summaryrefslogtreecommitdiff
path: root/src/libstrongswan
diff options
context:
space:
mode:
Diffstat (limited to 'src/libstrongswan')
-rw-r--r--src/libstrongswan/Makefile.am5
-rw-r--r--src/libstrongswan/Makefile.in107
-rw-r--r--src/libstrongswan/asn1/asn1.c11
-rw-r--r--src/libstrongswan/chunk.c135
-rw-r--r--src/libstrongswan/chunk.h52
-rw-r--r--src/libstrongswan/credentials/builder.c2
-rw-r--r--src/libstrongswan/credentials/builder.h4
-rw-r--r--src/libstrongswan/credentials/credential_factory.c24
-rw-r--r--src/libstrongswan/crypto/crypters/crypter.c6
-rw-r--r--src/libstrongswan/crypto/crypters/crypter.h5
-rw-r--r--src/libstrongswan/crypto/diffie_hellman.c6
-rw-r--r--src/libstrongswan/crypto/diffie_hellman.h4
-rw-r--r--src/libstrongswan/crypto/hashers/hasher.c7
-rw-r--r--src/libstrongswan/crypto/hashers/hasher.h4
-rw-r--r--src/libstrongswan/fips/Makefile.in18
-rw-r--r--src/libstrongswan/plugins/aes/Makefile.in18
-rw-r--r--src/libstrongswan/plugins/agent/Makefile.in18
-rw-r--r--src/libstrongswan/plugins/curl/Makefile.in18
-rw-r--r--src/libstrongswan/plugins/des/Makefile.in18
-rw-r--r--src/libstrongswan/plugins/des/des_crypter.c107
-rw-r--r--src/libstrongswan/plugins/des/des_plugin.c4
-rw-r--r--src/libstrongswan/plugins/fips_prf/Makefile.in18
-rw-r--r--src/libstrongswan/plugins/gmp/Makefile.in18
-rw-r--r--src/libstrongswan/plugins/hmac/Makefile.in18
-rw-r--r--src/libstrongswan/plugins/ldap/Makefile.in18
-rw-r--r--src/libstrongswan/plugins/md4/Makefile.am10
-rw-r--r--src/libstrongswan/plugins/md4/Makefile.in496
-rw-r--r--src/libstrongswan/plugins/md4/md4_hasher.c359
-rw-r--r--src/libstrongswan/plugins/md4/md4_hasher.h48
-rw-r--r--src/libstrongswan/plugins/md4/md4_plugin.c60
-rw-r--r--src/libstrongswan/plugins/md4/md4_plugin.h47
-rw-r--r--src/libstrongswan/plugins/md5/Makefile.in18
-rw-r--r--src/libstrongswan/plugins/mysql/Makefile.in18
-rw-r--r--src/libstrongswan/plugins/openssl/Makefile.in18
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_crypter.c5
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_hasher.c5
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_plugin.c9
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c98
-rw-r--r--src/libstrongswan/plugins/padlock/Makefile.am3
-rw-r--r--src/libstrongswan/plugins/padlock/Makefile.in24
-rw-r--r--src/libstrongswan/plugins/padlock/padlock_plugin.c136
-rw-r--r--src/libstrongswan/plugins/padlock/padlock_rng.c136
-rw-r--r--src/libstrongswan/plugins/padlock/padlock_rng.h49
-rw-r--r--src/libstrongswan/plugins/pubkey/Makefile.in18
-rw-r--r--src/libstrongswan/plugins/random/Makefile.in18
-rw-r--r--src/libstrongswan/plugins/sha1/Makefile.in18
-rw-r--r--src/libstrongswan/plugins/sha2/Makefile.in18
-rw-r--r--src/libstrongswan/plugins/sqlite/Makefile.in18
-rw-r--r--src/libstrongswan/plugins/x509/Makefile.in18
-rw-r--r--src/libstrongswan/plugins/x509/x509_ac.c4
-rw-r--r--src/libstrongswan/plugins/x509/x509_cert.c293
-rw-r--r--src/libstrongswan/plugins/xcbc/Makefile.in18
-rw-r--r--src/libstrongswan/utils.c52
-rw-r--r--src/libstrongswan/utils.h18
-rw-r--r--src/libstrongswan/utils/enumerator.c62
-rw-r--r--src/libstrongswan/utils/hashtable.c433
-rw-r--r--src/libstrongswan/utils/hashtable.h116
-rw-r--r--src/libstrongswan/utils/host.c6
-rw-r--r--src/libstrongswan/utils/identification.c3
-rw-r--r--src/libstrongswan/utils/leak_detective.c16
-rw-r--r--src/libstrongswan/utils/lexparser.c28
-rw-r--r--src/libstrongswan/utils/lexparser.h8
-rw-r--r--src/libstrongswan/utils/mutex.c52
-rw-r--r--src/libstrongswan/utils/mutex.h12
64 files changed, 2951 insertions, 462 deletions
diff --git a/src/libstrongswan/Makefile.am b/src/libstrongswan/Makefile.am
index 1423db5c3..110c2ef16 100644
--- a/src/libstrongswan/Makefile.am
+++ b/src/libstrongswan/Makefile.am
@@ -47,6 +47,7 @@ utils/identification.c utils/identification.h \
utils/iterator.h \
utils/lexparser.c utils/lexparser.h \
utils/linked_list.c utils/linked_list.h \
+utils/hashtable.c utils/hashtable.h \
utils/enumerator.c utils/enumerator.h \
utils/optionsfrom.c utils/optionsfrom.h \
utils/mutex.c utils/mutex.h \
@@ -97,6 +98,10 @@ if USE_DES
SUBDIRS += plugins/des
endif
+if USE_MD4
+ SUBDIRS += plugins/md4
+endif
+
if USE_MD5
SUBDIRS += plugins/md5
endif
diff --git a/src/libstrongswan/Makefile.in b/src/libstrongswan/Makefile.in
index f1cf4f554..ba90d987b 100644
--- a/src/libstrongswan/Makefile.in
+++ b/src/libstrongswan/Makefile.in
@@ -37,24 +37,25 @@ host_triplet = @host@
@USE_LOCK_PROFILER_TRUE@am__append_3 = -DLOCK_PROFILER
@USE_AES_TRUE@am__append_4 = plugins/aes
@USE_DES_TRUE@am__append_5 = plugins/des
-@USE_MD5_TRUE@am__append_6 = plugins/md5
-@USE_SHA1_TRUE@am__append_7 = plugins/sha1
-@USE_SHA2_TRUE@am__append_8 = plugins/sha2
-@USE_FIPS_PRF_TRUE@am__append_9 = plugins/fips_prf
-@USE_GMP_TRUE@am__append_10 = plugins/gmp
-@USE_RANDOM_TRUE@am__append_11 = plugins/random
-@USE_HMAC_TRUE@am__append_12 = plugins/hmac
-@USE_XCBC_TRUE@am__append_13 = plugins/xcbc
-@USE_X509_TRUE@am__append_14 = plugins/x509
-@USE_PUBKEY_TRUE@am__append_15 = plugins/pubkey
-@USE_CURL_TRUE@am__append_16 = plugins/curl
-@USE_LDAP_TRUE@am__append_17 = plugins/ldap
-@USE_MYSQL_TRUE@am__append_18 = plugins/mysql
-@USE_SQLITE_TRUE@am__append_19 = plugins/sqlite
-@USE_PADLOCK_TRUE@am__append_20 = plugins/padlock
-@USE_OPENSSL_TRUE@am__append_21 = plugins/openssl
-@USE_AGENT_TRUE@am__append_22 = plugins/agent
-@USE_INTEGRITY_TEST_TRUE@am__append_23 = fips
+@USE_MD4_TRUE@am__append_6 = plugins/md4
+@USE_MD5_TRUE@am__append_7 = plugins/md5
+@USE_SHA1_TRUE@am__append_8 = plugins/sha1
+@USE_SHA2_TRUE@am__append_9 = plugins/sha2
+@USE_FIPS_PRF_TRUE@am__append_10 = plugins/fips_prf
+@USE_GMP_TRUE@am__append_11 = plugins/gmp
+@USE_RANDOM_TRUE@am__append_12 = plugins/random
+@USE_HMAC_TRUE@am__append_13 = plugins/hmac
+@USE_XCBC_TRUE@am__append_14 = plugins/xcbc
+@USE_X509_TRUE@am__append_15 = plugins/x509
+@USE_PUBKEY_TRUE@am__append_16 = plugins/pubkey
+@USE_CURL_TRUE@am__append_17 = plugins/curl
+@USE_LDAP_TRUE@am__append_18 = plugins/ldap
+@USE_MYSQL_TRUE@am__append_19 = plugins/mysql
+@USE_SQLITE_TRUE@am__append_20 = plugins/sqlite
+@USE_PADLOCK_TRUE@am__append_21 = plugins/padlock
+@USE_OPENSSL_TRUE@am__append_22 = plugins/openssl
+@USE_AGENT_TRUE@am__append_23 = plugins/agent
+@USE_INTEGRITY_TEST_TRUE@am__append_24 = fips
subdir = src/libstrongswan
DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
@@ -104,12 +105,12 @@ am__libstrongswan_la_SOURCES_DIST = library.c library.h chunk.c \
database/database_factory.c utils.h utils.c utils/host.c \
utils/host.h utils/identification.c utils/identification.h \
utils/iterator.h utils/lexparser.c utils/lexparser.h \
- utils/linked_list.c utils/linked_list.h utils/enumerator.c \
- utils/enumerator.h utils/optionsfrom.c utils/optionsfrom.h \
- utils/mutex.c utils/mutex.h utils/backtrace.c \
- utils/backtrace.h plugins/plugin_loader.c \
- plugins/plugin_loader.h plugins/plugin.h \
- utils/leak_detective.c utils/leak_detective.h \
+ utils/linked_list.c utils/linked_list.h utils/hashtable.c \
+ utils/hashtable.h utils/enumerator.c utils/enumerator.h \
+ utils/optionsfrom.c utils/optionsfrom.h utils/mutex.c \
+ utils/mutex.h utils/backtrace.c utils/backtrace.h \
+ plugins/plugin_loader.c plugins/plugin_loader.h \
+ plugins/plugin.h utils/leak_detective.c utils/leak_detective.h \
fips/fips_canister_start.c fips/fips.c fips/fips.h \
fips/fips_canister_end.c
@USE_LEAK_DETECTIVE_TRUE@am__objects_1 = leak_detective.lo
@@ -127,8 +128,9 @@ am__libstrongswan_la_SOURCES_DIST = library.c library.h chunk.c \
@USE_INTEGRITY_TEST_FALSE@ fetcher_manager.lo \
@USE_INTEGRITY_TEST_FALSE@ database_factory.lo utils.lo host.lo \
@USE_INTEGRITY_TEST_FALSE@ identification.lo lexparser.lo \
-@USE_INTEGRITY_TEST_FALSE@ linked_list.lo enumerator.lo \
-@USE_INTEGRITY_TEST_FALSE@ optionsfrom.lo mutex.lo backtrace.lo \
+@USE_INTEGRITY_TEST_FALSE@ linked_list.lo hashtable.lo \
+@USE_INTEGRITY_TEST_FALSE@ enumerator.lo optionsfrom.lo \
+@USE_INTEGRITY_TEST_FALSE@ mutex.lo backtrace.lo \
@USE_INTEGRITY_TEST_FALSE@ plugin_loader.lo $(am__objects_1)
@USE_INTEGRITY_TEST_TRUE@am_libstrongswan_la_OBJECTS = \
@USE_INTEGRITY_TEST_TRUE@ fips_canister_start.lo fips.lo \
@@ -145,10 +147,10 @@ am__libstrongswan_la_SOURCES_DIST = library.c library.h chunk.c \
@USE_INTEGRITY_TEST_TRUE@ fetcher_manager.lo \
@USE_INTEGRITY_TEST_TRUE@ database_factory.lo utils.lo host.lo \
@USE_INTEGRITY_TEST_TRUE@ identification.lo lexparser.lo \
-@USE_INTEGRITY_TEST_TRUE@ linked_list.lo enumerator.lo \
-@USE_INTEGRITY_TEST_TRUE@ optionsfrom.lo mutex.lo backtrace.lo \
-@USE_INTEGRITY_TEST_TRUE@ plugin_loader.lo $(am__objects_1) \
-@USE_INTEGRITY_TEST_TRUE@ fips_canister_end.lo
+@USE_INTEGRITY_TEST_TRUE@ linked_list.lo hashtable.lo \
+@USE_INTEGRITY_TEST_TRUE@ enumerator.lo optionsfrom.lo mutex.lo \
+@USE_INTEGRITY_TEST_TRUE@ backtrace.lo plugin_loader.lo \
+@USE_INTEGRITY_TEST_TRUE@ $(am__objects_1) fips_canister_end.lo
libstrongswan_la_OBJECTS = $(am_libstrongswan_la_OBJECTS)
DEFAULT_INCLUDES = -I.@am__isrc@
depcomp = $(SHELL) $(top_srcdir)/depcomp
@@ -175,11 +177,12 @@ RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \
distclean-recursive maintainer-clean-recursive
ETAGS = etags
CTAGS = ctags
-DIST_SUBDIRS = . plugins/aes plugins/des plugins/md5 plugins/sha1 \
- plugins/sha2 plugins/fips_prf plugins/gmp plugins/random \
- plugins/hmac plugins/xcbc plugins/x509 plugins/pubkey \
- plugins/curl plugins/ldap plugins/mysql plugins/sqlite \
- plugins/padlock plugins/openssl plugins/agent fips
+DIST_SUBDIRS = . plugins/aes plugins/des plugins/md4 plugins/md5 \
+ plugins/sha1 plugins/sha2 plugins/fips_prf plugins/gmp \
+ plugins/random plugins/hmac plugins/xcbc plugins/x509 \
+ plugins/pubkey plugins/curl plugins/ldap plugins/mysql \
+ plugins/sqlite plugins/padlock plugins/openssl plugins/agent \
+ fips
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
AMTAR = @AMTAR@
@@ -193,22 +196,17 @@ CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
CPP = @CPP@
CPPFLAGS = @CPPFLAGS@
-CXX = @CXX@
-CXXCPP = @CXXCPP@
-CXXDEPMODE = @CXXDEPMODE@
-CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DSYMUTIL = @DSYMUTIL@
-ECHO = @ECHO@
+DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
ECHO_T = @ECHO_T@
EGREP = @EGREP@
EXEEXT = @EXEEXT@
-F77 = @F77@
-FFLAGS = @FFLAGS@
+FGREP = @FGREP@
GPERF = @GPERF@
GREP = @GREP@
INSTALL = @INSTALL@
@@ -218,6 +216,7 @@ INSTALL_SCRIPT = @INSTALL_SCRIPT@
INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@
IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@
+LD = @LD@
LDFLAGS = @LDFLAGS@
LEX = @LEX@
LEXLIB = @LEXLIB@
@@ -226,12 +225,16 @@ LIBOBJS = @LIBOBJS@
LIBS = @LIBS@
LIBTOOL = @LIBTOOL@
LINUX_HEADERS = @LINUX_HEADERS@
+LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
MKDIR_P = @MKDIR_P@
+NM = @NM@
NMEDIT = @NMEDIT@
OBJEXT = @OBJEXT@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
PACKAGE_NAME = @PACKAGE_NAME@
@@ -254,8 +257,7 @@ abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
ac_ct_CC = @ac_ct_CC@
-ac_ct_CXX = @ac_ct_CXX@
-ac_ct_F77 = @ac_ct_F77@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
am__leading_dot = @am__leading_dot@
am__quote = @am__quote@
@@ -294,6 +296,7 @@ libstrongswan_plugins = @libstrongswan_plugins@
linuxdir = @linuxdir@
localedir = @localedir@
localstatedir = @localstatedir@
+lt_ECHO = @lt_ECHO@
mandir = @mandir@
mkdir_p = @mkdir_p@
nm_CFLAGS = @nm_CFLAGS@
@@ -373,6 +376,7 @@ lib_LTLIBRARIES = libstrongswan.la
@USE_INTEGRITY_TEST_FALSE@ utils/lexparser.h \
@USE_INTEGRITY_TEST_FALSE@ utils/linked_list.c \
@USE_INTEGRITY_TEST_FALSE@ utils/linked_list.h \
+@USE_INTEGRITY_TEST_FALSE@ utils/hashtable.c utils/hashtable.h \
@USE_INTEGRITY_TEST_FALSE@ utils/enumerator.c \
@USE_INTEGRITY_TEST_FALSE@ utils/enumerator.h \
@USE_INTEGRITY_TEST_FALSE@ utils/optionsfrom.c \
@@ -436,8 +440,9 @@ lib_LTLIBRARIES = libstrongswan.la
@USE_INTEGRITY_TEST_TRUE@ utils/identification.h \
@USE_INTEGRITY_TEST_TRUE@ utils/iterator.h utils/lexparser.c \
@USE_INTEGRITY_TEST_TRUE@ utils/lexparser.h utils/linked_list.c \
-@USE_INTEGRITY_TEST_TRUE@ utils/linked_list.h \
-@USE_INTEGRITY_TEST_TRUE@ utils/enumerator.c utils/enumerator.h \
+@USE_INTEGRITY_TEST_TRUE@ utils/linked_list.h utils/hashtable.c \
+@USE_INTEGRITY_TEST_TRUE@ utils/hashtable.h utils/enumerator.c \
+@USE_INTEGRITY_TEST_TRUE@ utils/enumerator.h \
@USE_INTEGRITY_TEST_TRUE@ utils/optionsfrom.c \
@USE_INTEGRITY_TEST_TRUE@ utils/optionsfrom.h utils/mutex.c \
@USE_INTEGRITY_TEST_TRUE@ utils/mutex.h utils/backtrace.c \
@@ -463,7 +468,7 @@ SUBDIRS = . $(am__append_4) $(am__append_5) $(am__append_6) \
$(am__append_13) $(am__append_14) $(am__append_15) \
$(am__append_16) $(am__append_17) $(am__append_18) \
$(am__append_19) $(am__append_20) $(am__append_21) \
- $(am__append_22) $(am__append_23)
+ $(am__append_22) $(am__append_23) $(am__append_24)
all: $(BUILT_SOURCES)
$(MAKE) $(AM_MAKEFLAGS) all-recursive
@@ -554,6 +559,7 @@ distclean-compile:
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fips_canister_end.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fips_canister_start.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hasher.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hashtable.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/host.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/identification.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/leak_detective.Plo@am__quote@
@@ -796,6 +802,13 @@ linked_list.lo: utils/linked_list.c
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o linked_list.lo `test -f 'utils/linked_list.c' || echo '$(srcdir)/'`utils/linked_list.c
+hashtable.lo: utils/hashtable.c
+@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT hashtable.lo -MD -MP -MF $(DEPDIR)/hashtable.Tpo -c -o hashtable.lo `test -f 'utils/hashtable.c' || echo '$(srcdir)/'`utils/hashtable.c
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/hashtable.Tpo $(DEPDIR)/hashtable.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='utils/hashtable.c' object='hashtable.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o hashtable.lo `test -f 'utils/hashtable.c' || echo '$(srcdir)/'`utils/hashtable.c
+
enumerator.lo: utils/enumerator.c
@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT enumerator.lo -MD -MP -MF $(DEPDIR)/enumerator.Tpo -c -o enumerator.lo `test -f 'utils/enumerator.c' || echo '$(srcdir)/'`utils/enumerator.c
@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/enumerator.Tpo $(DEPDIR)/enumerator.Plo
diff --git a/src/libstrongswan/asn1/asn1.c b/src/libstrongswan/asn1/asn1.c
index 524abfe5e..6122aa9f8 100644
--- a/src/libstrongswan/asn1/asn1.c
+++ b/src/libstrongswan/asn1/asn1.c
@@ -14,7 +14,7 @@
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*
- * $Id: asn1.c 4047 2008-06-10 07:36:44Z tobias $
+ * $Id: asn1.c 4776 2008-12-09 15:00:30Z martin $
*/
#include <stdio.h>
@@ -348,8 +348,9 @@ chunk_t asn1_from_time(const time_t *time, asn1_t type)
const char *format;
char buf[BUF_LEN];
chunk_t formatted_time;
- struct tm *t = gmtime(time);
+ struct tm t;
+ gmtime_r(time, &t);
if (type == ASN1_GENERALIZEDTIME)
{
format = "%04d%02d%02d%02d%02d%02dZ";
@@ -358,10 +359,10 @@ chunk_t asn1_from_time(const time_t *time, asn1_t type)
else /* ASN1_UTCTIME */
{
format = "%02d%02d%02d%02d%02d%02dZ";
- offset = (t->tm_year < 100)? 0 : -100;
+ offset = (t.tm_year < 100)? 0 : -100;
}
- snprintf(buf, BUF_LEN, format, t->tm_year + offset,
- t->tm_mon + 1, t->tm_mday, t->tm_hour, t->tm_min, t->tm_sec);
+ snprintf(buf, BUF_LEN, format, t.tm_year + offset,
+ t.tm_mon + 1, t.tm_mday, t.tm_hour, t.tm_min, t.tm_sec);
formatted_time.ptr = buf;
formatted_time.len = strlen(buf);
return asn1_simple_object(type, formatted_time);
diff --git a/src/libstrongswan/chunk.c b/src/libstrongswan/chunk.c
index 565f48fb0..681581af9 100644
--- a/src/libstrongswan/chunk.c
+++ b/src/libstrongswan/chunk.c
@@ -1,4 +1,5 @@
/*
+ * Copyright (C) 2008 Tobias Brunner
* Copyright (C) 2005-2006 Martin Willi
* Copyright (C) 2005 Jan Hutter
* Hochschule fuer Technik Rapperswil
@@ -13,7 +14,7 @@
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*
- * $Id: chunk.c 4276 2008-08-22 10:44:51Z martin $
+ * $Id: chunk.c 4784 2008-12-10 13:43:51Z tobias $
*/
#include <stdio.h>
@@ -26,6 +27,16 @@
#include <debug.h>
#include <printf_hook.h>
+/* required for chunk_hash */
+#undef get16bits
+#if (defined(__GNUC__) && defined(__i386__))
+#define get16bits(d) (*((const u_int16_t*)(d)))
+#endif
+#if !defined (get16bits)
+#define get16bits(d) ((((u_int32_t)(((const u_int8_t*)(d))[1])) << 8)\
+ + (u_int32_t)(((const u_int8_t*)(d))[0]) )
+#endif
+
/**
* Empty chunk.
*/
@@ -34,15 +45,6 @@ chunk_t chunk_empty = { NULL, 0 };
/**
* Described in header.
*/
-chunk_t chunk_create(u_char *ptr, size_t len)
-{
- chunk_t chunk = {ptr, len};
- return chunk;
-}
-
-/**
- * Described in header.
- */
chunk_t chunk_create_clone(u_char *ptr, chunk_t chunk)
{
chunk_t clone = chunk_empty;
@@ -132,7 +134,7 @@ chunk_t chunk_create_cat(u_char *ptr, const char* mode, ...)
void chunk_split(chunk_t chunk, const char *mode, ...)
{
va_list chunks;
- size_t len;
+ u_int len;
chunk_t *ch;
va_start(chunks, mode);
@@ -142,7 +144,7 @@ void chunk_split(chunk_t chunk, const char *mode, ...)
{
break;
}
- len = va_arg(chunks, size_t);
+ len = va_arg(chunks, u_int);
ch = va_arg(chunks, chunk_t*);
/* a null chunk means skip len bytes */
if (ch == NULL)
@@ -251,7 +253,7 @@ static char hexdig_lower[] = "0123456789abcdef";
*/
chunk_t chunk_to_hex(chunk_t chunk, char *buf, bool uppercase)
{
- int i, len;;
+ int i, len;
char *hexdig = hexdig_lower;
if (uppercase)
@@ -428,39 +430,6 @@ chunk_t chunk_from_base64(chunk_t base64, char *buf)
/**
* Described in header.
*/
-void chunk_free(chunk_t *chunk)
-{
- free(chunk->ptr);
- chunk->ptr = NULL;
- chunk->len = 0;
-}
-
-/**
- * Described in header.
- */
-void chunk_clear(chunk_t *chunk)
-{
- memset(chunk->ptr, 0, chunk->len);
- chunk_free(chunk);
-}
-
-/**
- * Described in header.
- */
-chunk_t chunk_skip(chunk_t chunk, size_t bytes)
-{
- if (chunk.len > bytes)
- {
- chunk.ptr += bytes;
- chunk.len -= bytes;
- return chunk;
- }
- return chunk_empty;
-}
-
-/**
- * Described in header.
- */
int chunk_compare(chunk_t a, chunk_t b)
{
int compare_len = a.len - b.len;
@@ -475,11 +444,79 @@ int chunk_compare(chunk_t a, chunk_t b)
/**
* Described in header.
+ *
+ * The implementation is based on Paul Hsieh's SuperFastHash:
+ * http://www.azillionmonkeys.com/qed/hash.html
+ */
+u_int32_t chunk_hash_inc(chunk_t chunk, u_int32_t hash)
+{
+ u_char *data = chunk.ptr;
+ size_t len = chunk.len;
+ u_int32_t tmp;
+ int rem;
+
+ if (!len || data == NULL)
+ {
+ return 0;
+ }
+
+ rem = len & 3;
+ len >>= 2;
+
+ /* Main loop */
+ for (; len > 0; --len)
+ {
+ hash += get16bits(data);
+ tmp = (get16bits(data + 2) << 11) ^ hash;
+ hash = (hash << 16) ^ tmp;
+ data += 2 * sizeof(u_int16_t);
+ hash += hash >> 11;
+ }
+
+ /* Handle end cases */
+ switch (rem)
+ {
+ case 3:
+ {
+ hash += get16bits(data);
+ hash ^= hash << 16;
+ hash ^= data[sizeof(u_int16_t)] << 18;
+ hash += hash >> 11;
+ break;
+ }
+ case 2:
+ {
+ hash += get16bits(data);
+ hash ^= hash << 11;
+ hash += hash >> 17;
+ break;
+ }
+ case 1:
+ {
+ hash += *data;
+ hash ^= hash << 10;
+ hash += hash >> 1;
+ break;
+ }
+ }
+
+ /* Force "avalanching" of final 127 bits */
+ hash ^= hash << 3;
+ hash += hash >> 5;
+ hash ^= hash << 4;
+ hash += hash >> 17;
+ hash ^= hash << 25;
+ hash += hash >> 6;
+
+ return hash;
+}
+
+/**
+ * Described in header.
*/
-bool chunk_equals(chunk_t a, chunk_t b)
+u_int32_t chunk_hash(chunk_t chunk)
{
- return a.ptr != NULL && b.ptr != NULL &&
- a.len == b.len && memeq(a.ptr, b.ptr, a.len);
+ return chunk_hash_inc(chunk, chunk.len);
}
/**
diff --git a/src/libstrongswan/chunk.h b/src/libstrongswan/chunk.h
index 7e70a2a2d..2986e0db3 100644
--- a/src/libstrongswan/chunk.h
+++ b/src/libstrongswan/chunk.h
@@ -1,4 +1,5 @@
/*
+ * Copyright (C) 2008 Tobias Brunner
* Copyright (C) 2005-2008 Martin Willi
* Copyright (C) 2005 Jan Hutter
* Hochschule fuer Technik Rapperswil
@@ -13,7 +14,7 @@
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*
- * $Id: chunk.h 4276 2008-08-22 10:44:51Z martin $
+ * $Id: chunk.h 4841 2009-01-15 01:52:44Z andreas $
*/
/**
@@ -50,7 +51,11 @@ extern chunk_t chunk_empty;
/**
* Create a new chunk pointing to "ptr" with length "len"
*/
-chunk_t chunk_create(u_char *ptr, size_t len);
+static inline chunk_t chunk_create(u_char *ptr, size_t len)
+{
+ chunk_t chunk = {ptr, len};
+ return chunk;
+}
/**
* Create a clone of a chunk pointing to "ptr"
@@ -135,12 +140,23 @@ chunk_t chunk_from_base64(chunk_t base64, char *buf);
/**
* Free contents of a chunk
*/
-void chunk_free(chunk_t *chunk);
+static inline void chunk_free(chunk_t *chunk)
+{
+ free(chunk->ptr);
+ *chunk = chunk_empty;
+}
/**
* Overwrite the contents of a chunk and free it
*/
-void chunk_clear(chunk_t *chunk);
+static inline void chunk_clear(chunk_t *chunk)
+{
+ if (chunk->ptr)
+ {
+ memset(chunk->ptr, 0, chunk->len);
+ chunk_free(chunk);
+ }
+}
/**
* Initialize a chunk to point to buffer inspectable by sizeof()
@@ -185,7 +201,16 @@ void chunk_clear(chunk_t *chunk);
/**
* Skip n bytes in chunk (forward pointer, shorten length)
*/
-chunk_t chunk_skip(chunk_t chunk, size_t bytes);
+static inline chunk_t chunk_skip(chunk_t chunk, size_t bytes)
+{
+ if (chunk.len > bytes)
+ {
+ chunk.ptr += bytes;
+ chunk.len -= bytes;
+ return chunk;
+ }
+ return chunk_empty;
+}
/**
* Compare two chunks, returns zero if a equals b
@@ -197,7 +222,22 @@ int chunk_compare(chunk_t a, chunk_t b);
* Compare two chunks for equality,
* NULL chunks are never equal.
*/
-bool chunk_equals(chunk_t a, chunk_t b);
+static inline bool chunk_equals(chunk_t a, chunk_t b)
+{
+ return a.ptr != NULL && b.ptr != NULL &&
+ a.len == b.len && memeq(a.ptr, b.ptr, a.len);
+}
+
+/**
+ * Computes a 32 bit hash of the given chunk.
+ * Note: This hash is only intended for hash tables not for cryptographic purposes.
+ */
+u_int32_t chunk_hash(chunk_t chunk);
+
+/**
+ * Incremental version of chunk_hash. Use this to hash two or more chunks.
+ */
+u_int32_t chunk_hash_inc(chunk_t chunk, u_int32_t hash);
/**
* Get printf hooks for a chunk.
diff --git a/src/libstrongswan/credentials/builder.c b/src/libstrongswan/credentials/builder.c
index 4295b3094..0bca198f1 100644
--- a/src/libstrongswan/credentials/builder.c
+++ b/src/libstrongswan/credentials/builder.c
@@ -35,6 +35,8 @@ ENUM(builder_part_names, BUILD_FROM_FILE, BUILD_END,
"BUILD_CA_CERT",
"BUILD_CERT",
"BUILD_X509_FLAG",
+ "BUILD_SMARTCARD_KEYID",
+ "BUILD_SMARTCARD_PIN",
"BUILD_END",
);
diff --git a/src/libstrongswan/credentials/builder.h b/src/libstrongswan/credentials/builder.h
index cd75236ba..332d52d52 100644
--- a/src/libstrongswan/credentials/builder.h
+++ b/src/libstrongswan/credentials/builder.h
@@ -76,6 +76,10 @@ enum builder_part_t {
BUILD_CERT,
/** enforce an additional X509 flag, x509_flag_t */
BUILD_X509_FLAG,
+ /** key ID of a key on a smartcard, null terminated char* ([slot:]keyid) */
+ BUILD_SMARTCARD_KEYID,
+ /** pin to access a key on a smartcard, null terminated char* */
+ BUILD_SMARTCARD_PIN,
/** end of variable argument builder list */
BUILD_END,
};
diff --git a/src/libstrongswan/credentials/credential_factory.c b/src/libstrongswan/credentials/credential_factory.c
index 203317fa4..5ae6980be 100644
--- a/src/libstrongswan/credentials/credential_factory.c
+++ b/src/libstrongswan/credentials/credential_factory.c
@@ -12,7 +12,7 @@
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*
- * $Id: credential_factory.c 4317 2008-09-02 11:00:13Z martin $
+ * $Id: credential_factory.c 4777 2008-12-09 15:57:51Z martin $
*/
#include "credential_factory.h"
@@ -46,9 +46,9 @@ struct private_credential_factory_t {
linked_list_t *constructors;
/**
- * mutex to lock access to modules
+ * lock access to builders
*/
- mutex_t *mutex;
+ rwlock_t *lock;
};
typedef struct entry_t entry_t;
@@ -86,12 +86,12 @@ static enumerator_t* create_builder_enumerator(
data->type = type;
data->subtype = subtype;
- this->mutex->lock(this->mutex);
+ this->lock->read_lock(this->lock);
return enumerator_create_cleaner(
enumerator_create_filter(
this->constructors->create_enumerator(this->constructors),
(void*)builder_filter, data, free),
- (void*)this->mutex->unlock, this->mutex);
+ (void*)this->lock->unlock, this->lock);
}
/**
@@ -106,9 +106,9 @@ static void add_builder(private_credential_factory_t *this,
entry->type = type;
entry->subtype = subtype;
entry->constructor = constructor;
- this->mutex->lock(this->mutex);
+ this->lock->write_lock(this->lock);
this->constructors->insert_last(this->constructors, entry);
- this->mutex->unlock(this->mutex);
+ this->lock->unlock(this->lock);
}
/**
@@ -120,7 +120,7 @@ static void remove_builder(private_credential_factory_t *this,
enumerator_t *enumerator;
entry_t *entry;
- this->mutex->lock(this->mutex);
+ this->lock->write_lock(this->lock);
enumerator = this->constructors->create_enumerator(this->constructors);
while (enumerator->enumerate(enumerator, &entry))
{
@@ -131,7 +131,7 @@ static void remove_builder(private_credential_factory_t *this,
}
}
enumerator->destroy(enumerator);
- this->mutex->unlock(this->mutex);
+ this->lock->unlock(this->lock);
}
/**
@@ -184,6 +184,8 @@ static void* create(private_credential_factory_t *this, credential_type_t type,
case BUILD_CA_CERT:
case BUILD_CERT:
case BUILD_IETF_GROUP_ATTR:
+ case BUILD_SMARTCARD_KEYID:
+ case BUILD_SMARTCARD_PIN:
builder->add(builder, part, va_arg(args, void*));
continue;
/* no default to get a compiler warning */
@@ -213,7 +215,7 @@ static void* create(private_credential_factory_t *this, credential_type_t type,
static void destroy(private_credential_factory_t *this)
{
this->constructors->destroy_function(this->constructors, free);
- this->mutex->destroy(this->mutex);
+ this->lock->destroy(this->lock);
free(this);
}
@@ -232,7 +234,7 @@ credential_factory_t *credential_factory_create()
this->constructors = linked_list_create();
- this->mutex = mutex_create(MUTEX_RECURSIVE);
+ this->lock = rwlock_create(RWLOCK_DEFAULT);
return &this->public;
}
diff --git a/src/libstrongswan/crypto/crypters/crypter.c b/src/libstrongswan/crypto/crypters/crypter.c
index 2c291a9f5..13ba9c6e2 100644
--- a/src/libstrongswan/crypto/crypters/crypter.c
+++ b/src/libstrongswan/crypto/crypters/crypter.c
@@ -13,7 +13,7 @@
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*
- * $Id: crypter.c 3971 2008-05-16 13:27:21Z tobias $
+ * $Id: crypter.c 4880 2009-02-18 19:45:46Z tobias $
*/
#include "crypter.h"
@@ -41,5 +41,7 @@ ENUM_NEXT(encryption_algorithm_names, ENCR_AES_GCM_ICV8, ENCR_AES_GCM_ICV16, ENC
"AES_GCM_8",
"AES_GCM_12",
"AES_GCM_16");
-ENUM_END(encryption_algorithm_names, ENCR_AES_GCM_ICV16);
+ENUM_NEXT(encryption_algorithm_names, ENCR_DES_ECB, ENCR_DES_ECB, ENCR_AES_GCM_ICV16,
+ "DES_ECB");
+ENUM_END(encryption_algorithm_names, ENCR_DES_ECB);
diff --git a/src/libstrongswan/crypto/crypters/crypter.h b/src/libstrongswan/crypto/crypters/crypter.h
index fb06af97d..1a70bd125 100644
--- a/src/libstrongswan/crypto/crypters/crypter.h
+++ b/src/libstrongswan/crypto/crypters/crypter.h
@@ -13,7 +13,7 @@
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*
- * $Id: crypter.h 4532 2008-10-30 13:21:21Z martin $
+ * $Id: crypter.h 4886 2009-02-19 13:46:08Z tobias $
*/
/**
@@ -51,7 +51,8 @@ enum encryption_algorithm_t {
ENCR_AES_CCM_ICV16 = 16,
ENCR_AES_GCM_ICV8 = 18,
ENCR_AES_GCM_ICV12 = 19,
- ENCR_AES_GCM_ICV16 = 20
+ ENCR_AES_GCM_ICV16 = 20,
+ ENCR_DES_ECB = 1025
};
/**
diff --git a/src/libstrongswan/crypto/diffie_hellman.c b/src/libstrongswan/crypto/diffie_hellman.c
index 02d2cb52a..53c3a1632 100644
--- a/src/libstrongswan/crypto/diffie_hellman.c
+++ b/src/libstrongswan/crypto/diffie_hellman.c
@@ -13,7 +13,7 @@
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*
- * $Id: diffie_hellman.c 4023 2008-05-29 06:55:03Z andreas $
+ * $Id: diffie_hellman.c 4685 2008-11-22 16:14:55Z martin $
*/
#include "diffie_hellman.h"
@@ -36,5 +36,7 @@ ENUM_NEXT(diffie_hellman_group_names, MODP_2048_BIT, ECP_521_BIT, MODP_1536_BIT,
ENUM_NEXT(diffie_hellman_group_names, ECP_192_BIT, ECP_224_BIT, ECP_521_BIT,
"ECP_192_BIT",
"ECP_224_BIT");
-ENUM_END(diffie_hellman_group_names, ECP_224_BIT);
+ENUM_NEXT(diffie_hellman_group_names, MODP_NULL, MODP_NULL, ECP_224_BIT,
+ "MODP_NULL");
+ENUM_END(diffie_hellman_group_names, MODP_NULL);
diff --git a/src/libstrongswan/crypto/diffie_hellman.h b/src/libstrongswan/crypto/diffie_hellman.h
index ce8ab8e21..4147d85af 100644
--- a/src/libstrongswan/crypto/diffie_hellman.h
+++ b/src/libstrongswan/crypto/diffie_hellman.h
@@ -13,7 +13,7 @@
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*
- * $Id: diffie_hellman.h 4566 2008-11-04 13:12:11Z martin $
+ * $Id: diffie_hellman.h 4685 2008-11-22 16:14:55Z martin $
*/
/**
@@ -52,6 +52,8 @@ enum diffie_hellman_group_t {
ECP_521_BIT = 21,
ECP_192_BIT = 25,
ECP_224_BIT = 26,
+ /** insecure NULL diffie hellman group for testing, in PRIVATE USE */
+ MODP_NULL = 1024,
};
/**
diff --git a/src/libstrongswan/crypto/hashers/hasher.c b/src/libstrongswan/crypto/hashers/hasher.c
index 6c29d1d5d..cf507442d 100644
--- a/src/libstrongswan/crypto/hashers/hasher.c
+++ b/src/libstrongswan/crypto/hashers/hasher.c
@@ -14,14 +14,14 @@
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*
- * $Id: hasher.c 3619 2008-03-19 14:02:52Z martin $
+ * $Id: hasher.c 4880 2009-02-18 19:45:46Z tobias $
*/
#include "hasher.h"
#include <asn1/oid.h>
-ENUM(hash_algorithm_names, HASH_UNKNOWN, HASH_SHA512,
+ENUM(hash_algorithm_names, HASH_UNKNOWN, HASH_MD4,
"HASH_UNKNOWN",
"HASH_PREFERRED",
"HASH_MD2",
@@ -29,7 +29,8 @@ ENUM(hash_algorithm_names, HASH_UNKNOWN, HASH_SHA512,
"HASH_SHA1",
"HASH_SHA256",
"HASH_SHA384",
- "HASH_SHA512"
+ "HASH_SHA512",
+ "HASH_MD4"
);
/*
diff --git a/src/libstrongswan/crypto/hashers/hasher.h b/src/libstrongswan/crypto/hashers/hasher.h
index e19b0318b..fe2f48be6 100644
--- a/src/libstrongswan/crypto/hashers/hasher.h
+++ b/src/libstrongswan/crypto/hashers/hasher.h
@@ -14,7 +14,7 @@
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*
- * $Id: hasher.h 3619 2008-03-19 14:02:52Z martin $
+ * $Id: hasher.h 4880 2009-02-18 19:45:46Z tobias $
*/
/**
@@ -44,9 +44,11 @@ enum hash_algorithm_t {
HASH_SHA256 = 5,
HASH_SHA384 = 6,
HASH_SHA512 = 7,
+ HASH_MD4 = 8,
};
#define HASH_SIZE_MD2 16
+#define HASH_SIZE_MD4 16
#define HASH_SIZE_MD5 16
#define HASH_SIZE_SHA1 20
#define HASH_SIZE_SHA256 32
diff --git a/src/libstrongswan/fips/Makefile.in b/src/libstrongswan/fips/Makefile.in
index 9814d631f..d1c3ed5b6 100644
--- a/src/libstrongswan/fips/Makefile.in
+++ b/src/libstrongswan/fips/Makefile.in
@@ -76,22 +76,17 @@ CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
CPP = @CPP@
CPPFLAGS = @CPPFLAGS@
-CXX = @CXX@
-CXXCPP = @CXXCPP@
-CXXDEPMODE = @CXXDEPMODE@
-CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DSYMUTIL = @DSYMUTIL@
-ECHO = @ECHO@
+DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
ECHO_T = @ECHO_T@
EGREP = @EGREP@
EXEEXT = @EXEEXT@
-F77 = @F77@
-FFLAGS = @FFLAGS@
+FGREP = @FGREP@
GPERF = @GPERF@
GREP = @GREP@
INSTALL = @INSTALL@
@@ -101,6 +96,7 @@ INSTALL_SCRIPT = @INSTALL_SCRIPT@
INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@
IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@
+LD = @LD@
LDFLAGS = @LDFLAGS@
LEX = @LEX@
LEXLIB = @LEXLIB@
@@ -109,12 +105,16 @@ LIBOBJS = @LIBOBJS@
LIBS = @LIBS@
LIBTOOL = @LIBTOOL@
LINUX_HEADERS = @LINUX_HEADERS@
+LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
MKDIR_P = @MKDIR_P@
+NM = @NM@
NMEDIT = @NMEDIT@
OBJEXT = @OBJEXT@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
PACKAGE_NAME = @PACKAGE_NAME@
@@ -137,8 +137,7 @@ abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
ac_ct_CC = @ac_ct_CC@
-ac_ct_CXX = @ac_ct_CXX@
-ac_ct_F77 = @ac_ct_F77@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
am__leading_dot = @am__leading_dot@
am__quote = @am__quote@
@@ -177,6 +176,7 @@ libstrongswan_plugins = @libstrongswan_plugins@
linuxdir = @linuxdir@
localedir = @localedir@
localstatedir = @localstatedir@
+lt_ECHO = @lt_ECHO@
mandir = @mandir@
mkdir_p = @mkdir_p@
nm_CFLAGS = @nm_CFLAGS@
diff --git a/src/libstrongswan/plugins/aes/Makefile.in b/src/libstrongswan/plugins/aes/Makefile.in
index 55faa07f0..e4eb7e5cf 100644
--- a/src/libstrongswan/plugins/aes/Makefile.in
+++ b/src/libstrongswan/plugins/aes/Makefile.in
@@ -84,22 +84,17 @@ CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
CPP = @CPP@
CPPFLAGS = @CPPFLAGS@
-CXX = @CXX@
-CXXCPP = @CXXCPP@
-CXXDEPMODE = @CXXDEPMODE@
-CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DSYMUTIL = @DSYMUTIL@
-ECHO = @ECHO@
+DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
ECHO_T = @ECHO_T@
EGREP = @EGREP@
EXEEXT = @EXEEXT@
-F77 = @F77@
-FFLAGS = @FFLAGS@
+FGREP = @FGREP@
GPERF = @GPERF@
GREP = @GREP@
INSTALL = @INSTALL@
@@ -109,6 +104,7 @@ INSTALL_SCRIPT = @INSTALL_SCRIPT@
INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@
IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@
+LD = @LD@
LDFLAGS = @LDFLAGS@
LEX = @LEX@
LEXLIB = @LEXLIB@
@@ -117,12 +113,16 @@ LIBOBJS = @LIBOBJS@
LIBS = @LIBS@
LIBTOOL = @LIBTOOL@
LINUX_HEADERS = @LINUX_HEADERS@
+LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
MKDIR_P = @MKDIR_P@
+NM = @NM@
NMEDIT = @NMEDIT@
OBJEXT = @OBJEXT@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
PACKAGE_NAME = @PACKAGE_NAME@
@@ -145,8 +145,7 @@ abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
ac_ct_CC = @ac_ct_CC@
-ac_ct_CXX = @ac_ct_CXX@
-ac_ct_F77 = @ac_ct_F77@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
am__leading_dot = @am__leading_dot@
am__quote = @am__quote@
@@ -185,6 +184,7 @@ libstrongswan_plugins = @libstrongswan_plugins@
linuxdir = @linuxdir@
localedir = @localedir@
localstatedir = @localstatedir@
+lt_ECHO = @lt_ECHO@
mandir = @mandir@
mkdir_p = @mkdir_p@
nm_CFLAGS = @nm_CFLAGS@
diff --git a/src/libstrongswan/plugins/agent/Makefile.in b/src/libstrongswan/plugins/agent/Makefile.in
index eb38b537a..6b2da9cb4 100644
--- a/src/libstrongswan/plugins/agent/Makefile.in
+++ b/src/libstrongswan/plugins/agent/Makefile.in
@@ -85,22 +85,17 @@ CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
CPP = @CPP@
CPPFLAGS = @CPPFLAGS@
-CXX = @CXX@
-CXXCPP = @CXXCPP@
-CXXDEPMODE = @CXXDEPMODE@
-CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DSYMUTIL = @DSYMUTIL@
-ECHO = @ECHO@
+DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
ECHO_T = @ECHO_T@
EGREP = @EGREP@
EXEEXT = @EXEEXT@
-F77 = @F77@
-FFLAGS = @FFLAGS@
+FGREP = @FGREP@
GPERF = @GPERF@
GREP = @GREP@
INSTALL = @INSTALL@
@@ -110,6 +105,7 @@ INSTALL_SCRIPT = @INSTALL_SCRIPT@
INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@
IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@
+LD = @LD@
LDFLAGS = @LDFLAGS@
LEX = @LEX@
LEXLIB = @LEXLIB@
@@ -118,12 +114,16 @@ LIBOBJS = @LIBOBJS@
LIBS = @LIBS@
LIBTOOL = @LIBTOOL@
LINUX_HEADERS = @LINUX_HEADERS@
+LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
MKDIR_P = @MKDIR_P@
+NM = @NM@
NMEDIT = @NMEDIT@
OBJEXT = @OBJEXT@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
PACKAGE_NAME = @PACKAGE_NAME@
@@ -146,8 +146,7 @@ abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
ac_ct_CC = @ac_ct_CC@
-ac_ct_CXX = @ac_ct_CXX@
-ac_ct_F77 = @ac_ct_F77@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
am__leading_dot = @am__leading_dot@
am__quote = @am__quote@
@@ -186,6 +185,7 @@ libstrongswan_plugins = @libstrongswan_plugins@
linuxdir = @linuxdir@
localedir = @localedir@
localstatedir = @localstatedir@
+lt_ECHO = @lt_ECHO@
mandir = @mandir@
mkdir_p = @mkdir_p@
nm_CFLAGS = @nm_CFLAGS@
diff --git a/src/libstrongswan/plugins/curl/Makefile.in b/src/libstrongswan/plugins/curl/Makefile.in
index cb44a4ffe..cd916ccbe 100644
--- a/src/libstrongswan/plugins/curl/Makefile.in
+++ b/src/libstrongswan/plugins/curl/Makefile.in
@@ -84,22 +84,17 @@ CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
CPP = @CPP@
CPPFLAGS = @CPPFLAGS@
-CXX = @CXX@
-CXXCPP = @CXXCPP@
-CXXDEPMODE = @CXXDEPMODE@
-CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DSYMUTIL = @DSYMUTIL@
-ECHO = @ECHO@
+DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
ECHO_T = @ECHO_T@
EGREP = @EGREP@
EXEEXT = @EXEEXT@
-F77 = @F77@
-FFLAGS = @FFLAGS@
+FGREP = @FGREP@
GPERF = @GPERF@
GREP = @GREP@
INSTALL = @INSTALL@
@@ -109,6 +104,7 @@ INSTALL_SCRIPT = @INSTALL_SCRIPT@
INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@
IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@
+LD = @LD@
LDFLAGS = @LDFLAGS@
LEX = @LEX@
LEXLIB = @LEXLIB@
@@ -117,12 +113,16 @@ LIBOBJS = @LIBOBJS@
LIBS = @LIBS@
LIBTOOL = @LIBTOOL@
LINUX_HEADERS = @LINUX_HEADERS@
+LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
MKDIR_P = @MKDIR_P@
+NM = @NM@
NMEDIT = @NMEDIT@
OBJEXT = @OBJEXT@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
PACKAGE_NAME = @PACKAGE_NAME@
@@ -145,8 +145,7 @@ abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
ac_ct_CC = @ac_ct_CC@
-ac_ct_CXX = @ac_ct_CXX@
-ac_ct_F77 = @ac_ct_F77@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
am__leading_dot = @am__leading_dot@
am__quote = @am__quote@
@@ -185,6 +184,7 @@ libstrongswan_plugins = @libstrongswan_plugins@
linuxdir = @linuxdir@
localedir = @localedir@
localstatedir = @localstatedir@
+lt_ECHO = @lt_ECHO@
mandir = @mandir@
mkdir_p = @mkdir_p@
nm_CFLAGS = @nm_CFLAGS@
diff --git a/src/libstrongswan/plugins/des/Makefile.in b/src/libstrongswan/plugins/des/Makefile.in
index 8824bd238..415c126af 100644
--- a/src/libstrongswan/plugins/des/Makefile.in
+++ b/src/libstrongswan/plugins/des/Makefile.in
@@ -84,22 +84,17 @@ CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
CPP = @CPP@
CPPFLAGS = @CPPFLAGS@
-CXX = @CXX@
-CXXCPP = @CXXCPP@
-CXXDEPMODE = @CXXDEPMODE@
-CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DSYMUTIL = @DSYMUTIL@
-ECHO = @ECHO@
+DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
ECHO_T = @ECHO_T@
EGREP = @EGREP@
EXEEXT = @EXEEXT@
-F77 = @F77@
-FFLAGS = @FFLAGS@
+FGREP = @FGREP@
GPERF = @GPERF@
GREP = @GREP@
INSTALL = @INSTALL@
@@ -109,6 +104,7 @@ INSTALL_SCRIPT = @INSTALL_SCRIPT@
INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@
IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@
+LD = @LD@
LDFLAGS = @LDFLAGS@
LEX = @LEX@
LEXLIB = @LEXLIB@
@@ -117,12 +113,16 @@ LIBOBJS = @LIBOBJS@
LIBS = @LIBS@
LIBTOOL = @LIBTOOL@
LINUX_HEADERS = @LINUX_HEADERS@
+LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
MKDIR_P = @MKDIR_P@
+NM = @NM@
NMEDIT = @NMEDIT@
OBJEXT = @OBJEXT@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
PACKAGE_NAME = @PACKAGE_NAME@
@@ -145,8 +145,7 @@ abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
ac_ct_CC = @ac_ct_CC@
-ac_ct_CXX = @ac_ct_CXX@
-ac_ct_F77 = @ac_ct_F77@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
am__leading_dot = @am__leading_dot@
am__quote = @am__quote@
@@ -185,6 +184,7 @@ libstrongswan_plugins = @libstrongswan_plugins@
linuxdir = @linuxdir@
localedir = @localedir@
localstatedir = @localstatedir@
+lt_ECHO = @lt_ECHO@
mandir = @mandir@
mkdir_p = @mkdir_p@
nm_CFLAGS = @nm_CFLAGS@
diff --git a/src/libstrongswan/plugins/des/des_crypter.c b/src/libstrongswan/plugins/des/des_crypter.c
index 43aff4dd1..a0b147c63 100644
--- a/src/libstrongswan/plugins/des/des_crypter.c
+++ b/src/libstrongswan/plugins/des/des_crypter.c
@@ -1,4 +1,6 @@
-/* Copyright (C) 2006 Martin Willi
+/*
+ * Copyright (C) 2009 Tobias Brunner
+ * Copyright (C) 2006 Martin Willi
* Hochschule fuer Technik Rapperswil
*
* Derived from Plutos DES library by Eric Young.
@@ -55,7 +57,7 @@
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*
- * $Id: des_crypter.c 3910 2008-05-07 11:54:30Z martin $
+ * $Id: des_crypter.c 4887 2009-02-19 14:29:25Z tobias $
*/
#include "des_crypter.h"
@@ -1107,6 +1109,65 @@ static void des_cbc_encrypt(des_cblock *input, des_cblock *output, long length,
tin[0]=tin[1]=0;
}
+/**
+ * DES ECB encrypt decrypt routine
+ */
+static void des_ecb_encrypt(des_cblock *input, des_cblock *output, long length,
+ des_key_schedule schedule, int enc)
+{
+ register DES_LONG tin0,tin1;
+ register DES_LONG tout0,tout1;
+ register unsigned char *in,*out;
+ register long l=length;
+ DES_LONG tin[2];
+
+ in=(unsigned char *)input;
+ out=(unsigned char *)output;
+
+ if (enc)
+ {
+ for (l-=8; l>=0; l-=8)
+ {
+ c2l(in,tin0);
+ c2l(in,tin1);
+ tin[0]=tin0;
+ tin[1]=tin1;
+ des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
+ tout0=tin[0]; l2c(tout0,out);
+ tout1=tin[1]; l2c(tout1,out);
+ }
+ if (l != -8)
+ {
+ c2ln(in,tin0,tin1,l+8);
+ tin[0]=tin0;
+ tin[1]=tin1;
+ des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
+ tout0=tin[0]; l2c(tout0,out);
+ tout1=tin[1]; l2c(tout1,out);
+ }
+ }
+ else
+ {
+ for (l-=8; l>=0; l-=8)
+ {
+ c2l(in,tin0); tin[0]=tin0;
+ c2l(in,tin1); tin[1]=tin1;
+ des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT);
+ l2c(tout0,out);
+ l2c(tout1,out);
+ }
+ if (l != -8)
+ {
+ c2l(in,tin0); tin[0]=tin0;
+ c2l(in,tin1); tin[1]=tin1;
+ des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT);
+ l2cn(tout0,tout1,out,l+8);
+ }
+ }
+ tin0=tin1=tout0=tout1=0;
+ tin[0]=tin[1]=0;
+}
+
static void des_encrypt2(DES_LONG *data, des_key_schedule ks, int enc)
{
register DES_LONG l,r,t,u;
@@ -1399,6 +1460,42 @@ static void encrypt(private_des_crypter_t *this, chunk_t data, chunk_t iv,
}
/**
+ * Implementation of crypter_t.decrypt for DES (ECB).
+ */
+static void decrypt_ecb(private_des_crypter_t *this, chunk_t data, chunk_t iv,
+ chunk_t *decrypted)
+{
+ u_int8_t *out;
+
+ out = data.ptr;
+ if (decrypted)
+ {
+ *decrypted = chunk_alloc(data.len);
+ out = decrypted->ptr;
+ }
+ des_ecb_encrypt((des_cblock*)(data.ptr), (des_cblock*)out,
+ data.len, this->ks, DES_DECRYPT);
+}
+
+/**
+ * Implementation of crypter_t.decrypt for DES (ECB).
+ */
+static void encrypt_ecb(private_des_crypter_t *this, chunk_t data, chunk_t iv,
+ chunk_t *encrypted)
+{
+ u_int8_t *out;
+
+ out = data.ptr;
+ if (encrypted)
+ {
+ *encrypted = chunk_alloc(data.len);
+ out = encrypted->ptr;
+ }
+ des_ecb_encrypt((des_cblock*)(data.ptr), (des_cblock*)out,
+ data.len, this->ks, DES_ENCRYPT);
+}
+
+/**
* Implementation of crypter_t.decrypt for 3DES.
*/
static void decrypt3(private_des_crypter_t *this, chunk_t data, chunk_t iv,
@@ -1509,6 +1606,12 @@ des_crypter_t *des_crypter_create(encryption_algorithm_t algo)
this->public.crypter_interface.encrypt = (void (*) (crypter_t *, chunk_t,chunk_t, chunk_t *)) encrypt3;
this->public.crypter_interface.decrypt = (void (*) (crypter_t *, chunk_t , chunk_t, chunk_t *)) decrypt3;
break;
+ case ENCR_DES_ECB:
+ this->key_size = sizeof(des_cblock);
+ this->public.crypter_interface.set_key = (void (*) (crypter_t *,chunk_t)) set_key;
+ this->public.crypter_interface.encrypt = (void (*) (crypter_t *, chunk_t,chunk_t, chunk_t *)) encrypt_ecb;
+ this->public.crypter_interface.decrypt = (void (*) (crypter_t *, chunk_t , chunk_t, chunk_t *)) decrypt_ecb;
+ break;
default:
free(this);
return NULL;
diff --git a/src/libstrongswan/plugins/des/des_plugin.c b/src/libstrongswan/plugins/des/des_plugin.c
index 538138d8a..a0d8ce07b 100644
--- a/src/libstrongswan/plugins/des/des_plugin.c
+++ b/src/libstrongswan/plugins/des/des_plugin.c
@@ -12,7 +12,7 @@
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*
- * $Id: des_plugin.c 4309 2008-08-28 11:07:57Z martin $
+ * $Id: des_plugin.c 4887 2009-02-19 14:29:25Z tobias $
*/
#include "des_plugin.h"
@@ -56,6 +56,8 @@ plugin_t *plugin_create()
(crypter_constructor_t)des_crypter_create);
lib->crypto->add_crypter(lib->crypto, ENCR_DES,
(crypter_constructor_t)des_crypter_create);
+ lib->crypto->add_crypter(lib->crypto, ENCR_DES_ECB,
+ (crypter_constructor_t)des_crypter_create);
return &this->public.plugin;
}
diff --git a/src/libstrongswan/plugins/fips_prf/Makefile.in b/src/libstrongswan/plugins/fips_prf/Makefile.in
index 48a6c9b28..1e53f435f 100644
--- a/src/libstrongswan/plugins/fips_prf/Makefile.in
+++ b/src/libstrongswan/plugins/fips_prf/Makefile.in
@@ -86,22 +86,17 @@ CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
CPP = @CPP@
CPPFLAGS = @CPPFLAGS@
-CXX = @CXX@
-CXXCPP = @CXXCPP@
-CXXDEPMODE = @CXXDEPMODE@
-CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DSYMUTIL = @DSYMUTIL@
-ECHO = @ECHO@
+DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
ECHO_T = @ECHO_T@
EGREP = @EGREP@
EXEEXT = @EXEEXT@
-F77 = @F77@
-FFLAGS = @FFLAGS@
+FGREP = @FGREP@
GPERF = @GPERF@
GREP = @GREP@
INSTALL = @INSTALL@
@@ -111,6 +106,7 @@ INSTALL_SCRIPT = @INSTALL_SCRIPT@
INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@
IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@
+LD = @LD@
LDFLAGS = @LDFLAGS@
LEX = @LEX@
LEXLIB = @LEXLIB@
@@ -119,12 +115,16 @@ LIBOBJS = @LIBOBJS@
LIBS = @LIBS@
LIBTOOL = @LIBTOOL@
LINUX_HEADERS = @LINUX_HEADERS@
+LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
MKDIR_P = @MKDIR_P@
+NM = @NM@
NMEDIT = @NMEDIT@
OBJEXT = @OBJEXT@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
PACKAGE_NAME = @PACKAGE_NAME@
@@ -147,8 +147,7 @@ abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
ac_ct_CC = @ac_ct_CC@
-ac_ct_CXX = @ac_ct_CXX@
-ac_ct_F77 = @ac_ct_F77@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
am__leading_dot = @am__leading_dot@
am__quote = @am__quote@
@@ -187,6 +186,7 @@ libstrongswan_plugins = @libstrongswan_plugins@
linuxdir = @linuxdir@
localedir = @localedir@
localstatedir = @localstatedir@
+lt_ECHO = @lt_ECHO@
mandir = @mandir@
mkdir_p = @mkdir_p@
nm_CFLAGS = @nm_CFLAGS@
diff --git a/src/libstrongswan/plugins/gmp/Makefile.in b/src/libstrongswan/plugins/gmp/Makefile.in
index 56642b7c9..c406f3af6 100644
--- a/src/libstrongswan/plugins/gmp/Makefile.in
+++ b/src/libstrongswan/plugins/gmp/Makefile.in
@@ -85,22 +85,17 @@ CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
CPP = @CPP@
CPPFLAGS = @CPPFLAGS@
-CXX = @CXX@
-CXXCPP = @CXXCPP@
-CXXDEPMODE = @CXXDEPMODE@
-CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DSYMUTIL = @DSYMUTIL@
-ECHO = @ECHO@
+DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
ECHO_T = @ECHO_T@
EGREP = @EGREP@
EXEEXT = @EXEEXT@
-F77 = @F77@
-FFLAGS = @FFLAGS@
+FGREP = @FGREP@
GPERF = @GPERF@
GREP = @GREP@
INSTALL = @INSTALL@
@@ -110,6 +105,7 @@ INSTALL_SCRIPT = @INSTALL_SCRIPT@
INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@
IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@
+LD = @LD@
LDFLAGS = @LDFLAGS@
LEX = @LEX@
LEXLIB = @LEXLIB@
@@ -118,12 +114,16 @@ LIBOBJS = @LIBOBJS@
LIBS = @LIBS@
LIBTOOL = @LIBTOOL@
LINUX_HEADERS = @LINUX_HEADERS@
+LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
MKDIR_P = @MKDIR_P@
+NM = @NM@
NMEDIT = @NMEDIT@
OBJEXT = @OBJEXT@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
PACKAGE_NAME = @PACKAGE_NAME@
@@ -146,8 +146,7 @@ abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
ac_ct_CC = @ac_ct_CC@
-ac_ct_CXX = @ac_ct_CXX@
-ac_ct_F77 = @ac_ct_F77@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
am__leading_dot = @am__leading_dot@
am__quote = @am__quote@
@@ -186,6 +185,7 @@ libstrongswan_plugins = @libstrongswan_plugins@
linuxdir = @linuxdir@
localedir = @localedir@
localstatedir = @localstatedir@
+lt_ECHO = @lt_ECHO@
mandir = @mandir@
mkdir_p = @mkdir_p@
nm_CFLAGS = @nm_CFLAGS@
diff --git a/src/libstrongswan/plugins/hmac/Makefile.in b/src/libstrongswan/plugins/hmac/Makefile.in
index ded48fbf2..067763049 100644
--- a/src/libstrongswan/plugins/hmac/Makefile.in
+++ b/src/libstrongswan/plugins/hmac/Makefile.in
@@ -85,22 +85,17 @@ CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
CPP = @CPP@
CPPFLAGS = @CPPFLAGS@
-CXX = @CXX@
-CXXCPP = @CXXCPP@
-CXXDEPMODE = @CXXDEPMODE@
-CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DSYMUTIL = @DSYMUTIL@
-ECHO = @ECHO@
+DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
ECHO_T = @ECHO_T@
EGREP = @EGREP@
EXEEXT = @EXEEXT@
-F77 = @F77@
-FFLAGS = @FFLAGS@
+FGREP = @FGREP@
GPERF = @GPERF@
GREP = @GREP@
INSTALL = @INSTALL@
@@ -110,6 +105,7 @@ INSTALL_SCRIPT = @INSTALL_SCRIPT@
INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@
IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@
+LD = @LD@
LDFLAGS = @LDFLAGS@
LEX = @LEX@
LEXLIB = @LEXLIB@
@@ -118,12 +114,16 @@ LIBOBJS = @LIBOBJS@
LIBS = @LIBS@
LIBTOOL = @LIBTOOL@
LINUX_HEADERS = @LINUX_HEADERS@
+LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
MKDIR_P = @MKDIR_P@
+NM = @NM@
NMEDIT = @NMEDIT@
OBJEXT = @OBJEXT@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
PACKAGE_NAME = @PACKAGE_NAME@
@@ -146,8 +146,7 @@ abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
ac_ct_CC = @ac_ct_CC@
-ac_ct_CXX = @ac_ct_CXX@
-ac_ct_F77 = @ac_ct_F77@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
am__leading_dot = @am__leading_dot@
am__quote = @am__quote@
@@ -186,6 +185,7 @@ libstrongswan_plugins = @libstrongswan_plugins@
linuxdir = @linuxdir@
localedir = @localedir@
localstatedir = @localstatedir@
+lt_ECHO = @lt_ECHO@
mandir = @mandir@
mkdir_p = @mkdir_p@
nm_CFLAGS = @nm_CFLAGS@
diff --git a/src/libstrongswan/plugins/ldap/Makefile.in b/src/libstrongswan/plugins/ldap/Makefile.in
index e828fbd44..e0109c6e8 100644
--- a/src/libstrongswan/plugins/ldap/Makefile.in
+++ b/src/libstrongswan/plugins/ldap/Makefile.in
@@ -84,22 +84,17 @@ CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
CPP = @CPP@
CPPFLAGS = @CPPFLAGS@
-CXX = @CXX@
-CXXCPP = @CXXCPP@
-CXXDEPMODE = @CXXDEPMODE@
-CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DSYMUTIL = @DSYMUTIL@
-ECHO = @ECHO@
+DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
ECHO_T = @ECHO_T@
EGREP = @EGREP@
EXEEXT = @EXEEXT@
-F77 = @F77@
-FFLAGS = @FFLAGS@
+FGREP = @FGREP@
GPERF = @GPERF@
GREP = @GREP@
INSTALL = @INSTALL@
@@ -109,6 +104,7 @@ INSTALL_SCRIPT = @INSTALL_SCRIPT@
INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@
IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@
+LD = @LD@
LDFLAGS = @LDFLAGS@
LEX = @LEX@
LEXLIB = @LEXLIB@
@@ -117,12 +113,16 @@ LIBOBJS = @LIBOBJS@
LIBS = @LIBS@
LIBTOOL = @LIBTOOL@
LINUX_HEADERS = @LINUX_HEADERS@
+LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
MKDIR_P = @MKDIR_P@
+NM = @NM@
NMEDIT = @NMEDIT@
OBJEXT = @OBJEXT@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
PACKAGE_NAME = @PACKAGE_NAME@
@@ -145,8 +145,7 @@ abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
ac_ct_CC = @ac_ct_CC@
-ac_ct_CXX = @ac_ct_CXX@
-ac_ct_F77 = @ac_ct_F77@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
am__leading_dot = @am__leading_dot@
am__quote = @am__quote@
@@ -185,6 +184,7 @@ libstrongswan_plugins = @libstrongswan_plugins@
linuxdir = @linuxdir@
localedir = @localedir@
localstatedir = @localstatedir@
+lt_ECHO = @lt_ECHO@
mandir = @mandir@
mkdir_p = @mkdir_p@
nm_CFLAGS = @nm_CFLAGS@
diff --git a/src/libstrongswan/plugins/md4/Makefile.am b/src/libstrongswan/plugins/md4/Makefile.am
new file mode 100644
index 000000000..f984322a6
--- /dev/null
+++ b/src/libstrongswan/plugins/md4/Makefile.am
@@ -0,0 +1,10 @@
+
+INCLUDES = -I$(top_srcdir)/src/libstrongswan
+
+AM_CFLAGS = -rdynamic
+
+plugin_LTLIBRARIES = libstrongswan-md4.la
+
+libstrongswan_md4_la_SOURCES = md4_plugin.h md4_plugin.c md4_hasher.c md4_hasher.h
+libstrongswan_md4_la_LDFLAGS = -module
+
diff --git a/src/libstrongswan/plugins/md4/Makefile.in b/src/libstrongswan/plugins/md4/Makefile.in
new file mode 100644
index 000000000..4dbe8a6c4
--- /dev/null
+++ b/src/libstrongswan/plugins/md4/Makefile.in
@@ -0,0 +1,496 @@
+# Makefile.in generated by automake 1.10.1 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+subdir = src/libstrongswan/plugins/md4
+DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(install_sh) -d
+CONFIG_CLEAN_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
+am__installdirs = "$(DESTDIR)$(plugindir)"
+pluginLTLIBRARIES_INSTALL = $(INSTALL)
+LTLIBRARIES = $(plugin_LTLIBRARIES)
+libstrongswan_md4_la_LIBADD =
+am_libstrongswan_md4_la_OBJECTS = md4_plugin.lo md4_hasher.lo
+libstrongswan_md4_la_OBJECTS = $(am_libstrongswan_md4_la_OBJECTS)
+libstrongswan_md4_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
+ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+ $(libstrongswan_md4_la_LDFLAGS) $(LDFLAGS) -o $@
+DEFAULT_INCLUDES = -I.@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = $(libstrongswan_md4_la_SOURCES)
+DIST_SOURCES = $(libstrongswan_md4_la_SOURCES)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DSYMUTIL = @DSYMUTIL@
+DUMPBIN = @DUMPBIN@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+FGREP = @FGREP@
+GPERF = @GPERF@
+GREP = @GREP@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@
+IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@
+LD = @LD@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBOBJS = @LIBOBJS@
+LIBS = @LIBS@
+LIBTOOL = @LIBTOOL@
+LINUX_HEADERS = @LINUX_HEADERS@
+LIPO = @LIPO@
+LN_S = @LN_S@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+NM = @NM@
+NMEDIT = @NMEDIT@
+OBJEXT = @OBJEXT@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PERL = @PERL@
+PKG_CONFIG = @PKG_CONFIG@
+RANLIB = @RANLIB@
+SED = @SED@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+VERSION = @VERSION@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+confdir = @confdir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+gtk_CFLAGS = @gtk_CFLAGS@
+gtk_LIBS = @gtk_LIBS@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+ipsecdir = @ipsecdir@
+ipsecgroup = @ipsecgroup@
+ipsecuser = @ipsecuser@
+libdir = @libdir@
+libexecdir = @libexecdir@
+libstrongswan_plugins = @libstrongswan_plugins@
+linuxdir = @linuxdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+lt_ECHO = @lt_ECHO@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+nm_CFLAGS = @nm_CFLAGS@
+nm_LIBS = @nm_LIBS@
+oldincludedir = @oldincludedir@
+pdfdir = @pdfdir@
+piddir = @piddir@
+plugindir = @plugindir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+resolv_conf = @resolv_conf@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+simreader = @simreader@
+srcdir = @srcdir@
+strongswan_conf = @strongswan_conf@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+xml_CFLAGS = @xml_CFLAGS@
+xml_LIBS = @xml_LIBS@
+INCLUDES = -I$(top_srcdir)/src/libstrongswan
+AM_CFLAGS = -rdynamic
+plugin_LTLIBRARIES = libstrongswan-md4.la
+libstrongswan_md4_la_SOURCES = md4_plugin.h md4_plugin.c md4_hasher.c md4_hasher.h
+libstrongswan_md4_la_LDFLAGS = -module
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/md4/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu src/libstrongswan/plugins/md4/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)"
+ @list='$(plugin_LTLIBRARIES)'; for p in $$list; do \
+ if test -f $$p; then \
+ f=$(am__strip_dir) \
+ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(pluginLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(plugindir)/$$f'"; \
+ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(pluginLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(plugindir)/$$f"; \
+ else :; fi; \
+ done
+
+uninstall-pluginLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(plugin_LTLIBRARIES)'; for p in $$list; do \
+ p=$(am__strip_dir) \
+ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(plugindir)/$$p'"; \
+ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(plugindir)/$$p"; \
+ done
+
+clean-pluginLTLIBRARIES:
+ -test -z "$(plugin_LTLIBRARIES)" || rm -f $(plugin_LTLIBRARIES)
+ @list='$(plugin_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+libstrongswan-md4.la: $(libstrongswan_md4_la_OBJECTS) $(libstrongswan_md4_la_DEPENDENCIES)
+ $(libstrongswan_md4_la_LINK) -rpath $(plugindir) $(libstrongswan_md4_la_OBJECTS) $(libstrongswan_md4_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/md4_hasher.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/md4_plugin.Plo@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \
+ END { if (nonempty) { for (i in files) print i; }; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
+ END { if (nonempty) { for (i in files) print i; }; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
+ END { if (nonempty) { for (i in files) print i; }; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+check: check-am
+all-am: Makefile $(LTLIBRARIES)
+installdirs:
+ for dir in "$(DESTDIR)$(plugindir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am: install-pluginLTLIBRARIES
+
+install-dvi: install-dvi-am
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-info: install-info-am
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-pluginLTLIBRARIES
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
+ clean-libtool clean-pluginLTLIBRARIES ctags distclean \
+ distclean-compile distclean-generic distclean-libtool \
+ distclean-tags distdir dvi dvi-am html html-am info info-am \
+ install install-am install-data install-data-am install-dvi \
+ install-dvi-am install-exec install-exec-am install-html \
+ install-html-am install-info install-info-am install-man \
+ install-pdf install-pdf-am install-pluginLTLIBRARIES \
+ install-ps install-ps-am install-strip installcheck \
+ installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags uninstall uninstall-am uninstall-pluginLTLIBRARIES
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/src/libstrongswan/plugins/md4/md4_hasher.c b/src/libstrongswan/plugins/md4/md4_hasher.c
new file mode 100644
index 000000000..9053bc68d
--- /dev/null
+++ b/src/libstrongswan/plugins/md4/md4_hasher.c
@@ -0,0 +1,359 @@
+/*
+ * Copyright (C) 2005-2006 Martin Willi
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ * Copyright (C) 1990-1992, RSA Data Security, Inc. Created 1990.
+ * All rights reserved.
+ *
+ * Derived from the RSA Data Security, Inc. MD4 Message-Digest Algorithm.
+ * Ported to fulfill hasher_t interface.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ *
+ * $Id: md4_hasher.c 4885 2009-02-19 10:16:45Z andreas $
+ */
+
+#include <string.h>
+
+#include "md4_hasher.h"
+
+/*
+ * Constants for MD4Transform routine.
+ */
+#define S11 3
+#define S12 7
+#define S13 11
+#define S14 19
+#define S21 3
+#define S22 5
+#define S23 9
+#define S24 13
+#define S31 3
+#define S32 9
+#define S33 11
+#define S34 15
+
+static u_int8_t PADDING[64] = {
+ 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
+};
+
+/*
+ * F, G, H and I are basic MD4 functions.
+ */
+#define F(x, y, z) (((x) & (y)) | ((~x) & (z)))
+#define G(x, y, z) (((x) & (y)) | ((x) & (z)) | ((y) & (z)))
+#define H(x, y, z) ((x) ^ (y) ^ (z))
+
+/*
+ * ROTATE_LEFT rotates x left n bits.
+ */
+#define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> (32-(n))))
+
+/* FF, GG and HH are transformations for rounds 1, 2 and 3
+ * Rotation is separate from addition to prevent recomputation
+ */
+#define FF(a, b, c, d, x, s) { \
+ (a) += F ((b), (c), (d)) + (x); \
+ (a) = ROTATE_LEFT ((a), (s)); \
+ }
+#define GG(a, b, c, d, x, s) { \
+ (a) += G ((b), (c), (d)) + (x) + (u_int32_t)0x5a827999; \
+ (a) = ROTATE_LEFT ((a), (s)); \
+ }
+#define HH(a, b, c, d, x, s) { \
+ (a) += H ((b), (c), (d)) + (x) + (u_int32_t)0x6ed9eba1; \
+ (a) = ROTATE_LEFT ((a), (s)); \
+ }
+
+typedef struct private_md4_hasher_t private_md4_hasher_t;
+
+/**
+ * Private data structure with hasing context.
+ */
+struct private_md4_hasher_t {
+ /**
+ * Public interface for this hasher.
+ */
+ md4_hasher_t public;
+
+ /*
+ * State of the hasher.
+ */
+ u_int32_t state[4];
+ u_int32_t count[2];
+ u_int8_t buffer[64];
+};
+
+#if BYTE_ORDER != LITTLE_ENDIAN
+
+/* Encodes input (u_int32_t) into output (u_int8_t). Assumes len is
+ * a multiple of 4.
+ */
+static void Encode (u_int8_t *output, u_int32_t *input, size_t len)
+{
+ size_t i, j;
+
+ for (i = 0, j = 0; j < len; i++, j += 4)
+ {
+ output[j] = (u_int8_t)(input[i] & 0xff);
+ output[j+1] = (u_int8_t)((input[i] >> 8) & 0xff);
+ output[j+2] = (u_int8_t)((input[i] >> 16) & 0xff);
+ output[j+3] = (u_int8_t)((input[i] >> 24) & 0xff);
+ }
+}
+
+/* Decodes input (u_int8_t) into output (u_int32_t). Assumes len is
+ * a multiple of 4.
+ */
+static void Decode(u_int32_t *output, u_int8_t *input, size_t len)
+{
+ size_t i, j;
+
+ for (i = 0, j = 0; j < len; i++, j += 4)
+ {
+ output[i] = ((u_int32_t)input[j]) | (((u_int32_t)input[j+1]) << 8) |
+ (((u_int32_t)input[j+2]) << 16) | (((u_int32_t)input[j+3]) << 24);
+ }
+}
+
+#elif BYTE_ORDER == LITTLE_ENDIAN
+ #define Encode memcpy
+ #define Decode memcpy
+#endif
+
+/*
+ * MD4 basic transformation. Transforms state based on block.
+ */
+static void MD4Transform(u_int32_t state[4], u_int8_t block[64])
+{
+ u_int32_t a = state[0], b = state[1], c = state[2], d = state[3], x[16];
+
+ Decode(x, block, 64);
+
+ /* Round 1 */
+ FF (a, b, c, d, x[ 0], S11); /* 1 */
+ FF (d, a, b, c, x[ 1], S12); /* 2 */
+ FF (c, d, a, b, x[ 2], S13); /* 3 */
+ FF (b, c, d, a, x[ 3], S14); /* 4 */
+ FF (a, b, c, d, x[ 4], S11); /* 5 */
+ FF (d, a, b, c, x[ 5], S12); /* 6 */
+ FF (c, d, a, b, x[ 6], S13); /* 7 */
+ FF (b, c, d, a, x[ 7], S14); /* 8 */
+ FF (a, b, c, d, x[ 8], S11); /* 9 */
+ FF (d, a, b, c, x[ 9], S12); /* 10 */
+ FF (c, d, a, b, x[10], S13); /* 11 */
+ FF (b, c, d, a, x[11], S14); /* 12 */
+ FF (a, b, c, d, x[12], S11); /* 13 */
+ FF (d, a, b, c, x[13], S12); /* 14 */
+ FF (c, d, a, b, x[14], S13); /* 15 */
+ FF (b, c, d, a, x[15], S14); /* 16 */
+
+ /* Round 2 */
+ GG (a, b, c, d, x[ 0], S21); /* 17 */
+ GG (d, a, b, c, x[ 4], S22); /* 18 */
+ GG (c, d, a, b, x[ 8], S23); /* 19 */
+ GG (b, c, d, a, x[12], S24); /* 20 */
+ GG (a, b, c, d, x[ 1], S21); /* 21 */
+ GG (d, a, b, c, x[ 5], S22); /* 22 */
+ GG (c, d, a, b, x[ 9], S23); /* 23 */
+ GG (b, c, d, a, x[13], S24); /* 24 */
+ GG (a, b, c, d, x[ 2], S21); /* 25 */
+ GG (d, a, b, c, x[ 6], S22); /* 26 */
+ GG (c, d, a, b, x[10], S23); /* 27 */
+ GG (b, c, d, a, x[14], S24); /* 28 */
+ GG (a, b, c, d, x[ 3], S21); /* 29 */
+ GG (d, a, b, c, x[ 7], S22); /* 30 */
+ GG (c, d, a, b, x[11], S23); /* 31 */
+ GG (b, c, d, a, x[15], S24); /* 32 */
+
+ /* Round 3 */
+ HH (a, b, c, d, x[ 0], S31); /* 33 */
+ HH (d, a, b, c, x[ 8], S32); /* 34 */
+ HH (c, d, a, b, x[ 4], S33); /* 35 */
+ HH (b, c, d, a, x[12], S34); /* 36 */
+ HH (a, b, c, d, x[ 2], S31); /* 37 */
+ HH (d, a, b, c, x[10], S32); /* 38 */
+ HH (c, d, a, b, x[ 6], S33); /* 39 */
+ HH (b, c, d, a, x[14], S34); /* 40 */
+ HH (a, b, c, d, x[ 1], S31); /* 41 */
+ HH (d, a, b, c, x[ 9], S32); /* 42 */
+ HH (c, d, a, b, x[ 5], S33); /* 43 */
+ HH (b, c, d, a, x[13], S34); /* 44 */
+ HH (a, b, c, d, x[ 3], S31); /* 45 */
+ HH (d, a, b, c, x[11], S32); /* 46 */
+ HH (c, d, a, b, x[ 7], S33); /* 47 */
+ HH (b, c, d, a, x[15], S34); /* 48 */
+
+ state[0] += a;
+ state[1] += b;
+ state[2] += c;
+ state[3] += d;
+}
+
+/* MD4 block update operation. Continues an MD4 message-digest
+ * operation, processing another message block, and updating the
+ * context.
+ */
+static void MD4Update(private_md4_hasher_t *this, u_int8_t *input, size_t inputLen)
+{
+ u_int32_t i;
+ size_t index, partLen;
+
+ /* Compute number of bytes mod 64 */
+ index = (u_int8_t)((this->count[0] >> 3) & 0x3F);
+
+ /* Update number of bits */
+ if ((this->count[0] += (inputLen << 3)) < (inputLen << 3))
+ {
+ this->count[1]++;
+ }
+ this->count[1] += (inputLen >> 29);
+
+ partLen = 64 - index;
+
+ /* Transform as many times as possible. */
+ if (inputLen >= partLen)
+ {
+ memcpy(&this->buffer[index], input, partLen);
+ MD4Transform (this->state, this->buffer);
+
+ for (i = partLen; i + 63 < inputLen; i += 64)
+ {
+ MD4Transform (this->state, &input[i]);
+ }
+ index = 0;
+ }
+ else
+ {
+ i = 0;
+ }
+
+ /* Buffer remaining input */
+ memcpy(&this->buffer[index], &input[i], inputLen-i);
+}
+
+/* MD4 finalization. Ends an MD4 message-digest operation, writing the
+ * the message digest and zeroizing the context.
+ */
+static void MD4Final (private_md4_hasher_t *this, u_int8_t digest[16])
+{
+ u_int8_t bits[8];
+ size_t index, padLen;
+
+ /* Save number of bits */
+ Encode (bits, this->count, 8);
+
+ /* Pad out to 56 mod 64. */
+ index = (size_t)((this->count[0] >> 3) & 0x3f);
+ padLen = (index < 56) ? (56 - index) : (120 - index);
+ MD4Update (this, PADDING, padLen);
+
+ /* Append length (before padding) */
+ MD4Update (this, bits, 8);
+
+ if (digest != NULL) /* Bill Simpson's padding */
+ {
+ /* store state in digest */
+ Encode (digest, this->state, 16);
+ }
+}
+
+
+
+/**
+ * Implementation of hasher_t.get_hash.
+ */
+static void get_hash(private_md4_hasher_t *this, chunk_t chunk, u_int8_t *buffer)
+{
+ MD4Update(this, chunk.ptr, chunk.len);
+ if (buffer != NULL)
+ {
+ MD4Final(this, buffer);
+ this->public.hasher_interface.reset(&(this->public.hasher_interface));
+ }
+}
+
+
+/**
+ * Implementation of hasher_t.allocate_hash.
+ */
+static void allocate_hash(private_md4_hasher_t *this, chunk_t chunk, chunk_t *hash)
+{
+ chunk_t allocated_hash;
+
+ MD4Update(this, chunk.ptr, chunk.len);
+ if (hash != NULL)
+ {
+ allocated_hash.ptr = malloc(HASH_SIZE_MD4);
+ allocated_hash.len = HASH_SIZE_MD4;
+
+ MD4Final(this, allocated_hash.ptr);
+ this->public.hasher_interface.reset(&(this->public.hasher_interface));
+
+ *hash = allocated_hash;
+ }
+}
+
+/**
+ * Implementation of hasher_t.get_hash_size.
+ */
+static size_t get_hash_size(private_md4_hasher_t *this)
+{
+ return HASH_SIZE_MD4;
+}
+
+/**
+ * Implementation of hasher_t.reset.
+ */
+static void reset(private_md4_hasher_t *this)
+{
+ this->state[0] = 0x67452301;
+ this->state[1] = 0xefcdab89;
+ this->state[2] = 0x98badcfe;
+ this->state[3] = 0x10325476;
+ this->count[0] = 0;
+ this->count[1] = 0;
+}
+
+/**
+ * Implementation of hasher_t.destroy.
+ */
+static void destroy(private_md4_hasher_t *this)
+{
+ free(this);
+}
+
+/*
+ * Described in header.
+ */
+md4_hasher_t *md4_hasher_create(hash_algorithm_t algo)
+{
+ private_md4_hasher_t *this;
+
+ if (algo != HASH_MD4)
+ {
+ return NULL;
+ }
+ this = malloc_thing(private_md4_hasher_t);
+
+ this->public.hasher_interface.get_hash = (void (*) (hasher_t*, chunk_t, u_int8_t*))get_hash;
+ this->public.hasher_interface.allocate_hash = (void (*) (hasher_t*, chunk_t, chunk_t*))allocate_hash;
+ this->public.hasher_interface.get_hash_size = (size_t (*) (hasher_t*))get_hash_size;
+ this->public.hasher_interface.reset = (void (*) (hasher_t*))reset;
+ this->public.hasher_interface.destroy = (void (*) (hasher_t*))destroy;
+
+ /* initialize */
+ reset(this);
+
+ return &(this->public);
+}
diff --git a/src/libstrongswan/plugins/md4/md4_hasher.h b/src/libstrongswan/plugins/md4/md4_hasher.h
new file mode 100644
index 000000000..75956fde6
--- /dev/null
+++ b/src/libstrongswan/plugins/md4/md4_hasher.h
@@ -0,0 +1,48 @@
+/*
+ * Copyright (C) 2008 Martin Willi
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup md4_hasher md4_hasher
+ * @{ @ingroup md4_p
+ */
+
+#ifndef MD4_HASHER_H_
+#define MD4_HASHER_H_
+
+typedef struct md4_hasher_t md4_hasher_t;
+
+#include <crypto/hashers/hasher.h>
+
+/**
+ * Implementation of hasher_t interface using the MD4 algorithm.
+ */
+struct md4_hasher_t {
+
+ /**
+ * Generic hasher_t interface for this hasher.
+ */
+ hasher_t hasher_interface;
+};
+
+/**
+ * Creates a new md4_hasher_t.
+ *
+ * @param algo hash algorithm, must be HASH_MD4
+ * @return md4_hasher_t object, NULL if not supported
+ */
+md4_hasher_t *md4_hasher_create(hash_algorithm_t algo);
+
+#endif /*MD4_HASHER_H_@}*/
diff --git a/src/libstrongswan/plugins/md4/md4_plugin.c b/src/libstrongswan/plugins/md4/md4_plugin.c
new file mode 100644
index 000000000..df77314f7
--- /dev/null
+++ b/src/libstrongswan/plugins/md4/md4_plugin.c
@@ -0,0 +1,60 @@
+/*
+ * Copyright (C) 2008 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ *
+ * $Id: md4_plugin.c 4885 2009-02-19 10:16:45Z andreas $
+ */
+
+#include "md4_plugin.h"
+
+#include <library.h>
+#include "md4_hasher.h"
+
+typedef struct private_md4_plugin_t private_md4_plugin_t;
+
+/**
+ * private data of md4_plugin
+ */
+struct private_md4_plugin_t {
+
+ /**
+ * public functions
+ */
+ md4_plugin_t public;
+};
+
+/**
+ * Implementation of md4_plugin_t.destroy
+ */
+static void destroy(private_md4_plugin_t *this)
+{
+ lib->crypto->remove_hasher(lib->crypto,
+ (hasher_constructor_t)md4_hasher_create);
+ free(this);
+}
+
+/*
+ * see header file
+ */
+plugin_t *plugin_create()
+{
+ private_md4_plugin_t *this = malloc_thing(private_md4_plugin_t);
+
+ this->public.plugin.destroy = (void(*)(plugin_t*))destroy;
+
+ lib->crypto->add_hasher(lib->crypto, HASH_MD4,
+ (hasher_constructor_t)md4_hasher_create);
+
+ return &this->public.plugin;
+}
+
diff --git a/src/libstrongswan/plugins/md4/md4_plugin.h b/src/libstrongswan/plugins/md4/md4_plugin.h
new file mode 100644
index 000000000..965bff261
--- /dev/null
+++ b/src/libstrongswan/plugins/md4/md4_plugin.h
@@ -0,0 +1,47 @@
+/*
+ * Copyright (C) 2008 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup md4_p md4
+ * @ingroup plugins
+ *
+ * @defgroup md4_plugin md4_plugin
+ * @{ @ingroup md4_p
+ */
+
+#ifndef MD4_PLUGIN_H_
+#define MD4_PLUGIN_H_
+
+#include <plugins/plugin.h>
+
+typedef struct md4_plugin_t md4_plugin_t;
+
+/**
+ * Plugin implementing the md4 hash algorithm in software.
+ */
+struct md4_plugin_t {
+
+ /**
+ * implements plugin interface
+ */
+ plugin_t plugin;
+};
+
+/**
+ * Create a md4_plugin instance.
+ */
+plugin_t *plugin_create();
+
+#endif /* MD4_PLUGIN_H_ @}*/
diff --git a/src/libstrongswan/plugins/md5/Makefile.in b/src/libstrongswan/plugins/md5/Makefile.in
index 43b921e63..a73e78b05 100644
--- a/src/libstrongswan/plugins/md5/Makefile.in
+++ b/src/libstrongswan/plugins/md5/Makefile.in
@@ -84,22 +84,17 @@ CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
CPP = @CPP@
CPPFLAGS = @CPPFLAGS@
-CXX = @CXX@
-CXXCPP = @CXXCPP@
-CXXDEPMODE = @CXXDEPMODE@
-CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DSYMUTIL = @DSYMUTIL@
-ECHO = @ECHO@
+DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
ECHO_T = @ECHO_T@
EGREP = @EGREP@
EXEEXT = @EXEEXT@
-F77 = @F77@
-FFLAGS = @FFLAGS@
+FGREP = @FGREP@
GPERF = @GPERF@
GREP = @GREP@
INSTALL = @INSTALL@
@@ -109,6 +104,7 @@ INSTALL_SCRIPT = @INSTALL_SCRIPT@
INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@
IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@
+LD = @LD@
LDFLAGS = @LDFLAGS@
LEX = @LEX@
LEXLIB = @LEXLIB@
@@ -117,12 +113,16 @@ LIBOBJS = @LIBOBJS@
LIBS = @LIBS@
LIBTOOL = @LIBTOOL@
LINUX_HEADERS = @LINUX_HEADERS@
+LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
MKDIR_P = @MKDIR_P@
+NM = @NM@
NMEDIT = @NMEDIT@
OBJEXT = @OBJEXT@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
PACKAGE_NAME = @PACKAGE_NAME@
@@ -145,8 +145,7 @@ abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
ac_ct_CC = @ac_ct_CC@
-ac_ct_CXX = @ac_ct_CXX@
-ac_ct_F77 = @ac_ct_F77@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
am__leading_dot = @am__leading_dot@
am__quote = @am__quote@
@@ -185,6 +184,7 @@ libstrongswan_plugins = @libstrongswan_plugins@
linuxdir = @linuxdir@
localedir = @localedir@
localstatedir = @localstatedir@
+lt_ECHO = @lt_ECHO@
mandir = @mandir@
mkdir_p = @mkdir_p@
nm_CFLAGS = @nm_CFLAGS@
diff --git a/src/libstrongswan/plugins/mysql/Makefile.in b/src/libstrongswan/plugins/mysql/Makefile.in
index 96dc33fe5..9a16662b9 100644
--- a/src/libstrongswan/plugins/mysql/Makefile.in
+++ b/src/libstrongswan/plugins/mysql/Makefile.in
@@ -84,22 +84,17 @@ CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
CPP = @CPP@
CPPFLAGS = @CPPFLAGS@
-CXX = @CXX@
-CXXCPP = @CXXCPP@
-CXXDEPMODE = @CXXDEPMODE@
-CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DSYMUTIL = @DSYMUTIL@
-ECHO = @ECHO@
+DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
ECHO_T = @ECHO_T@
EGREP = @EGREP@
EXEEXT = @EXEEXT@
-F77 = @F77@
-FFLAGS = @FFLAGS@
+FGREP = @FGREP@
GPERF = @GPERF@
GREP = @GREP@
INSTALL = @INSTALL@
@@ -109,6 +104,7 @@ INSTALL_SCRIPT = @INSTALL_SCRIPT@
INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@
IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@
+LD = @LD@
LDFLAGS = @LDFLAGS@
LEX = @LEX@
LEXLIB = @LEXLIB@
@@ -117,12 +113,16 @@ LIBOBJS = @LIBOBJS@
LIBS = @LIBS@
LIBTOOL = @LIBTOOL@
LINUX_HEADERS = @LINUX_HEADERS@
+LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
MKDIR_P = @MKDIR_P@
+NM = @NM@
NMEDIT = @NMEDIT@
OBJEXT = @OBJEXT@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
PACKAGE_NAME = @PACKAGE_NAME@
@@ -145,8 +145,7 @@ abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
ac_ct_CC = @ac_ct_CC@
-ac_ct_CXX = @ac_ct_CXX@
-ac_ct_F77 = @ac_ct_F77@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
am__leading_dot = @am__leading_dot@
am__quote = @am__quote@
@@ -185,6 +184,7 @@ libstrongswan_plugins = @libstrongswan_plugins@
linuxdir = @linuxdir@
localedir = @localedir@
localstatedir = @localstatedir@
+lt_ECHO = @lt_ECHO@
mandir = @mandir@
mkdir_p = @mkdir_p@
nm_CFLAGS = @nm_CFLAGS@
diff --git a/src/libstrongswan/plugins/openssl/Makefile.in b/src/libstrongswan/plugins/openssl/Makefile.in
index 746b5cf4b..0af89d377 100644
--- a/src/libstrongswan/plugins/openssl/Makefile.in
+++ b/src/libstrongswan/plugins/openssl/Makefile.in
@@ -89,22 +89,17 @@ CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
CPP = @CPP@
CPPFLAGS = @CPPFLAGS@
-CXX = @CXX@
-CXXCPP = @CXXCPP@
-CXXDEPMODE = @CXXDEPMODE@
-CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DSYMUTIL = @DSYMUTIL@
-ECHO = @ECHO@
+DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
ECHO_T = @ECHO_T@
EGREP = @EGREP@
EXEEXT = @EXEEXT@
-F77 = @F77@
-FFLAGS = @FFLAGS@
+FGREP = @FGREP@
GPERF = @GPERF@
GREP = @GREP@
INSTALL = @INSTALL@
@@ -114,6 +109,7 @@ INSTALL_SCRIPT = @INSTALL_SCRIPT@
INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@
IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@
+LD = @LD@
LDFLAGS = @LDFLAGS@
LEX = @LEX@
LEXLIB = @LEXLIB@
@@ -122,12 +118,16 @@ LIBOBJS = @LIBOBJS@
LIBS = @LIBS@
LIBTOOL = @LIBTOOL@
LINUX_HEADERS = @LINUX_HEADERS@
+LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
MKDIR_P = @MKDIR_P@
+NM = @NM@
NMEDIT = @NMEDIT@
OBJEXT = @OBJEXT@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
PACKAGE_NAME = @PACKAGE_NAME@
@@ -150,8 +150,7 @@ abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
ac_ct_CC = @ac_ct_CC@
-ac_ct_CXX = @ac_ct_CXX@
-ac_ct_F77 = @ac_ct_F77@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
am__leading_dot = @am__leading_dot@
am__quote = @am__quote@
@@ -190,6 +189,7 @@ libstrongswan_plugins = @libstrongswan_plugins@
linuxdir = @linuxdir@
localedir = @localedir@
localstatedir = @localstatedir@
+lt_ECHO = @lt_ECHO@
mandir = @mandir@
mkdir_p = @mkdir_p@
nm_CFLAGS = @nm_CFLAGS@
diff --git a/src/libstrongswan/plugins/openssl/openssl_crypter.c b/src/libstrongswan/plugins/openssl/openssl_crypter.c
index e59c4d615..5eddeb5f9 100644
--- a/src/libstrongswan/plugins/openssl/openssl_crypter.c
+++ b/src/libstrongswan/plugins/openssl/openssl_crypter.c
@@ -12,7 +12,7 @@
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*
- * $Id: openssl_crypter.c 4020 2008-05-28 12:20:38Z andreas $
+ * $Id: openssl_crypter.c 4879 2009-02-18 19:41:33Z tobias $
*/
#include "openssl_crypter.h"
@@ -224,6 +224,9 @@ openssl_crypter_t *openssl_crypter_create(encryption_algorithm_t algo,
return NULL;
}
break;
+ case ENCR_DES_ECB:
+ this->cipher = EVP_des_ecb();
+ break;
default:
{
char* name = lookup_algorithm(encryption_algs, algo, &key_size);
diff --git a/src/libstrongswan/plugins/openssl/openssl_hasher.c b/src/libstrongswan/plugins/openssl/openssl_hasher.c
index 1275cdfb0..d344dbd51 100644
--- a/src/libstrongswan/plugins/openssl/openssl_hasher.c
+++ b/src/libstrongswan/plugins/openssl/openssl_hasher.c
@@ -12,7 +12,7 @@
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*
- * $Id: openssl_hasher.c 3898 2008-04-30 09:23:13Z tobias $
+ * $Id: openssl_hasher.c 4879 2009-02-18 19:41:33Z tobias $
*/
#include "openssl_hasher.h"
@@ -69,7 +69,8 @@ static openssl_algorithm_t integrity_algs[] = {
{HASH_SHA1, "sha1"},
{HASH_SHA256, "sha256"},
{HASH_SHA384, "sha384"},
- {HASH_SHA512, "sha512"},
+ {HASH_SHA512, "sha512"},
+ {HASH_MD4, "md4"},
{END_OF_LIST, NULL},
};
diff --git a/src/libstrongswan/plugins/openssl/openssl_plugin.c b/src/libstrongswan/plugins/openssl/openssl_plugin.c
index dcc78aed6..725daff01 100644
--- a/src/libstrongswan/plugins/openssl/openssl_plugin.c
+++ b/src/libstrongswan/plugins/openssl/openssl_plugin.c
@@ -13,9 +13,10 @@
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*
- * $Id: openssl_plugin.c 4583 2008-11-05 12:37:37Z martin $
+ * $Id: openssl_plugin.c 4879 2009-02-18 19:41:33Z tobias $
*/
+#include <openssl/conf.h>
#include <openssl/evp.h>
#include <openssl/engine.h>
#include <openssl/crypto.h>
@@ -185,6 +186,7 @@ static void destroy(private_openssl_plugin_t *this)
ENGINE_cleanup();
EVP_cleanup();
+ CONF_modules_free();
threading_cleanup();
@@ -202,6 +204,7 @@ plugin_t *plugin_create()
threading_init();
+ OPENSSL_config(NULL);
OpenSSL_add_all_algorithms();
/* activate support for hardware accelerators */
@@ -223,6 +226,8 @@ plugin_t *plugin_create()
(crypter_constructor_t)openssl_crypter_create);
lib->crypto->add_crypter(lib->crypto, ENCR_DES,
(crypter_constructor_t)openssl_crypter_create);
+ lib->crypto->add_crypter(lib->crypto, ENCR_DES_ECB,
+ (crypter_constructor_t)openssl_crypter_create);
lib->crypto->add_crypter(lib->crypto, ENCR_NULL,
(crypter_constructor_t)openssl_crypter_create);
@@ -231,6 +236,8 @@ plugin_t *plugin_create()
(hasher_constructor_t)openssl_hasher_create);
lib->crypto->add_hasher(lib->crypto, HASH_MD2,
(hasher_constructor_t)openssl_hasher_create);
+ lib->crypto->add_hasher(lib->crypto, HASH_MD4,
+ (hasher_constructor_t)openssl_hasher_create);
lib->crypto->add_hasher(lib->crypto, HASH_MD5,
(hasher_constructor_t)openssl_hasher_create);
lib->crypto->add_hasher(lib->crypto, HASH_SHA256,
diff --git a/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c b/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c
index a815ce622..9730e0ab2 100644
--- a/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c
+++ b/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c
@@ -12,7 +12,7 @@
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*
- * $Id: openssl_rsa_private_key.c 4564 2008-11-04 13:01:36Z martin $
+ * $Id: openssl_rsa_private_key.c 4745 2008-12-03 10:12:20Z tobias $
*/
#include "openssl_rsa_private_key.h"
@@ -22,6 +22,7 @@
#include <openssl/evp.h>
#include <openssl/rsa.h>
+#include <openssl/engine.h>
/**
* Public exponent to use for key generation.
@@ -43,6 +44,11 @@ struct private_openssl_rsa_private_key_t {
* RSA object from OpenSSL
*/
RSA *rsa;
+
+ /**
+ * TRUE if the key is from an OpenSSL ENGINE and might not be readable
+ */
+ bool engine;
/**
* Keyid formed as a SHA-1 hash of a privateKey object
@@ -238,9 +244,13 @@ static bool belongs_to(private_openssl_rsa_private_key_t *this, public_key_t *pu
*/
static chunk_t get_encoding(private_openssl_rsa_private_key_t *this)
{
- chunk_t enc = chunk_alloc(i2d_RSAPrivateKey(this->rsa, NULL));
- u_char *p = enc.ptr;
- i2d_RSAPrivateKey(this->rsa, &p);
+ chunk_t enc = chunk_empty;
+ if (!this->engine)
+ {
+ enc = chunk_alloc(i2d_RSAPrivateKey(this->rsa, NULL));
+ u_char *p = enc.ptr;
+ i2d_RSAPrivateKey(this->rsa, &p);
+ }
return enc;
}
@@ -289,6 +299,7 @@ static private_openssl_rsa_private_key_t *openssl_rsa_private_key_create_empty(v
this->public.interface.get_ref = (private_key_t* (*)(private_key_t *this))get_ref;
this->public.interface.destroy = (void (*)(private_key_t *this))destroy;
+ this->engine = FALSE;
this->keyid = NULL;
this->keyid_info = NULL;
this->ref = 1;
@@ -347,6 +358,61 @@ static openssl_rsa_private_key_t *load(chunk_t blob)
return &this->public;
}
+/**
+ * load private key from a smart card
+ */
+static openssl_rsa_private_key_t *load_from_smartcard(char *keyid, char *pin)
+{
+ private_openssl_rsa_private_key_t *this = NULL;
+ EVP_PKEY *key;
+ char *engine_id = lib->settings->get_str(lib->settings,
+ "library.plugins.openssl.engine_id", "pkcs11");
+
+ ENGINE *engine = ENGINE_by_id(engine_id);
+ if (!engine)
+ {
+ DBG1("engine '%s' is not available", engine_id);
+ return NULL;
+ }
+
+ if (!ENGINE_init(engine))
+ {
+ DBG1("failed to initialize engine '%s'", engine_id);
+ goto error;
+ }
+
+ if (!ENGINE_ctrl_cmd_string(engine, "PIN", pin, 0))
+ {
+ DBG1("failed to set PIN on engine '%s'", engine_id);
+ goto error;
+ }
+
+ key = ENGINE_load_private_key(engine, keyid, NULL, NULL);
+
+ if (!key)
+ {
+ DBG1("failed to load private key with ID '%s' from engine '%s'", keyid,
+ engine_id);
+ goto error;
+ }
+ ENGINE_free(engine);
+
+ this = openssl_rsa_private_key_create_empty();
+ this->rsa = EVP_PKEY_get1_RSA(key);
+ this->engine = TRUE;
+
+ if (!openssl_rsa_public_key_build_id(this->rsa, &this->keyid, &this->keyid_info))
+ {
+ destroy(this);
+ return NULL;
+ }
+ return &this->public;
+
+error:
+ ENGINE_free(engine);
+ return NULL;
+}
+
typedef struct private_builder_t private_builder_t;
/**
* Builder implementation for key loading/generation
@@ -356,6 +422,10 @@ struct private_builder_t {
builder_t public;
/** loaded/generated private key */
openssl_rsa_private_key_t *key;
+ /** temporary stored smartcard key ID */
+ char *keyid;
+ /** temporary stored smartcard pin */
+ char *pin;
};
/**
@@ -365,6 +435,10 @@ static openssl_rsa_private_key_t *build(private_builder_t *this)
{
openssl_rsa_private_key_t *key = this->key;
+ if (this->keyid && this->pin)
+ {
+ key = load_from_smartcard(this->keyid, this->pin);
+ }
free(this);
return key;
}
@@ -396,6 +470,20 @@ static void add(private_builder_t *this, builder_part_t part, ...)
va_end(args);
return;
}
+ case BUILD_SMARTCARD_KEYID:
+ {
+ va_start(args, part);
+ this->keyid = va_arg(args, char*);
+ va_end(args);
+ return;
+ }
+ case BUILD_SMARTCARD_PIN:
+ {
+ va_start(args, part);
+ this->pin = va_arg(args, char*);
+ va_end(args);
+ return;
+ }
default:
break;
}
@@ -424,6 +512,8 @@ builder_t *openssl_rsa_private_key_builder(key_type_t type)
this->key = NULL;
this->public.add = (void(*)(builder_t *this, builder_part_t part, ...))add;
this->public.build = (void*(*)(builder_t *this))build;
+ this->keyid = NULL;
+ this->pin = NULL;
return &this->public;
}
diff --git a/src/libstrongswan/plugins/padlock/Makefile.am b/src/libstrongswan/plugins/padlock/Makefile.am
index e2e76e9e6..e7c3ba486 100644
--- a/src/libstrongswan/plugins/padlock/Makefile.am
+++ b/src/libstrongswan/plugins/padlock/Makefile.am
@@ -7,6 +7,7 @@ plugin_LTLIBRARIES = libstrongswan-padlock.la
libstrongswan_padlock_la_SOURCES = padlock_plugin.h padlock_plugin.c \
padlock_aes_crypter.c padlock_aes_crypter.h \
- padlock_sha1_hasher.c padlock_sha1_hasher.h
+ padlock_sha1_hasher.c padlock_sha1_hasher.h \
+ padlock_rng.c padlock_rng.h
libstrongswan_padlock_la_LDFLAGS = -module
diff --git a/src/libstrongswan/plugins/padlock/Makefile.in b/src/libstrongswan/plugins/padlock/Makefile.in
index 1b032e3d4..290b4836d 100644
--- a/src/libstrongswan/plugins/padlock/Makefile.in
+++ b/src/libstrongswan/plugins/padlock/Makefile.in
@@ -51,7 +51,7 @@ pluginLTLIBRARIES_INSTALL = $(INSTALL)
LTLIBRARIES = $(plugin_LTLIBRARIES)
libstrongswan_padlock_la_LIBADD =
am_libstrongswan_padlock_la_OBJECTS = padlock_plugin.lo \
- padlock_aes_crypter.lo padlock_sha1_hasher.lo
+ padlock_aes_crypter.lo padlock_sha1_hasher.lo padlock_rng.lo
libstrongswan_padlock_la_OBJECTS = \
$(am_libstrongswan_padlock_la_OBJECTS)
libstrongswan_padlock_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
@@ -86,22 +86,17 @@ CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
CPP = @CPP@
CPPFLAGS = @CPPFLAGS@
-CXX = @CXX@
-CXXCPP = @CXXCPP@
-CXXDEPMODE = @CXXDEPMODE@
-CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DSYMUTIL = @DSYMUTIL@
-ECHO = @ECHO@
+DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
ECHO_T = @ECHO_T@
EGREP = @EGREP@
EXEEXT = @EXEEXT@
-F77 = @F77@
-FFLAGS = @FFLAGS@
+FGREP = @FGREP@
GPERF = @GPERF@
GREP = @GREP@
INSTALL = @INSTALL@
@@ -111,6 +106,7 @@ INSTALL_SCRIPT = @INSTALL_SCRIPT@
INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@
IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@
+LD = @LD@
LDFLAGS = @LDFLAGS@
LEX = @LEX@
LEXLIB = @LEXLIB@
@@ -119,12 +115,16 @@ LIBOBJS = @LIBOBJS@
LIBS = @LIBS@
LIBTOOL = @LIBTOOL@
LINUX_HEADERS = @LINUX_HEADERS@
+LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
MKDIR_P = @MKDIR_P@
+NM = @NM@
NMEDIT = @NMEDIT@
OBJEXT = @OBJEXT@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
PACKAGE_NAME = @PACKAGE_NAME@
@@ -147,8 +147,7 @@ abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
ac_ct_CC = @ac_ct_CC@
-ac_ct_CXX = @ac_ct_CXX@
-ac_ct_F77 = @ac_ct_F77@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
am__leading_dot = @am__leading_dot@
am__quote = @am__quote@
@@ -187,6 +186,7 @@ libstrongswan_plugins = @libstrongswan_plugins@
linuxdir = @linuxdir@
localedir = @localedir@
localstatedir = @localstatedir@
+lt_ECHO = @lt_ECHO@
mandir = @mandir@
mkdir_p = @mkdir_p@
nm_CFLAGS = @nm_CFLAGS@
@@ -215,7 +215,8 @@ AM_CFLAGS = -rdynamic
plugin_LTLIBRARIES = libstrongswan-padlock.la
libstrongswan_padlock_la_SOURCES = padlock_plugin.h padlock_plugin.c \
padlock_aes_crypter.c padlock_aes_crypter.h \
- padlock_sha1_hasher.c padlock_sha1_hasher.h
+ padlock_sha1_hasher.c padlock_sha1_hasher.h \
+ padlock_rng.c padlock_rng.h
libstrongswan_padlock_la_LDFLAGS = -module
all: all-am
@@ -289,6 +290,7 @@ distclean-compile:
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/padlock_aes_crypter.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/padlock_plugin.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/padlock_rng.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/padlock_sha1_hasher.Plo@am__quote@
.c.o:
diff --git a/src/libstrongswan/plugins/padlock/padlock_plugin.c b/src/libstrongswan/plugins/padlock/padlock_plugin.c
index 822acc4a2..d0b55bcd9 100644
--- a/src/libstrongswan/plugins/padlock/padlock_plugin.c
+++ b/src/libstrongswan/plugins/padlock/padlock_plugin.c
@@ -16,12 +16,37 @@
*/
#include "padlock_plugin.h"
-
-#include <library.h>
#include "padlock_aes_crypter.h"
#include "padlock_sha1_hasher.h"
+#include "padlock_rng.h"
+
+#include <stdio.h>
+
+#include <library.h>
+#include <debug.h>
typedef struct private_padlock_plugin_t private_padlock_plugin_t;
+typedef enum padlock_feature_t padlock_feature_t;
+
+/**
+ * Feature flags of padlock, received via cpuid()
+ */
+enum padlock_feature_t {
+ PADLOCK_RESERVED_1 = (1<<0),
+ PADLOCK_RESERVED_2 = (1<<1),
+ PADLOCK_RNG_AVAILABLE = (1<<2),
+ PADLOCK_RNG_ENABLED = (1<<3),
+ PADLOCK_RESERVED_3 = (1<<4),
+ PADLOCK_RESERVED_4 = (1<<5),
+ PADLOCK_ACE_AVAILABLE = (1<<6),
+ PADLOCK_ACE_ENABLED = (1<<7),
+ PADLOCK_ACE2_AVAILABLE = (1<<8),
+ PADLOCK_ACE2_ENABLED = (1<<9),
+ PADLOCK_PHE_AVAILABLE = (1<<10),
+ PADLOCK_PHE_ENABLED = (1<<11),
+ PADLOCK_PMM_AVAILABLE = (1<<12),
+ PADLOCK_PMM_ENABLED = (1<<13),
+};
/**
* private data of aes_plugin
@@ -32,17 +57,76 @@ struct private_padlock_plugin_t {
* public functions
*/
padlock_plugin_t public;
+
+ /**
+ * features supported by Padlock
+ */
+ padlock_feature_t features;
};
/**
+ * Get cpuid for info, return eax, ebx, ecx and edx. -fPIC requires to save ebx.
+ */
+#define cpuid(op, a, b, c, d)\
+ asm (\
+ "pushl %%ebx \n\t"\
+ "cpuid \n\t"\
+ "movl %%ebx, %1 \n\t"\
+ "popl %%ebx \n\t"\
+ : "=a" (a), "=r" (b), "=c" (c), "=d" (d) \
+ : "a" (op));
+
+/**
+ * Get features supported by Padlock
+ */
+static padlock_feature_t get_padlock_features()
+{
+ char vendor[3 * sizeof(int) + 1];
+ int a, b, c, d;
+
+ cpuid(0, a, b, c, d);
+ /* VendorID string is in b-d-c (yes, in this order) */
+ snprintf(vendor, sizeof(vendor), "%.4s%.4s%.4s", &b, &d, &c);
+
+ /* check if we have a VIA chip */
+ if (streq(vendor, "CentaurHauls"))
+ {
+ cpuid(0xC0000000, a, b, c, d);
+ /* check Centaur Extended Feature Flags */
+ if (a >= 0xC0000001)
+ {
+ cpuid(0xC0000001, a, b, c, d);
+ return d;
+ }
+ }
+ DBG1("Padlock not found, CPU is %s\n", vendor);
+ return 0;
+}
+
+/**
* Implementation of aes_plugin_t.destroy
*/
static void destroy(private_padlock_plugin_t *this)
{
- lib->crypto->remove_crypter(lib->crypto,
- (crypter_constructor_t)padlock_aes_crypter_create);
- lib->crypto->remove_hasher(lib->crypto,
- (hasher_constructor_t)padlock_sha1_hasher_create);
+ if (this->features & PADLOCK_RNG_ENABLED)
+ {
+ lib->crypto->remove_rng(lib->crypto,
+ (rng_constructor_t)padlock_rng_create);
+ lib->crypto->remove_rng(lib->crypto,
+ (rng_constructor_t)padlock_rng_create);
+ lib->crypto->remove_rng(lib->crypto,
+ (rng_constructor_t)padlock_rng_create);
+ }
+ if (this->features & PADLOCK_ACE2_ENABLED)
+ {
+ lib->crypto->remove_crypter(lib->crypto,
+ (crypter_constructor_t)padlock_aes_crypter_create);
+ }
+ if (this->features & PADLOCK_PHE_ENABLED)
+ {
+ lib->crypto->remove_hasher(lib->crypto,
+ (hasher_constructor_t)padlock_sha1_hasher_create);
+ }
free(this);
}
@@ -55,10 +139,42 @@ plugin_t *plugin_create()
this->public.plugin.destroy = (void(*)(plugin_t*))destroy;
- lib->crypto->add_crypter(lib->crypto, ENCR_AES_CBC,
- (crypter_constructor_t)padlock_aes_crypter_create);
- lib->crypto->add_hasher(lib->crypto, HASH_SHA1,
- (hasher_constructor_t)padlock_sha1_hasher_create);
+ this->features = get_padlock_features();
+ if (!this->features)
+ {
+ free(this);
+ return NULL;
+ }
+ DBG1("Padlock found, supports:%s%s%s%s%s, enabled:%s%s%s%s%s",
+ this->features & PADLOCK_RNG_AVAILABLE ? " RNG" : "",
+ this->features & PADLOCK_ACE_AVAILABLE ? " ACE" : "",
+ this->features & PADLOCK_ACE2_AVAILABLE ? " ACE2" : "",
+ this->features & PADLOCK_PHE_AVAILABLE ? " PHE" : "",
+ this->features & PADLOCK_PMM_AVAILABLE ? " PMM" : "",
+ this->features & PADLOCK_RNG_ENABLED ? " RNG" : "",
+ this->features & PADLOCK_ACE_ENABLED ? " ACE" : "",
+ this->features & PADLOCK_ACE2_ENABLED ? " ACE2" : "",
+ this->features & PADLOCK_PHE_ENABLED ? " PHE" : "",
+ this->features & PADLOCK_PMM_ENABLED ? " PMM" : "");
+ if (this->features & PADLOCK_RNG_ENABLED)
+ {
+ lib->crypto->add_rng(lib->crypto, RNG_REAL,
+ (rng_constructor_t)padlock_rng_create);
+ lib->crypto->add_rng(lib->crypto, RNG_STRONG,
+ (rng_constructor_t)padlock_rng_create);
+ lib->crypto->add_rng(lib->crypto, RNG_WEAK,
+ (rng_constructor_t)padlock_rng_create);
+ }
+ if (this->features & PADLOCK_ACE2_ENABLED)
+ {
+ lib->crypto->add_crypter(lib->crypto, ENCR_AES_CBC,
+ (crypter_constructor_t)padlock_aes_crypter_create);
+ }
+ if (this->features & PADLOCK_PHE_ENABLED)
+ {
+ lib->crypto->add_hasher(lib->crypto, HASH_SHA1,
+ (hasher_constructor_t)padlock_sha1_hasher_create);
+ }
return &this->public.plugin;
}
diff --git a/src/libstrongswan/plugins/padlock/padlock_rng.c b/src/libstrongswan/plugins/padlock/padlock_rng.c
new file mode 100644
index 000000000..50d9f0c43
--- /dev/null
+++ b/src/libstrongswan/plugins/padlock/padlock_rng.c
@@ -0,0 +1,136 @@
+/*
+ * Copyright (C) 2008 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ *
+ * $Id$
+ */
+
+#include "padlock_rng.h"
+
+typedef struct private_padlock_rng_t private_padlock_rng_t;
+typedef enum padlock_quality_factor_t padlock_quality_factor_t;
+
+/**
+ * Padlock RNG quality factors
+ */
+enum padlock_quality_factor_t {
+ /* Lowest quality: Reads 8 bytes */
+ PADLOCK_QF0 = 0x00,
+ /* Medium quality: Reads 4 bytes */
+ PADLOCK_QF1 = 0x01,
+ /* Better quality: Reads 2 bytes */
+ PADLOCK_QF2 = 0x10,
+ /* Highest quality: Reads 1 byte */
+ PADLOCK_QF3 = 0x11,
+};
+
+/**
+ * Private data of an padlock_rng_t object.
+ */
+struct private_padlock_rng_t {
+
+ /**
+ * Public padlock_rng_t interface.
+ */
+ padlock_rng_t public;
+
+ /**
+ * Padlock quality factor
+ */
+ padlock_quality_factor_t quality;
+};
+
+/**
+ * Get bytes from Padlock RNG. buf should have space for (len + 7)
+ */
+static void rng(char *buf, int len, int quality)
+{
+ while (len > 0)
+ {
+ int status;
+
+ /* run XSTORE until we have all bytes needed. We do not use REP, as
+ * this should not be performance critical and it's easier this way. */
+ asm volatile (
+ ".byte 0x0F,0xA7,0xC0 \n\t"
+ : "=D"(buf), "=a"(status)
+ : "d"(quality), "D"(buf));
+
+ /* bits[0..4] of status word contains the number of bytes read */
+ len -= status & 0x1F;
+ }
+}
+
+/**
+ * Implementation of padlock_rng_t.allocate_bytes.
+ */
+static void allocate_bytes(private_padlock_rng_t *this, size_t bytes,
+ chunk_t *chunk)
+{
+ chunk->len = bytes;
+ /* padlock requires some additional bytes */
+ chunk->ptr = malloc(bytes + 7);
+
+ rng(chunk->ptr, chunk->len, this->quality);
+}
+
+/**
+ * Implementation of padlock_rng_t.get_bytes.
+ */
+static void get_bytes(private_padlock_rng_t *this, size_t bytes,
+ u_int8_t *buffer)
+{
+ chunk_t chunk;
+
+ /* Padlock needs a larger buffer than "bytes", we need a new buffer */
+ allocate_bytes(this, bytes, &chunk);
+ memcpy(buffer, chunk.ptr, bytes);
+ chunk_clear(&chunk);
+}
+
+/**
+ * Implementation of padlock_rng_t.destroy.
+ */
+static void destroy(private_padlock_rng_t *this)
+{
+ free(this);
+}
+
+/*
+ * Described in header.
+ */
+padlock_rng_t *padlock_rng_create(rng_quality_t quality)
+{
+ private_padlock_rng_t *this = malloc_thing(private_padlock_rng_t);
+
+ this->public.rng.get_bytes = (void (*) (rng_t *, size_t, u_int8_t*)) get_bytes;
+ this->public.rng.allocate_bytes = (void (*) (rng_t *, size_t, chunk_t*)) allocate_bytes;
+ this->public.rng.destroy = (void (*) (rng_t *))destroy;
+
+ /* map RNG quality to Padlock quality factor */
+ switch (quality)
+ {
+ case RNG_WEAK:
+ this->quality = PADLOCK_QF0;
+ break;
+ case RNG_STRONG:
+ this->quality = PADLOCK_QF1;
+ break;
+ case RNG_REAL:
+ this->quality = PADLOCK_QF3;
+ break;
+ }
+
+ return &this->public;
+}
+
diff --git a/src/libstrongswan/plugins/padlock/padlock_rng.h b/src/libstrongswan/plugins/padlock/padlock_rng.h
new file mode 100644
index 000000000..a76ecd296
--- /dev/null
+++ b/src/libstrongswan/plugins/padlock/padlock_rng.h
@@ -0,0 +1,49 @@
+/*
+ * Copyright (C) 2008 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ *
+ * $Id$
+ */
+
+/**
+ * @defgroup padlock_rng padlock_rng
+ * @{ @ingroup padlock
+ */
+
+#ifndef PADLOCK_RNG_H_
+#define PADLOCK_RNG_H_
+
+#include <crypto/rngs/rng.h>
+
+typedef struct padlock_rng_t padlock_rng_t;
+
+/**
+ * Hardware-RNG based on via Padlock.
+ */
+struct padlock_rng_t {
+
+ /**
+ * Implements rng_t interface.
+ */
+ rng_t rng;
+};
+
+/**
+ * Create a padlock_rng instance.
+ *
+ * @param quality required quality of randomness
+ * @return created random_rng_t
+ */
+padlock_rng_t *padlock_rng_create(rng_quality_t quality);
+
+#endif /* PADLOCK_RNG_ @}*/
diff --git a/src/libstrongswan/plugins/pubkey/Makefile.in b/src/libstrongswan/plugins/pubkey/Makefile.in
index ef1004672..eb5e19f08 100644
--- a/src/libstrongswan/plugins/pubkey/Makefile.in
+++ b/src/libstrongswan/plugins/pubkey/Makefile.in
@@ -86,22 +86,17 @@ CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
CPP = @CPP@
CPPFLAGS = @CPPFLAGS@
-CXX = @CXX@
-CXXCPP = @CXXCPP@
-CXXDEPMODE = @CXXDEPMODE@
-CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DSYMUTIL = @DSYMUTIL@
-ECHO = @ECHO@
+DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
ECHO_T = @ECHO_T@
EGREP = @EGREP@
EXEEXT = @EXEEXT@
-F77 = @F77@
-FFLAGS = @FFLAGS@
+FGREP = @FGREP@
GPERF = @GPERF@
GREP = @GREP@
INSTALL = @INSTALL@
@@ -111,6 +106,7 @@ INSTALL_SCRIPT = @INSTALL_SCRIPT@
INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@
IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@
+LD = @LD@
LDFLAGS = @LDFLAGS@
LEX = @LEX@
LEXLIB = @LEXLIB@
@@ -119,12 +115,16 @@ LIBOBJS = @LIBOBJS@
LIBS = @LIBS@
LIBTOOL = @LIBTOOL@
LINUX_HEADERS = @LINUX_HEADERS@
+LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
MKDIR_P = @MKDIR_P@
+NM = @NM@
NMEDIT = @NMEDIT@
OBJEXT = @OBJEXT@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
PACKAGE_NAME = @PACKAGE_NAME@
@@ -147,8 +147,7 @@ abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
ac_ct_CC = @ac_ct_CC@
-ac_ct_CXX = @ac_ct_CXX@
-ac_ct_F77 = @ac_ct_F77@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
am__leading_dot = @am__leading_dot@
am__quote = @am__quote@
@@ -187,6 +186,7 @@ libstrongswan_plugins = @libstrongswan_plugins@
linuxdir = @linuxdir@
localedir = @localedir@
localstatedir = @localstatedir@
+lt_ECHO = @lt_ECHO@
mandir = @mandir@
mkdir_p = @mkdir_p@
nm_CFLAGS = @nm_CFLAGS@
diff --git a/src/libstrongswan/plugins/random/Makefile.in b/src/libstrongswan/plugins/random/Makefile.in
index 90b319520..f5e3c4cc9 100644
--- a/src/libstrongswan/plugins/random/Makefile.in
+++ b/src/libstrongswan/plugins/random/Makefile.in
@@ -85,22 +85,17 @@ CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
CPP = @CPP@
CPPFLAGS = @CPPFLAGS@
-CXX = @CXX@
-CXXCPP = @CXXCPP@
-CXXDEPMODE = @CXXDEPMODE@
-CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DSYMUTIL = @DSYMUTIL@
-ECHO = @ECHO@
+DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
ECHO_T = @ECHO_T@
EGREP = @EGREP@
EXEEXT = @EXEEXT@
-F77 = @F77@
-FFLAGS = @FFLAGS@
+FGREP = @FGREP@
GPERF = @GPERF@
GREP = @GREP@
INSTALL = @INSTALL@
@@ -110,6 +105,7 @@ INSTALL_SCRIPT = @INSTALL_SCRIPT@
INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@
IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@
+LD = @LD@
LDFLAGS = @LDFLAGS@
LEX = @LEX@
LEXLIB = @LEXLIB@
@@ -118,12 +114,16 @@ LIBOBJS = @LIBOBJS@
LIBS = @LIBS@
LIBTOOL = @LIBTOOL@
LINUX_HEADERS = @LINUX_HEADERS@
+LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
MKDIR_P = @MKDIR_P@
+NM = @NM@
NMEDIT = @NMEDIT@
OBJEXT = @OBJEXT@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
PACKAGE_NAME = @PACKAGE_NAME@
@@ -146,8 +146,7 @@ abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
ac_ct_CC = @ac_ct_CC@
-ac_ct_CXX = @ac_ct_CXX@
-ac_ct_F77 = @ac_ct_F77@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
am__leading_dot = @am__leading_dot@
am__quote = @am__quote@
@@ -186,6 +185,7 @@ libstrongswan_plugins = @libstrongswan_plugins@
linuxdir = @linuxdir@
localedir = @localedir@
localstatedir = @localstatedir@
+lt_ECHO = @lt_ECHO@
mandir = @mandir@
mkdir_p = @mkdir_p@
nm_CFLAGS = @nm_CFLAGS@
diff --git a/src/libstrongswan/plugins/sha1/Makefile.in b/src/libstrongswan/plugins/sha1/Makefile.in
index df6845b43..ece7381b2 100644
--- a/src/libstrongswan/plugins/sha1/Makefile.in
+++ b/src/libstrongswan/plugins/sha1/Makefile.in
@@ -85,22 +85,17 @@ CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
CPP = @CPP@
CPPFLAGS = @CPPFLAGS@
-CXX = @CXX@
-CXXCPP = @CXXCPP@
-CXXDEPMODE = @CXXDEPMODE@
-CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DSYMUTIL = @DSYMUTIL@
-ECHO = @ECHO@
+DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
ECHO_T = @ECHO_T@
EGREP = @EGREP@
EXEEXT = @EXEEXT@
-F77 = @F77@
-FFLAGS = @FFLAGS@
+FGREP = @FGREP@
GPERF = @GPERF@
GREP = @GREP@
INSTALL = @INSTALL@
@@ -110,6 +105,7 @@ INSTALL_SCRIPT = @INSTALL_SCRIPT@
INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@
IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@
+LD = @LD@
LDFLAGS = @LDFLAGS@
LEX = @LEX@
LEXLIB = @LEXLIB@
@@ -118,12 +114,16 @@ LIBOBJS = @LIBOBJS@
LIBS = @LIBS@
LIBTOOL = @LIBTOOL@
LINUX_HEADERS = @LINUX_HEADERS@
+LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
MKDIR_P = @MKDIR_P@
+NM = @NM@
NMEDIT = @NMEDIT@
OBJEXT = @OBJEXT@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
PACKAGE_NAME = @PACKAGE_NAME@
@@ -146,8 +146,7 @@ abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
ac_ct_CC = @ac_ct_CC@
-ac_ct_CXX = @ac_ct_CXX@
-ac_ct_F77 = @ac_ct_F77@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
am__leading_dot = @am__leading_dot@
am__quote = @am__quote@
@@ -186,6 +185,7 @@ libstrongswan_plugins = @libstrongswan_plugins@
linuxdir = @linuxdir@
localedir = @localedir@
localstatedir = @localstatedir@
+lt_ECHO = @lt_ECHO@
mandir = @mandir@
mkdir_p = @mkdir_p@
nm_CFLAGS = @nm_CFLAGS@
diff --git a/src/libstrongswan/plugins/sha2/Makefile.in b/src/libstrongswan/plugins/sha2/Makefile.in
index ea5610671..6b28b68a1 100644
--- a/src/libstrongswan/plugins/sha2/Makefile.in
+++ b/src/libstrongswan/plugins/sha2/Makefile.in
@@ -84,22 +84,17 @@ CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
CPP = @CPP@
CPPFLAGS = @CPPFLAGS@
-CXX = @CXX@
-CXXCPP = @CXXCPP@
-CXXDEPMODE = @CXXDEPMODE@
-CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DSYMUTIL = @DSYMUTIL@
-ECHO = @ECHO@
+DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
ECHO_T = @ECHO_T@
EGREP = @EGREP@
EXEEXT = @EXEEXT@
-F77 = @F77@
-FFLAGS = @FFLAGS@
+FGREP = @FGREP@
GPERF = @GPERF@
GREP = @GREP@
INSTALL = @INSTALL@
@@ -109,6 +104,7 @@ INSTALL_SCRIPT = @INSTALL_SCRIPT@
INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@
IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@
+LD = @LD@
LDFLAGS = @LDFLAGS@
LEX = @LEX@
LEXLIB = @LEXLIB@
@@ -117,12 +113,16 @@ LIBOBJS = @LIBOBJS@
LIBS = @LIBS@
LIBTOOL = @LIBTOOL@
LINUX_HEADERS = @LINUX_HEADERS@
+LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
MKDIR_P = @MKDIR_P@
+NM = @NM@
NMEDIT = @NMEDIT@
OBJEXT = @OBJEXT@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
PACKAGE_NAME = @PACKAGE_NAME@
@@ -145,8 +145,7 @@ abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
ac_ct_CC = @ac_ct_CC@
-ac_ct_CXX = @ac_ct_CXX@
-ac_ct_F77 = @ac_ct_F77@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
am__leading_dot = @am__leading_dot@
am__quote = @am__quote@
@@ -185,6 +184,7 @@ libstrongswan_plugins = @libstrongswan_plugins@
linuxdir = @linuxdir@
localedir = @localedir@
localstatedir = @localstatedir@
+lt_ECHO = @lt_ECHO@
mandir = @mandir@
mkdir_p = @mkdir_p@
nm_CFLAGS = @nm_CFLAGS@
diff --git a/src/libstrongswan/plugins/sqlite/Makefile.in b/src/libstrongswan/plugins/sqlite/Makefile.in
index 21773de32..e6732a195 100644
--- a/src/libstrongswan/plugins/sqlite/Makefile.in
+++ b/src/libstrongswan/plugins/sqlite/Makefile.in
@@ -86,22 +86,17 @@ CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
CPP = @CPP@
CPPFLAGS = @CPPFLAGS@
-CXX = @CXX@
-CXXCPP = @CXXCPP@
-CXXDEPMODE = @CXXDEPMODE@
-CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DSYMUTIL = @DSYMUTIL@
-ECHO = @ECHO@
+DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
ECHO_T = @ECHO_T@
EGREP = @EGREP@
EXEEXT = @EXEEXT@
-F77 = @F77@
-FFLAGS = @FFLAGS@
+FGREP = @FGREP@
GPERF = @GPERF@
GREP = @GREP@
INSTALL = @INSTALL@
@@ -111,6 +106,7 @@ INSTALL_SCRIPT = @INSTALL_SCRIPT@
INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@
IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@
+LD = @LD@
LDFLAGS = @LDFLAGS@
LEX = @LEX@
LEXLIB = @LEXLIB@
@@ -119,12 +115,16 @@ LIBOBJS = @LIBOBJS@
LIBS = @LIBS@
LIBTOOL = @LIBTOOL@
LINUX_HEADERS = @LINUX_HEADERS@
+LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
MKDIR_P = @MKDIR_P@
+NM = @NM@
NMEDIT = @NMEDIT@
OBJEXT = @OBJEXT@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
PACKAGE_NAME = @PACKAGE_NAME@
@@ -147,8 +147,7 @@ abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
ac_ct_CC = @ac_ct_CC@
-ac_ct_CXX = @ac_ct_CXX@
-ac_ct_F77 = @ac_ct_F77@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
am__leading_dot = @am__leading_dot@
am__quote = @am__quote@
@@ -187,6 +186,7 @@ libstrongswan_plugins = @libstrongswan_plugins@
linuxdir = @linuxdir@
localedir = @localedir@
localstatedir = @localstatedir@
+lt_ECHO = @lt_ECHO@
mandir = @mandir@
mkdir_p = @mkdir_p@
nm_CFLAGS = @nm_CFLAGS@
diff --git a/src/libstrongswan/plugins/x509/Makefile.in b/src/libstrongswan/plugins/x509/Makefile.in
index 01093e862..028bbd41a 100644
--- a/src/libstrongswan/plugins/x509/Makefile.in
+++ b/src/libstrongswan/plugins/x509/Makefile.in
@@ -86,22 +86,17 @@ CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
CPP = @CPP@
CPPFLAGS = @CPPFLAGS@
-CXX = @CXX@
-CXXCPP = @CXXCPP@
-CXXDEPMODE = @CXXDEPMODE@
-CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DSYMUTIL = @DSYMUTIL@
-ECHO = @ECHO@
+DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
ECHO_T = @ECHO_T@
EGREP = @EGREP@
EXEEXT = @EXEEXT@
-F77 = @F77@
-FFLAGS = @FFLAGS@
+FGREP = @FGREP@
GPERF = @GPERF@
GREP = @GREP@
INSTALL = @INSTALL@
@@ -111,6 +106,7 @@ INSTALL_SCRIPT = @INSTALL_SCRIPT@
INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@
IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@
+LD = @LD@
LDFLAGS = @LDFLAGS@
LEX = @LEX@
LEXLIB = @LEXLIB@
@@ -119,12 +115,16 @@ LIBOBJS = @LIBOBJS@
LIBS = @LIBS@
LIBTOOL = @LIBTOOL@
LINUX_HEADERS = @LINUX_HEADERS@
+LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
MKDIR_P = @MKDIR_P@
+NM = @NM@
NMEDIT = @NMEDIT@
OBJEXT = @OBJEXT@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
PACKAGE_NAME = @PACKAGE_NAME@
@@ -147,8 +147,7 @@ abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
ac_ct_CC = @ac_ct_CC@
-ac_ct_CXX = @ac_ct_CXX@
-ac_ct_F77 = @ac_ct_F77@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
am__leading_dot = @am__leading_dot@
am__quote = @am__quote@
@@ -187,6 +186,7 @@ libstrongswan_plugins = @libstrongswan_plugins@
linuxdir = @linuxdir@
localedir = @localedir@
localstatedir = @localstatedir@
+lt_ECHO = @lt_ECHO@
mandir = @mandir@
mkdir_p = @mkdir_p@
nm_CFLAGS = @nm_CFLAGS@
diff --git a/src/libstrongswan/plugins/x509/x509_ac.c b/src/libstrongswan/plugins/x509/x509_ac.c
index 257a903e4..fbb7707a1 100644
--- a/src/libstrongswan/plugins/x509/x509_ac.c
+++ b/src/libstrongswan/plugins/x509/x509_ac.c
@@ -409,7 +409,7 @@ static bool parse_certificate(private_x509_ac_t *this)
sig_alg = asn1_parse_algorithmIdentifier(object, level, NULL);
break;
case AC_OBJ_SERIAL_NUMBER:
- this->serialNumber = object;
+ this->serialNumber = chunk_clone(object);
break;
case AC_OBJ_NOT_BEFORE:
this->notBefore = asn1_to_time(&object, ASN1_GENERALIZEDTIME);
@@ -923,6 +923,7 @@ static void destroy(private_x509_ac_t *this)
ietfAttr_list_destroy(this->charging);
ietfAttr_list_destroy(this->groups);
+ free(this->serialNumber.ptr);
free(this->encoding.ptr);
free(this);
}
@@ -956,6 +957,7 @@ static private_x509_ac_t *create_empty(void)
/* initialize */
this->encoding = chunk_empty;
+ this->serialNumber = chunk_empty;
this->holderSerial = chunk_empty;
this->holderIssuer = NULL;
this->entityName = NULL;
diff --git a/src/libstrongswan/plugins/x509/x509_cert.c b/src/libstrongswan/plugins/x509/x509_cert.c
index 9f76c3486..e618f31d8 100644
--- a/src/libstrongswan/plugins/x509/x509_cert.c
+++ b/src/libstrongswan/plugins/x509/x509_cert.c
@@ -17,7 +17,7 @@
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*
- * $Id: x509_cert.c 4576 2008-11-05 08:32:38Z martin $
+ * $Id: x509_cert.c 4767 2008-12-08 19:15:38Z martin $
*/
#define _GNU_SOURCE
@@ -66,7 +66,7 @@ struct private_x509_cert_t {
* Public interface for this certificate.
*/
x509_cert_t public;
-
+
/**
* X.509 certificate encoding in ASN.1 DER format
*/
@@ -76,7 +76,7 @@ struct private_x509_cert_t {
* SHA1 hash of the DER encoding of this X.509 certificate
*/
chunk_t encoding_hash;
-
+
/**
* X.509 certificate body over which signature is computed
*/
@@ -96,17 +96,17 @@ struct private_x509_cert_t {
* ID representing the certificate issuer
*/
identification_t *issuer;
-
+
/**
* Start time of certificate validity
*/
time_t notBefore;
-
+
/**
* End time of certificate validity
*/
time_t notAfter;
-
+
/**
* ID representing the certificate subject
*/
@@ -121,12 +121,12 @@ struct private_x509_cert_t {
* List of crlDistributionPoints as allocated char*
*/
linked_list_t *crl_uris;
-
+
/**
* List ocspAccessLocations as identification_t
*/
linked_list_t *ocsp_uris;
-
+
/**
* certificates embedded public key
*/
@@ -136,12 +136,12 @@ struct private_x509_cert_t {
* Subject Key Identifier
*/
chunk_t subjectKeyID;
-
+
/**
* Authority Key Identifier
*/
identification_t *authKeyIdentifier;
-
+
/**
* Authority Key Serial Number
*/
@@ -151,18 +151,23 @@ struct private_x509_cert_t {
* x509 constraints and other flags
*/
x509_flag_t flags;
-
+
/**
* Signature algorithm
*/
int algorithm;
-
+
/**
* Signature
*/
chunk_t signature;
/**
+ * Certificate parsed from blob/file?
+ */
+ bool parsed;
+
+ /**
* reference count
*/
refcount_t ref;
@@ -258,7 +263,7 @@ static bool parse_otherName(chunk_t blob, int level0)
}
}
success = parser->success(parser);
-
+
end:
parser->destroy(parser);
return success;
@@ -306,16 +311,16 @@ static identification_t *parse_generalName(chunk_t blob, int level0)
asn1_parser_t *parser;
chunk_t object;
int objectID ;
-
+
identification_t *gn = NULL;
-
+
parser = asn1_parser_create(generalNameObjects, blob);
parser->set_top_level(parser, level0);
-
+
while (parser->iterate(parser, &objectID, &object))
{
id_type_t id_type = ID_ANY;
-
+
switch (objectID)
{
case GN_OBJ_RFC822_NAME:
@@ -329,7 +334,7 @@ static identification_t *parse_generalName(chunk_t blob, int level0)
break;
case GN_OBJ_DIRECTORY_NAME:
id_type = ID_DER_ASN1_DN;
- break;
+ break;
case GN_OBJ_IP_ADDRESS:
id_type = ID_IPV4_ADDR;
break;
@@ -350,12 +355,12 @@ static identification_t *parse_generalName(chunk_t blob, int level0)
gn = identification_create_from_encoding(id_type, object);
DBG2(" '%D'", gn);
goto end;
- }
- }
-
+ }
+ }
+
end:
parser->destroy(parser);
- return gn;
+ return gn;
}
/**
@@ -377,18 +382,18 @@ void x509_parse_generalNames(chunk_t blob, int level0, bool implicit, linked_lis
asn1_parser_t *parser;
chunk_t object;
int objectID;
-
+
parser = asn1_parser_create(generalNamesObjects, blob);
parser->set_top_level(parser, level0);
parser->set_flags(parser, implicit, FALSE);
-
+
while (parser->iterate(parser, &objectID, &object))
{
if (objectID == GENERAL_NAMES_GN)
{
identification_t *gn = parse_generalName(object,
parser->get_level(parser)+1);
-
+
if (gn)
{
list->insert_last(list, (void *)gn);
@@ -425,12 +430,12 @@ identification_t* x509_parse_authorityKeyIdentifier(chunk_t blob, int level0,
chunk_t object;
int objectID;
identification_t *authKeyIdentifier = NULL;
-
+
*authKeySerialNumber = chunk_empty;
-
+
parser = asn1_parser_create(authKeyIdentifierObjects, blob);
parser->set_top_level(parser, level0);
-
+
while (parser->iterate(parser, &objectID, &object))
{
switch (objectID)
@@ -480,7 +485,7 @@ static void parse_authorityInfoAccess(chunk_t blob, int level0,
parser = asn1_parser_create(authInfoAccessObjects, blob);
parser->set_top_level(parser, level0);
-
+
while (parser->iterate(parser, &objectID, &object))
{
switch (objectID)
@@ -497,7 +502,7 @@ static void parse_authorityInfoAccess(chunk_t blob, int level0,
{
identification_t *id;
char *uri;
-
+
id = parse_generalName(object,
parser->get_level(parser)+1);
if (id == NULL)
@@ -524,7 +529,7 @@ static void parse_authorityInfoAccess(chunk_t blob, int level0,
break;
}
}
-
+
end:
parser->destroy(parser);
}
@@ -552,7 +557,7 @@ static bool parse_extendedKeyUsage(chunk_t blob, int level0)
parser = asn1_parser_create(extendedKeyUsageObjects, blob);
parser->set_top_level(parser, level0);
-
+
while (parser->iterate(parser, &objectID, &object))
{
if (objectID == EXT_KEY_USAGE_PURPOSE_ID &&
@@ -599,13 +604,13 @@ static void parse_crlDistributionPoints(chunk_t blob, int level0,
parser = asn1_parser_create(crlDistributionPointsObjects, blob);
parser->set_top_level(parser, level0);
-
+
while (parser->iterate(parser, &objectID, &object))
{
if (objectID == CRL_DIST_POINTS_FULLNAME)
{
identification_t *id;
-
+
/* append extracted generalNames to existing chained list */
x509_parse_generalNames(object, parser->get_level(parser)+1,
TRUE, list);
@@ -613,7 +618,7 @@ static void parse_crlDistributionPoints(chunk_t blob, int level0,
while (list->remove_last(list, (void**)&id) == SUCCESS)
{
char *uri;
-
+
if (asprintf(&uri, "%D", id) > 0)
{
this->crl_uris->insert_last(this->crl_uris, uri);
@@ -687,11 +692,11 @@ static bool parse_certificate(private_x509_cert_t *this)
bool critical;
parser = asn1_parser_create(certObjects, this->encoding);
-
+
while (parser->iterate(parser, &objectID, &object))
{
u_int level = parser->get_level(parser)+1;
-
+
switch (objectID)
{
case X509_OBJ_TBS_CERTIFICATE:
@@ -806,7 +811,7 @@ static bool parse_certificate(private_x509_cert_t *this)
}
}
success = parser->success(parser);
-
+
end:
parser->destroy(parser);
return success;
@@ -850,7 +855,7 @@ static id_match_t has_subject(private_x509_cert_t *this, identification_t *subje
{
return ID_MATCH_PERFECT;
}
-
+
best = this->subject->matches(this->subject, subject);
enumerator = this->subjectAltNames->create_enumerator(this->subjectAltNames);
while (enumerator->enumerate(enumerator, &current))
@@ -1001,7 +1006,7 @@ static bool is_newer(certificate_t *this, certificate_t *that)
{
time_t this_update, that_update, now = time(NULL);
bool new;
-
+
this->get_validity(this, &now, &this_update, NULL);
that->get_validity(that, &now, &that_update, NULL);
new = this_update > that_update;
@@ -1026,7 +1031,7 @@ static bool equals(private_x509_cert_t *this, certificate_t *other)
{
chunk_t encoding;
bool equal;
-
+
if (this == (private_x509_cert_t*)other)
{
return TRUE;
@@ -1102,6 +1107,12 @@ static void destroy(private_x509_cert_t *this)
DESTROY_IF(this->authKeyIdentifier);
chunk_free(&this->encoding);
chunk_free(&this->encoding_hash);
+ if (!this->parsed)
+ { /* only parsed certificates point these fields to "encoded" */
+ chunk_free(&this->signature);
+ chunk_free(&this->serialNumber);
+ chunk_free(&this->tbsCertificate);
+ }
free(this);
}
}
@@ -1132,9 +1143,14 @@ static private_x509_cert_t* create_empty(void)
this->public.interface.create_subjectAltName_enumerator = (enumerator_t* (*)(x509_t*))create_subjectAltName_enumerator;
this->public.interface.create_crl_uri_enumerator = (enumerator_t* (*)(x509_t*))create_crl_uri_enumerator;
this->public.interface.create_ocsp_uri_enumerator = (enumerator_t* (*)(x509_t*))create_ocsp_uri_enumerator;
-
+
this->encoding = chunk_empty;
this->encoding_hash = chunk_empty;
+ this->tbsCertificate = chunk_empty;
+ this->version = 3;
+ this->serialNumber = chunk_empty;
+ this->notBefore = 0;
+ this->notAfter = 0;
this->public_key = NULL;
this->subject = NULL;
this->issuer = NULL;
@@ -1144,9 +1160,12 @@ static private_x509_cert_t* create_empty(void)
this->subjectKeyID = chunk_empty;
this->authKeyIdentifier = NULL;
this->authKeySerialNumber = chunk_empty;
+ this->algorithm = 0;
+ this->signature = chunk_empty;
this->flags = 0;
this->ref = 1;
-
+ this->parsed = FALSE;
+
return this;
}
@@ -1155,22 +1174,23 @@ static private_x509_cert_t* create_empty(void)
*/
static private_x509_cert_t *create_from_chunk(chunk_t chunk)
{
+ hasher_t *hasher;
private_x509_cert_t *this = create_empty();
-
+
this->encoding = chunk;
if (!parse_certificate(this))
{
destroy(this);
return NULL;
}
-
+
/* check if the certificate is self-signed */
if (issued_by(this, &this->public.interface.interface))
{
this->flags |= X509_SELF_SIGNED;
}
- hasher_t *hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
+ hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
if (hasher != NULL)
{
hasher->allocate_hash(hasher, this->encoding, &this->encoding_hash);
@@ -1181,6 +1201,7 @@ static private_x509_cert_t *create_from_chunk(chunk_t chunk)
DBG1(" unable to create hash of certificate, SHA1 not supported");
}
+ this->parsed = TRUE;
return this;
}
@@ -1207,7 +1228,6 @@ static private_x509_cert_t *create_from_file(char *path)
}
DBG1(" loaded certificate file '%s'", path);
return this;
-
}
typedef struct private_builder_t private_builder_t;
@@ -1221,21 +1241,137 @@ struct private_builder_t {
private_x509_cert_t *cert;
/** additional flags to enforce */
x509_flag_t flags;
+ /** certificate to sign, if we generate a new cert */
+ certificate_t *sign_cert;
+ /** private key to sign, if we generate a new cert */
+ private_key_t *sign_key;
};
/**
+ * Generate and sign a new certificate
+ */
+static bool generate(private_builder_t *this)
+{
+ chunk_t extensions = chunk_empty;
+ identification_t *issuer, *subject;
+ chunk_t key_info, key;
+ signature_scheme_t scheme;
+ hasher_t *hasher;
+
+ subject = this->cert->subject;
+ if (this->sign_cert)
+ {
+ issuer = this->sign_cert->get_subject(this->sign_cert);
+ if (!this->cert->public_key)
+ {
+ return FALSE;
+ }
+ }
+ else
+ { /* self signed */
+ issuer = subject;
+ if (!this->cert->public_key)
+ {
+ this->cert->public_key = this->sign_key->get_public_key(this->sign_key);
+ }
+ this->flags |= X509_SELF_SIGNED;
+ }
+ this->cert->issuer = issuer->clone(issuer);
+ if (!this->cert->notBefore)
+ {
+ this->cert->notBefore = time(NULL);
+ }
+ if (!this->cert->notAfter)
+ { /* defaults to 1 years from now on */
+ this->cert->notAfter = this->cert->notBefore + 60 * 60 * 24 * 365;
+ }
+ this->cert->flags = this->flags;
+
+ switch (this->sign_key->get_type(this->sign_key))
+ {
+ case KEY_RSA:
+ this->cert->algorithm = OID_SHA1_WITH_RSA;
+ scheme = SIGN_RSA_EMSA_PKCS1_SHA1;
+ break;
+ default:
+ return FALSE;
+ }
+
+ switch (this->cert->public_key->get_type(this->cert->public_key))
+ {
+ case KEY_RSA:
+ key = this->cert->public_key->get_encoding(this->cert->public_key);
+ key_info = asn1_wrap(ASN1_SEQUENCE, "cm",
+ asn1_algorithmIdentifier(OID_RSA_ENCRYPTION),
+ asn1_bitstring("m", key));
+ break;
+ default:
+ return FALSE;
+ }
+
+ if (this->cert->subjectAltNames->get_count(this->cert->subjectAltNames))
+ {
+ /* TODO: encode subjectAltNames */
+ }
+
+ this->cert->tbsCertificate = asn1_wrap(ASN1_SEQUENCE, "mmccmcmm",
+ asn1_simple_object(ASN1_CONTEXT_C_0, ASN1_INTEGER_2),
+ asn1_simple_object(ASN1_INTEGER, this->cert->serialNumber),
+ asn1_algorithmIdentifier(this->cert->algorithm),
+ issuer->get_encoding(issuer),
+ asn1_wrap(ASN1_SEQUENCE, "mm",
+ asn1_from_time(&this->cert->notBefore, ASN1_UTCTIME),
+ asn1_from_time(&this->cert->notAfter, ASN1_UTCTIME)),
+ subject->get_encoding(subject),
+ key_info, extensions);
+
+ if (!this->sign_key->sign(this->sign_key, scheme,
+ this->cert->tbsCertificate, &this->cert->signature))
+ {
+ return FALSE;
+ }
+ this->cert->encoding = asn1_wrap(ASN1_SEQUENCE, "ccm",
+ this->cert->tbsCertificate,
+ asn1_algorithmIdentifier(this->cert->algorithm),
+ asn1_bitstring("c", this->cert->signature));
+
+ hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
+ if (!hasher)
+ {
+ return FALSE;
+ }
+ hasher->allocate_hash(hasher, this->cert->encoding,
+ &this->cert->encoding_hash);
+ hasher->destroy(hasher);
+ return TRUE;
+}
+
+/**
* Implementation of builder_t.build
*/
static private_x509_cert_t *build(private_builder_t *this)
{
- private_x509_cert_t *cert = this->cert;
- x509_flag_t flags = this->flags;
-
+ private_x509_cert_t *cert;
+ x509_flag_t flags;
+
+ if (this->cert && !this->cert->encoding.ptr)
+ {
+ if (!this->sign_key || !this->cert ||
+ !generate(this))
+ {
+ destroy(this->cert);
+ free(this);
+ return NULL;
+ }
+ }
+ cert = this->cert;
+ flags = this->flags;
free(this);
if (cert == NULL)
{
return NULL;
}
+
if ((flags & X509_CA) && !(cert->flags & X509_CA))
{
DBG1(" ca certificate must have ca basic constraint set, discarded");
@@ -1253,6 +1389,7 @@ static void add(private_builder_t *this, builder_part_t part, ...)
{
va_list args;
chunk_t chunk;
+ bool handled = TRUE;
va_start(args, part);
switch (part)
@@ -1267,6 +1404,60 @@ static void add(private_builder_t *this, builder_part_t part, ...)
case BUILD_X509_FLAG:
this->flags = va_arg(args, x509_flag_t);
break;
+ case BUILD_SIGNING_KEY:
+ this->sign_key = va_arg(args, private_key_t*);
+ break;
+ case BUILD_SIGNING_CERT:
+ this->sign_cert = va_arg(args, certificate_t*);
+ break;
+ default:
+ /* all other parts need an empty cert */
+ if (!this->cert)
+ {
+ this->cert = create_empty();
+ }
+ handled = FALSE;
+ break;
+ }
+ if (handled)
+ {
+ va_end(args);
+ return;
+ }
+
+ switch (part)
+ {
+ case BUILD_PUBLIC_KEY:
+ {
+ public_key_t *key = va_arg(args, public_key_t*);
+ this->cert->public_key = key->get_ref(key);
+ break;
+ }
+ case BUILD_SUBJECT:
+ {
+ identification_t *id = va_arg(args, identification_t*);
+ this->cert->subject = id->clone(id);
+ break;
+ }
+ case BUILD_SUBJECT_ALTNAME:
+ {
+ identification_t *id = va_arg(args, identification_t*);
+ this->cert->subjectAltNames->insert_last(
+ this->cert->subjectAltNames, id->clone(id));
+ break;
+ }
+ case BUILD_NOT_BEFORE_TIME:
+ this->cert->notBefore = va_arg(args, time_t);
+ break;
+ case BUILD_NOT_AFTER_TIME:
+ this->cert->notAfter = va_arg(args, time_t);
+ break;
+ case BUILD_SERIAL:
+ {
+ chunk_t serial = va_arg(args, chunk_t);
+ this->cert->serialNumber = chunk_clone(serial);
+ break;
+ }
default:
/* abort if unsupported option */
if (this->cert)
@@ -1295,6 +1486,8 @@ builder_t *x509_cert_builder(certificate_type_t type)
this->cert = NULL;
this->flags = 0;
+ this->sign_cert = NULL;
+ this->sign_key = NULL;
this->public.add = (void(*)(builder_t *this, builder_part_t part, ...))add;
this->public.build = (void*(*)(builder_t *this))build;
diff --git a/src/libstrongswan/plugins/xcbc/Makefile.in b/src/libstrongswan/plugins/xcbc/Makefile.in
index 898142582..48c6ef954 100644
--- a/src/libstrongswan/plugins/xcbc/Makefile.in
+++ b/src/libstrongswan/plugins/xcbc/Makefile.in
@@ -85,22 +85,17 @@ CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
CPP = @CPP@
CPPFLAGS = @CPPFLAGS@
-CXX = @CXX@
-CXXCPP = @CXXCPP@
-CXXDEPMODE = @CXXDEPMODE@
-CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DSYMUTIL = @DSYMUTIL@
-ECHO = @ECHO@
+DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
ECHO_T = @ECHO_T@
EGREP = @EGREP@
EXEEXT = @EXEEXT@
-F77 = @F77@
-FFLAGS = @FFLAGS@
+FGREP = @FGREP@
GPERF = @GPERF@
GREP = @GREP@
INSTALL = @INSTALL@
@@ -110,6 +105,7 @@ INSTALL_SCRIPT = @INSTALL_SCRIPT@
INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@
IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@
+LD = @LD@
LDFLAGS = @LDFLAGS@
LEX = @LEX@
LEXLIB = @LEXLIB@
@@ -118,12 +114,16 @@ LIBOBJS = @LIBOBJS@
LIBS = @LIBS@
LIBTOOL = @LIBTOOL@
LINUX_HEADERS = @LINUX_HEADERS@
+LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
MKDIR_P = @MKDIR_P@
+NM = @NM@
NMEDIT = @NMEDIT@
OBJEXT = @OBJEXT@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
PACKAGE_NAME = @PACKAGE_NAME@
@@ -146,8 +146,7 @@ abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
ac_ct_CC = @ac_ct_CC@
-ac_ct_CXX = @ac_ct_CXX@
-ac_ct_F77 = @ac_ct_F77@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
am__leading_dot = @am__leading_dot@
am__quote = @am__quote@
@@ -186,6 +185,7 @@ libstrongswan_plugins = @libstrongswan_plugins@
linuxdir = @linuxdir@
localedir = @localedir@
localstatedir = @localstatedir@
+lt_ECHO = @lt_ECHO@
mandir = @mandir@
mkdir_p = @mkdir_p@
nm_CFLAGS = @nm_CFLAGS@
diff --git a/src/libstrongswan/utils.c b/src/libstrongswan/utils.c
index b2134dfc7..4e6a09c4f 100644
--- a/src/libstrongswan/utils.c
+++ b/src/libstrongswan/utils.c
@@ -13,17 +13,17 @@
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*
- * $Id: utils.c 4305 2008-08-28 07:47:55Z tobias $
+ * $Id: utils.c 4742 2008-12-03 09:45:58Z tobias $
*/
#include "utils.h"
#include <sys/stat.h>
#include <string.h>
-#include <pthread.h>
#include <stdio.h>
#include <unistd.h>
#include <dirent.h>
+#include <time.h>
#include <enum.h>
#include <debug.h>
@@ -61,16 +61,41 @@ void *clalloc(void * pointer, size_t size)
*/
void memxor(u_int8_t dest[], u_int8_t src[], size_t n)
{
- size_t i;
- for (i = 0; i < n; i++)
+ int i = 0, m;
+
+ m = n - sizeof(long);
+ while (i < m)
+ {
+ *(long*)(dest + i) ^= *(long*)(src + i);
+ i += sizeof(long);
+ }
+ while (i < n)
{
dest[i] ^= src[i];
+ i++;
}
}
/**
* Described in header.
*/
+void *memstr(const void *haystack, const char *needle, size_t n)
+{
+ unsigned const char *pos = haystack;
+ size_t l = strlen(needle);
+ for (; n >= l; ++pos, --n)
+ {
+ if (memeq(pos, needle, l))
+ {
+ return (void*)pos;
+ }
+ }
+ return NULL;
+}
+
+/**
+ * Described in header.
+ */
bool mkdir_p(const char *path, mode_t mode)
{
size_t len;
@@ -129,19 +154,16 @@ void nop()
{
}
+#ifndef HAVE_GCC_ATOMIC_OPERATIONS
+#include <pthread.h>
+
/**
- * We use a single mutex for all refcount variables. This
- * is not optimal for performance, but the critical section
- * is not that long...
- * TODO: Consider to include a mutex in each refcount_t variable.
+ * We use a single mutex for all refcount variables.
*/
static pthread_mutex_t ref_mutex = PTHREAD_MUTEX_INITIALIZER;
/**
- * Described in header.
- *
- * TODO: May be implemented with atomic CPU instructions
- * instead of a mutex.
+ * Increase refcount
*/
void ref_get(refcount_t *ref)
{
@@ -151,10 +173,7 @@ void ref_get(refcount_t *ref)
}
/**
- * Described in header.
- *
- * TODO: May be implemented with atomic CPU instructions
- * instead of a mutex.
+ * Decrease refcount
*/
bool ref_put(refcount_t *ref)
{
@@ -165,6 +184,7 @@ bool ref_put(refcount_t *ref)
pthread_mutex_unlock(&ref_mutex);
return !more_refs;
}
+#endif /* HAVE_GCC_ATOMIC_OPERATIONS */
/**
* output handler in printf() for time_t
diff --git a/src/libstrongswan/utils.h b/src/libstrongswan/utils.h
index a5900201a..b26a17b01 100644
--- a/src/libstrongswan/utils.h
+++ b/src/libstrongswan/utils.h
@@ -13,7 +13,7 @@
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*
- * $Id: utils.h 4632 2008-11-11 18:37:19Z martin $
+ * $Id: utils.h 4742 2008-12-03 09:45:58Z tobias $
*/
/**
@@ -225,6 +225,12 @@ void *clalloc(void *pointer, size_t size);
void memxor(u_int8_t dest[], u_int8_t src[], size_t n);
/**
+ * A variant of strstr with the characteristics of memchr, where haystack is not
+ * a null-terminated string but simply a memory area of length n.
+ */
+void *memstr(const void *haystack, const char *needle, size_t n);
+
+/**
* Creates a directory and all required parent directories.
*
* @param path path to the new directory
@@ -248,6 +254,14 @@ void nop();
*/
typedef volatile u_int refcount_t;
+
+#ifdef HAVE_GCC_ATOMIC_OPERATIONS
+
+#define ref_get(ref) {__sync_fetch_and_add(ref, 1); }
+#define ref_put(ref) (!__sync_sub_and_fetch(ref, 1))
+
+#else /* !HAVE_GCC_ATOMIC_OPERATIONS */
+
/**
* Get a new reference.
*
@@ -268,6 +282,8 @@ void ref_get(refcount_t *ref);
*/
bool ref_put(refcount_t *ref);
+#endif /* HAVE_GCC_ATOMIC_OPERATIONS */
+
/**
* Get printf hooks for time.
*
diff --git a/src/libstrongswan/utils/enumerator.c b/src/libstrongswan/utils/enumerator.c
index 4ebc2e097..e7653a9b2 100644
--- a/src/libstrongswan/utils/enumerator.c
+++ b/src/libstrongswan/utils/enumerator.c
@@ -1,4 +1,5 @@
/*
+ * Copyright (C) 2008 Tobias Brunner
* Copyright (C) 2007 Martin Willi
* Hochschule fuer Technik Rapperswil
*
@@ -12,7 +13,7 @@
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*
- * $Id: enumerator.c 4142 2008-07-02 08:09:07Z martin $
+ * $Id: enumerator.c 4744 2008-12-03 10:03:59Z tobias $
*/
#include "enumerator.h"
@@ -215,27 +216,48 @@ static bool enumerate_token_enum(token_enum_t *this, char **token)
}
}
- /* find separators */
- sep = this->sep;
- while (*sep)
+ switch (*this->pos)
{
- tmp = strchr(this->pos, *sep);
- if (tmp && (pos == NULL || tmp < pos))
+ case '"':
+ case '\'':
{
- pos = tmp;
+ /* read quoted token */
+ tmp = strchr(this->pos + 1, *this->pos);
+ if (tmp)
+ {
+ *token = this->pos + 1;
+ *tmp = '\0';
+ this->pos = tmp + 1;
+ return TRUE;
+ }
+ /* unterminated string, FALL-THROUGH */
+ }
+ default:
+ {
+ /* find nearest separator */
+ sep = this->sep;
+ while (*sep)
+ {
+ tmp = strchr(this->pos, *sep);
+ if (tmp && (pos == NULL || tmp < pos))
+ {
+ pos = tmp;
+ }
+ sep++;
+ }
+ *token = this->pos;
+ if (pos)
+ {
+ *pos = '\0';
+ this->pos = pos + 1;
+ }
+ else
+ {
+ last = TRUE;
+ pos = this->pos = strchr(this->pos, '\0');
+ }
+ break;
}
- sep++;
- }
- *token = this->pos;
- if (pos)
- {
- *pos = '\0';
- this->pos = pos + 1;
- }
- else
- {
- last = TRUE;
- pos = this->pos = strchr(this->pos, '\0');
}
/* trim trailing characters/separators */
@@ -268,7 +290,7 @@ static bool enumerate_token_enum(token_enum_t *this, char **token)
}
}
- if (!last || pos > *token)
+ if (!last || pos >= *token)
{
return TRUE;
}
diff --git a/src/libstrongswan/utils/hashtable.c b/src/libstrongswan/utils/hashtable.c
new file mode 100644
index 000000000..892d08b6c
--- /dev/null
+++ b/src/libstrongswan/utils/hashtable.c
@@ -0,0 +1,433 @@
+/*
+ * Copyright (C) 2008 Tobias Brunner
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ *
+ * $Id: hashtable.c 4812 2008-12-17 09:56:05Z tobias $
+ */
+
+#include <utils/linked_list.h>
+
+#include "hashtable.h"
+
+/** The maximum capacity of the hash table (MUST be a power of 2) */
+#define MAX_CAPACITY (1 << 30)
+
+typedef struct pair_t pair_t;
+
+/**
+ * This pair holds a pointer to the key and value it represents.
+ */
+struct pair_t {
+ /**
+ * Key of a hash table item.
+ */
+ void *key;
+
+ /**
+ * Value of a hash table item.
+ */
+ void *value;
+
+ /**
+ * Cached hash (used in case of a resize).
+ */
+ u_int hash;
+};
+
+/**
+ * Creates an empty pair object.
+ */
+pair_t *pair_create(void *key, void *value, u_int hash)
+{
+ pair_t *this = malloc_thing(pair_t);
+
+ this->key = key;
+ this->value = value;
+ this->hash = hash;
+
+ return this;
+}
+
+typedef struct private_hashtable_t private_hashtable_t;
+
+/**
+ * Private data of a hashtable_t object.
+ *
+ */
+struct private_hashtable_t {
+ /**
+ * Public part of hash table.
+ */
+ hashtable_t public;
+
+ /**
+ * The number of items in the hash table.
+ */
+ u_int count;
+
+ /**
+ * The current capacity of the hash table (always a power of 2).
+ */
+ u_int capacity;
+
+ /**
+ * The current mask to calculate the row index (capacity - 1).
+ */
+ u_int mask;
+
+ /**
+ * The load factor.
+ */
+ float load_factor;
+
+ /**
+ * The actual table.
+ */
+ linked_list_t **table;
+
+ /**
+ * The hashing function.
+ */
+ hashtable_hash_t hash;
+
+ /**
+ * The equality function.
+ */
+ hashtable_equals_t equals;
+};
+
+typedef struct private_enumerator_t private_enumerator_t;
+
+/**
+ * hash table enumerator implementation
+ */
+struct private_enumerator_t {
+
+ /**
+ * implements enumerator interface
+ */
+ enumerator_t enumerator;
+
+ /**
+ * associated hash table
+ */
+ private_hashtable_t *table;
+
+ /**
+ * current row index
+ */
+ u_int row;
+
+ /**
+ * enumerator for the current row
+ */
+ enumerator_t *current;
+};
+
+/**
+ * Compare a pair in a list with the given key.
+ */
+static inline bool pair_equals(pair_t *pair, private_hashtable_t *this, void *key)
+{
+ return this->equals(key, pair->key);
+}
+
+/**
+ * This function returns the next-highest power of two for the given number.
+ * The algorithm works by setting all bits on the right-hand side of the most
+ * significant 1 to 1 and then increments the whole number so it rolls over
+ * to the nearest power of two. Note: returns 0 for n == 0
+ */
+static u_int get_nearest_powerof2(u_int n)
+{
+ u_int i;
+ --n;
+ for (i = 1; i < sizeof(u_int) * 8; i <<= 1)
+ {
+ n |= n >> i;
+ }
+ return ++n;
+}
+
+/**
+ * Init hash table parameters
+ */
+static void init_hashtable(private_hashtable_t *this, u_int capacity)
+{
+ capacity = max(1, min(capacity, MAX_CAPACITY));
+ this->capacity = get_nearest_powerof2(capacity);
+ this->mask = this->capacity - 1;
+ this->load_factor = 0.75;
+
+ this->table = calloc(this->capacity, sizeof(linked_list_t*));
+}
+
+/**
+ * Double the size of the hash table and rehash all the elements.
+ */
+static void rehash(private_hashtable_t *this)
+{
+ u_int row;
+ u_int old_capacity = this->capacity;
+ linked_list_t **old_table = this->table;
+
+ if (old_capacity >= MAX_CAPACITY)
+ {
+ return;
+ }
+
+ init_hashtable(this, old_capacity << 1);
+
+ for (row = 0; row < old_capacity; ++row)
+ {
+ linked_list_t *list;
+ if ((list = old_table[row]) != NULL)
+ {
+ pair_t *pair;
+ enumerator_t *enumerator = list->create_enumerator(list);
+ while (enumerator->enumerate(enumerator, &pair))
+ {
+ linked_list_t *new_list;
+ u_int new_row = pair->hash & this->mask;
+ list->remove_at(list, enumerator);
+ if ((new_list = this->table[new_row]) == NULL)
+ {
+ new_list = this->table[new_row] = linked_list_create();
+ }
+ new_list->insert_last(new_list, pair);
+ }
+ enumerator->destroy(enumerator);
+ list->destroy(list);
+ }
+ }
+ free(old_table);
+}
+
+/**
+ * Implementation of hashtable_t.put
+ */
+static void *put(private_hashtable_t *this, void *key, void *value)
+{
+ linked_list_t *list;
+ void *old_value = NULL;
+ u_int hash = this->hash(key);
+ u_int row = hash & this->mask;
+
+ if ((list = this->table[row]) != NULL)
+ {
+ pair_t *pair;
+ enumerator_t *enumerator = list->create_enumerator(list);
+ while (enumerator->enumerate(enumerator, &pair))
+ {
+ if (pair_equals(pair, this, key))
+ {
+ old_value = pair->value;
+ pair->value = value;
+ break;
+ }
+ }
+ enumerator->destroy(enumerator);
+ }
+ else
+ {
+ list = this->table[row] = linked_list_create();
+ }
+
+ if (!old_value)
+ {
+ list->insert_last(list, pair_create(key, value, hash));
+ this->count++;
+ }
+
+ if (this->count >= this->capacity * this->load_factor)
+ {
+ rehash(this);
+ }
+
+ return old_value;
+}
+
+/**
+ * Implementation of hashtable_t.get
+ */
+static void *get(private_hashtable_t *this, void *key)
+{
+ void *value = NULL;
+ linked_list_t *list;
+ u_int row = this->hash(key) & this->mask;
+
+ if ((list = this->table[row]) != NULL)
+ {
+ pair_t *pair;
+ if (list->find_first(list, (linked_list_match_t)pair_equals,
+ (void**)&pair, this, key) == SUCCESS)
+ {
+ value = pair->value;
+ }
+ }
+
+ return value;
+}
+
+/**
+ * Implementation of hashtable_t.remove
+ */
+static void *remove(private_hashtable_t *this, void *key)
+{
+ void *value = NULL;
+ linked_list_t *list;
+ u_int row = this->hash(key) & this->mask;
+
+ if ((list = this->table[row]) != NULL)
+ {
+ pair_t *pair;
+ enumerator_t *enumerator = list->create_enumerator(list);
+ while (enumerator->enumerate(enumerator, &pair))
+ {
+ if (pair_equals(pair, this, key))
+ {
+ list->remove_at(list, enumerator);
+ value = pair->value;
+ this->count--;
+ free(pair);
+ break;
+ }
+ }
+ enumerator->destroy(enumerator);
+ }
+
+ return value;
+}
+
+/**
+ * Implementation of hashtable_t.get_count
+ */
+static u_int get_count(private_hashtable_t *this)
+{
+ return this->count;
+}
+
+/**
+ * Implementation of private_enumerator_t.enumerator.enumerate.
+ */
+static bool enumerate(private_enumerator_t *this, void **key, void **value)
+{
+ while (this->row < this->table->capacity)
+ {
+ if (this->current)
+ {
+ pair_t *pair;
+
+ if (this->current->enumerate(this->current, &pair))
+ {
+ if (key)
+ {
+ *key = pair->key;
+ }
+ if (value)
+ {
+ *value = pair->value;
+ }
+ return TRUE;
+ }
+ this->current->destroy(this->current);
+ this->current = NULL;
+ }
+ else
+ {
+ linked_list_t *list;
+
+ if ((list = this->table->table[this->row]) != NULL)
+ {
+ this->current = list->create_enumerator(list);
+ continue;
+ }
+ }
+ this->row++;
+ }
+ return FALSE;
+}
+
+/**
+ * Implementation of private_enumerator_t.enumerator.destroy.
+ */
+static void enumerator_destroy(private_enumerator_t *this)
+{
+ if (this->current)
+ {
+ this->current->destroy(this->current);
+ }
+ free(this);
+}
+
+/**
+ * Implementation of hashtable_t.create_enumerator.
+ */
+static enumerator_t* create_enumerator(private_hashtable_t *this)
+{
+ private_enumerator_t *enumerator = malloc_thing(private_enumerator_t);
+
+ enumerator->enumerator.enumerate = (void*)enumerate;
+ enumerator->enumerator.destroy = (void*)enumerator_destroy;
+ enumerator->table = this;
+ enumerator->row = 0;
+ enumerator->current = NULL;
+
+ return &enumerator->enumerator;
+}
+
+/**
+ * Implementation of hashtable_t.destroy
+ */
+static void destroy(private_hashtable_t *this)
+{
+ u_int row;
+ for (row = 0; row < this->capacity; ++row)
+ {
+ linked_list_t *list;
+ if ((list = this->table[row]) != NULL)
+ {
+ list->destroy_function(list, free);
+ }
+ }
+ free(this->table);
+ free(this);
+}
+
+/*
+ * Described in header.
+ */
+hashtable_t *hashtable_create(hashtable_hash_t hash, hashtable_equals_t equals,
+ u_int capacity)
+{
+ private_hashtable_t *this = malloc_thing(private_hashtable_t);
+
+ this->public.put = (void*(*)(hashtable_t*,void*,void*))put;
+ this->public.get = (void*(*)(hashtable_t*,void*))get;
+ this->public.remove = (void*(*)(hashtable_t*,void*))remove;
+ this->public.get_count = (u_int(*)(hashtable_t*))get_count;
+ this->public.create_enumerator = (enumerator_t*(*)(hashtable_t*))create_enumerator;
+ this->public.destroy = (void(*)(hashtable_t*))destroy;
+
+ this->count = 0;
+ this->capacity = 0;
+ this->mask = 0;
+ this->load_factor = 0;
+ this->table = NULL;
+ this->hash = hash;
+ this->equals = equals;
+
+ init_hashtable(this, capacity);
+
+ return &this->public;
+}
diff --git a/src/libstrongswan/utils/hashtable.h b/src/libstrongswan/utils/hashtable.h
new file mode 100644
index 000000000..3d3005e73
--- /dev/null
+++ b/src/libstrongswan/utils/hashtable.h
@@ -0,0 +1,116 @@
+/*
+ * Copyright (C) 2008 Tobias Brunner
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ *
+ * $Id: hashtable.h 4762 2008-12-05 10:01:52Z martin $
+ */
+
+/**
+ * @defgroup hashtable hashtable
+ * @{ @ingroup utils
+ */
+
+#ifndef HASHTABLE_H_
+#define HASHTABLE_H_
+
+#include <utils/enumerator.h>
+
+typedef struct hashtable_t hashtable_t;
+
+/**
+ * Prototype for a function that computes the hash code from the given key.
+ *
+ * @param key key to hash
+ * @return hash code
+ */
+typedef u_int (*hashtable_hash_t)(void *key);
+
+/**
+ * Prototype for a function that compares the two keys for equality.
+ *
+ * @param key first key (the one we are looking for)
+ * @param other_key second key
+ * @return TRUE if the keys are equal
+ */
+typedef bool (*hashtable_equals_t)(void *key, void *other_key);
+
+/**
+ * Class implementing a hash table.
+ *
+ * General purpose hash table. This hash table is not synchronized.
+ */
+struct hashtable_t {
+
+ /**
+ * Create an enumerator over the hash table key/value pairs.
+ *
+ * @return enumerator over (void *key, void *value)
+ */
+ enumerator_t *(*create_enumerator) (hashtable_t *this);
+
+ /**
+ * Adds the given value with the given key to the hash table, if there
+ * exists no entry with that key. NULL is returned in this case.
+ * Otherwise the existing value is replaced and the function returns the
+ * old value.
+ *
+ * @param key the key to store
+ * @param value the value to store
+ * @return NULL if no item was replaced, the old value otherwise
+ */
+ void *(*put) (hashtable_t *this, void *key, void *value);
+
+ /**
+ * Returns the value with the given key, if the hash table contains such an
+ * entry, otherwise NULL is returned.
+ *
+ * @param key the key of the requested value
+ * @return the value, NULL if not found
+ */
+ void *(*get) (hashtable_t *this, void *key);
+
+ /**
+ * Removes the value with the given key from the hash table and returns the
+ * removed value (or NULL if no such value existed).
+ *
+ * @param key the key of the value to remove
+ * @return the removed value, NULL if not found
+ */
+ void *(*remove) (hashtable_t *this, void *key);
+
+ /**
+ * Gets the number of items in the hash table.
+ *
+ * @return number of items
+ */
+ u_int (*get_count) (hashtable_t *this);
+
+ /**
+ * Destroys a hash table object.
+ */
+ void (*destroy) (hashtable_t *this);
+
+};
+
+/**
+ * Creates an empty hash table object.
+ *
+ * @param hash hash function
+ * @param equals equals function
+ * @param capacity initial capacity
+ * @return hashtable_t object.
+ */
+hashtable_t *hashtable_create(hashtable_hash_t hash, hashtable_equals_t equals,
+ u_int capacity);
+
+#endif /* HASHTABLE_H_ @} */
diff --git a/src/libstrongswan/utils/host.c b/src/libstrongswan/utils/host.c
index 4702222e8..719c5a529 100644
--- a/src/libstrongswan/utils/host.c
+++ b/src/libstrongswan/utils/host.c
@@ -15,7 +15,7 @@
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*
- * $Id: host.c 4639 2008-11-12 15:09:24Z martin $
+ * $Id: host.c 4856 2009-02-05 22:13:48Z andreas $
*/
#define _GNU_SOURCE
@@ -453,6 +453,10 @@ host_t *host_create_from_dns(char *string, int af, u_int16_t port)
{
return host_create_any(af ? af : AF_INET);
}
+ if (streq(string, "%any6"))
+ {
+ return host_create_any(af ? af : AF_INET6);
+ }
else if (strchr(string, ':'))
{
/* gethostbyname does not like IPv6 addresses - fallback */
diff --git a/src/libstrongswan/utils/identification.c b/src/libstrongswan/utils/identification.c
index db442e9ab..529e62509 100644
--- a/src/libstrongswan/utils/identification.c
+++ b/src/libstrongswan/utils/identification.c
@@ -13,7 +13,7 @@
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*
- * $Id: identification.c 4344 2008-09-17 02:17:01Z andreas $
+ * $Id: identification.c 4856 2009-02-05 22:13:48Z andreas $
*/
#define _GNU_SOURCE
@@ -1046,6 +1046,7 @@ identification_t *identification_create_from_string(char *string)
else if (strchr(string, '@') == NULL)
{
if (streq(string, "%any")
+ || streq(string, "%any6")
|| streq(string, "0.0.0.0")
|| streq(string, "*")
|| streq(string, "::")
diff --git a/src/libstrongswan/utils/leak_detective.c b/src/libstrongswan/utils/leak_detective.c
index 73409158d..4c56c9596 100644
--- a/src/libstrongswan/utils/leak_detective.c
+++ b/src/libstrongswan/utils/leak_detective.c
@@ -12,9 +12,11 @@
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*
- * $Id: leak_detective.c 4609 2008-11-10 16:44:27Z martin $
+ * $Id: leak_detective.c 4796 2008-12-12 09:10:52Z martin $
*/
+#define _GNU_SOURCE
+#include <sched.h>
#include <stddef.h>
#include <string.h>
#include <stdio.h>
@@ -160,6 +162,7 @@ char *whitelist[] = {
/* pthread stuff */
"pthread_create",
"pthread_setspecific",
+ "__pthread_setspecific",
/* glibc functions */
"mktime",
"__gmtime_r",
@@ -199,6 +202,7 @@ char *whitelist[] = {
"RSA_new_method",
"DH_new_method",
"ENGINE_load_builtin_engines",
+ "OPENSSL_config",
};
/**
@@ -471,6 +475,16 @@ leak_detective_t *leak_detective_create()
if (getenv("LEAK_DETECTIVE_DISABLE") == NULL)
{
+ cpu_set_t mask;
+
+ CPU_ZERO(&mask);
+ CPU_SET(0, &mask);
+
+ if (sched_setaffinity(0, sizeof(cpu_set_t), &mask) != 0)
+ {
+ fprintf(stderr, "setting CPU affinity failed: %m");
+ }
+
lib->leak_detective = TRUE;
install_hooks();
}
diff --git a/src/libstrongswan/utils/lexparser.c b/src/libstrongswan/utils/lexparser.c
index 8b7b3b547..5725df1ea 100644
--- a/src/libstrongswan/utils/lexparser.c
+++ b/src/libstrongswan/utils/lexparser.c
@@ -11,16 +11,11 @@
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*
- * $Id: lexparser.c 3872 2008-04-25 07:04:59Z andreas $
+ * $Id: lexparser.c 4877 2009-02-18 09:45:54Z martin $
*/
-/* memrchr is a GNU extension */
-#define _GNU_SOURCE
-#include <string.h>
-
#include "lexparser.h"
-
/**
* eat whitespace
*/
@@ -30,7 +25,7 @@ bool eat_whitespace(chunk_t *src)
{
src->ptr++; src->len--;
}
- return src->len > 0 && *src->ptr != '#';
+ return src->len > 0 && *src->ptr != '#';
}
/**
@@ -51,11 +46,11 @@ bool extract_token(chunk_t *token, const char termination, chunk_t *src)
if (termination == ' ')
{
u_char *eot_tab = memchr(src->ptr, '\t', src->len);
-
+
/* check if a tab instead of a space terminates the token */
eot = ( eot_tab == NULL || (eot && eot < eot_tab) ) ? eot : eot_tab;
}
-
+
/* initialize empty token */
*token = chunk_empty;
@@ -76,16 +71,17 @@ bool extract_token(chunk_t *token, const char termination, chunk_t *src)
}
/**
- * extracts a token ending with the last occurrence of a given termination symbol
+ * extracts a token ending with the first occurrence of a given null-terminated string
*/
-bool extract_last_token(chunk_t *token, const char termination, chunk_t *src)
+bool extract_token_str(chunk_t *token, const char *termination, chunk_t *src)
{
- u_char *eot = memrchr(src->ptr, termination, src->len);
+ u_char *eot = memstr(src->ptr, termination, src->len);
+ size_t l = strlen(termination);
/* initialize empty token */
*token = chunk_empty;
- if (eot == NULL) /* termination symbol not found */
+ if (eot == NULL) /* termination string not found */
{
return FALSE;
}
@@ -94,9 +90,9 @@ bool extract_last_token(chunk_t *token, const char termination, chunk_t *src)
token->ptr = src->ptr;
token->len = (u_int)(eot - src->ptr);
- /* advance src pointer after termination symbol */
- src->ptr = eot + 1;
- src->len -= (token->len + 1);
+ /* advance src pointer after termination string */
+ src->ptr = eot + l;
+ src->len -= (token->len + l);
return TRUE;
}
diff --git a/src/libstrongswan/utils/lexparser.h b/src/libstrongswan/utils/lexparser.h
index 7d54ca22e..c47f65718 100644
--- a/src/libstrongswan/utils/lexparser.h
+++ b/src/libstrongswan/utils/lexparser.h
@@ -13,7 +13,7 @@
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*
- * $Id: lexparser.h 3876 2008-04-26 09:24:14Z andreas $
+ * $Id: lexparser.h 4877 2009-02-18 09:45:54Z martin $
*/
/**
@@ -37,14 +37,14 @@ bool eat_whitespace(chunk_t *src);
bool match(const char *pattern, const chunk_t *ch);
/**
- * Extracts a token ending with the first occurence a given termination symbol
+ * Extracts a token ending with the first occurrence of a given termination symbol
*/
bool extract_token(chunk_t *token, const char termination, chunk_t *src);
/**
- * Extracts a token ending with the last occurence a given termination symbol
+ * Extracts a token ending with the first occurrence of a given null-terminated string
*/
-bool extract_last_token(chunk_t *token, const char termination, chunk_t *src);
+bool extract_token_str(chunk_t *token, const char *termination, chunk_t *src);
/**
* Fetches a new text line terminated by \n or \r\n
diff --git a/src/libstrongswan/utils/mutex.c b/src/libstrongswan/utils/mutex.c
index ddb0d2df6..ba4b72b0c 100644
--- a/src/libstrongswan/utils/mutex.c
+++ b/src/libstrongswan/utils/mutex.c
@@ -1,4 +1,5 @@
/*
+ * Copyright (C) 2008 Tobias Brunner
* Copyright (C) 2008 Martin Willi
* Hochschule fuer Technik Rapperswil
*
@@ -12,7 +13,7 @@
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*
- * $Id: mutex.c 4591 2008-11-05 16:12:54Z martin $
+ * $Id: mutex.c 4803 2008-12-15 09:13:43Z martin $
*/
#define _GNU_SOURCE
@@ -76,7 +77,7 @@ static void profiler_cleanup(lock_profile_t *profile)
*/
static void profiler_init(lock_profile_t *profile)
{
- profile->backtrace = backtrace_create(3);
+ profile->backtrace = backtrace_create(2);
timerclear(&profile->waited);
}
@@ -332,28 +333,17 @@ static void wait(private_condvar_t *this, private_mutex_t *mutex)
}
/**
- * Implementation of condvar_t.timed_wait.
+ * Implementation of condvar_t.timed_wait_abs.
*/
-static bool timed_wait(private_condvar_t *this, private_mutex_t *mutex,
- u_int timeout)
+static bool timed_wait_abs(private_condvar_t *this, private_mutex_t *mutex,
+ timeval_t time)
{
struct timespec ts;
- struct timeval tv;
- u_int s, ms;
bool timed_out;
- gettimeofday(&tv, NULL);
-
- s = timeout / 1000;
- ms = timeout % 1000;
+ ts.tv_sec = time.tv_sec;
+ ts.tv_nsec = time.tv_usec * 1000;
- ts.tv_sec = tv.tv_sec + s;
- ts.tv_nsec = tv.tv_usec * 1000 + ms * 1000000;
- if (ts.tv_nsec > 1000000000 /* 1s */)
- {
- ts.tv_nsec -= 1000000000;
- ts.tv_sec++;
- }
if (mutex->recursive)
{
private_r_mutex_t* recursive = (private_r_mutex_t*)mutex;
@@ -372,6 +362,31 @@ static bool timed_wait(private_condvar_t *this, private_mutex_t *mutex,
}
/**
+ * Implementation of condvar_t.timed_wait.
+ */
+static bool timed_wait(private_condvar_t *this, private_mutex_t *mutex,
+ u_int timeout)
+{
+ timeval_t tv;
+ u_int s, ms;
+
+ gettimeofday(&tv, NULL);
+
+ s = timeout / 1000;
+ ms = timeout % 1000;
+
+ tv.tv_sec += s;
+ tv.tv_usec += ms * 1000;
+
+ if (tv.tv_usec > 1000000 /* 1s */)
+ {
+ tv.tv_usec -= 1000000;
+ tv.tv_sec++;
+ }
+ return timed_wait_abs(this, mutex, tv);
+}
+
+/**
* Implementation of condvar_t.signal.
*/
static void signal(private_condvar_t *this)
@@ -410,6 +425,7 @@ condvar_t *condvar_create(condvar_type_t type)
this->public.wait = (void(*)(condvar_t*, mutex_t *mutex))wait;
this->public.timed_wait = (bool(*)(condvar_t*, mutex_t *mutex, u_int timeout))timed_wait;
+ this->public.timed_wait_abs = (bool(*)(condvar_t*, mutex_t *mutex, timeval_t time))timed_wait_abs;
this->public.signal = (void(*)(condvar_t*))signal;
this->public.broadcast = (void(*)(condvar_t*))broadcast;
this->public.destroy = (void(*)(condvar_t*))condvar_destroy;
diff --git a/src/libstrongswan/utils/mutex.h b/src/libstrongswan/utils/mutex.h
index a0a198024..4cdd96a99 100644
--- a/src/libstrongswan/utils/mutex.h
+++ b/src/libstrongswan/utils/mutex.h
@@ -1,4 +1,5 @@
/*
+ * Copyright (C) 2008 Tobias Brunner
* Copyright (C) 2008 Martin Willi
* Hochschule fuer Technik Rapperswil
*
@@ -11,6 +12,8 @@
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
+ *
+ * $Id: mutex.h 4697 2008-11-25 19:30:02Z tobias $
*/
/**
@@ -99,6 +102,15 @@ struct condvar_t {
bool (*timed_wait)(condvar_t *this, mutex_t *mutex, u_int timeout);
/**
+ * Wait on a condvar until it gets signalized, or times out.
+ *
+ * @param mutex mutex to release while waiting
+ * @param time absolute time until timeout
+ * @return TRUE if timed out, FALSE otherwise
+ */
+ bool (*timed_wait_abs)(condvar_t *this, mutex_t *mutex, timeval_t timeout);
+
+ /**
* Wake up a single thread in a condvar.
*/
void (*signal)(condvar_t *this);