->mutex);
}
@@ -232,12 +232,14 @@ static MYSQL_STMT* run(MYSQL *mysql, char *sql, va_list *args)
stmt = mysql_stmt_init(mysql);
if (stmt == NULL)
{
- DBG1("creating MySQL statement failed: %s", mysql_error(mysql));
+ DBG1(DBG_LIB, "creating MySQL statement failed: %s",
+ mysql_error(mysql));
return NULL;
}
if (mysql_stmt_prepare(stmt, sql, strlen(sql)))
{
- DBG1("preparing MySQL statement failed: %s", mysql_stmt_error(stmt));
+ DBG1(DBG_LIB, "preparing MySQL statement failed: %s",
+ mysql_stmt_error(stmt));
mysql_stmt_close(stmt);
return NULL;
}
@@ -303,21 +305,23 @@ static MYSQL_STMT* run(MYSQL *mysql, char *sql, va_list *args)
break;
}
default:
- DBG1("invalid data type supplied");
+ DBG1(DBG_LIB, "invalid data type supplied");
mysql_stmt_close(stmt);
return NULL;
}
}
if (mysql_stmt_bind_param(stmt, bind))
{
- DBG1("binding MySQL param failed: %s", mysql_stmt_error(stmt));
+ DBG1(DBG_LIB, "binding MySQL param failed: %s",
+ mysql_stmt_error(stmt));
mysql_stmt_close(stmt);
return NULL;
}
}
if (mysql_stmt_execute(stmt))
{
- DBG1("executing MySQL statement failed: %s", mysql_stmt_error(stmt));
+ DBG1(DBG_LIB, "executing MySQL statement failed: %s",
+ mysql_stmt_error(stmt));
mysql_stmt_close(stmt);
return NULL;
}
@@ -413,7 +417,8 @@ static bool mysql_enumerator_enumerate(mysql_enumerator_t *this, ...)
case MYSQL_NO_DATA:
return FALSE;
default:
- DBG1("fetching MySQL row failed: %s", mysql_stmt_error(this->stmt));
+ DBG1(DBG_LIB, "fetching MySQL row failed: %s",
+ mysql_stmt_error(this->stmt));
return FALSE;
}
@@ -536,7 +541,7 @@ static enumerator_t* query(private_mysql_database_t *this, char *sql, ...)
break;
}
default:
- DBG1("invalid result data type supplied");
+ DBG1(DBG_LIB, "invalid result data type supplied");
mysql_enumerator_destroy(enumerator);
va_end(args);
return NULL;
@@ -544,7 +549,8 @@ static enumerator_t* query(private_mysql_database_t *this, char *sql, ...)
}
if (mysql_stmt_bind_result(stmt, enumerator->bind))
{
- DBG1("binding MySQL result failed: %s", mysql_stmt_error(stmt));
+ DBG1(DBG_LIB, "binding MySQL result failed: %s",
+ mysql_stmt_error(stmt));
mysql_enumerator_destroy(enumerator);
enumerator = NULL;
}
@@ -653,7 +659,7 @@ static bool parse_uri(private_mysql_database_t *this, char *uri)
}
}
}
- DBG1("parsing MySQL database uri '%s' failed", uri);
+ DBG1(DBG_LIB, "parsing MySQL database uri '%s' failed", uri);
return FALSE;
}
diff --git a/src/libstrongswan/plugins/mysql/mysql_plugin.c b/src/libstrongswan/plugins/mysql/mysql_plugin.c
index 0e64bbc3d..a13aa8091 100644
--- a/src/libstrongswan/plugins/mysql/mysql_plugin.c
+++ b/src/libstrongswan/plugins/mysql/mysql_plugin.c
@@ -46,13 +46,13 @@ static void destroy(private_mysql_plugin_t *this)
/*
* see header file
*/
-plugin_t *plugin_create()
+plugin_t *mysql_plugin_create()
{
private_mysql_plugin_t *this;
if (!mysql_database_init())
{
- DBG1("MySQL client library initialization failed");
+ DBG1(DBG_LIB, "MySQL client library initialization failed");
return NULL;
}
diff --git a/src/libstrongswan/plugins/mysql/mysql_plugin.h b/src/libstrongswan/plugins/mysql/mysql_plugin.h
index fa53c2b7a..d1f21870c 100644
--- a/src/libstrongswan/plugins/mysql/mysql_plugin.h
+++ b/src/libstrongswan/plugins/mysql/mysql_plugin.h
@@ -39,9 +39,4 @@ struct mysql_plugin_t {
plugin_t plugin;
};
-/**
- * Create a mysql_plugin instance.
- */
-plugin_t *plugin_create();
-
#endif /** MYSQL_PLUGIN_H_ @}*/
diff --git a/src/libstrongswan/plugins/openssl/Makefile.am b/src/libstrongswan/plugins/openssl/Makefile.am
index 25cc5aa1d..a50799798 100644
--- a/src/libstrongswan/plugins/openssl/Makefile.am
+++ b/src/libstrongswan/plugins/openssl/Makefile.am
@@ -3,12 +3,18 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
+if MONOLITHIC
+noinst_LTLIBRARIES = libstrongswan-openssl.la
+else
plugin_LTLIBRARIES = libstrongswan-openssl.la
+endif
-libstrongswan_openssl_la_SOURCES = openssl_plugin.h openssl_plugin.c \
+libstrongswan_openssl_la_SOURCES = \
+ openssl_plugin.h openssl_plugin.c \
openssl_util.c openssl_util.h \
openssl_crypter.c openssl_crypter.h \
openssl_hasher.c openssl_hasher.h \
+ openssl_sha1_prf.c openssl_sha1_prf.h \
openssl_diffie_hellman.c openssl_diffie_hellman.h \
openssl_rsa_private_key.c openssl_rsa_private_key.h \
openssl_rsa_public_key.c openssl_rsa_public_key.h \
diff --git a/src/libstrongswan/plugins/openssl/Makefile.in b/src/libstrongswan/plugins/openssl/Makefile.in
index aa8ecf06c..a2a931d42 100644
--- a/src/libstrongswan/plugins/openssl/Makefile.in
+++ b/src/libstrongswan/plugins/openssl/Makefile.in
@@ -72,18 +72,22 @@ am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
am__installdirs = "$(DESTDIR)$(plugindir)"
-LTLIBRARIES = $(plugin_LTLIBRARIES)
+LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_openssl_la_DEPENDENCIES =
am_libstrongswan_openssl_la_OBJECTS = openssl_plugin.lo \
openssl_util.lo openssl_crypter.lo openssl_hasher.lo \
- openssl_diffie_hellman.lo openssl_rsa_private_key.lo \
- openssl_rsa_public_key.lo openssl_ec_diffie_hellman.lo \
- openssl_ec_private_key.lo openssl_ec_public_key.lo
+ openssl_sha1_prf.lo openssl_diffie_hellman.lo \
+ openssl_rsa_private_key.lo openssl_rsa_public_key.lo \
+ openssl_ec_diffie_hellman.lo openssl_ec_private_key.lo \
+ openssl_ec_public_key.lo
libstrongswan_openssl_la_OBJECTS = \
$(am_libstrongswan_openssl_la_OBJECTS)
libstrongswan_openssl_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
$(libstrongswan_openssl_la_LDFLAGS) $(LDFLAGS) -o $@
+@MONOLITHIC_FALSE@am_libstrongswan_openssl_la_rpath = -rpath \
+@MONOLITHIC_FALSE@ $(plugindir)
+@MONOLITHIC_TRUE@am_libstrongswan_openssl_la_rpath =
DEFAULT_INCLUDES = -I.@am__isrc@
depcomp = $(SHELL) $(top_srcdir)/depcomp
am__depfiles_maybe = depfiles
@@ -222,6 +226,7 @@ ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
+libhydra_plugins = @libhydra_plugins@
libstrongswan_plugins = @libstrongswan_plugins@
linux_headers = @linux_headers@
localedir = @localedir@
@@ -258,11 +263,14 @@ xml_CFLAGS = @xml_CFLAGS@
xml_LIBS = @xml_LIBS@
INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
-plugin_LTLIBRARIES = libstrongswan-openssl.la
-libstrongswan_openssl_la_SOURCES = openssl_plugin.h openssl_plugin.c \
+@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-openssl.la
+@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-openssl.la
+libstrongswan_openssl_la_SOURCES = \
+ openssl_plugin.h openssl_plugin.c \
openssl_util.c openssl_util.h \
openssl_crypter.c openssl_crypter.h \
openssl_hasher.c openssl_hasher.h \
+ openssl_sha1_prf.c openssl_sha1_prf.h \
openssl_diffie_hellman.c openssl_diffie_hellman.h \
openssl_rsa_private_key.c openssl_rsa_private_key.h \
openssl_rsa_public_key.c openssl_rsa_public_key.h \
@@ -306,6 +314,15 @@ $(top_srcdir)/configure: $(am__configure_deps)
$(ACLOCAL_M4): $(am__aclocal_m4_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(am__aclocal_m4_deps):
+
+clean-noinstLTLIBRARIES:
+ -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES)
+ @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES)
@$(NORMAL_INSTALL)
test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)"
@@ -338,7 +355,7 @@ clean-pluginLTLIBRARIES:
rm -f "$${dir}/so_locations"; \
done
libstrongswan-openssl.la: $(libstrongswan_openssl_la_OBJECTS) $(libstrongswan_openssl_la_DEPENDENCIES)
- $(libstrongswan_openssl_la_LINK) -rpath $(plugindir) $(libstrongswan_openssl_la_OBJECTS) $(libstrongswan_openssl_la_LIBADD) $(LIBS)
+ $(libstrongswan_openssl_la_LINK) $(am_libstrongswan_openssl_la_rpath) $(libstrongswan_openssl_la_OBJECTS) $(libstrongswan_openssl_la_LIBADD) $(LIBS)
mostlyclean-compile:
-rm -f *.$(OBJEXT)
@@ -355,6 +372,7 @@ distclean-compile:
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openssl_plugin.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openssl_rsa_private_key.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openssl_rsa_public_key.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openssl_sha1_prf.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openssl_util.Plo@am__quote@
.c.o:
@@ -500,8 +518,8 @@ maintainer-clean-generic:
@echo "it deletes files that may require special tools to rebuild."
clean: clean-am
-clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \
- mostlyclean-am
+clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \
+ clean-pluginLTLIBRARIES mostlyclean-am
distclean: distclean-am
-rm -rf ./$(DEPDIR)
@@ -572,18 +590,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES
.MAKE: install-am install-strip
.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
- clean-libtool clean-pluginLTLIBRARIES ctags distclean \
- distclean-compile distclean-generic distclean-libtool \
- distclean-tags distdir dvi dvi-am html html-am info info-am \
- install install-am install-data install-data-am install-dvi \
- install-dvi-am install-exec install-exec-am install-html \
- install-html-am install-info install-info-am install-man \
- install-pdf install-pdf-am install-pluginLTLIBRARIES \
- install-ps install-ps-am install-strip installcheck \
- installcheck-am installdirs maintainer-clean \
- maintainer-clean-generic mostlyclean mostlyclean-compile \
- mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
- tags uninstall uninstall-am uninstall-pluginLTLIBRARIES
+ clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \
+ ctags distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-pdf install-pdf-am \
+ install-pluginLTLIBRARIES install-ps install-ps-am \
+ install-strip installcheck installcheck-am installdirs \
+ maintainer-clean maintainer-clean-generic mostlyclean \
+ mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
+ pdf pdf-am ps ps-am tags uninstall uninstall-am \
+ uninstall-pluginLTLIBRARIES
# Tell versions [3.59,3.63) of GNU make to not export all variables.
diff --git a/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c b/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c
index 80a1ee878..9a032c54f 100644
--- a/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c
+++ b/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2008 Tobias Brunner
+ * Copyright (C) 2008-2010 Tobias Brunner
* Copyright (C) 2008 Martin Willi
* Hochschule fuer Technik Rapperswil
*
@@ -20,47 +20,6 @@
#include <debug.h>
-typedef struct modulus_entry_t modulus_entry_t;
-
-/**
- * Entry of the modulus list.
- */
-struct modulus_entry_t {
- /**
- * Group number as it is defined in file transform_substructure.h.
- */
- diffie_hellman_group_t group;
-
- /**
- * Pointer to the function to get the modulus.
- */
- BIGNUM *(*get_prime)(BIGNUM *bn);
-
- /*
- * Optimum length of exponent in bits.
- */
- long opt_exponent_len;
-
- /*
- * Generator value.
- */
- u_int16_t generator;
-};
-
-/**
- * All supported modulus values - optimum exponent size according to RFC 3526.
- */
-static modulus_entry_t modulus_entries[] = {
- {MODP_768_BIT, get_rfc2409_prime_768, 256, 2},
- {MODP_1024_BIT, get_rfc2409_prime_1024, 256, 2},
- {MODP_1536_BIT, get_rfc3526_prime_1536, 256, 2},
- {MODP_2048_BIT, get_rfc3526_prime_2048, 384, 2},
- {MODP_3072_BIT, get_rfc3526_prime_3072, 384, 2},
- {MODP_4096_BIT, get_rfc3526_prime_4096, 512, 2},
- {MODP_6144_BIT, get_rfc3526_prime_6144, 512, 2},
- {MODP_8192_BIT, get_rfc3526_prime_8192, 512, 2},
-};
-
typedef struct private_openssl_diffie_hellman_t private_openssl_diffie_hellman_t;
/**
@@ -125,7 +84,6 @@ static status_t get_shared_secret(private_openssl_diffie_hellman_t *this,
memset(secret->ptr, 0, secret->len);
memcpy(secret->ptr + secret->len - this->shared_secret.len,
this->shared_secret.ptr, this->shared_secret.len);
-
return SUCCESS;
}
@@ -145,7 +103,7 @@ static void set_other_public_value(private_openssl_diffie_hellman_t *this,
len = DH_compute_key(this->shared_secret.ptr, this->pub_key, this->dh);
if (len < 0)
{
- DBG1("DH shared secret computation failed");
+ DBG1(DBG_LIB, "DH shared secret computation failed");
return;
}
this->shared_secret.len = len;
@@ -165,27 +123,18 @@ static diffie_hellman_group_t get_dh_group(private_openssl_diffie_hellman_t *thi
*/
static status_t set_modulus(private_openssl_diffie_hellman_t *this)
{
- int i;
- bool ansi_x9_42;
-
- ansi_x9_42 = lib->settings->get_bool(lib->settings,
- "libstrongswan.dh_exponent_ansi_x9_42", TRUE);
-
- for (i = 0; i < (sizeof(modulus_entries) / sizeof(modulus_entry_t)); i++)
+ diffie_hellman_params_t *params = diffie_hellman_get_params(this->group);
+ if (!params)
{
- if (modulus_entries[i].group == this->group)
- {
- this->dh->p = modulus_entries[i].get_prime(NULL);
- this->dh->g = BN_new();
- BN_set_word(this->dh->g, modulus_entries[i].generator);
- if (!ansi_x9_42)
- {
- this->dh->length = modulus_entries[i].opt_exponent_len;
- }
- return SUCCESS;
- }
+ return NOT_FOUND;
}
- return NOT_FOUND;
+ this->dh->p = BN_bin2bn(params->prime.ptr, params->prime.len, NULL);
+ this->dh->g = BN_bin2bn(params->generator.ptr, params->generator.len, NULL);
+ if (params->exp_len != params->prime.len)
+ {
+ this->dh->length = params->exp_len * 8;
+ }
+ return SUCCESS;
}
/**
@@ -237,7 +186,8 @@ openssl_diffie_hellman_t *openssl_diffie_hellman_create(diffie_hellman_group_t g
destroy(this);
return NULL;
}
- DBG2("size of DH secret exponent: %d bits", BN_num_bits(this->dh->priv_key));
+ DBG2(DBG_LIB, "size of DH secret exponent: %d bits",
+ BN_num_bits(this->dh->priv_key));
return &this->public;
}
diff --git a/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c b/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c
index 671fa41e2..faec411cd 100644
--- a/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c
+++ b/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c
@@ -212,14 +212,14 @@ static void set_other_public_value(private_openssl_ec_diffie_hellman_t *this, ch
{
if (!chunk2ecp(this->ec_group, value, this->pub_key))
{
- DBG1("ECDH public value is malformed");
+ DBG1(DBG_LIB, "ECDH public value is malformed");
return;
}
chunk_free(&this->shared_secret);
if (!compute_shared_key(this, &this->shared_secret)) {
- DBG1("ECDH shared secret computation failed");
+ DBG1(DBG_LIB, "ECDH shared secret computation failed");
return;
}
diff --git a/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c b/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c
index 89ced5a9a..bdcfda974 100644
--- a/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c
+++ b/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c
@@ -84,14 +84,14 @@ static bool build_curve_signature(private_openssl_ec_private_key_t *this,
req_group = EC_GROUP_new_by_curve_name(nid_curve);
if (!req_group)
{
- DBG1("signature scheme %N not supported in EC (required curve "
+ DBG1(DBG_LIB, "signature scheme %N not supported in EC (required curve "
"not supported)", signature_scheme_names, scheme);
return FALSE;
}
my_group = EC_KEY_get0_group(this->ec);
if (EC_GROUP_cmp(my_group, req_group, NULL) != 0)
{
- DBG1("signature scheme %N not supported by private key",
+ DBG1(DBG_LIB, "signature scheme %N not supported by private key",
signature_scheme_names, scheme);
return FALSE;
}
@@ -162,7 +162,7 @@ static bool sign(private_openssl_ec_private_key_t *this,
return build_curve_signature(this, scheme, NID_sha512,
NID_secp521r1, data, signature);
default:
- DBG1("signature scheme %N not supported",
+ DBG1(DBG_LIB, "signature scheme %N not supported",
signature_scheme_names, scheme);
return FALSE;
}
@@ -174,7 +174,7 @@ static bool sign(private_openssl_ec_private_key_t *this,
static bool decrypt(private_openssl_ec_private_key_t *this,
chunk_t crypto, chunk_t *plain)
{
- DBG1("EC private key decryption not implemented");
+ DBG1(DBG_LIB, "EC private key decryption not implemented");
return FALSE;
}
@@ -233,11 +233,24 @@ static bool get_encoding(private_openssl_ec_private_key_t *this,
switch (type)
{
case KEY_PRIV_ASN1_DER:
+ case KEY_PRIV_PEM:
{
+ bool success = TRUE;
+
*encoding = chunk_alloc(i2d_ECPrivateKey(this->ec, NULL));
p = encoding->ptr;
i2d_ECPrivateKey(this->ec, &p);
- return TRUE;
+
+ if (type == KEY_PRIV_PEM)
+ {
+ chunk_t asn1_encoding = *encoding;
+
+ success = lib->encoding->encode(lib->encoding, KEY_PRIV_PEM,
+ NULL, encoding, KEY_PART_ECDSA_PRIV_ASN1_DER,
+ asn1_encoding, KEY_PART_END);
+ chunk_clear(&asn1_encoding);
+ }
+ return success;
}
default:
return FALSE;
@@ -335,13 +348,13 @@ openssl_ec_private_key_t *openssl_ec_private_key_gen(key_type_t type,
this->ec = EC_KEY_new_by_curve_name(NID_secp521r1);
break;
default:
- DBG1("EC private key size %d not supported", key_size);
+ DBG1(DBG_LIB, "EC private key size %d not supported", key_size);
destroy(this);
return NULL;
}
if (EC_KEY_generate_key(this->ec) != 1)
{
- DBG1("EC private key generation failed", key_size);
+ DBG1(DBG_LIB, "EC private key generation failed", key_size);
destroy(this);
return NULL;
}
diff --git a/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c b/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c
index f37c736b1..790a8487d 100644
--- a/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c
+++ b/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c
@@ -82,14 +82,14 @@ static bool verify_curve_signature(private_openssl_ec_public_key_t *this,
req_group = EC_GROUP_new_by_curve_name(nid_curve);
if (!req_group)
{
- DBG1("signature scheme %N not supported in EC (required curve "
+ DBG1(DBG_LIB, "signature scheme %N not supported in EC (required curve "
"not supported)", signature_scheme_names, scheme);
return FALSE;
}
my_group = EC_KEY_get0_group(this->ec);
if (EC_GROUP_cmp(my_group, req_group, NULL) != 0)
{
- DBG1("signature scheme %N not supported by private key",
+ DBG1(DBG_LIB, "signature scheme %N not supported by private key",
signature_scheme_names, scheme);
return FALSE;
}
@@ -162,7 +162,7 @@ static bool verify(private_openssl_ec_public_key_t *this,
return verify_curve_signature(this, scheme, NID_sha512,
NID_secp521r1, data, signature);
default:
- DBG1("signature scheme %N not supported in EC",
+ DBG1(DBG_LIB, "signature scheme %N not supported in EC",
signature_scheme_names, scheme);
return FALSE;
}
@@ -174,7 +174,7 @@ static bool verify(private_openssl_ec_public_key_t *this,
static bool encrypt_(private_openssl_ec_public_key_t *this,
chunk_t crypto, chunk_t *plain)
{
- DBG1("EC public key encryption not implemented");
+ DBG1(DBG_LIB, "EC public key encryption not implemented");
return FALSE;
}
@@ -217,7 +217,7 @@ bool openssl_ec_fingerprint(EC_KEY *ec, key_encoding_type_t type, chunk_t *fp)
hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
if (!hasher)
{
- DBG1("SHA1 hash algorithm not supported, fingerprinting failed");
+ DBG1(DBG_LIB, "SHA1 hash algorithm not supported, fingerprinting failed");
free(key.ptr);
return FALSE;
}
@@ -248,11 +248,24 @@ static bool get_encoding(private_openssl_ec_public_key_t *this,
switch (type)
{
case KEY_PUB_SPKI_ASN1_DER:
+ case KEY_PUB_PEM:
{
+ bool success = TRUE;
+
*encoding = chunk_alloc(i2d_EC_PUBKEY(this->ec, NULL));
p = encoding->ptr;
i2d_EC_PUBKEY(this->ec, &p);
- return TRUE;
+
+ if (type == KEY_PUB_PEM)
+ {
+ chunk_t asn1_encoding = *encoding;
+
+ success = lib->encoding->encode(lib->encoding, KEY_PUB_PEM,
+ NULL, encoding, KEY_PART_ECDSA_PUB_ASN1_DER,
+ asn1_encoding, KEY_PART_END);
+ chunk_clear(&asn1_encoding);
+ }
+ return success;
}
default:
return FALSE;
diff --git a/src/libstrongswan/plugins/openssl/openssl_plugin.c b/src/libstrongswan/plugins/openssl/openssl_plugin.c
index 548a76bb4..c1545ffb8 100644
--- a/src/libstrongswan/plugins/openssl/openssl_plugin.c
+++ b/src/libstrongswan/plugins/openssl/openssl_plugin.c
@@ -27,6 +27,7 @@
#include "openssl_util.h"
#include "openssl_crypter.h"
#include "openssl_hasher.h"
+#include "openssl_sha1_prf.h"
#include "openssl_diffie_hellman.h"
#include "openssl_ec_diffie_hellman.h"
#include "openssl_rsa_private_key.h"
@@ -170,6 +171,8 @@ static void destroy(private_openssl_plugin_t *this)
(crypter_constructor_t)openssl_crypter_create);
lib->crypto->remove_hasher(lib->crypto,
(hasher_constructor_t)openssl_hasher_create);
+ lib->crypto->remove_prf(lib->crypto,
+ (prf_constructor_t)openssl_sha1_prf_create);
lib->crypto->remove_dh(lib->crypto,
(dh_constructor_t)openssl_diffie_hellman_create);
lib->crypto->remove_dh(lib->crypto,
@@ -201,7 +204,7 @@ static void destroy(private_openssl_plugin_t *this)
/*
* see header file
*/
-plugin_t *plugin_create()
+plugin_t *openssl_plugin_create()
{
private_openssl_plugin_t *this = malloc_thing(private_openssl_plugin_t);
@@ -256,9 +259,17 @@ plugin_t *plugin_create()
lib->crypto->add_hasher(lib->crypto, HASH_SHA512,
(hasher_constructor_t)openssl_hasher_create);
+ /* prf */
+ lib->crypto->add_prf(lib->crypto, PRF_KEYED_SHA1,
+ (prf_constructor_t)openssl_sha1_prf_create);
+
/* (ec) diffie hellman */
lib->crypto->add_dh(lib->crypto, MODP_2048_BIT,
(dh_constructor_t)openssl_diffie_hellman_create);
+ lib->crypto->add_dh(lib->crypto, MODP_2048_224,
+ (dh_constructor_t)openssl_diffie_hellman_create);
+ lib->crypto->add_dh(lib->crypto, MODP_2048_256,
+ (dh_constructor_t)openssl_diffie_hellman_create);
lib->crypto->add_dh(lib->crypto, MODP_1536_BIT,
(dh_constructor_t)openssl_diffie_hellman_create);
lib->crypto->add_dh(lib->crypto, ECP_256_BIT,
@@ -281,6 +292,8 @@ plugin_t *plugin_create()
(dh_constructor_t)openssl_diffie_hellman_create);
lib->crypto->add_dh(lib->crypto, MODP_1024_BIT,
(dh_constructor_t)openssl_diffie_hellman_create);
+ lib->crypto->add_dh(lib->crypto, MODP_1024_160,
+ (dh_constructor_t)openssl_diffie_hellman_create);
lib->crypto->add_dh(lib->crypto, MODP_768_BIT,
(dh_constructor_t)openssl_diffie_hellman_create);
diff --git a/src/libstrongswan/plugins/openssl/openssl_plugin.h b/src/libstrongswan/plugins/openssl/openssl_plugin.h
index 9f422c9d0..0762c37b9 100644
--- a/src/libstrongswan/plugins/openssl/openssl_plugin.h
+++ b/src/libstrongswan/plugins/openssl/openssl_plugin.h
@@ -39,9 +39,4 @@ struct openssl_plugin_t {
plugin_t plugin;
};
-/**
- * Create a openssl_plugin instance.
- */
-plugin_t *plugin_create();
-
#endif /** OPENSSL_PLUGIN_H_ @}*/
diff --git a/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c b/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c
index 078f889a6..de751fe89 100644
--- a/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c
+++ b/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c
@@ -160,7 +160,7 @@ static bool sign(private_openssl_rsa_private_key_t *this, signature_scheme_t sch
case SIGN_RSA_EMSA_PKCS1_MD5:
return build_emsa_pkcs1_signature(this, NID_md5, data, signature);
default:
- DBG1("signature scheme %N not supported in RSA",
+ DBG1(DBG_LIB, "signature scheme %N not supported in RSA",
signature_scheme_names, scheme);
return FALSE;
}
@@ -172,7 +172,7 @@ static bool sign(private_openssl_rsa_private_key_t *this, signature_scheme_t sch
static bool decrypt(private_openssl_rsa_private_key_t *this,
chunk_t crypto, chunk_t *plain)
{
- DBG1("RSA private key decryption not implemented");
+ DBG1(DBG_LIB, "RSA private key decryption not implemented");
return FALSE;
}
@@ -226,11 +226,24 @@ static bool get_encoding(private_openssl_rsa_private_key_t *this,
switch (type)
{
case KEY_PRIV_ASN1_DER:
+ case KEY_PRIV_PEM:
{
+ bool success = TRUE;
+
*encoding = chunk_alloc(i2d_RSAPrivateKey(this->rsa, NULL));
p = encoding->ptr;
i2d_RSAPrivateKey(this->rsa, &p);
- return TRUE;
+
+ if (type == KEY_PRIV_PEM)
+ {
+ chunk_t asn1_encoding = *encoding;
+
+ success = lib->encoding->encode(lib->encoding, KEY_PRIV_PEM,
+ NULL, encoding, KEY_PART_RSA_PRIV_ASN1_DER,
+ asn1_encoding, KEY_PART_END);
+ chunk_clear(&asn1_encoding);
+ }
+ return success;
}
default:
return FALSE;
@@ -296,6 +309,8 @@ openssl_rsa_private_key_t *openssl_rsa_private_key_gen(key_type_t type,
{
private_openssl_rsa_private_key_t *this;
u_int key_size = 0;
+ RSA *rsa = NULL;
+ BIGNUM *e = NULL;
while (TRUE)
{
@@ -315,10 +330,31 @@ openssl_rsa_private_key_t *openssl_rsa_private_key_gen(key_type_t type,
{
return NULL;
}
+ e = BN_new();
+ if (!e || !BN_set_word(e, PUBLIC_EXPONENT))
+ {
+ goto error;
+ }
+ rsa = RSA_new();
+ if (!rsa || !RSA_generate_key_ex(rsa, key_size, e, NULL))
+ {
+ goto error;
+ }
this = create_empty();
- this->rsa = RSA_generate_key(key_size, PUBLIC_EXPONENT, NULL, NULL);
-
+ this->rsa = rsa;
+ BN_free(e);
return &this->public;
+
+error:
+ if (e)
+ {
+ BN_free(e);
+ }
+ if (rsa)
+ {
+ RSA_free(rsa);
+ }
+ return NULL;
}
/**
@@ -440,22 +476,22 @@ openssl_rsa_private_key_t *openssl_rsa_private_key_connect(key_type_t type,
}
engine_id = lib->settings->get_str(lib->settings,
- "library.plugins.openssl.engine_id", "pkcs11");
+ "libstrongswan.plugins.openssl.engine_id", "pkcs11");
engine = ENGINE_by_id(engine_id);
if (!engine)
{
- DBG1("engine '%s' is not available", engine_id);
+ DBG1(DBG_LIB, "engine '%s' is not available", engine_id);
return NULL;
}
if (!ENGINE_init(engine))
{
- DBG1("failed to initialize engine '%s'", engine_id);
+ DBG1(DBG_LIB, "failed to initialize engine '%s'", engine_id);
ENGINE_free(engine);
return NULL;
}
if (!ENGINE_ctrl_cmd_string(engine, "PIN", pin, 0))
{
- DBG1("failed to set PIN on engine '%s'", engine_id);
+ DBG1(DBG_LIB, "failed to set PIN on engine '%s'", engine_id);
ENGINE_free(engine);
return NULL;
}
@@ -463,8 +499,8 @@ openssl_rsa_private_key_t *openssl_rsa_private_key_connect(key_type_t type,
key = ENGINE_load_private_key(engine, keyid, NULL, NULL);
if (!key)
{
- DBG1("failed to load private key with ID '%s' from engine '%s'",
- keyid, engine_id);
+ DBG1(DBG_LIB, "failed to load private key with ID '%s' from "
+ "engine '%s'", keyid, engine_id);
ENGINE_free(engine);
return NULL;
}
diff --git a/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c b/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c
index 422262b19..ffa575a97 100644
--- a/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c
+++ b/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c
@@ -145,7 +145,7 @@ static bool verify(private_openssl_rsa_public_key_t *this, signature_scheme_t sc
case SIGN_RSA_EMSA_PKCS1_MD5:
return verify_emsa_pkcs1_signature(this, NID_md5, data, signature);
default:
- DBG1("signature scheme %N not supported in RSA",
+ DBG1(DBG_LIB, "signature scheme %N not supported in RSA",
signature_scheme_names, scheme);
return FALSE;
}
@@ -157,7 +157,7 @@ static bool verify(private_openssl_rsa_public_key_t *this, signature_scheme_t sc
static bool encrypt_(private_openssl_rsa_public_key_t *this,
chunk_t crypto, chunk_t *plain)
{
- DBG1("RSA public key encryption not implemented");
+ DBG1(DBG_LIB, "RSA public key encryption not implemented");
return FALSE;
}
@@ -200,7 +200,7 @@ bool openssl_rsa_fingerprint(RSA *rsa, key_encoding_type_t type, chunk_t *fp)
hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
if (!hasher)
{
- DBG1("SHA1 hash algorithm not supported, fingerprinting failed");
+ DBG1(DBG_LIB, "SHA1 hash algorithm not supported, fingerprinting failed");
free(key.ptr);
return FALSE;
}
@@ -231,11 +231,24 @@ static bool get_encoding(private_openssl_rsa_public_key_t *this,
switch (type)
{
case KEY_PUB_SPKI_ASN1_DER:
+ case KEY_PUB_PEM:
{
+ bool success = TRUE;
+
*encoding = chunk_alloc(i2d_RSA_PUBKEY(this->rsa, NULL));
p = encoding->ptr;
i2d_RSA_PUBKEY(this->rsa, &p);
- return TRUE;
+
+ if (type == KEY_PUB_PEM)
+ {
+ chunk_t asn1_encoding = *encoding;
+
+ success = lib->encoding->encode(lib->encoding, KEY_PUB_PEM,
+ NULL, encoding, KEY_PART_RSA_PUB_ASN1_DER,
+ asn1_encoding, KEY_PART_END);
+ chunk_clear(&asn1_encoding);
+ }
+ return success;
}
case KEY_PUB_ASN1_DER:
{
diff --git a/src/libstrongswan/plugins/openssl/openssl_sha1_prf.c b/src/libstrongswan/plugins/openssl/openssl_sha1_prf.c
new file mode 100644
index 000000000..b65388010
--- /dev/null
+++ b/src/libstrongswan/plugins/openssl/openssl_sha1_prf.c
@@ -0,0 +1,139 @@
+/*
+ * Copyright (C) 2010 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "openssl_sha1_prf.h"
+
+#include <openssl/sha.h>
+
+typedef struct private_openssl_sha1_prf_t private_openssl_sha1_prf_t;
+
+/**
+ * Private data of an openssl_sha1_prf_t object.
+ */
+struct private_openssl_sha1_prf_t {
+
+ /**
+ * Public openssl_sha1_prf_t interface.
+ */
+ openssl_sha1_prf_t public;
+
+ /**
+ * SHA1 context
+ */
+ SHA_CTX ctx;
+};
+
+METHOD(prf_t, get_bytes, void,
+ private_openssl_sha1_prf_t *this, chunk_t seed, u_int8_t *bytes)
+{
+ SHA1_Update(&this->ctx, seed.ptr, seed.len);
+
+ if (bytes)
+ {
+ u_int32_t *hash = (u_int32_t*)bytes;
+
+ hash[0] = htonl(this->ctx.h0);
+ hash[1] = htonl(this->ctx.h1);
+ hash[2] = htonl(this->ctx.h2);
+ hash[3] = htonl(this->ctx.h3);
+ hash[4] = htonl(this->ctx.h4);
+ }
+}
+
+METHOD(prf_t, get_block_size, size_t,
+ private_openssl_sha1_prf_t *this)
+{
+ return HASH_SIZE_SHA1;
+}
+
+METHOD(prf_t, allocate_bytes, void,
+ private_openssl_sha1_prf_t *this, chunk_t seed, chunk_t *chunk)
+{
+ if (chunk)
+ {
+ *chunk = chunk_alloc(HASH_SIZE_SHA1);
+ get_bytes(this, seed, chunk->ptr);
+ }
+ else
+ {
+ get_bytes(this, seed, NULL);
+ }
+}
+
+METHOD(prf_t, get_key_size, size_t,
+ private_openssl_sha1_prf_t *this)
+{
+ return HASH_SIZE_SHA1;
+}
+
+METHOD(prf_t, set_key, void,
+ private_openssl_sha1_prf_t *this, chunk_t key)
+{
+ SHA1_Init(&this->ctx);
+
+ if (key.len >= 4)
+ {
+ this->ctx.h0 ^= untoh32(key.ptr);
+ }
+ if (key.len >= 8)
+ {
+ this->ctx.h1 ^= untoh32(key.ptr + 4);
+ }
+ if (key.len >= 12)
+ {
+ this->ctx.h2 ^= untoh32(key.ptr + 8);
+ }
+ if (key.len >= 16)
+ {
+ this->ctx.h3 ^= untoh32(key.ptr + 12);
+ }
+ if (key.len >= 20)
+ {
+ this->ctx.h4 ^= untoh32(key.ptr + 16);
+ }
+}
+
+METHOD(prf_t, destroy, void,
+ private_openssl_sha1_prf_t *this)
+{
+ free(this);
+}
+
+/**
+ * See header
+ */
+openssl_sha1_prf_t *openssl_sha1_prf_create(pseudo_random_function_t algo)
+{
+ private_openssl_sha1_prf_t *this;
+
+ if (algo != PRF_KEYED_SHA1)
+ {
+ return NULL;
+ }
+
+ INIT(this,
+ .public.prf = {
+ .get_block_size = _get_block_size,
+ .get_bytes = _get_bytes,
+ .allocate_bytes = _allocate_bytes,
+ .get_key_size = _get_key_size,
+ .set_key = _set_key,
+ .destroy = _destroy,
+ },
+ );
+
+ return &this->public;
+}
+
diff --git a/src/libstrongswan/plugins/openssl/openssl_sha1_prf.h b/src/libstrongswan/plugins/openssl/openssl_sha1_prf.h
new file mode 100644
index 000000000..9a24e7ee1
--- /dev/null
+++ b/src/libstrongswan/plugins/openssl/openssl_sha1_prf.h
@@ -0,0 +1,48 @@
+/*
+ * Copyright (C) 2010 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup openssl_sha1_prf openssl_sha1_prf
+ * @{ @ingroup sha1_p
+ */
+
+#ifndef OPENSSL_SHA1_PRF_H_
+#define OPENSSL_SHA1_PRF_H_
+
+typedef struct openssl_sha1_prf_t openssl_sha1_prf_t;
+
+#include <crypto/prfs/prf.h>
+
+/**
+ * Implementation of prf_t interface using keyed SHA1 algorithm as used
+ * in EAP-AKA/FIPS_PRF.
+ */
+struct openssl_sha1_prf_t {
+
+ /**
+ * Implements prf_t interface.
+ */
+ prf_t prf;
+};
+
+/**
+ * Creates a new openssl_sha1_prf_t.
+ *
+ * @param algo algorithm, must be PRF_KEYED_SHA1
+ * @return sha1_keyed_prf_tobject
+ */
+openssl_sha1_prf_t *openssl_sha1_prf_create(pseudo_random_function_t algo);
+
+#endif /** OPENSSL_SHA1_PRF_H_ @}*/
diff --git a/src/libstrongswan/plugins/padlock/Makefile.am b/src/libstrongswan/plugins/padlock/Makefile.am
index b2b1f9d85..6706d26cb 100644
--- a/src/libstrongswan/plugins/padlock/Makefile.am
+++ b/src/libstrongswan/plugins/padlock/Makefile.am
@@ -3,11 +3,16 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
+if MONOLITHIC
+noinst_LTLIBRARIES = libstrongswan-padlock.la
+else
plugin_LTLIBRARIES = libstrongswan-padlock.la
+endif
-libstrongswan_padlock_la_SOURCES = padlock_plugin.h padlock_plugin.c \
+libstrongswan_padlock_la_SOURCES = \
+ padlock_plugin.h padlock_plugin.c \
padlock_aes_crypter.c padlock_aes_crypter.h \
padlock_sha1_hasher.c padlock_sha1_hasher.h \
padlock_rng.c padlock_rng.h
-libstrongswan_padlock_la_LDFLAGS = -module -avoid-version
+libstrongswan_padlock_la_LDFLAGS = -module -avoid-version
diff --git a/src/libstrongswan/plugins/padlock/Makefile.in b/src/libstrongswan/plugins/padlock/Makefile.in
index 59ea98799..84c2ef2fb 100644
--- a/src/libstrongswan/plugins/padlock/Makefile.in
+++ b/src/libstrongswan/plugins/padlock/Makefile.in
@@ -72,7 +72,7 @@ am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
am__installdirs = "$(DESTDIR)$(plugindir)"
-LTLIBRARIES = $(plugin_LTLIBRARIES)
+LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_padlock_la_LIBADD =
am_libstrongswan_padlock_la_OBJECTS = padlock_plugin.lo \
padlock_aes_crypter.lo padlock_sha1_hasher.lo padlock_rng.lo
@@ -81,6 +81,9 @@ libstrongswan_padlock_la_OBJECTS = \
libstrongswan_padlock_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
$(libstrongswan_padlock_la_LDFLAGS) $(LDFLAGS) -o $@
+@MONOLITHIC_FALSE@am_libstrongswan_padlock_la_rpath = -rpath \
+@MONOLITHIC_FALSE@ $(plugindir)
+@MONOLITHIC_TRUE@am_libstrongswan_padlock_la_rpath =
DEFAULT_INCLUDES = -I.@am__isrc@
depcomp = $(SHELL) $(top_srcdir)/depcomp
am__depfiles_maybe = depfiles
@@ -219,6 +222,7 @@ ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
+libhydra_plugins = @libhydra_plugins@
libstrongswan_plugins = @libstrongswan_plugins@
linux_headers = @linux_headers@
localedir = @localedir@
@@ -255,8 +259,10 @@ xml_CFLAGS = @xml_CFLAGS@
xml_LIBS = @xml_LIBS@
INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
-plugin_LTLIBRARIES = libstrongswan-padlock.la
-libstrongswan_padlock_la_SOURCES = padlock_plugin.h padlock_plugin.c \
+@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-padlock.la
+@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-padlock.la
+libstrongswan_padlock_la_SOURCES = \
+ padlock_plugin.h padlock_plugin.c \
padlock_aes_crypter.c padlock_aes_crypter.h \
padlock_sha1_hasher.c padlock_sha1_hasher.h \
padlock_rng.c padlock_rng.h
@@ -296,6 +302,15 @@ $(top_srcdir)/configure: $(am__configure_deps)
$(ACLOCAL_M4): $(am__aclocal_m4_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(am__aclocal_m4_deps):
+
+clean-noinstLTLIBRARIES:
+ -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES)
+ @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES)
@$(NORMAL_INSTALL)
test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)"
@@ -328,7 +343,7 @@ clean-pluginLTLIBRARIES:
rm -f "$${dir}/so_locations"; \
done
libstrongswan-padlock.la: $(libstrongswan_padlock_la_OBJECTS) $(libstrongswan_padlock_la_DEPENDENCIES)
- $(libstrongswan_padlock_la_LINK) -rpath $(plugindir) $(libstrongswan_padlock_la_OBJECTS) $(libstrongswan_padlock_la_LIBADD) $(LIBS)
+ $(libstrongswan_padlock_la_LINK) $(am_libstrongswan_padlock_la_rpath) $(libstrongswan_padlock_la_OBJECTS) $(libstrongswan_padlock_la_LIBADD) $(LIBS)
mostlyclean-compile:
-rm -f *.$(OBJEXT)
@@ -484,8 +499,8 @@ maintainer-clean-generic:
@echo "it deletes files that may require special tools to rebuild."
clean: clean-am
-clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \
- mostlyclean-am
+clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \
+ clean-pluginLTLIBRARIES mostlyclean-am
distclean: distclean-am
-rm -rf ./$(DEPDIR)
@@ -556,18 +571,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES
.MAKE: install-am install-strip
.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
- clean-libtool clean-pluginLTLIBRARIES ctags distclean \
- distclean-compile distclean-generic distclean-libtool \
- distclean-tags distdir dvi dvi-am html html-am info info-am \
- install install-am install-data install-data-am install-dvi \
- install-dvi-am install-exec install-exec-am install-html \
- install-html-am install-info install-info-am install-man \
- install-pdf install-pdf-am install-pluginLTLIBRARIES \
- install-ps install-ps-am install-strip installcheck \
- installcheck-am installdirs maintainer-clean \
- maintainer-clean-generic mostlyclean mostlyclean-compile \
- mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
- tags uninstall uninstall-am uninstall-pluginLTLIBRARIES
+ clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \
+ ctags distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-pdf install-pdf-am \
+ install-pluginLTLIBRARIES install-ps install-ps-am \
+ install-strip installcheck installcheck-am installdirs \
+ maintainer-clean maintainer-clean-generic mostlyclean \
+ mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
+ pdf pdf-am ps ps-am tags uninstall uninstall-am \
+ uninstall-pluginLTLIBRARIES
# Tell versions [3.59,3.63) of GNU make to not export all variables.
diff --git a/src/libstrongswan/plugins/padlock/padlock_plugin.c b/src/libstrongswan/plugins/padlock/padlock_plugin.c
index 32b18ec4b..c9606ae15 100644
--- a/src/libstrongswan/plugins/padlock/padlock_plugin.c
+++ b/src/libstrongswan/plugins/padlock/padlock_plugin.c
@@ -97,7 +97,7 @@ static padlock_feature_t get_padlock_features()
return d;
}
}
- DBG1("Padlock not found, CPU is %s", vendor);
+ DBG1(DBG_LIB, "Padlock not found, CPU is %s", vendor);
return 0;
}
@@ -131,7 +131,7 @@ static void destroy(private_padlock_plugin_t *this)
/*
* see header file
*/
-plugin_t *plugin_create()
+plugin_t *padlock_plugin_create()
{
private_padlock_plugin_t *this = malloc_thing(private_padlock_plugin_t);
@@ -143,7 +143,7 @@ plugin_t *plugin_create()
free(this);
return NULL;
}
- DBG1("Padlock found, supports:%s%s%s%s%s, enabled:%s%s%s%s%s",
+ DBG1(DBG_LIB, "Padlock found, supports:%s%s%s%s%s, enabled:%s%s%s%s%s",
this->features & PADLOCK_RNG_AVAILABLE ? " RNG" : "",
this->features & PADLOCK_ACE_AVAILABLE ? " ACE" : "",
this->features & PADLOCK_ACE2_AVAILABLE ? " ACE2" : "",
diff --git a/src/libstrongswan/plugins/padlock/padlock_plugin.h b/src/libstrongswan/plugins/padlock/padlock_plugin.h
index 76f4d1135..d99d4db0f 100644
--- a/src/libstrongswan/plugins/padlock/padlock_plugin.h
+++ b/src/libstrongswan/plugins/padlock/padlock_plugin.h
@@ -39,9 +39,4 @@ struct padlock_plugin_t {
plugin_t plugin;
};
-/**
- * Create a padlock_plugin instance.
- */
-plugin_t *plugin_create();
-
#endif /** PADLOCK_PLUGIN_H_ @}*/
diff --git a/src/libstrongswan/plugins/pem/Makefile.am b/src/libstrongswan/plugins/pem/Makefile.am
index 98f356aaf..b815b1e0b 100644
--- a/src/libstrongswan/plugins/pem/Makefile.am
+++ b/src/libstrongswan/plugins/pem/Makefile.am
@@ -3,10 +3,15 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
+if MONOLITHIC
+noinst_LTLIBRARIES = libstrongswan-pem.la
+else
plugin_LTLIBRARIES = libstrongswan-pem.la
+endif
-libstrongswan_pem_la_SOURCES = pem_plugin.h pem_plugin.c \
- pem_builder.c pem_builder.h
+libstrongswan_pem_la_SOURCES = \
+ pem_plugin.h pem_plugin.c \
+ pem_builder.c pem_builder.h \
+ pem_encoder.c pem_encoder.h
libstrongswan_pem_la_LDFLAGS = -module -avoid-version
-
diff --git a/src/libstrongswan/plugins/pem/Makefile.in b/src/libstrongswan/plugins/pem/Makefile.in
index e81b4f78f..4e39c8f7b 100644
--- a/src/libstrongswan/plugins/pem/Makefile.in
+++ b/src/libstrongswan/plugins/pem/Makefile.in
@@ -72,13 +72,16 @@ am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
am__installdirs = "$(DESTDIR)$(plugindir)"
-LTLIBRARIES = $(plugin_LTLIBRARIES)
+LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_pem_la_LIBADD =
-am_libstrongswan_pem_la_OBJECTS = pem_plugin.lo pem_builder.lo
+am_libstrongswan_pem_la_OBJECTS = pem_plugin.lo pem_builder.lo \
+ pem_encoder.lo
libstrongswan_pem_la_OBJECTS = $(am_libstrongswan_pem_la_OBJECTS)
libstrongswan_pem_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
$(libstrongswan_pem_la_LDFLAGS) $(LDFLAGS) -o $@
+@MONOLITHIC_FALSE@am_libstrongswan_pem_la_rpath = -rpath $(plugindir)
+@MONOLITHIC_TRUE@am_libstrongswan_pem_la_rpath =
DEFAULT_INCLUDES = -I.@am__isrc@
depcomp = $(SHELL) $(top_srcdir)/depcomp
am__depfiles_maybe = depfiles
@@ -217,6 +220,7 @@ ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
+libhydra_plugins = @libhydra_plugins@
libstrongswan_plugins = @libstrongswan_plugins@
linux_headers = @linux_headers@
localedir = @localedir@
@@ -253,9 +257,12 @@ xml_CFLAGS = @xml_CFLAGS@
xml_LIBS = @xml_LIBS@
INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
-plugin_LTLIBRARIES = libstrongswan-pem.la
-libstrongswan_pem_la_SOURCES = pem_plugin.h pem_plugin.c \
- pem_builder.c pem_builder.h
+@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-pem.la
+@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-pem.la
+libstrongswan_pem_la_SOURCES = \
+ pem_plugin.h pem_plugin.c \
+ pem_builder.c pem_builder.h \
+ pem_encoder.c pem_encoder.h
libstrongswan_pem_la_LDFLAGS = -module -avoid-version
all: all-am
@@ -292,6 +299,15 @@ $(top_srcdir)/configure: $(am__configure_deps)
$(ACLOCAL_M4): $(am__aclocal_m4_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(am__aclocal_m4_deps):
+
+clean-noinstLTLIBRARIES:
+ -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES)
+ @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES)
@$(NORMAL_INSTALL)
test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)"
@@ -324,7 +340,7 @@ clean-pluginLTLIBRARIES:
rm -f "$${dir}/so_locations"; \
done
libstrongswan-pem.la: $(libstrongswan_pem_la_OBJECTS) $(libstrongswan_pem_la_DEPENDENCIES)
- $(libstrongswan_pem_la_LINK) -rpath $(plugindir) $(libstrongswan_pem_la_OBJECTS) $(libstrongswan_pem_la_LIBADD) $(LIBS)
+ $(libstrongswan_pem_la_LINK) $(am_libstrongswan_pem_la_rpath) $(libstrongswan_pem_la_OBJECTS) $(libstrongswan_pem_la_LIBADD) $(LIBS)
mostlyclean-compile:
-rm -f *.$(OBJEXT)
@@ -333,6 +349,7 @@ distclean-compile:
-rm -f *.tab.c
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pem_builder.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pem_encoder.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pem_plugin.Plo@am__quote@
.c.o:
@@ -478,8 +495,8 @@ maintainer-clean-generic:
@echo "it deletes files that may require special tools to rebuild."
clean: clean-am
-clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \
- mostlyclean-am
+clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \
+ clean-pluginLTLIBRARIES mostlyclean-am
distclean: distclean-am
-rm -rf ./$(DEPDIR)
@@ -550,18 +567,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES
.MAKE: install-am install-strip
.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
- clean-libtool clean-pluginLTLIBRARIES ctags distclean \
- distclean-compile distclean-generic distclean-libtool \
- distclean-tags distdir dvi dvi-am html html-am info info-am \
- install install-am install-data install-data-am install-dvi \
- install-dvi-am install-exec install-exec-am install-html \
- install-html-am install-info install-info-am install-man \
- install-pdf install-pdf-am install-pluginLTLIBRARIES \
- install-ps install-ps-am install-strip installcheck \
- installcheck-am installdirs maintainer-clean \
- maintainer-clean-generic mostlyclean mostlyclean-compile \
- mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
- tags uninstall uninstall-am uninstall-pluginLTLIBRARIES
+ clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \
+ ctags distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-pdf install-pdf-am \
+ install-pluginLTLIBRARIES install-ps install-ps-am \
+ install-strip installcheck installcheck-am installdirs \
+ maintainer-clean maintainer-clean-generic mostlyclean \
+ mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
+ pdf pdf-am ps ps-am tags uninstall uninstall-am \
+ uninstall-pluginLTLIBRARIES
# Tell versions [3.59,3.63) of GNU make to not export all variables.
diff --git a/src/libstrongswan/plugins/pem/pem_builder.c b/src/libstrongswan/plugins/pem/pem_builder.c
index 2f285e9bc..65be9501b 100644
--- a/src/libstrongswan/plugins/pem/pem_builder.c
+++ b/src/libstrongswan/plugins/pem/pem_builder.c
@@ -73,7 +73,7 @@ static bool find_boundary(char* tag, chunk_t *line)
{
if (present("-----", line))
{
- DBG2(" -----%s %.*s-----", tag, (int)name.len, name.ptr);
+ DBG2(DBG_LIB, " -----%s %.*s-----", tag, (int)name.len, name.ptr);
return TRUE;
}
line->ptr++; line->len--; name.len++;
@@ -99,7 +99,7 @@ static status_t pem_decrypt(chunk_t *blob, encryption_algorithm_t alg,
hasher = lib->crypto->create_hasher(lib->crypto, HASH_MD5);
if (hasher == NULL)
{
- DBG1(" MD5 hash algorithm not available");
+ DBG1(DBG_LIB, " MD5 hash algorithm not available");
return NOT_SUPPORTED;
}
hash.len = hasher->get_hash_size(hasher);
@@ -121,7 +121,7 @@ static status_t pem_decrypt(chunk_t *blob, encryption_algorithm_t alg,
crypter = lib->crypto->create_crypter(lib->crypto, alg, key_size);
if (crypter == NULL)
{
- DBG1(" %N encryption algorithm not available",
+ DBG1(DBG_LIB, " %N encryption algorithm not available",
encryption_algorithm_names, alg);
return NOT_SUPPORTED;
}
@@ -131,7 +131,7 @@ static status_t pem_decrypt(chunk_t *blob, encryption_algorithm_t alg,
blob->len % iv.len)
{
crypter->destroy(crypter);
- DBG1(" data size is not multiple of block size");
+ DBG1(DBG_LIB, " data size is not multiple of block size");
return PARSE_ERROR;
}
crypter->decrypt(crypter, *blob, iv, &decrypted);
@@ -155,7 +155,7 @@ static status_t pem_decrypt(chunk_t *blob, encryption_algorithm_t alg,
{
if (*last_padding_pos != padding)
{
- DBG1(" invalid passphrase");
+ DBG1(DBG_LIB, " invalid passphrase");
return INVALID_ARG;
}
}
@@ -234,7 +234,7 @@ static status_t pem_to_bin(chunk_t *blob, chunk_t(*cb)(void*,int), void *cb_data
}
/* we are looking for a parameter: value pair */
- DBG2(" %.*s", (int)line.len, line.ptr);
+ DBG2(DBG_LIB, " %.*s", (int)line.len, line.ptr);
ugh = extract_parameter_value(&name, &value, &line);
if (ugh != NULL)
{
@@ -274,8 +274,8 @@ static status_t pem_to_bin(chunk_t *blob, chunk_t(*cb)(void*,int), void *cb_data
}
else
{
- DBG1(" encryption algorithm '%.*s' not supported",
- dek.len, dek.ptr);
+ DBG1(DBG_LIB, " encryption algorithm '%.*s'"
+ " not supported", dek.len, dek.ptr);
return NOT_SUPPORTED;
}
eat_whitespace(&value);
@@ -298,7 +298,8 @@ static status_t pem_to_bin(chunk_t *blob, chunk_t(*cb)(void*,int), void *cb_data
*pgp = TRUE;
data.ptr++;
data.len--;
- DBG2(" armor checksum: %.*s", (int)data.len, data.ptr);
+ DBG2(DBG_LIB, " armor checksum: %.*s", (int)data.len,
+ data.ptr);
continue;
}
@@ -318,7 +319,7 @@ static status_t pem_to_bin(chunk_t *blob, chunk_t(*cb)(void*,int), void *cb_data
if (state != PEM_POST)
{
- DBG1(" file coded in unknown format, discarded");
+ DBG1(DBG_LIB, " file coded in unknown format, discarded");
return PARSE_ERROR;
}
if (!encrypted)
@@ -327,7 +328,7 @@ static status_t pem_to_bin(chunk_t *blob, chunk_t(*cb)(void*,int), void *cb_data
}
if (!cb)
{
- DBG1(" missing passphrase");
+ DBG1(DBG_LIB, " missing passphrase");
return INVALID_ARG;
}
while (TRUE)
@@ -404,13 +405,14 @@ static void *load_from_file(char *file, credential_type_t type, int subtype,
fd = open(file, O_RDONLY);
if (fd == -1)
{
- DBG1(" opening '%s' failed: %s", file, strerror(errno));
+ DBG1(DBG_LIB, " opening '%s' failed: %s", file, strerror(errno));
return NULL;
}
if (fstat(fd, &sb) == -1)
{
- DBG1(" getting file size of '%s' failed: %s", file, strerror(errno));
+ DBG1(DBG_LIB, " getting file size of '%s' failed: %s", file,
+ strerror(errno));
close(fd);
return NULL;
}
@@ -418,7 +420,7 @@ static void *load_from_file(char *file, credential_type_t type, int subtype,
addr = mmap(NULL, sb.st_size, PROT_READ, MAP_PRIVATE, fd, 0);
if (addr == MAP_FAILED)
{
- DBG1(" mapping '%s' failed: %s", file, strerror(errno));
+ DBG1(DBG_LIB, " mapping '%s' failed: %s", file, strerror(errno));
close(fd);
return NULL;
}
@@ -447,7 +449,8 @@ static void *load_from_fd(int fd, credential_type_t type, int subtype,
len = read(fd, pos, buf + sizeof(buf) - pos);
if (len < 0)
{
- DBG1("reading from file descriptor failed: %s", strerror(errno));
+ DBG1(DBG_LIB, "reading from file descriptor failed: %s",
+ strerror(errno));
return NULL;
}
if (len == 0)
@@ -457,7 +460,7 @@ static void *load_from_fd(int fd, credential_type_t type, int subtype,
total += len;
if (total == sizeof(buf))
{
- DBG1("buffer too small to read from file descriptor");
+ DBG1(DBG_LIB, "buffer too small to read from file descriptor");
return NULL;
}
}
diff --git a/src/libstrongswan/plugins/pem/pem_builder.h b/src/libstrongswan/plugins/pem/pem_builder.h
index 189a5430f..87f5a2c69 100644
--- a/src/libstrongswan/plugins/pem/pem_builder.h
+++ b/src/libstrongswan/plugins/pem/pem_builder.h
@@ -18,8 +18,8 @@
* @{ @ingroup pem_p
*/
-#ifndef PEM_PRIVATE_KEY_H_
-#define PEM_PRIVATE_KEY_H_
+#ifndef PEM_BUILDER_H_
+#define PEM_BUILDER_H_
#include <credentials/builder.h>
#include <credentials/credential_factory.h>
@@ -53,5 +53,5 @@ public_key_t *pem_public_key_load(key_type_t type, va_list args);
*/
certificate_t *pem_certificate_load(certificate_type_t type, va_list args);
-#endif /** PEM_PRIVATE_KEY_H_ @}*/
+#endif /** PEM_BUILDER_H_ @}*/
diff --git a/src/libstrongswan/plugins/pem/pem_encoder.c b/src/libstrongswan/plugins/pem/pem_encoder.c
new file mode 100644
index 000000000..13c99a958
--- /dev/null
+++ b/src/libstrongswan/plugins/pem/pem_encoder.c
@@ -0,0 +1,138 @@
+/*
+ * Copyright (C) 2010 Andreas Steffen
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "pem_encoder.h"
+
+#define BYTES_PER_LINE 48
+
+/**
+ * See header.
+ */
+bool pem_encoder_encode(key_encoding_type_t type, chunk_t *encoding,
+ va_list args)
+{
+ chunk_t asn1;
+ char *label;
+ u_char *pos;
+ size_t len, written, pem_chars, pem_lines;
+ chunk_t n, e, d, p, q, exp1, exp2, coeff, to_free = chunk_empty;
+
+ switch (type)
+ {
+ case KEY_PUB_PEM:
+ label ="PUBLIC KEY";
+ /* direct PKCS#1 PEM encoding */
+ if (key_encoding_args(args, KEY_PART_RSA_PUB_ASN1_DER,
+ &asn1, KEY_PART_END) ||
+ key_encoding_args(args, KEY_PART_ECDSA_PUB_ASN1_DER,
+ &asn1, KEY_PART_END))
+ {
+ break;
+ }
+ /* indirect PEM encoding from components */
+ if (key_encoding_args(args, KEY_PART_RSA_MODULUS, &n,
+ KEY_PART_RSA_PUB_EXP, &e, KEY_PART_END))
+ {
+ if (lib->encoding->encode(lib->encoding, KEY_PUB_SPKI_ASN1_DER,
+ NULL, &asn1, KEY_PART_RSA_MODULUS, n,
+ KEY_PART_RSA_PUB_EXP, e, KEY_PART_END))
+ {
+ to_free = asn1;
+ break;
+ }
+ }
+ return FALSE;
+ case KEY_PRIV_PEM:
+ label ="RSA PRIVATE KEY";
+ /* direct PKCS#1 PEM encoding */
+ if (key_encoding_args(args, KEY_PART_RSA_PRIV_ASN1_DER,
+ &asn1, KEY_PART_END))
+ {
+ break;
+ }
+ /* indirect PEM encoding from components */
+ if (key_encoding_args(args, KEY_PART_RSA_MODULUS, &n,
+ KEY_PART_RSA_PUB_EXP, &e, KEY_PART_RSA_PRIV_EXP, &d,
+ KEY_PART_RSA_PRIME1, &p, KEY_PART_RSA_PRIME2, &q,
+ KEY_PART_RSA_EXP1, &exp1, KEY_PART_RSA_EXP2, &exp2,
+ KEY_PART_RSA_COEFF, &coeff, KEY_PART_END))
+ {
+ if (lib->encoding->encode(lib->encoding, KEY_PRIV_ASN1_DER, NULL,
+ &asn1, KEY_PART_RSA_MODULUS, n,
+ KEY_PART_RSA_PUB_EXP, e, KEY_PART_RSA_PRIV_EXP, d,
+ KEY_PART_RSA_PRIME1, p, KEY_PART_RSA_PRIME2, q,
+ KEY_PART_RSA_EXP1, exp1, KEY_PART_RSA_EXP2, exp2,
+ KEY_PART_RSA_COEFF, coeff, KEY_PART_END))
+ {
+ to_free = asn1;
+ break;
+ }
+ }
+ if (key_encoding_args(args, KEY_PART_ECDSA_PRIV_ASN1_DER,
+ &asn1, KEY_PART_END))
+ {
+ label ="EC PRIVATE KEY";
+ break;
+ }
+ return FALSE;
+ default:
+ return FALSE;
+ }
+
+ /* compute and allocate maximum size of PEM object */
+ pem_chars = 4*(asn1.len + 2)/3;
+ pem_lines = (asn1.len + BYTES_PER_LINE - 1) / BYTES_PER_LINE;
+ *encoding = chunk_alloc(5 + 2*(6 + strlen(label) + 6) + 3 + pem_chars + pem_lines);
+ pos = encoding->ptr;
+ len = encoding->len;
+
+ /* write PEM header */
+ written = snprintf(pos, len, "-----BEGIN %s-----\n", label);
+ pos += written;
+ len -= written;
+
+ /* write PEM body */
+ while (pem_lines--)
+ {
+ chunk_t asn1_line, pem_line;
+
+ asn1_line = chunk_create(asn1.ptr, min(asn1.len, BYTES_PER_LINE));
+ asn1.ptr += asn1_line.len;
+ asn1.len -= asn1_line.len;
+ pem_line = chunk_to_base64(asn1_line, pos);
+ pos += pem_line.len;
+ len -= pem_line.len;
+ *pos = '\n';
+ pos++;
+ len--;
+ }
+
+ chunk_clear(&to_free);
+
+ /* write PEM trailer */
+ written = snprintf(pos, len, "-----END %s-----", label);
+ pos += written;
+ len -= written;
+
+ /* replace termination null character with newline */
+ *pos = '\n';
+ pos++;
+ len--;
+
+ /* compute effective length of PEM object */
+ encoding->len = pos - encoding->ptr;
+ return TRUE;
+}
+
diff --git a/src/libstrongswan/plugins/attr_sql/attr_sql_plugin.h b/src/libstrongswan/plugins/pem/pem_encoder.h
index 3a60ea0d2..a181133b7 100644
--- a/src/libstrongswan/plugins/attr_sql/attr_sql_plugin.h
+++ b/src/libstrongswan/plugins/pem/pem_encoder.h
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2008 Martin Willi
+ * Copyright (C) 2010 Andreas Steffen
* Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
@@ -14,34 +14,20 @@
*/
/**
- * @defgroup attr_sql attr_sql
- * @ingroup plugins
- *
- * @defgroup sql_plugin sql_plugin
- * @{ @ingroup attr_sql
+ * @defgroup pem_encoder pem_encoder
+ * @{ @ingroup pem_p
*/
-#ifndef ATTR_SQL_PLUGIN_H_
-#define ATTR_SQL_PLUGIN_H_
-
-#include <plugins/plugin.h>
+#ifndef PEM_ENCODER_H_
+#define PEM_ENCODER_H_
-typedef struct attr_sql_plugin_t attr_sql_plugin_t;
+#include <credentials/keys/key_encoding.h>
/**
- * SQL database attribute configuration plugin
+ * Encoding from ASN.1 to PEM format.
*/
-struct attr_sql_plugin_t {
-
- /**
- * implements plugin interface
- */
- plugin_t plugin;
-};
+bool pem_encoder_encode(key_encoding_type_t type, chunk_t *encoding,
+ va_list args);
-/**
- * Create a sql_plugin instance.
- */
-plugin_t *plugin_create();
+#endif /** PEM_ENCODER_H_ @}*/
-#endif /** ATTR_SQL_PLUGIN_H_ @}*/
diff --git a/src/libstrongswan/plugins/pem/pem_plugin.c b/src/libstrongswan/plugins/pem/pem_plugin.c
index 5a5149ca8..810901b7a 100644
--- a/src/libstrongswan/plugins/pem/pem_plugin.c
+++ b/src/libstrongswan/plugins/pem/pem_plugin.c
@@ -16,7 +16,9 @@
#include "pem_plugin.h"
#include <library.h>
+
#include "pem_builder.h"
+#include "pem_encoder.h"
typedef struct private_pem_plugin_t private_pem_plugin_t;
@@ -48,7 +50,7 @@ static void destroy(private_pem_plugin_t *this)
/*
* see header file
*/
-plugin_t *plugin_create()
+plugin_t *pem_plugin_create()
{
private_pem_plugin_t *this = malloc_thing(private_pem_plugin_t);
@@ -100,6 +102,9 @@ plugin_t *plugin_create()
lib->creds->add_builder(lib->creds, CRED_CERTIFICATE, CERT_PLUTO_CRL,
(builder_function_t)pem_certificate_load);
+ /* register PEM encoder */
+ lib->encoding->add_encoder(lib->encoding, pem_encoder_encode);
+
return &this->public.plugin;
}
diff --git a/src/libstrongswan/plugins/pem/pem_plugin.h b/src/libstrongswan/plugins/pem/pem_plugin.h
index 75616c496..944a3fc85 100644
--- a/src/libstrongswan/plugins/pem/pem_plugin.h
+++ b/src/libstrongswan/plugins/pem/pem_plugin.h
@@ -39,9 +39,4 @@ struct pem_plugin_t {
plugin_t plugin;
};
-/**
- * Create a pem_plugin instance.
- */
-plugin_t *plugin_create();
-
#endif /** PEM_PLUGIN_H_ @}*/
diff --git a/src/libstrongswan/plugins/pgp/Makefile.am b/src/libstrongswan/plugins/pgp/Makefile.am
index c232971bb..4b414616d 100644
--- a/src/libstrongswan/plugins/pgp/Makefile.am
+++ b/src/libstrongswan/plugins/pgp/Makefile.am
@@ -3,13 +3,17 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
+if MONOLITHIC
+noinst_LTLIBRARIES = libstrongswan-pgp.la
+else
plugin_LTLIBRARIES = libstrongswan-pgp.la
+endif
-libstrongswan_pgp_la_SOURCES = pgp_plugin.h pgp_plugin.c \
- pgp_utils.h pgp_utils.c \
- pgp_cert.h pgp_cert.c \
- pgp_encoder.h pgp_encoder.c \
- pgp_builder.h pgp_builder.c
+libstrongswan_pgp_la_SOURCES = \
+ pgp_plugin.h pgp_plugin.c \
+ pgp_utils.h pgp_utils.c \
+ pgp_cert.h pgp_cert.c \
+ pgp_encoder.h pgp_encoder.c \
+ pgp_builder.h pgp_builder.c
libstrongswan_pgp_la_LDFLAGS = -module -avoid-version
-
diff --git a/src/libstrongswan/plugins/pgp/Makefile.in b/src/libstrongswan/plugins/pgp/Makefile.in
index 70840c400..5d487364f 100644
--- a/src/libstrongswan/plugins/pgp/Makefile.in
+++ b/src/libstrongswan/plugins/pgp/Makefile.in
@@ -72,7 +72,7 @@ am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
am__installdirs = "$(DESTDIR)$(plugindir)"
-LTLIBRARIES = $(plugin_LTLIBRARIES)
+LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_pgp_la_LIBADD =
am_libstrongswan_pgp_la_OBJECTS = pgp_plugin.lo pgp_utils.lo \
pgp_cert.lo pgp_encoder.lo pgp_builder.lo
@@ -80,6 +80,8 @@ libstrongswan_pgp_la_OBJECTS = $(am_libstrongswan_pgp_la_OBJECTS)
libstrongswan_pgp_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
$(libstrongswan_pgp_la_LDFLAGS) $(LDFLAGS) -o $@
+@MONOLITHIC_FALSE@am_libstrongswan_pgp_la_rpath = -rpath $(plugindir)
+@MONOLITHIC_TRUE@am_libstrongswan_pgp_la_rpath =
DEFAULT_INCLUDES = -I.@am__isrc@
depcomp = $(SHELL) $(top_srcdir)/depcomp
am__depfiles_maybe = depfiles
@@ -218,6 +220,7 @@ ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
+libhydra_plugins = @libhydra_plugins@
libstrongswan_plugins = @libstrongswan_plugins@
linux_headers = @linux_headers@
localedir = @localedir@
@@ -254,12 +257,14 @@ xml_CFLAGS = @xml_CFLAGS@
xml_LIBS = @xml_LIBS@
INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
-plugin_LTLIBRARIES = libstrongswan-pgp.la
-libstrongswan_pgp_la_SOURCES = pgp_plugin.h pgp_plugin.c \
- pgp_utils.h pgp_utils.c \
- pgp_cert.h pgp_cert.c \
- pgp_encoder.h pgp_encoder.c \
- pgp_builder.h pgp_builder.c
+@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-pgp.la
+@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-pgp.la
+libstrongswan_pgp_la_SOURCES = \
+ pgp_plugin.h pgp_plugin.c \
+ pgp_utils.h pgp_utils.c \
+ pgp_cert.h pgp_cert.c \
+ pgp_encoder.h pgp_encoder.c \
+ pgp_builder.h pgp_builder.c
libstrongswan_pgp_la_LDFLAGS = -module -avoid-version
all: all-am
@@ -296,6 +301,15 @@ $(top_srcdir)/configure: $(am__configure_deps)
$(ACLOCAL_M4): $(am__aclocal_m4_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(am__aclocal_m4_deps):
+
+clean-noinstLTLIBRARIES:
+ -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES)
+ @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES)
@$(NORMAL_INSTALL)
test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)"
@@ -328,7 +342,7 @@ clean-pluginLTLIBRARIES:
rm -f "$${dir}/so_locations"; \
done
libstrongswan-pgp.la: $(libstrongswan_pgp_la_OBJECTS) $(libstrongswan_pgp_la_DEPENDENCIES)
- $(libstrongswan_pgp_la_LINK) -rpath $(plugindir) $(libstrongswan_pgp_la_OBJECTS) $(libstrongswan_pgp_la_LIBADD) $(LIBS)
+ $(libstrongswan_pgp_la_LINK) $(am_libstrongswan_pgp_la_rpath) $(libstrongswan_pgp_la_OBJECTS) $(libstrongswan_pgp_la_LIBADD) $(LIBS)
mostlyclean-compile:
-rm -f *.$(OBJEXT)
@@ -485,8 +499,8 @@ maintainer-clean-generic:
@echo "it deletes files that may require special tools to rebuild."
clean: clean-am
-clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \
- mostlyclean-am
+clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \
+ clean-pluginLTLIBRARIES mostlyclean-am
distclean: distclean-am
-rm -rf ./$(DEPDIR)
@@ -557,18 +571,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES
.MAKE: install-am install-strip
.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
- clean-libtool clean-pluginLTLIBRARIES ctags distclean \
- distclean-compile distclean-generic distclean-libtool \
- distclean-tags distdir dvi dvi-am html html-am info info-am \
- install install-am install-data install-data-am install-dvi \
- install-dvi-am install-exec install-exec-am install-html \
- install-html-am install-info install-info-am install-man \
- install-pdf install-pdf-am install-pluginLTLIBRARIES \
- install-ps install-ps-am install-strip installcheck \
- installcheck-am installdirs maintainer-clean \
- maintainer-clean-generic mostlyclean mostlyclean-compile \
- mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
- tags uninstall uninstall-am uninstall-pluginLTLIBRARIES
+ clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \
+ ctags distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-pdf install-pdf-am \
+ install-pluginLTLIBRARIES install-ps install-ps-am \
+ install-strip installcheck installcheck-am installdirs \
+ maintainer-clean maintainer-clean-generic mostlyclean \
+ mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
+ pdf pdf-am ps ps-am tags uninstall uninstall-am \
+ uninstall-pluginLTLIBRARIES
# Tell versions [3.59,3.63) of GNU make to not export all variables.
diff --git a/src/libstrongswan/plugins/pgp/pgp_builder.c b/src/libstrongswan/plugins/pgp/pgp_builder.c
index d262d18ff..84c9bfddd 100644
--- a/src/libstrongswan/plugins/pgp/pgp_builder.c
+++ b/src/libstrongswan/plugins/pgp/pgp_builder.c
@@ -41,7 +41,7 @@ static public_key_t *parse_public_key(chunk_t blob)
BUILD_BLOB_PGP, blob, BUILD_END);
break;
default:
- DBG1("PGP public key algorithm %N not supported",
+ DBG1(DBG_LIB, "PGP public key algorithm %N not supported",
pgp_pubkey_alg_names, alg);
return NULL;
}
@@ -90,12 +90,13 @@ static private_key_t *parse_rsa_private_key(chunk_t blob)
}
if (s2k == 255 || s2k == 254)
{
- DBG1("string-to-key specifiers not supported");
+ DBG1(DBG_LIB, "string-to-key specifiers not supported");
return NULL;
}
if (s2k != PGP_SYM_ALG_PLAIN)
{
- DBG1("%N private key encryption not supported", pgp_sym_alg_names, s2k);
+ DBG1(DBG_LIB, "%N private key encryption not supported",
+ pgp_sym_alg_names, s2k);
return NULL;
}
@@ -121,7 +122,7 @@ static private_key_t *parse_rsa_private_key(chunk_t blob)
static bool sign_not_allowed(private_key_t *this, signature_scheme_t scheme,
chunk_t data, chunk_t *signature)
{
- DBG1("signing failed - decryption only key");
+ DBG1(DBG_LIB, "signing failed - decryption only key");
return FALSE;
}
@@ -131,7 +132,7 @@ static bool sign_not_allowed(private_key_t *this, signature_scheme_t scheme,
static bool decrypt_not_allowed(private_key_t *this,
chunk_t crypto, chunk_t *plain)
{
- DBG1("decryption failed - signature only key");
+ DBG1(DBG_LIB, "decryption failed - signature only key");
return FALSE;
}
@@ -164,7 +165,7 @@ static private_key_t *parse_private_key(chunk_t blob)
case 4:
break;
default:
- DBG1("PGP packet version V%d not supported", version);
+ DBG1(DBG_LIB, "PGP packet version V%d not supported", version);
return FALSE;
}
if (!pgp_read_scalar(&packet, 4, &created))
diff --git a/src/libstrongswan/plugins/pgp/pgp_cert.c b/src/libstrongswan/plugins/pgp/pgp_cert.c
index fa2612285..cd04f3d1a 100644
--- a/src/libstrongswan/plugins/pgp/pgp_cert.c
+++ b/src/libstrongswan/plugins/pgp/pgp_cert.c
@@ -198,9 +198,9 @@ static bool is_newer(certificate_t *this, certificate_t *that)
this->get_validity(this, &now, &this_update, NULL);
that->get_validity(that, &now, &that_update, NULL);
new = this_update > that_update;
- DBG1(" certificate from %T is %s - existing certificate from %T %s",
- &this_update, FALSE, new ? "newer":"not newer",
- &that_update, FALSE, new ? "replaced":"retained");
+ DBG1(DBG_LIB, " certificate from %T is %s - existing certificate"
+ " from %T %s", &this_update, FALSE, new ? "newer" : "not newer",
+ &that_update, FALSE, new ? "replaced" : "retained");
return new;
}
@@ -322,16 +322,18 @@ static bool parse_public_key(private_pgp_cert_t *this, chunk_t packet)
}
break;
default:
- DBG1("PGP packet version V%d not supported", this->version);
+ DBG1(DBG_LIB, "PGP packet version V%d not supported",
+ this->version);
return FALSE;
}
if (this->valid)
{
- DBG2("L2 - created %T, valid %d days", &this->created, FALSE, this->valid);
+ DBG2(DBG_LIB, "L2 - created %T, valid %d days", &this->created, FALSE,
+ this->valid);
}
else
{
- DBG2("L2 - created %T, never expires", &this->created, FALSE);
+ DBG2(DBG_LIB, "L2 - created %T, never expires", &this->created, FALSE);
}
DESTROY_IF(this->key);
this->key = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_ANY,
@@ -352,13 +354,13 @@ static bool parse_public_key(private_pgp_cert_t *this, chunk_t packet)
hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
if (hasher == NULL)
{
- DBG1("no SHA-1 hasher available");
+ DBG1(DBG_LIB, "no SHA-1 hasher available");
return FALSE;
}
hasher->allocate_hash(hasher, pubkey_packet_header, NULL);
hasher->allocate_hash(hasher, pubkey_packet, &this->fingerprint);
hasher->destroy(hasher);
- DBG2("L2 - v4 fingerprint %#B", &this->fingerprint);
+ DBG2(DBG_LIB, "L2 - v4 fingerprint %#B", &this->fingerprint);
}
else
{
@@ -369,7 +371,7 @@ static bool parse_public_key(private_pgp_cert_t *this, chunk_t packet)
return FALSE;
}
this->fingerprint = chunk_clone(this->fingerprint);
- DBG2("L2 - v3 fingerprint %#B", &this->fingerprint);
+ DBG2(DBG_LIB, "L2 - v3 fingerprint %#B", &this->fingerprint);
}
return TRUE;
}
@@ -389,7 +391,7 @@ static bool parse_signature(private_pgp_cert_t *this, chunk_t packet)
/* we parse only v3 or v4 signature packets */
if (version != 3 && version != 4)
{
- DBG2("L2 - v%d signature ignored", version);
+ DBG2(DBG_LIB, "L2 - v%d signature ignored", version);
return TRUE;
}
if (version == 4)
@@ -398,7 +400,7 @@ static bool parse_signature(private_pgp_cert_t *this, chunk_t packet)
{
return FALSE;
}
- DBG2("L2 - v%d signature of type 0x%02x", version, type);
+ DBG2(DBG_LIB, "L2 - v%d signature of type 0x%02x", version, type);
}
else
{
@@ -411,8 +413,8 @@ static bool parse_signature(private_pgp_cert_t *this, chunk_t packet)
{
return FALSE;
}
- DBG2("L2 - v3 signature of type 0x%02x, created %T", type,
- &created, FALSE);
+ DBG2(DBG_LIB, "L2 - v3 signature of type 0x%02x, created %T", type,
+ &created, FALSE);
}
/* TODO: parse and save signature to a list */
return TRUE;
@@ -425,7 +427,7 @@ static bool parse_user_id(private_pgp_cert_t *this, chunk_t packet)
{
DESTROY_IF(this->user_id);
this->user_id = identification_create_from_encoding(ID_KEY_ID, packet);
- DBG2("L2 - '%Y'", this->user_id);
+ DBG2(DBG_LIB, "L2 - '%Y'", this->user_id);
return TRUE;
}
@@ -486,7 +488,7 @@ pgp_cert_t *pgp_cert_load(certificate_type_t type, va_list args)
}
break;
default:
- DBG1("ignoring %N packet in PGP certificate",
+ DBG1(DBG_LIB, "ignoring %N packet in PGP certificate",
pgp_packet_tag_names, tag);
break;
}
diff --git a/src/libstrongswan/plugins/pgp/pgp_encoder.c b/src/libstrongswan/plugins/pgp/pgp_encoder.c
index 56acac597..d5c3df590 100644
--- a/src/libstrongswan/plugins/pgp/pgp_encoder.c
+++ b/src/libstrongswan/plugins/pgp/pgp_encoder.c
@@ -31,7 +31,8 @@ static bool build_v3_fingerprint(chunk_t *encoding, va_list args)
hasher = lib->crypto->create_hasher(lib->crypto, HASH_MD5);
if (!hasher)
{
- DBG1("MD5 hash algorithm not supported, PGP fingerprinting failed");
+ DBG1(DBG_LIB, "MD5 hash algorithm not supported, PGP"
+ " fingerprinting failed");
return FALSE;
}
/* remove leading zero bytes before hashing modulus and exponent */
diff --git a/src/libstrongswan/plugins/pgp/pgp_plugin.c b/src/libstrongswan/plugins/pgp/pgp_plugin.c
index eabb3695f..3ed1faf01 100644
--- a/src/libstrongswan/plugins/pgp/pgp_plugin.c
+++ b/src/libstrongswan/plugins/pgp/pgp_plugin.c
@@ -54,7 +54,7 @@ static void destroy(private_pgp_plugin_t *this)
/*
* see header file
*/
-plugin_t *plugin_create()
+plugin_t *pgp_plugin_create()
{
private_pgp_plugin_t *this = malloc_thing(private_pgp_plugin_t);
diff --git a/src/libstrongswan/plugins/pgp/pgp_plugin.h b/src/libstrongswan/plugins/pgp/pgp_plugin.h
index 95765cd76..8a0ab89d6 100644
--- a/src/libstrongswan/plugins/pgp/pgp_plugin.h
+++ b/src/libstrongswan/plugins/pgp/pgp_plugin.h
@@ -39,9 +39,4 @@ struct pgp_plugin_t {
plugin_t plugin;
};
-/**
- * Create a pgp_plugin instance.
- */
-plugin_t *plugin_create();
-
#endif /** PGP_PLUGIN_H_ @}*/
diff --git a/src/libstrongswan/plugins/pgp/pgp_utils.c b/src/libstrongswan/plugins/pgp/pgp_utils.c
index 1658f3232..2d85cc0c8 100644
--- a/src/libstrongswan/plugins/pgp/pgp_utils.c
+++ b/src/libstrongswan/plugins/pgp/pgp_utils.c
@@ -79,7 +79,7 @@ bool pgp_read_scalar(chunk_t *blob, size_t bytes, u_int32_t *scalar)
if (bytes > blob->len)
{
- DBG1("PGP data too short to read %d byte scalar", bytes);
+ DBG1(DBG_LIB, "PGP data too short to read %d byte scalar", bytes);
return FALSE;
}
while (bytes-- > 0)
@@ -100,13 +100,13 @@ bool pgp_read_mpi(chunk_t *blob, chunk_t *mpi)
if (!pgp_read_scalar(blob, 2, &bits))
{
- DBG1("PGP data too short to read MPI length");
+ DBG1(DBG_LIB, "PGP data too short to read MPI length");
return FALSE;
}
bytes = (bits + 7) / 8;
if (bytes > blob->len)
{
- DBG1("PGP data too short to read %d byte MPI", bytes);
+ DBG1(DBG_LIB, "PGP data too short to read %d byte MPI", bytes);
return FALSE;
}
*mpi = chunk_create(blob->ptr, bytes);
@@ -146,7 +146,7 @@ bool pgp_read_packet(chunk_t *blob, chunk_t *data, pgp_packet_tag_t *tag)
if (!blob->len)
{
- DBG1("missing input");
+ DBG1(DBG_LIB, "missing input");
return FALSE;
}
t = blob->ptr[0];
@@ -154,27 +154,27 @@ bool pgp_read_packet(chunk_t *blob, chunk_t *data, pgp_packet_tag_t *tag)
/* bit 7 must be set */
if (!(t & 0x80))
{
- DBG1("invalid packet tag");
+ DBG1(DBG_LIB, "invalid packet tag");
return FALSE;
}
/* bit 6 set defines new packet format */
if (t & 0x40)
{
- DBG1("new PGP packet format not supported");
+ DBG1(DBG_LIB, "new PGP packet format not supported");
return FALSE;
}
t = (t & 0x3C) >> 2;
if (!pgp_old_packet_length(blob, &len) || len > blob->len)
{
- DBG1("invalid packet length");
+ DBG1(DBG_LIB, "invalid packet length");
return FALSE;
}
*data = chunk_create(blob->ptr, len);
*blob = chunk_skip(*blob, len);
*tag = t;
- DBG2("L1 - PGP %N (%u bytes)", pgp_packet_tag_names, t, len);
- DBG3("%B", data);
+ DBG2(DBG_LIB, "L1 - PGP %N (%u bytes)", pgp_packet_tag_names, t, len);
+ DBG3(DBG_LIB, "%B", data);
return TRUE;
}
diff --git a/src/libstrongswan/plugins/pkcs1/Makefile.am b/src/libstrongswan/plugins/pkcs1/Makefile.am
index 88d25a26b..bd3203dae 100644
--- a/src/libstrongswan/plugins/pkcs1/Makefile.am
+++ b/src/libstrongswan/plugins/pkcs1/Makefile.am
@@ -3,11 +3,15 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
+if MONOLITHIC
+noinst_LTLIBRARIES = libstrongswan-pkcs1.la
+else
plugin_LTLIBRARIES = libstrongswan-pkcs1.la
+endif
-libstrongswan_pkcs1_la_SOURCES = pkcs1_plugin.h pkcs1_plugin.c \
- pkcs1_encoder.h pkcs1_encoder.c \
- pkcs1_builder.h pkcs1_builder.c
+libstrongswan_pkcs1_la_SOURCES = \
+ pkcs1_plugin.h pkcs1_plugin.c \
+ pkcs1_encoder.h pkcs1_encoder.c \
+ pkcs1_builder.h pkcs1_builder.c
libstrongswan_pkcs1_la_LDFLAGS = -module -avoid-version
-
diff --git a/src/libstrongswan/plugins/pkcs1/Makefile.in b/src/libstrongswan/plugins/pkcs1/Makefile.in
index 4439cd60f..3fdcd0590 100644
--- a/src/libstrongswan/plugins/pkcs1/Makefile.in
+++ b/src/libstrongswan/plugins/pkcs1/Makefile.in
@@ -72,7 +72,7 @@ am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
am__installdirs = "$(DESTDIR)$(plugindir)"
-LTLIBRARIES = $(plugin_LTLIBRARIES)
+LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_pkcs1_la_LIBADD =
am_libstrongswan_pkcs1_la_OBJECTS = pkcs1_plugin.lo pkcs1_encoder.lo \
pkcs1_builder.lo
@@ -80,6 +80,9 @@ libstrongswan_pkcs1_la_OBJECTS = $(am_libstrongswan_pkcs1_la_OBJECTS)
libstrongswan_pkcs1_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
$(libstrongswan_pkcs1_la_LDFLAGS) $(LDFLAGS) -o $@
+@MONOLITHIC_FALSE@am_libstrongswan_pkcs1_la_rpath = -rpath \
+@MONOLITHIC_FALSE@ $(plugindir)
+@MONOLITHIC_TRUE@am_libstrongswan_pkcs1_la_rpath =
DEFAULT_INCLUDES = -I.@am__isrc@
depcomp = $(SHELL) $(top_srcdir)/depcomp
am__depfiles_maybe = depfiles
@@ -218,6 +221,7 @@ ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
+libhydra_plugins = @libhydra_plugins@
libstrongswan_plugins = @libstrongswan_plugins@
linux_headers = @linux_headers@
localedir = @localedir@
@@ -254,10 +258,12 @@ xml_CFLAGS = @xml_CFLAGS@
xml_LIBS = @xml_LIBS@
INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
-plugin_LTLIBRARIES = libstrongswan-pkcs1.la
-libstrongswan_pkcs1_la_SOURCES = pkcs1_plugin.h pkcs1_plugin.c \
- pkcs1_encoder.h pkcs1_encoder.c \
- pkcs1_builder.h pkcs1_builder.c
+@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-pkcs1.la
+@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-pkcs1.la
+libstrongswan_pkcs1_la_SOURCES = \
+ pkcs1_plugin.h pkcs1_plugin.c \
+ pkcs1_encoder.h pkcs1_encoder.c \
+ pkcs1_builder.h pkcs1_builder.c
libstrongswan_pkcs1_la_LDFLAGS = -module -avoid-version
all: all-am
@@ -294,6 +300,15 @@ $(top_srcdir)/configure: $(am__configure_deps)
$(ACLOCAL_M4): $(am__aclocal_m4_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(am__aclocal_m4_deps):
+
+clean-noinstLTLIBRARIES:
+ -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES)
+ @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES)
@$(NORMAL_INSTALL)
test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)"
@@ -326,7 +341,7 @@ clean-pluginLTLIBRARIES:
rm -f "$${dir}/so_locations"; \
done
libstrongswan-pkcs1.la: $(libstrongswan_pkcs1_la_OBJECTS) $(libstrongswan_pkcs1_la_DEPENDENCIES)
- $(libstrongswan_pkcs1_la_LINK) -rpath $(plugindir) $(libstrongswan_pkcs1_la_OBJECTS) $(libstrongswan_pkcs1_la_LIBADD) $(LIBS)
+ $(libstrongswan_pkcs1_la_LINK) $(am_libstrongswan_pkcs1_la_rpath) $(libstrongswan_pkcs1_la_OBJECTS) $(libstrongswan_pkcs1_la_LIBADD) $(LIBS)
mostlyclean-compile:
-rm -f *.$(OBJEXT)
@@ -481,8 +496,8 @@ maintainer-clean-generic:
@echo "it deletes files that may require special tools to rebuild."
clean: clean-am
-clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \
- mostlyclean-am
+clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \
+ clean-pluginLTLIBRARIES mostlyclean-am
distclean: distclean-am
-rm -rf ./$(DEPDIR)
@@ -553,18 +568,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES
.MAKE: install-am install-strip
.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
- clean-libtool clean-pluginLTLIBRARIES ctags distclean \
- distclean-compile distclean-generic distclean-libtool \
- distclean-tags distdir dvi dvi-am html html-am info info-am \
- install install-am install-data install-data-am install-dvi \
- install-dvi-am install-exec install-exec-am install-html \
- install-html-am install-info install-info-am install-man \
- install-pdf install-pdf-am install-pluginLTLIBRARIES \
- install-ps install-ps-am install-strip installcheck \
- installcheck-am installdirs maintainer-clean \
- maintainer-clean-generic mostlyclean mostlyclean-compile \
- mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
- tags uninstall uninstall-am uninstall-pluginLTLIBRARIES
+ clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \
+ ctags distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-pdf install-pdf-am \
+ install-pluginLTLIBRARIES install-ps install-ps-am \
+ install-strip installcheck installcheck-am installdirs \
+ maintainer-clean maintainer-clean-generic mostlyclean \
+ mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
+ pdf pdf-am ps ps-am tags uninstall uninstall-am \
+ uninstall-pluginLTLIBRARIES
# Tell versions [3.59,3.63) of GNU make to not export all variables.
diff --git a/src/libstrongswan/plugins/pkcs1/pkcs1_builder.c b/src/libstrongswan/plugins/pkcs1/pkcs1_builder.c
index fbd35e830..88c848899 100644
--- a/src/libstrongswan/plugins/pkcs1/pkcs1_builder.c
+++ b/src/libstrongswan/plugins/pkcs1/pkcs1_builder.c
@@ -81,10 +81,10 @@ static public_key_t *parse_public_key(chunk_t blob)
/* skip initial bit string octet defining 0 unused bits */
object = chunk_skip(object, 1);
}
- DBG2("-- > --");
+ DBG2(DBG_LIB, "-- > --");
key = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, type,
BUILD_BLOB_ASN1_DER, object, BUILD_END);
- DBG2("-- < --");
+ DBG2(DBG_LIB, "-- < --");
break;
}
}
@@ -197,7 +197,7 @@ static private_key_t *parse_rsa_private_key(chunk_t blob)
case PRIV_KEY_VERSION:
if (object.len > 0 && *object.ptr != 0)
{
- DBG1("PKCS#1 private key format is not version 1");
+ DBG1(DBG_LIB, "PKCS#1 private key format is not version 1");
goto end;
}
break;
diff --git a/src/libstrongswan/plugins/pkcs1/pkcs1_builder.h b/src/libstrongswan/plugins/pkcs1/pkcs1_builder.h
index 62ca9f351..9f251833e 100644
--- a/src/libstrongswan/plugins/pkcs1/pkcs1_builder.h
+++ b/src/libstrongswan/plugins/pkcs1/pkcs1_builder.h
@@ -14,7 +14,7 @@
*/
/**
- * @defgroup pkcs1_public_key pkcs1_public_key
+ * @defgroup pkcs1_builder pkcs1_builder
* @{ @ingroup pkcs1
*/
diff --git a/src/libstrongswan/plugins/pkcs1/pkcs1_encoder.c b/src/libstrongswan/plugins/pkcs1/pkcs1_encoder.c
index 0a8da815a..e46062d97 100644
--- a/src/libstrongswan/plugins/pkcs1/pkcs1_encoder.c
+++ b/src/libstrongswan/plugins/pkcs1/pkcs1_encoder.c
@@ -97,7 +97,8 @@ static bool hash_pubkey(chunk_t pubkey, chunk_t *hash)
if (hasher == NULL)
{
chunk_free(&pubkey);
- DBG1("SHA1 hash algorithm not supported, fingerprinting failed");
+ DBG1(DBG_LIB, "SHA1 hash algorithm not supported, "
+ "fingerprinting failed");
return FALSE;
}
hasher->allocate_hash(hasher, pubkey, hash);
diff --git a/src/libstrongswan/plugins/pkcs1/pkcs1_plugin.c b/src/libstrongswan/plugins/pkcs1/pkcs1_plugin.c
index 9d71e1388..35ec2d2bf 100644
--- a/src/libstrongswan/plugins/pkcs1/pkcs1_plugin.c
+++ b/src/libstrongswan/plugins/pkcs1/pkcs1_plugin.c
@@ -50,7 +50,7 @@ static void destroy(private_pkcs1_plugin_t *this)
/*
* see header file
*/
-plugin_t *plugin_create()
+plugin_t *pkcs1_plugin_create()
{
private_pkcs1_plugin_t *this = malloc_thing(private_pkcs1_plugin_t);
diff --git a/src/libstrongswan/plugins/pkcs1/pkcs1_plugin.h b/src/libstrongswan/plugins/pkcs1/pkcs1_plugin.h
index 465c7ef2c..588bde559 100644
--- a/src/libstrongswan/plugins/pkcs1/pkcs1_plugin.h
+++ b/src/libstrongswan/plugins/pkcs1/pkcs1_plugin.h
@@ -39,9 +39,4 @@ struct pkcs1_plugin_t {
plugin_t plugin;
};
-/**
- * Create a pkcs1_plugin instance.
- */
-plugin_t *plugin_create();
-
#endif /** PKCS1_PLUGIN_H_ @}*/
diff --git a/src/libstrongswan/plugins/plugin.h b/src/libstrongswan/plugins/plugin.h
index 28c800c0c..6d8a370fb 100644
--- a/src/libstrongswan/plugins/plugin.h
+++ b/src/libstrongswan/plugins/plugin.h
@@ -38,9 +38,9 @@ struct plugin_t {
/**
* Plugin constructor function definiton.
*
- * Each plugin has a constructor functions. This function is called on daemon
+ * Each plugin has a constructor function. This function is called on daemon
* startup to initialize each plugin.
- * The plugin function is named plugin_create().
+ * The plugin function is named plugin_name_plugin_create().
*
* @return plugin_t instance
*/
diff --git a/src/libstrongswan/plugins/plugin_loader.c b/src/libstrongswan/plugins/plugin_loader.c
index d4513f25a..cad279a9d 100644
--- a/src/libstrongswan/plugins/plugin_loader.c
+++ b/src/libstrongswan/plugins/plugin_loader.c
@@ -1,4 +1,5 @@
/*
+ * Copyright (C) 2010 Tobias Brunner
* Copyright (C) 2007 Martin Willi
* Hochschule fuer Technik Rapperswil
*
@@ -49,37 +50,83 @@ struct private_plugin_loader_t {
linked_list_t *names;
};
+#ifdef MONOLITHIC
+/**
+ * load a single plugin in monolithic mode
+ */
+static plugin_t* load_plugin(private_plugin_loader_t *this,
+ char *path, char *name)
+{
+ char create[128];
+ plugin_t *plugin;
+ plugin_constructor_t constructor;
+
+ if (snprintf(create, sizeof(create), "%s_plugin_create",
+ name) >= sizeof(create))
+ {
+ return NULL;
+ }
+ translate(create, "-", "_");
+ constructor = dlsym(RTLD_DEFAULT, create);
+ if (constructor == NULL)
+ {
+ DBG1(DBG_LIB, "plugin '%s': failed to load - %s not found", name,
+ create);
+ return NULL;
+ }
+ plugin = constructor();
+ if (plugin == NULL)
+ {
+ DBG1(DBG_LIB, "plugin '%s': failed to load - %s returned NULL", name,
+ create);
+ return NULL;
+ }
+ DBG2(DBG_LIB, "plugin '%s': loaded successfully", name);
+
+ return plugin;
+}
+#else
/**
* load a single plugin
*/
static plugin_t* load_plugin(private_plugin_loader_t *this,
char *path, char *name)
{
+ char create[128];
char file[PATH_MAX];
void *handle;
plugin_t *plugin;
plugin_constructor_t constructor;
- snprintf(file, sizeof(file), "%s/libstrongswan-%s.so", path, name);
-
+ if (snprintf(file, sizeof(file), "%s/libstrongswan-%s.so", path,
+ name) >= sizeof(file) ||
+ snprintf(create, sizeof(create), "%s_plugin_create",
+ name) >= sizeof(create))
+ {
+ return NULL;
+ }
+ translate(create, "-", "_");
if (lib->integrity)
{
if (!lib->integrity->check_file(lib->integrity, name, file))
{
- DBG1("plugin '%s': failed file integrity test of '%s'", name, file);
+ DBG1(DBG_LIB, "plugin '%s': failed file integrity test of '%s'",
+ name, file);
return NULL;
}
}
handle = dlopen(file, RTLD_LAZY);
if (handle == NULL)
{
- DBG1("plugin '%s': failed to load '%s' - %s", name, file, dlerror());
+ DBG1(DBG_LIB, "plugin '%s': failed to load '%s' - %s", name, file,
+ dlerror());
return NULL;
}
- constructor = dlsym(handle, "plugin_create");
+ constructor = dlsym(handle, create);
if (constructor == NULL)
{
- DBG1("plugin '%s': failed to load - no plugin_create() function", name);
+ DBG1(DBG_LIB, "plugin '%s': failed to load - %s not found", name,
+ create);
dlclose(handle);
return NULL;
}
@@ -87,25 +134,28 @@ static plugin_t* load_plugin(private_plugin_loader_t *this,
{
if (!lib->integrity->check_segment(lib->integrity, name, constructor))
{
- DBG1("plugin '%s': failed segment integrity test", name);
+ DBG1(DBG_LIB, "plugin '%s': failed segment integrity test", name);
dlclose(handle);
return NULL;
}
- DBG1("plugin '%s': passed file and segment integrity tests", name);
+ DBG1(DBG_LIB, "plugin '%s': passed file and segment integrity tests",
+ name);
}
plugin = constructor();
if (plugin == NULL)
{
- DBG1("plugin '%s': failed to load - plugin_create() returned NULL", name);
+ DBG1(DBG_LIB, "plugin '%s': failed to load - %s returned NULL", name,
+ create);
dlclose(handle);
return NULL;
}
- DBG2("plugin '%s': loaded successfully", name);
+ DBG2(DBG_LIB, "plugin '%s': loaded successfully", name);
/* we do not store or free dlopen() handles, leak_detective requires
* the modules to keep loaded until leak report */
return plugin;
}
+#endif
/**
* Implementation of plugin_loader_t.load_plugins.
@@ -116,10 +166,12 @@ static bool load(private_plugin_loader_t *this, char *path, char *list)
char *token;
bool critical_failed = FALSE;
+#ifndef MONOLITHIC
if (path == NULL)
{
path = PLUGINDIR;
}
+#endif
enumerator = enumerator_create_token(list, " ", " ");
while (!critical_failed && enumerator->enumerate(enumerator, &token))
@@ -147,7 +199,7 @@ static bool load(private_plugin_loader_t *this, char *path, char *list)
if (critical)
{
critical_failed = TRUE;
- DBG1("loading critical plugin '%s' failed", token);
+ DBG1(DBG_LIB, "loading critical plugin '%s' failed", token);
}
free(token);
}
diff --git a/src/libstrongswan/plugins/pubkey/Makefile.am b/src/libstrongswan/plugins/pubkey/Makefile.am
index 770d77325..c2974a585 100644
--- a/src/libstrongswan/plugins/pubkey/Makefile.am
+++ b/src/libstrongswan/plugins/pubkey/Makefile.am
@@ -3,10 +3,14 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
+if MONOLITHIC
+noinst_LTLIBRARIES = libstrongswan-pubkey.la
+else
plugin_LTLIBRARIES = libstrongswan-pubkey.la
+endif
-libstrongswan_pubkey_la_SOURCES = pubkey_plugin.h pubkey_plugin.c \
- pubkey_cert.h pubkey_cert.c
+libstrongswan_pubkey_la_SOURCES = \
+ pubkey_plugin.h pubkey_plugin.c \
+ pubkey_cert.h pubkey_cert.c
libstrongswan_pubkey_la_LDFLAGS = -module -avoid-version
-
diff --git a/src/libstrongswan/plugins/pubkey/Makefile.in b/src/libstrongswan/plugins/pubkey/Makefile.in
index f95e7b357..5fe3d58f1 100644
--- a/src/libstrongswan/plugins/pubkey/Makefile.in
+++ b/src/libstrongswan/plugins/pubkey/Makefile.in
@@ -72,7 +72,7 @@ am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
am__installdirs = "$(DESTDIR)$(plugindir)"
-LTLIBRARIES = $(plugin_LTLIBRARIES)
+LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_pubkey_la_LIBADD =
am_libstrongswan_pubkey_la_OBJECTS = pubkey_plugin.lo pubkey_cert.lo
libstrongswan_pubkey_la_OBJECTS = \
@@ -80,6 +80,9 @@ libstrongswan_pubkey_la_OBJECTS = \
libstrongswan_pubkey_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
$(libstrongswan_pubkey_la_LDFLAGS) $(LDFLAGS) -o $@
+@MONOLITHIC_FALSE@am_libstrongswan_pubkey_la_rpath = -rpath \
+@MONOLITHIC_FALSE@ $(plugindir)
+@MONOLITHIC_TRUE@am_libstrongswan_pubkey_la_rpath =
DEFAULT_INCLUDES = -I.@am__isrc@
depcomp = $(SHELL) $(top_srcdir)/depcomp
am__depfiles_maybe = depfiles
@@ -218,6 +221,7 @@ ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
+libhydra_plugins = @libhydra_plugins@
libstrongswan_plugins = @libstrongswan_plugins@
linux_headers = @linux_headers@
localedir = @localedir@
@@ -254,9 +258,11 @@ xml_CFLAGS = @xml_CFLAGS@
xml_LIBS = @xml_LIBS@
INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
-plugin_LTLIBRARIES = libstrongswan-pubkey.la
-libstrongswan_pubkey_la_SOURCES = pubkey_plugin.h pubkey_plugin.c \
- pubkey_cert.h pubkey_cert.c
+@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-pubkey.la
+@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-pubkey.la
+libstrongswan_pubkey_la_SOURCES = \
+ pubkey_plugin.h pubkey_plugin.c \
+ pubkey_cert.h pubkey_cert.c
libstrongswan_pubkey_la_LDFLAGS = -module -avoid-version
all: all-am
@@ -293,6 +299,15 @@ $(top_srcdir)/configure: $(am__configure_deps)
$(ACLOCAL_M4): $(am__aclocal_m4_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(am__aclocal_m4_deps):
+
+clean-noinstLTLIBRARIES:
+ -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES)
+ @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES)
@$(NORMAL_INSTALL)
test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)"
@@ -325,7 +340,7 @@ clean-pluginLTLIBRARIES:
rm -f "$${dir}/so_locations"; \
done
libstrongswan-pubkey.la: $(libstrongswan_pubkey_la_OBJECTS) $(libstrongswan_pubkey_la_DEPENDENCIES)
- $(libstrongswan_pubkey_la_LINK) -rpath $(plugindir) $(libstrongswan_pubkey_la_OBJECTS) $(libstrongswan_pubkey_la_LIBADD) $(LIBS)
+ $(libstrongswan_pubkey_la_LINK) $(am_libstrongswan_pubkey_la_rpath) $(libstrongswan_pubkey_la_OBJECTS) $(libstrongswan_pubkey_la_LIBADD) $(LIBS)
mostlyclean-compile:
-rm -f *.$(OBJEXT)
@@ -479,8 +494,8 @@ maintainer-clean-generic:
@echo "it deletes files that may require special tools to rebuild."
clean: clean-am
-clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \
- mostlyclean-am
+clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \
+ clean-pluginLTLIBRARIES mostlyclean-am
distclean: distclean-am
-rm -rf ./$(DEPDIR)
@@ -551,18 +566,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES
.MAKE: install-am install-strip
.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
- clean-libtool clean-pluginLTLIBRARIES ctags distclean \
- distclean-compile distclean-generic distclean-libtool \
- distclean-tags distdir dvi dvi-am html html-am info info-am \
- install install-am install-data install-data-am install-dvi \
- install-dvi-am install-exec install-exec-am install-html \
- install-html-am install-info install-info-am install-man \
- install-pdf install-pdf-am install-pluginLTLIBRARIES \
- install-ps install-ps-am install-strip installcheck \
- installcheck-am installdirs maintainer-clean \
- maintainer-clean-generic mostlyclean mostlyclean-compile \
- mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
- tags uninstall uninstall-am uninstall-pluginLTLIBRARIES
+ clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \
+ ctags distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-pdf install-pdf-am \
+ install-pluginLTLIBRARIES install-ps install-ps-am \
+ install-strip installcheck installcheck-am installdirs \
+ maintainer-clean maintainer-clean-generic mostlyclean \
+ mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
+ pdf pdf-am ps ps-am tags uninstall uninstall-am \
+ uninstall-pluginLTLIBRARIES
# Tell versions [3.59,3.63) of GNU make to not export all variables.
diff --git a/src/libstrongswan/plugins/pubkey/pubkey_plugin.c b/src/libstrongswan/plugins/pubkey/pubkey_plugin.c
index ad84eed99..b0eabc9ee 100644
--- a/src/libstrongswan/plugins/pubkey/pubkey_plugin.c
+++ b/src/libstrongswan/plugins/pubkey/pubkey_plugin.c
@@ -44,7 +44,7 @@ static void destroy(private_pubkey_plugin_t *this)
/*
* see header file
*/
-plugin_t *plugin_create()
+plugin_t *pubkey_plugin_create()
{
private_pubkey_plugin_t *this = malloc_thing(private_pubkey_plugin_t);
diff --git a/src/libstrongswan/plugins/pubkey/pubkey_plugin.h b/src/libstrongswan/plugins/pubkey/pubkey_plugin.h
index a3fd2f155..db71bddc0 100644
--- a/src/libstrongswan/plugins/pubkey/pubkey_plugin.h
+++ b/src/libstrongswan/plugins/pubkey/pubkey_plugin.h
@@ -39,9 +39,4 @@ struct pubkey_plugin_t {
plugin_t plugin;
};
-/**
- * Create a pubkey_plugin instance.
- */
-plugin_t *plugin_create();
-
#endif /** PUBKEY_PLUGIN_H_ @}*/
diff --git a/src/libstrongswan/plugins/random/Makefile.am b/src/libstrongswan/plugins/random/Makefile.am
index 7c2283ae7..5df992718 100644
--- a/src/libstrongswan/plugins/random/Makefile.am
+++ b/src/libstrongswan/plugins/random/Makefile.am
@@ -5,9 +5,14 @@ AM_CFLAGS = -rdynamic \
-DDEV_RANDOM=\"${random_device}\" \
-DDEV_URANDOM=\"${urandom_device}\"
+if MONOLITHIC
+noinst_LTLIBRARIES = libstrongswan-random.la
+else
plugin_LTLIBRARIES = libstrongswan-random.la
+endif
-libstrongswan_random_la_SOURCES = random_plugin.h random_plugin.c \
- random_rng.c random_rng.h
-libstrongswan_random_la_LDFLAGS = -module -avoid-version
+libstrongswan_random_la_SOURCES = \
+ random_plugin.h random_plugin.c \
+ random_rng.c random_rng.h
+libstrongswan_random_la_LDFLAGS = -module -avoid-version
diff --git a/src/libstrongswan/plugins/random/Makefile.in b/src/libstrongswan/plugins/random/Makefile.in
index 355ab14bc..27360aa8c 100644
--- a/src/libstrongswan/plugins/random/Makefile.in
+++ b/src/libstrongswan/plugins/random/Makefile.in
@@ -72,7 +72,7 @@ am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
am__installdirs = "$(DESTDIR)$(plugindir)"
-LTLIBRARIES = $(plugin_LTLIBRARIES)
+LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_random_la_LIBADD =
am_libstrongswan_random_la_OBJECTS = random_plugin.lo random_rng.lo
libstrongswan_random_la_OBJECTS = \
@@ -80,6 +80,9 @@ libstrongswan_random_la_OBJECTS = \
libstrongswan_random_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
$(libstrongswan_random_la_LDFLAGS) $(LDFLAGS) -o $@
+@MONOLITHIC_FALSE@am_libstrongswan_random_la_rpath = -rpath \
+@MONOLITHIC_FALSE@ $(plugindir)
+@MONOLITHIC_TRUE@am_libstrongswan_random_la_rpath =
DEFAULT_INCLUDES = -I.@am__isrc@
depcomp = $(SHELL) $(top_srcdir)/depcomp
am__depfiles_maybe = depfiles
@@ -218,6 +221,7 @@ ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
+libhydra_plugins = @libhydra_plugins@
libstrongswan_plugins = @libstrongswan_plugins@
linux_headers = @linux_headers@
localedir = @localedir@
@@ -257,9 +261,11 @@ AM_CFLAGS = -rdynamic \
-DDEV_RANDOM=\"${random_device}\" \
-DDEV_URANDOM=\"${urandom_device}\"
-plugin_LTLIBRARIES = libstrongswan-random.la
-libstrongswan_random_la_SOURCES = random_plugin.h random_plugin.c \
- random_rng.c random_rng.h
+@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-random.la
+@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-random.la
+libstrongswan_random_la_SOURCES = \
+ random_plugin.h random_plugin.c \
+ random_rng.c random_rng.h
libstrongswan_random_la_LDFLAGS = -module -avoid-version
all: all-am
@@ -296,6 +302,15 @@ $(top_srcdir)/configure: $(am__configure_deps)
$(ACLOCAL_M4): $(am__aclocal_m4_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(am__aclocal_m4_deps):
+
+clean-noinstLTLIBRARIES:
+ -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES)
+ @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES)
@$(NORMAL_INSTALL)
test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)"
@@ -328,7 +343,7 @@ clean-pluginLTLIBRARIES:
rm -f "$${dir}/so_locations"; \
done
libstrongswan-random.la: $(libstrongswan_random_la_OBJECTS) $(libstrongswan_random_la_DEPENDENCIES)
- $(libstrongswan_random_la_LINK) -rpath $(plugindir) $(libstrongswan_random_la_OBJECTS) $(libstrongswan_random_la_LIBADD) $(LIBS)
+ $(libstrongswan_random_la_LINK) $(am_libstrongswan_random_la_rpath) $(libstrongswan_random_la_OBJECTS) $(libstrongswan_random_la_LIBADD) $(LIBS)
mostlyclean-compile:
-rm -f *.$(OBJEXT)
@@ -482,8 +497,8 @@ maintainer-clean-generic:
@echo "it deletes files that may require special tools to rebuild."
clean: clean-am
-clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \
- mostlyclean-am
+clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \
+ clean-pluginLTLIBRARIES mostlyclean-am
distclean: distclean-am
-rm -rf ./$(DEPDIR)
@@ -554,18 +569,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES
.MAKE: install-am install-strip
.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
- clean-libtool clean-pluginLTLIBRARIES ctags distclean \
- distclean-compile distclean-generic distclean-libtool \
- distclean-tags distdir dvi dvi-am html html-am info info-am \
- install install-am install-data install-data-am install-dvi \
- install-dvi-am install-exec install-exec-am install-html \
- install-html-am install-info install-info-am install-man \
- install-pdf install-pdf-am install-pluginLTLIBRARIES \
- install-ps install-ps-am install-strip installcheck \
- installcheck-am installdirs maintainer-clean \
- maintainer-clean-generic mostlyclean mostlyclean-compile \
- mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
- tags uninstall uninstall-am uninstall-pluginLTLIBRARIES
+ clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \
+ ctags distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-pdf install-pdf-am \
+ install-pluginLTLIBRARIES install-ps install-ps-am \
+ install-strip installcheck installcheck-am installdirs \
+ maintainer-clean maintainer-clean-generic mostlyclean \
+ mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
+ pdf pdf-am ps ps-am tags uninstall uninstall-am \
+ uninstall-pluginLTLIBRARIES
# Tell versions [3.59,3.63) of GNU make to not export all variables.
diff --git a/src/libstrongswan/plugins/random/random_plugin.c b/src/libstrongswan/plugins/random/random_plugin.c
index df0a8f556..39678ba71 100644
--- a/src/libstrongswan/plugins/random/random_plugin.c
+++ b/src/libstrongswan/plugins/random/random_plugin.c
@@ -44,7 +44,7 @@ static void destroy(private_random_plugin_t *this)
/*
* see header file
*/
-plugin_t *plugin_create()
+plugin_t *random_plugin_create()
{
private_random_plugin_t *this = malloc_thing(private_random_plugin_t);
diff --git a/src/libstrongswan/plugins/random/random_plugin.h b/src/libstrongswan/plugins/random/random_plugin.h
index 6ce0f71be..7e22c3e5f 100644
--- a/src/libstrongswan/plugins/random/random_plugin.h
+++ b/src/libstrongswan/plugins/random/random_plugin.h
@@ -39,9 +39,4 @@ struct random_plugin_t {
plugin_t plugin;
};
-/**
- * Create a random_plugin instance.
- */
-plugin_t *plugin_create();
-
#endif /** RANDOM_PLUGIN_H_ @}*/
diff --git a/src/libstrongswan/plugins/random/random_rng.c b/src/libstrongswan/plugins/random/random_rng.c
index 34f300296..b09f3f57a 100644
--- a/src/libstrongswan/plugins/random/random_rng.c
+++ b/src/libstrongswan/plugins/random/random_rng.c
@@ -71,7 +71,7 @@ static void get_bytes(private_random_rng_t *this, size_t bytes,
got = read(this->dev, buffer + done, bytes - done);
if (got <= 0)
{
- DBG1("reading from \"%s\" failed: %s, retrying...",
+ DBG1(DBG_LIB, "reading from \"%s\" failed: %s, retrying...",
this->file, strerror(errno));
close(this->dev);
sleep(1);
@@ -124,7 +124,7 @@ random_rng_t *random_rng_create(rng_quality_t quality)
this->dev = open(this->file, 0);
if (this->dev < 0)
{
- DBG1("opening \"%s\" failed: %s", this->file, strerror(errno));
+ DBG1(DBG_LIB, "opening \"%s\" failed: %s", this->file, strerror(errno));
free(this);
return NULL;
}
diff --git a/src/libstrongswan/plugins/sha1/Makefile.am b/src/libstrongswan/plugins/sha1/Makefile.am
index ead51a45a..4e539fd83 100644
--- a/src/libstrongswan/plugins/sha1/Makefile.am
+++ b/src/libstrongswan/plugins/sha1/Makefile.am
@@ -3,9 +3,14 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
+if MONOLITHIC
+noinst_LTLIBRARIES = libstrongswan-sha1.la
+else
plugin_LTLIBRARIES = libstrongswan-sha1.la
+endif
-libstrongswan_sha1_la_SOURCES = sha1_plugin.h sha1_plugin.c \
+libstrongswan_sha1_la_SOURCES = \
+ sha1_plugin.h sha1_plugin.c \
sha1_hasher.c sha1_hasher.h sha1_prf.c sha1_prf.h
-libstrongswan_sha1_la_LDFLAGS = -module -avoid-version
+libstrongswan_sha1_la_LDFLAGS = -module -avoid-version
diff --git a/src/libstrongswan/plugins/sha1/Makefile.in b/src/libstrongswan/plugins/sha1/Makefile.in
index 4f08b882c..dacb5be4b 100644
--- a/src/libstrongswan/plugins/sha1/Makefile.in
+++ b/src/libstrongswan/plugins/sha1/Makefile.in
@@ -72,7 +72,7 @@ am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
am__installdirs = "$(DESTDIR)$(plugindir)"
-LTLIBRARIES = $(plugin_LTLIBRARIES)
+LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_sha1_la_LIBADD =
am_libstrongswan_sha1_la_OBJECTS = sha1_plugin.lo sha1_hasher.lo \
sha1_prf.lo
@@ -80,6 +80,8 @@ libstrongswan_sha1_la_OBJECTS = $(am_libstrongswan_sha1_la_OBJECTS)
libstrongswan_sha1_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
$(libstrongswan_sha1_la_LDFLAGS) $(LDFLAGS) -o $@
+@MONOLITHIC_FALSE@am_libstrongswan_sha1_la_rpath = -rpath $(plugindir)
+@MONOLITHIC_TRUE@am_libstrongswan_sha1_la_rpath =
DEFAULT_INCLUDES = -I.@am__isrc@
depcomp = $(SHELL) $(top_srcdir)/depcomp
am__depfiles_maybe = depfiles
@@ -218,6 +220,7 @@ ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
+libhydra_plugins = @libhydra_plugins@
libstrongswan_plugins = @libstrongswan_plugins@
linux_headers = @linux_headers@
localedir = @localedir@
@@ -254,8 +257,10 @@ xml_CFLAGS = @xml_CFLAGS@
xml_LIBS = @xml_LIBS@
INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
-plugin_LTLIBRARIES = libstrongswan-sha1.la
-libstrongswan_sha1_la_SOURCES = sha1_plugin.h sha1_plugin.c \
+@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-sha1.la
+@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-sha1.la
+libstrongswan_sha1_la_SOURCES = \
+ sha1_plugin.h sha1_plugin.c \
sha1_hasher.c sha1_hasher.h sha1_prf.c sha1_prf.h
libstrongswan_sha1_la_LDFLAGS = -module -avoid-version
@@ -293,6 +298,15 @@ $(top_srcdir)/configure: $(am__configure_deps)
$(ACLOCAL_M4): $(am__aclocal_m4_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(am__aclocal_m4_deps):
+
+clean-noinstLTLIBRARIES:
+ -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES)
+ @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES)
@$(NORMAL_INSTALL)
test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)"
@@ -325,7 +339,7 @@ clean-pluginLTLIBRARIES:
rm -f "$${dir}/so_locations"; \
done
libstrongswan-sha1.la: $(libstrongswan_sha1_la_OBJECTS) $(libstrongswan_sha1_la_DEPENDENCIES)
- $(libstrongswan_sha1_la_LINK) -rpath $(plugindir) $(libstrongswan_sha1_la_OBJECTS) $(libstrongswan_sha1_la_LIBADD) $(LIBS)
+ $(libstrongswan_sha1_la_LINK) $(am_libstrongswan_sha1_la_rpath) $(libstrongswan_sha1_la_OBJECTS) $(libstrongswan_sha1_la_LIBADD) $(LIBS)
mostlyclean-compile:
-rm -f *.$(OBJEXT)
@@ -480,8 +494,8 @@ maintainer-clean-generic:
@echo "it deletes files that may require special tools to rebuild."
clean: clean-am
-clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \
- mostlyclean-am
+clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \
+ clean-pluginLTLIBRARIES mostlyclean-am
distclean: distclean-am
-rm -rf ./$(DEPDIR)
@@ -552,18 +566,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES
.MAKE: install-am install-strip
.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
- clean-libtool clean-pluginLTLIBRARIES ctags distclean \
- distclean-compile distclean-generic distclean-libtool \
- distclean-tags distdir dvi dvi-am html html-am info info-am \
- install install-am install-data install-data-am install-dvi \
- install-dvi-am install-exec install-exec-am install-html \
- install-html-am install-info install-info-am install-man \
- install-pdf install-pdf-am install-pluginLTLIBRARIES \
- install-ps install-ps-am install-strip installcheck \
- installcheck-am installdirs maintainer-clean \
- maintainer-clean-generic mostlyclean mostlyclean-compile \
- mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
- tags uninstall uninstall-am uninstall-pluginLTLIBRARIES
+ clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \
+ ctags distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-pdf install-pdf-am \
+ install-pluginLTLIBRARIES install-ps install-ps-am \
+ install-strip installcheck installcheck-am installdirs \
+ maintainer-clean maintainer-clean-generic mostlyclean \
+ mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
+ pdf pdf-am ps ps-am tags uninstall uninstall-am \
+ uninstall-pluginLTLIBRARIES
# Tell versions [3.59,3.63) of GNU make to not export all variables.
diff --git a/src/libstrongswan/plugins/sha1/sha1_plugin.c b/src/libstrongswan/plugins/sha1/sha1_plugin.c
index a038228da..7b9cf878f 100644
--- a/src/libstrongswan/plugins/sha1/sha1_plugin.c
+++ b/src/libstrongswan/plugins/sha1/sha1_plugin.c
@@ -47,7 +47,7 @@ static void destroy(private_sha1_plugin_t *this)
/*
* see header file
*/
-plugin_t *plugin_create()
+plugin_t *sha1_plugin_create()
{
private_sha1_plugin_t *this = malloc_thing(private_sha1_plugin_t);
diff --git a/src/libstrongswan/plugins/sha1/sha1_plugin.h b/src/libstrongswan/plugins/sha1/sha1_plugin.h
index 36b12b91e..cd1ff615d 100644
--- a/src/libstrongswan/plugins/sha1/sha1_plugin.h
+++ b/src/libstrongswan/plugins/sha1/sha1_plugin.h
@@ -39,9 +39,4 @@ struct sha1_plugin_t {
plugin_t plugin;
};
-/**
- * Create a sha1_plugin instance.
- */
-plugin_t *plugin_create();
-
#endif /** SHA1_PLUGIN_H_ @}*/
diff --git a/src/libstrongswan/plugins/sha2/Makefile.am b/src/libstrongswan/plugins/sha2/Makefile.am
index 5422e1d4e..a255d0609 100644
--- a/src/libstrongswan/plugins/sha2/Makefile.am
+++ b/src/libstrongswan/plugins/sha2/Makefile.am
@@ -3,8 +3,13 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
+if MONOLITHIC
+noinst_LTLIBRARIES = libstrongswan-sha2.la
+else
plugin_LTLIBRARIES = libstrongswan-sha2.la
+endif
-libstrongswan_sha2_la_SOURCES = sha2_plugin.h sha2_plugin.c sha2_hasher.c sha2_hasher.h
-libstrongswan_sha2_la_LDFLAGS = -module -avoid-version
+libstrongswan_sha2_la_SOURCES = \
+ sha2_plugin.h sha2_plugin.c sha2_hasher.c sha2_hasher.h
+libstrongswan_sha2_la_LDFLAGS = -module -avoid-version
diff --git a/src/libstrongswan/plugins/sha2/Makefile.in b/src/libstrongswan/plugins/sha2/Makefile.in
index e4ea58094..6db4374c8 100644
--- a/src/libstrongswan/plugins/sha2/Makefile.in
+++ b/src/libstrongswan/plugins/sha2/Makefile.in
@@ -72,13 +72,15 @@ am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
am__installdirs = "$(DESTDIR)$(plugindir)"
-LTLIBRARIES = $(plugin_LTLIBRARIES)
+LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_sha2_la_LIBADD =
am_libstrongswan_sha2_la_OBJECTS = sha2_plugin.lo sha2_hasher.lo
libstrongswan_sha2_la_OBJECTS = $(am_libstrongswan_sha2_la_OBJECTS)
libstrongswan_sha2_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
$(libstrongswan_sha2_la_LDFLAGS) $(LDFLAGS) -o $@
+@MONOLITHIC_FALSE@am_libstrongswan_sha2_la_rpath = -rpath $(plugindir)
+@MONOLITHIC_TRUE@am_libstrongswan_sha2_la_rpath =
DEFAULT_INCLUDES = -I.@am__isrc@
depcomp = $(SHELL) $(top_srcdir)/depcomp
am__depfiles_maybe = depfiles
@@ -217,6 +219,7 @@ ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
+libhydra_plugins = @libhydra_plugins@
libstrongswan_plugins = @libstrongswan_plugins@
linux_headers = @linux_headers@
localedir = @localedir@
@@ -253,8 +256,11 @@ xml_CFLAGS = @xml_CFLAGS@
xml_LIBS = @xml_LIBS@
INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
-plugin_LTLIBRARIES = libstrongswan-sha2.la
-libstrongswan_sha2_la_SOURCES = sha2_plugin.h sha2_plugin.c sha2_hasher.c sha2_hasher.h
+@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-sha2.la
+@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-sha2.la
+libstrongswan_sha2_la_SOURCES = \
+ sha2_plugin.h sha2_plugin.c sha2_hasher.c sha2_hasher.h
+
libstrongswan_sha2_la_LDFLAGS = -module -avoid-version
all: all-am
@@ -290,6 +296,15 @@ $(top_srcdir)/configure: $(am__configure_deps)
$(ACLOCAL_M4): $(am__aclocal_m4_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(am__aclocal_m4_deps):
+
+clean-noinstLTLIBRARIES:
+ -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES)
+ @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES)
@$(NORMAL_INSTALL)
test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)"
@@ -322,7 +337,7 @@ clean-pluginLTLIBRARIES:
rm -f "$${dir}/so_locations"; \
done
libstrongswan-sha2.la: $(libstrongswan_sha2_la_OBJECTS) $(libstrongswan_sha2_la_DEPENDENCIES)
- $(libstrongswan_sha2_la_LINK) -rpath $(plugindir) $(libstrongswan_sha2_la_OBJECTS) $(libstrongswan_sha2_la_LIBADD) $(LIBS)
+ $(libstrongswan_sha2_la_LINK) $(am_libstrongswan_sha2_la_rpath) $(libstrongswan_sha2_la_OBJECTS) $(libstrongswan_sha2_la_LIBADD) $(LIBS)
mostlyclean-compile:
-rm -f *.$(OBJEXT)
@@ -476,8 +491,8 @@ maintainer-clean-generic:
@echo "it deletes files that may require special tools to rebuild."
clean: clean-am
-clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \
- mostlyclean-am
+clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \
+ clean-pluginLTLIBRARIES mostlyclean-am
distclean: distclean-am
-rm -rf ./$(DEPDIR)
@@ -548,18 +563,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES
.MAKE: install-am install-strip
.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
- clean-libtool clean-pluginLTLIBRARIES ctags distclean \
- distclean-compile distclean-generic distclean-libtool \
- distclean-tags distdir dvi dvi-am html html-am info info-am \
- install install-am install-data install-data-am install-dvi \
- install-dvi-am install-exec install-exec-am install-html \
- install-html-am install-info install-info-am install-man \
- install-pdf install-pdf-am install-pluginLTLIBRARIES \
- install-ps install-ps-am install-strip installcheck \
- installcheck-am installdirs maintainer-clean \
- maintainer-clean-generic mostlyclean mostlyclean-compile \
- mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
- tags uninstall uninstall-am uninstall-pluginLTLIBRARIES
+ clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \
+ ctags distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-pdf install-pdf-am \
+ install-pluginLTLIBRARIES install-ps install-ps-am \
+ install-strip installcheck installcheck-am installdirs \
+ maintainer-clean maintainer-clean-generic mostlyclean \
+ mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
+ pdf pdf-am ps ps-am tags uninstall uninstall-am \
+ uninstall-pluginLTLIBRARIES
# Tell versions [3.59,3.63) of GNU make to not export all variables.
diff --git a/src/libstrongswan/plugins/sha2/sha2_plugin.c b/src/libstrongswan/plugins/sha2/sha2_plugin.c
index 90f7cec77..810d9922a 100644
--- a/src/libstrongswan/plugins/sha2/sha2_plugin.c
+++ b/src/libstrongswan/plugins/sha2/sha2_plugin.c
@@ -44,7 +44,7 @@ static void destroy(private_sha2_plugin_t *this)
/*
* see header file
*/
-plugin_t *plugin_create()
+plugin_t *sha2_plugin_create()
{
private_sha2_plugin_t *this = malloc_thing(private_sha2_plugin_t);
diff --git a/src/libstrongswan/plugins/sha2/sha2_plugin.h b/src/libstrongswan/plugins/sha2/sha2_plugin.h
index b80f7560e..48ee2d94c 100644
--- a/src/libstrongswan/plugins/sha2/sha2_plugin.h
+++ b/src/libstrongswan/plugins/sha2/sha2_plugin.h
@@ -39,9 +39,4 @@ struct sha2_plugin_t {
plugin_t plugin;
};
-/**
- * Create a sha2_plugin instance.
- */
-plugin_t *plugin_create();
-
#endif /** SHA2_PLUGIN_H_ @}*/
diff --git a/src/libstrongswan/plugins/sqlite/Makefile.am b/src/libstrongswan/plugins/sqlite/Makefile.am
index f26e31294..2e1d9733f 100644
--- a/src/libstrongswan/plugins/sqlite/Makefile.am
+++ b/src/libstrongswan/plugins/sqlite/Makefile.am
@@ -3,10 +3,16 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
+if MONOLITHIC
+noinst_LTLIBRARIES = libstrongswan-sqlite.la
+else
plugin_LTLIBRARIES = libstrongswan-sqlite.la
+endif
-libstrongswan_sqlite_la_SOURCES = sqlite_plugin.h sqlite_plugin.c \
+libstrongswan_sqlite_la_SOURCES = \
+ sqlite_plugin.h sqlite_plugin.c \
sqlite_database.h sqlite_database.c
+
libstrongswan_sqlite_la_LDFLAGS = -module -avoid-version
-libstrongswan_sqlite_la_LIBADD = -lsqlite3
+libstrongswan_sqlite_la_LIBADD = -lsqlite3
diff --git a/src/libstrongswan/plugins/sqlite/Makefile.in b/src/libstrongswan/plugins/sqlite/Makefile.in
index 831408c9e..cb466ad03 100644
--- a/src/libstrongswan/plugins/sqlite/Makefile.in
+++ b/src/libstrongswan/plugins/sqlite/Makefile.in
@@ -72,7 +72,7 @@ am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
am__installdirs = "$(DESTDIR)$(plugindir)"
-LTLIBRARIES = $(plugin_LTLIBRARIES)
+LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_sqlite_la_DEPENDENCIES =
am_libstrongswan_sqlite_la_OBJECTS = sqlite_plugin.lo \
sqlite_database.lo
@@ -81,6 +81,9 @@ libstrongswan_sqlite_la_OBJECTS = \
libstrongswan_sqlite_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
$(libstrongswan_sqlite_la_LDFLAGS) $(LDFLAGS) -o $@
+@MONOLITHIC_FALSE@am_libstrongswan_sqlite_la_rpath = -rpath \
+@MONOLITHIC_FALSE@ $(plugindir)
+@MONOLITHIC_TRUE@am_libstrongswan_sqlite_la_rpath =
DEFAULT_INCLUDES = -I.@am__isrc@
depcomp = $(SHELL) $(top_srcdir)/depcomp
am__depfiles_maybe = depfiles
@@ -219,6 +222,7 @@ ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
+libhydra_plugins = @libhydra_plugins@
libstrongswan_plugins = @libstrongswan_plugins@
linux_headers = @linux_headers@
localedir = @localedir@
@@ -255,8 +259,10 @@ xml_CFLAGS = @xml_CFLAGS@
xml_LIBS = @xml_LIBS@
INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
-plugin_LTLIBRARIES = libstrongswan-sqlite.la
-libstrongswan_sqlite_la_SOURCES = sqlite_plugin.h sqlite_plugin.c \
+@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-sqlite.la
+@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-sqlite.la
+libstrongswan_sqlite_la_SOURCES = \
+ sqlite_plugin.h sqlite_plugin.c \
sqlite_database.h sqlite_database.c
libstrongswan_sqlite_la_LDFLAGS = -module -avoid-version
@@ -295,6 +301,15 @@ $(top_srcdir)/configure: $(am__configure_deps)
$(ACLOCAL_M4): $(am__aclocal_m4_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(am__aclocal_m4_deps):
+
+clean-noinstLTLIBRARIES:
+ -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES)
+ @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES)
@$(NORMAL_INSTALL)
test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)"
@@ -327,7 +342,7 @@ clean-pluginLTLIBRARIES:
rm -f "$${dir}/so_locations"; \
done
libstrongswan-sqlite.la: $(libstrongswan_sqlite_la_OBJECTS) $(libstrongswan_sqlite_la_DEPENDENCIES)
- $(libstrongswan_sqlite_la_LINK) -rpath $(plugindir) $(libstrongswan_sqlite_la_OBJECTS) $(libstrongswan_sqlite_la_LIBADD) $(LIBS)
+ $(libstrongswan_sqlite_la_LINK) $(am_libstrongswan_sqlite_la_rpath) $(libstrongswan_sqlite_la_OBJECTS) $(libstrongswan_sqlite_la_LIBADD) $(LIBS)
mostlyclean-compile:
-rm -f *.$(OBJEXT)
@@ -481,8 +496,8 @@ maintainer-clean-generic:
@echo "it deletes files that may require special tools to rebuild."
clean: clean-am
-clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \
- mostlyclean-am
+clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \
+ clean-pluginLTLIBRARIES mostlyclean-am
distclean: distclean-am
-rm -rf ./$(DEPDIR)
@@ -553,18 +568,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES
.MAKE: install-am install-strip
.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
- clean-libtool clean-pluginLTLIBRARIES ctags distclean \
- distclean-compile distclean-generic distclean-libtool \
- distclean-tags distdir dvi dvi-am html html-am info info-am \
- install install-am install-data install-data-am install-dvi \
- install-dvi-am install-exec install-exec-am install-html \
- install-html-am install-info install-info-am install-man \
- install-pdf install-pdf-am install-pluginLTLIBRARIES \
- install-ps install-ps-am install-strip installcheck \
- installcheck-am installdirs maintainer-clean \
- maintainer-clean-generic mostlyclean mostlyclean-compile \
- mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
- tags uninstall uninstall-am uninstall-pluginLTLIBRARIES
+ clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \
+ ctags distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-pdf install-pdf-am \
+ install-pluginLTLIBRARIES install-ps install-ps-am \
+ install-strip installcheck installcheck-am installdirs \
+ maintainer-clean maintainer-clean-generic mostlyclean \
+ mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
+ pdf pdf-am ps ps-am tags uninstall uninstall-am \
+ uninstall-pluginLTLIBRARIES
# Tell versions [3.59,3.63) of GNU make to not export all variables.
diff --git a/src/libstrongswan/plugins/sqlite/sqlite_database.c b/src/libstrongswan/plugins/sqlite/sqlite_database.c
index 721f1a126..3e20dbb51 100644
--- a/src/libstrongswan/plugins/sqlite/sqlite_database.c
+++ b/src/libstrongswan/plugins/sqlite/sqlite_database.c
@@ -110,11 +110,13 @@ static sqlite3_stmt* run(private_sqlite_database_t *this, char *sql,
}
else
{
- DBG1("preparing sqlite statement failed: %s", sqlite3_errmsg(this->db));
+ DBG1(DBG_LIB, "preparing sqlite statement failed: %s",
+ sqlite3_errmsg(this->db));
}
if (res != SQLITE_OK)
{
- DBG1("binding sqlite statement failed: %s", sqlite3_errmsg(this->db));
+ DBG1(DBG_LIB, "binding sqlite statement failed: %s",
+ sqlite3_errmsg(this->db));
sqlite3_finalize(stmt);
return NULL;
}
@@ -160,7 +162,7 @@ static bool sqlite_enumerator_enumerate(sqlite_enumerator_t *this, ...)
case SQLITE_ROW:
break;
default:
- DBG1("stepping sqlite statement failed: %s",
+ DBG1(DBG_LIB, "stepping sqlite statement failed: %s",
sqlite3_errmsg(this->database->db));
/* fall */
case SQLITE_DONE:
@@ -203,7 +205,7 @@ static bool sqlite_enumerator_enumerate(sqlite_enumerator_t *this, ...)
break;
}
default:
- DBG1("invalid result type supplied");
+ DBG1(DBG_LIB, "invalid result type supplied");
return FALSE;
}
}
@@ -272,7 +274,8 @@ static int execute(private_sqlite_database_t *this, int *rowid, char *sql, ...)
}
else
{
- DBG1("sqlite execute failed: %s", sqlite3_errmsg(this->db));
+ DBG1(DBG_LIB, "sqlite execute failed: %s",
+ sqlite3_errmsg(this->db));
}
sqlite3_finalize(stmt);
}
@@ -337,7 +340,7 @@ sqlite_database_t *sqlite_database_create(char *uri)
if (sqlite3_open(file, &this->db) != SQLITE_OK)
{
- DBG1("opening SQLite database '%s' failed: %s",
+ DBG1(DBG_LIB, "opening SQLite database '%s' failed: %s",
file, sqlite3_errmsg(this->db));
destroy(this);
return NULL;
diff --git a/src/libstrongswan/plugins/sqlite/sqlite_plugin.c b/src/libstrongswan/plugins/sqlite/sqlite_plugin.c
index 955402bf9..332d82318 100644
--- a/src/libstrongswan/plugins/sqlite/sqlite_plugin.c
+++ b/src/libstrongswan/plugins/sqlite/sqlite_plugin.c
@@ -44,7 +44,7 @@ static void destroy(private_sqlite_plugin_t *this)
/*
* see header file
*/
-plugin_t *plugin_create()
+plugin_t *sqlite_plugin_create()
{
private_sqlite_plugin_t *this = malloc_thing(private_sqlite_plugin_t);
diff --git a/src/libstrongswan/plugins/sqlite/sqlite_plugin.h b/src/libstrongswan/plugins/sqlite/sqlite_plugin.h
index 82735a311..dbc461cf4 100644
--- a/src/libstrongswan/plugins/sqlite/sqlite_plugin.h
+++ b/src/libstrongswan/plugins/sqlite/sqlite_plugin.h
@@ -39,9 +39,4 @@ struct sqlite_plugin_t {
plugin_t plugin;
};
-/**
- * Create a sqlite_plugin instance.
- */
-plugin_t *plugin_create();
-
#endif /** SQLITE_PLUGIN_H_ @}*/
diff --git a/src/libstrongswan/plugins/test_vectors/Makefile.am b/src/libstrongswan/plugins/test_vectors/Makefile.am
index 6028805c4..6d3b05d19 100644
--- a/src/libstrongswan/plugins/test_vectors/Makefile.am
+++ b/src/libstrongswan/plugins/test_vectors/Makefile.am
@@ -3,7 +3,11 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
+if MONOLITHIC
+noinst_LTLIBRARIES = libstrongswan-test-vectors.la
+else
plugin_LTLIBRARIES = libstrongswan-test-vectors.la
+endif
libstrongswan_test_vectors_la_SOURCES = \
test_vectors_plugin.h test_vectors_plugin.c test_vectors.h \
@@ -29,5 +33,5 @@ libstrongswan_test_vectors_la_SOURCES = \
test_vectors/sha2_hmac.c \
test_vectors/fips_prf.c \
test_vectors/rng.c
-libstrongswan_test_vectors_la_LDFLAGS = -module -avoid-version
+libstrongswan_test_vectors_la_LDFLAGS = -module -avoid-version
diff --git a/src/libstrongswan/plugins/test_vectors/Makefile.in b/src/libstrongswan/plugins/test_vectors/Makefile.in
index a8674d282..dbe62c056 100644
--- a/src/libstrongswan/plugins/test_vectors/Makefile.in
+++ b/src/libstrongswan/plugins/test_vectors/Makefile.in
@@ -72,7 +72,7 @@ am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
am__installdirs = "$(DESTDIR)$(plugindir)"
-LTLIBRARIES = $(plugin_LTLIBRARIES)
+LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_test_vectors_la_LIBADD =
am_libstrongswan_test_vectors_la_OBJECTS = test_vectors_plugin.lo \
3des_cbc.lo aes_cbc.lo aes_xcbc.lo blowfish.lo camellia_cbc.lo \
@@ -85,6 +85,9 @@ libstrongswan_test_vectors_la_LINK = $(LIBTOOL) --tag=CC \
$(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \
$(AM_CFLAGS) $(CFLAGS) \
$(libstrongswan_test_vectors_la_LDFLAGS) $(LDFLAGS) -o $@
+@MONOLITHIC_FALSE@am_libstrongswan_test_vectors_la_rpath = -rpath \
+@MONOLITHIC_FALSE@ $(plugindir)
+@MONOLITHIC_TRUE@am_libstrongswan_test_vectors_la_rpath =
DEFAULT_INCLUDES = -I.@am__isrc@
depcomp = $(SHELL) $(top_srcdir)/depcomp
am__depfiles_maybe = depfiles
@@ -223,6 +226,7 @@ ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
+libhydra_plugins = @libhydra_plugins@
libstrongswan_plugins = @libstrongswan_plugins@
linux_headers = @linux_headers@
localedir = @localedir@
@@ -259,7 +263,8 @@ xml_CFLAGS = @xml_CFLAGS@
xml_LIBS = @xml_LIBS@
INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
-plugin_LTLIBRARIES = libstrongswan-test-vectors.la
+@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-test-vectors.la
+@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-test-vectors.la
libstrongswan_test_vectors_la_SOURCES = \
test_vectors_plugin.h test_vectors_plugin.c test_vectors.h \
test_vectors/3des_cbc.c \
@@ -320,6 +325,15 @@ $(top_srcdir)/configure: $(am__configure_deps)
$(ACLOCAL_M4): $(am__aclocal_m4_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(am__aclocal_m4_deps):
+
+clean-noinstLTLIBRARIES:
+ -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES)
+ @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES)
@$(NORMAL_INSTALL)
test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)"
@@ -352,7 +366,7 @@ clean-pluginLTLIBRARIES:
rm -f "$${dir}/so_locations"; \
done
libstrongswan-test-vectors.la: $(libstrongswan_test_vectors_la_OBJECTS) $(libstrongswan_test_vectors_la_DEPENDENCIES)
- $(libstrongswan_test_vectors_la_LINK) -rpath $(plugindir) $(libstrongswan_test_vectors_la_OBJECTS) $(libstrongswan_test_vectors_la_LIBADD) $(LIBS)
+ $(libstrongswan_test_vectors_la_LINK) $(am_libstrongswan_test_vectors_la_rpath) $(libstrongswan_test_vectors_la_OBJECTS) $(libstrongswan_test_vectors_la_LIBADD) $(LIBS)
mostlyclean-compile:
-rm -f *.$(OBJEXT)
@@ -681,8 +695,8 @@ maintainer-clean-generic:
@echo "it deletes files that may require special tools to rebuild."
clean: clean-am
-clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \
- mostlyclean-am
+clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \
+ clean-pluginLTLIBRARIES mostlyclean-am
distclean: distclean-am
-rm -rf ./$(DEPDIR)
@@ -753,18 +767,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES
.MAKE: install-am install-strip
.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
- clean-libtool clean-pluginLTLIBRARIES ctags distclean \
- distclean-compile distclean-generic distclean-libtool \
- distclean-tags distdir dvi dvi-am html html-am info info-am \
- install install-am install-data install-data-am install-dvi \
- install-dvi-am install-exec install-exec-am install-html \
- install-html-am install-info install-info-am install-man \
- install-pdf install-pdf-am install-pluginLTLIBRARIES \
- install-ps install-ps-am install-strip installcheck \
- installcheck-am installdirs maintainer-clean \
- maintainer-clean-generic mostlyclean mostlyclean-compile \
- mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
- tags uninstall uninstall-am uninstall-pluginLTLIBRARIES
+ clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \
+ ctags distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-pdf install-pdf-am \
+ install-pluginLTLIBRARIES install-ps install-ps-am \
+ install-strip installcheck installcheck-am installdirs \
+ maintainer-clean maintainer-clean-generic mostlyclean \
+ mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
+ pdf pdf-am ps ps-am tags uninstall uninstall-am \
+ uninstall-pluginLTLIBRARIES
# Tell versions [3.59,3.63) of GNU make to not export all variables.
diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/rng.c b/src/libstrongswan/plugins/test_vectors/test_vectors/rng.c
index 4dc1cc174..18e0c9278 100644
--- a/src/libstrongswan/plugins/test_vectors/test_vectors/rng.c
+++ b/src/libstrongswan/plugins/test_vectors/test_vectors/rng.c
@@ -44,7 +44,7 @@ static bool test_monobit(monobit_t *param, chunk_t data)
}
}
}
- DBG2(" Monobit: %d/%d bits set", bits, data.len * 8);
+ DBG2(DBG_LIB, " Monobit: %d/%d bits set", bits, data.len * 8);
if (bits > param->lower && bits < param->upper)
{
return TRUE;
@@ -101,7 +101,7 @@ static bool test_poker(poker_t *param, chunk_t data)
sum += (counter[i] * counter[i]) / 5000.0 * 16.0;
}
sum -= 5000.0;
- DBG2(" Poker: %f", sum);
+ DBG2(DBG_LIB, " Poker: %f", sum);
if (sum > param->lower && sum < param->upper)
{
return TRUE;
@@ -190,7 +190,7 @@ static bool test_runs(runs_t *param, chunk_t data)
}
}
- DBG2(" Runs: zero: %d/%d/%d/%d/%d/%d, one: %d/%d/%d/%d/%d/%d, "
+ DBG2(DBG_LIB, " Runs: zero: %d/%d/%d/%d/%d/%d, one: %d/%d/%d/%d/%d/%d, "
"longruns: %d",
zero_runs[1], zero_runs[2], zero_runs[3],
zero_runs[4], zero_runs[5], zero_runs[6],
diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors_plugin.c b/src/libstrongswan/plugins/test_vectors/test_vectors_plugin.c
index 7ad8c3c73..234d237f3 100644
--- a/src/libstrongswan/plugins/test_vectors/test_vectors_plugin.c
+++ b/src/libstrongswan/plugins/test_vectors/test_vectors_plugin.c
@@ -104,7 +104,7 @@ static void destroy(private_test_vectors_plugin_t *this)
/*
* see header file
*/
-plugin_t *plugin_create()
+plugin_t *test_vectors_plugin_create()
{
private_test_vectors_plugin_t *this = malloc_thing(private_test_vectors_plugin_t);
int i;
diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors_plugin.h b/src/libstrongswan/plugins/test_vectors/test_vectors_plugin.h
index 9cb959c88..661529295 100644
--- a/src/libstrongswan/plugins/test_vectors/test_vectors_plugin.h
+++ b/src/libstrongswan/plugins/test_vectors/test_vectors_plugin.h
@@ -39,9 +39,4 @@ struct test_vectors_plugin_t {
plugin_t plugin;
};
-/**
- * Create a test_vectors_plugin instance.
- */
-plugin_t *plugin_create();
-
#endif /** TEST_VECTORS_PLUGIN_H_ @}*/
diff --git a/src/libstrongswan/plugins/x509/Makefile.am b/src/libstrongswan/plugins/x509/Makefile.am
index 853b1cebc..4b50d78dc 100644
--- a/src/libstrongswan/plugins/x509/Makefile.am
+++ b/src/libstrongswan/plugins/x509/Makefile.am
@@ -3,14 +3,19 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
+if MONOLITHIC
+noinst_LTLIBRARIES = libstrongswan-x509.la
+else
plugin_LTLIBRARIES = libstrongswan-x509.la
+endif
-libstrongswan_x509_la_SOURCES = x509_plugin.h x509_plugin.c \
- x509_cert.h x509_cert.c \
- x509_crl.h x509_crl.c \
- x509_ac.h x509_ac.c \
- x509_pkcs10.h x509_pkcs10.c \
- x509_ocsp_request.h x509_ocsp_request.c \
- x509_ocsp_response.h x509_ocsp_response.c
-libstrongswan_x509_la_LDFLAGS = -module -avoid-version
+libstrongswan_x509_la_SOURCES = \
+ x509_plugin.h x509_plugin.c \
+ x509_cert.h x509_cert.c \
+ x509_crl.h x509_crl.c \
+ x509_ac.h x509_ac.c \
+ x509_pkcs10.h x509_pkcs10.c \
+ x509_ocsp_request.h x509_ocsp_request.c \
+ x509_ocsp_response.h x509_ocsp_response.c
+libstrongswan_x509_la_LDFLAGS = -module -avoid-version
diff --git a/src/libstrongswan/plugins/x509/Makefile.in b/src/libstrongswan/plugins/x509/Makefile.in
index 428643254..2bee453cd 100644
--- a/src/libstrongswan/plugins/x509/Makefile.in
+++ b/src/libstrongswan/plugins/x509/Makefile.in
@@ -72,7 +72,7 @@ am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
am__installdirs = "$(DESTDIR)$(plugindir)"
-LTLIBRARIES = $(plugin_LTLIBRARIES)
+LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_x509_la_LIBADD =
am_libstrongswan_x509_la_OBJECTS = x509_plugin.lo x509_cert.lo \
x509_crl.lo x509_ac.lo x509_pkcs10.lo x509_ocsp_request.lo \
@@ -81,6 +81,8 @@ libstrongswan_x509_la_OBJECTS = $(am_libstrongswan_x509_la_OBJECTS)
libstrongswan_x509_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
$(libstrongswan_x509_la_LDFLAGS) $(LDFLAGS) -o $@
+@MONOLITHIC_FALSE@am_libstrongswan_x509_la_rpath = -rpath $(plugindir)
+@MONOLITHIC_TRUE@am_libstrongswan_x509_la_rpath =
DEFAULT_INCLUDES = -I.@am__isrc@
depcomp = $(SHELL) $(top_srcdir)/depcomp
am__depfiles_maybe = depfiles
@@ -219,6 +221,7 @@ ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
+libhydra_plugins = @libhydra_plugins@
libstrongswan_plugins = @libstrongswan_plugins@
linux_headers = @linux_headers@
localedir = @localedir@
@@ -255,14 +258,16 @@ xml_CFLAGS = @xml_CFLAGS@
xml_LIBS = @xml_LIBS@
INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
-plugin_LTLIBRARIES = libstrongswan-x509.la
-libstrongswan_x509_la_SOURCES = x509_plugin.h x509_plugin.c \
- x509_cert.h x509_cert.c \
- x509_crl.h x509_crl.c \
- x509_ac.h x509_ac.c \
- x509_pkcs10.h x509_pkcs10.c \
- x509_ocsp_request.h x509_ocsp_request.c \
- x509_ocsp_response.h x509_ocsp_response.c
+@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-x509.la
+@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-x509.la
+libstrongswan_x509_la_SOURCES = \
+ x509_plugin.h x509_plugin.c \
+ x509_cert.h x509_cert.c \
+ x509_crl.h x509_crl.c \
+ x509_ac.h x509_ac.c \
+ x509_pkcs10.h x509_pkcs10.c \
+ x509_ocsp_request.h x509_ocsp_request.c \
+ x509_ocsp_response.h x509_ocsp_response.c
libstrongswan_x509_la_LDFLAGS = -module -avoid-version
all: all-am
@@ -299,6 +304,15 @@ $(top_srcdir)/configure: $(am__configure_deps)
$(ACLOCAL_M4): $(am__aclocal_m4_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(am__aclocal_m4_deps):
+
+clean-noinstLTLIBRARIES:
+ -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES)
+ @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES)
@$(NORMAL_INSTALL)
test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)"
@@ -331,7 +345,7 @@ clean-pluginLTLIBRARIES:
rm -f "$${dir}/so_locations"; \
done
libstrongswan-x509.la: $(libstrongswan_x509_la_OBJECTS) $(libstrongswan_x509_la_DEPENDENCIES)
- $(libstrongswan_x509_la_LINK) -rpath $(plugindir) $(libstrongswan_x509_la_OBJECTS) $(libstrongswan_x509_la_LIBADD) $(LIBS)
+ $(libstrongswan_x509_la_LINK) $(am_libstrongswan_x509_la_rpath) $(libstrongswan_x509_la_OBJECTS) $(libstrongswan_x509_la_LIBADD) $(LIBS)
mostlyclean-compile:
-rm -f *.$(OBJEXT)
@@ -490,8 +504,8 @@ maintainer-clean-generic:
@echo "it deletes files that may require special tools to rebuild."
clean: clean-am
-clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \
- mostlyclean-am
+clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \
+ clean-pluginLTLIBRARIES mostlyclean-am
distclean: distclean-am
-rm -rf ./$(DEPDIR)
@@ -562,18 +576,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES
.MAKE: install-am install-strip
.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
- clean-libtool clean-pluginLTLIBRARIES ctags distclean \
- distclean-compile distclean-generic distclean-libtool \
- distclean-tags distdir dvi dvi-am html html-am info info-am \
- install install-am install-data install-data-am install-dvi \
- install-dvi-am install-exec install-exec-am install-html \
- install-html-am install-info install-info-am install-man \
- install-pdf install-pdf-am install-pluginLTLIBRARIES \
- install-ps install-ps-am install-strip installcheck \
- installcheck-am installdirs maintainer-clean \
- maintainer-clean-generic mostlyclean mostlyclean-compile \
- mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
- tags uninstall uninstall-am uninstall-pluginLTLIBRARIES
+ clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \
+ ctags distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-pdf install-pdf-am \
+ install-pluginLTLIBRARIES install-ps install-ps-am \
+ install-strip installcheck installcheck-am installdirs \
+ maintainer-clean maintainer-clean-generic mostlyclean \
+ mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
+ pdf pdf-am ps ps-am tags uninstall uninstall-am \
+ uninstall-pluginLTLIBRARIES
# Tell versions [3.59,3.63) of GNU make to not export all variables.
diff --git a/src/libstrongswan/plugins/x509/x509_ac.c b/src/libstrongswan/plugins/x509/x509_ac.c
index 79ff80933..95e72789e 100644
--- a/src/libstrongswan/plugins/x509/x509_ac.c
+++ b/src/libstrongswan/plugins/x509/x509_ac.c
@@ -192,7 +192,7 @@ static bool parse_directoryName(chunk_t blob, int level, bool implicit, identifi
}
else
{
- DBG1("more than one directory name - first selected");
+ DBG1(DBG_LIB, "more than one directory name - first selected");
directoryName->destroy(directoryName);
}
}
@@ -200,7 +200,7 @@ static bool parse_directoryName(chunk_t blob, int level, bool implicit, identifi
}
else
{
- DBG1("no directoryName found");
+ DBG1(DBG_LIB, "no directoryName found");
}
list->destroy(list);
@@ -359,10 +359,11 @@ static bool parse_certificate(private_x509_ac_t *this)
break;
case AC_OBJ_VERSION:
this->version = (object.len) ? (1 + (u_int)*object.ptr) : 1;
- DBG2(" v%d", this->version);
+ DBG2(DBG_LIB, " v%d", this->version);
if (this->version != 2)
{
- DBG1("v%d attribute certificates are not supported", this->version);
+ DBG1(DBG_LIB, "v%d attribute certificates are not "
+ "supported", this->version);
goto end;
}
break;
@@ -407,20 +408,20 @@ static bool parse_certificate(private_x509_ac_t *this)
switch (type)
{
case OID_AUTHENTICATION_INFO:
- DBG2(" need to parse authenticationInfo");
+ DBG2(DBG_LIB, " need to parse authenticationInfo");
break;
case OID_ACCESS_IDENTITY:
- DBG2(" need to parse accessIdentity");
+ DBG2(DBG_LIB, " need to parse accessIdentity");
break;
case OID_CHARGING_IDENTITY:
- DBG2("-- > --");
+ DBG2(DBG_LIB, "-- > --");
this->charging = ietf_attributes_create_from_encoding(object);
- DBG2("-- < --");
+ DBG2(DBG_LIB, "-- < --");
break;
case OID_GROUP:
- DBG2("-- > --");
+ DBG2(DBG_LIB, "-- > --");
this->groups = ietf_attributes_create_from_encoding(object);
- DBG2("-- < --");
+ DBG2(DBG_LIB, "-- < --");
break;
case OID_ROLE:
parse_roleSyntax(object, level);
@@ -435,21 +436,21 @@ static bool parse_certificate(private_x509_ac_t *this)
break;
case AC_OBJ_CRITICAL:
critical = object.len && *object.ptr;
- DBG2(" %s",(critical)?"TRUE":"FALSE");
+ DBG2(DBG_LIB, " %s",(critical)?"TRUE":"FALSE");
break;
case AC_OBJ_EXTN_VALUE:
{
switch (extn_oid)
{
case OID_CRL_DISTRIBUTION_POINTS:
- DBG2(" need to parse crlDistributionPoints");
+ DBG2(DBG_LIB, " need to parse crlDistributionPoints");
break;
case OID_AUTHORITY_KEY_ID:
this->authKeyIdentifier = x509_parse_authorityKeyIdentifier(object,
level, &this->authKeySerialNumber);
break;
case OID_TARGET_INFORMATION:
- DBG2(" need to parse targetInformation");
+ DBG2(DBG_LIB, " need to parse targetInformation");
break;
case OID_NO_REV_AVAIL:
this->noRevAvail = TRUE;
@@ -464,7 +465,7 @@ static bool parse_certificate(private_x509_ac_t *this)
NULL);
if (this->algorithm != sig_alg)
{
- DBG1(" signature algorithms do not agree");
+ DBG1(DBG_LIB, " signature algorithms do not agree");
success = FALSE;
goto end;
}
@@ -824,9 +825,9 @@ static bool is_newer(private_x509_ac_t *this, ac_t *that)
this_cert->get_validity(this_cert, &now, &this_update, NULL);
that_cert->get_validity(that_cert, &now, &that_update, NULL);
new = this_update > that_update;
- DBG1(" attr cert from %T is %s - existing attr cert from %T %s",
- &this_update, FALSE, new ? "newer":"not newer",
- &that_update, FALSE, new ? "replaced":"retained");
+ DBG1(DBG_LIB, " attr cert from %T is %s - existing attr cert from %T %s",
+ &this_update, FALSE, new ? "newer":"not newer",
+ &that_update, FALSE, new ? "replaced":"retained");
return new;
}
diff --git a/src/libstrongswan/plugins/x509/x509_cert.c b/src/libstrongswan/plugins/x509/x509_cert.c
index 3b729236e..bdbaa8d4a 100644
--- a/src/libstrongswan/plugins/x509/x509_cert.c
+++ b/src/libstrongswan/plugins/x509/x509_cert.c
@@ -219,7 +219,7 @@ static void parse_basicConstraints(chunk_t blob, int level0,
{
case BASIC_CONSTRAINTS_CA:
isCA = object.len && *object.ptr;
- DBG2(" %s", isCA ? "TRUE" : "FALSE");
+ DBG2(DBG_LIB, " %s", isCA ? "TRUE" : "FALSE");
if (isCA)
{
this->flags |= X509_CA;
@@ -383,7 +383,7 @@ static identification_t *parse_generalName(chunk_t blob, int level0)
if (id_type != ID_ANY)
{
gn = identification_create_from_encoding(id_type, object);
- DBG2(" '%Y'", gn);
+ DBG2(DBG_LIB, " '%Y'", gn);
goto end;
}
}
@@ -539,7 +539,7 @@ static void parse_authorityInfoAccess(chunk_t blob, int level0,
/* parsing went wrong - abort */
goto end;
}
- DBG2(" '%Y'", id);
+ DBG2(DBG_LIB, " '%Y'", id);
if (accessMethod == OID_OCSP &&
asprintf(&uri, "%Y", id) > 0)
{
@@ -704,34 +704,36 @@ static bool check_address_object(ts_type_t ts_type, chunk_t object)
case TS_IPV4_ADDR_RANGE:
if (object.len > 5)
{
- DBG1("IPv4 address object is larger than 5 octets");
+ DBG1(DBG_LIB, "IPv4 address object is larger than 5 octets");
return FALSE;
}
break;
case TS_IPV6_ADDR_RANGE:
if (object.len > 17)
{
- DBG1("IPv6 address object is larger than 17 octets");
+ DBG1(DBG_LIB, "IPv6 address object is larger than 17 octets");
return FALSE;
}
break;
default:
- DBG1("unknown address family");
+ DBG1(DBG_LIB, "unknown address family");
return FALSE;
}
if (object.len == 0)
{
- DBG1("An ASN.1 bit string must contain at least the initial octet");
+ DBG1(DBG_LIB, "An ASN.1 bit string must contain at least the "
+ "initial octet");
return FALSE;
}
if (object.len == 1 && object.ptr[0] != 0)
{
- DBG1("An empty ASN.1 bit string must contain a zero initial octet");
+ DBG1(DBG_LIB, "An empty ASN.1 bit string must contain a zero "
+ "initial octet");
return FALSE;
}
if (object.ptr[0] > 7)
{
- DBG1("number of unused bits is too large");
+ DBG1(DBG_LIB, "number of unused bits is too large");
return FALSE;
}
return TRUE;
@@ -769,11 +771,11 @@ static void parse_ipAddrBlocks(chunk_t blob, int level0,
{
break;
}
- DBG2(" %N", ts_type_name, ts_type);
+ DBG2(DBG_LIB, " %N", ts_type_name, ts_type);
}
break;
case IP_ADDR_BLOCKS_INHERIT:
- DBG1("inherit choice is not supported");
+ DBG1(DBG_LIB, "inherit choice is not supported");
break;
case IP_ADDR_BLOCKS_PREFIX:
if (!check_address_object(ts_type, object))
@@ -782,7 +784,7 @@ static void parse_ipAddrBlocks(chunk_t blob, int level0,
}
ts = traffic_selector_create_from_rfc3779_format(ts_type,
object, object);
- DBG2(" %R", ts);
+ DBG2(DBG_LIB, " %R", ts);
this->ipAddrBlocks->insert_last(this->ipAddrBlocks, ts);
break;
case IP_ADDR_BLOCKS_MIN:
@@ -799,7 +801,7 @@ static void parse_ipAddrBlocks(chunk_t blob, int level0,
}
ts = traffic_selector_create_from_rfc3779_format(ts_type,
min_object, object);
- DBG2(" %R", ts);
+ DBG2(DBG_LIB, " %R", ts);
this->ipAddrBlocks->insert_last(this->ipAddrBlocks, ts);
break;
default:
@@ -893,12 +895,12 @@ static bool parse_certificate(private_x509_cert_t *this)
this->version = (object.len) ? (1+(u_int)*object.ptr) : 1;
if (this->version < 1 || this->version > 3)
{
- DBG1("X.509v%d not supported", this->version);
+ DBG1(DBG_LIB, "X.509v%d not supported", this->version);
goto end;
}
else
{
- DBG2(" X.509v%d", this->version);
+ DBG2(DBG_LIB, " X.509v%d", this->version);
}
break;
case X509_OBJ_SERIAL_NUMBER:
@@ -909,7 +911,7 @@ static bool parse_certificate(private_x509_cert_t *this)
break;
case X509_OBJ_ISSUER:
this->issuer = identification_create_from_encoding(ID_DER_ASN1_DN, object);
- DBG2(" '%Y'", this->issuer);
+ DBG2(DBG_LIB, " '%Y'", this->issuer);
break;
case X509_OBJ_NOT_BEFORE:
this->notBefore = asn1_parse_time(object, level);
@@ -919,13 +921,13 @@ static bool parse_certificate(private_x509_cert_t *this)
break;
case X509_OBJ_SUBJECT:
this->subject = identification_create_from_encoding(ID_DER_ASN1_DN, object);
- DBG2(" '%Y'", this->subject);
+ DBG2(DBG_LIB, " '%Y'", this->subject);
break;
case X509_OBJ_SUBJECT_PUBLIC_KEY_INFO:
- DBG2("-- > --");
+ DBG2(DBG_LIB, "-- > --");
this->public_key = lib->creds->create(lib->creds, CRED_PUBLIC_KEY,
KEY_ANY, BUILD_BLOB_ASN1_DER, object, BUILD_END);
- DBG2("-- < --");
+ DBG2(DBG_LIB, "-- < --");
if (this->public_key == NULL)
{
goto end;
@@ -934,7 +936,7 @@ static bool parse_certificate(private_x509_cert_t *this)
case X509_OBJ_OPTIONAL_EXTENSIONS:
if (this->version != 3)
{
- DBG1("Only X.509v3 certificates have extensions");
+ DBG1(DBG_LIB, "Only X.509v3 certificates have extensions");
goto end;
}
break;
@@ -943,7 +945,7 @@ static bool parse_certificate(private_x509_cert_t *this)
break;
case X509_OBJ_CRITICAL:
critical = object.len && *object.ptr;
- DBG2(" %s", critical ? "TRUE" : "FALSE");
+ DBG2(DBG_LIB, " %s", critical ? "TRUE" : "FALSE");
break;
case X509_OBJ_EXTN_VALUE:
{
@@ -974,6 +976,9 @@ static bool parse_certificate(private_x509_cert_t *this)
case OID_AUTHORITY_INFO_ACCESS:
parse_authorityInfoAccess(object, level, this);
break;
+ case OID_KEY_USAGE:
+ /* TODO parse the flags */
+ break;
case OID_EXTENDED_KEY_USAGE:
parse_extendedKeyUsage(object, level, this);
break;
@@ -994,7 +999,7 @@ static bool parse_certificate(private_x509_cert_t *this)
if (critical && lib->settings->get_bool(lib->settings,
"libstrongswan.plugins.x509.enforce_critical", FALSE))
{
- DBG1("critical %s extension not supported",
+ DBG1(DBG_LIB, "critical %s extension not supported",
(extn_oid == OID_UNKNOWN) ? "unknown" :
(char*)oid_names[extn_oid].name);
goto end;
@@ -1007,7 +1012,7 @@ static bool parse_certificate(private_x509_cert_t *this)
this->algorithm = asn1_parse_algorithmIdentifier(object, level, NULL);
if (this->algorithm != sig_alg)
{
- DBG1(" signature algorithms do not agree");
+ DBG1(DBG_LIB, " signature algorithms do not agree");
goto end;
}
break;
@@ -1035,7 +1040,7 @@ end:
hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
if (hasher == NULL)
{
- DBG1(" unable to create hash of certificate, SHA1 not supported");
+ DBG1(DBG_LIB, " unable to create hash of certificate, SHA1 not supported");
return NULL;
}
hasher->allocate_hash(hasher, this->encoding, &this->encoding_hash);
@@ -1214,9 +1219,9 @@ static bool is_newer(certificate_t *this, certificate_t *that)
this->get_validity(this, &now, &this_update, NULL);
that->get_validity(that, &now, &that_update, NULL);
new = this_update > that_update;
- DBG1(" certificate from %T is %s - existing certificate from %T %s",
- &this_update, FALSE, new ? "newer":"not newer",
- &that_update, FALSE, new ? "replaced":"retained");
+ DBG1(DBG_LIB, " certificate from %T is %s - existing certificate "
+ "from %T %s", &this_update, FALSE, new ? "newer":"not newer",
+ &that_update, FALSE, new ? "replaced":"retained");
return new;
}
@@ -1453,7 +1458,7 @@ chunk_t x509_build_subjectAltNames(linked_list_t *list)
context = ASN1_CONTEXT_S_7;
break;
default:
- DBG1("encoding %N as subjectAltName not supported",
+ DBG1(DBG_LIB, "encoding %N as subjectAltName not supported",
id_type_names, id->get_type(id));
enumerator->destroy(enumerator);
free(subjectAltNames.ptr);
@@ -1481,7 +1486,9 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert,
chunk_t extensions = chunk_empty, extendedKeyUsage = chunk_empty;
chunk_t serverAuth = chunk_empty, clientAuth = chunk_empty;
chunk_t ocspSigning = chunk_empty;
- chunk_t basicConstraints = chunk_empty, subjectAltNames = chunk_empty;
+ chunk_t basicConstraints = chunk_empty;
+ chunk_t keyUsage = chunk_empty;
+ chunk_t subjectAltNames = chunk_empty;
chunk_t subjectKeyIdentifier = chunk_empty, authKeyIdentifier = chunk_empty;
chunk_t crlDistributionPoints = chunk_empty, authorityInfoAccess = chunk_empty;
identification_t *issuer, *subject;
@@ -1583,7 +1590,7 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert,
asn1_wrap(ASN1_SEQUENCE, "m", authorityInfoAccess)));
}
- /* build CA basicConstraint for CA certificates */
+ /* build CA basicConstraint and keyUsage flags for CA certificates */
if (cert->flags & X509_CA)
{
chunk_t pathLenConstraint = chunk_empty;
@@ -1603,6 +1610,13 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert,
asn1_wrap(ASN1_BOOLEAN, "c",
chunk_from_chars(0xFF)),
pathLenConstraint)));
+ keyUsage = asn1_wrap(ASN1_SEQUENCE, "mmm",
+ asn1_build_known_oid(OID_KEY_USAGE),
+ asn1_wrap(ASN1_BOOLEAN, "c",
+ chunk_from_chars(0xFF)),
+ asn1_wrap(ASN1_OCTET_STRING, "m",
+ asn1_wrap(ASN1_BIT_STRING, "c",
+ chunk_from_chars(0x01, 0x06))));
}
/* add serverAuth extendedKeyUsage flag */
@@ -1663,8 +1677,8 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert,
crlDistributionPoints.ptr)
{
extensions = asn1_wrap(ASN1_CONTEXT_C_3, "m",
- asn1_wrap(ASN1_SEQUENCE, "mmmmmmm",
- basicConstraints, subjectKeyIdentifier,
+ asn1_wrap(ASN1_SEQUENCE, "mmmmmmmm",
+ basicConstraints, keyUsage, subjectKeyIdentifier,
authKeyIdentifier, subjectAltNames,
extendedKeyUsage, crlDistributionPoints,
authorityInfoAccess));
diff --git a/src/libstrongswan/plugins/x509/x509_crl.c b/src/libstrongswan/plugins/x509/x509_crl.c
index b9ef3218b..c755d7f63 100644
--- a/src/libstrongswan/plugins/x509/x509_crl.c
+++ b/src/libstrongswan/plugins/x509/x509_crl.c
@@ -216,14 +216,14 @@ static bool parse(private_x509_crl_t *this)
break;
case CRL_OBJ_VERSION:
this->version = (object.len) ? (1+(u_int)*object.ptr) : 1;
- DBG2(" v%d", this->version);
+ DBG2(DBG_LIB, " v%d", this->version);
break;
case CRL_OBJ_SIG_ALG:
sig_alg = asn1_parse_algorithmIdentifier(object, level, NULL);
break;
case CRL_OBJ_ISSUER:
this->issuer = identification_create_from_encoding(ID_DER_ASN1_DN, object);
- DBG2(" '%Y'", this->issuer);
+ DBG2(DBG_LIB, " '%Y'", this->issuer);
break;
case CRL_OBJ_THIS_UPDATE:
this->thisUpdate = asn1_parse_time(object, level);
@@ -248,7 +248,7 @@ static bool parse(private_x509_crl_t *this)
case CRL_OBJ_CRL_ENTRY_CRITICAL:
case CRL_OBJ_CRITICAL:
critical = object.len && *object.ptr;
- DBG2(" %s", critical ? "TRUE" : "FALSE");
+ DBG2(DBG_LIB, " %s", critical ? "TRUE" : "FALSE");
break;
case CRL_OBJ_CRL_ENTRY_EXTN_VALUE:
case CRL_OBJ_EXTN_VALUE:
@@ -262,7 +262,8 @@ static bool parse(private_x509_crl_t *this)
{
revoked->reason = *object.ptr;
}
- DBG2(" '%N'", crl_reason_names, revoked->reason);
+ DBG2(DBG_LIB, " '%N'", crl_reason_names,
+ revoked->reason);
}
else if (extn_oid == OID_AUTHORITY_KEY_ID)
{
@@ -286,7 +287,7 @@ static bool parse(private_x509_crl_t *this)
this->algorithm = asn1_parse_algorithmIdentifier(object, level, NULL);
if (this->algorithm != sig_alg)
{
- DBG1(" signature algorithms do not agree");
+ DBG1(DBG_LIB, " signature algorithms do not agree");
goto end;
}
break;
@@ -483,7 +484,7 @@ static bool is_newer(private_x509_crl_t *this, crl_t *that)
if (this->crlNumber.ptr != NULL && that_crlNumber.ptr != NULL)
{
new = chunk_compare(this->crlNumber, that_crlNumber) > 0;
- DBG1(" crl #%#B is %s - existing crl #%#B %s",
+ DBG1(DBG_LIB, " crl #%#B is %s - existing crl #%#B %s",
&this->crlNumber, new ? "newer":"not newer",
&that_crlNumber, new ? "replaced":"retained");
}
@@ -497,7 +498,7 @@ static bool is_newer(private_x509_crl_t *this, crl_t *that)
this_cert->get_validity(this_cert, &now, &this_update, NULL);
that_cert->get_validity(that_cert, &now, &that_update, NULL);
new = this_update > that_update;
- DBG1(" crl from %T is %s - existing crl from %T %s",
+ DBG1(DBG_LIB, " crl from %T is %s - existing crl from %T %s",
&this_update, FALSE, new ? "newer":"not newer",
&that_update, FALSE, new ? "replaced":"retained");
}
diff --git a/src/libstrongswan/plugins/x509/x509_ocsp_request.c b/src/libstrongswan/plugins/x509/x509_ocsp_request.c
index f86f87751..c835d5dc8 100644
--- a/src/libstrongswan/plugins/x509/x509_ocsp_request.c
+++ b/src/libstrongswan/plugins/x509/x509_ocsp_request.c
@@ -179,13 +179,14 @@ static chunk_t build_requestList(private_x509_ocsp_request_t *this)
}
else
{
- DBG1("creating OCSP request failed, SHA1 not supported");
+ DBG1(DBG_LIB, "creating OCSP request failed, SHA1 not supported");
}
public->destroy(public);
}
else
{
- DBG1("creating OCSP request failed, CA certificate has no public key");
+ DBG1(DBG_LIB, "creating OCSP request failed, CA certificate has "
+ "no public key");
}
return asn1_wrap(ASN1_SEQUENCE, "m", list);
}
@@ -205,7 +206,7 @@ static chunk_t build_nonce(private_x509_ocsp_request_t *this)
return asn1_wrap(ASN1_SEQUENCE, "cm", ASN1_nonce_oid,
asn1_simple_object(ASN1_OCTET_STRING, this->nonce));
}
- DBG1("creating OCSP request nonce failed, no RNG found");
+ DBG1(DBG_LIB, "creating OCSP request nonce failed, no RNG found");
return chunk_empty;
}
@@ -263,14 +264,14 @@ static chunk_t build_optionalSignature(private_x509_ocsp_request_t *this,
scheme = SIGN_ECDSA_WITH_SHA1_DER;
break;
default:
- DBG1("unable to sign OCSP request, %N signature not supported",
- key_type_names, this->key->get_type(this->key));
+ DBG1(DBG_LIB, "unable to sign OCSP request, %N signature not "
+ "supported", key_type_names, this->key->get_type(this->key));
return chunk_empty;
}
if (!this->key->sign(this->key, scheme, tbsRequest, &signature))
{
- DBG1("creating OCSP signature failed, skipped");
+ DBG1(DBG_LIB, "creating OCSP signature failed, skipped");
return chunk_empty;
}
if (this->cert)
@@ -378,7 +379,7 @@ static id_match_t has_issuer(private_x509_ocsp_request_t *this,
*/
static bool issued_by(private_x509_ocsp_request_t *this, certificate_t *issuer)
{
- DBG1("OCSP request validation not implemented!");
+ DBG1(DBG_LIB, "OCSP request validation not implemented!");
return FALSE;
}
diff --git a/src/libstrongswan/plugins/x509/x509_ocsp_response.c b/src/libstrongswan/plugins/x509/x509_ocsp_response.c
index 948d7ad85..c70d461df 100644
--- a/src/libstrongswan/plugins/x509/x509_ocsp_response.c
+++ b/src/libstrongswan/plugins/x509/x509_ocsp_response.c
@@ -509,7 +509,8 @@ static bool parse_basicOCSPResponse(private_x509_ocsp_response_t *this,
if (version != OCSP_BASIC_RESPONSE_VERSION)
{
- DBG1(" ocsp ResponseData version %d not supported", version);
+ DBG1(DBG_LIB, " ocsp ResponseData version %d not "
+ "supported", version);
goto end;
}
break;
@@ -517,12 +518,12 @@ static bool parse_basicOCSPResponse(private_x509_ocsp_response_t *this,
case BASIC_RESPONSE_ID_BY_NAME:
this->responderId = identification_create_from_encoding(
ID_DER_ASN1_DN, object);
- DBG2(" '%Y'", this->responderId);
+ DBG2(DBG_LIB, " '%Y'", this->responderId);
break;
case BASIC_RESPONSE_ID_BY_KEY:
this->responderId = identification_create_from_encoding(
ID_KEY_ID, object);
- DBG2(" '%Y'", this->responderId);
+ DBG2(DBG_LIB, " '%Y'", this->responderId);
break;
case BASIC_RESPONSE_PRODUCED_AT:
this->producedAt = asn1_to_time(&object, ASN1_GENERALIZEDTIME);
@@ -536,7 +537,7 @@ static bool parse_basicOCSPResponse(private_x509_ocsp_response_t *this,
break;
case BASIC_RESPONSE_CRITICAL:
critical = object.len && *object.ptr;
- DBG2(" %s", critical ? "TRUE" : "FALSE");
+ DBG2(DBG_LIB, " %s", critical ? "TRUE" : "FALSE");
break;
case BASIC_RESPONSE_EXT_VALUE:
if (extn_oid == OID_NONCE)
@@ -622,7 +623,7 @@ static bool parse_OCSPResponse(private_x509_ocsp_response_t *this)
case OCSP_SUCCESSFUL:
break;
default:
- DBG1(" ocsp response status: %N",
+ DBG1(DBG_LIB, " ocsp response status: %N",
ocsp_status_names, status);
goto end;
}
@@ -638,7 +639,8 @@ static bool parse_OCSPResponse(private_x509_ocsp_response_t *this)
parser->get_level(parser)+1);
break;
default:
- DBG1(" ocsp response type %#B not supported", &object);
+ DBG1(DBG_LIB, " ocsp response type %#B not supported",
+ &object);
goto end;
}
break;
@@ -772,9 +774,9 @@ static bool is_newer(certificate_t *this, certificate_t *that)
this->get_validity(this, &now, &this_update, NULL);
that->get_validity(that, &now, &that_update, NULL);
new = this_update > that_update;
- DBG1(" ocsp response from %T is %s - existing ocsp response from %T %s",
- &this_update, FALSE, new ? "newer":"not newer",
- &that_update, FALSE, new ? "replaced":"retained");
+ DBG1(DBG_LIB, " ocsp response from %T is %s - existing ocsp response "
+ "from %T %s", &this_update, FALSE, new ? "newer" : "not newer",
+ &that_update, FALSE, new ? "replaced" : "retained");
return new;
}
diff --git a/src/libstrongswan/plugins/x509/x509_pkcs10.c b/src/libstrongswan/plugins/x509/x509_pkcs10.c
index 6d750c98c..1009ec931 100644
--- a/src/libstrongswan/plugins/x509/x509_pkcs10.c
+++ b/src/libstrongswan/plugins/x509/x509_pkcs10.c
@@ -297,7 +297,7 @@ static bool parse_extension_request(private_x509_pkcs10_t *this, chunk_t blob, i
break;
case PKCS10_EXTN_CRITICAL:
critical = object.len && *object.ptr;
- DBG2(" %s", critical ? "TRUE" : "FALSE");
+ DBG2(DBG_LIB, " %s", critical ? "TRUE" : "FALSE");
break;
case PKCS10_EXTN_VALUE:
{
@@ -330,25 +330,25 @@ static bool parse_challengePassword(private_x509_pkcs10_t *this, chunk_t blob, i
if (blob.len < 2)
{
- DBG1("L%d - challengePassword: ASN.1 object smaller than 2 octets",
- level);
+ DBG1(DBG_LIB, "L%d - challengePassword: ASN.1 object smaller "
+ "than 2 octets", level);
return FALSE;
}
tag = *blob.ptr;
if (tag < ASN1_UTF8STRING || tag > ASN1_IA5STRING)
{
- DBG1("L%d - challengePassword: ASN.1 object is not a character string",
- level);
+ DBG1(DBG_LIB, "L%d - challengePassword: ASN.1 object is not "
+ "a character string", level);
return FALSE;
}
if (asn1_length(&blob) == ASN1_INVALID_LENGTH)
{
- DBG1("L%d - challengePassword: ASN.1 object has an invalid length",
- level);
+ DBG1(DBG_LIB, "L%d - challengePassword: ASN.1 object has an "
+ "invalid length", level);
return FALSE;
- }
- DBG2("L%d - challengePassword:", level);
- DBG4(" '%.*s'", blob.len, blob.ptr);
+ }
+ DBG2(DBG_LIB, "L%d - challengePassword:", level);
+ DBG4(DBG_LIB, " '%.*s'", blob.len, blob.ptr);
return TRUE;
}
@@ -406,13 +406,14 @@ static bool parse_certificate_request(private_x509_pkcs10_t *this)
case PKCS10_VERSION:
if (object.len > 0 && *object.ptr != 0)
{
- DBG1("PKCS#10 certificate request format is not version 1");
+ DBG1(DBG_LIB, "PKCS#10 certificate request format is "
+ "not version 1");
goto end;
}
break;
case PKCS10_SUBJECT:
this->subject = identification_create_from_encoding(ID_DER_ASN1_DN, object);
- DBG2(" '%Y'", this->subject);
+ DBG2(DBG_LIB, " '%Y'", this->subject);
break;
case PKCS10_SUBJECT_PUBLIC_KEY_INFO:
this->public_key = lib->creds->create(lib->creds, CRED_PUBLIC_KEY,
@@ -467,7 +468,7 @@ end:
}
else
{
- DBG1("certificate request is not self-signed");
+ DBG1(DBG_LIB, "certificate request is not self-signed");
success = FALSE;
}
}
diff --git a/src/libstrongswan/plugins/x509/x509_plugin.c b/src/libstrongswan/plugins/x509/x509_plugin.c
index 94c49b1e1..e71c55efc 100644
--- a/src/libstrongswan/plugins/x509/x509_plugin.c
+++ b/src/libstrongswan/plugins/x509/x509_plugin.c
@@ -65,7 +65,7 @@ static void destroy(private_x509_plugin_t *this)
/*
* see header file
*/
-plugin_t *plugin_create()
+plugin_t *x509_plugin_create()
{
private_x509_plugin_t *this = malloc_thing(private_x509_plugin_t);
diff --git a/src/libstrongswan/plugins/x509/x509_plugin.h b/src/libstrongswan/plugins/x509/x509_plugin.h
index fe8c0b31f..e3f959ffa 100644
--- a/src/libstrongswan/plugins/x509/x509_plugin.h
+++ b/src/libstrongswan/plugins/x509/x509_plugin.h
@@ -39,9 +39,4 @@ struct x509_plugin_t {
plugin_t plugin;
};
-/**
- * Create a x509_plugin instance.
- */
-plugin_t *plugin_create();
-
#endif /** X509_PLUGIN_H_ @}*/
diff --git a/src/libstrongswan/plugins/xcbc/Makefile.am b/src/libstrongswan/plugins/xcbc/Makefile.am
index 515b75031..7de306832 100644
--- a/src/libstrongswan/plugins/xcbc/Makefile.am
+++ b/src/libstrongswan/plugins/xcbc/Makefile.am
@@ -3,9 +3,14 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
+if MONOLITHIC
+noinst_LTLIBRARIES = libstrongswan-xcbc.la
+else
plugin_LTLIBRARIES = libstrongswan-xcbc.la
+endif
-libstrongswan_xcbc_la_SOURCES = xcbc_plugin.h xcbc_plugin.c xcbc.h xcbc.c \
+libstrongswan_xcbc_la_SOURCES = \
+ xcbc_plugin.h xcbc_plugin.c xcbc.h xcbc.c \
xcbc_prf.h xcbc_prf.c xcbc_signer.h xcbc_signer.c
-libstrongswan_xcbc_la_LDFLAGS = -module -avoid-version
+libstrongswan_xcbc_la_LDFLAGS = -module -avoid-version
diff --git a/src/libstrongswan/plugins/xcbc/Makefile.in b/src/libstrongswan/plugins/xcbc/Makefile.in
index 3720aeaeb..c49e2b76a 100644
--- a/src/libstrongswan/plugins/xcbc/Makefile.in
+++ b/src/libstrongswan/plugins/xcbc/Makefile.in
@@ -72,7 +72,7 @@ am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
am__installdirs = "$(DESTDIR)$(plugindir)"
-LTLIBRARIES = $(plugin_LTLIBRARIES)
+LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_xcbc_la_LIBADD =
am_libstrongswan_xcbc_la_OBJECTS = xcbc_plugin.lo xcbc.lo xcbc_prf.lo \
xcbc_signer.lo
@@ -80,6 +80,8 @@ libstrongswan_xcbc_la_OBJECTS = $(am_libstrongswan_xcbc_la_OBJECTS)
libstrongswan_xcbc_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
$(libstrongswan_xcbc_la_LDFLAGS) $(LDFLAGS) -o $@
+@MONOLITHIC_FALSE@am_libstrongswan_xcbc_la_rpath = -rpath $(plugindir)
+@MONOLITHIC_TRUE@am_libstrongswan_xcbc_la_rpath =
DEFAULT_INCLUDES = -I.@am__isrc@
depcomp = $(SHELL) $(top_srcdir)/depcomp
am__depfiles_maybe = depfiles
@@ -218,6 +220,7 @@ ipsecuid = @ipsecuid@
ipsecuser = @ipsecuser@
libdir = @libdir@
libexecdir = @libexecdir@
+libhydra_plugins = @libhydra_plugins@
libstrongswan_plugins = @libstrongswan_plugins@
linux_headers = @linux_headers@
localedir = @localedir@
@@ -254,8 +257,10 @@ xml_CFLAGS = @xml_CFLAGS@
xml_LIBS = @xml_LIBS@
INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -rdynamic
-plugin_LTLIBRARIES = libstrongswan-xcbc.la
-libstrongswan_xcbc_la_SOURCES = xcbc_plugin.h xcbc_plugin.c xcbc.h xcbc.c \
+@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-xcbc.la
+@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-xcbc.la
+libstrongswan_xcbc_la_SOURCES = \
+ xcbc_plugin.h xcbc_plugin.c xcbc.h xcbc.c \
xcbc_prf.h xcbc_prf.c xcbc_signer.h xcbc_signer.c
libstrongswan_xcbc_la_LDFLAGS = -module -avoid-version
@@ -293,6 +298,15 @@ $(top_srcdir)/configure: $(am__configure_deps)
$(ACLOCAL_M4): $(am__aclocal_m4_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(am__aclocal_m4_deps):
+
+clean-noinstLTLIBRARIES:
+ -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES)
+ @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES)
@$(NORMAL_INSTALL)
test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)"
@@ -325,7 +339,7 @@ clean-pluginLTLIBRARIES:
rm -f "$${dir}/so_locations"; \
done
libstrongswan-xcbc.la: $(libstrongswan_xcbc_la_OBJECTS) $(libstrongswan_xcbc_la_DEPENDENCIES)
- $(libstrongswan_xcbc_la_LINK) -rpath $(plugindir) $(libstrongswan_xcbc_la_OBJECTS) $(libstrongswan_xcbc_la_LIBADD) $(LIBS)
+ $(libstrongswan_xcbc_la_LINK) $(am_libstrongswan_xcbc_la_rpath) $(libstrongswan_xcbc_la_OBJECTS) $(libstrongswan_xcbc_la_LIBADD) $(LIBS)
mostlyclean-compile:
-rm -f *.$(OBJEXT)
@@ -481,8 +495,8 @@ maintainer-clean-generic:
@echo "it deletes files that may require special tools to rebuild."
clean: clean-am
-clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \
- mostlyclean-am
+clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \
+ clean-pluginLTLIBRARIES mostlyclean-am
distclean: distclean-am
-rm -rf ./$(DEPDIR)
@@ -553,18 +567,19 @@ uninstall-am: uninstall-pluginLTLIBRARIES
.MAKE: install-am install-strip
.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
- clean-libtool clean-pluginLTLIBRARIES ctags distclean \
- distclean-compile distclean-generic distclean-libtool \
- distclean-tags distdir dvi dvi-am html html-am info info-am \
- install install-am install-data install-data-am install-dvi \
- install-dvi-am install-exec install-exec-am install-html \
- install-html-am install-info install-info-am install-man \
- install-pdf install-pdf-am install-pluginLTLIBRARIES \
- install-ps install-ps-am install-strip installcheck \
- installcheck-am installdirs maintainer-clean \
- maintainer-clean-generic mostlyclean mostlyclean-compile \
- mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
- tags uninstall uninstall-am uninstall-pluginLTLIBRARIES
+ clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \
+ ctags distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-pdf install-pdf-am \
+ install-pluginLTLIBRARIES install-ps install-ps-am \
+ install-strip installcheck installcheck-am installdirs \
+ maintainer-clean maintainer-clean-generic mostlyclean \
+ mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
+ pdf pdf-am ps ps-am tags uninstall uninstall-am \
+ uninstall-pluginLTLIBRARIES
# Tell versions [3.59,3.63) of GNU make to not export all variables.
diff --git a/src/libstrongswan/plugins/xcbc/xcbc_plugin.c b/src/libstrongswan/plugins/xcbc/xcbc_plugin.c
index 3eb7f0927..9d903bfaa 100644
--- a/src/libstrongswan/plugins/xcbc/xcbc_plugin.c
+++ b/src/libstrongswan/plugins/xcbc/xcbc_plugin.c
@@ -47,7 +47,7 @@ static void destroy(private_xcbc_plugin_t *this)
/*
* see header file
*/
-plugin_t *plugin_create()
+plugin_t *xcbc_plugin_create()
{
private_xcbc_plugin_t *this = malloc_thing(private_xcbc_plugin_t);
diff --git a/src/libstrongswan/plugins/xcbc/xcbc_plugin.h b/src/libstrongswan/plugins/xcbc/xcbc_plugin.h
index 803d847aa..9824088c6 100644
--- a/src/libstrongswan/plugins/xcbc/xcbc_plugin.h
+++ b/src/libstrongswan/plugins/xcbc/xcbc_plugin.h
@@ -39,9 +39,4 @@ struct xcbc_plugin_t {
plugin_t plugin;
};
-/**
- * Create a xcbc_plugin instance.
- */
-plugin_t *plugin_create();
-
#endif /** XCBC_PLUGIN_H_ @}*/
diff --git a/src/libstrongswan/printf_hook.c b/src/libstrongswan/printf_hook.c
index 0b516c99e..037f0b918 100644
--- a/src/libstrongswan/printf_hook.c
+++ b/src/libstrongswan/printf_hook.c
@@ -16,8 +16,8 @@
#include "printf_hook.h"
-#include <utils.h>
-#include <debug.h>
+#include "utils.h"
+#include "debug.h"
#include <stdio.h>
#include <stdarg.h>
@@ -333,7 +333,8 @@ static void add_handler(private_printf_hook_t *this, char spec,
if (!IS_VALID_SPEC(spec))
{
- DBG1("'%c' is not a valid printf hook specifier, not registered!", spec);
+ DBG1(DBG_LIB, "'%c' is not a valid printf hook specifier, "
+ "not registered!", spec);
return;
}
@@ -345,7 +346,8 @@ static void add_handler(private_printf_hook_t *this, char spec,
{
if (++i >= ARGS_MAX)
{
- DBG1("Too many arguments for printf hook with specifier '%c', not registered!", spec);
+ DBG1(DBG_LIB, "Too many arguments for printf hook with "
+ "specifier '%c', not registered!", spec);
va_end(args);
free(handler);
return;
@@ -427,7 +429,7 @@ printf_hook_t *printf_hook_create()
#ifdef USE_VSTR
if (!vstr_init())
{
- DBG1("failed to initialize Vstr library!");
+ DBG1(DBG_LIB, "failed to initialize Vstr library!");
free(this);
return NULL;
}
diff --git a/src/libstrongswan/selectors/traffic_selector.h b/src/libstrongswan/selectors/traffic_selector.h
index b5964b541..257da3f24 100644
--- a/src/libstrongswan/selectors/traffic_selector.h
+++ b/src/libstrongswan/selectors/traffic_selector.h
@@ -74,8 +74,8 @@ struct traffic_selector_t {
*
* @param other traffic selector to compare
* @return
- * - created subset of them
- * - or NULL if no match between this and other
+ * - created subset of them
+ * - or NULL if no match between this and other
*/
traffic_selector_t *(*get_subset) (traffic_selector_t *this,
traffic_selector_t *other);
@@ -173,7 +173,7 @@ struct traffic_selector_t {
* Compare two traffic selectors for equality.
*
* @param other ts to compare with this
- * @return TRUE if equal, FALSE otherwise
+ * @return TRUE if equal, FALSE otherwise
*/
bool (*equals) (traffic_selector_t *this, traffic_selector_t *other);
@@ -215,15 +215,15 @@ struct traffic_selector_t {
/**
* Create a new traffic selector using human readable params.
*
- * @param protocol protocol for this ts, such as TCP or UDP
+ * @param protocol protocol for this ts, such as TCP or UDP
* @param type type of following addresses, such as TS_IPV4_ADDR_RANGE
* @param from_addr start of address range as string
* @param from_port port number in host order
* @param to_addr end of address range as string
* @param to_port port number in host order
* @return
- * - traffic_selector_t object
- * - NULL if invalid address strings/protocol
+ * - traffic_selector_t object
+ * - NULL if invalid address strings/protocol
*/
traffic_selector_t *traffic_selector_create_from_string(
u_int8_t protocol, ts_type_t type,
@@ -237,11 +237,11 @@ traffic_selector_t *traffic_selector_create_from_string(
* But the parser gives us this data in this format, so we
* don't have to convert twice.
*
- * @param protocol protocol for this ts, such as TCP or UDP
+ * @param protocol protocol for this ts, such as TCP or UDP
* @param type type of following addresses, such as TS_IPV4_ADDR_RANGE
- * @param from_addr start of address range, network order
+ * @param from_address start of address range, network order
* @param from_port port number, host order
- * @param to_addr end of address range, network order
+ * @param to_address end of address range, network order
* @param to_port port number, host order
* @return traffic_selector_t object
*/
@@ -273,11 +273,11 @@ traffic_selector_t *traffic_selector_create_from_rfc3779_format(ts_type_t type,
*
* @param net subnet to use
* @param netbits size of the subnet, as used in e.g. 192.168.0.0/24 notation
- * @param protocol protocol for this ts, such as TCP or UDP
+ * @param protocol protocol for this ts, such as TCP or UDP
* @param port port number, host order
* @return
- * - traffic_selector_t object
- * - NULL if address family of net not supported
+ * - traffic_selector_t object
+ * - NULL if address family of net not supported
*/
traffic_selector_t *traffic_selector_create_from_subnet(
host_t *net, u_int8_t netbits,
@@ -295,8 +295,8 @@ traffic_selector_t *traffic_selector_create_from_subnet(
* @param from_port start of allowed port range
* @param to_port end of range
* @return
- * - traffic_selector_t object
- * - NULL if type not supported
+ * - traffic_selector_t object
+ * - NULL if type not supported
*/
traffic_selector_t *traffic_selector_create_dynamic(u_int8_t protocol,
u_int16_t from_port, u_int16_t to_port);
diff --git a/src/libstrongswan/settings.c b/src/libstrongswan/settings.c
index 4a822bcbf..610e2b8ea 100644
--- a/src/libstrongswan/settings.c
+++ b/src/libstrongswan/settings.c
@@ -21,8 +21,8 @@
#include "settings.h"
-#include <debug.h>
-#include <utils/linked_list.h>
+#include "debug.h"
+#include "utils/linked_list.h"
typedef struct private_settings_t private_settings_t;
@@ -293,8 +293,8 @@ static u_int32_t get_time(private_settings_t *this, char *key, u_int32_t def, ..
if (value)
{
errno = 0;
- timeval = strtol(value, &endptr, 10);
- if (errno == 0 && timeval >= 0)
+ timeval = strtoul(value, &endptr, 10);
+ if (errno == 0)
{
switch (*endptr)
{
@@ -497,7 +497,7 @@ static section_t* parse_section(char **text, char *name)
continue;
}
}
- DBG1("matching '}' not found near %s", *text);
+ DBG1(DBG_LIB, "matching '}' not found near %s", *text);
break;
case '=':
if (parse(text, "\t ", "\n", NULL, &value))
@@ -508,7 +508,7 @@ static section_t* parse_section(char **text, char *name)
section->kv->insert_last(section->kv, kv);
continue;
}
- DBG1("parsing value failed near %s", *text);
+ DBG1(DBG_LIB, "parsing value failed near %s", *text);
break;
case '#':
parse(text, "", "\n", NULL, &value);
@@ -566,7 +566,7 @@ settings_t *settings_create(char *file)
fd = fopen(file, "r");
if (fd == NULL)
{
- DBG1("'%s' does not exist or is not readable", file);
+ DBG1(DBG_LIB, "'%s' does not exist or is not readable", file);
return &this->public;
}
fseek(fd, 0, SEEK_END);
diff --git a/src/libstrongswan/settings.h b/src/libstrongswan/settings.h
index 9e8d75cc0..f274fb33c 100644
--- a/src/libstrongswan/settings.h
+++ b/src/libstrongswan/settings.h
@@ -23,8 +23,8 @@
typedef struct settings_t settings_t;
-#include <utils.h>
-#include <utils/enumerator.h>
+#include "utils.h"
+#include "utils/enumerator.h"
/**
* Generic configuration options read from a config file.
diff --git a/src/libstrongswan/threading/mutex.c b/src/libstrongswan/threading/mutex.c
index a35695624..8597abb44 100644
--- a/src/libstrongswan/threading/mutex.c
+++ b/src/libstrongswan/threading/mutex.c
@@ -108,7 +108,7 @@ static void lock(private_mutex_t *this)
err = pthread_mutex_lock(&this->mutex);
if (err)
{
- DBG1("!!! MUTEX LOCK ERROR: %s !!!", strerror(err));
+ DBG1(DBG_LIB, "!!! MUTEX LOCK ERROR: %s !!!", strerror(err));
}
profiler_end(&this->profile);
}
@@ -123,7 +123,7 @@ static void unlock(private_mutex_t *this)
err = pthread_mutex_unlock(&this->mutex);
if (err)
{
- DBG1("!!! MUTEX UNLOCK ERROR: %s !!!", strerror(err));
+ DBG1(DBG_LIB, "!!! MUTEX UNLOCK ERROR: %s !!!", strerror(err));
}
}
diff --git a/src/libstrongswan/threading/rwlock.c b/src/libstrongswan/threading/rwlock.c
index ee9fb10be..cec43f59c 100644
--- a/src/libstrongswan/threading/rwlock.c
+++ b/src/libstrongswan/threading/rwlock.c
@@ -98,7 +98,7 @@ static void read_lock(private_rwlock_t *this)
err = pthread_rwlock_rdlock(&this->rwlock);
if (err != 0)
{
- DBG1("!!! RWLOCK READ LOCK ERROR: %s !!!", strerror(err));
+ DBG1(DBG_LIB, "!!! RWLOCK READ LOCK ERROR: %s !!!", strerror(err));
}
profiler_end(&this->profile);
}
@@ -114,7 +114,7 @@ static void write_lock(private_rwlock_t *this)
err = pthread_rwlock_wrlock(&this->rwlock);
if (err != 0)
{
- DBG1("!!! RWLOCK WRITE LOCK ERROR: %s !!!", strerror(err));
+ DBG1(DBG_LIB, "!!! RWLOCK WRITE LOCK ERROR: %s !!!", strerror(err));
}
profiler_end(&this->profile);
}
@@ -137,7 +137,7 @@ static void rw_unlock(private_rwlock_t *this)
err = pthread_rwlock_unlock(&this->rwlock);
if (err != 0)
{
- DBG1("!!! RWLOCK UNLOCK ERROR: %s !!!", strerror(err));
+ DBG1(DBG_LIB, "!!! RWLOCK UNLOCK ERROR: %s !!!", strerror(err));
}
}
diff --git a/src/libstrongswan/threading/thread.c b/src/libstrongswan/threading/thread.c
index bbfb2c2c6..3751bb749 100644
--- a/src/libstrongswan/threading/thread.c
+++ b/src/libstrongswan/threading/thread.c
@@ -155,7 +155,7 @@ static void cancel(private_thread_t *this)
if (pthread_equal(this->thread_id, pthread_self()))
{
this->mutex->unlock(this->mutex);
- DBG1("!!! CANNOT CANCEL CURRENT THREAD !!!");
+ DBG1(DBG_LIB, "!!! CANNOT CANCEL CURRENT THREAD !!!");
return;
}
#ifdef HAVE_PTHREAD_CANCEL
@@ -180,7 +180,7 @@ static void _kill(private_thread_t *this, int sig)
* returned, so depending on the signal, the lock might not get
* unlocked. */
this->mutex->unlock(this->mutex);
- DBG1("!!! CANNOT SEND SIGNAL TO CURRENT THREAD !!!");
+ DBG1(DBG_LIB, "!!! CANNOT SEND SIGNAL TO CURRENT THREAD !!!");
return;
}
pthread_kill(this->thread_id, sig);
@@ -209,13 +209,13 @@ static void *join(private_thread_t *this)
if (pthread_equal(this->thread_id, pthread_self()))
{
this->mutex->unlock(this->mutex);
- DBG1("!!! CANNOT JOIN CURRENT THREAD !!!");
+ DBG1(DBG_LIB, "!!! CANNOT JOIN CURRENT THREAD !!!");
return NULL;
}
if (this->detached_or_joined)
{
this->mutex->unlock(this->mutex);
- DBG1("!!! CANNOT JOIN DETACHED THREAD !!!");
+ DBG1(DBG_LIB, "!!! CANNOT JOIN DETACHED THREAD !!!");
return NULL;
}
thread_id = this->thread_id;
@@ -299,7 +299,8 @@ thread_t *thread_create(thread_main_t main, void *arg)
this->arg = arg;
if (pthread_create(&this->thread_id, NULL, (void*)thread_main, this) != 0)
{
- DBG1("failed to create thread!");
+ DBG1(DBG_LIB, "failed to create thread!");
+ this->mutex->lock(this->mutex);
thread_destroy(this);
return NULL;
}
@@ -354,7 +355,7 @@ void thread_cleanup_pop(bool execute)
(void**)&handler) != SUCCESS)
{
this->mutex->unlock(this->mutex);
- DBG1("!!! THREAD CLEANUP ERROR !!!");
+ DBG1(DBG_LIB, "!!! THREAD CLEANUP ERROR !!!");
return;
}
this->mutex->unlock(this->mutex);
@@ -433,6 +434,7 @@ void threads_init()
void threads_deinit()
{
private_thread_t *main_thread = (private_thread_t*)thread_current();
+ main_thread->mutex->lock(main_thread->mutex);
thread_destroy(main_thread);
current_thread->destroy(current_thread);
id_mutex->destroy(id_mutex);
diff --git a/src/libstrongswan/threading/thread.h b/src/libstrongswan/threading/thread.h
index 6bf8fac79..31b9e1b3a 100644
--- a/src/libstrongswan/threading/thread.h
+++ b/src/libstrongswan/threading/thread.h
@@ -24,6 +24,12 @@
typedef struct thread_t thread_t;
#ifdef __APPLE__
+/* thread_create is a syscall used to create Mach kernel threads and although
+ * there are no errors or warnings during compilation or linkage the dynamic
+ * linker does not use our implementation, therefore we rename it here
+ */
+#define thread_create(main, arg) strongswan_thread_create(main, arg)
+
/* on Mac OS X 10.5 several system calls we use are no cancellation points.
* fortunately, select isn't one of them, so we wrap some of the others with
* calls to select(2).
diff --git a/src/libstrongswan/utils.c b/src/libstrongswan/utils.c
index e331ac0d0..63958593d 100644
--- a/src/libstrongswan/utils.c
+++ b/src/libstrongswan/utils.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2008-2009 Tobias Brunner
+ * Copyright (C) 2008-2010 Tobias Brunner
* Copyright (C) 2005-2008 Martin Willi
* Hochschule fuer Technik Rapperswil
*
@@ -25,8 +25,8 @@
#include <dirent.h>
#include <time.h>
-#include <enum.h>
-#include <debug.h>
+#include "enum.h"
+#include "debug.h"
ENUM(status_names, SUCCESS, DESTROY_ME,
"SUCCESS",
@@ -119,9 +119,31 @@ void *memstr(const void *haystack, const char *needle, size_t n)
/**
* Described in header.
*/
+char* translate(char *str, const char *from, const char *to)
+{
+ char *pos = str;
+ if (strlen(from) != strlen(to))
+ {
+ return str;
+ }
+ while (pos && *pos)
+ {
+ char *match;
+ if ((match = strchr(from, *pos)) != NULL)
+ {
+ *pos = to[match - from];
+ }
+ pos++;
+ }
+ return str;
+}
+
+/**
+ * Described in header.
+ */
bool mkdir_p(const char *path, mode_t mode)
{
- size_t len;
+ int len;
char *pos, full[PATH_MAX];
pos = full;
if (!path || *path == '\0')
@@ -131,7 +153,7 @@ bool mkdir_p(const char *path, mode_t mode)
len = snprintf(full, sizeof(full)-1, "%s", path);
if (len < 0 || len >= sizeof(full)-1)
{
- DBG1("path string %s too long", path);
+ DBG1(DBG_LIB, "path string %s too long", path);
return FALSE;
}
/* ensure that the path ends with a '/' */
@@ -152,7 +174,7 @@ bool mkdir_p(const char *path, mode_t mode)
{
if (mkdir(full, mode) < 0)
{
- DBG1("failed to create directory %s", full);
+ DBG1(DBG_LIB, "failed to create directory %s", full);
return FALSE;
}
}
diff --git a/src/libstrongswan/utils.h b/src/libstrongswan/utils.h
index 964cbd1d2..04551835e 100644
--- a/src/libstrongswan/utils.h
+++ b/src/libstrongswan/utils.h
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2008-2009 Tobias Brunner
+ * Copyright (C) 2008-2010 Tobias Brunner
* Copyright (C) 2008 Martin Willi
* Hochschule fuer Technik Rapperswil
*
@@ -29,7 +29,7 @@
#include <arpa/inet.h>
#include <string.h>
-#include <enum.h>
+#include "enum.h"
/**
* strongSwan program return codes
@@ -125,7 +125,7 @@
#define METHOD(iface, name, ret, this, ...) \
static ret name(union {iface *_public; this;} \
__attribute__((transparent_union)), ##__VA_ARGS__); \
- const static typeof(name) *_##name = (const typeof(name)*)name; \
+ static const typeof(name) *_##name = (const typeof(name)*)name; \
static ret name(this, ##__VA_ARGS__)
/**
@@ -134,7 +134,7 @@
#define METHOD2(iface1, iface2, name, ret, this, ...) \
static ret name(union {iface1 *_public1; iface2 *_public2; this;} \
__attribute__((transparent_union)), ##__VA_ARGS__); \
- const static typeof(name) *_##name = (const typeof(name)*)name; \
+ static const typeof(name) *_##name = (const typeof(name)*)name; \
static ret name(this, ##__VA_ARGS__)
/**
@@ -150,7 +150,7 @@
/**
* Ignore result of functions tagged with warn_unused_result attributes
*/
-#define ignore_result(call) { if(call); }
+#define ignore_result(call) { if(call){}; }
/**
* Assign a function as a class method
@@ -311,6 +311,14 @@ void memxor(u_int8_t dest[], u_int8_t src[], size_t n);
void *memstr(const void *haystack, const char *needle, size_t n);
/**
+ * Translates the characters in the given string, searching for characters
+ * in 'from' and mapping them to characters in 'to'.
+ * The two characters sets 'from' and 'to' must contain the same number of
+ * characters.
+ */
+char *translate(char *str, const char *from, const char *to);
+
+/**
* Creates a directory and all required parent directories.
*
* @param path path to the new directory
diff --git a/src/libstrongswan/utils/enumerator.c b/src/libstrongswan/utils/enumerator.c
index 7efdd883e..fb461b448 100644
--- a/src/libstrongswan/utils/enumerator.c
+++ b/src/libstrongswan/utils/enumerator.c
@@ -76,7 +76,8 @@ static bool enumerate_dir_enum(dir_enum_t *this, char **relative,
char **absolute, struct stat *st)
{
struct dirent *entry = readdir(this->dir);
- size_t len, remaining;
+ size_t remaining;
+ int len;
if (!entry)
{
@@ -96,7 +97,8 @@ static bool enumerate_dir_enum(dir_enum_t *this, char **relative,
len = snprintf(this->full_end, remaining, "%s", entry->d_name);
if (len < 0 || len >= remaining)
{
- DBG1("buffer too small to enumerate file '%s'", entry->d_name);
+ DBG1(DBG_LIB, "buffer too small to enumerate file '%s'",
+ entry->d_name);
return FALSE;
}
if (absolute)
@@ -107,7 +109,8 @@ static bool enumerate_dir_enum(dir_enum_t *this, char **relative,
{
if (stat(this->full, st))
{
- DBG1("stat() on '%s' failed: %s", this->full, strerror(errno));
+ DBG1(DBG_LIB, "stat() on '%s' failed: %s", this->full,
+ strerror(errno));
return FALSE;
}
}
@@ -120,7 +123,7 @@ static bool enumerate_dir_enum(dir_enum_t *this, char **relative,
*/
enumerator_t* enumerator_create_directory(char *path)
{
- size_t len;
+ int len;
dir_enum_t *this = malloc_thing(dir_enum_t);
this->public.enumerate = (void*)enumerate_dir_enum;
this->public.destroy = (void*)destroy_dir_enum;
@@ -132,7 +135,7 @@ enumerator_t* enumerator_create_directory(char *path)
len = snprintf(this->full, sizeof(this->full)-1, "%s", path);
if (len < 0 || len >= sizeof(this->full)-1)
{
- DBG1("path string '%s' too long", path);
+ DBG1(DBG_LIB, "path string '%s' too long", path);
free(this);
return NULL;
}
@@ -147,7 +150,7 @@ enumerator_t* enumerator_create_directory(char *path)
this->dir = opendir(path);
if (this->dir == NULL)
{
- DBG1("opening directory '%s' failed: %s", path, strerror(errno));
+ DBG1(DBG_LIB, "opening directory '%s' failed: %s", path, strerror(errno));
free(this);
return NULL;
}
diff --git a/src/libstrongswan/utils/enumerator.h b/src/libstrongswan/utils/enumerator.h
index 3056498b1..537bf69e1 100644
--- a/src/libstrongswan/utils/enumerator.h
+++ b/src/libstrongswan/utils/enumerator.h
@@ -23,7 +23,7 @@
typedef struct enumerator_t enumerator_t;
-#include <utils.h>
+#include "../utils.h"
/**
* Enumerate is simpler, but more flexible than iterator.
diff --git a/src/libstrongswan/utils/host.c b/src/libstrongswan/utils/host.c
index a610b3a4d..112d07e5c 100644
--- a/src/libstrongswan/utils/host.c
+++ b/src/libstrongswan/utils/host.c
@@ -482,7 +482,7 @@ host_t *host_create_from_dns(char *string, int af, u_int16_t port)
error = getaddrinfo(string, NULL, &hints, &result);
if (error != 0)
{
- DBG1("resolving '%s' failed: %s", string, gai_strerror(error));
+ DBG1(DBG_LIB, "resolving '%s' failed: %s", string, gai_strerror(error));
return NULL;
}
/* result is a linked list, but we use only the first address */
diff --git a/src/libstrongswan/utils/identification.c b/src/libstrongswan/utils/identification.c
index b0da340bc..6a3c3936c 100644
--- a/src/libstrongswan/utils/identification.c
+++ b/src/libstrongswan/utils/identification.c
@@ -798,7 +798,7 @@ int identification_printf_hook(char *dst, size_t len, printf_hook_spec_t *spec,
return print_in_hook(dst, len, "%*s", spec->width, buf);
}
-METHOD(identification_t, clone, identification_t*,
+METHOD(identification_t, clone_, identification_t*,
private_identification_t *this)
{
private_identification_t *clone = malloc_thing(private_identification_t);
@@ -830,7 +830,7 @@ static private_identification_t *identification_create(id_type_t type)
.get_encoding = _get_encoding,
.get_type = _get_type,
.create_part_enumerator = _create_part_enumerator,
- .clone = _clone,
+ .clone = _clone_,
.destroy = _destroy,
},
.type = type,
diff --git a/src/libstrongswan/utils/leak_detective.c b/src/libstrongswan/utils/leak_detective.c
index 2c2a36af3..2f8a7187c 100644
--- a/src/libstrongswan/utils/leak_detective.c
+++ b/src/libstrongswan/utils/leak_detective.c
@@ -167,6 +167,7 @@ char *whitelist[] = {
"tzset",
"inet_ntoa",
"strerror",
+ "getprotobyname",
"getprotobynumber",
"getservbyport",
"getservbyname",
diff --git a/src/libstrongswan/utils/optionsfrom.c b/src/libstrongswan/utils/optionsfrom.c
index bf528caa0..d8f635c62 100644
--- a/src/libstrongswan/utils/optionsfrom.c
+++ b/src/libstrongswan/utils/optionsfrom.c
@@ -80,14 +80,15 @@ bool from(private_options_t *this, char *filename, int *argcp, char **argvp[],
this->nuses++;
if (this->nuses >= MAX_USES)
{
- DBG1("optionsfrom called %d times by \"%s\" - looping?", this->nuses + 1, (*argvp)[0]);
+ DBG1(DBG_LIB, "optionsfrom called %d times by \"%s\" - looping?",
+ this->nuses + 1, (*argvp)[0]);
return FALSE;
}
fd = fopen(filename, "r");
if (fd == NULL)
{
- DBG1("optionsfrom: unable to open file '%s': %s",
+ DBG1(DBG_LIB, "optionsfrom: unable to open file '%s': %s",
filename, strerror(errno));
return FALSE;
}
@@ -132,7 +133,7 @@ bool from(private_options_t *this, char *filename, int *argcp, char **argvp[],
line.len--;
if (!extract_token(&token, delimiter, &line))
{
- DBG1("optionsfrom: missing terminator at %s:%d",
+ DBG1(DBG_LIB, "optionsfrom: missing terminator at %s:%d",
filename, linepos);
good = FALSE;
break;