summaryrefslogtreecommitdiff
path: root/src/libstrongswan
diff options
context:
space:
mode:
Diffstat (limited to 'src/libstrongswan')
-rw-r--r--src/libstrongswan/Android.mk18
-rw-r--r--src/libstrongswan/Makefile.am49
-rw-r--r--src/libstrongswan/Makefile.in471
-rw-r--r--src/libstrongswan/asn1/asn1.c2
-rw-r--r--src/libstrongswan/asn1/asn1_parser.c2
-rw-r--r--src/libstrongswan/asn1/oid.c72
-rw-r--r--src/libstrongswan/asn1/oid.h32
-rw-r--r--src/libstrongswan/asn1/oid.txt2
-rw-r--r--src/libstrongswan/bio/bio_reader.c2
-rw-r--r--src/libstrongswan/bio/bio_writer.h7
-rw-r--r--src/libstrongswan/collections/blocking_queue.c (renamed from src/libstrongswan/utils/blocking_queue.c)2
-rw-r--r--src/libstrongswan/collections/blocking_queue.h (renamed from src/libstrongswan/utils/blocking_queue.h)2
-rw-r--r--src/libstrongswan/collections/enumerator.c (renamed from src/libstrongswan/utils/enumerator.c)2
-rw-r--r--src/libstrongswan/collections/enumerator.h (renamed from src/libstrongswan/utils/enumerator.h)4
-rw-r--r--src/libstrongswan/collections/hashtable.c (renamed from src/libstrongswan/utils/hashtable.c)0
-rw-r--r--src/libstrongswan/collections/hashtable.h (renamed from src/libstrongswan/utils/hashtable.h)4
-rw-r--r--src/libstrongswan/collections/linked_list.c (renamed from src/libstrongswan/utils/linked_list.c)0
-rw-r--r--src/libstrongswan/collections/linked_list.h (renamed from src/libstrongswan/utils/linked_list.h)4
-rw-r--r--src/libstrongswan/credentials/auth_cfg.c4
-rw-r--r--src/libstrongswan/credentials/auth_cfg.h2
-rw-r--r--src/libstrongswan/credentials/builder.c6
-rw-r--r--src/libstrongswan/credentials/builder.h14
-rw-r--r--src/libstrongswan/credentials/certificates/certificate.c2
-rw-r--r--src/libstrongswan/credentials/certificates/crl.c2
-rw-r--r--src/libstrongswan/credentials/certificates/pkcs10.h2
-rw-r--r--src/libstrongswan/credentials/certificates/x509.h2
-rw-r--r--src/libstrongswan/credentials/containers/container.c23
-rw-r--r--src/libstrongswan/credentials/containers/container.h93
-rw-r--r--src/libstrongswan/credentials/containers/pkcs7.h63
-rw-r--r--src/libstrongswan/credentials/cred_encoding.c4
-rw-r--r--src/libstrongswan/credentials/credential_factory.c25
-rw-r--r--src/libstrongswan/credentials/credential_factory.h5
-rw-r--r--src/libstrongswan/credentials/credential_manager.c4
-rw-r--r--src/libstrongswan/credentials/credential_manager.h2
-rw-r--r--src/libstrongswan/credentials/ietf_attributes/ietf_attributes.c2
-rw-r--r--src/libstrongswan/credentials/keys/shared_key.h2
-rw-r--r--src/libstrongswan/credentials/sets/auth_cfg_wrapper.c2
-rw-r--r--src/libstrongswan/credentials/sets/cert_cache.c2
-rw-r--r--src/libstrongswan/credentials/sets/mem_cred.c2
-rw-r--r--src/libstrongswan/credentials/sets/mem_cred.h2
-rw-r--r--src/libstrongswan/crypto/aead.c2
-rw-r--r--src/libstrongswan/crypto/crypto_factory.c4
-rw-r--r--src/libstrongswan/crypto/crypto_factory.h1
-rw-r--r--src/libstrongswan/crypto/crypto_tester.c4
-rw-r--r--src/libstrongswan/crypto/nonce_gen.h4
-rw-r--r--src/libstrongswan/crypto/pkcs7.c1061
-rw-r--r--src/libstrongswan/crypto/pkcs7.h178
-rw-r--r--src/libstrongswan/crypto/pkcs9.c369
-rw-r--r--src/libstrongswan/crypto/proposal/proposal_keywords.c2
-rw-r--r--src/libstrongswan/crypto/proposal/proposal_keywords_static.c198
-rw-r--r--src/libstrongswan/crypto/proposal/proposal_keywords_static.txt8
-rw-r--r--src/libstrongswan/crypto/transform.h2
-rw-r--r--src/libstrongswan/database/database.h2
-rw-r--r--src/libstrongswan/database/database_factory.c2
-rw-r--r--src/libstrongswan/eap/eap.c2
-rw-r--r--src/libstrongswan/fetcher/fetcher.h2
-rw-r--r--src/libstrongswan/fetcher/fetcher_manager.c4
-rw-r--r--src/libstrongswan/library.c39
-rw-r--r--src/libstrongswan/library.h29
-rw-r--r--src/libstrongswan/networking/host.c (renamed from src/libstrongswan/utils/host.c)135
-rw-r--r--src/libstrongswan/networking/host.h (renamed from src/libstrongswan/utils/host.h)15
-rw-r--r--src/libstrongswan/networking/host_resolver.c351
-rw-r--r--src/libstrongswan/networking/host_resolver.h60
-rw-r--r--src/libstrongswan/networking/packet.c (renamed from src/libstrongswan/utils/packet.c)0
-rw-r--r--src/libstrongswan/networking/packet.h (renamed from src/libstrongswan/utils/packet.h)4
-rw-r--r--src/libstrongswan/networking/tun_device.c (renamed from src/libstrongswan/utils/tun_device.c)2
-rw-r--r--src/libstrongswan/networking/tun_device.h (renamed from src/libstrongswan/utils/tun_device.h)4
-rw-r--r--src/libstrongswan/pen/pen.c16
-rw-r--r--src/libstrongswan/pen/pen.h5
-rw-r--r--src/libstrongswan/plugins/aes/Makefile.in32
-rw-r--r--src/libstrongswan/plugins/af_alg/Makefile.in32
-rw-r--r--src/libstrongswan/plugins/af_alg/af_alg_ops.c2
-rw-r--r--src/libstrongswan/plugins/agent/Makefile.in32
-rw-r--r--src/libstrongswan/plugins/agent/agent_private_key.c4
-rw-r--r--src/libstrongswan/plugins/blowfish/Makefile.in32
-rw-r--r--src/libstrongswan/plugins/ccm/Makefile.in32
-rw-r--r--src/libstrongswan/plugins/cmac/Makefile.in32
-rw-r--r--src/libstrongswan/plugins/cmac/cmac.c2
-rw-r--r--src/libstrongswan/plugins/constraints/Makefile.in32
-rw-r--r--src/libstrongswan/plugins/constraints/constraints_validator.c4
-rw-r--r--src/libstrongswan/plugins/ctr/Makefile.in32
-rw-r--r--src/libstrongswan/plugins/curl/Makefile.in32
-rw-r--r--src/libstrongswan/plugins/curl/curl_fetcher.c2
-rw-r--r--src/libstrongswan/plugins/curl/curl_plugin.c2
-rw-r--r--src/libstrongswan/plugins/des/Makefile.in32
-rw-r--r--src/libstrongswan/plugins/dnskey/Makefile.in32
-rw-r--r--src/libstrongswan/plugins/dnskey/dnskey_builder.c2
-rw-r--r--src/libstrongswan/plugins/fips_prf/Makefile.in32
-rw-r--r--src/libstrongswan/plugins/fips_prf/fips_prf.c2
-rw-r--r--src/libstrongswan/plugins/gcm/Makefile.in32
-rw-r--r--src/libstrongswan/plugins/gcrypt/Makefile.in32
-rw-r--r--src/libstrongswan/plugins/gcrypt/gcrypt_crypter.c2
-rw-r--r--src/libstrongswan/plugins/gcrypt/gcrypt_dh.c2
-rw-r--r--src/libstrongswan/plugins/gcrypt/gcrypt_hasher.c2
-rw-r--r--src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c2
-rw-r--r--src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c2
-rw-r--r--src/libstrongswan/plugins/gcrypt/gcrypt_rsa_public_key.c2
-rw-r--r--src/libstrongswan/plugins/gmp/Makefile.in32
-rw-r--r--src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c2
-rw-r--r--src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c309
-rw-r--r--src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c4
-rw-r--r--src/libstrongswan/plugins/hmac/Makefile.in32
-rw-r--r--src/libstrongswan/plugins/ldap/Makefile.in32
-rw-r--r--src/libstrongswan/plugins/ldap/ldap_fetcher.c2
-rw-r--r--src/libstrongswan/plugins/md4/Makefile.in32
-rw-r--r--src/libstrongswan/plugins/md5/Makefile.in32
-rw-r--r--src/libstrongswan/plugins/mysql/Makefile.in32
-rw-r--r--src/libstrongswan/plugins/mysql/mysql_database.c6
-rw-r--r--src/libstrongswan/plugins/mysql/mysql_plugin.c2
-rw-r--r--src/libstrongswan/plugins/nonce/Makefile.in32
-rw-r--r--src/libstrongswan/plugins/nonce/nonce_nonceg.c2
-rw-r--r--src/libstrongswan/plugins/openssl/Makefile.am1
-rw-r--r--src/libstrongswan/plugins/openssl/Makefile.in36
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_crl.c4
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c2
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c2
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_ec_private_key.c2
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_ec_public_key.c2
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_pkcs7.c790
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_pkcs7.h37
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_plugin.c7
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_rng.c2
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c2
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c2
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_util.c2
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_x509.c8
-rw-r--r--src/libstrongswan/plugins/padlock/Makefile.in32
-rw-r--r--src/libstrongswan/plugins/padlock/padlock_plugin.c2
-rw-r--r--src/libstrongswan/plugins/pem/Makefile.in32
-rw-r--r--src/libstrongswan/plugins/pem/pem_builder.c9
-rw-r--r--src/libstrongswan/plugins/pgp/Makefile.in32
-rw-r--r--src/libstrongswan/plugins/pgp/pgp_builder.c4
-rw-r--r--src/libstrongswan/plugins/pgp/pgp_cert.c2
-rw-r--r--src/libstrongswan/plugins/pgp/pgp_encoder.c2
-rw-r--r--src/libstrongswan/plugins/pgp/pgp_utils.c2
-rw-r--r--src/libstrongswan/plugins/pkcs1/Makefile.in32
-rw-r--r--src/libstrongswan/plugins/pkcs1/pkcs1_builder.c2
-rw-r--r--src/libstrongswan/plugins/pkcs1/pkcs1_encoder.c2
-rw-r--r--src/libstrongswan/plugins/pkcs11/Makefile.in32
-rw-r--r--src/libstrongswan/plugins/pkcs11/pkcs11_creds.c114
-rw-r--r--src/libstrongswan/plugins/pkcs11/pkcs11_creds.h12
-rw-r--r--src/libstrongswan/plugins/pkcs11/pkcs11_dh.c2
-rw-r--r--src/libstrongswan/plugins/pkcs11/pkcs11_hasher.c2
-rw-r--r--src/libstrongswan/plugins/pkcs11/pkcs11_library.c7
-rw-r--r--src/libstrongswan/plugins/pkcs11/pkcs11_library.h8
-rw-r--r--src/libstrongswan/plugins/pkcs11/pkcs11_manager.c4
-rw-r--r--src/libstrongswan/plugins/pkcs11/pkcs11_plugin.c42
-rw-r--r--src/libstrongswan/plugins/pkcs11/pkcs11_private_key.c78
-rw-r--r--src/libstrongswan/plugins/pkcs11/pkcs11_public_key.c20
-rw-r--r--src/libstrongswan/plugins/pkcs11/pkcs11_public_key.h13
-rw-r--r--src/libstrongswan/plugins/pkcs11/pkcs11_rng.c2
-rw-r--r--src/libstrongswan/plugins/pkcs7/Makefile.am20
-rw-r--r--src/libstrongswan/plugins/pkcs7/Makefile.in641
-rw-r--r--src/libstrongswan/plugins/pkcs7/pkcs7_attributes.c273
-rw-r--r--src/libstrongswan/plugins/pkcs7/pkcs7_attributes.h (renamed from src/libstrongswan/crypto/pkcs9.h)51
-rw-r--r--src/libstrongswan/plugins/pkcs7/pkcs7_data.c156
-rw-r--r--src/libstrongswan/plugins/pkcs7/pkcs7_data.h46
-rw-r--r--src/libstrongswan/plugins/pkcs7/pkcs7_enveloped_data.c613
-rw-r--r--src/libstrongswan/plugins/pkcs7/pkcs7_enveloped_data.h44
-rw-r--r--src/libstrongswan/plugins/pkcs7/pkcs7_generic.c126
-rw-r--r--src/libstrongswan/plugins/pkcs7/pkcs7_generic.h38
-rw-r--r--src/libstrongswan/plugins/pkcs7/pkcs7_plugin.c84
-rw-r--r--src/libstrongswan/plugins/pkcs7/pkcs7_plugin.h42
-rw-r--r--src/libstrongswan/plugins/pkcs7/pkcs7_signed_data.c678
-rw-r--r--src/libstrongswan/plugins/pkcs7/pkcs7_signed_data.h44
-rw-r--r--src/libstrongswan/plugins/pkcs8/Makefile.in32
-rw-r--r--src/libstrongswan/plugins/pkcs8/pkcs8_builder.c2
-rw-r--r--src/libstrongswan/plugins/plugin_feature.c27
-rw-r--r--src/libstrongswan/plugins/plugin_feature.h11
-rw-r--r--src/libstrongswan/plugins/plugin_loader.c8
-rw-r--r--src/libstrongswan/plugins/plugin_loader.h2
-rw-r--r--src/libstrongswan/plugins/pubkey/Makefile.in32
-rw-r--r--src/libstrongswan/plugins/pubkey/pubkey_cert.c2
-rw-r--r--src/libstrongswan/plugins/random/Makefile.in32
-rw-r--r--src/libstrongswan/plugins/random/random_plugin.c2
-rw-r--r--src/libstrongswan/plugins/random/random_rng.c2
-rw-r--r--src/libstrongswan/plugins/rdrand/Makefile.am16
-rw-r--r--src/libstrongswan/plugins/rdrand/Makefile.in632
-rw-r--r--src/libstrongswan/plugins/rdrand/rdrand_plugin.c137
-rw-r--r--src/libstrongswan/plugins/rdrand/rdrand_plugin.h42
-rw-r--r--src/libstrongswan/plugins/rdrand/rdrand_rng.c442
-rw-r--r--src/libstrongswan/plugins/rdrand/rdrand_rng.h47
-rw-r--r--src/libstrongswan/plugins/revocation/Makefile.in32
-rw-r--r--src/libstrongswan/plugins/revocation/revocation_validator.c2
-rw-r--r--src/libstrongswan/plugins/sha1/Makefile.in32
-rw-r--r--src/libstrongswan/plugins/sha2/Makefile.in32
-rw-r--r--src/libstrongswan/plugins/soup/Makefile.in32
-rw-r--r--src/libstrongswan/plugins/soup/soup_fetcher.c2
-rw-r--r--src/libstrongswan/plugins/soup/soup_plugin.c3
-rw-r--r--src/libstrongswan/plugins/sqlite/Makefile.in32
-rw-r--r--src/libstrongswan/plugins/sqlite/sqlite_database.c7
-rw-r--r--src/libstrongswan/plugins/test_vectors/Makefile.in32
-rw-r--r--src/libstrongswan/plugins/test_vectors/test_vectors/rng.c2
-rw-r--r--src/libstrongswan/plugins/x509/Makefile.in32
-rw-r--r--src/libstrongswan/plugins/x509/x509_ac.c4
-rw-r--r--src/libstrongswan/plugins/x509/x509_cert.c8
-rw-r--r--src/libstrongswan/plugins/x509/x509_crl.c4
-rw-r--r--src/libstrongswan/plugins/x509/x509_ocsp_request.c4
-rw-r--r--src/libstrongswan/plugins/x509/x509_ocsp_response.c4
-rw-r--r--src/libstrongswan/plugins/x509/x509_pkcs10.c4
-rw-r--r--src/libstrongswan/plugins/xcbc/Makefile.in32
-rw-r--r--src/libstrongswan/plugins/xcbc/xcbc.c2
-rw-r--r--src/libstrongswan/processing/jobs/callback_job.c2
-rw-r--r--src/libstrongswan/processing/processor.c4
-rw-r--r--src/libstrongswan/processing/scheduler.c2
-rw-r--r--src/libstrongswan/selectors/traffic_selector.c21
-rw-r--r--src/libstrongswan/selectors/traffic_selector.h15
-rw-r--r--src/libstrongswan/threading/mutex.c10
-rw-r--r--src/libstrongswan/threading/rwlock.c9
-rw-r--r--src/libstrongswan/threading/spinlock.c24
-rw-r--r--src/libstrongswan/threading/thread.c4
-rw-r--r--src/libstrongswan/utils/backtrace.c2
-rw-r--r--src/libstrongswan/utils/capabilities.c2
-rw-r--r--src/libstrongswan/utils/chunk.c (renamed from src/libstrongswan/chunk.c)0
-rw-r--r--src/libstrongswan/utils/chunk.h (renamed from src/libstrongswan/chunk.h)2
-rw-r--r--src/libstrongswan/utils/debug.c (renamed from src/libstrongswan/debug.c)0
-rw-r--r--src/libstrongswan/utils/debug.h (renamed from src/libstrongswan/debug.h)4
-rw-r--r--src/libstrongswan/utils/enum.c (renamed from src/libstrongswan/enum.c)12
-rw-r--r--src/libstrongswan/utils/enum.h (renamed from src/libstrongswan/enum.h)2
-rw-r--r--src/libstrongswan/utils/identification.h4
-rw-r--r--src/libstrongswan/utils/integrity_checker.c (renamed from src/libstrongswan/integrity_checker.c)0
-rw-r--r--src/libstrongswan/utils/integrity_checker.h (renamed from src/libstrongswan/integrity_checker.h)2
-rw-r--r--src/libstrongswan/utils/leak_detective.c4
-rw-r--r--src/libstrongswan/utils/optionsfrom.c16
-rw-r--r--src/libstrongswan/utils/printf_hook.c (renamed from src/libstrongswan/printf_hook.c)0
-rw-r--r--src/libstrongswan/utils/printf_hook.h (renamed from src/libstrongswan/printf_hook.h)2
-rw-r--r--src/libstrongswan/utils/settings.c (renamed from src/libstrongswan/settings.c)4
-rw-r--r--src/libstrongswan/utils/settings.h (renamed from src/libstrongswan/settings.h)4
-rw-r--r--src/libstrongswan/utils/utils.c (renamed from src/libstrongswan/utils.c)5
-rw-r--r--src/libstrongswan/utils/utils.h (renamed from src/libstrongswan/utils.h)20
230 files changed, 7865 insertions, 2801 deletions
diff --git a/src/libstrongswan/Android.mk b/src/libstrongswan/Android.mk
index 4912576df..65cfe5292 100644
--- a/src/libstrongswan/Android.mk
+++ b/src/libstrongswan/Android.mk
@@ -3,9 +3,10 @@ include $(CLEAR_VARS)
# copy-n-paste from Makefile.am
LOCAL_SRC_FILES := \
-library.c chunk.c debug.c enum.c settings.c printf_hook.c asn1/asn1.c \
-asn1/asn1_parser.c asn1/oid.c bio/bio_reader.c bio/bio_writer.c \
-crypto/crypters/crypter.c crypto/hashers/hasher.c crypto/pkcs7.c crypto/pkcs9.c \
+library.c \
+asn1/asn1.c asn1/asn1_parser.c asn1/oid.c bio/bio_reader.c bio/bio_writer.c \
+collections/blocking_queue.c collections/enumerator.c collections/hashtable.c \
+collections/linked_list.c crypto/crypters/crypter.c crypto/hashers/hasher.c \
crypto/proposal/proposal_keywords.c crypto/proposal/proposal_keywords_static.c \
crypto/prfs/prf.c crypto/prfs/mac_prf.c \
crypto/rngs/rng.c crypto/prf_plus.c crypto/signers/signer.c \
@@ -16,19 +17,22 @@ credentials/cred_encoding.c credentials/keys/private_key.c \
credentials/keys/public_key.c credentials/keys/shared_key.c \
credentials/certificates/certificate.c credentials/certificates/crl.c \
credentials/certificates/ocsp_response.c \
+credentials/containers/container.c \
credentials/ietf_attributes/ietf_attributes.c credentials/credential_manager.c \
credentials/sets/auth_cfg_wrapper.c credentials/sets/ocsp_response_wrapper.c \
credentials/sets/cert_cache.c credentials/sets/mem_cred.c \
credentials/sets/callback_cred.c credentials/auth_cfg.c database/database.c \
database/database_factory.c fetcher/fetcher.c fetcher/fetcher_manager.c eap/eap.c \
ipsec/ipsec_types.c \
+networking/host.c networking/host_resolver.c networking/packet.c \
+networking/tun_device.c \
pen/pen.c plugins/plugin_loader.c plugins/plugin_feature.c processing/jobs/job.c \
processing/jobs/callback_job.c processing/processor.c processing/scheduler.c \
selectors/traffic_selector.c threading/thread.c threading/thread_value.c \
threading/mutex.c threading/semaphore.c threading/rwlock.c threading/spinlock.c \
-utils.c utils/host.c utils/packet.c utils/identification.c utils/lexparser.c \
-utils/linked_list.c utils/blocking_queue.c utils/hashtable.c utils/enumerator.c \
-utils/optionsfrom.c utils/capabilities.c utils/backtrace.c utils/tun_device.c
+utils/utils.c utils/chunk.c utils/debug.c utils/enum.c utils/identification.c \
+utils/lexparser.c utils/optionsfrom.c utils/capabilities.c utils/backtrace.c \
+utils/printf_hook.c utils/settings.c
# adding the plugin source files
@@ -68,6 +72,8 @@ LOCAL_SRC_FILES += $(call add_plugin, pem)
LOCAL_SRC_FILES += $(call add_plugin, pkcs1)
+LOCAL_SRC_FILES += $(call add_plugin, pkcs7)
+
LOCAL_SRC_FILES += $(call add_plugin, pkcs8)
LOCAL_SRC_FILES += $(call add_plugin, pkcs11)
diff --git a/src/libstrongswan/Makefile.am b/src/libstrongswan/Makefile.am
index 463d57d95..9c4665eeb 100644
--- a/src/libstrongswan/Makefile.am
+++ b/src/libstrongswan/Makefile.am
@@ -1,9 +1,10 @@
ipseclib_LTLIBRARIES = libstrongswan.la
libstrongswan_la_SOURCES = \
-library.c chunk.c debug.c enum.c settings.c printf_hook.c asn1/asn1.c \
-asn1/asn1_parser.c asn1/oid.c bio/bio_reader.c bio/bio_writer.c \
-crypto/crypters/crypter.c crypto/hashers/hasher.c crypto/pkcs7.c crypto/pkcs9.c \
+library.c \
+asn1/asn1.c asn1/asn1_parser.c asn1/oid.c bio/bio_reader.c bio/bio_writer.c \
+collections/blocking_queue.c collections/enumerator.c collections/hashtable.c \
+collections/linked_list.c crypto/crypters/crypter.c crypto/hashers/hasher.c \
crypto/proposal/proposal_keywords.c crypto/proposal/proposal_keywords_static.c \
crypto/prfs/prf.c crypto/prfs/mac_prf.c \
crypto/rngs/rng.c crypto/prf_plus.c crypto/signers/signer.c \
@@ -14,28 +15,32 @@ credentials/cred_encoding.c credentials/keys/private_key.c \
credentials/keys/public_key.c credentials/keys/shared_key.c \
credentials/certificates/certificate.c credentials/certificates/crl.c \
credentials/certificates/ocsp_response.c \
+credentials/containers/container.c \
credentials/ietf_attributes/ietf_attributes.c credentials/credential_manager.c \
credentials/sets/auth_cfg_wrapper.c credentials/sets/ocsp_response_wrapper.c \
credentials/sets/cert_cache.c credentials/sets/mem_cred.c \
credentials/sets/callback_cred.c credentials/auth_cfg.c database/database.c \
database/database_factory.c fetcher/fetcher.c fetcher/fetcher_manager.c eap/eap.c \
ipsec/ipsec_types.c \
+networking/host.c networking/host_resolver.c networking/packet.c \
+networking/tun_device.c \
pen/pen.c plugins/plugin_loader.c plugins/plugin_feature.c processing/jobs/job.c \
processing/jobs/callback_job.c processing/processor.c processing/scheduler.c \
selectors/traffic_selector.c threading/thread.c threading/thread_value.c \
threading/mutex.c threading/semaphore.c threading/rwlock.c threading/spinlock.c \
-utils.c utils/host.c utils/packet.c utils/identification.c utils/lexparser.c \
-utils/linked_list.c utils/blocking_queue.c utils/hashtable.c utils/enumerator.c \
-utils/optionsfrom.c utils/capabilities.c utils/backtrace.c utils/tun_device.c
+utils/utils.c utils/chunk.c utils/debug.c utils/enum.c utils/identification.c \
+utils/lexparser.c utils/optionsfrom.c utils/capabilities.c utils/backtrace.c \
+utils/printf_hook.c utils/settings.c
if USE_DEV_HEADERS
strongswan_includedir = ${dev_headers}
nobase_strongswan_include_HEADERS = \
-library.h chunk.h debug.h enum.h settings.h printf_hook.h \
+library.h \
asn1/asn1.h asn1/asn1_parser.h asn1/oid.h bio/bio_reader.h bio/bio_writer.h \
+collections/blocking_queue.h collections/enumerator.h collections/hashtable.h \
+collections/linked_list.h \
crypto/crypters/crypter.h crypto/hashers/hasher.h crypto/mac.h \
-crypto/pkcs7.h crypto/pkcs9.h crypto/proposal/proposal_keywords.h \
-crypto/proposal/proposal_keywords_static.h \
+crypto/proposal/proposal_keywords.h crypto/proposal/proposal_keywords_static.h \
crypto/prfs/prf.h crypto/prfs/mac_prf.h crypto/rngs/rng.h crypto/nonce_gen.h \
crypto/prf_plus.h crypto/signers/signer.h crypto/signers/mac_signer.h \
crypto/crypto_factory.h crypto/crypto_tester.h crypto/diffie_hellman.h \
@@ -48,6 +53,7 @@ credentials/certificates/ac.h credentials/certificates/crl.h \
credentials/certificates/pkcs10.h credentials/certificates/ocsp_request.h \
credentials/certificates/ocsp_response.h \
credentials/certificates/pgp_certificate.h \
+credentials/containers/container.h credentials/containers/pkcs7.h \
credentials/ietf_attributes/ietf_attributes.h \
credentials/credential_manager.h credentials/sets/auth_cfg_wrapper.h \
credentials/sets/ocsp_response_wrapper.h credentials/sets/cert_cache.h \
@@ -55,16 +61,17 @@ credentials/sets/mem_cred.h credentials/sets/callback_cred.h \
credentials/auth_cfg.h credentials/credential_set.h credentials/cert_validator.h \
database/database.h database/database_factory.h fetcher/fetcher.h \
fetcher/fetcher_manager.h eap/eap.h pen/pen.h ipsec/ipsec_types.h \
+networking/host.h networking/host_resolver.h networking/packet.h \
+networking/tun_device.h \
plugins/plugin_loader.h plugins/plugin.h plugins/plugin_feature.h \
processing/jobs/job.h processing/jobs/callback_job.h processing/processor.h \
processing/scheduler.h selectors/traffic_selector.h \
threading/thread.h threading/thread_value.h \
threading/mutex.h threading/condvar.h threading/spinlock.h threading/semaphore.h \
threading/rwlock.h threading/rwlock_condvar.h threading/lock_profiler.h \
-utils.h utils/host.h utils/packet.h utils/identification.h utils/lexparser.h \
-utils/linked_list.h utils/blocking_queue.h utils/hashtable.h utils/enumerator.h \
-utils/optionsfrom.h utils/capabilities.h utils/backtrace.h utils/tun_device.h \
-utils/leak_detective.h integrity_checker.h
+utils/utils.h utils/chunk.h utils/debug.h utils/enum.h utils/identification.h \
+utils/lexparser.h utils/optionsfrom.h utils/capabilities.h utils/backtrace.h \
+utils/leak_detective.h utils/printf_hook.h utils/settings.h utils/integrity_checker.h
endif
library.lo : $(top_builddir)/config.status
@@ -89,7 +96,7 @@ endif
if USE_INTEGRITY_TEST
AM_CFLAGS += -DINTEGRITY_TEST
- libstrongswan_la_SOURCES += integrity_checker.c
+ libstrongswan_la_SOURCES += utils/integrity_checker.c
endif
if USE_VSTR
@@ -197,6 +204,13 @@ if MONOLITHIC
endif
endif
+if USE_RDRAND
+ SUBDIRS += plugins/rdrand
+if MONOLITHIC
+ libstrongswan_la_LIBADD += plugins/rdrand/libstrongswan-rdrand.la
+endif
+endif
+
if USE_RANDOM
SUBDIRS += plugins/random
if MONOLITHIC
@@ -267,6 +281,13 @@ if MONOLITHIC
endif
endif
+if USE_PKCS7
+ SUBDIRS += plugins/pkcs7
+if MONOLITHIC
+ libstrongswan_la_LIBADD += plugins/pkcs7/libstrongswan-pkcs7.la
+endif
+endif
+
if USE_PKCS8
SUBDIRS += plugins/pkcs8
if MONOLITHIC
diff --git a/src/libstrongswan/Makefile.in b/src/libstrongswan/Makefile.in
index aeebb25c0..6c0ce7a88 100644
--- a/src/libstrongswan/Makefile.in
+++ b/src/libstrongswan/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11.1 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -39,7 +39,7 @@ host_triplet = @host@
@USE_LEAK_DETECTIVE_TRUE@am__append_2 = utils/leak_detective.c
@USE_LOCK_PROFILER_TRUE@am__append_3 = -DLOCK_PROFILER
@USE_INTEGRITY_TEST_TRUE@am__append_4 = -DINTEGRITY_TEST
-@USE_INTEGRITY_TEST_TRUE@am__append_5 = integrity_checker.c
+@USE_INTEGRITY_TEST_TRUE@am__append_5 = utils/integrity_checker.c
@USE_VSTR_TRUE@am__append_6 = -lvstr
@USE_LIBCAP_TRUE@am__append_7 = -lcap
@USE_AF_ALG_TRUE@am__append_8 = plugins/af_alg
@@ -60,64 +60,68 @@ host_triplet = @host@
@MONOLITHIC_TRUE@@USE_SHA2_TRUE@am__append_23 = plugins/sha2/libstrongswan-sha2.la
@USE_GMP_TRUE@am__append_24 = plugins/gmp
@MONOLITHIC_TRUE@@USE_GMP_TRUE@am__append_25 = plugins/gmp/libstrongswan-gmp.la
-@USE_RANDOM_TRUE@am__append_26 = plugins/random
-@MONOLITHIC_TRUE@@USE_RANDOM_TRUE@am__append_27 = plugins/random/libstrongswan-random.la
-@USE_NONCE_TRUE@am__append_28 = plugins/nonce
-@MONOLITHIC_TRUE@@USE_NONCE_TRUE@am__append_29 = plugins/nonce/libstrongswan-nonce.la
-@USE_HMAC_TRUE@am__append_30 = plugins/hmac
-@MONOLITHIC_TRUE@@USE_HMAC_TRUE@am__append_31 = plugins/hmac/libstrongswan-hmac.la
-@USE_CMAC_TRUE@am__append_32 = plugins/cmac
-@MONOLITHIC_TRUE@@USE_CMAC_TRUE@am__append_33 = plugins/cmac/libstrongswan-cmac.la
-@USE_XCBC_TRUE@am__append_34 = plugins/xcbc
-@MONOLITHIC_TRUE@@USE_XCBC_TRUE@am__append_35 = plugins/xcbc/libstrongswan-xcbc.la
-@USE_X509_TRUE@am__append_36 = plugins/x509
-@MONOLITHIC_TRUE@@USE_X509_TRUE@am__append_37 = plugins/x509/libstrongswan-x509.la
-@USE_REVOCATION_TRUE@am__append_38 = plugins/revocation
-@MONOLITHIC_TRUE@@USE_REVOCATION_TRUE@am__append_39 = plugins/revocation/libstrongswan-revocation.la
-@USE_CONSTRAINTS_TRUE@am__append_40 = plugins/constraints
-@MONOLITHIC_TRUE@@USE_CONSTRAINTS_TRUE@am__append_41 = plugins/constraints/libstrongswan-constraints.la
-@USE_PUBKEY_TRUE@am__append_42 = plugins/pubkey
-@MONOLITHIC_TRUE@@USE_PUBKEY_TRUE@am__append_43 = plugins/pubkey/libstrongswan-pubkey.la
-@USE_PKCS1_TRUE@am__append_44 = plugins/pkcs1
-@MONOLITHIC_TRUE@@USE_PKCS1_TRUE@am__append_45 = plugins/pkcs1/libstrongswan-pkcs1.la
-@USE_PKCS8_TRUE@am__append_46 = plugins/pkcs8
-@MONOLITHIC_TRUE@@USE_PKCS8_TRUE@am__append_47 = plugins/pkcs8/libstrongswan-pkcs8.la
-@USE_PGP_TRUE@am__append_48 = plugins/pgp
-@MONOLITHIC_TRUE@@USE_PGP_TRUE@am__append_49 = plugins/pgp/libstrongswan-pgp.la
-@USE_DNSKEY_TRUE@am__append_50 = plugins/dnskey
-@MONOLITHIC_TRUE@@USE_DNSKEY_TRUE@am__append_51 = plugins/dnskey/libstrongswan-dnskey.la
-@USE_PEM_TRUE@am__append_52 = plugins/pem
-@MONOLITHIC_TRUE@@USE_PEM_TRUE@am__append_53 = plugins/pem/libstrongswan-pem.la
-@USE_CURL_TRUE@am__append_54 = plugins/curl
-@MONOLITHIC_TRUE@@USE_CURL_TRUE@am__append_55 = plugins/curl/libstrongswan-curl.la
-@USE_SOUP_TRUE@am__append_56 = plugins/soup
-@MONOLITHIC_TRUE@@USE_SOUP_TRUE@am__append_57 = plugins/soup/libstrongswan-soup.la
-@USE_LDAP_TRUE@am__append_58 = plugins/ldap
-@MONOLITHIC_TRUE@@USE_LDAP_TRUE@am__append_59 = plugins/ldap/libstrongswan-ldap.la
-@USE_MYSQL_TRUE@am__append_60 = plugins/mysql
-@MONOLITHIC_TRUE@@USE_MYSQL_TRUE@am__append_61 = plugins/mysql/libstrongswan-mysql.la
-@USE_SQLITE_TRUE@am__append_62 = plugins/sqlite
-@MONOLITHIC_TRUE@@USE_SQLITE_TRUE@am__append_63 = plugins/sqlite/libstrongswan-sqlite.la
-@USE_PADLOCK_TRUE@am__append_64 = plugins/padlock
-@MONOLITHIC_TRUE@@USE_PADLOCK_TRUE@am__append_65 = plugins/padlock/libstrongswan-padlock.la
-@USE_OPENSSL_TRUE@am__append_66 = plugins/openssl
-@MONOLITHIC_TRUE@@USE_OPENSSL_TRUE@am__append_67 = plugins/openssl/libstrongswan-openssl.la
-@USE_GCRYPT_TRUE@am__append_68 = plugins/gcrypt
-@MONOLITHIC_TRUE@@USE_GCRYPT_TRUE@am__append_69 = plugins/gcrypt/libstrongswan-gcrypt.la
-@USE_FIPS_PRF_TRUE@am__append_70 = plugins/fips_prf
-@MONOLITHIC_TRUE@@USE_FIPS_PRF_TRUE@am__append_71 = plugins/fips_prf/libstrongswan-fips-prf.la
-@USE_AGENT_TRUE@am__append_72 = plugins/agent
-@MONOLITHIC_TRUE@@USE_AGENT_TRUE@am__append_73 = plugins/agent/libstrongswan-agent.la
-@USE_PKCS11_TRUE@am__append_74 = plugins/pkcs11
-@MONOLITHIC_TRUE@@USE_PKCS11_TRUE@am__append_75 = plugins/pkcs11/libstrongswan-pkcs11.la
-@USE_CTR_TRUE@am__append_76 = plugins/ctr
-@MONOLITHIC_TRUE@@USE_CTR_TRUE@am__append_77 = plugins/ctr/libstrongswan-ctr.la
-@USE_CCM_TRUE@am__append_78 = plugins/ccm
-@MONOLITHIC_TRUE@@USE_CCM_TRUE@am__append_79 = plugins/ccm/libstrongswan-ccm.la
-@USE_GCM_TRUE@am__append_80 = plugins/gcm
-@MONOLITHIC_TRUE@@USE_GCM_TRUE@am__append_81 = plugins/gcm/libstrongswan-gcm.la
-@USE_TEST_VECTORS_TRUE@am__append_82 = plugins/test_vectors
-@MONOLITHIC_TRUE@@USE_TEST_VECTORS_TRUE@am__append_83 = plugins/test_vectors/libstrongswan-test-vectors.la
+@USE_RDRAND_TRUE@am__append_26 = plugins/rdrand
+@MONOLITHIC_TRUE@@USE_RDRAND_TRUE@am__append_27 = plugins/rdrand/libstrongswan-rdrand.la
+@USE_RANDOM_TRUE@am__append_28 = plugins/random
+@MONOLITHIC_TRUE@@USE_RANDOM_TRUE@am__append_29 = plugins/random/libstrongswan-random.la
+@USE_NONCE_TRUE@am__append_30 = plugins/nonce
+@MONOLITHIC_TRUE@@USE_NONCE_TRUE@am__append_31 = plugins/nonce/libstrongswan-nonce.la
+@USE_HMAC_TRUE@am__append_32 = plugins/hmac
+@MONOLITHIC_TRUE@@USE_HMAC_TRUE@am__append_33 = plugins/hmac/libstrongswan-hmac.la
+@USE_CMAC_TRUE@am__append_34 = plugins/cmac
+@MONOLITHIC_TRUE@@USE_CMAC_TRUE@am__append_35 = plugins/cmac/libstrongswan-cmac.la
+@USE_XCBC_TRUE@am__append_36 = plugins/xcbc
+@MONOLITHIC_TRUE@@USE_XCBC_TRUE@am__append_37 = plugins/xcbc/libstrongswan-xcbc.la
+@USE_X509_TRUE@am__append_38 = plugins/x509
+@MONOLITHIC_TRUE@@USE_X509_TRUE@am__append_39 = plugins/x509/libstrongswan-x509.la
+@USE_REVOCATION_TRUE@am__append_40 = plugins/revocation
+@MONOLITHIC_TRUE@@USE_REVOCATION_TRUE@am__append_41 = plugins/revocation/libstrongswan-revocation.la
+@USE_CONSTRAINTS_TRUE@am__append_42 = plugins/constraints
+@MONOLITHIC_TRUE@@USE_CONSTRAINTS_TRUE@am__append_43 = plugins/constraints/libstrongswan-constraints.la
+@USE_PUBKEY_TRUE@am__append_44 = plugins/pubkey
+@MONOLITHIC_TRUE@@USE_PUBKEY_TRUE@am__append_45 = plugins/pubkey/libstrongswan-pubkey.la
+@USE_PKCS1_TRUE@am__append_46 = plugins/pkcs1
+@MONOLITHIC_TRUE@@USE_PKCS1_TRUE@am__append_47 = plugins/pkcs1/libstrongswan-pkcs1.la
+@USE_PKCS7_TRUE@am__append_48 = plugins/pkcs7
+@MONOLITHIC_TRUE@@USE_PKCS7_TRUE@am__append_49 = plugins/pkcs7/libstrongswan-pkcs7.la
+@USE_PKCS8_TRUE@am__append_50 = plugins/pkcs8
+@MONOLITHIC_TRUE@@USE_PKCS8_TRUE@am__append_51 = plugins/pkcs8/libstrongswan-pkcs8.la
+@USE_PGP_TRUE@am__append_52 = plugins/pgp
+@MONOLITHIC_TRUE@@USE_PGP_TRUE@am__append_53 = plugins/pgp/libstrongswan-pgp.la
+@USE_DNSKEY_TRUE@am__append_54 = plugins/dnskey
+@MONOLITHIC_TRUE@@USE_DNSKEY_TRUE@am__append_55 = plugins/dnskey/libstrongswan-dnskey.la
+@USE_PEM_TRUE@am__append_56 = plugins/pem
+@MONOLITHIC_TRUE@@USE_PEM_TRUE@am__append_57 = plugins/pem/libstrongswan-pem.la
+@USE_CURL_TRUE@am__append_58 = plugins/curl
+@MONOLITHIC_TRUE@@USE_CURL_TRUE@am__append_59 = plugins/curl/libstrongswan-curl.la
+@USE_SOUP_TRUE@am__append_60 = plugins/soup
+@MONOLITHIC_TRUE@@USE_SOUP_TRUE@am__append_61 = plugins/soup/libstrongswan-soup.la
+@USE_LDAP_TRUE@am__append_62 = plugins/ldap
+@MONOLITHIC_TRUE@@USE_LDAP_TRUE@am__append_63 = plugins/ldap/libstrongswan-ldap.la
+@USE_MYSQL_TRUE@am__append_64 = plugins/mysql
+@MONOLITHIC_TRUE@@USE_MYSQL_TRUE@am__append_65 = plugins/mysql/libstrongswan-mysql.la
+@USE_SQLITE_TRUE@am__append_66 = plugins/sqlite
+@MONOLITHIC_TRUE@@USE_SQLITE_TRUE@am__append_67 = plugins/sqlite/libstrongswan-sqlite.la
+@USE_PADLOCK_TRUE@am__append_68 = plugins/padlock
+@MONOLITHIC_TRUE@@USE_PADLOCK_TRUE@am__append_69 = plugins/padlock/libstrongswan-padlock.la
+@USE_OPENSSL_TRUE@am__append_70 = plugins/openssl
+@MONOLITHIC_TRUE@@USE_OPENSSL_TRUE@am__append_71 = plugins/openssl/libstrongswan-openssl.la
+@USE_GCRYPT_TRUE@am__append_72 = plugins/gcrypt
+@MONOLITHIC_TRUE@@USE_GCRYPT_TRUE@am__append_73 = plugins/gcrypt/libstrongswan-gcrypt.la
+@USE_FIPS_PRF_TRUE@am__append_74 = plugins/fips_prf
+@MONOLITHIC_TRUE@@USE_FIPS_PRF_TRUE@am__append_75 = plugins/fips_prf/libstrongswan-fips-prf.la
+@USE_AGENT_TRUE@am__append_76 = plugins/agent
+@MONOLITHIC_TRUE@@USE_AGENT_TRUE@am__append_77 = plugins/agent/libstrongswan-agent.la
+@USE_PKCS11_TRUE@am__append_78 = plugins/pkcs11
+@MONOLITHIC_TRUE@@USE_PKCS11_TRUE@am__append_79 = plugins/pkcs11/libstrongswan-pkcs11.la
+@USE_CTR_TRUE@am__append_80 = plugins/ctr
+@MONOLITHIC_TRUE@@USE_CTR_TRUE@am__append_81 = plugins/ctr/libstrongswan-ctr.la
+@USE_CCM_TRUE@am__append_82 = plugins/ccm
+@MONOLITHIC_TRUE@@USE_CCM_TRUE@am__append_83 = plugins/ccm/libstrongswan-ccm.la
+@USE_GCM_TRUE@am__append_84 = plugins/gcm
+@MONOLITHIC_TRUE@@USE_GCM_TRUE@am__append_85 = plugins/gcm/libstrongswan-gcm.la
+@USE_TEST_VECTORS_TRUE@am__append_86 = plugins/test_vectors
+@MONOLITHIC_TRUE@@USE_TEST_VECTORS_TRUE@am__append_87 = plugins/test_vectors/libstrongswan-test-vectors.la
subdir = src/libstrongswan
DIST_COMMON = $(am__nobase_strongswan_include_HEADERS_DIST) \
$(srcdir)/Makefile.am $(srcdir)/Makefile.in
@@ -158,6 +162,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
am__installdirs = "$(DESTDIR)$(ipseclibdir)" \
"$(DESTDIR)$(strongswan_includedir)"
LTLIBRARIES = $(ipseclib_LTLIBRARIES)
@@ -178,13 +188,14 @@ libstrongswan_la_DEPENDENCIES = $(am__DEPENDENCIES_1) \
$(am__append_61) $(am__append_63) $(am__append_65) \
$(am__append_67) $(am__append_69) $(am__append_71) \
$(am__append_73) $(am__append_75) $(am__append_77) \
- $(am__append_79) $(am__append_81) $(am__append_83)
-am__libstrongswan_la_SOURCES_DIST = library.c chunk.c debug.c enum.c \
- settings.c printf_hook.c asn1/asn1.c asn1/asn1_parser.c \
- asn1/oid.c bio/bio_reader.c bio/bio_writer.c \
- crypto/crypters/crypter.c crypto/hashers/hasher.c \
- crypto/pkcs7.c crypto/pkcs9.c \
- crypto/proposal/proposal_keywords.c \
+ $(am__append_79) $(am__append_81) $(am__append_83) \
+ $(am__append_85) $(am__append_87)
+am__libstrongswan_la_SOURCES_DIST = library.c asn1/asn1.c \
+ asn1/asn1_parser.c asn1/oid.c bio/bio_reader.c \
+ bio/bio_writer.c collections/blocking_queue.c \
+ collections/enumerator.c collections/hashtable.c \
+ collections/linked_list.c crypto/crypters/crypter.c \
+ crypto/hashers/hasher.c crypto/proposal/proposal_keywords.c \
crypto/proposal/proposal_keywords_static.c crypto/prfs/prf.c \
crypto/prfs/mac_prf.c crypto/rngs/rng.c crypto/prf_plus.c \
crypto/signers/signer.c crypto/signers/mac_signer.c \
@@ -196,6 +207,7 @@ am__libstrongswan_la_SOURCES_DIST = library.c chunk.c debug.c enum.c \
credentials/certificates/certificate.c \
credentials/certificates/crl.c \
credentials/certificates/ocsp_response.c \
+ credentials/containers/container.c \
credentials/ietf_attributes/ietf_attributes.c \
credentials/credential_manager.c \
credentials/sets/auth_cfg_wrapper.c \
@@ -204,39 +216,41 @@ am__libstrongswan_la_SOURCES_DIST = library.c chunk.c debug.c enum.c \
credentials/sets/callback_cred.c credentials/auth_cfg.c \
database/database.c database/database_factory.c \
fetcher/fetcher.c fetcher/fetcher_manager.c eap/eap.c \
- ipsec/ipsec_types.c pen/pen.c plugins/plugin_loader.c \
+ ipsec/ipsec_types.c networking/host.c \
+ networking/host_resolver.c networking/packet.c \
+ networking/tun_device.c pen/pen.c plugins/plugin_loader.c \
plugins/plugin_feature.c processing/jobs/job.c \
processing/jobs/callback_job.c processing/processor.c \
processing/scheduler.c selectors/traffic_selector.c \
threading/thread.c threading/thread_value.c threading/mutex.c \
threading/semaphore.c threading/rwlock.c threading/spinlock.c \
- utils.c utils/host.c utils/packet.c utils/identification.c \
- utils/lexparser.c utils/linked_list.c utils/blocking_queue.c \
- utils/hashtable.c utils/enumerator.c utils/optionsfrom.c \
- utils/capabilities.c utils/backtrace.c utils/tun_device.c \
- utils/leak_detective.c integrity_checker.c
+ utils/utils.c utils/chunk.c utils/debug.c utils/enum.c \
+ utils/identification.c utils/lexparser.c utils/optionsfrom.c \
+ utils/capabilities.c utils/backtrace.c utils/printf_hook.c \
+ utils/settings.c utils/leak_detective.c \
+ utils/integrity_checker.c
@USE_LEAK_DETECTIVE_TRUE@am__objects_1 = leak_detective.lo
@USE_INTEGRITY_TEST_TRUE@am__objects_2 = integrity_checker.lo
-am_libstrongswan_la_OBJECTS = library.lo chunk.lo debug.lo enum.lo \
- settings.lo printf_hook.lo asn1.lo asn1_parser.lo oid.lo \
- bio_reader.lo bio_writer.lo crypter.lo hasher.lo pkcs7.lo \
- pkcs9.lo proposal_keywords.lo proposal_keywords_static.lo \
- prf.lo mac_prf.lo rng.lo prf_plus.lo signer.lo mac_signer.lo \
+am_libstrongswan_la_OBJECTS = library.lo asn1.lo asn1_parser.lo oid.lo \
+ bio_reader.lo bio_writer.lo blocking_queue.lo enumerator.lo \
+ hashtable.lo linked_list.lo crypter.lo hasher.lo \
+ proposal_keywords.lo proposal_keywords_static.lo prf.lo \
+ mac_prf.lo rng.lo prf_plus.lo signer.lo mac_signer.lo \
crypto_factory.lo crypto_tester.lo diffie_hellman.lo aead.lo \
transform.lo credential_factory.lo builder.lo cred_encoding.lo \
private_key.lo public_key.lo shared_key.lo certificate.lo \
- crl.lo ocsp_response.lo ietf_attributes.lo \
+ crl.lo ocsp_response.lo container.lo ietf_attributes.lo \
credential_manager.lo auth_cfg_wrapper.lo \
ocsp_response_wrapper.lo cert_cache.lo mem_cred.lo \
callback_cred.lo auth_cfg.lo database.lo database_factory.lo \
- fetcher.lo fetcher_manager.lo eap.lo ipsec_types.lo pen.lo \
+ fetcher.lo fetcher_manager.lo eap.lo ipsec_types.lo host.lo \
+ host_resolver.lo packet.lo tun_device.lo pen.lo \
plugin_loader.lo plugin_feature.lo job.lo callback_job.lo \
processor.lo scheduler.lo traffic_selector.lo thread.lo \
thread_value.lo mutex.lo semaphore.lo rwlock.lo spinlock.lo \
- utils.lo host.lo packet.lo identification.lo lexparser.lo \
- linked_list.lo blocking_queue.lo hashtable.lo enumerator.lo \
- optionsfrom.lo capabilities.lo backtrace.lo tun_device.lo \
- $(am__objects_1) $(am__objects_2)
+ utils.lo chunk.lo debug.lo enum.lo identification.lo \
+ lexparser.lo optionsfrom.lo capabilities.lo backtrace.lo \
+ printf_hook.lo settings.lo $(am__objects_1) $(am__objects_2)
libstrongswan_la_OBJECTS = $(am_libstrongswan_la_OBJECTS)
DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
depcomp = $(SHELL) $(top_srcdir)/depcomp
@@ -260,11 +274,12 @@ RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \
install-pdf-recursive install-ps-recursive install-recursive \
installcheck-recursive installdirs-recursive pdf-recursive \
ps-recursive uninstall-recursive
-am__nobase_strongswan_include_HEADERS_DIST = library.h chunk.h debug.h \
- enum.h settings.h printf_hook.h asn1/asn1.h asn1/asn1_parser.h \
- asn1/oid.h bio/bio_reader.h bio/bio_writer.h \
- crypto/crypters/crypter.h crypto/hashers/hasher.h crypto/mac.h \
- crypto/pkcs7.h crypto/pkcs9.h \
+am__nobase_strongswan_include_HEADERS_DIST = library.h asn1/asn1.h \
+ asn1/asn1_parser.h asn1/oid.h bio/bio_reader.h \
+ bio/bio_writer.h collections/blocking_queue.h \
+ collections/enumerator.h collections/hashtable.h \
+ collections/linked_list.h crypto/crypters/crypter.h \
+ crypto/hashers/hasher.h crypto/mac.h \
crypto/proposal/proposal_keywords.h \
crypto/proposal/proposal_keywords_static.h crypto/prfs/prf.h \
crypto/prfs/mac_prf.h crypto/rngs/rng.h crypto/nonce_gen.h \
@@ -282,6 +297,8 @@ am__nobase_strongswan_include_HEADERS_DIST = library.h chunk.h debug.h \
credentials/certificates/ocsp_request.h \
credentials/certificates/ocsp_response.h \
credentials/certificates/pgp_certificate.h \
+ credentials/containers/container.h \
+ credentials/containers/pkcs7.h \
credentials/ietf_attributes/ietf_attributes.h \
credentials/credential_manager.h \
credentials/sets/auth_cfg_wrapper.h \
@@ -291,19 +308,20 @@ am__nobase_strongswan_include_HEADERS_DIST = library.h chunk.h debug.h \
credentials/credential_set.h credentials/cert_validator.h \
database/database.h database/database_factory.h \
fetcher/fetcher.h fetcher/fetcher_manager.h eap/eap.h \
- pen/pen.h ipsec/ipsec_types.h plugins/plugin_loader.h \
+ pen/pen.h ipsec/ipsec_types.h networking/host.h \
+ networking/host_resolver.h networking/packet.h \
+ networking/tun_device.h plugins/plugin_loader.h \
plugins/plugin.h plugins/plugin_feature.h \
processing/jobs/job.h processing/jobs/callback_job.h \
processing/processor.h processing/scheduler.h \
selectors/traffic_selector.h threading/thread.h \
threading/thread_value.h threading/mutex.h threading/condvar.h \
threading/spinlock.h threading/semaphore.h threading/rwlock.h \
- threading/rwlock_condvar.h threading/lock_profiler.h utils.h \
- utils/host.h utils/packet.h utils/identification.h \
- utils/lexparser.h utils/linked_list.h utils/blocking_queue.h \
- utils/hashtable.h utils/enumerator.h utils/optionsfrom.h \
- utils/capabilities.h utils/backtrace.h utils/tun_device.h \
- utils/leak_detective.h integrity_checker.h
+ threading/rwlock_condvar.h threading/lock_profiler.h \
+ utils/utils.h utils/chunk.h utils/debug.h utils/enum.h \
+ utils/identification.h utils/lexparser.h utils/optionsfrom.h \
+ utils/capabilities.h utils/backtrace.h utils/leak_detective.h \
+ utils/printf_hook.h utils/settings.h utils/integrity_checker.h
HEADERS = $(nobase_strongswan_include_HEADERS)
RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \
distclean-recursive maintainer-clean-recursive
@@ -314,14 +332,15 @@ ETAGS = etags
CTAGS = ctags
DIST_SUBDIRS = . plugins/af_alg plugins/aes plugins/des \
plugins/blowfish plugins/md4 plugins/md5 plugins/sha1 \
- plugins/sha2 plugins/gmp plugins/random plugins/nonce \
- plugins/hmac plugins/cmac plugins/xcbc plugins/x509 \
- plugins/revocation plugins/constraints plugins/pubkey \
- plugins/pkcs1 plugins/pkcs8 plugins/pgp plugins/dnskey \
- plugins/pem plugins/curl plugins/soup plugins/ldap \
- plugins/mysql plugins/sqlite plugins/padlock plugins/openssl \
- plugins/gcrypt plugins/fips_prf plugins/agent plugins/pkcs11 \
- plugins/ctr plugins/ccm plugins/gcm plugins/test_vectors
+ plugins/sha2 plugins/gmp plugins/rdrand plugins/random \
+ plugins/nonce plugins/hmac plugins/cmac plugins/xcbc \
+ plugins/x509 plugins/revocation plugins/constraints \
+ plugins/pubkey plugins/pkcs1 plugins/pkcs7 plugins/pkcs8 \
+ plugins/pgp plugins/dnskey plugins/pem plugins/curl \
+ plugins/soup plugins/ldap plugins/mysql plugins/sqlite \
+ plugins/padlock plugins/openssl plugins/gcrypt \
+ plugins/fips_prf plugins/agent plugins/pkcs11 plugins/ctr \
+ plugins/ccm plugins/gcm plugins/test_vectors
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
am__relativize = \
dir0=`pwd`; \
@@ -367,6 +386,7 @@ CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DLLIB = @DLLIB@
+DLLTOOL = @DLLTOOL@
DSYMUTIL = @DSYMUTIL@
DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
@@ -394,6 +414,7 @@ LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
MYSQLCFLAG = @MYSQLCFLAG@
MYSQLCONFIG = @MYSQLCONFIG@
@@ -421,6 +442,7 @@ RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
RUBYINCLUDE = @RUBYINCLUDE@
+RUBYLIB = @RUBYLIB@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
@@ -433,6 +455,7 @@ abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
@@ -486,7 +509,6 @@ libexecdir = @libexecdir@
linux_headers = @linux_headers@
localedir = @localedir@
localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
maemo_CFLAGS = @maemo_CFLAGS@
maemo_LIBS = @maemo_LIBS@
manager_plugins = @manager_plugins@
@@ -534,10 +556,11 @@ urandom_device = @urandom_device@
xml_CFLAGS = @xml_CFLAGS@
xml_LIBS = @xml_LIBS@
ipseclib_LTLIBRARIES = libstrongswan.la
-libstrongswan_la_SOURCES = library.c chunk.c debug.c enum.c settings.c \
- printf_hook.c asn1/asn1.c asn1/asn1_parser.c asn1/oid.c \
- bio/bio_reader.c bio/bio_writer.c crypto/crypters/crypter.c \
- crypto/hashers/hasher.c crypto/pkcs7.c crypto/pkcs9.c \
+libstrongswan_la_SOURCES = library.c asn1/asn1.c asn1/asn1_parser.c \
+ asn1/oid.c bio/bio_reader.c bio/bio_writer.c \
+ collections/blocking_queue.c collections/enumerator.c \
+ collections/hashtable.c collections/linked_list.c \
+ crypto/crypters/crypter.c crypto/hashers/hasher.c \
crypto/proposal/proposal_keywords.c \
crypto/proposal/proposal_keywords_static.c crypto/prfs/prf.c \
crypto/prfs/mac_prf.c crypto/rngs/rng.c crypto/prf_plus.c \
@@ -550,6 +573,7 @@ libstrongswan_la_SOURCES = library.c chunk.c debug.c enum.c settings.c \
credentials/certificates/certificate.c \
credentials/certificates/crl.c \
credentials/certificates/ocsp_response.c \
+ credentials/containers/container.c \
credentials/ietf_attributes/ietf_attributes.c \
credentials/credential_manager.c \
credentials/sets/auth_cfg_wrapper.c \
@@ -558,24 +582,26 @@ libstrongswan_la_SOURCES = library.c chunk.c debug.c enum.c settings.c \
credentials/sets/callback_cred.c credentials/auth_cfg.c \
database/database.c database/database_factory.c \
fetcher/fetcher.c fetcher/fetcher_manager.c eap/eap.c \
- ipsec/ipsec_types.c pen/pen.c plugins/plugin_loader.c \
+ ipsec/ipsec_types.c networking/host.c \
+ networking/host_resolver.c networking/packet.c \
+ networking/tun_device.c pen/pen.c plugins/plugin_loader.c \
plugins/plugin_feature.c processing/jobs/job.c \
processing/jobs/callback_job.c processing/processor.c \
processing/scheduler.c selectors/traffic_selector.c \
threading/thread.c threading/thread_value.c threading/mutex.c \
threading/semaphore.c threading/rwlock.c threading/spinlock.c \
- utils.c utils/host.c utils/packet.c utils/identification.c \
- utils/lexparser.c utils/linked_list.c utils/blocking_queue.c \
- utils/hashtable.c utils/enumerator.c utils/optionsfrom.c \
- utils/capabilities.c utils/backtrace.c utils/tun_device.c \
- $(am__append_2) $(am__append_5)
+ utils/utils.c utils/chunk.c utils/debug.c utils/enum.c \
+ utils/identification.c utils/lexparser.c utils/optionsfrom.c \
+ utils/capabilities.c utils/backtrace.c utils/printf_hook.c \
+ utils/settings.c $(am__append_2) $(am__append_5)
@USE_DEV_HEADERS_TRUE@strongswan_includedir = ${dev_headers}
@USE_DEV_HEADERS_TRUE@nobase_strongswan_include_HEADERS = \
-@USE_DEV_HEADERS_TRUE@library.h chunk.h debug.h enum.h settings.h printf_hook.h \
+@USE_DEV_HEADERS_TRUE@library.h \
@USE_DEV_HEADERS_TRUE@asn1/asn1.h asn1/asn1_parser.h asn1/oid.h bio/bio_reader.h bio/bio_writer.h \
+@USE_DEV_HEADERS_TRUE@collections/blocking_queue.h collections/enumerator.h collections/hashtable.h \
+@USE_DEV_HEADERS_TRUE@collections/linked_list.h \
@USE_DEV_HEADERS_TRUE@crypto/crypters/crypter.h crypto/hashers/hasher.h crypto/mac.h \
-@USE_DEV_HEADERS_TRUE@crypto/pkcs7.h crypto/pkcs9.h crypto/proposal/proposal_keywords.h \
-@USE_DEV_HEADERS_TRUE@crypto/proposal/proposal_keywords_static.h \
+@USE_DEV_HEADERS_TRUE@crypto/proposal/proposal_keywords.h crypto/proposal/proposal_keywords_static.h \
@USE_DEV_HEADERS_TRUE@crypto/prfs/prf.h crypto/prfs/mac_prf.h crypto/rngs/rng.h crypto/nonce_gen.h \
@USE_DEV_HEADERS_TRUE@crypto/prf_plus.h crypto/signers/signer.h crypto/signers/mac_signer.h \
@USE_DEV_HEADERS_TRUE@crypto/crypto_factory.h crypto/crypto_tester.h crypto/diffie_hellman.h \
@@ -588,6 +614,7 @@ libstrongswan_la_SOURCES = library.c chunk.c debug.c enum.c settings.c \
@USE_DEV_HEADERS_TRUE@credentials/certificates/pkcs10.h credentials/certificates/ocsp_request.h \
@USE_DEV_HEADERS_TRUE@credentials/certificates/ocsp_response.h \
@USE_DEV_HEADERS_TRUE@credentials/certificates/pgp_certificate.h \
+@USE_DEV_HEADERS_TRUE@credentials/containers/container.h credentials/containers/pkcs7.h \
@USE_DEV_HEADERS_TRUE@credentials/ietf_attributes/ietf_attributes.h \
@USE_DEV_HEADERS_TRUE@credentials/credential_manager.h credentials/sets/auth_cfg_wrapper.h \
@USE_DEV_HEADERS_TRUE@credentials/sets/ocsp_response_wrapper.h credentials/sets/cert_cache.h \
@@ -595,16 +622,17 @@ libstrongswan_la_SOURCES = library.c chunk.c debug.c enum.c settings.c \
@USE_DEV_HEADERS_TRUE@credentials/auth_cfg.h credentials/credential_set.h credentials/cert_validator.h \
@USE_DEV_HEADERS_TRUE@database/database.h database/database_factory.h fetcher/fetcher.h \
@USE_DEV_HEADERS_TRUE@fetcher/fetcher_manager.h eap/eap.h pen/pen.h ipsec/ipsec_types.h \
+@USE_DEV_HEADERS_TRUE@networking/host.h networking/host_resolver.h networking/packet.h \
+@USE_DEV_HEADERS_TRUE@networking/tun_device.h \
@USE_DEV_HEADERS_TRUE@plugins/plugin_loader.h plugins/plugin.h plugins/plugin_feature.h \
@USE_DEV_HEADERS_TRUE@processing/jobs/job.h processing/jobs/callback_job.h processing/processor.h \
@USE_DEV_HEADERS_TRUE@processing/scheduler.h selectors/traffic_selector.h \
@USE_DEV_HEADERS_TRUE@threading/thread.h threading/thread_value.h \
@USE_DEV_HEADERS_TRUE@threading/mutex.h threading/condvar.h threading/spinlock.h threading/semaphore.h \
@USE_DEV_HEADERS_TRUE@threading/rwlock.h threading/rwlock_condvar.h threading/lock_profiler.h \
-@USE_DEV_HEADERS_TRUE@utils.h utils/host.h utils/packet.h utils/identification.h utils/lexparser.h \
-@USE_DEV_HEADERS_TRUE@utils/linked_list.h utils/blocking_queue.h utils/hashtable.h utils/enumerator.h \
-@USE_DEV_HEADERS_TRUE@utils/optionsfrom.h utils/capabilities.h utils/backtrace.h utils/tun_device.h \
-@USE_DEV_HEADERS_TRUE@utils/leak_detective.h integrity_checker.h
+@USE_DEV_HEADERS_TRUE@utils/utils.h utils/chunk.h utils/debug.h utils/enum.h utils/identification.h \
+@USE_DEV_HEADERS_TRUE@utils/lexparser.h utils/optionsfrom.h utils/capabilities.h utils/backtrace.h \
+@USE_DEV_HEADERS_TRUE@utils/leak_detective.h utils/printf_hook.h utils/settings.h utils/integrity_checker.h
libstrongswan_la_LIBADD = $(PTHREADLIB) $(DLLIB) $(BTLIB) $(SOCKLIB) \
$(RTLIB) $(BFDLIB) $(am__append_6) $(am__append_7) \
@@ -620,7 +648,8 @@ libstrongswan_la_LIBADD = $(PTHREADLIB) $(DLLIB) $(BTLIB) $(SOCKLIB) \
$(am__append_63) $(am__append_65) $(am__append_67) \
$(am__append_69) $(am__append_71) $(am__append_73) \
$(am__append_75) $(am__append_77) $(am__append_79) \
- $(am__append_81) $(am__append_83)
+ $(am__append_81) $(am__append_83) $(am__append_85) \
+ $(am__append_87)
INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -DIPSEC_DIR=\"${ipsecdir}\" \
-DIPSEC_LIB_DIR=\"${ipseclibdir}\" \
@@ -658,7 +687,8 @@ $(srcdir)/crypto/proposal/proposal_keywords_static.c
@MONOLITHIC_FALSE@ $(am__append_68) $(am__append_70) \
@MONOLITHIC_FALSE@ $(am__append_72) $(am__append_74) \
@MONOLITHIC_FALSE@ $(am__append_76) $(am__append_78) \
-@MONOLITHIC_FALSE@ $(am__append_80) $(am__append_82)
+@MONOLITHIC_FALSE@ $(am__append_80) $(am__append_82) \
+@MONOLITHIC_FALSE@ $(am__append_84) $(am__append_86)
# build plugins with their own Makefile
#######################################
@@ -680,7 +710,8 @@ $(srcdir)/crypto/proposal/proposal_keywords_static.c
@MONOLITHIC_TRUE@ $(am__append_68) $(am__append_70) \
@MONOLITHIC_TRUE@ $(am__append_72) $(am__append_74) \
@MONOLITHIC_TRUE@ $(am__append_76) $(am__append_78) \
-@MONOLITHIC_TRUE@ $(am__append_80) $(am__append_82)
+@MONOLITHIC_TRUE@ $(am__append_80) $(am__append_82) \
+@MONOLITHIC_TRUE@ $(am__append_84) $(am__append_86)
all: $(BUILT_SOURCES)
$(MAKE) $(AM_MAKEFLAGS) all-recursive
@@ -747,7 +778,7 @@ clean-ipseclibLTLIBRARIES:
echo "rm -f \"$${dir}/so_locations\""; \
rm -f "$${dir}/so_locations"; \
done
-libstrongswan.la: $(libstrongswan_la_OBJECTS) $(libstrongswan_la_DEPENDENCIES)
+libstrongswan.la: $(libstrongswan_la_OBJECTS) $(libstrongswan_la_DEPENDENCIES) $(EXTRA_libstrongswan_la_DEPENDENCIES)
$(LINK) -rpath $(ipseclibdir) $(libstrongswan_la_OBJECTS) $(libstrongswan_la_LIBADD) $(LIBS)
mostlyclean-compile:
@@ -772,6 +803,7 @@ distclean-compile:
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/cert_cache.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/certificate.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/chunk.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/container.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/cred_encoding.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/credential_factory.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/credential_manager.Plo@am__quote@
@@ -791,6 +823,7 @@ distclean-compile:
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hasher.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hashtable.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/host.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/host_resolver.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/identification.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ietf_attributes.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/integrity_checker.Plo@am__quote@
@@ -810,8 +843,6 @@ distclean-compile:
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/optionsfrom.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/packet.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pen.Plo@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pkcs7.Plo@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pkcs9.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/plugin_feature.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/plugin_loader.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/prf.Plo@am__quote@
@@ -893,6 +924,34 @@ bio_writer.lo: bio/bio_writer.c
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o bio_writer.lo `test -f 'bio/bio_writer.c' || echo '$(srcdir)/'`bio/bio_writer.c
+blocking_queue.lo: collections/blocking_queue.c
+@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT blocking_queue.lo -MD -MP -MF $(DEPDIR)/blocking_queue.Tpo -c -o blocking_queue.lo `test -f 'collections/blocking_queue.c' || echo '$(srcdir)/'`collections/blocking_queue.c
+@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/blocking_queue.Tpo $(DEPDIR)/blocking_queue.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='collections/blocking_queue.c' object='blocking_queue.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o blocking_queue.lo `test -f 'collections/blocking_queue.c' || echo '$(srcdir)/'`collections/blocking_queue.c
+
+enumerator.lo: collections/enumerator.c
+@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT enumerator.lo -MD -MP -MF $(DEPDIR)/enumerator.Tpo -c -o enumerator.lo `test -f 'collections/enumerator.c' || echo '$(srcdir)/'`collections/enumerator.c
+@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/enumerator.Tpo $(DEPDIR)/enumerator.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='collections/enumerator.c' object='enumerator.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o enumerator.lo `test -f 'collections/enumerator.c' || echo '$(srcdir)/'`collections/enumerator.c
+
+hashtable.lo: collections/hashtable.c
+@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT hashtable.lo -MD -MP -MF $(DEPDIR)/hashtable.Tpo -c -o hashtable.lo `test -f 'collections/hashtable.c' || echo '$(srcdir)/'`collections/hashtable.c
+@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/hashtable.Tpo $(DEPDIR)/hashtable.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='collections/hashtable.c' object='hashtable.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o hashtable.lo `test -f 'collections/hashtable.c' || echo '$(srcdir)/'`collections/hashtable.c
+
+linked_list.lo: collections/linked_list.c
+@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT linked_list.lo -MD -MP -MF $(DEPDIR)/linked_list.Tpo -c -o linked_list.lo `test -f 'collections/linked_list.c' || echo '$(srcdir)/'`collections/linked_list.c
+@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/linked_list.Tpo $(DEPDIR)/linked_list.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='collections/linked_list.c' object='linked_list.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o linked_list.lo `test -f 'collections/linked_list.c' || echo '$(srcdir)/'`collections/linked_list.c
+
crypter.lo: crypto/crypters/crypter.c
@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT crypter.lo -MD -MP -MF $(DEPDIR)/crypter.Tpo -c -o crypter.lo `test -f 'crypto/crypters/crypter.c' || echo '$(srcdir)/'`crypto/crypters/crypter.c
@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/crypter.Tpo $(DEPDIR)/crypter.Plo
@@ -907,20 +966,6 @@ hasher.lo: crypto/hashers/hasher.c
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o hasher.lo `test -f 'crypto/hashers/hasher.c' || echo '$(srcdir)/'`crypto/hashers/hasher.c
-pkcs7.lo: crypto/pkcs7.c
-@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT pkcs7.lo -MD -MP -MF $(DEPDIR)/pkcs7.Tpo -c -o pkcs7.lo `test -f 'crypto/pkcs7.c' || echo '$(srcdir)/'`crypto/pkcs7.c
-@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/pkcs7.Tpo $(DEPDIR)/pkcs7.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/pkcs7.c' object='pkcs7.lo' libtool=yes @AMDEPBACKSLASH@
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o pkcs7.lo `test -f 'crypto/pkcs7.c' || echo '$(srcdir)/'`crypto/pkcs7.c
-
-pkcs9.lo: crypto/pkcs9.c
-@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT pkcs9.lo -MD -MP -MF $(DEPDIR)/pkcs9.Tpo -c -o pkcs9.lo `test -f 'crypto/pkcs9.c' || echo '$(srcdir)/'`crypto/pkcs9.c
-@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/pkcs9.Tpo $(DEPDIR)/pkcs9.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/pkcs9.c' object='pkcs9.lo' libtool=yes @AMDEPBACKSLASH@
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o pkcs9.lo `test -f 'crypto/pkcs9.c' || echo '$(srcdir)/'`crypto/pkcs9.c
-
proposal_keywords.lo: crypto/proposal/proposal_keywords.c
@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT proposal_keywords.lo -MD -MP -MF $(DEPDIR)/proposal_keywords.Tpo -c -o proposal_keywords.lo `test -f 'crypto/proposal/proposal_keywords.c' || echo '$(srcdir)/'`crypto/proposal/proposal_keywords.c
@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/proposal_keywords.Tpo $(DEPDIR)/proposal_keywords.Plo
@@ -1075,6 +1120,13 @@ ocsp_response.lo: credentials/certificates/ocsp_response.c
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ocsp_response.lo `test -f 'credentials/certificates/ocsp_response.c' || echo '$(srcdir)/'`credentials/certificates/ocsp_response.c
+container.lo: credentials/containers/container.c
+@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT container.lo -MD -MP -MF $(DEPDIR)/container.Tpo -c -o container.lo `test -f 'credentials/containers/container.c' || echo '$(srcdir)/'`credentials/containers/container.c
+@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/container.Tpo $(DEPDIR)/container.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='credentials/containers/container.c' object='container.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o container.lo `test -f 'credentials/containers/container.c' || echo '$(srcdir)/'`credentials/containers/container.c
+
ietf_attributes.lo: credentials/ietf_attributes/ietf_attributes.c
@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ietf_attributes.lo -MD -MP -MF $(DEPDIR)/ietf_attributes.Tpo -c -o ietf_attributes.lo `test -f 'credentials/ietf_attributes/ietf_attributes.c' || echo '$(srcdir)/'`credentials/ietf_attributes/ietf_attributes.c
@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/ietf_attributes.Tpo $(DEPDIR)/ietf_attributes.Plo
@@ -1173,6 +1225,34 @@ ipsec_types.lo: ipsec/ipsec_types.c
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ipsec_types.lo `test -f 'ipsec/ipsec_types.c' || echo '$(srcdir)/'`ipsec/ipsec_types.c
+host.lo: networking/host.c
+@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT host.lo -MD -MP -MF $(DEPDIR)/host.Tpo -c -o host.lo `test -f 'networking/host.c' || echo '$(srcdir)/'`networking/host.c
+@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/host.Tpo $(DEPDIR)/host.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='networking/host.c' object='host.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o host.lo `test -f 'networking/host.c' || echo '$(srcdir)/'`networking/host.c
+
+host_resolver.lo: networking/host_resolver.c
+@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT host_resolver.lo -MD -MP -MF $(DEPDIR)/host_resolver.Tpo -c -o host_resolver.lo `test -f 'networking/host_resolver.c' || echo '$(srcdir)/'`networking/host_resolver.c
+@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/host_resolver.Tpo $(DEPDIR)/host_resolver.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='networking/host_resolver.c' object='host_resolver.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o host_resolver.lo `test -f 'networking/host_resolver.c' || echo '$(srcdir)/'`networking/host_resolver.c
+
+packet.lo: networking/packet.c
+@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT packet.lo -MD -MP -MF $(DEPDIR)/packet.Tpo -c -o packet.lo `test -f 'networking/packet.c' || echo '$(srcdir)/'`networking/packet.c
+@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/packet.Tpo $(DEPDIR)/packet.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='networking/packet.c' object='packet.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o packet.lo `test -f 'networking/packet.c' || echo '$(srcdir)/'`networking/packet.c
+
+tun_device.lo: networking/tun_device.c
+@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT tun_device.lo -MD -MP -MF $(DEPDIR)/tun_device.Tpo -c -o tun_device.lo `test -f 'networking/tun_device.c' || echo '$(srcdir)/'`networking/tun_device.c
+@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/tun_device.Tpo $(DEPDIR)/tun_device.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='networking/tun_device.c' object='tun_device.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o tun_device.lo `test -f 'networking/tun_device.c' || echo '$(srcdir)/'`networking/tun_device.c
+
pen.lo: pen/pen.c
@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT pen.lo -MD -MP -MF $(DEPDIR)/pen.Tpo -c -o pen.lo `test -f 'pen/pen.c' || echo '$(srcdir)/'`pen/pen.c
@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/pen.Tpo $(DEPDIR)/pen.Plo
@@ -1271,19 +1351,33 @@ spinlock.lo: threading/spinlock.c
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o spinlock.lo `test -f 'threading/spinlock.c' || echo '$(srcdir)/'`threading/spinlock.c
-host.lo: utils/host.c
-@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT host.lo -MD -MP -MF $(DEPDIR)/host.Tpo -c -o host.lo `test -f 'utils/host.c' || echo '$(srcdir)/'`utils/host.c
-@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/host.Tpo $(DEPDIR)/host.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='utils/host.c' object='host.lo' libtool=yes @AMDEPBACKSLASH@
+utils.lo: utils/utils.c
+@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT utils.lo -MD -MP -MF $(DEPDIR)/utils.Tpo -c -o utils.lo `test -f 'utils/utils.c' || echo '$(srcdir)/'`utils/utils.c
+@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/utils.Tpo $(DEPDIR)/utils.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='utils/utils.c' object='utils.lo' libtool=yes @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o host.lo `test -f 'utils/host.c' || echo '$(srcdir)/'`utils/host.c
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o utils.lo `test -f 'utils/utils.c' || echo '$(srcdir)/'`utils/utils.c
-packet.lo: utils/packet.c
-@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT packet.lo -MD -MP -MF $(DEPDIR)/packet.Tpo -c -o packet.lo `test -f 'utils/packet.c' || echo '$(srcdir)/'`utils/packet.c
-@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/packet.Tpo $(DEPDIR)/packet.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='utils/packet.c' object='packet.lo' libtool=yes @AMDEPBACKSLASH@
+chunk.lo: utils/chunk.c
+@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT chunk.lo -MD -MP -MF $(DEPDIR)/chunk.Tpo -c -o chunk.lo `test -f 'utils/chunk.c' || echo '$(srcdir)/'`utils/chunk.c
+@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/chunk.Tpo $(DEPDIR)/chunk.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='utils/chunk.c' object='chunk.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o chunk.lo `test -f 'utils/chunk.c' || echo '$(srcdir)/'`utils/chunk.c
+
+debug.lo: utils/debug.c
+@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT debug.lo -MD -MP -MF $(DEPDIR)/debug.Tpo -c -o debug.lo `test -f 'utils/debug.c' || echo '$(srcdir)/'`utils/debug.c
+@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/debug.Tpo $(DEPDIR)/debug.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='utils/debug.c' object='debug.lo' libtool=yes @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o packet.lo `test -f 'utils/packet.c' || echo '$(srcdir)/'`utils/packet.c
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o debug.lo `test -f 'utils/debug.c' || echo '$(srcdir)/'`utils/debug.c
+
+enum.lo: utils/enum.c
+@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT enum.lo -MD -MP -MF $(DEPDIR)/enum.Tpo -c -o enum.lo `test -f 'utils/enum.c' || echo '$(srcdir)/'`utils/enum.c
+@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/enum.Tpo $(DEPDIR)/enum.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='utils/enum.c' object='enum.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o enum.lo `test -f 'utils/enum.c' || echo '$(srcdir)/'`utils/enum.c
identification.lo: utils/identification.c
@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT identification.lo -MD -MP -MF $(DEPDIR)/identification.Tpo -c -o identification.lo `test -f 'utils/identification.c' || echo '$(srcdir)/'`utils/identification.c
@@ -1299,34 +1393,6 @@ lexparser.lo: utils/lexparser.c
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o lexparser.lo `test -f 'utils/lexparser.c' || echo '$(srcdir)/'`utils/lexparser.c
-linked_list.lo: utils/linked_list.c
-@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT linked_list.lo -MD -MP -MF $(DEPDIR)/linked_list.Tpo -c -o linked_list.lo `test -f 'utils/linked_list.c' || echo '$(srcdir)/'`utils/linked_list.c
-@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/linked_list.Tpo $(DEPDIR)/linked_list.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='utils/linked_list.c' object='linked_list.lo' libtool=yes @AMDEPBACKSLASH@
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o linked_list.lo `test -f 'utils/linked_list.c' || echo '$(srcdir)/'`utils/linked_list.c
-
-blocking_queue.lo: utils/blocking_queue.c
-@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT blocking_queue.lo -MD -MP -MF $(DEPDIR)/blocking_queue.Tpo -c -o blocking_queue.lo `test -f 'utils/blocking_queue.c' || echo '$(srcdir)/'`utils/blocking_queue.c
-@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/blocking_queue.Tpo $(DEPDIR)/blocking_queue.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='utils/blocking_queue.c' object='blocking_queue.lo' libtool=yes @AMDEPBACKSLASH@
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o blocking_queue.lo `test -f 'utils/blocking_queue.c' || echo '$(srcdir)/'`utils/blocking_queue.c
-
-hashtable.lo: utils/hashtable.c
-@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT hashtable.lo -MD -MP -MF $(DEPDIR)/hashtable.Tpo -c -o hashtable.lo `test -f 'utils/hashtable.c' || echo '$(srcdir)/'`utils/hashtable.c
-@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/hashtable.Tpo $(DEPDIR)/hashtable.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='utils/hashtable.c' object='hashtable.lo' libtool=yes @AMDEPBACKSLASH@
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o hashtable.lo `test -f 'utils/hashtable.c' || echo '$(srcdir)/'`utils/hashtable.c
-
-enumerator.lo: utils/enumerator.c
-@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT enumerator.lo -MD -MP -MF $(DEPDIR)/enumerator.Tpo -c -o enumerator.lo `test -f 'utils/enumerator.c' || echo '$(srcdir)/'`utils/enumerator.c
-@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/enumerator.Tpo $(DEPDIR)/enumerator.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='utils/enumerator.c' object='enumerator.lo' libtool=yes @AMDEPBACKSLASH@
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o enumerator.lo `test -f 'utils/enumerator.c' || echo '$(srcdir)/'`utils/enumerator.c
-
optionsfrom.lo: utils/optionsfrom.c
@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT optionsfrom.lo -MD -MP -MF $(DEPDIR)/optionsfrom.Tpo -c -o optionsfrom.lo `test -f 'utils/optionsfrom.c' || echo '$(srcdir)/'`utils/optionsfrom.c
@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/optionsfrom.Tpo $(DEPDIR)/optionsfrom.Plo
@@ -1348,12 +1414,19 @@ backtrace.lo: utils/backtrace.c
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o backtrace.lo `test -f 'utils/backtrace.c' || echo '$(srcdir)/'`utils/backtrace.c
-tun_device.lo: utils/tun_device.c
-@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT tun_device.lo -MD -MP -MF $(DEPDIR)/tun_device.Tpo -c -o tun_device.lo `test -f 'utils/tun_device.c' || echo '$(srcdir)/'`utils/tun_device.c
-@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/tun_device.Tpo $(DEPDIR)/tun_device.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='utils/tun_device.c' object='tun_device.lo' libtool=yes @AMDEPBACKSLASH@
+printf_hook.lo: utils/printf_hook.c
+@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT printf_hook.lo -MD -MP -MF $(DEPDIR)/printf_hook.Tpo -c -o printf_hook.lo `test -f 'utils/printf_hook.c' || echo '$(srcdir)/'`utils/printf_hook.c
+@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/printf_hook.Tpo $(DEPDIR)/printf_hook.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='utils/printf_hook.c' object='printf_hook.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o printf_hook.lo `test -f 'utils/printf_hook.c' || echo '$(srcdir)/'`utils/printf_hook.c
+
+settings.lo: utils/settings.c
+@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT settings.lo -MD -MP -MF $(DEPDIR)/settings.Tpo -c -o settings.lo `test -f 'utils/settings.c' || echo '$(srcdir)/'`utils/settings.c
+@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/settings.Tpo $(DEPDIR)/settings.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='utils/settings.c' object='settings.lo' libtool=yes @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o tun_device.lo `test -f 'utils/tun_device.c' || echo '$(srcdir)/'`utils/tun_device.c
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o settings.lo `test -f 'utils/settings.c' || echo '$(srcdir)/'`utils/settings.c
leak_detective.lo: utils/leak_detective.c
@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT leak_detective.lo -MD -MP -MF $(DEPDIR)/leak_detective.Tpo -c -o leak_detective.lo `test -f 'utils/leak_detective.c' || echo '$(srcdir)/'`utils/leak_detective.c
@@ -1362,6 +1435,13 @@ leak_detective.lo: utils/leak_detective.c
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o leak_detective.lo `test -f 'utils/leak_detective.c' || echo '$(srcdir)/'`utils/leak_detective.c
+integrity_checker.lo: utils/integrity_checker.c
+@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT integrity_checker.lo -MD -MP -MF $(DEPDIR)/integrity_checker.Tpo -c -o integrity_checker.lo `test -f 'utils/integrity_checker.c' || echo '$(srcdir)/'`utils/integrity_checker.c
+@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/integrity_checker.Tpo $(DEPDIR)/integrity_checker.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='utils/integrity_checker.c' object='integrity_checker.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o integrity_checker.lo `test -f 'utils/integrity_checker.c' || echo '$(srcdir)/'`utils/integrity_checker.c
+
mostlyclean-libtool:
-rm -f *.lo
@@ -1387,9 +1467,7 @@ uninstall-nobase_strongswan_includeHEADERS:
@$(NORMAL_UNINSTALL)
@list='$(nobase_strongswan_include_HEADERS)'; test -n "$(strongswan_includedir)" || list=; \
$(am__nobase_strip_setup); files=`$(am__nobase_strip)`; \
- test -n "$$files" || exit 0; \
- echo " ( cd '$(DESTDIR)$(strongswan_includedir)' && rm -f" $$files ")"; \
- cd "$(DESTDIR)$(strongswan_includedir)" && rm -f $$files
+ dir='$(DESTDIR)$(strongswan_includedir)'; $(am__uninstall_files_from_dir)
# This directory's subdirectories are mostly independent; you can cd
# into them and run `make' without going through this Makefile.
@@ -1604,10 +1682,15 @@ install-am: all-am
installcheck: installcheck-recursive
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
- install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
- `test -z '$(STRIP)' || \
- echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
mostlyclean-generic:
clean-generic:
diff --git a/src/libstrongswan/asn1/asn1.c b/src/libstrongswan/asn1/asn1.c
index c9f6fce25..f438cb20e 100644
--- a/src/libstrongswan/asn1/asn1.c
+++ b/src/libstrongswan/asn1/asn1.c
@@ -19,7 +19,7 @@
#include <string.h>
#include <time.h>
-#include <debug.h>
+#include <utils/debug.h>
#include "oid.h"
#include "asn1.h"
diff --git a/src/libstrongswan/asn1/asn1_parser.c b/src/libstrongswan/asn1/asn1_parser.c
index 40e11b321..c31fb75f0 100644
--- a/src/libstrongswan/asn1/asn1_parser.c
+++ b/src/libstrongswan/asn1/asn1_parser.c
@@ -19,7 +19,7 @@
#include <string.h>
#include <time.h>
-#include <debug.h>
+#include <utils/debug.h>
#include "asn1.h"
#include "asn1_parser.h"
diff --git a/src/libstrongswan/asn1/oid.c b/src/libstrongswan/asn1/oid.c
index b21299620..ec60be811 100644
--- a/src/libstrongswan/asn1/oid.c
+++ b/src/libstrongswan/asn1/oid.c
@@ -333,11 +333,11 @@ const oid_t oid_names[] = {
{ 0x25, 321, 0, 4, "sect409r1" }, /* 320 */
{ 0x26, 322, 0, 4, "sect571k1" }, /* 321 */
{ 0x27, 0, 0, 4, "sect571r1" }, /* 322 */
- {0x60, 369, 1, 0, "" }, /* 323 */
+ {0x60, 371, 1, 0, "" }, /* 323 */
{ 0x86, 0, 1, 1, "" }, /* 324 */
{ 0x48, 0, 1, 2, "" }, /* 325 */
{ 0x01, 0, 1, 3, "organization" }, /* 326 */
- { 0x65, 345, 1, 4, "gov" }, /* 327 */
+ { 0x65, 347, 1, 4, "gov" }, /* 327 */
{ 0x03, 0, 1, 5, "csor" }, /* 328 */
{ 0x04, 0, 1, 6, "nistalgorithm" }, /* 329 */
{ 0x01, 340, 1, 7, "aes" }, /* 330 */
@@ -354,37 +354,39 @@ const oid_t oid_names[] = {
{ 0x01, 342, 0, 8, "id-SHA-256" }, /* 341 */
{ 0x02, 343, 0, 8, "id-SHA-384" }, /* 342 */
{ 0x03, 344, 0, 8, "id-SHA-512" }, /* 343 */
- { 0x04, 0, 0, 8, "id-SHA-224" }, /* 344 */
- { 0x86, 0, 1, 4, "" }, /* 345 */
- { 0xf8, 0, 1, 5, "" }, /* 346 */
- { 0x42, 359, 1, 6, "netscape" }, /* 347 */
- { 0x01, 354, 1, 7, "" }, /* 348 */
- { 0x01, 350, 0, 8, "nsCertType" }, /* 349 */
- { 0x03, 351, 0, 8, "nsRevocationUrl" }, /* 350 */
- { 0x04, 352, 0, 8, "nsCaRevocationUrl" }, /* 351 */
- { 0x08, 353, 0, 8, "nsCaPolicyUrl" }, /* 352 */
- { 0x0d, 0, 0, 8, "nsComment" }, /* 353 */
- { 0x03, 357, 1, 7, "directory" }, /* 354 */
- { 0x01, 0, 1, 8, "" }, /* 355 */
- { 0x03, 0, 0, 9, "employeeNumber" }, /* 356 */
- { 0x04, 0, 1, 7, "policy" }, /* 357 */
- { 0x01, 0, 0, 8, "nsSGC" }, /* 358 */
- { 0x45, 0, 1, 6, "verisign" }, /* 359 */
- { 0x01, 0, 1, 7, "pki" }, /* 360 */
- { 0x09, 0, 1, 8, "attributes" }, /* 361 */
- { 0x02, 363, 0, 9, "messageType" }, /* 362 */
- { 0x03, 364, 0, 9, "pkiStatus" }, /* 363 */
- { 0x04, 365, 0, 9, "failInfo" }, /* 364 */
- { 0x05, 366, 0, 9, "senderNonce" }, /* 365 */
- { 0x06, 367, 0, 9, "recipientNonce" }, /* 366 */
- { 0x07, 368, 0, 9, "transID" }, /* 367 */
- { 0x08, 0, 0, 9, "extensionReq" }, /* 368 */
- {0x67, 0, 1, 0, "" }, /* 369 */
- { 0x81, 0, 1, 1, "" }, /* 370 */
- { 0x05, 0, 1, 2, "" }, /* 371 */
- { 0x02, 0, 1, 3, "tcg-attribute" }, /* 372 */
- { 0x01, 374, 0, 4, "tcg-at-tpmManufacturer" }, /* 373 */
- { 0x02, 375, 0, 4, "tcg-at-tpmModel" }, /* 374 */
- { 0x03, 376, 0, 4, "tcg-at-tpmVersion" }, /* 375 */
- { 0x0F, 0, 0, 4, "tcg-at-tpmIdLabel" } /* 376 */
+ { 0x04, 345, 0, 8, "id-SHA-224" }, /* 344 */
+ { 0x05, 346, 0, 8, "id-SHA-512-224" }, /* 345 */
+ { 0x06, 0, 0, 8, "id-SHA-512-256" }, /* 346 */
+ { 0x86, 0, 1, 4, "" }, /* 347 */
+ { 0xf8, 0, 1, 5, "" }, /* 348 */
+ { 0x42, 361, 1, 6, "netscape" }, /* 349 */
+ { 0x01, 356, 1, 7, "" }, /* 350 */
+ { 0x01, 352, 0, 8, "nsCertType" }, /* 351 */
+ { 0x03, 353, 0, 8, "nsRevocationUrl" }, /* 352 */
+ { 0x04, 354, 0, 8, "nsCaRevocationUrl" }, /* 353 */
+ { 0x08, 355, 0, 8, "nsCaPolicyUrl" }, /* 354 */
+ { 0x0d, 0, 0, 8, "nsComment" }, /* 355 */
+ { 0x03, 359, 1, 7, "directory" }, /* 356 */
+ { 0x01, 0, 1, 8, "" }, /* 357 */
+ { 0x03, 0, 0, 9, "employeeNumber" }, /* 358 */
+ { 0x04, 0, 1, 7, "policy" }, /* 359 */
+ { 0x01, 0, 0, 8, "nsSGC" }, /* 360 */
+ { 0x45, 0, 1, 6, "verisign" }, /* 361 */
+ { 0x01, 0, 1, 7, "pki" }, /* 362 */
+ { 0x09, 0, 1, 8, "attributes" }, /* 363 */
+ { 0x02, 365, 0, 9, "messageType" }, /* 364 */
+ { 0x03, 366, 0, 9, "pkiStatus" }, /* 365 */
+ { 0x04, 367, 0, 9, "failInfo" }, /* 366 */
+ { 0x05, 368, 0, 9, "senderNonce" }, /* 367 */
+ { 0x06, 369, 0, 9, "recipientNonce" }, /* 368 */
+ { 0x07, 370, 0, 9, "transID" }, /* 369 */
+ { 0x08, 0, 0, 9, "extensionReq" }, /* 370 */
+ {0x67, 0, 1, 0, "" }, /* 371 */
+ { 0x81, 0, 1, 1, "" }, /* 372 */
+ { 0x05, 0, 1, 2, "" }, /* 373 */
+ { 0x02, 0, 1, 3, "tcg-attribute" }, /* 374 */
+ { 0x01, 376, 0, 4, "tcg-at-tpmManufacturer" }, /* 375 */
+ { 0x02, 377, 0, 4, "tcg-at-tpmModel" }, /* 376 */
+ { 0x03, 378, 0, 4, "tcg-at-tpmVersion" }, /* 377 */
+ { 0x0F, 0, 0, 4, "tcg-at-tpmIdLabel" } /* 378 */
};
diff --git a/src/libstrongswan/asn1/oid.h b/src/libstrongswan/asn1/oid.h
index 5e30a3675..d9838ccd8 100644
--- a/src/libstrongswan/asn1/oid.h
+++ b/src/libstrongswan/asn1/oid.h
@@ -205,22 +205,22 @@ extern const oid_t oid_names[];
#define OID_SHA384 342
#define OID_SHA512 343
#define OID_SHA224 344
-#define OID_NS_REVOCATION_URL 350
-#define OID_NS_CA_REVOCATION_URL 351
-#define OID_NS_CA_POLICY_URL 352
-#define OID_NS_COMMENT 353
-#define OID_EMPLOYEE_NUMBER 356
-#define OID_PKI_MESSAGE_TYPE 362
-#define OID_PKI_STATUS 363
-#define OID_PKI_FAIL_INFO 364
-#define OID_PKI_SENDER_NONCE 365
-#define OID_PKI_RECIPIENT_NONCE 366
-#define OID_PKI_TRANS_ID 367
-#define OID_TPM_MANUFACTURER 373
-#define OID_TPM_MODEL 374
-#define OID_TPM_VERSION 375
-#define OID_TPM_ID_LABEL 376
+#define OID_NS_REVOCATION_URL 352
+#define OID_NS_CA_REVOCATION_URL 353
+#define OID_NS_CA_POLICY_URL 354
+#define OID_NS_COMMENT 355
+#define OID_EMPLOYEE_NUMBER 358
+#define OID_PKI_MESSAGE_TYPE 364
+#define OID_PKI_STATUS 365
+#define OID_PKI_FAIL_INFO 366
+#define OID_PKI_SENDER_NONCE 367
+#define OID_PKI_RECIPIENT_NONCE 368
+#define OID_PKI_TRANS_ID 369
+#define OID_TPM_MANUFACTURER 375
+#define OID_TPM_MODEL 376
+#define OID_TPM_VERSION 377
+#define OID_TPM_ID_LABEL 378
-#define OID_MAX 377
+#define OID_MAX 379
#endif /* OID_H_ */
diff --git a/src/libstrongswan/asn1/oid.txt b/src/libstrongswan/asn1/oid.txt
index 51a29eb33..c4677a537 100644
--- a/src/libstrongswan/asn1/oid.txt
+++ b/src/libstrongswan/asn1/oid.txt
@@ -343,6 +343,8 @@
0x02 "id-SHA-384" OID_SHA384
0x03 "id-SHA-512" OID_SHA512
0x04 "id-SHA-224" OID_SHA224
+ 0x05 "id-SHA-512-224"
+ 0x06 "id-SHA-512-256"
0x86 ""
0xf8 ""
0x42 "netscape"
diff --git a/src/libstrongswan/bio/bio_reader.c b/src/libstrongswan/bio/bio_reader.c
index 3a62bb541..17815d6c0 100644
--- a/src/libstrongswan/bio/bio_reader.c
+++ b/src/libstrongswan/bio/bio_reader.c
@@ -18,7 +18,7 @@
#include "bio_reader.h"
-#include <debug.h>
+#include <utils/debug.h>
typedef struct private_bio_reader_t private_bio_reader_t;
diff --git a/src/libstrongswan/bio/bio_writer.h b/src/libstrongswan/bio/bio_writer.h
index 57a5c3d38..2ac4f3556 100644
--- a/src/libstrongswan/bio/bio_writer.h
+++ b/src/libstrongswan/bio/bio_writer.h
@@ -126,8 +126,11 @@ struct bio_writer_t {
void (*wrap32)(bio_writer_t *this);
/**
- * Skips len bytes in the buffer before the next data is written, returns
- * a chunk covering the skipped bytes.
+ * Skips len bytes in the buffer, return chunk of skipped data.
+ *
+ * The returned chunk is not valid after calling any other writer function
+ * (except get_buf()), because a buffer reallocation might move the
+ * internal buffer to a different memory location!
*
* @param len number of bytes to skip
* @return chunk pointing to skipped bytes in the internal buffer
diff --git a/src/libstrongswan/utils/blocking_queue.c b/src/libstrongswan/collections/blocking_queue.c
index c70184198..da3356970 100644
--- a/src/libstrongswan/utils/blocking_queue.c
+++ b/src/libstrongswan/collections/blocking_queue.c
@@ -20,7 +20,7 @@
#include <threading/mutex.h>
#include <threading/thread.h>
#include <threading/condvar.h>
-#include <utils/linked_list.h>
+#include <collections/linked_list.h>
typedef struct private_blocking_queue_t private_blocking_queue_t;
diff --git a/src/libstrongswan/utils/blocking_queue.h b/src/libstrongswan/collections/blocking_queue.h
index cf2712cf4..9b014f719 100644
--- a/src/libstrongswan/utils/blocking_queue.h
+++ b/src/libstrongswan/collections/blocking_queue.h
@@ -17,7 +17,7 @@
/**
* @defgroup blocking_queue blocking_queue
- * @{ @ingroup utils
+ * @{ @ingroup collections
*/
#ifndef BLOCKING_QUEUE_H_
diff --git a/src/libstrongswan/utils/enumerator.c b/src/libstrongswan/collections/enumerator.c
index 53c94f9dd..f80cdabd2 100644
--- a/src/libstrongswan/utils/enumerator.c
+++ b/src/libstrongswan/collections/enumerator.c
@@ -25,7 +25,7 @@
#include <errno.h>
#include <string.h>
-#include <debug.h>
+#include <utils/debug.h>
/**
* Implementation of enumerator_create_empty().enumerate
diff --git a/src/libstrongswan/utils/enumerator.h b/src/libstrongswan/collections/enumerator.h
index 8c3d70173..299373a3e 100644
--- a/src/libstrongswan/utils/enumerator.h
+++ b/src/libstrongswan/collections/enumerator.h
@@ -15,7 +15,7 @@
/**
* @defgroup enumerator enumerator
- * @{ @ingroup utils
+ * @{ @ingroup collections
*/
#ifndef ENUMERATOR_H_
@@ -23,7 +23,7 @@
typedef struct enumerator_t enumerator_t;
-#include "../utils.h"
+#include <utils/utils.h>
/**
* Enumerator interface, allows enumeration over collections.
diff --git a/src/libstrongswan/utils/hashtable.c b/src/libstrongswan/collections/hashtable.c
index d181d8ec8..d181d8ec8 100644
--- a/src/libstrongswan/utils/hashtable.c
+++ b/src/libstrongswan/collections/hashtable.c
diff --git a/src/libstrongswan/utils/hashtable.h b/src/libstrongswan/collections/hashtable.h
index 0a21ca373..e38850ded 100644
--- a/src/libstrongswan/utils/hashtable.h
+++ b/src/libstrongswan/collections/hashtable.h
@@ -15,13 +15,13 @@
/**
* @defgroup hashtable hashtable
- * @{ @ingroup utils
+ * @{ @ingroup collections
*/
#ifndef HASHTABLE_H_
#define HASHTABLE_H_
-#include <utils/enumerator.h>
+#include <collections/enumerator.h>
typedef struct hashtable_t hashtable_t;
diff --git a/src/libstrongswan/utils/linked_list.c b/src/libstrongswan/collections/linked_list.c
index 1ff80999b..1ff80999b 100644
--- a/src/libstrongswan/utils/linked_list.c
+++ b/src/libstrongswan/collections/linked_list.c
diff --git a/src/libstrongswan/utils/linked_list.h b/src/libstrongswan/collections/linked_list.h
index 1b5518480..da539a231 100644
--- a/src/libstrongswan/utils/linked_list.h
+++ b/src/libstrongswan/collections/linked_list.h
@@ -17,7 +17,7 @@
/**
* @defgroup linked_list linked_list
- * @{ @ingroup utils
+ * @{ @ingroup collections
*/
#ifndef LINKED_LIST_H_
@@ -25,7 +25,7 @@
typedef struct linked_list_t linked_list_t;
-#include <utils/enumerator.h>
+#include <collections/enumerator.h>
/**
* Method to match elements in a linked list (used in find_* functions)
diff --git a/src/libstrongswan/credentials/auth_cfg.c b/src/libstrongswan/credentials/auth_cfg.c
index 6ee4f9b6e..a718de3dc 100644
--- a/src/libstrongswan/credentials/auth_cfg.c
+++ b/src/libstrongswan/credentials/auth_cfg.c
@@ -17,8 +17,8 @@
#include "auth_cfg.h"
#include <library.h>
-#include <debug.h>
-#include <utils/linked_list.h>
+#include <utils/debug.h>
+#include <collections/linked_list.h>
#include <utils/identification.h>
#include <eap/eap.h>
#include <credentials/certificates/certificate.h>
diff --git a/src/libstrongswan/credentials/auth_cfg.h b/src/libstrongswan/credentials/auth_cfg.h
index 79484a04c..d87935589 100644
--- a/src/libstrongswan/credentials/auth_cfg.h
+++ b/src/libstrongswan/credentials/auth_cfg.h
@@ -22,7 +22,7 @@
#ifndef AUTH_CFG_H_
#define AUTH_CFG_H_
-#include <utils/enumerator.h>
+#include <collections/enumerator.h>
typedef struct auth_cfg_t auth_cfg_t;
typedef enum auth_rule_t auth_rule_t;
diff --git a/src/libstrongswan/credentials/builder.c b/src/libstrongswan/credentials/builder.c
index d3157c80e..f5858382f 100644
--- a/src/libstrongswan/credentials/builder.c
+++ b/src/libstrongswan/credentials/builder.c
@@ -19,6 +19,7 @@ ENUM(builder_part_names, BUILD_FROM_FILE, BUILD_END,
"BUILD_FROM_FILE",
"BUILD_FROM_FD",
"BUILD_AGENT_SOCKET",
+ "BUILD_BLOB",
"BUILD_BLOB_ASN1_DER",
"BUILD_BLOB_PEM",
"BUILD_BLOB_PGP",
@@ -36,6 +37,7 @@ ENUM(builder_part_names, BUILD_FROM_FILE, BUILD_END,
"BUILD_NOT_AFTER_TIME",
"BUILD_SERIAL",
"BUILD_DIGEST_ALG",
+ "BUILD_ENCRYPTION_ALG",
"BUILD_IETF_GROUP_ATTR",
"BUILD_CA_CERT",
"BUILD_CERT",
@@ -53,6 +55,7 @@ ENUM(builder_part_names, BUILD_FROM_FILE, BUILD_END,
"BUILD_REVOKED_ENUMERATOR",
"BUILD_BASE_CRL",
"BUILD_CHALLENGE_PWD",
+ "BUILD_PKCS7_ATTRIBUTE",
"BUILD_PKCS11_MODULE",
"BUILD_PKCS11_SLOT",
"BUILD_PKCS11_KEYID",
@@ -64,6 +67,9 @@ ENUM(builder_part_names, BUILD_FROM_FILE, BUILD_END,
"BUILD_RSA_EXP1",
"BUILD_RSA_EXP2",
"BUILD_RSA_COEFF",
+ "BUILD_SAFE_PRIMES",
+ "BUILD_SHARES",
+ "BUILD_THRESHOLD",
"BUILD_END",
);
diff --git a/src/libstrongswan/credentials/builder.h b/src/libstrongswan/credentials/builder.h
index 41250ccae..740041aac 100644
--- a/src/libstrongswan/credentials/builder.h
+++ b/src/libstrongswan/credentials/builder.h
@@ -49,6 +49,8 @@ enum builder_part_t {
BUILD_FROM_FD,
/** unix socket of a ssh/pgp agent, char* */
BUILD_AGENT_SOCKET,
+ /** An arbitrary blob of data, chunk_t */
+ BUILD_BLOB,
/** DER encoded ASN.1 blob, chunk_t */
BUILD_BLOB_ASN1_DER,
/** PEM encoded ASN.1/PGP blob, chunk_t */
@@ -81,8 +83,10 @@ enum builder_part_t {
BUILD_NOT_AFTER_TIME,
/** a serial number in binary form, chunk_t */
BUILD_SERIAL,
- /** digest algorithm to be used for signature, int */
+ /** digest algorithm to be used for signature, hash_algorithm_t */
BUILD_DIGEST_ALG,
+ /** encryption algorithm to use, encryption_algorithm_t */
+ BUILD_ENCRYPTION_ALG,
/** a comma-separated list of ietf group attributes, char* */
BUILD_IETF_GROUP_ATTR,
/** a ca certificate, certificate_t* */
@@ -117,6 +121,8 @@ enum builder_part_t {
BUILD_BASE_CRL,
/** PKCS#10 challenge password */
BUILD_CHALLENGE_PWD,
+ /** PKCS#7 attribute, int oid, chunk_t with ASN1 type encoded value */
+ BUILD_PKCS7_ATTRIBUTE,
/** friendly name of a PKCS#11 module, null terminated char* */
BUILD_PKCS11_MODULE,
/** slot specifier for a token in a PKCS#11 module, int */
@@ -139,6 +145,12 @@ enum builder_part_t {
BUILD_RSA_EXP2,
/** coefficient (coeff) of a RSA key, chunk_t */
BUILD_RSA_COEFF,
+ /** generate (p) and (q) as safe primes */
+ BUILD_SAFE_PRIMES,
+ /** number of private key shares */
+ BUILD_SHARES,
+ /** minimum number of participating private key shares */
+ BUILD_THRESHOLD,
/** end of variable argument builder list */
BUILD_END,
};
diff --git a/src/libstrongswan/credentials/certificates/certificate.c b/src/libstrongswan/credentials/certificates/certificate.c
index 33ba4e907..bc4209ca7 100644
--- a/src/libstrongswan/credentials/certificates/certificate.c
+++ b/src/libstrongswan/credentials/certificates/certificate.c
@@ -15,7 +15,7 @@
#include "certificate.h"
-#include <debug.h>
+#include <utils/debug.h>
#include <credentials/certificates/x509.h>
ENUM(certificate_type_names, CERT_ANY, CERT_PLUTO_CRL,
diff --git a/src/libstrongswan/credentials/certificates/crl.c b/src/libstrongswan/credentials/certificates/crl.c
index 69bd80b84..09fd0bfc8 100644
--- a/src/libstrongswan/credentials/certificates/crl.c
+++ b/src/libstrongswan/credentials/certificates/crl.c
@@ -16,7 +16,7 @@
#include "crl.h"
-#include <debug.h>
+#include <utils/debug.h>
ENUM(crl_reason_names, CRL_REASON_UNSPECIFIED, CRL_REASON_REMOVE_FROM_CRL,
"unspecified",
diff --git a/src/libstrongswan/credentials/certificates/pkcs10.h b/src/libstrongswan/credentials/certificates/pkcs10.h
index 9a4979757..2f35eb6a5 100644
--- a/src/libstrongswan/credentials/certificates/pkcs10.h
+++ b/src/libstrongswan/credentials/certificates/pkcs10.h
@@ -21,7 +21,7 @@
#ifndef PKCS10_H_
#define PKCS10_H_
-#include <utils/enumerator.h>
+#include <collections/enumerator.h>
#include <credentials/certificates/certificate.h>
typedef struct pkcs10_t pkcs10_t;
diff --git a/src/libstrongswan/credentials/certificates/x509.h b/src/libstrongswan/credentials/certificates/x509.h
index 00171a718..4e8d4317f 100644
--- a/src/libstrongswan/credentials/certificates/x509.h
+++ b/src/libstrongswan/credentials/certificates/x509.h
@@ -21,7 +21,7 @@
#ifndef X509_H_
#define X509_H_
-#include <utils/enumerator.h>
+#include <collections/enumerator.h>
#include <credentials/certificates/certificate.h>
/* constraints are currently restricted to the range 0..127 */
diff --git a/src/libstrongswan/credentials/containers/container.c b/src/libstrongswan/credentials/containers/container.c
new file mode 100644
index 000000000..d1e67b21b
--- /dev/null
+++ b/src/libstrongswan/credentials/containers/container.c
@@ -0,0 +1,23 @@
+/*
+ * Copyright (C) 2012 Martin Willi
+ * Copyright (C) 2012 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "container.h"
+
+ENUM(container_type_names, CONTAINER_PKCS7, CONTAINER_PKCS7_ENVELOPED_DATA,
+ "PKCS7",
+ "PKCS7_DATA",
+ "PKCS7_SIGNED_DATA",
+ "PKCS7_ENVELOPED_DATA",
+);
diff --git a/src/libstrongswan/credentials/containers/container.h b/src/libstrongswan/credentials/containers/container.h
new file mode 100644
index 000000000..fc5c09041
--- /dev/null
+++ b/src/libstrongswan/credentials/containers/container.h
@@ -0,0 +1,93 @@
+/*
+ * Copyright (C) 2012 Martin Willi
+ * Copyright (C) 2012 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup container container
+ * @{ @ingroup containers
+ */
+
+#ifndef CONTAINER_H_
+#define CONTAINER_H_
+
+typedef struct container_t container_t;
+typedef enum container_type_t container_type_t;
+
+#include <utils/chunk.h>
+#include <collections/enumerator.h>
+
+/**
+ * Type of the container.
+ */
+enum container_type_t {
+ /** Any kind of PKCS7/CMS container */
+ CONTAINER_PKCS7,
+ /** PKCS7/CMS plain "data" */
+ CONTAINER_PKCS7_DATA,
+ /** PKCS7/CMS "signed-data" */
+ CONTAINER_PKCS7_SIGNED_DATA,
+ /** PKCS7/CMS "enveloped-data" */
+ CONTAINER_PKCS7_ENVELOPED_DATA,
+};
+
+/**
+ * Enum names for container_type_t
+ */
+extern enum_name_t *container_type_names;
+
+/**
+ * Generic interface for cryptographic containers.
+ */
+struct container_t {
+
+ /**
+ * Get the type of the container.
+ *
+ * @return container type
+ */
+ container_type_t (*get_type)(container_t *this);
+
+ /**
+ * Create an enumerator over trustchains for valid container signatures.
+ *
+ * @return enumerator over auth_cfg_t*
+ */
+ enumerator_t* (*create_signature_enumerator)(container_t *this);
+
+ /**
+ * Get signed/decrypted data wrapped in this container.
+ *
+ * This function does not verify any associated signatures, use
+ * create_signature_enumerator() to verify them.
+ *
+ * @param data allocated data wrapped in this container
+ * @return TRUE if data decrypted successfully
+ */
+ bool (*get_data)(container_t *this, chunk_t *data);
+
+ /**
+ * Get the encoding of the full signed/encrypted container.
+ *
+ * @param data allocated container encoding
+ * @return TRUE if encodign successful
+ */
+ bool (*get_encoding)(container_t *this, chunk_t *encoding);
+
+ /**
+ * Destroy a container_t.
+ */
+ void (*destroy)(container_t *this);
+};
+
+#endif /** CONTAINER_H_ @}*/
diff --git a/src/libstrongswan/credentials/containers/pkcs7.h b/src/libstrongswan/credentials/containers/pkcs7.h
new file mode 100644
index 000000000..d42d82b0b
--- /dev/null
+++ b/src/libstrongswan/credentials/containers/pkcs7.h
@@ -0,0 +1,63 @@
+/*
+ * Copyright (C) 2012 Martin Willi
+ * Copyright (C) 2012 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup pkcs7 pkcs7
+ * @{ @ingroup containers
+ */
+
+#ifndef PKCS7_H_
+#define PKCS7_H_
+
+#include <credentials/containers/container.h>
+
+typedef struct pkcs7_t pkcs7_t;
+
+/**
+ * PKCS#7/CMS container type.
+ */
+struct pkcs7_t {
+
+ /**
+ * Implements container_t.
+ */
+ container_t container;
+
+ /**
+ * Get an authenticated PKCS#9 attribute from PKCS#7 signerInfo.
+ *
+ * To select the signerInfo structure to get the attribute from, pass
+ * the enumerator position from container_t.create_signature_enumerator().
+ *
+ * The attribute returned does not contain type information and must be
+ * freed after use.
+ *
+ * @param oid OID from the attribute to get
+ * @param enumerator enumerator to select signerInfo
+ * @param value chunk receiving attribute value, allocated
+ * @return TRUE if attribute found
+ */
+ bool (*get_attribute)(pkcs7_t *this, int oid, enumerator_t *enumerator,
+ chunk_t *value);
+
+ /**
+ * Create an enumerator over attached certificates.
+ *
+ * @return enumerator over certificate_t
+ */
+ enumerator_t* (*create_cert_enumerator)(pkcs7_t *this);
+};
+
+#endif /** PKCS7_H_ @}*/
diff --git a/src/libstrongswan/credentials/cred_encoding.c b/src/libstrongswan/credentials/cred_encoding.c
index 4865984dd..53ac13cbb 100644
--- a/src/libstrongswan/credentials/cred_encoding.c
+++ b/src/libstrongswan/credentials/cred_encoding.c
@@ -17,8 +17,8 @@
#include <stdint.h>
-#include <utils/linked_list.h>
-#include <utils/hashtable.h>
+#include <collections/linked_list.h>
+#include <collections/hashtable.h>
#include <threading/rwlock.h>
typedef struct private_cred_encoding_t private_cred_encoding_t;
diff --git a/src/libstrongswan/credentials/credential_factory.c b/src/libstrongswan/credentials/credential_factory.c
index ff621012f..94c7820e1 100644
--- a/src/libstrongswan/credentials/credential_factory.c
+++ b/src/libstrongswan/credentials/credential_factory.c
@@ -17,17 +17,18 @@
#include "credential_factory.h"
-#include <debug.h>
-#include <utils/linked_list.h>
+#include <utils/debug.h>
+#include <collections/linked_list.h>
#include <threading/thread_value.h>
#include <threading/rwlock.h>
#include <credentials/certificates/x509.h>
+#include <credentials/containers/container.h>
-ENUM(credential_type_names, CRED_PRIVATE_KEY, CRED_CERTIFICATE,
+ENUM(credential_type_names, CRED_PRIVATE_KEY, CRED_CONTAINER,
"CRED_PRIVATE_KEY",
"CRED_PUBLIC_KEY",
"CRED_CERTIFICATE",
- "CRED_PLUTO_CERT",
+ "CRED_CONTAINER",
);
typedef struct private_credential_factory_t private_credential_factory_t;
@@ -139,11 +140,21 @@ METHOD(credential_factory_t, create, void*,
if (!construct && !level)
{
- enum_name_t *names = key_type_names;
+ enum_name_t *names;
- if (type == CRED_CERTIFICATE)
+ switch (type)
{
- names = certificate_type_names;
+ case CRED_CERTIFICATE:
+ names = certificate_type_names;
+ break;
+ case CRED_CONTAINER:
+ names = container_type_names;
+ break;
+ case CRED_PRIVATE_KEY:
+ case CRED_PUBLIC_KEY:
+ default:
+ names = key_type_names;
+ break;
}
DBG1(DBG_LIB, "building %N - %N failed, tried %d builders",
credential_type_names, type, names, subtype, failures);
diff --git a/src/libstrongswan/credentials/credential_factory.h b/src/libstrongswan/credentials/credential_factory.h
index c31601245..55b669529 100644
--- a/src/libstrongswan/credentials/credential_factory.h
+++ b/src/libstrongswan/credentials/credential_factory.h
@@ -28,6 +28,9 @@ typedef enum credential_type_t credential_type_t;
/**
* Kind of credential.
+ *
+ * While crypto containers are not really credentials, we still use the
+ * credential factory and builders create them.
*/
enum credential_type_t {
/** private key, implemented in private_key_t */
@@ -36,6 +39,8 @@ enum credential_type_t {
CRED_PUBLIC_KEY,
/** certificates, implemented in certificate_t */
CRED_CERTIFICATE,
+ /** crypto container, implemented in container_t */
+ CRED_CONTAINER,
};
/**
diff --git a/src/libstrongswan/credentials/credential_manager.c b/src/libstrongswan/credentials/credential_manager.c
index a96abdc69..9e40c5a10 100644
--- a/src/libstrongswan/credentials/credential_manager.c
+++ b/src/libstrongswan/credentials/credential_manager.c
@@ -16,11 +16,11 @@
#include "credential_manager.h"
#include <library.h>
-#include <debug.h>
+#include <utils/debug.h>
#include <threading/thread_value.h>
#include <threading/mutex.h>
#include <threading/rwlock.h>
-#include <utils/linked_list.h>
+#include <collections/linked_list.h>
#include <credentials/sets/cert_cache.h>
#include <credentials/sets/auth_cfg_wrapper.h>
#include <credentials/certificates/x509.h>
diff --git a/src/libstrongswan/credentials/credential_manager.h b/src/libstrongswan/credentials/credential_manager.h
index d9a47b7d7..73c585734 100644
--- a/src/libstrongswan/credentials/credential_manager.h
+++ b/src/libstrongswan/credentials/credential_manager.h
@@ -24,7 +24,7 @@
typedef struct credential_manager_t credential_manager_t;
#include <utils/identification.h>
-#include <utils/enumerator.h>
+#include <collections/enumerator.h>
#include <credentials/auth_cfg.h>
#include <credentials/credential_set.h>
#include <credentials/keys/private_key.h>
diff --git a/src/libstrongswan/credentials/ietf_attributes/ietf_attributes.c b/src/libstrongswan/credentials/ietf_attributes/ietf_attributes.c
index fb18fb53d..49af5a079 100644
--- a/src/libstrongswan/credentials/ietf_attributes/ietf_attributes.c
+++ b/src/libstrongswan/credentials/ietf_attributes/ietf_attributes.c
@@ -17,7 +17,7 @@
#include <asn1/oid.h>
#include <asn1/asn1.h>
#include <asn1/asn1_parser.h>
-#include <utils/linked_list.h>
+#include <collections/linked_list.h>
#include <utils/lexparser.h>
#include "ietf_attributes.h"
diff --git a/src/libstrongswan/credentials/keys/shared_key.h b/src/libstrongswan/credentials/keys/shared_key.h
index d00b8d12e..900c6613e 100644
--- a/src/libstrongswan/credentials/keys/shared_key.h
+++ b/src/libstrongswan/credentials/keys/shared_key.h
@@ -21,7 +21,7 @@
#ifndef SHARED_KEY_H_
#define SHARED_KEY_H_
-#include <utils/enumerator.h>
+#include <collections/enumerator.h>
#include <utils/identification.h>
typedef struct shared_key_t shared_key_t;
diff --git a/src/libstrongswan/credentials/sets/auth_cfg_wrapper.c b/src/libstrongswan/credentials/sets/auth_cfg_wrapper.c
index 2cef23328..46bfb5c6e 100644
--- a/src/libstrongswan/credentials/sets/auth_cfg_wrapper.c
+++ b/src/libstrongswan/credentials/sets/auth_cfg_wrapper.c
@@ -15,7 +15,7 @@
*/
#include <library.h>
-#include <debug.h>
+#include <utils/debug.h>
#include "auth_cfg_wrapper.h"
diff --git a/src/libstrongswan/credentials/sets/cert_cache.c b/src/libstrongswan/credentials/sets/cert_cache.c
index a7d0ed8f9..e8f0e7ec0 100644
--- a/src/libstrongswan/credentials/sets/cert_cache.c
+++ b/src/libstrongswan/credentials/sets/cert_cache.c
@@ -20,7 +20,7 @@
#include <library.h>
#include <threading/rwlock.h>
-#include <utils/linked_list.h>
+#include <collections/linked_list.h>
/** cache size, a power of 2 for fast modulo */
#define CACHE_SIZE 32
diff --git a/src/libstrongswan/credentials/sets/mem_cred.c b/src/libstrongswan/credentials/sets/mem_cred.c
index e023e8443..d697a56ef 100644
--- a/src/libstrongswan/credentials/sets/mem_cred.c
+++ b/src/libstrongswan/credentials/sets/mem_cred.c
@@ -18,7 +18,7 @@
#include "mem_cred.h"
#include <threading/rwlock.h>
-#include <utils/linked_list.h>
+#include <collections/linked_list.h>
typedef struct private_mem_cred_t private_mem_cred_t;
diff --git a/src/libstrongswan/credentials/sets/mem_cred.h b/src/libstrongswan/credentials/sets/mem_cred.h
index eb46b065b..20447207c 100644
--- a/src/libstrongswan/credentials/sets/mem_cred.h
+++ b/src/libstrongswan/credentials/sets/mem_cred.h
@@ -27,7 +27,7 @@ typedef struct mem_cred_t mem_cred_t;
#include <credentials/credential_set.h>
#include <credentials/certificates/crl.h>
-#include <utils/linked_list.h>
+#include <collections/linked_list.h>
/**
* Generic in-memory credential set.
diff --git a/src/libstrongswan/crypto/aead.c b/src/libstrongswan/crypto/aead.c
index 02fb8d50a..32a0e6759 100644
--- a/src/libstrongswan/crypto/aead.c
+++ b/src/libstrongswan/crypto/aead.c
@@ -15,7 +15,7 @@
#include "aead.h"
-#include <debug.h>
+#include <utils/debug.h>
typedef struct private_aead_t private_aead_t;
diff --git a/src/libstrongswan/crypto/crypto_factory.c b/src/libstrongswan/crypto/crypto_factory.c
index 3736ae38f..5a363e9f0 100644
--- a/src/libstrongswan/crypto/crypto_factory.c
+++ b/src/libstrongswan/crypto/crypto_factory.c
@@ -15,9 +15,9 @@
#include "crypto_factory.h"
-#include <debug.h>
+#include <utils/debug.h>
#include <threading/rwlock.h>
-#include <utils/linked_list.h>
+#include <collections/linked_list.h>
#include <crypto/crypto_tester.h>
const char *default_plugin_name = "default";
diff --git a/src/libstrongswan/crypto/crypto_factory.h b/src/libstrongswan/crypto/crypto_factory.h
index 611ca0bbb..5d23c8977 100644
--- a/src/libstrongswan/crypto/crypto_factory.h
+++ b/src/libstrongswan/crypto/crypto_factory.h
@@ -24,6 +24,7 @@
typedef struct crypto_factory_t crypto_factory_t;
#include <library.h>
+#include <collections/enumerator.h>
#include <crypto/crypters/crypter.h>
#include <crypto/aead.h>
#include <crypto/signers/signer.h>
diff --git a/src/libstrongswan/crypto/crypto_tester.c b/src/libstrongswan/crypto/crypto_tester.c
index 01e84a133..08b226468 100644
--- a/src/libstrongswan/crypto/crypto_tester.c
+++ b/src/libstrongswan/crypto/crypto_tester.c
@@ -20,8 +20,8 @@
#include "crypto_tester.h"
-#include <debug.h>
-#include <utils/linked_list.h>
+#include <utils/debug.h>
+#include <collections/linked_list.h>
typedef struct private_crypto_tester_t private_crypto_tester_t;
diff --git a/src/libstrongswan/crypto/nonce_gen.h b/src/libstrongswan/crypto/nonce_gen.h
index 50f3c0090..7dae4f776 100644
--- a/src/libstrongswan/crypto/nonce_gen.h
+++ b/src/libstrongswan/crypto/nonce_gen.h
@@ -35,7 +35,7 @@ struct nonce_gen_t {
*
* @param size size of nonce in bytes
* @param buffer pointer where the generated nonce will be written
- * @return TRUE if nonce allocation was succesful, FALSE otherwise
+ * @return TRUE if nonce allocation was successful, FALSE otherwise
*/
bool (*get_nonce)(nonce_gen_t *this, size_t size,
u_int8_t *buffer) __attribute__((warn_unused_result));
@@ -45,7 +45,7 @@ struct nonce_gen_t {
*
* @param size size of nonce in bytes
* @param chunk chunk which will hold the generated nonce
- * @return TRUE if nonce allocation was succesful, FALSE otherwise
+ * @return TRUE if nonce allocation was successful, FALSE otherwise
*/
bool (*allocate_nonce)(nonce_gen_t *this, size_t size,
chunk_t *chunk) __attribute__((warn_unused_result));
diff --git a/src/libstrongswan/crypto/pkcs7.c b/src/libstrongswan/crypto/pkcs7.c
deleted file mode 100644
index 0ec19f2cd..000000000
--- a/src/libstrongswan/crypto/pkcs7.c
+++ /dev/null
@@ -1,1061 +0,0 @@
-/*
- * Copyright (C) 2012 Tobias Brunner
- * Copyright (C) 2002-2008 Andreas Steffen
- * Copyright (C) 2005 Jan Hutter, Martin Willi
- * Hochschule fuer Technik Rapperswil, Switzerland
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include <stdlib.h>
-#include <string.h>
-#include <time.h>
-
-#include <library.h>
-#include <debug.h>
-
-#include <asn1/oid.h>
-#include <asn1/asn1.h>
-#include <asn1/asn1_parser.h>
-#include <credentials/certificates/x509.h>
-#include <credentials/keys/public_key.h>
-#include <crypto/pkcs9.h>
-#include <crypto/hashers/hasher.h>
-#include <crypto/crypters/crypter.h>
-#include <utils/linked_list.h>
-
-#include "pkcs7.h"
-
-typedef struct private_pkcs7_t private_pkcs7_t;
-
-/**
- * Private data of a pkcs7_t object.
- */
-struct private_pkcs7_t {
- /**
- * Public interface for this certificate.
- */
- pkcs7_t public;
-
- /**
- * contentInfo type
- */
- int type;
-
- /**
- * ASN.1 encoded content
- */
- chunk_t content;
-
- /**
- * ASN.1 parsing start level
- */
- u_int level;
-
- /**
- * retrieved data
- */
- chunk_t data;
-
- /**
- * ASN.1 encoded attributes
- */
- pkcs9_t *attributes;
-
- /**
- * Linked list of X.509 certificates
- */
- linked_list_t *certs;
-};
-
-METHOD(pkcs7_t, is_data, bool,
- private_pkcs7_t *this)
-{
- return this->type == OID_PKCS7_DATA;
-}
-
-METHOD(pkcs7_t, is_signedData, bool,
- private_pkcs7_t *this)
-{
- return this->type == OID_PKCS7_SIGNED_DATA;
-}
-
-METHOD(pkcs7_t, is_envelopedData, bool,
- private_pkcs7_t *this)
-{
- return this->type == OID_PKCS7_ENVELOPED_DATA;
-}
-
-/**
- * ASN.1 definition of the PKCS#7 ContentInfo type
- */
-static const asn1Object_t contentInfoObjects[] = {
- { 0, "contentInfo", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
- { 1, "contentType", ASN1_OID, ASN1_BODY }, /* 1 */
- { 1, "content", ASN1_CONTEXT_C_0, ASN1_OPT |
- ASN1_BODY }, /* 2 */
- { 1, "end opt", ASN1_EOC, ASN1_END }, /* 3 */
- { 0, "exit", ASN1_EOC, ASN1_EXIT }
-};
-#define PKCS7_INFO_TYPE 1
-#define PKCS7_INFO_CONTENT 2
-
-/**
- * Parse PKCS#7 contentInfo object
- */
-static bool parse_contentInfo(private_pkcs7_t *this)
-{
- asn1_parser_t *parser;
- chunk_t object;
- int objectID;
- bool success = FALSE;
-
- if (!this->data.ptr)
- {
- return FALSE;
- }
-
- parser = asn1_parser_create(contentInfoObjects, this->data);
- parser->set_top_level(parser, this->level);
-
- while (parser->iterate(parser, &objectID, &object))
- {
- if (objectID == PKCS7_INFO_TYPE)
- {
- this->type = asn1_known_oid(object);
- if (this->type < OID_PKCS7_DATA ||
- this->type > OID_PKCS7_ENCRYPTED_DATA)
- {
- DBG1(DBG_LIB, "unknown pkcs7 content type");
- goto end;
- }
- }
- else if (objectID == PKCS7_INFO_CONTENT && object.len > 0)
- {
- chunk_free(&this->content);
- this->content = chunk_clone(object);
- }
- }
- success = parser->success(parser);
-
- if (success)
- {
- this->level += 2;
- chunk_free(&this->data);
- }
-
-end:
- parser->destroy(parser);
- return success;
-}
-
-/**
- * Check whether to abort the requested parsing
- */
-static bool abort_parsing(private_pkcs7_t *this, int type)
-{
- if (this->type != type)
- {
- DBG1(DBG_LIB, "pkcs7 content to be parsed is not of type '%s'",
- oid_names[type].name);
- return TRUE;
- }
- return FALSE;
-}
-
-METHOD(pkcs7_t, parse_data, bool,
- private_pkcs7_t *this)
-{
- chunk_t data;
-
- if (!parse_contentInfo(this) ||
- abort_parsing(this, OID_PKCS7_DATA))
- {
- return FALSE;
- }
- data = this->content;
- if (data.len == 0)
- {
- this->data = chunk_empty;
- return TRUE;
- }
- if (asn1_parse_simple_object(&data, ASN1_OCTET_STRING,
- this->level, "data"))
- {
- this->data = chunk_clone(data);
- return TRUE;
- }
- return FALSE;
-}
-
-/**
- * ASN.1 definition of the PKCS#7 signedData type
- */
-static const asn1Object_t signedDataObjects[] = {
- { 0, "signedData", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
- { 1, "version", ASN1_INTEGER, ASN1_BODY }, /* 1 */
- { 1, "digestAlgorithms", ASN1_SET, ASN1_LOOP }, /* 2 */
- { 2, "algorithm", ASN1_EOC, ASN1_RAW }, /* 3 */
- { 1, "end loop", ASN1_EOC, ASN1_END }, /* 4 */
- { 1, "contentInfo", ASN1_EOC, ASN1_RAW }, /* 5 */
- { 1, "certificates", ASN1_CONTEXT_C_0, ASN1_OPT |
- ASN1_LOOP }, /* 6 */
- { 2, "certificate", ASN1_SEQUENCE, ASN1_OBJ }, /* 7 */
- { 1, "end opt or loop", ASN1_EOC, ASN1_END }, /* 8 */
- { 1, "crls", ASN1_CONTEXT_C_1, ASN1_OPT |
- ASN1_LOOP }, /* 9 */
- { 2, "crl", ASN1_SEQUENCE, ASN1_OBJ }, /* 10 */
- { 1, "end opt or loop", ASN1_EOC, ASN1_END }, /* 11 */
- { 1, "signerInfos", ASN1_SET, ASN1_LOOP }, /* 12 */
- { 2, "signerInfo", ASN1_SEQUENCE, ASN1_NONE }, /* 13 */
- { 3, "version", ASN1_INTEGER, ASN1_BODY }, /* 14 */
- { 3, "issuerAndSerialNumber", ASN1_SEQUENCE, ASN1_BODY }, /* 15 */
- { 4, "issuer", ASN1_SEQUENCE, ASN1_OBJ }, /* 16 */
- { 4, "serial", ASN1_INTEGER, ASN1_BODY }, /* 17 */
- { 3, "digestAlgorithm", ASN1_EOC, ASN1_RAW }, /* 18 */
- { 3, "authenticatedAttributes", ASN1_CONTEXT_C_0, ASN1_OPT |
- ASN1_OBJ }, /* 19 */
- { 3, "end opt", ASN1_EOC, ASN1_END }, /* 20 */
- { 3, "digestEncryptionAlgorithm", ASN1_EOC, ASN1_RAW }, /* 21 */
- { 3, "encryptedDigest", ASN1_OCTET_STRING, ASN1_BODY }, /* 22 */
- { 3, "unauthenticatedAttributes", ASN1_CONTEXT_C_1, ASN1_OPT }, /* 23 */
- { 3, "end opt", ASN1_EOC, ASN1_END }, /* 24 */
- { 1, "end loop", ASN1_EOC, ASN1_END }, /* 25 */
- { 0, "exit", ASN1_EOC, ASN1_EXIT }
-};
-#define PKCS7_SIGNED_VERSION 1
-#define PKCS7_DIGEST_ALG 3
-#define PKCS7_SIGNED_CONTENT_INFO 5
-#define PKCS7_SIGNED_CERT 7
-#define PKCS7_SIGNER_INFO 13
-#define PKCS7_SIGNER_INFO_VERSION 14
-#define PKCS7_SIGNED_ISSUER 16
-#define PKCS7_SIGNED_SERIAL_NUMBER 17
-#define PKCS7_DIGEST_ALGORITHM 18
-#define PKCS7_AUTH_ATTRIBUTES 19
-#define PKCS7_DIGEST_ENC_ALGORITHM 21
-#define PKCS7_ENCRYPTED_DIGEST 22
-
-METHOD(pkcs7_t, parse_signedData, bool,
- private_pkcs7_t *this, certificate_t *cacert)
-{
- asn1_parser_t *parser;
- chunk_t object;
- int objectID, version;
- int digest_alg = OID_UNKNOWN;
- int enc_alg = OID_UNKNOWN;
- int signerInfos = 0;
- bool success = FALSE;
-
- chunk_t encrypted_digest = chunk_empty;
-
- if (!parse_contentInfo(this) ||
- abort_parsing(this, OID_PKCS7_SIGNED_DATA))
- {
- return FALSE;
- }
-
- parser = asn1_parser_create(signedDataObjects, this->content);
- parser->set_top_level(parser, this->level);
-
- while (parser->iterate(parser, &objectID, &object))
- {
- u_int level = parser->get_level(parser);
-
- switch (objectID)
- {
- case PKCS7_SIGNED_VERSION:
- version = object.len ? (int)*object.ptr : 0;
- DBG2(DBG_LIB, " v%d", version);
- break;
- case PKCS7_DIGEST_ALG:
- digest_alg = asn1_parse_algorithmIdentifier(object, level, NULL);
- break;
- case PKCS7_SIGNED_CONTENT_INFO:
- {
- pkcs7_t *data = pkcs7_create_from_chunk(object, level+1);
-
- if (!data || !data->parse_data(data))
- {
- DESTROY_IF(data);
- goto end;
- }
- this->data = chunk_clone(data->get_data(data));
- data->destroy(data);
- break;
- }
- case PKCS7_SIGNED_CERT:
- {
- certificate_t *cert;
-
- DBG2(DBG_LIB, " parsing pkcs7-wrapped certificate");
- cert = lib->creds->create(lib->creds,
- CRED_CERTIFICATE, CERT_X509,
- BUILD_BLOB_ASN1_DER, object,
- BUILD_END);
- if (cert)
- {
- this->certs->insert_last(this->certs, cert);
- }
- break;
- }
- case PKCS7_SIGNER_INFO:
- signerInfos++;
- DBG2(DBG_LIB, " signer #%d", signerInfos);
- break;
- case PKCS7_SIGNER_INFO_VERSION:
- version = object.len ? (int)*object.ptr : 0;
- DBG2(DBG_LIB, " v%d", version);
- break;
- case PKCS7_SIGNED_ISSUER:
- {
- identification_t *issuer;
-
- issuer = identification_create_from_encoding(ID_DER_ASN1_DN, object);
- DBG2(DBG_LIB, " '%Y'", issuer);
- issuer->destroy(issuer);
- break;
- }
- case PKCS7_AUTH_ATTRIBUTES:
- *object.ptr = ASN1_SET;
- this->attributes = pkcs9_create_from_chunk(object, level+1);
- *object.ptr = ASN1_CONTEXT_C_0;
- break;
- case PKCS7_DIGEST_ALGORITHM:
- digest_alg = asn1_parse_algorithmIdentifier(object, level, NULL);
- break;
- case PKCS7_DIGEST_ENC_ALGORITHM:
- enc_alg = asn1_parse_algorithmIdentifier(object, level, NULL);
- break;
- case PKCS7_ENCRYPTED_DIGEST:
- encrypted_digest = object;
- }
- }
- success = parser->success(parser);
-
-end:
- parser->destroy(parser);
- if (!success)
- {
- return FALSE;
- }
-
- /* check the signature only if a cacert is available */
- if (cacert != NULL)
- {
- signature_scheme_t scheme;
- public_key_t *key;
-
- scheme = signature_scheme_from_oid(digest_alg);
- if (scheme == SIGN_UNKNOWN)
- {
- DBG1(DBG_LIB, "unsupported signature scheme");
- return FALSE;
- }
- if (signerInfos == 0)
- {
- DBG1(DBG_LIB, "no signerInfo object found");
- return FALSE;
- }
- else if (signerInfos > 1)
- {
- DBG1(DBG_LIB, "more than one signerInfo object found");
- return FALSE;
- }
- if (this->attributes == NULL)
- {
- DBG1(DBG_LIB, "no authenticatedAttributes object found");
- return FALSE;
- }
- if (enc_alg != OID_RSA_ENCRYPTION)
- {
- DBG1(DBG_LIB, "only RSA digest encryption supported");
- return FALSE;
- }
-
- /* verify the signature */
- key = cacert->get_public_key(cacert);
- if (key == NULL)
- {
- DBG1(DBG_LIB, "no public key found in CA certificate");
- return FALSE;
- }
- if (key->verify(key, scheme,
- this->attributes->get_encoding(this->attributes), encrypted_digest))
- {
- DBG2(DBG_LIB, "signature is valid");
- }
- else
- {
- DBG1(DBG_LIB, "invalid signature");
- key->destroy(key);
- return FALSE;
- }
- key->destroy(key);
-
- if (this->data.ptr != NULL)
- {
- chunk_t messageDigest;
-
- messageDigest = this->attributes->get_attribute(this->attributes,
- OID_PKCS9_MESSAGE_DIGEST);
- if (messageDigest.ptr == NULL)
- {
- DBG1(DBG_LIB, "messageDigest attribute not found");
- return FALSE;
- }
- else
- {
- hash_algorithm_t algorithm;
- hasher_t *hasher;
- chunk_t hash;
- bool valid;
-
- algorithm = hasher_algorithm_from_oid(digest_alg);
- hasher = lib->crypto->create_hasher(lib->crypto, algorithm);
- if (!hasher || !hasher->allocate_hash(hasher, this->data, &hash))
- {
- DESTROY_IF(hasher);
- DBG1(DBG_LIB, "hash algorithm %N not supported",
- hash_algorithm_names, algorithm);
- return FALSE;
- }
- hasher->destroy(hasher);
- DBG3(DBG_LIB, "hash: %B", &hash);
-
- valid = chunk_equals(messageDigest, hash);
- free(hash.ptr);
- if (valid)
- {
- DBG2(DBG_LIB, "messageDigest is valid");
- }
- else
- {
- DBG1(DBG_LIB, "invalid messageDigest");
- return FALSE;
- }
- }
- }
- }
- return TRUE;
-}
-
-/**
- * ASN.1 definition of the PKCS#7 envelopedData type
- */
-static const asn1Object_t envelopedDataObjects[] = {
- { 0, "envelopedData", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
- { 1, "version", ASN1_INTEGER, ASN1_BODY }, /* 1 */
- { 1, "recipientInfos", ASN1_SET, ASN1_LOOP }, /* 2 */
- { 2, "recipientInfo", ASN1_SEQUENCE, ASN1_BODY }, /* 3 */
- { 3, "version", ASN1_INTEGER, ASN1_BODY }, /* 4 */
- { 3, "issuerAndSerialNumber", ASN1_SEQUENCE, ASN1_BODY }, /* 5 */
- { 4, "issuer", ASN1_SEQUENCE, ASN1_OBJ }, /* 6 */
- { 4, "serial", ASN1_INTEGER, ASN1_BODY }, /* 7 */
- { 3, "encryptionAlgorithm", ASN1_EOC, ASN1_RAW }, /* 8 */
- { 3, "encryptedKey", ASN1_OCTET_STRING, ASN1_BODY }, /* 9 */
- { 1, "end loop", ASN1_EOC, ASN1_END }, /* 10 */
- { 1, "encryptedContentInfo", ASN1_SEQUENCE, ASN1_OBJ }, /* 11 */
- { 2, "contentType", ASN1_OID, ASN1_BODY }, /* 12 */
- { 2, "contentEncryptionAlgorithm", ASN1_EOC, ASN1_RAW }, /* 13 */
- { 2, "encryptedContent", ASN1_CONTEXT_S_0, ASN1_BODY }, /* 14 */
- { 0, "exit", ASN1_EOC, ASN1_EXIT }
-};
-#define PKCS7_ENVELOPED_VERSION 1
-#define PKCS7_RECIPIENT_INFO_VERSION 4
-#define PKCS7_ISSUER 6
-#define PKCS7_SERIAL_NUMBER 7
-#define PKCS7_ENCRYPTION_ALG 8
-#define PKCS7_ENCRYPTED_KEY 9
-#define PKCS7_CONTENT_TYPE 12
-#define PKCS7_CONTENT_ENC_ALGORITHM 13
-#define PKCS7_ENCRYPTED_CONTENT 14
-
-METHOD(pkcs7_t, parse_envelopedData, bool,
- private_pkcs7_t *this, chunk_t serialNumber, private_key_t *key)
-{
- asn1_parser_t *parser;
- chunk_t object;
- int objectID, version;
- bool success = FALSE;
-
- chunk_t iv = chunk_empty;
- chunk_t symmetric_key = chunk_empty;
- chunk_t encrypted_content = chunk_empty;
-
- crypter_t *crypter = NULL;
-
- if (!parse_contentInfo(this) ||
- abort_parsing(this, OID_PKCS7_ENVELOPED_DATA))
- {
- return FALSE;
- }
-
- parser = asn1_parser_create(envelopedDataObjects, this->content);
- parser->set_top_level(parser, this->level);
-
- while (parser->iterate(parser, &objectID, &object))
- {
- u_int level = parser->get_level(parser);
-
- switch (objectID)
- {
- case PKCS7_ENVELOPED_VERSION:
- {
- version = object.len ? (int)*object.ptr : 0;
- DBG2(DBG_LIB, " v%d", version);
- if (version != 0)
- {
- DBG1(DBG_LIB, "envelopedData version is not 0");
- goto end;
- }
- break;
- }
- case PKCS7_RECIPIENT_INFO_VERSION:
- {
- version = object.len ? (int)*object.ptr : 0;
- DBG2(DBG_LIB, " v%d", version);
- if (version != 0)
- {
- DBG1(DBG_LIB, "recipient info version is not 0");
- goto end;
- }
- break;
- }
- case PKCS7_ISSUER:
- {
- identification_t *issuer;
-
- issuer = identification_create_from_encoding(ID_DER_ASN1_DN,
- object);
- DBG2(DBG_LIB, " '%Y'", issuer);
- issuer->destroy(issuer);
- break;
- }
- case PKCS7_SERIAL_NUMBER:
- {
- if (!chunk_equals(serialNumber, object))
- {
- DBG1(DBG_LIB, "serial numbers do not match");
- goto end;
- }
- break;
- }
- case PKCS7_ENCRYPTION_ALG:
- {
- int alg;
-
- alg = asn1_parse_algorithmIdentifier(object, level, NULL);
- if (alg != OID_RSA_ENCRYPTION)
- {
- DBG1(DBG_LIB, "only rsa encryption supported");
- goto end;
- }
- break;
- }
- case PKCS7_ENCRYPTED_KEY:
- {
- if (!key->decrypt(key, ENCRYPT_RSA_PKCS1, object, &symmetric_key))
- {
- DBG1(DBG_LIB, "symmetric key could not be decrypted with rsa");
- goto end;
- }
- DBG4(DBG_LIB, "symmetric key %B", &symmetric_key);
- break;
- }
- case PKCS7_CONTENT_TYPE:
- {
- if (asn1_known_oid(object) != OID_PKCS7_DATA)
- {
- DBG1(DBG_LIB, "encrypted content not of type pkcs7 data");
- goto end;
- }
- break;
- }
- case PKCS7_CONTENT_ENC_ALGORITHM:
- {
- encryption_algorithm_t enc_alg;
- size_t key_size;
- int alg;
-
- alg = asn1_parse_algorithmIdentifier(object, level, &iv);
- enc_alg = encryption_algorithm_from_oid(alg, &key_size);
- if (enc_alg == ENCR_UNDEFINED)
- {
- DBG1(DBG_LIB, "unsupported content encryption algorithm");
- goto end;
- }
- crypter = lib->crypto->create_crypter(lib->crypto, enc_alg,
- key_size);
- if (crypter == NULL)
- {
- DBG1(DBG_LIB, "crypter %N not available",
- encryption_algorithm_names, enc_alg);
- goto end;
- }
- if (symmetric_key.len != crypter->get_key_size(crypter))
- {
- DBG1(DBG_LIB, "symmetric key length %d is wrong",
- symmetric_key.len);
- goto end;
- }
- if (!asn1_parse_simple_object(&iv, ASN1_OCTET_STRING,
- level + 1, "IV"))
- {
- DBG1(DBG_LIB, "IV could not be parsed");
- goto end;
- }
- if (iv.len != crypter->get_iv_size(crypter))
- {
- DBG1(DBG_LIB, "IV length %d is wrong", iv.len);
- goto end;
- }
- break;
- }
- case PKCS7_ENCRYPTED_CONTENT:
- {
- encrypted_content = object;
- break;
- }
- }
- }
- success = parser->success(parser);
-
-end:
- parser->destroy(parser);
- if (!success)
- {
- goto failed;
- }
- success = FALSE;
-
- /* decrypt the content */
- if (!crypter->set_key(crypter, symmetric_key) ||
- !crypter->decrypt(crypter, encrypted_content, iv, &this->data))
- {
- success = FALSE;
- goto failed;
- }
- DBG4(DBG_LIB, "decrypted content with padding: %B", &this->data);
-
- /* remove the padding */
- {
- u_char *pos = this->data.ptr + this->data.len - 1;
- u_char pattern = *pos;
- size_t padding = pattern;
-
- if (padding > this->data.len)
- {
- DBG1(DBG_LIB, "padding greater than data length");
- goto failed;
- }
- this->data.len -= padding;
-
- while (padding-- > 0)
- {
- if (*pos-- != pattern)
- {
- DBG1(DBG_LIB, "wrong padding pattern");
- goto failed;
- }
- }
- }
- success = TRUE;
-
-failed:
- DESTROY_IF(crypter);
- chunk_clear(&symmetric_key);
- if (!success)
- {
- chunk_free(&this->data);
- }
- return success;
-}
-
-METHOD(pkcs7_t, get_data, chunk_t,
- private_pkcs7_t *this)
-{
- return this->data;
-}
-
-METHOD(pkcs7_t, get_contentInfo, chunk_t,
- private_pkcs7_t *this)
-{
- chunk_t content_type;
-
- /* create DER-encoded OID for pkcs7_contentInfo type */
- switch(this->type)
- {
- case OID_PKCS7_DATA:
- case OID_PKCS7_SIGNED_DATA:
- case OID_PKCS7_ENVELOPED_DATA:
- case OID_PKCS7_SIGNED_ENVELOPED_DATA:
- case OID_PKCS7_DIGESTED_DATA:
- case OID_PKCS7_ENCRYPTED_DATA:
- content_type = asn1_build_known_oid(this->type);
- break;
- case OID_UNKNOWN:
- default:
- DBG1(DBG_LIB, "invalid pkcs7 contentInfo type");
- return chunk_empty;
- }
-
- return this->content.ptr == NULL
- ? asn1_wrap(ASN1_SEQUENCE, "m", content_type)
- : asn1_wrap(ASN1_SEQUENCE, "mm", content_type,
- asn1_simple_object(ASN1_CONTEXT_C_0, this->content));
-}
-
-METHOD(pkcs7_t, create_certificate_enumerator, enumerator_t*,
- private_pkcs7_t *this)
-{
- return this->certs->create_enumerator(this->certs);
-}
-
-METHOD(pkcs7_t, set_certificate, void,
- private_pkcs7_t *this, certificate_t *cert)
-{
- if (cert)
- {
- this->certs->insert_last(this->certs, cert);
- }
-}
-
-METHOD(pkcs7_t, set_attributes, void,
- private_pkcs7_t *this, pkcs9_t *attributes)
-{
- this->attributes = attributes;
-}
-
-METHOD(pkcs7_t, get_attributes, pkcs9_t*,
- private_pkcs7_t *this)
-{
- return this->attributes;
-}
-
-/**
- * build a DER-encoded issuerAndSerialNumber object
- */
-chunk_t pkcs7_build_issuerAndSerialNumber(certificate_t *cert)
-{
- identification_t *issuer = cert->get_issuer(cert);
- chunk_t serial = chunk_empty;
-
- if (cert->get_type(cert) == CERT_X509)
- {
- x509_t *x509 = (x509_t*)cert;
- serial = x509->get_serial(x509);
- }
-
- return asn1_wrap(ASN1_SEQUENCE, "cm",
- issuer->get_encoding(issuer),
- asn1_integer("c", serial));
-}
-
-METHOD(pkcs7_t, build_envelopedData, bool,
- private_pkcs7_t *this, certificate_t *cert, encryption_algorithm_t alg,
- size_t key_size)
-{
- chunk_t iv, symmetricKey, protectedKey, in, out;
- crypter_t *crypter;
- int alg_oid;
-
- /* select OID of symmetric encryption algorithm */
- alg_oid = encryption_algorithm_to_oid(alg, key_size);
- if (alg_oid == OID_UNKNOWN)
- {
- DBG1(DBG_LIB, " encryption algorithm %N not supported",
- encryption_algorithm_names, alg);
- return FALSE;
- }
- crypter = lib->crypto->create_crypter(lib->crypto, alg, key_size / 8);
- if (crypter == NULL)
- {
- DBG1(DBG_LIB, " could not create crypter for algorithm %N",
- encryption_algorithm_names, alg);
- return FALSE;
- }
-
- /* generate a true random symmetric encryption key
- * and a pseudo-random iv
- */
- {
- rng_t *rng;
-
- rng = lib->crypto->create_rng(lib->crypto, RNG_TRUE);
- if (!rng || !rng->allocate_bytes(rng, crypter->get_key_size(crypter),
- &symmetricKey))
- {
- DBG1(DBG_LIB, " failed to allocate symmetric encryption key");
- DESTROY_IF(rng);
- return FALSE;
- }
- DBG4(DBG_LIB, " symmetric encryption key: %B", &symmetricKey);
- rng->destroy(rng);
-
- rng = lib->crypto->create_rng(lib->crypto, RNG_WEAK);
- if (!rng || !rng->allocate_bytes(rng, crypter->get_iv_size(crypter),
- &iv))
- {
- DBG1(DBG_LIB, " failed to allocate initialization vector");
- DESTROY_IF(rng);
- return FALSE;
- }
- DBG4(DBG_LIB, " initialization vector: %B", &iv);
- rng->destroy(rng);
- }
-
- /* pad the data so that the total length becomes
- * a multiple of the block size
- */
- {
- size_t block_size = crypter->get_block_size(crypter);
- size_t padding = block_size - this->data.len % block_size;
-
- in.len = this->data.len + padding;
- in.ptr = malloc(in.len);
-
- DBG2(DBG_LIB, " padding %d bytes of data to multiple block size of %d bytes",
- (int)this->data.len, (int)in.len);
-
- /* copy data */
- memcpy(in.ptr, this->data.ptr, this->data.len);
- /* append padding */
- memset(in.ptr + this->data.len, padding, padding);
- }
- DBG3(DBG_LIB, " padded unencrypted data: %B", &in);
-
- /* symmetric encryption of data object */
- if (!crypter->set_key(crypter, symmetricKey) ||
- !crypter->encrypt(crypter, in, iv, &out))
- {
- crypter->destroy(crypter);
- chunk_clear(&in);
- chunk_clear(&symmetricKey);
- chunk_free(&iv);
- return FALSE;
- }
- crypter->destroy(crypter);
- chunk_clear(&in);
- DBG3(DBG_LIB, " encrypted data: %B", &out);
-
- /* protect symmetric key by public key encryption */
- {
- public_key_t *key = cert->get_public_key(cert);
-
- if (key == NULL)
- {
- DBG1(DBG_LIB, " public key not found in encryption certificate");
- chunk_clear(&symmetricKey);
- chunk_free(&iv);
- chunk_free(&out);
- return FALSE;
- }
- key->encrypt(key, ENCRYPT_RSA_PKCS1, symmetricKey, &protectedKey);
- key->destroy(key);
- chunk_clear(&symmetricKey);
- }
-
- /* build pkcs7 enveloped data object */
- {
- chunk_t contentEncryptionAlgorithm = asn1_wrap(ASN1_SEQUENCE, "mm",
- asn1_build_known_oid(alg_oid),
- asn1_wrap(ASN1_OCTET_STRING, "m", iv));
-
- chunk_t encryptedContentInfo = asn1_wrap(ASN1_SEQUENCE, "mmm",
- asn1_build_known_oid(OID_PKCS7_DATA),
- contentEncryptionAlgorithm,
- asn1_wrap(ASN1_CONTEXT_S_0, "m", out));
-
- chunk_t encryptedKey = asn1_wrap(ASN1_OCTET_STRING, "m", protectedKey);
-
- chunk_t recipientInfo = asn1_wrap(ASN1_SEQUENCE, "cmmm",
- ASN1_INTEGER_0,
- pkcs7_build_issuerAndSerialNumber(cert),
- asn1_algorithmIdentifier(OID_RSA_ENCRYPTION),
- encryptedKey);
-
- this->content = asn1_wrap(ASN1_SEQUENCE, "cmm",
- ASN1_INTEGER_0,
- asn1_wrap(ASN1_SET, "m", recipientInfo),
- encryptedContentInfo);
- chunk_free(&this->data);
- this->type = OID_PKCS7_ENVELOPED_DATA;
- this->data = get_contentInfo(this);
- }
- return TRUE;
-}
-
-METHOD(pkcs7_t, build_signedData, bool,
- private_pkcs7_t *this, private_key_t *private_key, hash_algorithm_t alg)
-{
- chunk_t authenticatedAttributes = chunk_empty;
- chunk_t encryptedDigest = chunk_empty;
- chunk_t signerInfo, encoding = chunk_empty;
- signature_scheme_t scheme;
- int digest_oid;
- certificate_t *cert;
-
- if (this->certs->get_first(this->certs, (void**)&cert) != SUCCESS)
- {
- DBG1(DBG_LIB, " no pkcs7 signer certificate found");
- return FALSE;
- }
- digest_oid = hasher_algorithm_to_oid(alg);
- scheme = signature_scheme_from_oid(digest_oid);
-
- if (this->attributes != NULL)
- {
- if (this->data.ptr != NULL)
- {
- chunk_t messageDigest, signingTime, attributes;
- hasher_t *hasher;
- time_t now;
-
- hasher = lib->crypto->create_hasher(lib->crypto, alg);
- if (!hasher ||
- !hasher->allocate_hash(hasher, this->data, &messageDigest))
- {
- DESTROY_IF(hasher);
- DBG1(DBG_LIB, " hash algorithm %N not support",
- hash_algorithm_names, alg);
- return FALSE;
- }
- hasher->destroy(hasher);
- this->attributes->set_attribute(this->attributes,
- OID_PKCS9_MESSAGE_DIGEST,
- messageDigest);
- free(messageDigest.ptr);
-
- /* take the current time as signingTime */
- now = time(NULL);
- signingTime = asn1_from_time(&now, ASN1_UTCTIME);
- this->attributes->set_attribute_raw(this->attributes,
- OID_PKCS9_SIGNING_TIME, signingTime);
- this->attributes->set_attribute_raw(this->attributes,
- OID_PKCS9_CONTENT_TYPE,
- asn1_build_known_oid(OID_PKCS7_DATA));
-
- attributes = this->attributes->get_encoding(this->attributes);
-
- private_key->sign(private_key, scheme, attributes, &encryptedDigest);
- authenticatedAttributes = chunk_clone(attributes);
- *authenticatedAttributes.ptr = ASN1_CONTEXT_C_0;
- }
- }
- else if (this->data.ptr != NULL)
- {
- private_key->sign(private_key, scheme, this->data, &encryptedDigest);
- }
- if (encryptedDigest.ptr)
- {
- encryptedDigest = asn1_wrap(ASN1_OCTET_STRING, "m", encryptedDigest);
- }
- signerInfo = asn1_wrap(ASN1_SEQUENCE, "cmmmmm",
- ASN1_INTEGER_1,
- pkcs7_build_issuerAndSerialNumber(cert),
- asn1_algorithmIdentifier(digest_oid),
- authenticatedAttributes,
- asn1_algorithmIdentifier(OID_RSA_ENCRYPTION),
- encryptedDigest);
-
- if (this->data.ptr != NULL)
- {
- chunk_free(&this->content);
- this->content = asn1_simple_object(ASN1_OCTET_STRING, this->data);
- chunk_free(&this->data);
- }
- this->type = OID_PKCS7_DATA;
- this->data = get_contentInfo(this);
- chunk_free(&this->content);
-
- cert->get_encoding(cert, CERT_ASN1_DER, &encoding);
-
- this->content = asn1_wrap(ASN1_SEQUENCE, "cmcmm",
- ASN1_INTEGER_1,
- asn1_wrap(ASN1_SET, "m", asn1_algorithmIdentifier(digest_oid)),
- this->data,
- asn1_wrap(ASN1_CONTEXT_C_0, "m", encoding),
- asn1_wrap(ASN1_SET, "m", signerInfo));
- chunk_free(&this->data);
- this->type = OID_PKCS7_SIGNED_DATA;
- this->data = get_contentInfo(this);
-
- return TRUE;
-}
-
-METHOD(pkcs7_t, destroy, void,
- private_pkcs7_t *this)
-{
- DESTROY_IF(this->attributes);
- this->certs->destroy_offset(this->certs, offsetof(certificate_t, destroy));
- free(this->content.ptr);
- free(this->data.ptr);
- free(this);
-}
-
-/**
- * Generic private constructor
- */
-static private_pkcs7_t *pkcs7_create_empty(void)
-{
- private_pkcs7_t *this;
-
- INIT(this,
- .public = {
- .is_data = _is_data,
- .is_signedData = _is_signedData,
- .is_envelopedData = _is_envelopedData,
- .parse_data = _parse_data,
- .parse_signedData = _parse_signedData,
- .parse_envelopedData = _parse_envelopedData,
- .get_data = _get_data,
- .get_contentInfo = _get_contentInfo,
- .create_certificate_enumerator = _create_certificate_enumerator,
- .set_certificate = _set_certificate,
- .set_attributes = _set_attributes,
- .get_attributes = _get_attributes,
- .build_envelopedData = _build_envelopedData,
- .build_signedData = _build_signedData,
- .destroy = _destroy,
- },
- .type = OID_UNKNOWN,
- .certs = linked_list_create(),
- );
-
- return this;
-}
-
-/*
- * Described in header.
- */
-pkcs7_t *pkcs7_create_from_chunk(chunk_t chunk, u_int level)
-{
- private_pkcs7_t *this = pkcs7_create_empty();
-
- this->level = level;
- this->data = chunk_clone(chunk);
-
- return &this->public;
-}
-
-/*
- * Described in header.
- */
-pkcs7_t *pkcs7_create_from_data(chunk_t data)
-{
- private_pkcs7_t *this = pkcs7_create_empty();
-
- this->data = chunk_clone(data);
-
- return &this->public;
-}
-
diff --git a/src/libstrongswan/crypto/pkcs7.h b/src/libstrongswan/crypto/pkcs7.h
deleted file mode 100644
index 7c9a6b037..000000000
--- a/src/libstrongswan/crypto/pkcs7.h
+++ /dev/null
@@ -1,178 +0,0 @@
-/*
- * Copyright (C) 2005 Jan Hutter, Martin Willi
- * Copyright (C) 2002-2008 Andreas Steffen
- * Hochschule fuer Technik Rapperswil, Switzerland
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-/**
- * @defgroup pkcs7 pkcs7
- * @{ @ingroup crypto
- */
-
-#ifndef PKCS7_H_
-#define PKCS7_H_
-
-typedef struct pkcs7_t pkcs7_t;
-
-#include <library.h>
-#include <credentials/keys/private_key.h>
-#include <crypto/pkcs9.h>
-#include <crypto/crypters/crypter.h>
-#include <utils/enumerator.h>
-
-/**
- * PKCS#7 contentInfo object.
- */
-struct pkcs7_t {
-
- /**
- * Check if the PKCS#7 contentType is data
- *
- * @return TRUE if the contentType is data
- */
- bool (*is_data) (pkcs7_t *this);
-
- /**
- * Check if the PKCS#7 contentType is signedData
- *
- * @return TRUE if the contentType is signedData
- */
- bool (*is_signedData) (pkcs7_t *this);
-
- /**
- * Check if the PKCS#7 contentType is envelopedData
- *
- * @return TRUE if the contentType is envelopedData
- */
- bool (*is_envelopedData) (pkcs7_t *this);
-
- /**
- * Parse a PKCS#7 data content.
- *
- * @return TRUE if parsing was successful
- */
- bool (*parse_data) (pkcs7_t *this);
-
- /**
- * Parse a PKCS#7 signedData content. The contained PKCS#7 data is parsed
- * and verified.
- *
- * @param cacert cacert used to verify the signature
- * @return TRUE if parsing was successful
- */
- bool (*parse_signedData) (pkcs7_t *this, certificate_t *cacert);
-
- /**
- * Parse a PKCS#7 envelopedData content.
- *
- * @param serialNumber serialNumber of the request
- * @param key private key used to decrypt the symmetric key
- * @return TRUE if parsing was successful
- */
- bool (*parse_envelopedData) (pkcs7_t *this, chunk_t serialNumber,
- private_key_t *key);
-
- /**
- * Returns the parsed data object
- *
- * @return chunk containing the data object
- */
- chunk_t (*get_data) (pkcs7_t *this);
-
- /**
- * Returns the a DER-encoded contentInfo object
- *
- * @return chunk containing the contentInfo object
- */
- chunk_t (*get_contentInfo) (pkcs7_t *this);
-
- /**
- * Create an enumerator for the certificates.
- *
- * @return enumerator for the certificates
- */
- enumerator_t *(*create_certificate_enumerator) (pkcs7_t *this);
-
- /**
- * Add a certificate.
- *
- * @param cert certificate to be included (gets adopted)
- */
- void (*set_certificate) (pkcs7_t *this, certificate_t *cert);
-
- /**
- * Add authenticated attributes.
- *
- * @param attributes attributes to be included (gets adopted)
- */
- void (*set_attributes) (pkcs7_t *this, pkcs9_t *attributes);
-
- /**
- * Get attributes.
- *
- * @return attributes (internal data)
- */
- pkcs9_t *(*get_attributes) (pkcs7_t *this);
-
- /**
- * Build a data object
- *
- * @return TRUE if build was successful
- */
- bool (*build_data) (pkcs7_t *this);
-
- /**
- * Build an envelopedData object
- *
- * @param cert receivers's certificate
- * @param alg encryption algorithm
- * @param key_size key size to use
- * @return TRUE if build was successful
- */
- bool (*build_envelopedData) (pkcs7_t *this, certificate_t *cert,
- encryption_algorithm_t alg, size_t key_size);
-
- /**
- * Build an signedData object
- *
- * @param key signer's private key
- * @param alg digest algorithm used for signature
- * @return TRUE if build was successful
- */
- bool (*build_signedData) (pkcs7_t *this, private_key_t *key,
- hash_algorithm_t alg);
-
- /**
- * Destroys the contentInfo object.
- */
- void (*destroy) (pkcs7_t *this);
-};
-
-/**
- * Read a PKCS#7 contentInfo object from a DER encoded chunk.
- *
- * @param chunk chunk containing DER encoded data
- * @param level ASN.1 parsing start level
- * @return created pkcs7_contentInfo object, or NULL if invalid.
- */
-pkcs7_t *pkcs7_create_from_chunk(chunk_t chunk, u_int level);
-
-/**
- * Create a PKCS#7 contentInfo object
- *
- * @param data chunk containing data
- * @return created pkcs7_contentInfo object.
- */
-pkcs7_t *pkcs7_create_from_data(chunk_t data);
-
-#endif /** PKCS7_H_ @}*/
diff --git a/src/libstrongswan/crypto/pkcs9.c b/src/libstrongswan/crypto/pkcs9.c
deleted file mode 100644
index d24ab1b80..000000000
--- a/src/libstrongswan/crypto/pkcs9.c
+++ /dev/null
@@ -1,369 +0,0 @@
-/*
- * Copyright (C) 2012 Tobias Brunner
- * Copyright (C) 2008 Andreas Steffen
- * Hochschule fuer Technik Rapperswil, Switzerland
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include <library.h>
-#include <debug.h>
-
-#include <asn1/oid.h>
-#include <asn1/asn1.h>
-#include <asn1/asn1_parser.h>
-#include <utils/linked_list.h>
-
-#include "pkcs9.h"
-
-typedef struct private_pkcs9_t private_pkcs9_t;
-
-/**
- * Private data of a pkcs9_t attribute list.
- */
-struct private_pkcs9_t {
- /**
- * Public interface
- */
- pkcs9_t public;
-
- /**
- * DER encoding of PKCS#9 attributes
- */
- chunk_t encoding;
-
- /**
- * Linked list of PKCS#9 attributes
- */
- linked_list_t *attributes;
-};
-
-typedef struct attribute_t attribute_t;
-
-/**
- * Definition of an attribute_t object.
- */
-struct attribute_t {
- /**
- * Object Identifier (OID)
- */
- int oid;
-
- /**
- * Attribute value
- */
- chunk_t value;
-
- /**
- * ASN.1 encoding
- */
- chunk_t encoding;
-
- /**
- * Destroys the attribute.
- */
- void (*destroy) (attribute_t *this);
-
-};
-
-/**
- * return the ASN.1 encoding of a PKCS#9 attribute
- */
-static asn1_t asn1_attributeType(int oid)
-{
- asn1_t type;
-
- switch (oid)
- {
- case OID_PKCS9_CONTENT_TYPE:
- type = ASN1_OID;
- break;
- case OID_PKCS9_SIGNING_TIME:
- type = ASN1_UTCTIME;
- break;
- case OID_PKCS9_MESSAGE_DIGEST:
- type = ASN1_OCTET_STRING;
- break;
- case OID_PKI_MESSAGE_TYPE:
- type = ASN1_PRINTABLESTRING;
- break;
- case OID_PKI_STATUS:
- type = ASN1_PRINTABLESTRING;
- break;
- case OID_PKI_FAIL_INFO:
- type = ASN1_PRINTABLESTRING;
- break;
- case OID_PKI_SENDER_NONCE:
- type = ASN1_OCTET_STRING;
- break;
- case OID_PKI_RECIPIENT_NONCE:
- type = ASN1_OCTET_STRING;
- break;
- case OID_PKI_TRANS_ID:
- type = ASN1_PRINTABLESTRING;
- break;
- default:
- type = ASN1_EOC;
- }
- return type;
-}
-
-/**
- * Destroy an attribute_t object.
- */
-static void attribute_destroy(attribute_t *this)
-{
- free(this->value.ptr);
- free(this->encoding.ptr);
- free(this);
-}
-
-/**
- * Create an attribute_t object.
- */
-static attribute_t *attribute_create(int oid, chunk_t value)
-{
- attribute_t *this;
-
- INIT(this,
- .destroy = attribute_destroy,
- .oid = oid,
- .value = chunk_clone(value),
- .encoding = asn1_wrap(ASN1_SEQUENCE, "mm",
- asn1_build_known_oid(oid),
- asn1_simple_object(ASN1_SET, value)),
- );
-
- return this;
-}
-
-METHOD(pkcs9_t, build_encoding, void,
- private_pkcs9_t *this)
-{
- enumerator_t *enumerator;
- attribute_t *attribute;
- u_int attributes_len = 0;
-
- if (this->encoding.ptr)
- {
- chunk_free(&this->encoding);
- }
- if (this->attributes->get_count(this->attributes) == 0)
- {
- return;
- }
-
- /* compute the total length of the encoded attributes */
- enumerator = this->attributes->create_enumerator(this->attributes);
-
- while (enumerator->enumerate(enumerator, (void**)&attribute))
- {
- attributes_len += attribute->encoding.len;
- }
- enumerator->destroy(enumerator);
-
- /* allocate memory for the attributes and build the encoding */
- {
- u_char *pos = asn1_build_object(&this->encoding, ASN1_SET, attributes_len);
-
- enumerator = this->attributes->create_enumerator(this->attributes);
-
- while (enumerator->enumerate(enumerator, (void**)&attribute))
- {
- memcpy(pos, attribute->encoding.ptr, attribute->encoding.len);
- pos += attribute->encoding.len;
- }
- enumerator->destroy(enumerator);
- }
-}
-
-METHOD(pkcs9_t, get_encoding, chunk_t,
- private_pkcs9_t *this)
-{
- if (this->encoding.ptr == NULL)
- {
- build_encoding(this);
- }
- return this->encoding;
-}
-
-METHOD(pkcs9_t, get_attribute, chunk_t,
- private_pkcs9_t *this, int oid)
-{
- enumerator_t *enumerator;
- chunk_t value = chunk_empty;
- attribute_t *attribute;
-
- enumerator = this->attributes->create_enumerator(this->attributes);
- while (enumerator->enumerate(enumerator, (void**)&attribute))
- {
- if (attribute->oid == oid)
- {
- value = attribute->value;
- break;
- }
- }
- enumerator->destroy(enumerator);
- if (value.ptr &&
- !asn1_parse_simple_object(&value, asn1_attributeType(oid), 0,
- oid_names[oid].name))
- {
- return chunk_empty;
- }
- return value;
-}
-
-METHOD(pkcs9_t, set_attribute_raw, void,
- private_pkcs9_t *this, int oid, chunk_t value)
-{
- attribute_t *attribute = attribute_create(oid, value);
-
- this->attributes->insert_last(this->attributes, attribute);
- chunk_free(&value);
-}
-
-METHOD(pkcs9_t, set_attribute, void,
- private_pkcs9_t *this, int oid, chunk_t value)
-{
- chunk_t attr = asn1_simple_object(asn1_attributeType(oid), value);
-
- set_attribute_raw(this, oid, attr);
-}
-
-METHOD(pkcs9_t, destroy, void,
- private_pkcs9_t *this)
-{
- this->attributes->destroy_offset(this->attributes, offsetof(attribute_t, destroy));
- free(this->encoding.ptr);
- free(this);
-}
-
-/**
- * Generic private constructor
- */
-static private_pkcs9_t *pkcs9_create_empty(void)
-{
- private_pkcs9_t *this;
-
- INIT(this,
- .public = {
- .build_encoding = _build_encoding,
- .get_encoding = _get_encoding,
- .get_attribute = _get_attribute,
- .set_attribute = _set_attribute,
- .set_attribute_raw = _set_attribute_raw,
- .destroy = _destroy,
- },
- .attributes = linked_list_create(),
- );
-
- return this;
-}
-
-/*
- * Described in header.
- */
-pkcs9_t *pkcs9_create(void)
-{
- private_pkcs9_t *this = pkcs9_create_empty();
-
- return &this->public;
-}
-
-/**
- * ASN.1 definition of the X.501 atttribute type
- */
-static const asn1Object_t attributesObjects[] = {
- { 0, "attributes", ASN1_SET, ASN1_LOOP }, /* 0 */
- { 1, "attribute", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
- { 2, "type", ASN1_OID, ASN1_BODY }, /* 2 */
- { 2, "values", ASN1_SET, ASN1_LOOP }, /* 3 */
- { 3, "value", ASN1_EOC, ASN1_RAW }, /* 4 */
- { 2, "end loop", ASN1_EOC, ASN1_END }, /* 5 */
- { 0, "end loop", ASN1_EOC, ASN1_END }, /* 6 */
- { 0, "exit", ASN1_EOC, ASN1_EXIT }
-};
-#define ATTRIBUTE_OBJ_TYPE 2
-#define ATTRIBUTE_OBJ_VALUE 4
-
-/**
- * Parse a PKCS#9 attribute list
- */
-static bool parse_attributes(chunk_t chunk, int level0, private_pkcs9_t* this)
-{
- asn1_parser_t *parser;
- chunk_t object;
- int objectID;
- int oid = OID_UNKNOWN;
- bool success = FALSE;
-
- parser = asn1_parser_create(attributesObjects, chunk);
- parser->set_top_level(parser, level0);
-
- while (parser->iterate(parser, &objectID, &object))
- {
- switch (objectID)
- {
- case ATTRIBUTE_OBJ_TYPE:
- oid = asn1_known_oid(object);
- break;
- case ATTRIBUTE_OBJ_VALUE:
- if (oid == OID_UNKNOWN)
- {
- break;
- }
- /* add the attribute to a linked list */
- {
- attribute_t *attribute = attribute_create(oid, object);
-
- this->attributes->insert_last(this->attributes,
- (void*)attribute);
- }
- /* parse known attributes */
- {
- asn1_t type = asn1_attributeType(oid);
-
- if (type != ASN1_EOC)
- {
- if (!asn1_parse_simple_object(&object, type,
- parser->get_level(parser)+1,
- oid_names[oid].name))
- {
- goto end;
- }
- }
- }
- }
- }
- success = parser->success(parser);
-
-end:
- parser->destroy(parser);
- return success;
-}
-
-
- /*
- * Described in header.
- */
-pkcs9_t *pkcs9_create_from_chunk(chunk_t chunk, u_int level)
-{
- private_pkcs9_t *this = pkcs9_create_empty();
-
- this->encoding = chunk_clone(chunk);
-
- if (!parse_attributes(chunk, level, this))
- {
- destroy(this);
- return NULL;
- }
- return &this->public;
-}
diff --git a/src/libstrongswan/crypto/proposal/proposal_keywords.c b/src/libstrongswan/crypto/proposal/proposal_keywords.c
index 7356dc367..4db504eb0 100644
--- a/src/libstrongswan/crypto/proposal/proposal_keywords.c
+++ b/src/libstrongswan/crypto/proposal/proposal_keywords.c
@@ -38,7 +38,7 @@
#include "proposal_keywords.h"
#include "proposal_keywords_static.h"
-#include <utils/linked_list.h>
+#include <collections/linked_list.h>
#include <threading/rwlock.h>
typedef struct private_proposal_keywords_t private_proposal_keywords_t;
diff --git a/src/libstrongswan/crypto/proposal/proposal_keywords_static.c b/src/libstrongswan/crypto/proposal/proposal_keywords_static.c
index ce52bc2ce..d85bfebd0 100644
--- a/src/libstrongswan/crypto/proposal/proposal_keywords_static.c
+++ b/src/libstrongswan/crypto/proposal/proposal_keywords_static.c
@@ -59,11 +59,11 @@ struct proposal_token {
u_int16_t keysize;
};
-#define TOTAL_KEYWORDS 122
+#define TOTAL_KEYWORDS 130
#define MIN_WORD_LENGTH 3
#define MAX_WORD_LENGTH 17
-#define MIN_HASH_VALUE 9
-#define MAX_HASH_VALUE 213
+#define MIN_HASH_VALUE 12
+#define MAX_HASH_VALUE 216
/* maximum key range = 205, duplicates = 0 */
#ifdef __GNUC__
@@ -80,32 +80,32 @@ hash (str, len)
{
static const unsigned char asso_values[] =
{
- 214, 214, 214, 214, 214, 214, 214, 214, 214, 214,
- 214, 214, 214, 214, 214, 214, 214, 214, 214, 214,
- 214, 214, 214, 214, 214, 214, 214, 214, 214, 214,
- 214, 214, 214, 214, 214, 214, 214, 214, 214, 214,
- 214, 214, 214, 214, 214, 214, 214, 214, 14, 9,
- 4, 34, 66, 19, 8, 4, 5, 3, 214, 214,
- 214, 214, 214, 214, 214, 214, 214, 214, 214, 214,
- 214, 214, 214, 214, 214, 214, 214, 214, 214, 214,
- 214, 214, 214, 214, 214, 214, 214, 214, 214, 214,
- 214, 214, 214, 214, 214, 131, 214, 3, 22, 21,
- 3, 1, 101, 48, 3, 4, 214, 214, 3, 10,
- 57, 4, 214, 214, 94, 6, 3, 32, 214, 214,
- 214, 214, 214, 214, 214, 214, 214, 214, 214, 214,
- 214, 214, 214, 214, 214, 214, 214, 214, 214, 214,
- 214, 214, 214, 214, 214, 214, 214, 214, 214, 214,
- 214, 214, 214, 214, 214, 214, 214, 214, 214, 214,
- 214, 214, 214, 214, 214, 214, 214, 214, 214, 214,
- 214, 214, 214, 214, 214, 214, 214, 214, 214, 214,
- 214, 214, 214, 214, 214, 214, 214, 214, 214, 214,
- 214, 214, 214, 214, 214, 214, 214, 214, 214, 214,
- 214, 214, 214, 214, 214, 214, 214, 214, 214, 214,
- 214, 214, 214, 214, 214, 214, 214, 214, 214, 214,
- 214, 214, 214, 214, 214, 214, 214, 214, 214, 214,
- 214, 214, 214, 214, 214, 214, 214, 214, 214, 214,
- 214, 214, 214, 214, 214, 214, 214, 214, 214, 214,
- 214, 214, 214, 214, 214, 214, 214
+ 217, 217, 217, 217, 217, 217, 217, 217, 217, 217,
+ 217, 217, 217, 217, 217, 217, 217, 217, 217, 217,
+ 217, 217, 217, 217, 217, 217, 217, 217, 217, 217,
+ 217, 217, 217, 217, 217, 217, 217, 217, 217, 217,
+ 217, 217, 217, 217, 217, 217, 217, 217, 35, 10,
+ 5, 34, 68, 21, 9, 16, 6, 4, 217, 217,
+ 217, 217, 217, 217, 217, 217, 217, 217, 217, 217,
+ 217, 217, 217, 217, 217, 217, 217, 217, 217, 217,
+ 217, 217, 217, 217, 217, 217, 217, 217, 217, 217,
+ 217, 217, 217, 217, 217, 117, 217, 15, 22, 23,
+ 4, 29, 4, 51, 57, 4, 217, 217, 4, 16,
+ 58, 4, 217, 5, 81, 104, 6, 34, 217, 217,
+ 5, 217, 217, 217, 217, 217, 217, 217, 217, 217,
+ 217, 217, 217, 217, 217, 217, 217, 217, 217, 217,
+ 217, 217, 217, 217, 217, 217, 217, 217, 217, 217,
+ 217, 217, 217, 217, 217, 217, 217, 217, 217, 217,
+ 217, 217, 217, 217, 217, 217, 217, 217, 217, 217,
+ 217, 217, 217, 217, 217, 217, 217, 217, 217, 217,
+ 217, 217, 217, 217, 217, 217, 217, 217, 217, 217,
+ 217, 217, 217, 217, 217, 217, 217, 217, 217, 217,
+ 217, 217, 217, 217, 217, 217, 217, 217, 217, 217,
+ 217, 217, 217, 217, 217, 217, 217, 217, 217, 217,
+ 217, 217, 217, 217, 217, 217, 217, 217, 217, 217,
+ 217, 217, 217, 217, 217, 217, 217, 217, 217, 217,
+ 217, 217, 217, 217, 217, 217, 217, 217, 217, 217,
+ 217, 217, 217, 217, 217, 217, 217
};
register int hval = len;
@@ -142,23 +142,21 @@ hash (str, len)
static const struct proposal_token wordlist[] =
{
- {"sha", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0},
- {"des", ENCRYPTION_ALGORITHM, ENCR_DES, 0},
{"null", ENCRYPTION_ALGORITHM, ENCR_NULL, 0},
+ {"ecp192", DIFFIE_HELLMAN_GROUP, ECP_192_BIT, 0},
{"sha1", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0},
- {"serpent", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128},
- {"camellia", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 128},
+ {"sha", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0},
+ {"ecp521", DIFFIE_HELLMAN_GROUP, ECP_521_BIT, 0},
{"sha512", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0},
- {"serpent192", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 192},
- {"serpent128", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128},
{"camellia192", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 192},
{"cast128", ENCRYPTION_ALGORITHM, ENCR_CAST, 128},
{"camellia128", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 128},
- {"aes", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128},
- {"serpent256", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 256},
+ {"camellia", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 128},
+ {"prfmd5", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_MD5, 0},
{"aes192", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 192},
- {"sha256", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0},
{"aes128", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128},
+ {"ecp256", DIFFIE_HELLMAN_GROUP, ECP_256_BIT, 0},
+ {"sha256", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0},
{"camellia192ccm8", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 192},
{"camellia128ccm8", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 128},
{"camellia192ccm96", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 192},
@@ -170,17 +168,18 @@ static const struct proposal_token wordlist[] =
{"camellia192ccm16", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 192},
{"camellia128ccm16", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 128},
{"camellia256", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 256},
- {"twofish", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 128},
- {"camellia256ccm8", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 256},
+ {"serpent", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128},
{"aes256", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 256},
+ {"camellia256ccm8", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 256},
+ {"serpent192", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 192},
{"camellia256ccm96", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 256},
- {"twofish192", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 192},
+ {"serpent128", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128},
{"camellia256ccm12", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 256},
- {"twofish128", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 128},
+ {"esn", EXTENDED_SEQUENCE_NUMBERS, EXT_SEQ_NUMBERS, 0},
{"camellia256ccm128",ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 256},
{"camellia256ccm16", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 256},
+ {"serpent256", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 256},
{"camelliaxcbc", INTEGRITY_ALGORITHM, AUTH_CAMELLIA_XCBC_96, 0},
- {"twofish256", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 256},
{"aes192ccm8", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 192},
{"aes128ccm8", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 128},
{"aes192ccm96", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 192},
@@ -191,18 +190,23 @@ static const struct proposal_token wordlist[] =
{"aes128ccm128", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 128},
{"aes192ccm16", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 192},
{"aes128ccm16", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 128},
- {"3des", ENCRYPTION_ALGORITHM, ENCR_3DES, 0},
{"modp8192", DIFFIE_HELLMAN_GROUP, MODP_8192_BIT, 0},
- {"modp768", DIFFIE_HELLMAN_GROUP, MODP_768_BIT, 0},
{"md5", INTEGRITY_ALGORITHM, AUTH_HMAC_MD5_96, 0},
+ {"ecp224", DIFFIE_HELLMAN_GROUP, ECP_224_BIT, 0},
+ {"ecp384", DIFFIE_HELLMAN_GROUP, ECP_384_BIT, 0},
+ {"prfsha256", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_256, 0},
{"sha384", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0},
- {"aescmac", INTEGRITY_ALGORITHM, AUTH_AES_CMAC_96, 0},
- {"aes256ccm8", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 256},
{"md5_128", INTEGRITY_ALGORITHM, AUTH_HMAC_MD5_128, 0},
+ {"aes256ccm8", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 256},
+ {"prfsha1", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA1, 0},
{"aes256ccm96", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 256},
+ {"aescmac", INTEGRITY_ALGORITHM, AUTH_AES_CMAC_96, 0},
{"aes256ccm12", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 256},
+ {"modp768", DIFFIE_HELLMAN_GROUP, MODP_768_BIT, 0},
{"aes256ccm128", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 256},
+ {"prfaesxcbc", PSEUDO_RANDOM_FUNCTION, PRF_AES128_XCBC, 0},
{"aes256ccm16", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 256},
+ {"prfsha512", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_512, 0},
{"aesxcbc", INTEGRITY_ALGORITHM, AUTH_AES_XCBC_96, 0},
{"aes192gcm8", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 192},
{"aes128gcm8", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 128},
@@ -216,80 +220,84 @@ static const struct proposal_token wordlist[] =
{"aes128gcm16", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 128},
{"camellia192ccm64", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 192},
{"camellia128ccm64", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 128},
- {"modp1024s160", DIFFIE_HELLMAN_GROUP, MODP_1024_160, 0},
- {"modp3072", DIFFIE_HELLMAN_GROUP, MODP_3072_BIT, 0},
+ {"camellia192ctr", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR, 192},
+ {"camellia128ctr", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR, 128},
+ {"prfaescmac", PSEUDO_RANDOM_FUNCTION, PRF_AES128_CMAC, 0},
+ {"prfcamelliaxcbc", PSEUDO_RANDOM_FUNCTION, PRF_CAMELLIA128_XCBC, 0},
+ {"twofish192", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 192},
{"aes256gcm8", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 256},
+ {"twofish128", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 128},
{"aes256gcm96", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 256},
+ {"modp1536", DIFFIE_HELLMAN_GROUP, MODP_1536_BIT, 0},
{"aes256gcm12", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 256},
- {"ecp192", DIFFIE_HELLMAN_GROUP, ECP_192_BIT, 0},
+ {"modp3072", DIFFIE_HELLMAN_GROUP, MODP_3072_BIT, 0},
{"aes256gcm128", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 256},
- {"modp1536", DIFFIE_HELLMAN_GROUP, MODP_1536_BIT, 0},
+ {"twofish256", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 256},
{"aes256gcm16", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 256},
- {"camellia256ccm64", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 256},
- {"ecp521", DIFFIE_HELLMAN_GROUP, ECP_521_BIT, 0},
- {"camellia192ctr", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR, 192},
- {"camellia128ctr", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR, 128},
{"noesn", EXTENDED_SEQUENCE_NUMBERS, NO_EXT_SEQ_NUMBERS, 0},
+ {"camellia256ccm64", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 256},
+ {"camellia256ctr", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR, 256},
+ {"aes", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128},
+ {"modp1024s160", DIFFIE_HELLMAN_GROUP, MODP_1024_160, 0},
+ {"modpnull", DIFFIE_HELLMAN_GROUP, MODP_NULL, 0},
{"aes192gmac", ENCRYPTION_ALGORITHM, ENCR_NULL_AUTH_AES_GMAC, 192},
{"aes128gmac", ENCRYPTION_ALGORITHM, ENCR_NULL_AUTH_AES_GMAC, 128},
- {"modpnull", DIFFIE_HELLMAN_GROUP, MODP_NULL, 0},
+ {"des", ENCRYPTION_ALGORITHM, ENCR_DES, 0},
{"aes192ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 192},
{"aes128ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 128},
- {"ecp256", DIFFIE_HELLMAN_GROUP, ECP_256_BIT, 0},
- {"camellia256ctr", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR, 256},
- {"blowfish", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128},
+ {"aes192ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 192},
+ {"aes128ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 128},
{"modp2048", DIFFIE_HELLMAN_GROUP, MODP_2048_BIT, 0},
- {"aes256gmac", ENCRYPTION_ALGORITHM, ENCR_NULL_AUTH_AES_GMAC, 256},
+ {"sha2_512", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0},
{"modp4096", DIFFIE_HELLMAN_GROUP, MODP_4096_BIT, 0},
{"modp1024", DIFFIE_HELLMAN_GROUP, MODP_1024_BIT, 0},
+ {"aes256gmac", ENCRYPTION_ALGORITHM, ENCR_NULL_AUTH_AES_GMAC, 256},
{"blowfish192", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 192},
- {"aes256ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 256},
{"blowfish128", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128},
- {"aes192ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 192},
- {"aes128ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 128},
+ {"aes256ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 256},
+ {"aes256ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 256},
{"modp2048s256", DIFFIE_HELLMAN_GROUP, MODP_2048_256, 0},
- {"sha2_512", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0},
+ {"twofish", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 128},
+ {"sha2_256", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0},
+ {"sha256_96", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_96, 0},
{"aes192gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 192},
{"aes128gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 128},
- {"esn", EXTENDED_SEQUENCE_NUMBERS, EXT_SEQ_NUMBERS, 0},
- {"sha1_160", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_160, 0},
- {"aes256ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 256},
+ {"sha2_256_96", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_96, 0},
{"blowfish256", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 256},
- {"sha2_256", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0},
- {"sha256_96", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_96, 0},
+ {"prfsha384", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_384, 0},
+ {"sha1_160", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_160, 0},
+ {"3des", ENCRYPTION_ALGORITHM, ENCR_3DES, 0},
{"aes256gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 256},
- {"sha2_256_96", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_96, 0},
- {"ecp224", DIFFIE_HELLMAN_GROUP, ECP_224_BIT, 0},
- {"ecp384", DIFFIE_HELLMAN_GROUP, ECP_384_BIT, 0},
+ {"blowfish", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128},
+ {"sha2_384", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0},
{"modp6144", DIFFIE_HELLMAN_GROUP, MODP_6144_BIT, 0},
- {"modp2048s224", DIFFIE_HELLMAN_GROUP, MODP_2048_224, 0},
- {"sha2_384", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0}
+ {"modp2048s224", DIFFIE_HELLMAN_GROUP, MODP_2048_224, 0}
};
static const short lookup[] =
{
- -1, -1, -1, -1, -1, -1, -1, -1, -1, 0,
- 1, 2, -1, -1, -1, -1, 3, 4, -1, -1,
- -1, 5, 6, -1, -1, 7, -1, 8, 9, 10,
- 11, 12, -1, 13, -1, 14, 15, 16, 17, 18,
- 19, 20, 21, 22, 23, 24, 25, 26, 27, 28,
- -1, -1, -1, -1, 29, 30, 31, 32, 33, 34,
- 35, -1, 36, -1, 37, 38, 39, 40, 41, 42,
- 43, 44, 45, 46, 47, 48, 49, 50, 51, 52,
- 53, 54, 55, 56, 57, -1, 58, -1, 59, -1,
- 60, -1, 61, 62, 63, 64, 65, 66, 67, 68,
- 69, 70, 71, 72, 73, 74, -1, 75, -1, 76,
- -1, 77, -1, 78, 79, 80, 81, 82, -1, 83,
- 84, 85, 86, 87, -1, 88, 89, -1, 90, -1,
- -1, 91, 92, -1, 93, -1, -1, 94, -1, 95,
- 96, 97, 98, -1, 99, -1, 100, 101, 102, 103,
- 104, 105, -1, -1, -1, 106, -1, -1, 107, 108,
- -1, 109, -1, -1, 110, 111, 112, -1, -1, 113,
- 114, -1, -1, -1, 115, 116, -1, 117, 118, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, 119, -1, -1, -1, 120,
- -1, -1, -1, 121
+ -1, -1, 0, -1, -1, -1, -1, -1, -1, 1,
+ 2, -1, -1, -1, 3, 4, -1, 5, -1, -1,
+ -1, -1, 6, 7, 8, 9, 10, 11, -1, 12,
+ 13, -1, 14, 15, 16, 17, 18, 19, 20, 21,
+ 22, 23, 24, 25, 26, -1, -1, -1, 27, -1,
+ 28, 29, 30, 31, 32, 33, 34, -1, 35, 36,
+ 37, 38, 39, 40, 41, 42, 43, 44, 45, 46,
+ 47, 48, 49, 50, 51, 52, 53, 54, 55, 56,
+ 57, 58, 59, 60, 61, 62, 63, 64, 65, 66,
+ 67, 68, 69, 70, 71, 72, 73, 74, 75, 76,
+ 77, 78, 79, 80, 81, 82, 83, 84, 85, 86,
+ 87, 88, 89, 90, 91, 92, 93, -1, 94, 95,
+ 96, -1, 97, 98, 99, -1, 100, 101, 102, 103,
+ 104, -1, -1, -1, -1, 105, 106, 107, -1, 108,
+ 109, 110, -1, 111, 112, -1, 113, 114, -1, 115,
+ -1, 116, 117, -1, -1, 118, 119, -1, 120, -1,
+ -1, -1, 121, 122, -1, 123, 124, -1, -1, -1,
+ -1, -1, 125, -1, -1, -1, -1, -1, -1, -1,
+ -1, -1, -1, -1, -1, -1, 126, -1, -1, -1,
+ -1, -1, -1, -1, -1, 127, -1, -1, -1, -1,
+ -1, 128, -1, -1, -1, -1, 129
};
#ifdef __GNUC__
diff --git a/src/libstrongswan/crypto/proposal/proposal_keywords_static.txt b/src/libstrongswan/crypto/proposal/proposal_keywords_static.txt
index 7f8c95757..445438f03 100644
--- a/src/libstrongswan/crypto/proposal/proposal_keywords_static.txt
+++ b/src/libstrongswan/crypto/proposal/proposal_keywords_static.txt
@@ -132,6 +132,14 @@ md5_128, INTEGRITY_ALGORITHM, AUTH_HMAC_MD5_128, 0
aesxcbc, INTEGRITY_ALGORITHM, AUTH_AES_XCBC_96, 0
camelliaxcbc, INTEGRITY_ALGORITHM, AUTH_CAMELLIA_XCBC_96, 0
aescmac, INTEGRITY_ALGORITHM, AUTH_AES_CMAC_96, 0
+prfsha1, PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA1, 0
+prfsha256, PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_256, 0
+prfsha384, PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_384, 0
+prfsha512, PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_512, 0
+prfmd5, PSEUDO_RANDOM_FUNCTION, PRF_HMAC_MD5, 0
+prfaesxcbc, PSEUDO_RANDOM_FUNCTION, PRF_AES128_XCBC, 0
+prfcamelliaxcbc, PSEUDO_RANDOM_FUNCTION, PRF_CAMELLIA128_XCBC, 0
+prfaescmac, PSEUDO_RANDOM_FUNCTION, PRF_AES128_CMAC, 0
modpnull, DIFFIE_HELLMAN_GROUP, MODP_NULL, 0
modp768, DIFFIE_HELLMAN_GROUP, MODP_768_BIT, 0
modp1024, DIFFIE_HELLMAN_GROUP, MODP_1024_BIT, 0
diff --git a/src/libstrongswan/crypto/transform.h b/src/libstrongswan/crypto/transform.h
index 311df068f..4a98f81e9 100644
--- a/src/libstrongswan/crypto/transform.h
+++ b/src/libstrongswan/crypto/transform.h
@@ -23,7 +23,7 @@
typedef enum transform_type_t transform_type_t;
-#include <enum.h>
+#include <utils/enum.h>
/**
* Type of a transform, as in IKEv2 RFC 3.3.2.
diff --git a/src/libstrongswan/database/database.h b/src/libstrongswan/database/database.h
index dda29b5fb..d46fc3d34 100644
--- a/src/libstrongswan/database/database.h
+++ b/src/libstrongswan/database/database.h
@@ -25,7 +25,7 @@ typedef enum db_type_t db_type_t;
typedef enum db_driver_t db_driver_t;
typedef struct database_t database_t;
-#include <utils/enumerator.h>
+#include <collections/enumerator.h>
/**
* Database column types
diff --git a/src/libstrongswan/database/database_factory.c b/src/libstrongswan/database/database_factory.c
index 909522d64..6c714ba51 100644
--- a/src/libstrongswan/database/database_factory.c
+++ b/src/libstrongswan/database/database_factory.c
@@ -15,7 +15,7 @@
#include "database_factory.h"
-#include <utils/linked_list.h>
+#include <collections/linked_list.h>
#include <threading/mutex.h>
typedef struct private_database_factory_t private_database_factory_t;
diff --git a/src/libstrongswan/eap/eap.c b/src/libstrongswan/eap/eap.c
index 1e4cf11bf..c181c5de7 100644
--- a/src/libstrongswan/eap/eap.c
+++ b/src/libstrongswan/eap/eap.c
@@ -19,7 +19,7 @@
#include "eap.h"
-#include <debug.h>
+#include <utils/debug.h>
ENUM(eap_code_names, EAP_REQUEST, EAP_FAILURE,
"EAP_REQUEST",
diff --git a/src/libstrongswan/fetcher/fetcher.h b/src/libstrongswan/fetcher/fetcher.h
index 5b734da3d..58451aef2 100644
--- a/src/libstrongswan/fetcher/fetcher.h
+++ b/src/libstrongswan/fetcher/fetcher.h
@@ -26,7 +26,7 @@ typedef struct fetcher_t fetcher_t;
typedef enum fetcher_option_t fetcher_option_t;
#include <stdarg.h>
-#include <chunk.h>
+#include <utils/chunk.h>
/**
* Constructor function which creates fetcher instances.
diff --git a/src/libstrongswan/fetcher/fetcher_manager.c b/src/libstrongswan/fetcher/fetcher_manager.c
index 9b363c7eb..a638eef2f 100644
--- a/src/libstrongswan/fetcher/fetcher_manager.c
+++ b/src/libstrongswan/fetcher/fetcher_manager.c
@@ -15,9 +15,9 @@
#include "fetcher_manager.h"
-#include <debug.h>
+#include <utils/debug.h>
#include <threading/rwlock.h>
-#include <utils/linked_list.h>
+#include <collections/linked_list.h>
typedef struct private_fetcher_manager_t private_fetcher_manager_t;
diff --git a/src/libstrongswan/library.c b/src/libstrongswan/library.c
index 1179b468c..30a7774df 100644
--- a/src/libstrongswan/library.c
+++ b/src/libstrongswan/library.c
@@ -18,11 +18,11 @@
#include <stdlib.h>
-#include <debug.h>
+#include <utils/debug.h>
#include <threading/thread.h>
#include <utils/identification.h>
-#include <utils/host.h>
-#include <utils/hashtable.h>
+#include <networking/host.h>
+#include <collections/hashtable.h>
#include <utils/backtrace.h>
#include <selectors/traffic_selector.h>
@@ -44,12 +44,22 @@ struct private_library_t {
* Hashtable with registered objects (name => object)
*/
hashtable_t *objects;
+
+ /**
+ * Integrity check failed?
+ */
+ bool integrity_failed;
+
+ /**
+ * Number of times we have been initialized
+ */
+ refcount_t ref;
};
/**
* library instance
*/
-library_t *lib;
+library_t *lib = NULL;
/**
* Deinitialize library
@@ -59,6 +69,11 @@ void library_deinit()
private_library_t *this = (private_library_t*)lib;
bool detailed;
+ if (!this || !ref_put(&this->ref))
+ { /* have more users */
+ return;
+ }
+
detailed = lib->settings->get_bool(lib->settings,
"libstrongswan.leak_detective.detailed", TRUE);
@@ -68,6 +83,7 @@ void library_deinit()
this->public.scheduler->destroy(this->public.scheduler);
this->public.processor->destroy(this->public.processor);
this->public.plugins->destroy(this->public.plugins);
+ this->public.hosts->destroy(this->public.hosts);
this->public.settings->destroy(this->public.settings);
this->public.credmgr->destroy(this->public.credmgr);
this->public.creds->destroy(this->public.creds);
@@ -141,11 +157,19 @@ bool library_init(char *settings)
private_library_t *this;
printf_hook_t *pfh;
+ if (lib)
+ { /* already initialized, increase refcount */
+ this = (private_library_t*)lib;
+ ref_get(&this->ref);
+ return !this->integrity_failed;
+ }
+
INIT(this,
.public = {
.get = _get,
.set = _set,
},
+ .ref = 1,
);
lib = &this->public;
@@ -183,6 +207,7 @@ bool library_init(char *settings)
this->objects = hashtable_create((hashtable_hash_t)hash,
(hashtable_equals_t)equals, 4);
this->public.settings = settings_create(settings);
+ this->public.hosts = host_resolver_create();
this->public.proposal = proposal_keywords_create();
this->public.crypto = crypto_factory_create();
this->public.creds = credential_factory_create();
@@ -202,14 +227,14 @@ bool library_init(char *settings)
if (!lib->integrity->check(lib->integrity, "libstrongswan", library_init))
{
DBG1(DBG_LIB, "integrity check of libstrongswan failed");
- return FALSE;
+ this->integrity_failed = TRUE;
}
#else /* !INTEGRITY_TEST */
DBG1(DBG_LIB, "integrity test enabled, but not supported");
- return FALSE;
+ this->integrity_failed = TRUE;
#endif /* INTEGRITY_TEST */
}
- return TRUE;
+ return !this->integrity_failed;
}
diff --git a/src/libstrongswan/library.h b/src/libstrongswan/library.h
index b79bd91be..f164a6052 100644
--- a/src/libstrongswan/library.h
+++ b/src/libstrongswan/library.h
@@ -22,6 +22,9 @@
* @defgroup bio bio
* @ingroup libstrongswan
*
+ * @defgroup collections collections
+ * @ingroup libstrongswan
+ *
* @defgroup credentials credentials
* @ingroup libstrongswan
*
@@ -31,6 +34,9 @@
* @defgroup certificates certificates
* @ingroup credentials
*
+ * @defgroup containers containers
+ * @ingroup credentials
+ *
* @defgroup sets sets
* @ingroup credentials
*
@@ -46,6 +52,9 @@
* @defgroup ipsec ipsec
* @ingroup libstrongswan
*
+ * @defgroup networking networking
+ * @ingroup libstrongswan
+ *
* @defgroup plugins plugins
* @ingroup libstrongswan
*
@@ -74,11 +83,10 @@
# error config.h not included, pass "-include [...]/config.h" to gcc
#endif
-#include "printf_hook.h"
-#include "utils.h"
-#include "chunk.h"
-#include "settings.h"
-#include "integrity_checker.h"
+/* make sure we include printf_hook.h and utils.h first */
+#include "utils/printf_hook.h"
+#include "utils/utils.h"
+#include "networking/host_resolver.h"
#include "processing/processor.h"
#include "processing/scheduler.h"
#include "crypto/crypto_factory.h"
@@ -88,7 +96,10 @@
#include "credentials/credential_factory.h"
#include "credentials/credential_manager.h"
#include "credentials/cred_encoding.h"
+#include "utils/chunk.h"
+#include "utils/integrity_checker.h"
#include "utils/leak_detective.h"
+#include "utils/settings.h"
#include "plugins/plugin_loader.h"
typedef struct library_t library_t;
@@ -171,6 +182,11 @@ struct library_t {
scheduler_t *scheduler;
/**
+ * resolve hosts by DNS name
+ */
+ host_resolver_t *hosts;
+
+ /**
* various settings loaded from settings file
*/
settings_t *settings;
@@ -189,6 +205,9 @@ struct library_t {
/**
* Initialize library, creates "lib" instance.
*
+ * library_init() may be called multiple times in a single process, but each
+ * caller should call library_deinit() for each call to library_init().
+ *
* @param settings file to read settings from, may be NULL for default
* @return FALSE if integrity check failed
*/
diff --git a/src/libstrongswan/utils/host.c b/src/libstrongswan/networking/host.c
index e17b6ad02..bffa96064 100644
--- a/src/libstrongswan/utils/host.c
+++ b/src/libstrongswan/networking/host.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2006-2009 Tobias Brunner
+ * Copyright (C) 2006-2012 Tobias Brunner
* Copyright (C) 2006 Daniel Roethlisberger
* Copyright (C) 2005-2006 Martin Willi
* Copyright (C) 2005 Jan Hutter
@@ -16,14 +16,10 @@
* for more details.
*/
-#define _GNU_SOURCE
-#include <sys/socket.h>
-#include <netdb.h>
-#include <string.h>
-
#include "host.h"
-#include <debug.h>
+#include <utils/debug.h>
+#include <library.h>
#define IPV4_LEN 4
#define IPV6_LEN 16
@@ -362,57 +358,72 @@ static host_t *host_create_any_port(int family, u_int16_t port)
/*
* Described in header.
*/
-host_t *host_create_from_string(char *string, u_int16_t port)
+host_t *host_create_from_string_and_family(char *string, int family,
+ u_int16_t port)
{
- private_host_t *this;
+ union {
+ struct sockaddr_in v4;
+ struct sockaddr_in6 v6;
+ } addr;
if (streq(string, "%any"))
{
- return host_create_any_port(AF_INET, port);
+ return host_create_any_port(family ? family : AF_INET, port);
}
- if (streq(string, "%any6"))
+ if (family == AF_UNSPEC || family == AF_INET)
{
- return host_create_any_port(AF_INET6, port);
- }
-
- this = host_create_empty();
- if (strchr(string, '.'))
- {
- this->address.sa_family = AF_INET;
+ if (streq(string, "%any4") || streq(string, "0.0.0.0"))
+ {
+ return host_create_any_port(AF_INET, port);
+ }
}
- else
+ if (family == AF_UNSPEC || family == AF_INET6)
{
- this->address.sa_family = AF_INET6;
+ if (streq(string, "%any6") || streq(string, "::"))
+ {
+ return host_create_any_port(AF_INET6, port);
+ }
}
- switch (this->address.sa_family)
+ switch (family)
{
- case AF_INET:
- {
- if (inet_pton(AF_INET, string, &this->address4.sin_addr) <=0)
+ case AF_UNSPEC:
+ if (strchr(string, '.'))
{
- break;
+ goto af_inet;
}
- this->address4.sin_port = htons(port);
- this->socklen = sizeof(struct sockaddr_in);
- return &this->public;
- }
+ /* FALL */
case AF_INET6:
- {
- if (inet_pton(AF_INET6, string, &this->address6.sin6_addr) <=0)
+ if (inet_pton(AF_INET6, string, &addr.v6.sin6_addr) != 1)
{
- break;
+ return NULL;
}
- this->address6.sin6_port = htons(port);
- this->socklen = sizeof(struct sockaddr_in6);
- return &this->public;
- }
+ addr.v6.sin6_port = htons(port);
+ addr.v6.sin6_family = AF_INET6;
+ return host_create_from_sockaddr((sockaddr_t*)&addr);
+ case AF_INET:
+ if (strchr(string, ':'))
+ { /* do not try to convert v6 addresses for v4 family */
+ return NULL;
+ }
+ af_inet:
+ if (inet_pton(AF_INET, string, &addr.v4.sin_addr) != 1)
+ {
+ return NULL;
+ }
+ addr.v4.sin_port = htons(port);
+ addr.v4.sin_family = AF_INET;
+ return host_create_from_sockaddr((sockaddr_t*)&addr);
default:
- {
- break;
- }
+ return NULL;
}
- free(this);
- return NULL;
+}
+
+/*
+ * Described in header.
+ */
+host_t *host_create_from_string(char *string, u_int16_t port)
+{
+ return host_create_from_string_and_family(string, AF_UNSPEC, port);
}
/*
@@ -450,48 +461,18 @@ host_t *host_create_from_sockaddr(sockaddr_t *sockaddr)
*/
host_t *host_create_from_dns(char *string, int af, u_int16_t port)
{
- private_host_t *this;
- struct addrinfo hints, *result;
- int error;
-
- if (streq(string, "%any"))
- {
- return host_create_any_port(af ? af : AF_INET, port);
- }
- if (streq(string, "%any6"))
- {
- return host_create_any_port(af ? af : AF_INET6, port);
- }
- if (af == AF_INET && strchr(string, ':'))
- { /* do not try to convert v6 addresses for v4 family */
- return NULL;
- }
+ host_t *this;
- memset(&hints, 0, sizeof(hints));
- hints.ai_family = af;
- error = getaddrinfo(string, NULL, &hints, &result);
- if (error != 0)
+ this = host_create_from_string_and_family(string, af, port);
+ if (!this)
{
- DBG1(DBG_LIB, "resolving '%s' failed: %s", string, gai_strerror(error));
- return NULL;
+ this = lib->hosts->resolve(lib->hosts, string, af);
}
- /* result is a linked list, but we use only the first address */
- this = (private_host_t*)host_create_from_sockaddr(result->ai_addr);
- freeaddrinfo(result);
if (this)
{
- switch (this->address.sa_family)
- {
- case AF_INET:
- this->address4.sin_port = htons(port);
- break;
- case AF_INET6:
- this->address6.sin6_port = htons(port);
- break;
- }
- return &this->public;
+ this->set_port(this, port);
}
- return NULL;
+ return this;
}
/*
diff --git a/src/libstrongswan/utils/host.h b/src/libstrongswan/networking/host.h
index a8b010544..25f334779 100644
--- a/src/libstrongswan/utils/host.h
+++ b/src/libstrongswan/networking/host.h
@@ -18,7 +18,7 @@
/**
* @defgroup host host
- * @{ @ingroup utils
+ * @{ @ingroup networking
*/
#ifndef HOST_H_
@@ -34,7 +34,7 @@ typedef struct host_t host_t;
#include <netinet/in.h>
#include <arpa/inet.h>
-#include <chunk.h>
+#include <utils/chunk.h>
/**
* Differences between two hosts. They differ in
@@ -160,6 +160,17 @@ struct host_t {
host_t *host_create_from_string(char *string, u_int16_t port);
/**
+ * Same as host_create_from_string(), but with the option to enforce a family.
+ *
+ * @param string string of an address
+ * @param family address family, or AF_UNSPEC
+ * @param port port number
+ * @return host_t, NULL if string not an address.
+ */
+host_t *host_create_from_string_and_family(char *string, int family,
+ u_int16_t port);
+
+/**
* Constructor to create a host_t from a DNS name.
*
* @param string hostname to resolve
diff --git a/src/libstrongswan/networking/host_resolver.c b/src/libstrongswan/networking/host_resolver.c
new file mode 100644
index 000000000..5e244f114
--- /dev/null
+++ b/src/libstrongswan/networking/host_resolver.c
@@ -0,0 +1,351 @@
+/*
+ * Copyright (C) 2012 Tobias Brunner
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netdb.h>
+
+#include "host_resolver.h"
+
+#include <library.h>
+#include <utils/debug.h>
+#include <threading/condvar.h>
+#include <threading/mutex.h>
+#include <threading/thread.h>
+#include <collections/hashtable.h>
+#include <collections/linked_list.h>
+
+/**
+ * Default minimum and maximum number of threads
+ */
+#define MIN_THREADS_DEFAULT 0
+#define MAX_THREADS_DEFAULT 3
+
+/**
+ * Timeout in seconds to wait for new queries until a thread may be stopped
+ */
+#define NEW_QUERY_WAIT_TIMEOUT 30
+
+typedef struct private_host_resolver_t private_host_resolver_t;
+
+/**
+ * Private data of host_resolver_t
+ */
+struct private_host_resolver_t {
+
+ /**
+ * Public interface
+ */
+ host_resolver_t public;
+
+ /**
+ * Hashtable to check for queued queries, query_t*
+ */
+ hashtable_t *queries;
+
+ /**
+ * Queue for queries, query_t*
+ */
+ linked_list_t *queue;
+
+ /**
+ * Mutex to safely access private data
+ */
+ mutex_t *mutex;
+
+ /**
+ * Condvar to signal arrival of new queries
+ */
+ condvar_t *new_query;
+
+ /**
+ * Minimum number of resolver threads
+ */
+ u_int min_threads;
+
+ /**
+ * Maximum number of resolver threads
+ */
+ u_int max_threads;
+
+ /**
+ * Current number of threads
+ */
+ u_int threads;
+
+ /**
+ * Current number of busy threads
+ */
+ u_int busy_threads;
+
+ /**
+ * Pool of threads, thread_t*
+ */
+ linked_list_t *pool;
+
+ /**
+ * TRUE if no new queries are accepted
+ */
+ bool disabled;
+
+};
+
+typedef struct {
+ /** DNS name we are looking for */
+ char *name;
+ /** address family we request */
+ int family;
+ /** Condvar to signal completion of a query */
+ condvar_t *done;
+ /** refcount */
+ refcount_t refcount;
+ /** the result if successful */
+ host_t *result;
+} query_t;
+
+/**
+ * Destroy the given query_t object if refcount is zero
+ */
+static void query_destroy(query_t *this)
+{
+ if (ref_put(&this->refcount))
+ {
+ DESTROY_IF(this->result);
+ this->done->destroy(this->done);
+ free(this->name);
+ free(this);
+ }
+}
+
+/**
+ * Signals all waiting threads and destroys the query
+ */
+static void query_signal_and_destroy(query_t *this)
+{
+ this->done->broadcast(this->done);
+ query_destroy(this);
+}
+
+/**
+ * Hash a queued query
+ */
+static u_int query_hash(query_t *this)
+{
+ return chunk_hash_inc(chunk_create(this->name, strlen(this->name)),
+ chunk_hash(chunk_from_thing(this->family)));
+}
+
+/**
+ * Compare two queued queries
+ */
+static bool query_equals(query_t *this, query_t *other)
+{
+ return this->family == other->family && streq(this->name, other->name);
+}
+
+/**
+ * Main function of resolver threads
+ */
+static void *resolve_hosts(private_host_resolver_t *this)
+{
+ struct addrinfo hints, *result;
+ query_t *query;
+ int error;
+ bool old, timed_out;
+
+ while (TRUE)
+ {
+ this->mutex->lock(this->mutex);
+ thread_cleanup_push((thread_cleanup_t)this->mutex->unlock, this->mutex);
+ while (this->queue->remove_first(this->queue,
+ (void**)&query) != SUCCESS)
+ {
+ old = thread_cancelability(TRUE);
+ timed_out = this->new_query->timed_wait(this->new_query,
+ this->mutex, NEW_QUERY_WAIT_TIMEOUT * 1000);
+ thread_cancelability(old);
+ if (this->disabled)
+ {
+ thread_cleanup_pop(TRUE);
+ return NULL;
+ }
+ else if (timed_out && (this->threads > this->min_threads))
+ { /* terminate this thread by detaching it */
+ thread_t *thread = thread_current();
+
+ this->threads--;
+ this->pool->remove(this->pool, thread, NULL);
+ thread_cleanup_pop(TRUE);
+ thread->detach(thread);
+ return NULL;
+ }
+ }
+ this->busy_threads++;
+ thread_cleanup_pop(TRUE);
+
+ memset(&hints, 0, sizeof(hints));
+ hints.ai_family = query->family;
+ hints.ai_socktype = SOCK_DGRAM;
+
+ thread_cleanup_push((thread_cleanup_t)query_signal_and_destroy, query);
+ old = thread_cancelability(TRUE);
+ error = getaddrinfo(query->name, NULL, &hints, &result);
+ thread_cancelability(old);
+ thread_cleanup_pop(FALSE);
+
+ this->mutex->lock(this->mutex);
+ this->busy_threads--;
+ if (error != 0)
+ {
+ DBG1(DBG_LIB, "resolving '%s' failed: %s", query->name,
+ gai_strerror(error));
+ }
+ else
+ { /* result is a linked list, but we use only the first address */
+ query->result = host_create_from_sockaddr(result->ai_addr);
+ freeaddrinfo(result);
+ }
+ this->queries->remove(this->queries, query);
+ query->done->broadcast(query->done);
+ this->mutex->unlock(this->mutex);
+ query_destroy(query);
+ }
+ return NULL;
+}
+
+METHOD(host_resolver_t, resolve, host_t*,
+ private_host_resolver_t *this, char *name, int family)
+{
+ query_t *query, lookup = {
+ .name = name,
+ .family = family,
+ };
+ host_t *result;
+
+ if (family == AF_INET && strchr(name, ':'))
+ { /* do not try to convert v6 addresses for v4 family */
+ return NULL;
+ }
+ this->mutex->lock(this->mutex);
+ if (this->disabled)
+ {
+ this->mutex->unlock(this->mutex);
+ return NULL;
+ }
+ query = this->queries->get(this->queries, &lookup);
+ if (!query)
+ {
+ INIT(query,
+ .name = strdup(name),
+ .family = family,
+ .done = condvar_create(CONDVAR_TYPE_DEFAULT),
+ .refcount = 1,
+ );
+ this->queries->put(this->queries, query, query);
+ this->queue->insert_last(this->queue, query);
+ this->new_query->signal(this->new_query);
+ }
+ ref_get(&query->refcount);
+ if (this->busy_threads == this->threads &&
+ this->threads < this->max_threads)
+ {
+ thread_t *thread;
+
+ thread = thread_create((thread_main_t)resolve_hosts, this);
+ if (thread)
+ {
+ this->threads++;
+ this->pool->insert_last(this->pool, thread);
+ }
+ }
+ query->done->wait(query->done, this->mutex);
+ this->mutex->unlock(this->mutex);
+
+ result = query->result ? query->result->clone(query->result) : NULL;
+ query_destroy(query);
+ return result;
+}
+
+METHOD(host_resolver_t, flush, void,
+ private_host_resolver_t *this)
+{
+ enumerator_t *enumerator;
+ query_t *query;
+
+ this->mutex->lock(this->mutex);
+ enumerator = this->queries->create_enumerator(this->queries);
+ while (enumerator->enumerate(enumerator, &query, NULL))
+ { /* use the hashtable here as we also want to signal dequeued queries */
+ this->queries->remove_at(this->queries, enumerator);
+ query->done->broadcast(query->done);
+ }
+ enumerator->destroy(enumerator);
+ this->queue->destroy_function(this->queue, (void*)query_destroy);
+ this->queue = linked_list_create();
+ this->disabled = TRUE;
+ /* this will already terminate most idle threads */
+ this->new_query->broadcast(this->new_query);
+ this->mutex->unlock(this->mutex);
+}
+
+METHOD(host_resolver_t, destroy, void,
+ private_host_resolver_t *this)
+{
+ thread_t *thread;
+
+ flush(this);
+ this->pool->invoke_offset(this->pool, offsetof(thread_t, cancel));
+ while (this->pool->remove_first(this->pool, (void**)&thread) == SUCCESS)
+ {
+ thread->join(thread);
+ }
+ this->pool->destroy(this->pool);
+ this->queue->destroy(this->queue);
+ this->queries->destroy(this->queries);
+ this->new_query->destroy(this->new_query);
+ this->mutex->destroy(this->mutex);
+ free(this);
+}
+
+/*
+ * Described in header
+ */
+host_resolver_t *host_resolver_create()
+{
+ private_host_resolver_t *this;
+
+ INIT(this,
+ .public = {
+ .resolve = _resolve,
+ .flush = _flush,
+ .destroy = _destroy,
+ },
+ .queries = hashtable_create((hashtable_hash_t)query_hash,
+ (hashtable_equals_t)query_equals, 8),
+ .queue = linked_list_create(),
+ .pool = linked_list_create(),
+ .mutex = mutex_create(MUTEX_TYPE_DEFAULT),
+ .new_query = condvar_create(CONDVAR_TYPE_DEFAULT),
+ );
+
+ this->min_threads = max(0, lib->settings->get_int(lib->settings,
+ "libstrongswan.host_resolver.min_threads",
+ MIN_THREADS_DEFAULT));
+ this->max_threads = max(this->min_threads ?: 1,
+ lib->settings->get_int(lib->settings,
+ "libstrongswan.host_resolver.max_threads",
+ MAX_THREADS_DEFAULT));
+ return &this->public;
+}
diff --git a/src/libstrongswan/networking/host_resolver.h b/src/libstrongswan/networking/host_resolver.h
new file mode 100644
index 000000000..f944a9cdf
--- /dev/null
+++ b/src/libstrongswan/networking/host_resolver.h
@@ -0,0 +1,60 @@
+/*
+ * Copyright (C) 2012 Tobias Brunner
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup host_resolver host_resolver
+ * @{ @ingroup networking
+ */
+
+#ifndef HOST_RESOLVER_H_
+#define HOST_RESOLVER_H_
+
+#include "host.h"
+
+typedef struct host_resolver_t host_resolver_t;
+
+/**
+ * Resolve hosts by DNS name but do so in a separate thread (calling
+ * getaddrinfo(3) directly might block indefinitely, or at least a very long
+ * time if no DNS servers are reachable).
+ */
+struct host_resolver_t {
+
+ /**
+ * Resolve host from the given DNS name.
+ *
+ * @param name name to lookup
+ * @param family requested address family
+ * @return resolved host or NULL if failed or canceled
+ */
+ host_t *(*resolve)(host_resolver_t *this, char *name, int family);
+
+ /**
+ * Flush the queue of queries. No new queries will be accepted afterwards.
+ */
+ void (*flush)(host_resolver_t *this);
+
+ /**
+ * Destroy a host_resolver_t.
+ */
+ void (*destroy)(host_resolver_t *this);
+};
+
+/**
+ * Create a host_resolver_t instance.
+ */
+host_resolver_t *host_resolver_create();
+
+#endif /** HOST_RESOLVER_H_ @}*/
diff --git a/src/libstrongswan/utils/packet.c b/src/libstrongswan/networking/packet.c
index a2c329d60..a2c329d60 100644
--- a/src/libstrongswan/utils/packet.c
+++ b/src/libstrongswan/networking/packet.c
diff --git a/src/libstrongswan/utils/packet.h b/src/libstrongswan/networking/packet.h
index 5c4440115..6fb9cece2 100644
--- a/src/libstrongswan/utils/packet.h
+++ b/src/libstrongswan/networking/packet.h
@@ -17,7 +17,7 @@
/**
* @defgroup packet packet
- * @{ @ingroup utils
+ * @{ @ingroup networking
*/
#ifndef PACKET_H_
@@ -26,7 +26,7 @@
typedef struct packet_t packet_t;
#include <library.h>
-#include <utils/host.h>
+#include <networking/host.h>
/**
* Abstraction of an IP/UDP-Packet, contains data, sender and receiver.
diff --git a/src/libstrongswan/utils/tun_device.c b/src/libstrongswan/networking/tun_device.c
index 36f3359c0..d07327e5c 100644
--- a/src/libstrongswan/utils/tun_device.c
+++ b/src/libstrongswan/networking/tun_device.c
@@ -40,7 +40,7 @@
#include "tun_device.h"
#include <library.h>
-#include <debug.h>
+#include <utils/debug.h>
#include <threading/thread.h>
#define TUN_DEFAULT_MTU 1500
diff --git a/src/libstrongswan/utils/tun_device.h b/src/libstrongswan/networking/tun_device.h
index 71af0386b..b22a5d170 100644
--- a/src/libstrongswan/utils/tun_device.h
+++ b/src/libstrongswan/networking/tun_device.h
@@ -17,14 +17,14 @@
/**
* @defgroup tun_device tun_device
- * @{ @ingroup utils
+ * @{ @ingroup networking
*/
#ifndef TUN_DEVICE_H_
#define TUN_DEVICE_H_
#include <library.h>
-#include <utils/host.h>
+#include <networking/host.h>
typedef struct tun_device_t tun_device_t;
diff --git a/src/libstrongswan/pen/pen.c b/src/libstrongswan/pen/pen.c
index a80e949e3..b1b0731d4 100644
--- a/src/libstrongswan/pen/pen.c
+++ b/src/libstrongswan/pen/pen.c
@@ -21,11 +21,21 @@ ENUM_NEXT(pen_names, PEN_IBM, PEN_IBM, PEN_IETF,
"IBM");
ENUM_NEXT(pen_names, PEN_MICROSOFT, PEN_MICROSOFT, PEN_IBM,
"Microsoft");
-ENUM_NEXT(pen_names, PEN_OSC, PEN_OSC, PEN_MICROSOFT,
+ENUM_NEXT(pen_names, PEN_REDHAT, PEN_REDHAT, PEN_MICROSOFT,
+ "Redhat");
+ENUM_NEXT(pen_names, PEN_OSC, PEN_OSC, PEN_REDHAT,
"OSC");
-ENUM_NEXT(pen_names, PEN_TCG, PEN_TCG, PEN_OSC,
+ENUM_NEXT(pen_names, PEN_DEBIAN, PEN_DEBIAN, PEN_OSC,
+ "Debian Project");
+ENUM_NEXT(pen_names, PEN_GOOGLE, PEN_GOOGLE, PEN_DEBIAN,
+ "Google");
+ENUM_NEXT(pen_names, PEN_TCG, PEN_TCG, PEN_GOOGLE,
"TCG");
-ENUM_NEXT(pen_names, PEN_FHH, PEN_FHH, PEN_TCG,
+ENUM_NEXT(pen_names, PEN_CANONICAL, PEN_CANONICAL, PEN_TCG,
+ "Canonical");
+ENUM_NEXT(pen_names, PEN_FEDORA, PEN_FEDORA, PEN_CANONICAL,
+ "Fedora Project");
+ENUM_NEXT(pen_names, PEN_FHH, PEN_FHH, PEN_FEDORA,
"FHH");
ENUM_NEXT(pen_names, PEN_ITA, PEN_ITA, PEN_FHH,
"ITA-HSR");
diff --git a/src/libstrongswan/pen/pen.h b/src/libstrongswan/pen/pen.h
index 78b6e4df2..9d5df7d49 100644
--- a/src/libstrongswan/pen/pen.h
+++ b/src/libstrongswan/pen/pen.h
@@ -33,8 +33,13 @@ enum pen_t {
PEN_IETF = 0x000000, /* 0 */
PEN_IBM = 0x000002, /* 2 */
PEN_MICROSOFT = 0x000137, /* 311 */
+ PEN_REDHAT = 0x000908, /* 2312 */
PEN_OSC = 0x002358, /* 9048 */
+ PEN_DEBIAN = 0x002572, /* 9586 */
+ PEN_GOOGLE = 0x002B79, /* 11129 */
PEN_TCG = 0x005597, /* 21911 */
+ PEN_CANONICAL = 0x007132, /* 28978 */
+ PEN_FEDORA = 0x0076C1, /* 30401 */
PEN_FHH = 0x0080ab, /* 32939 */
PEN_ITA = 0x00902a, /* 36906 */
PEN_OPENPTS = 0x00950e, /* 38158 */
diff --git a/src/libstrongswan/plugins/aes/Makefile.in b/src/libstrongswan/plugins/aes/Makefile.in
index c09cf66a7..99cc71e2c 100644
--- a/src/libstrongswan/plugins/aes/Makefile.in
+++ b/src/libstrongswan/plugins/aes/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11.1 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -73,6 +73,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
am__installdirs = "$(DESTDIR)$(plugindir)"
LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_aes_la_LIBADD =
@@ -120,6 +126,7 @@ CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DLLIB = @DLLIB@
+DLLTOOL = @DLLTOOL@
DSYMUTIL = @DSYMUTIL@
DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
@@ -147,6 +154,7 @@ LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
MYSQLCFLAG = @MYSQLCFLAG@
MYSQLCONFIG = @MYSQLCONFIG@
@@ -174,6 +182,7 @@ RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
RUBYINCLUDE = @RUBYINCLUDE@
+RUBYLIB = @RUBYLIB@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
@@ -186,6 +195,7 @@ abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
@@ -239,7 +249,6 @@ libexecdir = @libexecdir@
linux_headers = @linux_headers@
localedir = @localedir@
localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
maemo_CFLAGS = @maemo_CFLAGS@
maemo_LIBS = @maemo_LIBS@
manager_plugins = @manager_plugins@
@@ -368,7 +377,7 @@ clean-pluginLTLIBRARIES:
echo "rm -f \"$${dir}/so_locations\""; \
rm -f "$${dir}/so_locations"; \
done
-libstrongswan-aes.la: $(libstrongswan_aes_la_OBJECTS) $(libstrongswan_aes_la_DEPENDENCIES)
+libstrongswan-aes.la: $(libstrongswan_aes_la_OBJECTS) $(libstrongswan_aes_la_DEPENDENCIES) $(EXTRA_libstrongswan_aes_la_DEPENDENCIES)
$(libstrongswan_aes_la_LINK) $(am_libstrongswan_aes_la_rpath) $(libstrongswan_aes_la_OBJECTS) $(libstrongswan_aes_la_LIBADD) $(LIBS)
mostlyclean-compile:
@@ -506,10 +515,15 @@ install-am: all-am
installcheck: installcheck-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
- install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
- `test -z '$(STRIP)' || \
- echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
mostlyclean-generic:
clean-generic:
diff --git a/src/libstrongswan/plugins/af_alg/Makefile.in b/src/libstrongswan/plugins/af_alg/Makefile.in
index d3da24718..66b525016 100644
--- a/src/libstrongswan/plugins/af_alg/Makefile.in
+++ b/src/libstrongswan/plugins/af_alg/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11.1 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -73,6 +73,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
am__installdirs = "$(DESTDIR)$(plugindir)"
LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_af_alg_la_LIBADD =
@@ -124,6 +130,7 @@ CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DLLIB = @DLLIB@
+DLLTOOL = @DLLTOOL@
DSYMUTIL = @DSYMUTIL@
DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
@@ -151,6 +158,7 @@ LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
MYSQLCFLAG = @MYSQLCFLAG@
MYSQLCONFIG = @MYSQLCONFIG@
@@ -178,6 +186,7 @@ RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
RUBYINCLUDE = @RUBYINCLUDE@
+RUBYLIB = @RUBYLIB@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
@@ -190,6 +199,7 @@ abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
@@ -243,7 +253,6 @@ libexecdir = @libexecdir@
linux_headers = @linux_headers@
localedir = @localedir@
localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
maemo_CFLAGS = @maemo_CFLAGS@
maemo_LIBS = @maemo_LIBS@
manager_plugins = @manager_plugins@
@@ -377,7 +386,7 @@ clean-pluginLTLIBRARIES:
echo "rm -f \"$${dir}/so_locations\""; \
rm -f "$${dir}/so_locations"; \
done
-libstrongswan-af-alg.la: $(libstrongswan_af_alg_la_OBJECTS) $(libstrongswan_af_alg_la_DEPENDENCIES)
+libstrongswan-af-alg.la: $(libstrongswan_af_alg_la_OBJECTS) $(libstrongswan_af_alg_la_DEPENDENCIES) $(EXTRA_libstrongswan_af_alg_la_DEPENDENCIES)
$(libstrongswan_af_alg_la_LINK) $(am_libstrongswan_af_alg_la_rpath) $(libstrongswan_af_alg_la_OBJECTS) $(libstrongswan_af_alg_la_LIBADD) $(LIBS)
mostlyclean-compile:
@@ -519,10 +528,15 @@ install-am: all-am
installcheck: installcheck-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
- install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
- `test -z '$(STRIP)' || \
- echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
mostlyclean-generic:
clean-generic:
diff --git a/src/libstrongswan/plugins/af_alg/af_alg_ops.c b/src/libstrongswan/plugins/af_alg/af_alg_ops.c
index 7fe47c578..331d1e801 100644
--- a/src/libstrongswan/plugins/af_alg/af_alg_ops.c
+++ b/src/libstrongswan/plugins/af_alg/af_alg_ops.c
@@ -19,7 +19,7 @@
#include <errno.h>
#include <linux/socket.h>
-#include <debug.h>
+#include <utils/debug.h>
typedef struct private_af_alg_ops_t private_af_alg_ops_t;
diff --git a/src/libstrongswan/plugins/agent/Makefile.in b/src/libstrongswan/plugins/agent/Makefile.in
index 8e606bf39..ec98cacb9 100644
--- a/src/libstrongswan/plugins/agent/Makefile.in
+++ b/src/libstrongswan/plugins/agent/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11.1 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -73,6 +73,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
am__installdirs = "$(DESTDIR)$(plugindir)"
LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_agent_la_LIBADD =
@@ -122,6 +128,7 @@ CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DLLIB = @DLLIB@
+DLLTOOL = @DLLTOOL@
DSYMUTIL = @DSYMUTIL@
DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
@@ -149,6 +156,7 @@ LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
MYSQLCFLAG = @MYSQLCFLAG@
MYSQLCONFIG = @MYSQLCONFIG@
@@ -176,6 +184,7 @@ RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
RUBYINCLUDE = @RUBYINCLUDE@
+RUBYLIB = @RUBYLIB@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
@@ -188,6 +197,7 @@ abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
@@ -241,7 +251,6 @@ libexecdir = @libexecdir@
linux_headers = @linux_headers@
localedir = @localedir@
localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
maemo_CFLAGS = @maemo_CFLAGS@
maemo_LIBS = @maemo_LIBS@
manager_plugins = @manager_plugins@
@@ -371,7 +380,7 @@ clean-pluginLTLIBRARIES:
echo "rm -f \"$${dir}/so_locations\""; \
rm -f "$${dir}/so_locations"; \
done
-libstrongswan-agent.la: $(libstrongswan_agent_la_OBJECTS) $(libstrongswan_agent_la_DEPENDENCIES)
+libstrongswan-agent.la: $(libstrongswan_agent_la_OBJECTS) $(libstrongswan_agent_la_DEPENDENCIES) $(EXTRA_libstrongswan_agent_la_DEPENDENCIES)
$(libstrongswan_agent_la_LINK) $(am_libstrongswan_agent_la_rpath) $(libstrongswan_agent_la_OBJECTS) $(libstrongswan_agent_la_LIBADD) $(LIBS)
mostlyclean-compile:
@@ -509,10 +518,15 @@ install-am: all-am
installcheck: installcheck-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
- install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
- `test -z '$(STRIP)' || \
- echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
mostlyclean-generic:
clean-generic:
diff --git a/src/libstrongswan/plugins/agent/agent_private_key.c b/src/libstrongswan/plugins/agent/agent_private_key.c
index 60b57ad2d..42c78c172 100644
--- a/src/libstrongswan/plugins/agent/agent_private_key.c
+++ b/src/libstrongswan/plugins/agent/agent_private_key.c
@@ -24,8 +24,8 @@
#include <errno.h>
#include <library.h>
-#include <chunk.h>
-#include <debug.h>
+#include <utils/chunk.h>
+#include <utils/debug.h>
#ifndef UNIX_PATH_MAX
#define UNIX_PATH_MAX 108
diff --git a/src/libstrongswan/plugins/blowfish/Makefile.in b/src/libstrongswan/plugins/blowfish/Makefile.in
index c8b904eb9..7904719a4 100644
--- a/src/libstrongswan/plugins/blowfish/Makefile.in
+++ b/src/libstrongswan/plugins/blowfish/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11.1 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -73,6 +73,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
am__installdirs = "$(DESTDIR)$(plugindir)"
LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_blowfish_la_LIBADD =
@@ -124,6 +130,7 @@ CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DLLIB = @DLLIB@
+DLLTOOL = @DLLTOOL@
DSYMUTIL = @DSYMUTIL@
DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
@@ -151,6 +158,7 @@ LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
MYSQLCFLAG = @MYSQLCFLAG@
MYSQLCONFIG = @MYSQLCONFIG@
@@ -178,6 +186,7 @@ RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
RUBYINCLUDE = @RUBYINCLUDE@
+RUBYLIB = @RUBYLIB@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
@@ -190,6 +199,7 @@ abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
@@ -243,7 +253,6 @@ libexecdir = @libexecdir@
linux_headers = @linux_headers@
localedir = @localedir@
localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
maemo_CFLAGS = @maemo_CFLAGS@
maemo_LIBS = @maemo_LIBS@
manager_plugins = @manager_plugins@
@@ -373,7 +382,7 @@ clean-pluginLTLIBRARIES:
echo "rm -f \"$${dir}/so_locations\""; \
rm -f "$${dir}/so_locations"; \
done
-libstrongswan-blowfish.la: $(libstrongswan_blowfish_la_OBJECTS) $(libstrongswan_blowfish_la_DEPENDENCIES)
+libstrongswan-blowfish.la: $(libstrongswan_blowfish_la_OBJECTS) $(libstrongswan_blowfish_la_DEPENDENCIES) $(EXTRA_libstrongswan_blowfish_la_DEPENDENCIES)
$(libstrongswan_blowfish_la_LINK) $(am_libstrongswan_blowfish_la_rpath) $(libstrongswan_blowfish_la_OBJECTS) $(libstrongswan_blowfish_la_LIBADD) $(LIBS)
mostlyclean-compile:
@@ -513,10 +522,15 @@ install-am: all-am
installcheck: installcheck-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
- install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
- `test -z '$(STRIP)' || \
- echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
mostlyclean-generic:
clean-generic:
diff --git a/src/libstrongswan/plugins/ccm/Makefile.in b/src/libstrongswan/plugins/ccm/Makefile.in
index bb094f04c..2b00c4c46 100644
--- a/src/libstrongswan/plugins/ccm/Makefile.in
+++ b/src/libstrongswan/plugins/ccm/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11.1 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -73,6 +73,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
am__installdirs = "$(DESTDIR)$(plugindir)"
LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_ccm_la_LIBADD =
@@ -120,6 +126,7 @@ CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DLLIB = @DLLIB@
+DLLTOOL = @DLLTOOL@
DSYMUTIL = @DSYMUTIL@
DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
@@ -147,6 +154,7 @@ LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
MYSQLCFLAG = @MYSQLCFLAG@
MYSQLCONFIG = @MYSQLCONFIG@
@@ -174,6 +182,7 @@ RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
RUBYINCLUDE = @RUBYINCLUDE@
+RUBYLIB = @RUBYLIB@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
@@ -186,6 +195,7 @@ abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
@@ -239,7 +249,6 @@ libexecdir = @libexecdir@
linux_headers = @linux_headers@
localedir = @localedir@
localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
maemo_CFLAGS = @maemo_CFLAGS@
maemo_LIBS = @maemo_LIBS@
manager_plugins = @manager_plugins@
@@ -369,7 +378,7 @@ clean-pluginLTLIBRARIES:
echo "rm -f \"$${dir}/so_locations\""; \
rm -f "$${dir}/so_locations"; \
done
-libstrongswan-ccm.la: $(libstrongswan_ccm_la_OBJECTS) $(libstrongswan_ccm_la_DEPENDENCIES)
+libstrongswan-ccm.la: $(libstrongswan_ccm_la_OBJECTS) $(libstrongswan_ccm_la_DEPENDENCIES) $(EXTRA_libstrongswan_ccm_la_DEPENDENCIES)
$(libstrongswan_ccm_la_LINK) $(am_libstrongswan_ccm_la_rpath) $(libstrongswan_ccm_la_OBJECTS) $(libstrongswan_ccm_la_LIBADD) $(LIBS)
mostlyclean-compile:
@@ -507,10 +516,15 @@ install-am: all-am
installcheck: installcheck-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
- install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
- `test -z '$(STRIP)' || \
- echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
mostlyclean-generic:
clean-generic:
diff --git a/src/libstrongswan/plugins/cmac/Makefile.in b/src/libstrongswan/plugins/cmac/Makefile.in
index eba059a29..883469557 100644
--- a/src/libstrongswan/plugins/cmac/Makefile.in
+++ b/src/libstrongswan/plugins/cmac/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11.1 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -73,6 +73,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
am__installdirs = "$(DESTDIR)$(plugindir)"
LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_cmac_la_LIBADD =
@@ -120,6 +126,7 @@ CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DLLIB = @DLLIB@
+DLLTOOL = @DLLTOOL@
DSYMUTIL = @DSYMUTIL@
DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
@@ -147,6 +154,7 @@ LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
MYSQLCFLAG = @MYSQLCFLAG@
MYSQLCONFIG = @MYSQLCONFIG@
@@ -174,6 +182,7 @@ RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
RUBYINCLUDE = @RUBYINCLUDE@
+RUBYLIB = @RUBYLIB@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
@@ -186,6 +195,7 @@ abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
@@ -239,7 +249,6 @@ libexecdir = @libexecdir@
linux_headers = @linux_headers@
localedir = @localedir@
localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
maemo_CFLAGS = @maemo_CFLAGS@
maemo_LIBS = @maemo_LIBS@
manager_plugins = @manager_plugins@
@@ -368,7 +377,7 @@ clean-pluginLTLIBRARIES:
echo "rm -f \"$${dir}/so_locations\""; \
rm -f "$${dir}/so_locations"; \
done
-libstrongswan-cmac.la: $(libstrongswan_cmac_la_OBJECTS) $(libstrongswan_cmac_la_DEPENDENCIES)
+libstrongswan-cmac.la: $(libstrongswan_cmac_la_OBJECTS) $(libstrongswan_cmac_la_DEPENDENCIES) $(EXTRA_libstrongswan_cmac_la_DEPENDENCIES)
$(libstrongswan_cmac_la_LINK) $(am_libstrongswan_cmac_la_rpath) $(libstrongswan_cmac_la_OBJECTS) $(libstrongswan_cmac_la_LIBADD) $(LIBS)
mostlyclean-compile:
@@ -506,10 +515,15 @@ install-am: all-am
installcheck: installcheck-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
- install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
- `test -z '$(STRIP)' || \
- echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
mostlyclean-generic:
clean-generic:
diff --git a/src/libstrongswan/plugins/cmac/cmac.c b/src/libstrongswan/plugins/cmac/cmac.c
index 725d02d76..c8cb7fbf2 100644
--- a/src/libstrongswan/plugins/cmac/cmac.c
+++ b/src/libstrongswan/plugins/cmac/cmac.c
@@ -17,7 +17,7 @@
#include "cmac.h"
-#include <debug.h>
+#include <utils/debug.h>
#include <crypto/mac.h>
#include <crypto/prfs/mac_prf.h>
#include <crypto/signers/mac_signer.h>
diff --git a/src/libstrongswan/plugins/constraints/Makefile.in b/src/libstrongswan/plugins/constraints/Makefile.in
index 693d76334..65f36db54 100644
--- a/src/libstrongswan/plugins/constraints/Makefile.in
+++ b/src/libstrongswan/plugins/constraints/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11.1 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -73,6 +73,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
am__installdirs = "$(DESTDIR)$(plugindir)"
LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_constraints_la_LIBADD =
@@ -124,6 +130,7 @@ CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DLLIB = @DLLIB@
+DLLTOOL = @DLLTOOL@
DSYMUTIL = @DSYMUTIL@
DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
@@ -151,6 +158,7 @@ LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
MYSQLCFLAG = @MYSQLCFLAG@
MYSQLCONFIG = @MYSQLCONFIG@
@@ -178,6 +186,7 @@ RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
RUBYINCLUDE = @RUBYINCLUDE@
+RUBYLIB = @RUBYLIB@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
@@ -190,6 +199,7 @@ abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
@@ -243,7 +253,6 @@ libexecdir = @libexecdir@
linux_headers = @linux_headers@
localedir = @localedir@
localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
maemo_CFLAGS = @maemo_CFLAGS@
maemo_LIBS = @maemo_LIBS@
manager_plugins = @manager_plugins@
@@ -373,7 +382,7 @@ clean-pluginLTLIBRARIES:
echo "rm -f \"$${dir}/so_locations\""; \
rm -f "$${dir}/so_locations"; \
done
-libstrongswan-constraints.la: $(libstrongswan_constraints_la_OBJECTS) $(libstrongswan_constraints_la_DEPENDENCIES)
+libstrongswan-constraints.la: $(libstrongswan_constraints_la_OBJECTS) $(libstrongswan_constraints_la_DEPENDENCIES) $(EXTRA_libstrongswan_constraints_la_DEPENDENCIES)
$(libstrongswan_constraints_la_LINK) $(am_libstrongswan_constraints_la_rpath) $(libstrongswan_constraints_la_OBJECTS) $(libstrongswan_constraints_la_LIBADD) $(LIBS)
mostlyclean-compile:
@@ -511,10 +520,15 @@ install-am: all-am
installcheck: installcheck-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
- install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
- `test -z '$(STRIP)' || \
- echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
mostlyclean-generic:
clean-generic:
diff --git a/src/libstrongswan/plugins/constraints/constraints_validator.c b/src/libstrongswan/plugins/constraints/constraints_validator.c
index b54d813df..83a74299a 100644
--- a/src/libstrongswan/plugins/constraints/constraints_validator.c
+++ b/src/libstrongswan/plugins/constraints/constraints_validator.c
@@ -15,9 +15,9 @@
#include "constraints_validator.h"
-#include <debug.h>
+#include <utils/debug.h>
#include <asn1/asn1.h>
-#include <utils/linked_list.h>
+#include <collections/linked_list.h>
#include <credentials/certificates/x509.h>
typedef struct private_constraints_validator_t private_constraints_validator_t;
diff --git a/src/libstrongswan/plugins/ctr/Makefile.in b/src/libstrongswan/plugins/ctr/Makefile.in
index adab5d7d5..8b4ee6771 100644
--- a/src/libstrongswan/plugins/ctr/Makefile.in
+++ b/src/libstrongswan/plugins/ctr/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11.1 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -73,6 +73,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
am__installdirs = "$(DESTDIR)$(plugindir)"
LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_ctr_la_LIBADD =
@@ -120,6 +126,7 @@ CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DLLIB = @DLLIB@
+DLLTOOL = @DLLTOOL@
DSYMUTIL = @DSYMUTIL@
DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
@@ -147,6 +154,7 @@ LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
MYSQLCFLAG = @MYSQLCFLAG@
MYSQLCONFIG = @MYSQLCONFIG@
@@ -174,6 +182,7 @@ RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
RUBYINCLUDE = @RUBYINCLUDE@
+RUBYLIB = @RUBYLIB@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
@@ -186,6 +195,7 @@ abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
@@ -239,7 +249,6 @@ libexecdir = @libexecdir@
linux_headers = @linux_headers@
localedir = @localedir@
localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
maemo_CFLAGS = @maemo_CFLAGS@
maemo_LIBS = @maemo_LIBS@
manager_plugins = @manager_plugins@
@@ -369,7 +378,7 @@ clean-pluginLTLIBRARIES:
echo "rm -f \"$${dir}/so_locations\""; \
rm -f "$${dir}/so_locations"; \
done
-libstrongswan-ctr.la: $(libstrongswan_ctr_la_OBJECTS) $(libstrongswan_ctr_la_DEPENDENCIES)
+libstrongswan-ctr.la: $(libstrongswan_ctr_la_OBJECTS) $(libstrongswan_ctr_la_DEPENDENCIES) $(EXTRA_libstrongswan_ctr_la_DEPENDENCIES)
$(libstrongswan_ctr_la_LINK) $(am_libstrongswan_ctr_la_rpath) $(libstrongswan_ctr_la_OBJECTS) $(libstrongswan_ctr_la_LIBADD) $(LIBS)
mostlyclean-compile:
@@ -507,10 +516,15 @@ install-am: all-am
installcheck: installcheck-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
- install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
- `test -z '$(STRIP)' || \
- echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
mostlyclean-generic:
clean-generic:
diff --git a/src/libstrongswan/plugins/curl/Makefile.in b/src/libstrongswan/plugins/curl/Makefile.in
index b6f38681f..93b9ba114 100644
--- a/src/libstrongswan/plugins/curl/Makefile.in
+++ b/src/libstrongswan/plugins/curl/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11.1 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -73,6 +73,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
am__installdirs = "$(DESTDIR)$(plugindir)"
LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_curl_la_DEPENDENCIES =
@@ -120,6 +126,7 @@ CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DLLIB = @DLLIB@
+DLLTOOL = @DLLTOOL@
DSYMUTIL = @DSYMUTIL@
DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
@@ -147,6 +154,7 @@ LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
MYSQLCFLAG = @MYSQLCFLAG@
MYSQLCONFIG = @MYSQLCONFIG@
@@ -174,6 +182,7 @@ RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
RUBYINCLUDE = @RUBYINCLUDE@
+RUBYLIB = @RUBYLIB@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
@@ -186,6 +195,7 @@ abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
@@ -239,7 +249,6 @@ libexecdir = @libexecdir@
linux_headers = @linux_headers@
localedir = @localedir@
localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
maemo_CFLAGS = @maemo_CFLAGS@
maemo_LIBS = @maemo_LIBS@
manager_plugins = @manager_plugins@
@@ -369,7 +378,7 @@ clean-pluginLTLIBRARIES:
echo "rm -f \"$${dir}/so_locations\""; \
rm -f "$${dir}/so_locations"; \
done
-libstrongswan-curl.la: $(libstrongswan_curl_la_OBJECTS) $(libstrongswan_curl_la_DEPENDENCIES)
+libstrongswan-curl.la: $(libstrongswan_curl_la_OBJECTS) $(libstrongswan_curl_la_DEPENDENCIES) $(EXTRA_libstrongswan_curl_la_DEPENDENCIES)
$(libstrongswan_curl_la_LINK) $(am_libstrongswan_curl_la_rpath) $(libstrongswan_curl_la_OBJECTS) $(libstrongswan_curl_la_LIBADD) $(LIBS)
mostlyclean-compile:
@@ -507,10 +516,15 @@ install-am: all-am
installcheck: installcheck-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
- install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
- `test -z '$(STRIP)' || \
- echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
mostlyclean-generic:
clean-generic:
diff --git a/src/libstrongswan/plugins/curl/curl_fetcher.c b/src/libstrongswan/plugins/curl/curl_fetcher.c
index 7f8c0aec2..c68b74f96 100644
--- a/src/libstrongswan/plugins/curl/curl_fetcher.c
+++ b/src/libstrongswan/plugins/curl/curl_fetcher.c
@@ -17,7 +17,7 @@
#include <curl/curl.h>
#include <library.h>
-#include <debug.h>
+#include <utils/debug.h>
#include "curl_fetcher.h"
diff --git a/src/libstrongswan/plugins/curl/curl_plugin.c b/src/libstrongswan/plugins/curl/curl_plugin.c
index 8628c4bb5..062fe129f 100644
--- a/src/libstrongswan/plugins/curl/curl_plugin.c
+++ b/src/libstrongswan/plugins/curl/curl_plugin.c
@@ -16,7 +16,7 @@
#include "curl_plugin.h"
#include <library.h>
-#include <debug.h>
+#include <utils/debug.h>
#include "curl_fetcher.h"
#include <curl/curl.h>
diff --git a/src/libstrongswan/plugins/des/Makefile.in b/src/libstrongswan/plugins/des/Makefile.in
index 04d489824..49d9f6b6f 100644
--- a/src/libstrongswan/plugins/des/Makefile.in
+++ b/src/libstrongswan/plugins/des/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11.1 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -73,6 +73,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
am__installdirs = "$(DESTDIR)$(plugindir)"
LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_des_la_LIBADD =
@@ -120,6 +126,7 @@ CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DLLIB = @DLLIB@
+DLLTOOL = @DLLTOOL@
DSYMUTIL = @DSYMUTIL@
DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
@@ -147,6 +154,7 @@ LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
MYSQLCFLAG = @MYSQLCFLAG@
MYSQLCONFIG = @MYSQLCONFIG@
@@ -174,6 +182,7 @@ RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
RUBYINCLUDE = @RUBYINCLUDE@
+RUBYLIB = @RUBYLIB@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
@@ -186,6 +195,7 @@ abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
@@ -239,7 +249,6 @@ libexecdir = @libexecdir@
linux_headers = @linux_headers@
localedir = @localedir@
localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
maemo_CFLAGS = @maemo_CFLAGS@
maemo_LIBS = @maemo_LIBS@
manager_plugins = @manager_plugins@
@@ -368,7 +377,7 @@ clean-pluginLTLIBRARIES:
echo "rm -f \"$${dir}/so_locations\""; \
rm -f "$${dir}/so_locations"; \
done
-libstrongswan-des.la: $(libstrongswan_des_la_OBJECTS) $(libstrongswan_des_la_DEPENDENCIES)
+libstrongswan-des.la: $(libstrongswan_des_la_OBJECTS) $(libstrongswan_des_la_DEPENDENCIES) $(EXTRA_libstrongswan_des_la_DEPENDENCIES)
$(libstrongswan_des_la_LINK) $(am_libstrongswan_des_la_rpath) $(libstrongswan_des_la_OBJECTS) $(libstrongswan_des_la_LIBADD) $(LIBS)
mostlyclean-compile:
@@ -506,10 +515,15 @@ install-am: all-am
installcheck: installcheck-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
- install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
- `test -z '$(STRIP)' || \
- echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
mostlyclean-generic:
clean-generic:
diff --git a/src/libstrongswan/plugins/dnskey/Makefile.in b/src/libstrongswan/plugins/dnskey/Makefile.in
index 2f86f7558..d49cac8a7 100644
--- a/src/libstrongswan/plugins/dnskey/Makefile.in
+++ b/src/libstrongswan/plugins/dnskey/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11.1 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -73,6 +73,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
am__installdirs = "$(DESTDIR)$(plugindir)"
LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_dnskey_la_LIBADD =
@@ -123,6 +129,7 @@ CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DLLIB = @DLLIB@
+DLLTOOL = @DLLTOOL@
DSYMUTIL = @DSYMUTIL@
DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
@@ -150,6 +157,7 @@ LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
MYSQLCFLAG = @MYSQLCFLAG@
MYSQLCONFIG = @MYSQLCONFIG@
@@ -177,6 +185,7 @@ RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
RUBYINCLUDE = @RUBYINCLUDE@
+RUBYLIB = @RUBYLIB@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
@@ -189,6 +198,7 @@ abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
@@ -242,7 +252,6 @@ libexecdir = @libexecdir@
linux_headers = @linux_headers@
localedir = @localedir@
localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
maemo_CFLAGS = @maemo_CFLAGS@
maemo_LIBS = @maemo_LIBS@
manager_plugins = @manager_plugins@
@@ -372,7 +381,7 @@ clean-pluginLTLIBRARIES:
echo "rm -f \"$${dir}/so_locations\""; \
rm -f "$${dir}/so_locations"; \
done
-libstrongswan-dnskey.la: $(libstrongswan_dnskey_la_OBJECTS) $(libstrongswan_dnskey_la_DEPENDENCIES)
+libstrongswan-dnskey.la: $(libstrongswan_dnskey_la_OBJECTS) $(libstrongswan_dnskey_la_DEPENDENCIES) $(EXTRA_libstrongswan_dnskey_la_DEPENDENCIES)
$(libstrongswan_dnskey_la_LINK) $(am_libstrongswan_dnskey_la_rpath) $(libstrongswan_dnskey_la_OBJECTS) $(libstrongswan_dnskey_la_LIBADD) $(LIBS)
mostlyclean-compile:
@@ -510,10 +519,15 @@ install-am: all-am
installcheck: installcheck-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
- install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
- `test -z '$(STRIP)' || \
- echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
mostlyclean-generic:
clean-generic:
diff --git a/src/libstrongswan/plugins/dnskey/dnskey_builder.c b/src/libstrongswan/plugins/dnskey/dnskey_builder.c
index ea4eb6cda..b8a451500 100644
--- a/src/libstrongswan/plugins/dnskey/dnskey_builder.c
+++ b/src/libstrongswan/plugins/dnskey/dnskey_builder.c
@@ -15,7 +15,7 @@
#include "dnskey_builder.h"
-#include <debug.h>
+#include <utils/debug.h>
#include <credentials/keys/private_key.h>
diff --git a/src/libstrongswan/plugins/fips_prf/Makefile.in b/src/libstrongswan/plugins/fips_prf/Makefile.in
index 017f00e50..8192b7f37 100644
--- a/src/libstrongswan/plugins/fips_prf/Makefile.in
+++ b/src/libstrongswan/plugins/fips_prf/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11.1 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -73,6 +73,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
am__installdirs = "$(DESTDIR)$(plugindir)"
LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_fips_prf_la_LIBADD =
@@ -123,6 +129,7 @@ CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DLLIB = @DLLIB@
+DLLTOOL = @DLLTOOL@
DSYMUTIL = @DSYMUTIL@
DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
@@ -150,6 +157,7 @@ LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
MYSQLCFLAG = @MYSQLCFLAG@
MYSQLCONFIG = @MYSQLCONFIG@
@@ -177,6 +185,7 @@ RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
RUBYINCLUDE = @RUBYINCLUDE@
+RUBYLIB = @RUBYLIB@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
@@ -189,6 +198,7 @@ abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
@@ -242,7 +252,6 @@ libexecdir = @libexecdir@
linux_headers = @linux_headers@
localedir = @localedir@
localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
maemo_CFLAGS = @maemo_CFLAGS@
maemo_LIBS = @maemo_LIBS@
manager_plugins = @manager_plugins@
@@ -371,7 +380,7 @@ clean-pluginLTLIBRARIES:
echo "rm -f \"$${dir}/so_locations\""; \
rm -f "$${dir}/so_locations"; \
done
-libstrongswan-fips-prf.la: $(libstrongswan_fips_prf_la_OBJECTS) $(libstrongswan_fips_prf_la_DEPENDENCIES)
+libstrongswan-fips-prf.la: $(libstrongswan_fips_prf_la_OBJECTS) $(libstrongswan_fips_prf_la_DEPENDENCIES) $(EXTRA_libstrongswan_fips_prf_la_DEPENDENCIES)
$(libstrongswan_fips_prf_la_LINK) $(am_libstrongswan_fips_prf_la_rpath) $(libstrongswan_fips_prf_la_OBJECTS) $(libstrongswan_fips_prf_la_LIBADD) $(LIBS)
mostlyclean-compile:
@@ -509,10 +518,15 @@ install-am: all-am
installcheck: installcheck-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
- install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
- `test -z '$(STRIP)' || \
- echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
mostlyclean-generic:
clean-generic:
diff --git a/src/libstrongswan/plugins/fips_prf/fips_prf.c b/src/libstrongswan/plugins/fips_prf/fips_prf.c
index 3fe204d35..23825078e 100644
--- a/src/libstrongswan/plugins/fips_prf/fips_prf.c
+++ b/src/libstrongswan/plugins/fips_prf/fips_prf.c
@@ -17,7 +17,7 @@
#include <arpa/inet.h>
-#include <debug.h>
+#include <utils/debug.h>
typedef struct private_fips_prf_t private_fips_prf_t;
diff --git a/src/libstrongswan/plugins/gcm/Makefile.in b/src/libstrongswan/plugins/gcm/Makefile.in
index 0c5eea0a7..e8f89a7c5 100644
--- a/src/libstrongswan/plugins/gcm/Makefile.in
+++ b/src/libstrongswan/plugins/gcm/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11.1 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -73,6 +73,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
am__installdirs = "$(DESTDIR)$(plugindir)"
LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_gcm_la_LIBADD =
@@ -120,6 +126,7 @@ CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DLLIB = @DLLIB@
+DLLTOOL = @DLLTOOL@
DSYMUTIL = @DSYMUTIL@
DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
@@ -147,6 +154,7 @@ LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
MYSQLCFLAG = @MYSQLCFLAG@
MYSQLCONFIG = @MYSQLCONFIG@
@@ -174,6 +182,7 @@ RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
RUBYINCLUDE = @RUBYINCLUDE@
+RUBYLIB = @RUBYLIB@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
@@ -186,6 +195,7 @@ abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
@@ -239,7 +249,6 @@ libexecdir = @libexecdir@
linux_headers = @linux_headers@
localedir = @localedir@
localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
maemo_CFLAGS = @maemo_CFLAGS@
maemo_LIBS = @maemo_LIBS@
manager_plugins = @manager_plugins@
@@ -369,7 +378,7 @@ clean-pluginLTLIBRARIES:
echo "rm -f \"$${dir}/so_locations\""; \
rm -f "$${dir}/so_locations"; \
done
-libstrongswan-gcm.la: $(libstrongswan_gcm_la_OBJECTS) $(libstrongswan_gcm_la_DEPENDENCIES)
+libstrongswan-gcm.la: $(libstrongswan_gcm_la_OBJECTS) $(libstrongswan_gcm_la_DEPENDENCIES) $(EXTRA_libstrongswan_gcm_la_DEPENDENCIES)
$(libstrongswan_gcm_la_LINK) $(am_libstrongswan_gcm_la_rpath) $(libstrongswan_gcm_la_OBJECTS) $(libstrongswan_gcm_la_LIBADD) $(LIBS)
mostlyclean-compile:
@@ -507,10 +516,15 @@ install-am: all-am
installcheck: installcheck-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
- install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
- `test -z '$(STRIP)' || \
- echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
mostlyclean-generic:
clean-generic:
diff --git a/src/libstrongswan/plugins/gcrypt/Makefile.in b/src/libstrongswan/plugins/gcrypt/Makefile.in
index 72e525b16..ee300b8f3 100644
--- a/src/libstrongswan/plugins/gcrypt/Makefile.in
+++ b/src/libstrongswan/plugins/gcrypt/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11.1 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -73,6 +73,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
am__installdirs = "$(DESTDIR)$(plugindir)"
LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_gcrypt_la_DEPENDENCIES =
@@ -124,6 +130,7 @@ CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DLLIB = @DLLIB@
+DLLTOOL = @DLLTOOL@
DSYMUTIL = @DSYMUTIL@
DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
@@ -151,6 +158,7 @@ LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
MYSQLCFLAG = @MYSQLCFLAG@
MYSQLCONFIG = @MYSQLCONFIG@
@@ -178,6 +186,7 @@ RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
RUBYINCLUDE = @RUBYINCLUDE@
+RUBYLIB = @RUBYLIB@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
@@ -190,6 +199,7 @@ abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
@@ -243,7 +253,6 @@ libexecdir = @libexecdir@
linux_headers = @linux_headers@
localedir = @localedir@
localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
maemo_CFLAGS = @maemo_CFLAGS@
maemo_LIBS = @maemo_LIBS@
manager_plugins = @manager_plugins@
@@ -379,7 +388,7 @@ clean-pluginLTLIBRARIES:
echo "rm -f \"$${dir}/so_locations\""; \
rm -f "$${dir}/so_locations"; \
done
-libstrongswan-gcrypt.la: $(libstrongswan_gcrypt_la_OBJECTS) $(libstrongswan_gcrypt_la_DEPENDENCIES)
+libstrongswan-gcrypt.la: $(libstrongswan_gcrypt_la_OBJECTS) $(libstrongswan_gcrypt_la_DEPENDENCIES) $(EXTRA_libstrongswan_gcrypt_la_DEPENDENCIES)
$(libstrongswan_gcrypt_la_LINK) $(am_libstrongswan_gcrypt_la_rpath) $(libstrongswan_gcrypt_la_OBJECTS) $(libstrongswan_gcrypt_la_LIBADD) $(LIBS)
mostlyclean-compile:
@@ -522,10 +531,15 @@ install-am: all-am
installcheck: installcheck-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
- install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
- `test -z '$(STRIP)' || \
- echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
mostlyclean-generic:
clean-generic:
diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_crypter.c b/src/libstrongswan/plugins/gcrypt/gcrypt_crypter.c
index 0b5dc0365..a737cb13d 100644
--- a/src/libstrongswan/plugins/gcrypt/gcrypt_crypter.c
+++ b/src/libstrongswan/plugins/gcrypt/gcrypt_crypter.c
@@ -17,7 +17,7 @@
#include <gcrypt.h>
-#include <debug.h>
+#include <utils/debug.h>
typedef struct private_gcrypt_crypter_t private_gcrypt_crypter_t;
diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_dh.c b/src/libstrongswan/plugins/gcrypt/gcrypt_dh.c
index 0efd3ba16..f418b941d 100644
--- a/src/libstrongswan/plugins/gcrypt/gcrypt_dh.c
+++ b/src/libstrongswan/plugins/gcrypt/gcrypt_dh.c
@@ -18,7 +18,7 @@
#include "gcrypt_dh.h"
-#include <debug.h>
+#include <utils/debug.h>
typedef struct private_gcrypt_dh_t private_gcrypt_dh_t;
diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_hasher.c b/src/libstrongswan/plugins/gcrypt/gcrypt_hasher.c
index 3155a4aa0..af7993101 100644
--- a/src/libstrongswan/plugins/gcrypt/gcrypt_hasher.c
+++ b/src/libstrongswan/plugins/gcrypt/gcrypt_hasher.c
@@ -15,7 +15,7 @@
#include "gcrypt_hasher.h"
-#include <debug.h>
+#include <utils/debug.h>
#include <gcrypt.h>
diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c b/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c
index 5ebdcebce..78d75a238 100644
--- a/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c
+++ b/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c
@@ -23,7 +23,7 @@
#include "gcrypt_rsa_public_key.h"
#include <library.h>
-#include <debug.h>
+#include <utils/debug.h>
#include <threading/mutex.h>
#include <errno.h>
diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c
index 9fdb2d45b..938a46490 100644
--- a/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c
+++ b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c
@@ -17,7 +17,7 @@
#include "gcrypt_rsa_private_key.h"
-#include <debug.h>
+#include <utils/debug.h>
#include <asn1/oid.h>
#include <asn1/asn1.h>
#include <asn1/asn1_parser.h>
diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_public_key.c b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_public_key.c
index c54f2c0cf..291287a8f 100644
--- a/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_public_key.c
+++ b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_public_key.c
@@ -17,7 +17,7 @@
#include "gcrypt_rsa_public_key.h"
-#include <debug.h>
+#include <utils/debug.h>
#include <asn1/oid.h>
#include <asn1/asn1.h>
#include <asn1/asn1_parser.h>
diff --git a/src/libstrongswan/plugins/gmp/Makefile.in b/src/libstrongswan/plugins/gmp/Makefile.in
index f1bb28c1f..aeb48ff8a 100644
--- a/src/libstrongswan/plugins/gmp/Makefile.in
+++ b/src/libstrongswan/plugins/gmp/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11.1 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -73,6 +73,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
am__installdirs = "$(DESTDIR)$(plugindir)"
LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_gmp_la_DEPENDENCIES =
@@ -121,6 +127,7 @@ CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DLLIB = @DLLIB@
+DLLTOOL = @DLLTOOL@
DSYMUTIL = @DSYMUTIL@
DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
@@ -148,6 +155,7 @@ LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
MYSQLCFLAG = @MYSQLCFLAG@
MYSQLCONFIG = @MYSQLCONFIG@
@@ -175,6 +183,7 @@ RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
RUBYINCLUDE = @RUBYINCLUDE@
+RUBYLIB = @RUBYLIB@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
@@ -187,6 +196,7 @@ abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
@@ -240,7 +250,6 @@ libexecdir = @libexecdir@
linux_headers = @linux_headers@
localedir = @localedir@
localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
maemo_CFLAGS = @maemo_CFLAGS@
maemo_LIBS = @maemo_LIBS@
manager_plugins = @manager_plugins@
@@ -373,7 +382,7 @@ clean-pluginLTLIBRARIES:
echo "rm -f \"$${dir}/so_locations\""; \
rm -f "$${dir}/so_locations"; \
done
-libstrongswan-gmp.la: $(libstrongswan_gmp_la_OBJECTS) $(libstrongswan_gmp_la_DEPENDENCIES)
+libstrongswan-gmp.la: $(libstrongswan_gmp_la_OBJECTS) $(libstrongswan_gmp_la_DEPENDENCIES) $(EXTRA_libstrongswan_gmp_la_DEPENDENCIES)
$(libstrongswan_gmp_la_LINK) $(am_libstrongswan_gmp_la_rpath) $(libstrongswan_gmp_la_OBJECTS) $(libstrongswan_gmp_la_LIBADD) $(LIBS)
mostlyclean-compile:
@@ -513,10 +522,15 @@ install-am: all-am
installcheck: installcheck-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
- install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
- `test -z '$(STRIP)' || \
- echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
mostlyclean-generic:
clean-generic:
diff --git a/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c b/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c
index 7d232e4f1..b74d35169 100644
--- a/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c
+++ b/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c
@@ -21,7 +21,7 @@
#include "gmp_diffie_hellman.h"
-#include <debug.h>
+#include <utils/debug.h>
#ifdef HAVE_MPZ_POWM_SEC
# undef mpz_powm
diff --git a/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c b/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c
index 590ab6cb4..052b10741 100644
--- a/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c
+++ b/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c
@@ -1,7 +1,8 @@
/*
- * Copyright (C) 2005-2009 Martin Willi
* Copyright (C) 2005 Jan Hutter
- * Hochschule fuer Technik Rapperswil
+ * Copyright (C) 2005-2009 Martin Willi
+ * Copyright (C) 2012 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
@@ -22,7 +23,7 @@
#include "gmp_rsa_private_key.h"
#include "gmp_rsa_public_key.h"
-#include <debug.h>
+#include <utils/debug.h>
#include <asn1/oid.h>
#include <asn1/asn1.h>
#include <asn1/asn1_parser.h>
@@ -69,9 +70,14 @@ struct private_gmp_rsa_private_key_t {
mpz_t q;
/**
- * Private exponent.
+ * Carmichael function m = lambda(n) = lcm(p-1,q-1).
+ */
+ mpz_t m;
+
+ /**
+ * Private exponent and optional secret sharing polynomial coefficients.
*/
- mpz_t d;
+ mpz_t *d;
/**
* Private exponent 1.
@@ -89,6 +95,21 @@ struct private_gmp_rsa_private_key_t {
mpz_t coeff;
/**
+ * Total number of private key shares
+ */
+ u_int shares;
+
+ /**
+ * Secret sharing threshold
+ */
+ u_int threshold;
+
+ /**
+ * Optional verification key (threshold > 1).
+ */
+ mpz_t v;
+
+ /**
* Keysize in bytes.
*/
size_t k;
@@ -121,22 +142,22 @@ chunk_t gmp_mpz_to_chunk(const mpz_t value)
static void mpz_clear_sensitive(mpz_t z)
{
size_t len = mpz_size(z) * GMP_LIMB_BITS / BITS_PER_BYTE;
- u_int8_t *random = alloca(len);
+ u_int8_t *zeros = alloca(len);
- memset(random, 0, len);
+ memset(zeros, 0, len);
/* overwrite mpz_t with zero bytes before clearing it */
- mpz_import(z, len, 1, 1, 1, 0, random);
+ mpz_import(z, len, 1, 1, 1, 0, zeros);
mpz_clear(z);
}
/**
* Create a mpz prime of at least prime_size
*/
-static status_t compute_prime(private_gmp_rsa_private_key_t *this,
- size_t prime_size, mpz_t *prime)
+static status_t compute_prime(size_t prime_size, bool safe, mpz_t *p, mpz_t *q)
{
rng_t *rng;
chunk_t random_bytes;
+ int count = 0;
rng = lib->crypto->create_rng(lib->crypto, RNG_TRUE);
if (!rng)
@@ -146,26 +167,53 @@ static status_t compute_prime(private_gmp_rsa_private_key_t *this,
return FAILED;
}
- mpz_init(*prime);
+ mpz_init(*p);
+ mpz_init(*q);
+
do
{
if (!rng->allocate_bytes(rng, prime_size, &random_bytes))
{
DBG1(DBG_LIB, "failed to allocate random prime");
+ mpz_clear(*p);
+ mpz_clear(*q);
rng->destroy(rng);
return FAILED;
}
- /* make sure the two most significant bits are set */
- random_bytes.ptr[0] = random_bytes.ptr[0] | 0xC0;
- mpz_import(*prime, random_bytes.len, 1, 1, 1, 0, random_bytes.ptr);
- mpz_nextprime (*prime, *prime);
+ /* make sure the two most significant bits are set */
+ if (safe)
+ {
+ random_bytes.ptr[0] &= 0x7F;
+ random_bytes.ptr[0] |= 0x60;
+ mpz_import(*q, random_bytes.len, 1, 1, 1, 0, random_bytes.ptr);
+ do
+ {
+ count++;
+ mpz_nextprime (*q, *q);
+ mpz_mul_ui(*p, *q, 2);
+ mpz_add_ui(*p, *p, 1);
+ }
+ while (mpz_probab_prime_p(*p, 10) == 0);
+ DBG2(DBG_LIB, "safe prime found after %d iterations", count);
+ }
+ else
+ {
+ random_bytes.ptr[0] |= 0xC0;
+ mpz_import(*p, random_bytes.len, 1, 1, 1, 0, random_bytes.ptr);
+ mpz_nextprime (*p, *p);
+ }
chunk_clear(&random_bytes);
}
- /* check if it isn't too large */
- while (((mpz_sizeinbase(*prime, 2) + 7) / 8) > prime_size);
+
+ /* check if the prime isn't too large */
+ while (((mpz_sizeinbase(*p, 2) + 7) / 8) > prime_size);
rng->destroy(rng);
+
+ /* additionally return p-1 */
+ mpz_sub_ui(*q, *p, 1);
+
return SUCCESS;
}
@@ -393,7 +441,7 @@ METHOD(private_key_t, get_encoding, bool,
n = gmp_mpz_to_chunk(this->n);
e = gmp_mpz_to_chunk(this->e);
- d = gmp_mpz_to_chunk(this->d);
+ d = gmp_mpz_to_chunk(*this->d);
p = gmp_mpz_to_chunk(this->p);
q = gmp_mpz_to_chunk(this->q);
exp1 = gmp_mpz_to_chunk(this->exp1);
@@ -451,14 +499,24 @@ METHOD(private_key_t, destroy, void,
{
if (ref_put(&this->ref))
{
- mpz_clear_sensitive(this->n);
- mpz_clear_sensitive(this->e);
+ int i;
+
+ mpz_clear(this->n);
+ mpz_clear(this->e);
+ mpz_clear(this->v);
mpz_clear_sensitive(this->p);
mpz_clear_sensitive(this->q);
- mpz_clear_sensitive(this->d);
+ mpz_clear_sensitive(this->m);
mpz_clear_sensitive(this->exp1);
mpz_clear_sensitive(this->exp2);
mpz_clear_sensitive(this->coeff);
+
+ for (i = 0; i < this->threshold; i++)
+ {
+ mpz_clear_sensitive(*this->d + i);
+ }
+ free(this->d);
+
lib->encoding->clear_cache(lib->encoding, this);
free(this);
}
@@ -469,7 +527,7 @@ METHOD(private_key_t, destroy, void,
*/
static status_t check(private_gmp_rsa_private_key_t *this)
{
- mpz_t t, u, q1;
+ mpz_t u, p1, q1;
status_t status = SUCCESS;
/* PKCS#1 1.5 section 6 requires modulus to have at least 12 octets.
@@ -488,10 +546,14 @@ static status_t check(private_gmp_rsa_private_key_t *this)
return FAILED;
}
- mpz_init(t);
mpz_init(u);
+ mpz_init(p1);
mpz_init(q1);
+ /* precompute p1 = p-1 and q1 = q-1 */
+ mpz_sub_ui(p1, this->p, 1);
+ mpz_sub_ui(q1, this->q, 1);
+
/* check that n == p * q */
mpz_mul(u, this->p, this->q);
if (mpz_cmp(u, this->n) != 0)
@@ -500,62 +562,54 @@ static status_t check(private_gmp_rsa_private_key_t *this)
}
/* check that e divides neither p-1 nor q-1 */
- mpz_sub_ui(t, this->p, 1);
- mpz_mod(t, t, this->e);
- if (mpz_cmp_ui(t, 0) == 0)
+ mpz_mod(u, p1, this->e);
+ if (mpz_cmp_ui(u, 0) == 0)
{
status = FAILED;
}
- mpz_sub_ui(t, this->q, 1);
- mpz_mod(t, t, this->e);
- if (mpz_cmp_ui(t, 0) == 0)
+ mpz_mod(u, q1, this->e);
+ if (mpz_cmp_ui(u, 0) == 0)
{
status = FAILED;
}
/* check that d is e^-1 (mod lcm(p-1, q-1)) */
/* see PKCS#1v2, aka RFC 2437, for the "lcm" */
- mpz_sub_ui(q1, this->q, 1);
- mpz_sub_ui(u, this->p, 1);
- mpz_gcd(t, u, q1); /* t := gcd(p-1, q-1) */
- mpz_mul(u, u, q1); /* u := (p-1) * (q-1) */
- mpz_divexact(u, u, t); /* u := lcm(p-1, q-1) */
-
- mpz_mul(t, this->d, this->e);
- mpz_mod(t, t, u);
- if (mpz_cmp_ui(t, 1) != 0)
+ mpz_lcm(this->m, p1, q1);
+ mpz_mul(u, *this->d, this->e);
+ mpz_mod(u, u, this->m);
+ if (mpz_cmp_ui(u, 1) != 0)
{
status = FAILED;
}
/* check that exp1 is d mod (p-1) */
- mpz_sub_ui(u, this->p, 1);
- mpz_mod(t, this->d, u);
- if (mpz_cmp(t, this->exp1) != 0)
+ mpz_mod(u, *this->d, p1);
+ if (mpz_cmp(u, this->exp1) != 0)
{
status = FAILED;
}
/* check that exp2 is d mod (q-1) */
- mpz_sub_ui(u, this->q, 1);
- mpz_mod(t, this->d, u);
- if (mpz_cmp(t, this->exp2) != 0)
+ mpz_mod(u, *this->d, q1);
+ if (mpz_cmp(u, this->exp2) != 0)
{
status = FAILED;
}
/* check that coeff is (q^-1) mod p */
- mpz_mul(t, this->coeff, this->q);
- mpz_mod(t, t, this->p);
- if (mpz_cmp_ui(t, 1) != 0)
+ mpz_mul(u, this->coeff, this->q);
+ mpz_mod(u, u, this->p);
+ if (mpz_cmp_ui(u, 1) != 0)
{
status = FAILED;
}
- mpz_clear_sensitive(t);
mpz_clear_sensitive(u);
+ mpz_clear_sensitive(p1);
mpz_clear_sensitive(q1);
+
if (status != SUCCESS)
{
DBG1(DBG_LIB, "key integrity tests failed");
@@ -587,6 +641,7 @@ static private_gmp_rsa_private_key_t *gmp_rsa_private_key_create_empty(void)
.destroy = _destroy,
},
},
+ .threshold = 1,
.ref = 1,
);
return this;
@@ -597,9 +652,11 @@ static private_gmp_rsa_private_key_t *gmp_rsa_private_key_create_empty(void)
*/
gmp_rsa_private_key_t *gmp_rsa_private_key_gen(key_type_t type, va_list args)
{
- mpz_t p, q, n, e, d, exp1, exp2, coeff, m, q1, t;
private_gmp_rsa_private_key_t *this;
- u_int key_size = 0;
+ u_int key_size = 0, shares = 0, threshold = 1;
+ bool safe_prime = FALSE, rng_failed = FALSE, invert_failed = FALSE;
+ mpz_t p, q, p1, q1, d;
+;
while (TRUE)
{
@@ -608,6 +665,15 @@ gmp_rsa_private_key_t *gmp_rsa_private_key_gen(key_type_t type, va_list args)
case BUILD_KEY_SIZE:
key_size = va_arg(args, u_int);
continue;
+ case BUILD_SAFE_PRIMES:
+ safe_prime = TRUE;
+ continue;
+ case BUILD_SHARES:
+ shares = va_arg(args, u_int);
+ continue;
+ case BUILD_THRESHOLD:
+ threshold = va_arg(args, u_int);
+ continue;
case BUILD_END:
break;
default:
@@ -619,76 +685,112 @@ gmp_rsa_private_key_t *gmp_rsa_private_key_gen(key_type_t type, va_list args)
{
return NULL;
}
-
- this = gmp_rsa_private_key_create_empty();
key_size = key_size / BITS_PER_BYTE;
/* Get values of primes p and q */
- if (compute_prime(this, key_size/2, &p) != SUCCESS)
+ if (compute_prime(key_size/2, safe_prime, &p, &p1) != SUCCESS)
{
- free(this);
return NULL;
}
- if (compute_prime(this, key_size/2, &q) != SUCCESS)
+ if (compute_prime(key_size/2, safe_prime, &q, &q1) != SUCCESS)
{
mpz_clear(p);
- free(this);
+ mpz_clear(p1);
return NULL;
}
- mpz_init(t);
- mpz_init(n);
- mpz_init(d);
- mpz_init(exp1);
- mpz_init(exp2);
- mpz_init(coeff);
-
/* Swapping Primes so p is larger then q */
if (mpz_cmp(p, q) < 0)
{
mpz_swap(p, q);
+ mpz_swap(p1, q1);
}
- mpz_mul(n, p, q); /* n = p*q */
- mpz_init_set_ui(e, PUBLIC_EXPONENT); /* assign public exponent */
- mpz_init_set(m, p); /* m = p */
- mpz_sub_ui(m, m, 1); /* m = m -1 */
- mpz_init_set(q1, q); /* q1 = q */
- mpz_sub_ui(q1, q1, 1); /* q1 = q1 -1 */
- mpz_gcd(t, m, q1); /* t = gcd(p-1, q-1) */
- mpz_mul(m, m, q1); /* m = (p-1)*(q-1) */
- mpz_divexact(m, m, t); /* m = m / t */
- mpz_gcd(t, m, e); /* t = gcd(m, e) */
+ /* Create and initialize RSA private key object */
+ this = gmp_rsa_private_key_create_empty();
+ this->shares = shares;
+ this->threshold = threshold;
+ this->d = malloc(threshold * sizeof(mpz_t));
+ *this->p = *p;
+ *this->q = *q;
- mpz_invert(d, e, m); /* e has an inverse mod m */
- if (mpz_cmp_ui(d, 0) < 0) /* make sure d is positive */
- {
- mpz_add(d, d, m);
- }
- mpz_sub_ui(t, p, 1); /* t = p-1 */
- mpz_mod(exp1, d, t); /* exp1 = d mod p-1 */
- mpz_sub_ui(t, q, 1); /* t = q-1 */
- mpz_mod(exp2, d, t); /* exp2 = d mod q-1 */
+ mpz_init_set_ui(this->e, PUBLIC_EXPONENT);
+ mpz_init(this->n);
+ mpz_init(this->m);
+ mpz_init(this->exp1);
+ mpz_init(this->exp2);
+ mpz_init(this->coeff);
+ mpz_init(this->v);
+ mpz_init(d);
- mpz_invert(coeff, q, p); /* coeff = q^-1 mod p */
- if (mpz_cmp_ui(coeff, 0) < 0) /* make coeff d is positive */
+ mpz_mul(this->n, p, q); /* n = p*q */
+ mpz_lcm(this->m, p1, q1); /* m = lcm(p-1,q-1) */
+ mpz_invert(d, this->e, this->m); /* e has an inverse mod m */
+ mpz_mod(this->exp1, d, p1); /* exp1 = d mod p-1 */
+ mpz_mod(this->exp2, d, q1); /* exp2 = d mod q-1 */
+ mpz_invert(this->coeff, q, p); /* coeff = q^-1 mod p */
+
+ invert_failed = mpz_cmp_ui(this->m, 0) == 0 ||
+ mpz_cmp_ui(this->coeff, 0) == 0;
+
+ /* store secret exponent d */
+ (*this->d)[0] = *d;
+
+ /* generate and store random coefficients of secret sharing polynomial */
+ if (threshold > 1)
{
- mpz_add(coeff, coeff, p);
+ rng_t *rng;
+ chunk_t random_bytes;
+ mpz_t u;
+ int i;
+
+ rng = lib->crypto->create_rng(lib->crypto, RNG_TRUE);
+ mpz_init(u);
+
+ for (i = 1; i < threshold; i++)
+ {
+ mpz_init(d);
+
+ if (!rng->allocate_bytes(rng, key_size, &random_bytes))
+ {
+ rng_failed = TRUE;
+ continue;
+ }
+ mpz_import(d, random_bytes.len, 1, 1, 1, 0, random_bytes.ptr);
+ mpz_mod(d, d, this->m);
+ (*this->d)[i] = *d;
+ chunk_clear(&random_bytes);
+ }
+
+ /* generate verification key v as a square number */
+ do
+ {
+ if (!rng->allocate_bytes(rng, key_size, &random_bytes))
+ {
+ rng_failed = TRUE;
+ break;
+ }
+ mpz_import(this->v, random_bytes.len, 1, 1, 1, 0, random_bytes.ptr);
+ mpz_mul(this->v, this->v, this->v);
+ mpz_mod(this->v, this->v, this->n);
+ mpz_gcd(u, this->v, this->n);
+ chunk_free(&random_bytes);
+ }
+ while (mpz_cmp_ui(u, 1) != 0);
+
+ mpz_clear(u);
+ rng->destroy(rng);
}
+ mpz_clear_sensitive(p1);
mpz_clear_sensitive(q1);
- mpz_clear_sensitive(m);
- mpz_clear_sensitive(t);
-
- /* apply values */
- *(this->p) = *p;
- *(this->q) = *q;
- *(this->n) = *n;
- *(this->e) = *e;
- *(this->d) = *d;
- *(this->exp1) = *exp1;
- *(this->exp2) = *exp2;
- *(this->coeff) = *coeff;
+
+ if (rng_failed || invert_failed)
+ {
+ DBG1(DBG_LIB, "rsa key generation failed");
+ destroy(this);
+ return NULL;
+ }
/* set key size in bytes */
this->k = key_size;
@@ -701,8 +803,8 @@ gmp_rsa_private_key_t *gmp_rsa_private_key_gen(key_type_t type, va_list args)
*/
gmp_rsa_private_key_t *gmp_rsa_private_key_load(key_type_t type, va_list args)
{
- chunk_t n, e, d, p, q, exp1, exp2, coeff;
private_gmp_rsa_private_key_t *this;
+ chunk_t n, e, d, p, q, exp1, exp2, coeff;
n = e = d = p = q = exp1 = exp2 = coeff = chunk_empty;
while (TRUE)
@@ -743,25 +845,28 @@ gmp_rsa_private_key_t *gmp_rsa_private_key_load(key_type_t type, va_list args)
this = gmp_rsa_private_key_create_empty();
+ this->d = malloc(sizeof(mpz_t));
mpz_init(this->n);
mpz_init(this->e);
+ mpz_init(*this->d);
mpz_init(this->p);
mpz_init(this->q);
- mpz_init(this->d);
+ mpz_init(this->m);
mpz_init(this->exp1);
mpz_init(this->exp2);
mpz_init(this->coeff);
+ mpz_init(this->v);
mpz_import(this->n, n.len, 1, 1, 1, 0, n.ptr);
mpz_import(this->e, e.len, 1, 1, 1, 0, e.ptr);
- mpz_import(this->d, d.len, 1, 1, 1, 0, d.ptr);
+ mpz_import(*this->d, d.len, 1, 1, 1, 0, d.ptr);
mpz_import(this->p, p.len, 1, 1, 1, 0, p.ptr);
mpz_import(this->q, q.len, 1, 1, 1, 0, q.ptr);
mpz_import(this->coeff, coeff.len, 1, 1, 1, 0, coeff.ptr);
if (!exp1.len)
{ /* exp1 missing in key, recalculate: exp1 = d mod (p-1) */
mpz_sub_ui(this->exp1, this->p, 1);
- mpz_mod(this->exp1, this->d, this->exp1);
+ mpz_mod(this->exp1, *this->d, this->exp1);
}
else
{
@@ -770,7 +875,7 @@ gmp_rsa_private_key_t *gmp_rsa_private_key_load(key_type_t type, va_list args)
if (!exp2.len)
{ /* exp2 missing in key, recalculate: exp2 = d mod (q-1) */
mpz_sub_ui(this->exp2, this->q, 1);
- mpz_mod(this->exp2, this->d, this->exp2);
+ mpz_mod(this->exp2, *this->d, this->exp2);
}
else
{
diff --git a/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c b/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c
index 2d84f0025..ad659e4d7 100644
--- a/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c
+++ b/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c
@@ -22,7 +22,7 @@
#include "gmp_rsa_public_key.h"
-#include <debug.h>
+#include <utils/debug.h>
#include <asn1/oid.h>
#include <asn1/asn1.h>
#include <asn1/asn1_parser.h>
@@ -361,6 +361,8 @@ METHOD(public_key_t, encrypt_, bool,
}
rng->destroy(rng);
+ pos += padding;
+
/* append the padding terminator */
*pos++ = 0x00;
diff --git a/src/libstrongswan/plugins/hmac/Makefile.in b/src/libstrongswan/plugins/hmac/Makefile.in
index aed35cf16..6af056617 100644
--- a/src/libstrongswan/plugins/hmac/Makefile.in
+++ b/src/libstrongswan/plugins/hmac/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11.1 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -73,6 +73,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
am__installdirs = "$(DESTDIR)$(plugindir)"
LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_hmac_la_LIBADD =
@@ -120,6 +126,7 @@ CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DLLIB = @DLLIB@
+DLLTOOL = @DLLTOOL@
DSYMUTIL = @DSYMUTIL@
DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
@@ -147,6 +154,7 @@ LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
MYSQLCFLAG = @MYSQLCFLAG@
MYSQLCONFIG = @MYSQLCONFIG@
@@ -174,6 +182,7 @@ RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
RUBYINCLUDE = @RUBYINCLUDE@
+RUBYLIB = @RUBYLIB@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
@@ -186,6 +195,7 @@ abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
@@ -239,7 +249,6 @@ libexecdir = @libexecdir@
linux_headers = @linux_headers@
localedir = @localedir@
localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
maemo_CFLAGS = @maemo_CFLAGS@
maemo_LIBS = @maemo_LIBS@
manager_plugins = @manager_plugins@
@@ -368,7 +377,7 @@ clean-pluginLTLIBRARIES:
echo "rm -f \"$${dir}/so_locations\""; \
rm -f "$${dir}/so_locations"; \
done
-libstrongswan-hmac.la: $(libstrongswan_hmac_la_OBJECTS) $(libstrongswan_hmac_la_DEPENDENCIES)
+libstrongswan-hmac.la: $(libstrongswan_hmac_la_OBJECTS) $(libstrongswan_hmac_la_DEPENDENCIES) $(EXTRA_libstrongswan_hmac_la_DEPENDENCIES)
$(libstrongswan_hmac_la_LINK) $(am_libstrongswan_hmac_la_rpath) $(libstrongswan_hmac_la_OBJECTS) $(libstrongswan_hmac_la_LIBADD) $(LIBS)
mostlyclean-compile:
@@ -506,10 +515,15 @@ install-am: all-am
installcheck: installcheck-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
- install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
- `test -z '$(STRIP)' || \
- echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
mostlyclean-generic:
clean-generic:
diff --git a/src/libstrongswan/plugins/ldap/Makefile.in b/src/libstrongswan/plugins/ldap/Makefile.in
index d11feddb1..95c1932bc 100644
--- a/src/libstrongswan/plugins/ldap/Makefile.in
+++ b/src/libstrongswan/plugins/ldap/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11.1 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -73,6 +73,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
am__installdirs = "$(DESTDIR)$(plugindir)"
LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_ldap_la_DEPENDENCIES =
@@ -120,6 +126,7 @@ CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DLLIB = @DLLIB@
+DLLTOOL = @DLLTOOL@
DSYMUTIL = @DSYMUTIL@
DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
@@ -147,6 +154,7 @@ LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
MYSQLCFLAG = @MYSQLCFLAG@
MYSQLCONFIG = @MYSQLCONFIG@
@@ -174,6 +182,7 @@ RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
RUBYINCLUDE = @RUBYINCLUDE@
+RUBYLIB = @RUBYLIB@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
@@ -186,6 +195,7 @@ abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
@@ -239,7 +249,6 @@ libexecdir = @libexecdir@
linux_headers = @linux_headers@
localedir = @localedir@
localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
maemo_CFLAGS = @maemo_CFLAGS@
maemo_LIBS = @maemo_LIBS@
manager_plugins = @manager_plugins@
@@ -369,7 +378,7 @@ clean-pluginLTLIBRARIES:
echo "rm -f \"$${dir}/so_locations\""; \
rm -f "$${dir}/so_locations"; \
done
-libstrongswan-ldap.la: $(libstrongswan_ldap_la_OBJECTS) $(libstrongswan_ldap_la_DEPENDENCIES)
+libstrongswan-ldap.la: $(libstrongswan_ldap_la_OBJECTS) $(libstrongswan_ldap_la_DEPENDENCIES) $(EXTRA_libstrongswan_ldap_la_DEPENDENCIES)
$(libstrongswan_ldap_la_LINK) $(am_libstrongswan_ldap_la_rpath) $(libstrongswan_ldap_la_OBJECTS) $(libstrongswan_ldap_la_LIBADD) $(LIBS)
mostlyclean-compile:
@@ -507,10 +516,15 @@ install-am: all-am
installcheck: installcheck-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
- install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
- `test -z '$(STRIP)' || \
- echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
mostlyclean-generic:
clean-generic:
diff --git a/src/libstrongswan/plugins/ldap/ldap_fetcher.c b/src/libstrongswan/plugins/ldap/ldap_fetcher.c
index 75f964853..40b6d1f63 100644
--- a/src/libstrongswan/plugins/ldap/ldap_fetcher.c
+++ b/src/libstrongswan/plugins/ldap/ldap_fetcher.c
@@ -22,7 +22,7 @@
#include <errno.h>
#include <library.h>
-#include <debug.h>
+#include <utils/debug.h>
#include "ldap_fetcher.h"
diff --git a/src/libstrongswan/plugins/md4/Makefile.in b/src/libstrongswan/plugins/md4/Makefile.in
index 14b6370f4..1abdfecd6 100644
--- a/src/libstrongswan/plugins/md4/Makefile.in
+++ b/src/libstrongswan/plugins/md4/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11.1 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -73,6 +73,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
am__installdirs = "$(DESTDIR)$(plugindir)"
LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_md4_la_LIBADD =
@@ -120,6 +126,7 @@ CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DLLIB = @DLLIB@
+DLLTOOL = @DLLTOOL@
DSYMUTIL = @DSYMUTIL@
DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
@@ -147,6 +154,7 @@ LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
MYSQLCFLAG = @MYSQLCFLAG@
MYSQLCONFIG = @MYSQLCONFIG@
@@ -174,6 +182,7 @@ RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
RUBYINCLUDE = @RUBYINCLUDE@
+RUBYLIB = @RUBYLIB@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
@@ -186,6 +195,7 @@ abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
@@ -239,7 +249,6 @@ libexecdir = @libexecdir@
linux_headers = @linux_headers@
localedir = @localedir@
localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
maemo_CFLAGS = @maemo_CFLAGS@
maemo_LIBS = @maemo_LIBS@
manager_plugins = @manager_plugins@
@@ -368,7 +377,7 @@ clean-pluginLTLIBRARIES:
echo "rm -f \"$${dir}/so_locations\""; \
rm -f "$${dir}/so_locations"; \
done
-libstrongswan-md4.la: $(libstrongswan_md4_la_OBJECTS) $(libstrongswan_md4_la_DEPENDENCIES)
+libstrongswan-md4.la: $(libstrongswan_md4_la_OBJECTS) $(libstrongswan_md4_la_DEPENDENCIES) $(EXTRA_libstrongswan_md4_la_DEPENDENCIES)
$(libstrongswan_md4_la_LINK) $(am_libstrongswan_md4_la_rpath) $(libstrongswan_md4_la_OBJECTS) $(libstrongswan_md4_la_LIBADD) $(LIBS)
mostlyclean-compile:
@@ -506,10 +515,15 @@ install-am: all-am
installcheck: installcheck-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
- install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
- `test -z '$(STRIP)' || \
- echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
mostlyclean-generic:
clean-generic:
diff --git a/src/libstrongswan/plugins/md5/Makefile.in b/src/libstrongswan/plugins/md5/Makefile.in
index ba228f8ea..2e005e084 100644
--- a/src/libstrongswan/plugins/md5/Makefile.in
+++ b/src/libstrongswan/plugins/md5/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11.1 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -73,6 +73,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
am__installdirs = "$(DESTDIR)$(plugindir)"
LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_md5_la_LIBADD =
@@ -120,6 +126,7 @@ CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DLLIB = @DLLIB@
+DLLTOOL = @DLLTOOL@
DSYMUTIL = @DSYMUTIL@
DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
@@ -147,6 +154,7 @@ LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
MYSQLCFLAG = @MYSQLCFLAG@
MYSQLCONFIG = @MYSQLCONFIG@
@@ -174,6 +182,7 @@ RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
RUBYINCLUDE = @RUBYINCLUDE@
+RUBYLIB = @RUBYLIB@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
@@ -186,6 +195,7 @@ abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
@@ -239,7 +249,6 @@ libexecdir = @libexecdir@
linux_headers = @linux_headers@
localedir = @localedir@
localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
maemo_CFLAGS = @maemo_CFLAGS@
maemo_LIBS = @maemo_LIBS@
manager_plugins = @manager_plugins@
@@ -368,7 +377,7 @@ clean-pluginLTLIBRARIES:
echo "rm -f \"$${dir}/so_locations\""; \
rm -f "$${dir}/so_locations"; \
done
-libstrongswan-md5.la: $(libstrongswan_md5_la_OBJECTS) $(libstrongswan_md5_la_DEPENDENCIES)
+libstrongswan-md5.la: $(libstrongswan_md5_la_OBJECTS) $(libstrongswan_md5_la_DEPENDENCIES) $(EXTRA_libstrongswan_md5_la_DEPENDENCIES)
$(libstrongswan_md5_la_LINK) $(am_libstrongswan_md5_la_rpath) $(libstrongswan_md5_la_OBJECTS) $(libstrongswan_md5_la_LIBADD) $(LIBS)
mostlyclean-compile:
@@ -506,10 +515,15 @@ install-am: all-am
installcheck: installcheck-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
- install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
- `test -z '$(STRIP)' || \
- echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
mostlyclean-generic:
clean-generic:
diff --git a/src/libstrongswan/plugins/mysql/Makefile.in b/src/libstrongswan/plugins/mysql/Makefile.in
index 88dba0967..347b57e11 100644
--- a/src/libstrongswan/plugins/mysql/Makefile.in
+++ b/src/libstrongswan/plugins/mysql/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11.1 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -73,6 +73,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
am__installdirs = "$(DESTDIR)$(plugindir)"
LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
am__DEPENDENCIES_1 =
@@ -122,6 +128,7 @@ CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DLLIB = @DLLIB@
+DLLTOOL = @DLLTOOL@
DSYMUTIL = @DSYMUTIL@
DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
@@ -149,6 +156,7 @@ LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
MYSQLCFLAG = @MYSQLCFLAG@
MYSQLCONFIG = @MYSQLCONFIG@
@@ -176,6 +184,7 @@ RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
RUBYINCLUDE = @RUBYINCLUDE@
+RUBYLIB = @RUBYLIB@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
@@ -188,6 +197,7 @@ abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
@@ -241,7 +251,6 @@ libexecdir = @libexecdir@
linux_headers = @linux_headers@
localedir = @localedir@
localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
maemo_CFLAGS = @maemo_CFLAGS@
maemo_LIBS = @maemo_LIBS@
manager_plugins = @manager_plugins@
@@ -372,7 +381,7 @@ clean-pluginLTLIBRARIES:
echo "rm -f \"$${dir}/so_locations\""; \
rm -f "$${dir}/so_locations"; \
done
-libstrongswan-mysql.la: $(libstrongswan_mysql_la_OBJECTS) $(libstrongswan_mysql_la_DEPENDENCIES)
+libstrongswan-mysql.la: $(libstrongswan_mysql_la_OBJECTS) $(libstrongswan_mysql_la_DEPENDENCIES) $(EXTRA_libstrongswan_mysql_la_DEPENDENCIES)
$(libstrongswan_mysql_la_LINK) $(am_libstrongswan_mysql_la_rpath) $(libstrongswan_mysql_la_OBJECTS) $(libstrongswan_mysql_la_LIBADD) $(LIBS)
mostlyclean-compile:
@@ -510,10 +519,15 @@ install-am: all-am
installcheck: installcheck-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
- install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
- `test -z '$(STRIP)' || \
- echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
mostlyclean-generic:
clean-generic:
diff --git a/src/libstrongswan/plugins/mysql/mysql_database.c b/src/libstrongswan/plugins/mysql/mysql_database.c
index 1a20a804a..7e1da683e 100644
--- a/src/libstrongswan/plugins/mysql/mysql_database.c
+++ b/src/libstrongswan/plugins/mysql/mysql_database.c
@@ -19,11 +19,11 @@
#include "mysql_database.h"
-#include <debug.h>
-#include <chunk.h>
+#include <utils/debug.h>
+#include <utils/chunk.h>
#include <threading/thread_value.h>
#include <threading/mutex.h>
-#include <utils/linked_list.h>
+#include <collections/linked_list.h>
/* Older mysql.h headers do not define it, but we need it. It is not returned
* in in MySQL 4 by default, but by MySQL 5. To avoid this problem, we catch
diff --git a/src/libstrongswan/plugins/mysql/mysql_plugin.c b/src/libstrongswan/plugins/mysql/mysql_plugin.c
index dd8b32761..23d709739 100644
--- a/src/libstrongswan/plugins/mysql/mysql_plugin.c
+++ b/src/libstrongswan/plugins/mysql/mysql_plugin.c
@@ -16,7 +16,7 @@
#include "mysql_plugin.h"
#include <library.h>
-#include <debug.h>
+#include <utils/debug.h>
#include "mysql_database.h"
typedef struct private_mysql_plugin_t private_mysql_plugin_t;
diff --git a/src/libstrongswan/plugins/nonce/Makefile.in b/src/libstrongswan/plugins/nonce/Makefile.in
index 7ce23b4d9..03ccb8119 100644
--- a/src/libstrongswan/plugins/nonce/Makefile.in
+++ b/src/libstrongswan/plugins/nonce/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11.1 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -73,6 +73,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
am__installdirs = "$(DESTDIR)$(plugindir)"
LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_nonce_la_LIBADD =
@@ -121,6 +127,7 @@ CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DLLIB = @DLLIB@
+DLLTOOL = @DLLTOOL@
DSYMUTIL = @DSYMUTIL@
DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
@@ -148,6 +155,7 @@ LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
MYSQLCFLAG = @MYSQLCFLAG@
MYSQLCONFIG = @MYSQLCONFIG@
@@ -175,6 +183,7 @@ RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
RUBYINCLUDE = @RUBYINCLUDE@
+RUBYLIB = @RUBYLIB@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
@@ -187,6 +196,7 @@ abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
@@ -240,7 +250,6 @@ libexecdir = @libexecdir@
linux_headers = @linux_headers@
localedir = @localedir@
localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
maemo_CFLAGS = @maemo_CFLAGS@
maemo_LIBS = @maemo_LIBS@
manager_plugins = @manager_plugins@
@@ -370,7 +379,7 @@ clean-pluginLTLIBRARIES:
echo "rm -f \"$${dir}/so_locations\""; \
rm -f "$${dir}/so_locations"; \
done
-libstrongswan-nonce.la: $(libstrongswan_nonce_la_OBJECTS) $(libstrongswan_nonce_la_DEPENDENCIES)
+libstrongswan-nonce.la: $(libstrongswan_nonce_la_OBJECTS) $(libstrongswan_nonce_la_DEPENDENCIES) $(EXTRA_libstrongswan_nonce_la_DEPENDENCIES)
$(libstrongswan_nonce_la_LINK) $(am_libstrongswan_nonce_la_rpath) $(libstrongswan_nonce_la_OBJECTS) $(libstrongswan_nonce_la_LIBADD) $(LIBS)
mostlyclean-compile:
@@ -508,10 +517,15 @@ install-am: all-am
installcheck: installcheck-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
- install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
- `test -z '$(STRIP)' || \
- echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
mostlyclean-generic:
clean-generic:
diff --git a/src/libstrongswan/plugins/nonce/nonce_nonceg.c b/src/libstrongswan/plugins/nonce/nonce_nonceg.c
index 0402e3574..64ed2e08d 100644
--- a/src/libstrongswan/plugins/nonce/nonce_nonceg.c
+++ b/src/libstrongswan/plugins/nonce/nonce_nonceg.c
@@ -15,7 +15,7 @@
#include "nonce_nonceg.h"
-#include <debug.h>
+#include <utils/debug.h>
typedef struct private_nonce_nonceg_t private_nonce_nonceg_t;
diff --git a/src/libstrongswan/plugins/openssl/Makefile.am b/src/libstrongswan/plugins/openssl/Makefile.am
index c59888663..f971a5e08 100644
--- a/src/libstrongswan/plugins/openssl/Makefile.am
+++ b/src/libstrongswan/plugins/openssl/Makefile.am
@@ -23,6 +23,7 @@ libstrongswan_openssl_la_SOURCES = \
openssl_ec_public_key.c openssl_ec_public_key.h \
openssl_x509.c openssl_x509.h \
openssl_crl.c openssl_crl.h \
+ openssl_pkcs7.c openssl_pkcs7.h \
openssl_rng.c openssl_rng.h \
openssl_hmac.c openssl_hmac.h
diff --git a/src/libstrongswan/plugins/openssl/Makefile.in b/src/libstrongswan/plugins/openssl/Makefile.in
index ada44ead3..6d4e2b0d8 100644
--- a/src/libstrongswan/plugins/openssl/Makefile.in
+++ b/src/libstrongswan/plugins/openssl/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11.1 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -73,6 +73,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
am__installdirs = "$(DESTDIR)$(plugindir)"
LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_openssl_la_DEPENDENCIES =
@@ -82,7 +88,7 @@ am_libstrongswan_openssl_la_OBJECTS = openssl_plugin.lo \
openssl_rsa_private_key.lo openssl_rsa_public_key.lo \
openssl_ec_diffie_hellman.lo openssl_ec_private_key.lo \
openssl_ec_public_key.lo openssl_x509.lo openssl_crl.lo \
- openssl_rng.lo openssl_hmac.lo
+ openssl_pkcs7.lo openssl_rng.lo openssl_hmac.lo
libstrongswan_openssl_la_OBJECTS = \
$(am_libstrongswan_openssl_la_OBJECTS)
libstrongswan_openssl_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
@@ -128,6 +134,7 @@ CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DLLIB = @DLLIB@
+DLLTOOL = @DLLTOOL@
DSYMUTIL = @DSYMUTIL@
DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
@@ -155,6 +162,7 @@ LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
MYSQLCFLAG = @MYSQLCFLAG@
MYSQLCONFIG = @MYSQLCONFIG@
@@ -182,6 +190,7 @@ RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
RUBYINCLUDE = @RUBYINCLUDE@
+RUBYLIB = @RUBYLIB@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
@@ -194,6 +203,7 @@ abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
@@ -247,7 +257,6 @@ libexecdir = @libexecdir@
linux_headers = @linux_headers@
localedir = @localedir@
localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
maemo_CFLAGS = @maemo_CFLAGS@
maemo_LIBS = @maemo_LIBS@
manager_plugins = @manager_plugins@
@@ -312,6 +321,7 @@ libstrongswan_openssl_la_SOURCES = \
openssl_ec_public_key.c openssl_ec_public_key.h \
openssl_x509.c openssl_x509.h \
openssl_crl.c openssl_crl.h \
+ openssl_pkcs7.c openssl_pkcs7.h \
openssl_rng.c openssl_rng.h \
openssl_hmac.c openssl_hmac.h
@@ -391,7 +401,7 @@ clean-pluginLTLIBRARIES:
echo "rm -f \"$${dir}/so_locations\""; \
rm -f "$${dir}/so_locations"; \
done
-libstrongswan-openssl.la: $(libstrongswan_openssl_la_OBJECTS) $(libstrongswan_openssl_la_DEPENDENCIES)
+libstrongswan-openssl.la: $(libstrongswan_openssl_la_OBJECTS) $(libstrongswan_openssl_la_DEPENDENCIES) $(EXTRA_libstrongswan_openssl_la_DEPENDENCIES)
$(libstrongswan_openssl_la_LINK) $(am_libstrongswan_openssl_la_rpath) $(libstrongswan_openssl_la_OBJECTS) $(libstrongswan_openssl_la_LIBADD) $(LIBS)
mostlyclean-compile:
@@ -408,6 +418,7 @@ distclean-compile:
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openssl_ec_public_key.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openssl_hasher.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openssl_hmac.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openssl_pkcs7.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openssl_plugin.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openssl_rng.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openssl_rsa_private_key.Plo@am__quote@
@@ -542,10 +553,15 @@ install-am: all-am
installcheck: installcheck-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
- install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
- `test -z '$(STRIP)' || \
- echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
mostlyclean-generic:
clean-generic:
diff --git a/src/libstrongswan/plugins/openssl/openssl_crl.c b/src/libstrongswan/plugins/openssl/openssl_crl.c
index e529ff8a5..d4f36f58b 100644
--- a/src/libstrongswan/plugins/openssl/openssl_crl.c
+++ b/src/libstrongswan/plugins/openssl/openssl_crl.c
@@ -42,8 +42,8 @@
#include <openssl/x509.h>
#include <openssl/x509v3.h>
-#include <debug.h>
-#include <utils/enumerator.h>
+#include <utils/debug.h>
+#include <collections/enumerator.h>
#include <credentials/certificates/x509.h>
typedef struct private_openssl_crl_t private_openssl_crl_t;
diff --git a/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c b/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c
index b27aa3391..4dc5663f1 100644
--- a/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c
+++ b/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c
@@ -18,7 +18,7 @@
#include "openssl_diffie_hellman.h"
-#include <debug.h>
+#include <utils/debug.h>
typedef struct private_openssl_diffie_hellman_t private_openssl_diffie_hellman_t;
diff --git a/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c b/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c
index 9e4067589..d846278c8 100644
--- a/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c
+++ b/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c
@@ -23,7 +23,7 @@
#include "openssl_ec_diffie_hellman.h"
#include "openssl_util.h"
-#include <debug.h>
+#include <utils/debug.h>
typedef struct private_openssl_ec_diffie_hellman_t private_openssl_ec_diffie_hellman_t;
diff --git a/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c b/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c
index 950504573..d350d050b 100644
--- a/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c
+++ b/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c
@@ -22,7 +22,7 @@
#include "openssl_ec_public_key.h"
#include "openssl_util.h"
-#include <debug.h>
+#include <utils/debug.h>
#include <openssl/evp.h>
#include <openssl/ecdsa.h>
diff --git a/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c b/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c
index 9cb68a3ab..3f5125b31 100644
--- a/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c
+++ b/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c
@@ -21,7 +21,7 @@
#include "openssl_ec_public_key.h"
#include "openssl_util.h"
-#include <debug.h>
+#include <utils/debug.h>
#include <openssl/evp.h>
#include <openssl/ecdsa.h>
diff --git a/src/libstrongswan/plugins/openssl/openssl_pkcs7.c b/src/libstrongswan/plugins/openssl/openssl_pkcs7.c
new file mode 100644
index 000000000..ccc426235
--- /dev/null
+++ b/src/libstrongswan/plugins/openssl/openssl_pkcs7.c
@@ -0,0 +1,790 @@
+/*
+ * Copyright (C) 2012 Martin Willi
+ * Copyright (C) 2012 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include <openssl/opensslconf.h>
+
+#ifndef OPENSSL_NO_CMS
+
+#include "openssl_pkcs7.h"
+#include "openssl_util.h"
+
+#include <library.h>
+#include <utils/debug.h>
+#include <asn1/oid.h>
+#include <credentials/sets/mem_cred.h>
+
+#include <openssl/cms.h>
+
+typedef struct private_openssl_pkcs7_t private_openssl_pkcs7_t;
+
+/**
+ * Private data of an openssl_pkcs7_t object.
+ */
+struct private_openssl_pkcs7_t {
+
+ /**
+ * Public pkcs7_t interface.
+ */
+ pkcs7_t public;
+
+ /**
+ * Type of this container
+ */
+ container_type_t type;
+
+ /**
+ * OpenSSL CMS structure
+ */
+ CMS_ContentInfo *cms;
+};
+
+/**
+ * OpenSSL does not allow us to read the signature to verify it with our own
+ * crypto API. We define the internal CMS_SignerInfo structure here to get it.
+ */
+struct CMS_SignerInfo_st {
+ long version;
+ void *sid;
+ X509_ALGOR *digestAlgorithm;
+ STACK_OF(X509_ATTRIBUTE) *signedAttrs;
+ X509_ALGOR *signatureAlgorithm;
+ ASN1_OCTET_STRING *signature;
+ /* and more... */
+};
+
+/**
+ * And we also need access to the wrappend CMS_KeyTransRecipientInfo to
+ * read the encrypted key
+ */
+struct CMS_KeyTransRecipientInfo_st {
+ long version;
+ void *rid;
+ X509_ALGOR *keyEncryptionAlgorithm;
+ ASN1_OCTET_STRING *encryptedKey;
+};
+
+struct CMS_RecipientInfo_st {
+ int type;
+ struct CMS_KeyTransRecipientInfo_st *ktri;
+ /* and more in union... */
+};
+
+struct CMS_EncryptedContentInfo_st {
+ ASN1_OBJECT *contentType;
+ X509_ALGOR *contentEncryptionAlgorithm;
+ ASN1_OCTET_STRING *encryptedContent;
+ /* and more... */
+};
+
+struct CMS_EnvelopedData_st {
+ long version;
+ void *originatorInfo;
+ STACK_OF(CMS_RecipientInfo) *recipientInfos;
+ struct CMS_EncryptedContentInfo_st *encryptedContentInfo;
+ /* and more... */
+};
+
+struct CMS_ContentInfo_st {
+ ASN1_OBJECT *contentType;
+ struct CMS_EnvelopedData_st *envelopedData;
+ /* and more in union... */
+};
+
+/**
+ * We can't include asn1.h, declare function prototypes directly
+ */
+chunk_t asn1_wrap(int, const char *mode, ...);
+int asn1_unwrap(chunk_t*, chunk_t*);
+
+/**
+ * Enumerator over certificates
+ */
+typedef struct {
+ /** implements enumerator_t */
+ enumerator_t public;
+ /** Stack of X509 certificates */
+ STACK_OF(X509) *certs;
+ /** current enumerator position in certificates */
+ int i;
+ /** currently enumerating certificate_t */
+ certificate_t *cert;
+} cert_enumerator_t;
+
+METHOD(enumerator_t, cert_destroy, void,
+ cert_enumerator_t *this)
+{
+ DESTROY_IF(this->cert);
+ free(this);
+}
+
+METHOD(enumerator_t, cert_enumerate, bool,
+ cert_enumerator_t *this, certificate_t **out)
+{
+ if (!this->certs)
+ {
+ return FALSE;
+ }
+ while (this->i < sk_X509_num(this->certs))
+ {
+ chunk_t encoding;
+ X509 *x509;
+
+ /* clean up previous round */
+ DESTROY_IF(this->cert);
+ this->cert = NULL;
+
+ x509 = sk_X509_value(this->certs, this->i++);
+ encoding = openssl_i2chunk(X509, x509);
+ this->cert = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509,
+ BUILD_BLOB_ASN1_DER, encoding,
+ BUILD_END);
+ free(encoding.ptr);
+ if (!this->cert)
+ {
+ continue;
+ }
+ *out = this->cert;
+ return TRUE;
+ }
+ return FALSE;
+}
+
+METHOD(pkcs7_t, create_cert_enumerator, enumerator_t*,
+ private_openssl_pkcs7_t *this)
+{
+ cert_enumerator_t *enumerator;
+
+ if (this->type == CONTAINER_PKCS7_SIGNED_DATA)
+ {
+ INIT(enumerator,
+ .public = {
+ .enumerate = (void*)_cert_enumerate,
+ .destroy = _cert_destroy,
+ },
+ .certs = CMS_get1_certs(this->cms),
+ );
+ return &enumerator->public;
+ }
+ return enumerator_create_empty();
+}
+
+/**
+ * Enumerator for signatures
+ */
+typedef struct {
+ /** implements enumerator_t */
+ enumerator_t public;
+ /** Stack of signerinfos */
+ STACK_OF(CMS_SignerInfo) *signers;
+ /** current enumerator position in signers */
+ int i;
+ /** currently enumerating auth config */
+ auth_cfg_t *auth;
+ /** full CMS */
+ CMS_ContentInfo *cms;
+ /** credential set containing wrapped certificates */
+ mem_cred_t *creds;
+} signature_enumerator_t;
+
+/**
+ * Verify signerInfo signature
+ */
+static auth_cfg_t *verify_signature(CMS_SignerInfo *si, int hash_oid)
+{
+ enumerator_t *enumerator;
+ public_key_t *key;
+ certificate_t *cert;
+ auth_cfg_t *auth, *found = NULL;
+ identification_t *issuer, *serial;
+ chunk_t attrs = chunk_empty, sig, attr;
+ X509_NAME *name;
+ ASN1_INTEGER *snr;
+ int i;
+
+ if (CMS_SignerInfo_get0_signer_id(si, NULL, &name, &snr) != 1)
+ {
+ return NULL;
+ }
+ issuer = openssl_x509_name2id(name);
+ if (!issuer)
+ {
+ return NULL;
+ }
+ serial = identification_create_from_encoding(
+ ID_KEY_ID, openssl_asn1_str2chunk(snr));
+
+ /* reconstruct DER encoded attributes to verify signature */
+ for (i = 0; i < CMS_signed_get_attr_count(si); i++)
+ {
+ attr = openssl_i2chunk(X509_ATTRIBUTE, CMS_signed_get_attr(si, i));
+ attrs = chunk_cat("mm", attrs, attr);
+ }
+ /* wrap in a ASN1_SET */
+ attrs = asn1_wrap(0x31, "m", attrs);
+
+ /* TODO: find a better way to access and verify the signature */
+ sig = openssl_asn1_str2chunk(si->signature);
+ enumerator = lib->credmgr->create_trusted_enumerator(lib->credmgr,
+ KEY_RSA, serial, FALSE);
+ while (enumerator->enumerate(enumerator, &cert, &auth))
+ {
+ if (issuer->equals(issuer, cert->get_issuer(cert)))
+ {
+ key = cert->get_public_key(cert);
+ if (key)
+ {
+ if (key->verify(key, signature_scheme_from_oid(hash_oid),
+ attrs, sig))
+ {
+ found = auth->clone(auth);
+ key->destroy(key);
+ break;
+ }
+ key->destroy(key);
+ }
+ }
+ }
+ enumerator->destroy(enumerator);
+ issuer->destroy(issuer);
+ serial->destroy(serial);
+ free(attrs.ptr);
+
+ return found;
+}
+
+/**
+ * Verify the message digest in the signerInfo attributes
+ */
+static bool verify_digest(CMS_ContentInfo *cms, CMS_SignerInfo *si, int hash_oid)
+{
+ ASN1_OCTET_STRING *os, **osp;
+ hash_algorithm_t hash_alg;
+ chunk_t digest, content, hash;
+ hasher_t *hasher;
+
+ os = CMS_signed_get0_data_by_OBJ(si,
+ OBJ_nid2obj(NID_pkcs9_messageDigest), -3, V_ASN1_OCTET_STRING);
+ if (!os)
+ {
+ return FALSE;
+ }
+ digest = openssl_asn1_str2chunk(os);
+ osp = CMS_get0_content(cms);
+ if (!osp)
+ {
+ return FALSE;
+ }
+ content = openssl_asn1_str2chunk(*osp);
+
+ hash_alg = hasher_algorithm_from_oid(hash_oid);
+ hasher = lib->crypto->create_hasher(lib->crypto, hash_alg);
+ if (!hasher)
+ {
+ DBG1(DBG_LIB, "hash algorithm %N not supported",
+ hash_algorithm_names, hash_alg);
+ return FALSE;
+ }
+ if (!hasher->allocate_hash(hasher, content, &hash))
+ {
+ hasher->destroy(hasher);
+ return FALSE;
+ }
+ hasher->destroy(hasher);
+
+ if (!chunk_equals(digest, hash))
+ {
+ free(hash.ptr);
+ DBG1(DBG_LIB, "invalid messageDigest");
+ return FALSE;
+ }
+ free(hash.ptr);
+ return TRUE;
+}
+
+METHOD(enumerator_t, signature_enumerate, bool,
+ signature_enumerator_t *this, auth_cfg_t **out)
+{
+ if (!this->signers)
+ {
+ return FALSE;
+ }
+ while (this->i < sk_CMS_SignerInfo_num(this->signers))
+ {
+ CMS_SignerInfo *si;
+ X509_ALGOR *digest, *sig;
+ int hash_oid;
+
+ /* clean up previous round */
+ DESTROY_IF(this->auth);
+ this->auth = NULL;
+
+ si = sk_CMS_SignerInfo_value(this->signers, this->i++);
+
+ CMS_SignerInfo_get0_algs(si, NULL, NULL, &digest, &sig);
+ hash_oid = openssl_asn1_known_oid(digest->algorithm);
+ if (openssl_asn1_known_oid(sig->algorithm) != OID_RSA_ENCRYPTION)
+ {
+ DBG1(DBG_LIB, "only RSA digest encryption supported");
+ continue;
+ }
+ this->auth = verify_signature(si, hash_oid);
+ if (!this->auth)
+ {
+ DBG1(DBG_LIB, "unable to verify pkcs7 attributes signature");
+ continue;
+ }
+ if (!verify_digest(this->cms, si, hash_oid))
+ {
+ continue;
+ }
+ *out = this->auth;
+ return TRUE;
+ }
+ return FALSE;
+}
+
+METHOD(enumerator_t, signature_destroy, void,
+ signature_enumerator_t *this)
+{
+ lib->credmgr->remove_local_set(lib->credmgr, &this->creds->set);
+ this->creds->destroy(this->creds);
+ DESTROY_IF(this->auth);
+ free(this);
+}
+
+METHOD(container_t, create_signature_enumerator, enumerator_t*,
+ private_openssl_pkcs7_t *this)
+{
+ signature_enumerator_t *enumerator;
+
+ if (this->type == CONTAINER_PKCS7_SIGNED_DATA)
+ {
+ enumerator_t *certs;
+ certificate_t *cert;
+
+ INIT(enumerator,
+ .public = {
+ .enumerate = (void*)_signature_enumerate,
+ .destroy = _signature_destroy,
+ },
+ .cms = this->cms,
+ .signers = CMS_get0_SignerInfos(this->cms),
+ .creds = mem_cred_create(),
+ );
+
+ /* make available wrapped certs during signature checking */
+ certs = create_cert_enumerator(this);
+ while (certs->enumerate(certs, &cert))
+ {
+ enumerator->creds->add_cert(enumerator->creds, FALSE,
+ cert->get_ref(cert));
+ }
+ certs->destroy(certs);
+
+ lib->credmgr->add_local_set(lib->credmgr, &enumerator->creds->set,
+ FALSE);
+
+ return &enumerator->public;
+ }
+ return enumerator_create_empty();
+}
+
+
+METHOD(container_t, get_type, container_type_t,
+ private_openssl_pkcs7_t *this)
+{
+ return this->type;
+}
+
+METHOD(pkcs7_t, get_attribute, bool,
+ private_openssl_pkcs7_t *this, int oid,
+ enumerator_t *enumerator, chunk_t *value)
+{
+ signature_enumerator_t *e;
+ CMS_SignerInfo *si;
+ X509_ATTRIBUTE *attr;
+ ASN1_TYPE *type;
+ chunk_t chunk, wrapped;
+ int i;
+
+ e = (signature_enumerator_t*)enumerator;
+ if (e->i <= 0)
+ {
+ return FALSE;
+ }
+
+ /* "i" gets incremeneted after enumerate(), hence read from previous */
+ si = sk_CMS_SignerInfo_value(e->signers, e->i - 1);
+ for (i = 0; i < CMS_signed_get_attr_count(si); i++)
+ {
+ attr = CMS_signed_get_attr(si, i);
+ if (!attr->single && sk_ASN1_TYPE_num(attr->value.set) == 1 &&
+ openssl_asn1_known_oid(attr->object) == oid)
+ {
+ /* get first value in SET */
+ type = sk_ASN1_TYPE_value(attr->value.set, 0);
+ chunk = wrapped = openssl_i2chunk(ASN1_TYPE, type);
+ if (asn1_unwrap(&chunk, &chunk) != 0x100 /* ASN1_INVALID */)
+ {
+ *value = chunk_clone(chunk);
+ free(wrapped.ptr);
+ return TRUE;
+ }
+ free(wrapped.ptr);
+ }
+ }
+ return FALSE;
+}
+
+/**
+ * Find a private key for issuerAndSerialNumber
+ */
+static private_key_t *find_private(identification_t *issuer,
+ identification_t *serial)
+{
+ enumerator_t *enumerator;
+ certificate_t *cert;
+ public_key_t *public;
+ private_key_t *private = NULL;
+ identification_t *id;
+ chunk_t fp;
+
+ enumerator = lib->credmgr->create_cert_enumerator(lib->credmgr,
+ CERT_X509, KEY_RSA, serial, FALSE);
+ while (enumerator->enumerate(enumerator, &cert))
+ {
+ if (issuer->equals(issuer, cert->get_issuer(cert)))
+ {
+ public = cert->get_public_key(cert);
+ if (public)
+ {
+ if (public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &fp))
+ {
+ id = identification_create_from_encoding(ID_KEY_ID, fp);
+ private = lib->credmgr->get_private(lib->credmgr,
+ KEY_ANY, id, NULL);
+ id->destroy(id);
+ }
+ public->destroy(public);
+ }
+ }
+ if (private)
+ {
+ break;
+ }
+ }
+ enumerator->destroy(enumerator);
+ return private;
+}
+
+/**
+ * Decrypt enveloped-data with a decrypted symmetric key
+ */
+static bool decrypt_symmetric(private_openssl_pkcs7_t *this, chunk_t key,
+ chunk_t encrypted, chunk_t *plain)
+{
+ encryption_algorithm_t encr;
+ X509_ALGOR *alg;
+ crypter_t *crypter;
+ chunk_t iv;
+ size_t key_size;
+
+ /* read encryption algorithm from interal structures; TODO fixup */
+ alg = this->cms->envelopedData->encryptedContentInfo->
+ contentEncryptionAlgorithm;
+ encr = encryption_algorithm_from_oid(openssl_asn1_known_oid(alg->algorithm),
+ &key_size);
+ if (alg->parameter->type != V_ASN1_OCTET_STRING)
+ {
+ return FALSE;
+ }
+ iv = openssl_asn1_str2chunk(alg->parameter->value.octet_string);
+
+ crypter = lib->crypto->create_crypter(lib->crypto, encr, key_size / 8);
+ if (!crypter)
+ {
+ DBG1(DBG_LIB, "crypter %N-%d not available",
+ encryption_algorithm_names, alg, key_size);
+ return FALSE;
+ }
+ if (key.len != crypter->get_key_size(crypter))
+ {
+ DBG1(DBG_LIB, "symmetric key length is wrong");
+ crypter->destroy(crypter);
+ return FALSE;
+ }
+ if (iv.len != crypter->get_iv_size(crypter))
+ {
+ DBG1(DBG_LIB, "IV length is wrong");
+ crypter->destroy(crypter);
+ return FALSE;
+ }
+ if (!crypter->set_key(crypter, key) ||
+ !crypter->decrypt(crypter, encrypted, iv, plain))
+ {
+ crypter->destroy(crypter);
+ return FALSE;
+ }
+ crypter->destroy(crypter);
+ return TRUE;
+}
+
+/**
+ * Remove enveloped-data PKCS#7 padding from plain data
+ */
+static bool remove_padding(chunk_t *data)
+{
+ u_char *pos;
+ u_char pattern;
+ size_t padding;
+
+ if (!data->len)
+ {
+ return FALSE;
+ }
+ pos = data->ptr + data->len - 1;
+ padding = pattern = *pos;
+
+ if (padding > data->len)
+ {
+ DBG1(DBG_LIB, "padding greater than data length");
+ return FALSE;
+ }
+ data->len -= padding;
+
+ while (padding-- > 0)
+ {
+ if (*pos-- != pattern)
+ {
+ DBG1(DBG_LIB, "wrong padding pattern");
+ return FALSE;
+ }
+ }
+ return TRUE;
+}
+
+/**
+ * Decrypt PKCS#7 enveloped-data
+ */
+static bool decrypt(private_openssl_pkcs7_t *this,
+ chunk_t encrypted, chunk_t *plain)
+{
+ STACK_OF(CMS_RecipientInfo) *ris;
+ CMS_RecipientInfo *ri;
+ chunk_t chunk, key = chunk_empty;
+ int i;
+
+ ris = CMS_get0_RecipientInfos(this->cms);
+ for (i = 0; i < sk_CMS_RecipientInfo_num(ris); i++)
+ {
+ ri = sk_CMS_RecipientInfo_value(ris, i);
+ if (CMS_RecipientInfo_type(ri) == CMS_RECIPINFO_TRANS)
+ {
+ identification_t *serial, *issuer;
+ private_key_t *private;
+ X509_ALGOR *alg;
+ X509_NAME *name;
+ ASN1_INTEGER *sn;
+ u_char zero = 0;
+ int oid;
+
+ if (CMS_RecipientInfo_ktri_get0_algs(ri, NULL, NULL, &alg) == 1 &&
+ CMS_RecipientInfo_ktri_get0_signer_id(ri, NULL, &name, &sn) == 1)
+ {
+ oid = openssl_asn1_known_oid(alg->algorithm);
+ if (oid != OID_RSA_ENCRYPTION)
+ {
+ DBG1(DBG_LIB, "only RSA encryption supported in PKCS#7");
+ continue;
+ }
+ issuer = openssl_x509_name2id(name);
+ if (!issuer)
+ {
+ continue;
+ }
+ chunk = openssl_asn1_str2chunk(sn);
+ if (chunk.len && chunk.ptr[0] & 0x80)
+ { /* if MSB is set, append a zero to make it non-negative */
+ chunk = chunk_cata("cc", chunk_from_thing(zero), chunk);
+ }
+ serial = identification_create_from_encoding(ID_KEY_ID, chunk);
+ private = find_private(issuer, serial);
+ issuer->destroy(issuer);
+ serial->destroy(serial);
+
+ if (private)
+ {
+ /* get encryptedKey from internal structure; TODO fixup */
+ chunk = openssl_asn1_str2chunk(ri->ktri->encryptedKey);
+ if (private->decrypt(private, ENCRYPT_RSA_PKCS1,
+ chunk, &key))
+ {
+ private->destroy(private);
+ break;
+ }
+ private->destroy(private);
+ }
+ }
+ }
+ }
+ if (!key.len)
+ {
+ DBG1(DBG_LIB, "no private key found to decrypt PKCS#7");
+ return FALSE;
+ }
+ if (!decrypt_symmetric(this, key, encrypted, plain))
+ {
+ chunk_clear(&key);
+ return FALSE;
+ }
+ chunk_clear(&key);
+ if (!remove_padding(plain))
+ {
+ free(plain->ptr);
+ return FALSE;
+ }
+ return TRUE;
+}
+
+METHOD(container_t, get_data, bool,
+ private_openssl_pkcs7_t *this, chunk_t *data)
+{
+ ASN1_OCTET_STRING **os;
+ chunk_t chunk;
+
+ os = CMS_get0_content(this->cms);
+ if (os)
+ {
+ chunk = openssl_asn1_str2chunk(*os);
+ switch (this->type)
+ {
+ case CONTAINER_PKCS7_DATA:
+ case CONTAINER_PKCS7_SIGNED_DATA:
+ *data = chunk_clone(chunk);
+ return TRUE;
+ case CONTAINER_PKCS7_ENVELOPED_DATA:
+ return decrypt(this, chunk, data);
+ default:
+ break;
+ }
+ }
+ return FALSE;
+}
+
+METHOD(container_t, get_encoding, bool,
+ private_openssl_pkcs7_t *this, chunk_t *data)
+{
+ return FALSE;
+}
+
+METHOD(container_t, destroy, void,
+ private_openssl_pkcs7_t *this)
+{
+ CMS_ContentInfo_free(this->cms);
+ free(this);
+}
+
+/**
+ * Generic constructor
+ */
+static private_openssl_pkcs7_t* create_empty()
+{
+ private_openssl_pkcs7_t *this;
+
+ INIT(this,
+ .public = {
+ .container = {
+ .get_type = _get_type,
+ .create_signature_enumerator = _create_signature_enumerator,
+ .get_data = _get_data,
+ .get_encoding = _get_encoding,
+ .destroy = _destroy,
+ },
+ .get_attribute = _get_attribute,
+ .create_cert_enumerator = _create_cert_enumerator,
+ },
+ );
+
+ return this;
+}
+
+/**
+ * Parse a PKCS#7 container
+ */
+static bool parse(private_openssl_pkcs7_t *this, chunk_t blob)
+{
+ BIO *bio;
+
+ bio = BIO_new_mem_buf(blob.ptr, blob.len);
+ this->cms = d2i_CMS_bio(bio, NULL);
+ BIO_free(bio);
+
+ if (!this->cms)
+ {
+ return FALSE;
+ }
+ switch (openssl_asn1_known_oid((ASN1_OBJECT*)CMS_get0_type(this->cms)))
+ {
+ case OID_PKCS7_DATA:
+ this->type = CONTAINER_PKCS7_DATA;
+ break;
+ case OID_PKCS7_SIGNED_DATA:
+ this->type = CONTAINER_PKCS7_SIGNED_DATA;
+ break;
+ case OID_PKCS7_ENVELOPED_DATA:
+ this->type = CONTAINER_PKCS7_ENVELOPED_DATA;
+ break;
+ default:
+ return FALSE;
+ }
+
+ return TRUE;
+}
+
+/**
+ * See header
+ */
+pkcs7_t *openssl_pkcs7_load(container_type_t type, va_list args)
+{
+ chunk_t blob = chunk_empty;
+ private_openssl_pkcs7_t *this;
+
+ while (TRUE)
+ {
+ switch (va_arg(args, builder_part_t))
+ {
+ case BUILD_BLOB_ASN1_DER:
+ blob = va_arg(args, chunk_t);
+ continue;
+ case BUILD_END:
+ break;
+ default:
+ return NULL;
+ }
+ break;
+ }
+ if (blob.len)
+ {
+ this = create_empty();
+ if (parse(this, blob))
+ {
+ return &this->public;
+ }
+ destroy(this);
+ }
+ return NULL;
+}
+
+#endif /* OPENSSL_NO_CMS */
diff --git a/src/libstrongswan/plugins/openssl/openssl_pkcs7.h b/src/libstrongswan/plugins/openssl/openssl_pkcs7.h
new file mode 100644
index 000000000..2c7939ebd
--- /dev/null
+++ b/src/libstrongswan/plugins/openssl/openssl_pkcs7.h
@@ -0,0 +1,37 @@
+/*
+ * Copyright (C) 2012 Martin Willi
+ * Copyright (C) 2012 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup openssl_pkcs7 openssl_pkcs7
+ * @{ @ingroup openssl_p
+ */
+
+#ifndef OPENSSL_PKCS7_H_
+#define OPENSSL_PKCS7_H_
+
+#include <credentials/containers/pkcs7.h>
+
+/**
+ * Load a generic PKCS#7 container.
+ *
+ * The argument list must contain a single BUILD_BLOB_ASN1_DER argument.
+ *
+ * @param type type of the container, CONTAINER_PKCS7
+ * @param args builder_part_t argument list
+ * @return container, NULL on failure
+ */
+pkcs7_t *openssl_pkcs7_load(container_type_t type, va_list args);
+
+#endif /** OPENSSL_PKCS7_H_ @}*/
diff --git a/src/libstrongswan/plugins/openssl/openssl_plugin.c b/src/libstrongswan/plugins/openssl/openssl_plugin.c
index b69de981e..dd6a379d2 100644
--- a/src/libstrongswan/plugins/openssl/openssl_plugin.c
+++ b/src/libstrongswan/plugins/openssl/openssl_plugin.c
@@ -25,7 +25,7 @@
#include "openssl_plugin.h"
#include <library.h>
-#include <debug.h>
+#include <utils/debug.h>
#include <threading/thread.h>
#include <threading/mutex.h>
#include "openssl_util.h"
@@ -40,6 +40,7 @@
#include "openssl_ec_public_key.h"
#include "openssl_x509.h"
#include "openssl_crl.h"
+#include "openssl_pkcs7.h"
#include "openssl_rng.h"
#include "openssl_hmac.h"
@@ -365,6 +366,10 @@ METHOD(plugin_t, get_features, int,
PLUGIN_SDEPEND(PUBKEY, KEY_DSA),
PLUGIN_REGISTER(CERT_DECODE, openssl_crl_load, TRUE),
PLUGIN_PROVIDE(CERT_DECODE, CERT_X509_CRL),
+#ifndef OPENSSL_NO_CMS
+ PLUGIN_REGISTER(CONTAINER_DECODE, openssl_pkcs7_load, TRUE),
+ PLUGIN_PROVIDE(CONTAINER_DECODE, CONTAINER_PKCS7),
+#endif /* OPENSSL_NO_CMS */
#ifndef OPENSSL_NO_ECDH
/* EC DH groups */
PLUGIN_REGISTER(DH, openssl_ec_diffie_hellman_create),
diff --git a/src/libstrongswan/plugins/openssl/openssl_rng.c b/src/libstrongswan/plugins/openssl/openssl_rng.c
index c83244f60..d3d64f5e8 100644
--- a/src/libstrongswan/plugins/openssl/openssl_rng.c
+++ b/src/libstrongswan/plugins/openssl/openssl_rng.c
@@ -20,7 +20,7 @@
* THE SOFTWARE.
*/
-#include <debug.h>
+#include <utils/debug.h>
#include <openssl/rand.h>
#include <openssl/err.h>
diff --git a/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c b/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c
index 98cd700bf..926e5928c 100644
--- a/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c
+++ b/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c
@@ -17,7 +17,7 @@
#include "openssl_rsa_private_key.h"
#include "openssl_rsa_public_key.h"
-#include <debug.h>
+#include <utils/debug.h>
#include <openssl/evp.h>
#include <openssl/rsa.h>
diff --git a/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c b/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c
index 5872a8159..0da5d2514 100644
--- a/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c
+++ b/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c
@@ -16,7 +16,7 @@
#include "openssl_rsa_public_key.h"
-#include <debug.h>
+#include <utils/debug.h>
#include <openssl/evp.h>
#include <openssl/rsa.h>
diff --git a/src/libstrongswan/plugins/openssl/openssl_util.c b/src/libstrongswan/plugins/openssl/openssl_util.c
index 1eb1c6723..bc10dd28c 100644
--- a/src/libstrongswan/plugins/openssl/openssl_util.c
+++ b/src/libstrongswan/plugins/openssl/openssl_util.c
@@ -16,7 +16,7 @@
#include "openssl_util.h"
-#include <debug.h>
+#include <utils/debug.h>
#include <openssl/evp.h>
#include <openssl/x509.h>
diff --git a/src/libstrongswan/plugins/openssl/openssl_x509.c b/src/libstrongswan/plugins/openssl/openssl_x509.c
index e85c5cc90..676b97f7a 100644
--- a/src/libstrongswan/plugins/openssl/openssl_x509.c
+++ b/src/libstrongswan/plugins/openssl/openssl_x509.c
@@ -47,9 +47,9 @@
#include "openssl_x509.h"
#include "openssl_util.h"
-#include <debug.h>
+#include <utils/debug.h>
#include <asn1/oid.h>
-#include <utils/linked_list.h>
+#include <collections/linked_list.h>
typedef struct private_openssl_x509_t private_openssl_x509_t;
@@ -327,6 +327,10 @@ METHOD(certificate_t, has_subject, id_match_t,
{
return ID_MATCH_PERFECT;
}
+ if (chunk_equals(get_serial(this), encoding))
+ {
+ return ID_MATCH_PERFECT;
+ }
}
best = this->subject->matches(this->subject, subject);
enumerator = create_subjectAltName_enumerator(this);
diff --git a/src/libstrongswan/plugins/padlock/Makefile.in b/src/libstrongswan/plugins/padlock/Makefile.in
index 5a559eadf..94feb11f9 100644
--- a/src/libstrongswan/plugins/padlock/Makefile.in
+++ b/src/libstrongswan/plugins/padlock/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11.1 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -73,6 +73,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
am__installdirs = "$(DESTDIR)$(plugindir)"
LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_padlock_la_LIBADD =
@@ -123,6 +129,7 @@ CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DLLIB = @DLLIB@
+DLLTOOL = @DLLTOOL@
DSYMUTIL = @DSYMUTIL@
DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
@@ -150,6 +157,7 @@ LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
MYSQLCFLAG = @MYSQLCFLAG@
MYSQLCONFIG = @MYSQLCONFIG@
@@ -177,6 +185,7 @@ RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
RUBYINCLUDE = @RUBYINCLUDE@
+RUBYLIB = @RUBYLIB@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
@@ -189,6 +198,7 @@ abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
@@ -242,7 +252,6 @@ libexecdir = @libexecdir@
linux_headers = @linux_headers@
localedir = @localedir@
localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
maemo_CFLAGS = @maemo_CFLAGS@
maemo_LIBS = @maemo_LIBS@
manager_plugins = @manager_plugins@
@@ -374,7 +383,7 @@ clean-pluginLTLIBRARIES:
echo "rm -f \"$${dir}/so_locations\""; \
rm -f "$${dir}/so_locations"; \
done
-libstrongswan-padlock.la: $(libstrongswan_padlock_la_OBJECTS) $(libstrongswan_padlock_la_DEPENDENCIES)
+libstrongswan-padlock.la: $(libstrongswan_padlock_la_OBJECTS) $(libstrongswan_padlock_la_DEPENDENCIES) $(EXTRA_libstrongswan_padlock_la_DEPENDENCIES)
$(libstrongswan_padlock_la_LINK) $(am_libstrongswan_padlock_la_rpath) $(libstrongswan_padlock_la_OBJECTS) $(libstrongswan_padlock_la_LIBADD) $(LIBS)
mostlyclean-compile:
@@ -514,10 +523,15 @@ install-am: all-am
installcheck: installcheck-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
- install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
- `test -z '$(STRIP)' || \
- echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
mostlyclean-generic:
clean-generic:
diff --git a/src/libstrongswan/plugins/padlock/padlock_plugin.c b/src/libstrongswan/plugins/padlock/padlock_plugin.c
index 9d4afd8e8..b887c2c84 100644
--- a/src/libstrongswan/plugins/padlock/padlock_plugin.c
+++ b/src/libstrongswan/plugins/padlock/padlock_plugin.c
@@ -21,7 +21,7 @@
#include <stdio.h>
#include <library.h>
-#include <debug.h>
+#include <utils/debug.h>
typedef struct private_padlock_plugin_t private_padlock_plugin_t;
typedef enum padlock_feature_t padlock_feature_t;
diff --git a/src/libstrongswan/plugins/pem/Makefile.in b/src/libstrongswan/plugins/pem/Makefile.in
index 7988d1e74..580b39caf 100644
--- a/src/libstrongswan/plugins/pem/Makefile.in
+++ b/src/libstrongswan/plugins/pem/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11.1 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -73,6 +73,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
am__installdirs = "$(DESTDIR)$(plugindir)"
LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_pem_la_LIBADD =
@@ -121,6 +127,7 @@ CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DLLIB = @DLLIB@
+DLLTOOL = @DLLTOOL@
DSYMUTIL = @DSYMUTIL@
DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
@@ -148,6 +155,7 @@ LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
MYSQLCFLAG = @MYSQLCFLAG@
MYSQLCONFIG = @MYSQLCONFIG@
@@ -175,6 +183,7 @@ RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
RUBYINCLUDE = @RUBYINCLUDE@
+RUBYLIB = @RUBYLIB@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
@@ -187,6 +196,7 @@ abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
@@ -240,7 +250,6 @@ libexecdir = @libexecdir@
linux_headers = @linux_headers@
localedir = @localedir@
localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
maemo_CFLAGS = @maemo_CFLAGS@
maemo_LIBS = @maemo_LIBS@
manager_plugins = @manager_plugins@
@@ -371,7 +380,7 @@ clean-pluginLTLIBRARIES:
echo "rm -f \"$${dir}/so_locations\""; \
rm -f "$${dir}/so_locations"; \
done
-libstrongswan-pem.la: $(libstrongswan_pem_la_OBJECTS) $(libstrongswan_pem_la_DEPENDENCIES)
+libstrongswan-pem.la: $(libstrongswan_pem_la_OBJECTS) $(libstrongswan_pem_la_DEPENDENCIES) $(EXTRA_libstrongswan_pem_la_DEPENDENCIES)
$(libstrongswan_pem_la_LINK) $(am_libstrongswan_pem_la_rpath) $(libstrongswan_pem_la_OBJECTS) $(libstrongswan_pem_la_LIBADD) $(LIBS)
mostlyclean-compile:
@@ -510,10 +519,15 @@ install-am: all-am
installcheck: installcheck-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
- install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
- `test -z '$(STRIP)' || \
- echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
mostlyclean-generic:
clean-generic:
diff --git a/src/libstrongswan/plugins/pem/pem_builder.c b/src/libstrongswan/plugins/pem/pem_builder.c
index 9b9777031..08e81b3c5 100644
--- a/src/libstrongswan/plugins/pem/pem_builder.c
+++ b/src/libstrongswan/plugins/pem/pem_builder.c
@@ -27,7 +27,7 @@
#include <sys/mman.h>
#include <sys/stat.h>
-#include <debug.h>
+#include <utils/debug.h>
#include <library.h>
#include <utils/lexparser.h>
#include <asn1/asn1.h>
@@ -288,8 +288,11 @@ static status_t pem_to_bin(chunk_t *blob, bool *pgp)
" not supported", (int)dek.len, dek.ptr);
return NOT_SUPPORTED;
}
- eat_whitespace(&value);
- iv = chunk_from_hex(value, iv.ptr);
+ if (!eat_whitespace(&value) || value.len > 2*sizeof(iv_buf))
+ {
+ return PARSE_ERROR;
+ }
+ iv = chunk_from_hex(value, iv_buf);
}
}
else /* state is PEM_BODY */
diff --git a/src/libstrongswan/plugins/pgp/Makefile.in b/src/libstrongswan/plugins/pgp/Makefile.in
index 65acdc196..ed0a880f6 100644
--- a/src/libstrongswan/plugins/pgp/Makefile.in
+++ b/src/libstrongswan/plugins/pgp/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11.1 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -73,6 +73,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
am__installdirs = "$(DESTDIR)$(plugindir)"
LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_pgp_la_LIBADD =
@@ -121,6 +127,7 @@ CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DLLIB = @DLLIB@
+DLLTOOL = @DLLTOOL@
DSYMUTIL = @DSYMUTIL@
DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
@@ -148,6 +155,7 @@ LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
MYSQLCFLAG = @MYSQLCFLAG@
MYSQLCONFIG = @MYSQLCONFIG@
@@ -175,6 +183,7 @@ RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
RUBYINCLUDE = @RUBYINCLUDE@
+RUBYLIB = @RUBYLIB@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
@@ -187,6 +196,7 @@ abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
@@ -240,7 +250,6 @@ libexecdir = @libexecdir@
linux_headers = @linux_headers@
localedir = @localedir@
localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
maemo_CFLAGS = @maemo_CFLAGS@
maemo_LIBS = @maemo_LIBS@
manager_plugins = @manager_plugins@
@@ -373,7 +382,7 @@ clean-pluginLTLIBRARIES:
echo "rm -f \"$${dir}/so_locations\""; \
rm -f "$${dir}/so_locations"; \
done
-libstrongswan-pgp.la: $(libstrongswan_pgp_la_OBJECTS) $(libstrongswan_pgp_la_DEPENDENCIES)
+libstrongswan-pgp.la: $(libstrongswan_pgp_la_OBJECTS) $(libstrongswan_pgp_la_DEPENDENCIES) $(EXTRA_libstrongswan_pgp_la_DEPENDENCIES)
$(libstrongswan_pgp_la_LINK) $(am_libstrongswan_pgp_la_rpath) $(libstrongswan_pgp_la_OBJECTS) $(libstrongswan_pgp_la_LIBADD) $(LIBS)
mostlyclean-compile:
@@ -514,10 +523,15 @@ install-am: all-am
installcheck: installcheck-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
- install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
- `test -z '$(STRIP)' || \
- echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
mostlyclean-generic:
clean-generic:
diff --git a/src/libstrongswan/plugins/pgp/pgp_builder.c b/src/libstrongswan/plugins/pgp/pgp_builder.c
index 361157742..3ff357202 100644
--- a/src/libstrongswan/plugins/pgp/pgp_builder.c
+++ b/src/libstrongswan/plugins/pgp/pgp_builder.c
@@ -17,8 +17,8 @@
#include "pgp_builder.h"
#include "pgp_utils.h"
-#include <enum.h>
-#include <debug.h>
+#include <utils/enum.h>
+#include <utils/debug.h>
#include <credentials/keys/private_key.h>
/**
diff --git a/src/libstrongswan/plugins/pgp/pgp_cert.c b/src/libstrongswan/plugins/pgp/pgp_cert.c
index a99bed2f6..89d7094ad 100644
--- a/src/libstrongswan/plugins/pgp/pgp_cert.c
+++ b/src/libstrongswan/plugins/pgp/pgp_cert.c
@@ -18,7 +18,7 @@
#include <time.h>
-#include <debug.h>
+#include <utils/debug.h>
typedef struct private_pgp_cert_t private_pgp_cert_t;
diff --git a/src/libstrongswan/plugins/pgp/pgp_encoder.c b/src/libstrongswan/plugins/pgp/pgp_encoder.c
index d16d1d71b..100f3ef33 100644
--- a/src/libstrongswan/plugins/pgp/pgp_encoder.c
+++ b/src/libstrongswan/plugins/pgp/pgp_encoder.c
@@ -15,7 +15,7 @@
#include "pgp_encoder.h"
-#include <debug.h>
+#include <utils/debug.h>
/**
* Build a PGPv3 fingerprint
diff --git a/src/libstrongswan/plugins/pgp/pgp_utils.c b/src/libstrongswan/plugins/pgp/pgp_utils.c
index 7fd905ce4..bb15627fd 100644
--- a/src/libstrongswan/plugins/pgp/pgp_utils.c
+++ b/src/libstrongswan/plugins/pgp/pgp_utils.c
@@ -15,7 +15,7 @@
#include "pgp_utils.h"
-#include <debug.h>
+#include <utils/debug.h>
ENUM_BEGIN(pgp_pubkey_alg_names, PGP_PUBKEY_ALG_RSA, PGP_PUBKEY_ALG_RSA_SIGN_ONLY,
"RSA",
diff --git a/src/libstrongswan/plugins/pkcs1/Makefile.in b/src/libstrongswan/plugins/pkcs1/Makefile.in
index 85246f3de..58989e574 100644
--- a/src/libstrongswan/plugins/pkcs1/Makefile.in
+++ b/src/libstrongswan/plugins/pkcs1/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11.1 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -73,6 +73,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
am__installdirs = "$(DESTDIR)$(plugindir)"
LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_pkcs1_la_LIBADD =
@@ -122,6 +128,7 @@ CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DLLIB = @DLLIB@
+DLLTOOL = @DLLTOOL@
DSYMUTIL = @DSYMUTIL@
DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
@@ -149,6 +156,7 @@ LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
MYSQLCFLAG = @MYSQLCFLAG@
MYSQLCONFIG = @MYSQLCONFIG@
@@ -176,6 +184,7 @@ RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
RUBYINCLUDE = @RUBYINCLUDE@
+RUBYLIB = @RUBYLIB@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
@@ -188,6 +197,7 @@ abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
@@ -241,7 +251,6 @@ libexecdir = @libexecdir@
linux_headers = @linux_headers@
localedir = @localedir@
localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
maemo_CFLAGS = @maemo_CFLAGS@
maemo_LIBS = @maemo_LIBS@
manager_plugins = @manager_plugins@
@@ -372,7 +381,7 @@ clean-pluginLTLIBRARIES:
echo "rm -f \"$${dir}/so_locations\""; \
rm -f "$${dir}/so_locations"; \
done
-libstrongswan-pkcs1.la: $(libstrongswan_pkcs1_la_OBJECTS) $(libstrongswan_pkcs1_la_DEPENDENCIES)
+libstrongswan-pkcs1.la: $(libstrongswan_pkcs1_la_OBJECTS) $(libstrongswan_pkcs1_la_DEPENDENCIES) $(EXTRA_libstrongswan_pkcs1_la_DEPENDENCIES)
$(libstrongswan_pkcs1_la_LINK) $(am_libstrongswan_pkcs1_la_rpath) $(libstrongswan_pkcs1_la_OBJECTS) $(libstrongswan_pkcs1_la_LIBADD) $(LIBS)
mostlyclean-compile:
@@ -511,10 +520,15 @@ install-am: all-am
installcheck: installcheck-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
- install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
- `test -z '$(STRIP)' || \
- echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
mostlyclean-generic:
clean-generic:
diff --git a/src/libstrongswan/plugins/pkcs1/pkcs1_builder.c b/src/libstrongswan/plugins/pkcs1/pkcs1_builder.c
index 6d022f362..c6661fcda 100644
--- a/src/libstrongswan/plugins/pkcs1/pkcs1_builder.c
+++ b/src/libstrongswan/plugins/pkcs1/pkcs1_builder.c
@@ -17,7 +17,7 @@
#include "pkcs1_builder.h"
-#include <debug.h>
+#include <utils/debug.h>
#include <asn1/oid.h>
#include <asn1/asn1.h>
#include <asn1/asn1_parser.h>
diff --git a/src/libstrongswan/plugins/pkcs1/pkcs1_encoder.c b/src/libstrongswan/plugins/pkcs1/pkcs1_encoder.c
index 9122e8d8e..60f0ca757 100644
--- a/src/libstrongswan/plugins/pkcs1/pkcs1_encoder.c
+++ b/src/libstrongswan/plugins/pkcs1/pkcs1_encoder.c
@@ -15,7 +15,7 @@
#include "pkcs1_encoder.h"
-#include <debug.h>
+#include <utils/debug.h>
#include <asn1/asn1.h>
#include <asn1/oid.h>
diff --git a/src/libstrongswan/plugins/pkcs11/Makefile.in b/src/libstrongswan/plugins/pkcs11/Makefile.in
index dc0ab1e82..75faadcf1 100644
--- a/src/libstrongswan/plugins/pkcs11/Makefile.in
+++ b/src/libstrongswan/plugins/pkcs11/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11.1 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -73,6 +73,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
am__installdirs = "$(DESTDIR)$(plugindir)"
LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_pkcs11_la_LIBADD =
@@ -125,6 +131,7 @@ CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DLLIB = @DLLIB@
+DLLTOOL = @DLLTOOL@
DSYMUTIL = @DSYMUTIL@
DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
@@ -152,6 +159,7 @@ LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
MYSQLCFLAG = @MYSQLCFLAG@
MYSQLCONFIG = @MYSQLCONFIG@
@@ -179,6 +187,7 @@ RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
RUBYINCLUDE = @RUBYINCLUDE@
+RUBYLIB = @RUBYLIB@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
@@ -191,6 +200,7 @@ abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
@@ -244,7 +254,6 @@ libexecdir = @libexecdir@
linux_headers = @linux_headers@
localedir = @localedir@
localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
maemo_CFLAGS = @maemo_CFLAGS@
maemo_LIBS = @maemo_LIBS@
manager_plugins = @manager_plugins@
@@ -381,7 +390,7 @@ clean-pluginLTLIBRARIES:
echo "rm -f \"$${dir}/so_locations\""; \
rm -f "$${dir}/so_locations"; \
done
-libstrongswan-pkcs11.la: $(libstrongswan_pkcs11_la_OBJECTS) $(libstrongswan_pkcs11_la_DEPENDENCIES)
+libstrongswan-pkcs11.la: $(libstrongswan_pkcs11_la_OBJECTS) $(libstrongswan_pkcs11_la_DEPENDENCIES) $(EXTRA_libstrongswan_pkcs11_la_DEPENDENCIES)
$(libstrongswan_pkcs11_la_LINK) $(am_libstrongswan_pkcs11_la_rpath) $(libstrongswan_pkcs11_la_OBJECTS) $(libstrongswan_pkcs11_la_LIBADD) $(LIBS)
mostlyclean-compile:
@@ -526,10 +535,15 @@ install-am: all-am
installcheck: installcheck-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
- install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
- `test -z '$(STRIP)' || \
- echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
mostlyclean-generic:
clean-generic:
diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_creds.c b/src/libstrongswan/plugins/pkcs11/pkcs11_creds.c
index 7536ce1d3..e65f3a06b 100644
--- a/src/libstrongswan/plugins/pkcs11/pkcs11_creds.c
+++ b/src/libstrongswan/plugins/pkcs11/pkcs11_creds.c
@@ -14,9 +14,10 @@
*/
#include "pkcs11_creds.h"
+#include "pkcs11_manager.h"
-#include <debug.h>
-#include <utils/linked_list.h>
+#include <utils/debug.h>
+#include <collections/linked_list.h>
typedef struct private_pkcs11_creds_t private_pkcs11_creds_t;
@@ -257,3 +258,112 @@ pkcs11_creds_t *pkcs11_creds_create(pkcs11_library_t *p11, CK_SLOT_ID slot)
return &this->public;
}
+
+/**
+ * See header.
+ */
+certificate_t *pkcs11_creds_load(certificate_type_t type, va_list args)
+{
+ chunk_t keyid = chunk_empty, data = chunk_empty;
+ enumerator_t *enumerator, *certs;
+ pkcs11_manager_t *manager;
+ pkcs11_library_t *p11;
+ certificate_t *cert = NULL;
+ CK_SLOT_ID current, slot = -1;
+ char *module = NULL;
+
+ while (TRUE)
+ {
+ switch (va_arg(args, builder_part_t))
+ {
+ case BUILD_PKCS11_KEYID:
+ keyid = va_arg(args, chunk_t);
+ continue;
+ case BUILD_PKCS11_SLOT:
+ slot = va_arg(args, int);
+ continue;
+ case BUILD_PKCS11_MODULE:
+ module = va_arg(args, char*);
+ continue;
+ case BUILD_END:
+ break;
+ default:
+ return NULL;
+ }
+ break;
+ }
+ if (!keyid.len)
+ {
+ return NULL;
+ }
+
+ manager = lib->get(lib, "pkcs11-manager");
+ if (!manager)
+ {
+ return NULL;
+ }
+ enumerator = manager->create_token_enumerator(manager);
+ while (enumerator->enumerate(enumerator, &p11, &current))
+ {
+ CK_OBJECT_CLASS class = CKO_CERTIFICATE;
+ CK_CERTIFICATE_TYPE type = CKC_X_509;
+ CK_ATTRIBUTE tmpl[] = {
+ {CKA_CLASS, &class, sizeof(class)},
+ {CKA_CERTIFICATE_TYPE, &type, sizeof(type)},
+ {CKA_ID, keyid.ptr, keyid.len},
+ };
+ CK_ATTRIBUTE attr[] = {
+ {CKA_VALUE, NULL, 0},
+ };
+ CK_OBJECT_HANDLE object;
+ CK_SESSION_HANDLE session;
+ CK_RV rv;
+
+ if (slot != -1 && slot != current)
+ {
+ continue;
+ }
+ if (module && !streq(module, p11->get_name(p11)))
+ {
+ continue;
+ }
+
+ rv = p11->f->C_OpenSession(current, CKF_SERIAL_SESSION, NULL, NULL,
+ &session);
+ if (rv != CKR_OK)
+ {
+ DBG1(DBG_CFG, "opening PKCS#11 session failed: %N", ck_rv_names, rv);
+ continue;
+ }
+ certs = p11->create_object_enumerator(p11, session,
+ tmpl, countof(tmpl), attr, countof(attr));
+ if (certs->enumerate(certs, &object))
+ {
+ data = chunk_clone(chunk_create(attr[0].pValue, attr[0].ulValueLen));
+ }
+ certs->destroy(certs);
+ p11->f->C_CloseSession(session);
+
+ if (data.ptr)
+ {
+ break;
+ }
+ }
+ enumerator->destroy(enumerator);
+
+ if (data.ptr)
+ {
+ cert = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509,
+ BUILD_BLOB_ASN1_DER, data, BUILD_END);
+ free(data.ptr);
+ if (!cert)
+ {
+ DBG1(DBG_CFG, "parsing PKCS#11 certificate %#B failed", &keyid);
+ }
+ }
+ else
+ {
+ DBG1(DBG_CFG, "PKCS#11 certificate %#B not found", &keyid);
+ }
+ return cert;
+}
diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_creds.h b/src/libstrongswan/plugins/pkcs11/pkcs11_creds.h
index c40a8dea6..a5a042397 100644
--- a/src/libstrongswan/plugins/pkcs11/pkcs11_creds.h
+++ b/src/libstrongswan/plugins/pkcs11/pkcs11_creds.h
@@ -65,4 +65,16 @@ struct pkcs11_creds_t {
*/
pkcs11_creds_t *pkcs11_creds_create(pkcs11_library_t *p11, CK_SLOT_ID slot);
+/**
+ * Load a specific certificate from a token.
+ *
+ * Requires a BUILD_PKCS11_KEYID argument, and optionally BUILD_PKCS11_MODULE
+ * and/or BUILD_PKCS11_SLOT.
+ *
+ * @param type certificate type, must be CERT_X509
+ * @param args variable argument list, containing BUILD_PKCS11_KEYID.
+ * @return loaded certificate, or NULL on failure
+ */
+certificate_t *pkcs11_creds_load(certificate_type_t type, va_list args);
+
#endif /** PKCS11_CREDS_H_ @}*/
diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_dh.c b/src/libstrongswan/plugins/pkcs11/pkcs11_dh.c
index c870370c8..2e5af95ff 100644
--- a/src/libstrongswan/plugins/pkcs11/pkcs11_dh.c
+++ b/src/libstrongswan/plugins/pkcs11/pkcs11_dh.c
@@ -15,7 +15,7 @@
#include "pkcs11_dh.h"
-#include <debug.h>
+#include <utils/debug.h>
#include <library.h>
#include <asn1/asn1.h>
#include <asn1/oid.h>
diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_hasher.c b/src/libstrongswan/plugins/pkcs11/pkcs11_hasher.c
index 53a2bfca7..80079b9a9 100644
--- a/src/libstrongswan/plugins/pkcs11/pkcs11_hasher.c
+++ b/src/libstrongswan/plugins/pkcs11/pkcs11_hasher.c
@@ -17,7 +17,7 @@
#include <unistd.h>
-#include <debug.h>
+#include <utils/debug.h>
#include <threading/mutex.h>
#include "pkcs11_manager.h"
diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_library.c b/src/libstrongswan/plugins/pkcs11/pkcs11_library.c
index 97c3d2fcf..7661473b1 100644
--- a/src/libstrongswan/plugins/pkcs11/pkcs11_library.c
+++ b/src/libstrongswan/plugins/pkcs11/pkcs11_library.c
@@ -21,9 +21,9 @@
#include <dlfcn.h>
#include <library.h>
-#include <debug.h>
+#include <utils/debug.h>
#include <threading/mutex.h>
-#include <utils/linked_list.h>
+#include <collections/linked_list.h>
typedef struct private_pkcs11_library_t private_pkcs11_library_t;
@@ -895,6 +895,7 @@ METHOD(pkcs11_library_t, destroy, void,
{
this->public.f->C_Finalize(NULL);
dlclose(this->handle);
+ free(this->name);
free(this);
}
@@ -1077,7 +1078,7 @@ pkcs11_library_t *pkcs11_library_create(char *name, char *file, bool os_locking)
.get_ck_attribute = _get_ck_attribute,
.destroy = _destroy,
},
- .name = name,
+ .name = strdup(name),
.handle = dlopen(file, RTLD_LAZY),
);
diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_library.h b/src/libstrongswan/plugins/pkcs11/pkcs11_library.h
index e76e65e07..abd99ed5f 100644
--- a/src/libstrongswan/plugins/pkcs11/pkcs11_library.h
+++ b/src/libstrongswan/plugins/pkcs11/pkcs11_library.h
@@ -29,9 +29,9 @@ typedef struct pkcs11_library_t pkcs11_library_t;
#include "pkcs11.h"
-#include <enum.h>
-#include <chunk.h>
-#include <utils/enumerator.h>
+#include <utils/enum.h>
+#include <utils/chunk.h>
+#include <collections/enumerator.h>
/**
* Optional PKCS#11 features some libraries support, some not
@@ -161,7 +161,7 @@ void pkcs11_library_trim(char *str, int len);
/**
* Create a pkcs11_library instance.
*
- * @param name an arbitrary name, for debugging
+ * @param name an arbitrary name (for debugging), cloned
* @param file pkcs11 library file to dlopen()
* @param os_lock enforce OS Locking for this library
* @return library abstraction
diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_manager.c b/src/libstrongswan/plugins/pkcs11/pkcs11_manager.c
index 83c383671..8bda5b66f 100644
--- a/src/libstrongswan/plugins/pkcs11/pkcs11_manager.c
+++ b/src/libstrongswan/plugins/pkcs11/pkcs11_manager.c
@@ -15,8 +15,8 @@
#include "pkcs11_manager.h"
-#include <debug.h>
-#include <utils/linked_list.h>
+#include <utils/debug.h>
+#include <collections/linked_list.h>
#include <threading/thread.h>
#include "pkcs11_library.h"
diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_plugin.c b/src/libstrongswan/plugins/pkcs11/pkcs11_plugin.c
index 183fce53a..9afaf123a 100644
--- a/src/libstrongswan/plugins/pkcs11/pkcs11_plugin.c
+++ b/src/libstrongswan/plugins/pkcs11/pkcs11_plugin.c
@@ -19,8 +19,8 @@
#include "pkcs11_plugin.h"
#include <library.h>
-#include <debug.h>
-#include <utils/linked_list.h>
+#include <utils/debug.h>
+#include <collections/linked_list.h>
#include <threading/mutex.h>
#include <threading/rwlock.h>
@@ -82,13 +82,18 @@ static void token_event_cb(private_pkcs11_plugin_t *this, pkcs11_library_t *p11,
this->handle_events_lock->read_lock(this->handle_events_lock);
if (add && this->handle_events)
{
- creds = pkcs11_creds_create(p11, slot);
- if (creds)
+ if (lib->settings->get_bool(lib->settings,
+ "libstrongswan.plugins.pkcs11.modules.%s.load_certs",
+ TRUE, p11->get_name(p11)))
{
- this->mutex->lock(this->mutex);
- this->creds->insert_last(this->creds, creds);
- this->mutex->unlock(this->mutex);
- lib->credmgr->add_set(lib->credmgr, &creds->set);
+ creds = pkcs11_creds_create(p11, slot);
+ if (creds)
+ {
+ this->mutex->lock(this->mutex);
+ this->creds->insert_last(this->creds, creds);
+ this->mutex->unlock(this->mutex);
+ lib->credmgr->add_set(lib->credmgr, &creds->set);
+ }
}
}
else if (this->handle_events)
@@ -147,6 +152,9 @@ static bool handle_certs(private_pkcs11_plugin_t *this,
token_event_cb(this, p11, slot, TRUE);
}
enumerator->destroy(enumerator);
+
+ lib->creds->add_builder(lib->creds, CRED_CERTIFICATE,
+ CERT_X509, FALSE, (void*)pkcs11_creds_load);
}
else
{
@@ -157,9 +165,26 @@ static bool handle_certs(private_pkcs11_plugin_t *this,
lib->credmgr->remove_set(lib->credmgr, &creds->set);
creds->destroy(creds);
}
+
+ lib->creds->remove_builder(lib->creds, (void*)pkcs11_creds_load);
}
return TRUE;
}
+
+METHOD(plugin_t, reload, bool,
+ private_pkcs11_plugin_t *this)
+{
+ if (lib->settings->get_bool(lib->settings,
+ "libstrongswan.plugins.pkcs11.reload_certs", FALSE))
+ {
+ DBG1(DBG_CFG, "reloading certificates from PKCS#11 tokens");
+ handle_certs(this, NULL, FALSE, NULL);
+ handle_certs(this, NULL, TRUE, NULL);
+ return TRUE;
+ }
+ return FALSE;
+}
+
/**
* Add a set of features
*/
@@ -292,6 +317,7 @@ plugin_t *pkcs11_plugin_create()
.plugin = {
.get_name = _get_name,
.get_features = _get_features,
+ .reload = _reload,
.destroy = _destroy,
},
},
diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_private_key.c b/src/libstrongswan/plugins/pkcs11/pkcs11_private_key.c
index f7f7d3f79..bb9cc7a21 100644
--- a/src/libstrongswan/plugins/pkcs11/pkcs11_private_key.c
+++ b/src/libstrongswan/plugins/pkcs11/pkcs11_private_key.c
@@ -20,8 +20,9 @@
#include "pkcs11_library.h"
#include "pkcs11_manager.h"
+#include "pkcs11_public_key.h"
-#include <debug.h>
+#include <utils/debug.h>
typedef struct private_pkcs11_private_key_t private_pkcs11_private_key_t;
@@ -81,12 +82,6 @@ struct private_pkcs11_private_key_t {
key_type_t type;
};
-/**
- * Implemented in pkcs11_public_key.c
- */
-public_key_t *pkcs11_public_key_connect(pkcs11_library_t *p11,
- int slot, key_type_t type, chunk_t keyid);
-
METHOD(private_key_t, get_type, key_type_t,
private_pkcs11_private_key_t *this)
@@ -420,7 +415,8 @@ static pkcs11_library_t* find_lib(char *module)
/**
* Find the PKCS#11 lib having a keyid, and optionally a slot
*/
-static pkcs11_library_t* find_lib_by_keyid(chunk_t keyid, int *slot)
+static pkcs11_library_t* find_lib_by_keyid(chunk_t keyid, int *slot,
+ CK_OBJECT_CLASS class)
{
pkcs11_manager_t *manager;
enumerator_t *enumerator;
@@ -437,8 +433,7 @@ static pkcs11_library_t* find_lib_by_keyid(chunk_t keyid, int *slot)
{
if (*slot == -1 || *slot == current)
{
- /* we look for a public key, it is usually readable without login */
- CK_OBJECT_CLASS class = CKO_PUBLIC_KEY;
+ /* look for a pubkey/cert, it is usually readable without login */
CK_ATTRIBUTE tmpl[] = {
{CKA_CLASS, &class, sizeof(class)},
{CKA_ID, keyid.ptr, keyid.len},
@@ -577,6 +572,50 @@ static bool login(private_pkcs11_private_key_t *this, int slot)
}
/**
+ * Get a public key from a certificate with a given key ID.
+ */
+static public_key_t* find_pubkey_in_certs(private_pkcs11_private_key_t *this,
+ chunk_t keyid)
+{
+ CK_OBJECT_CLASS class = CKO_CERTIFICATE;
+ CK_CERTIFICATE_TYPE type = CKC_X_509;
+ CK_ATTRIBUTE tmpl[] = {
+ {CKA_CLASS, &class, sizeof(class)},
+ {CKA_CERTIFICATE_TYPE, &type, sizeof(type)},
+ {CKA_ID, keyid.ptr, keyid.len},
+ };
+ CK_OBJECT_HANDLE object;
+ CK_ATTRIBUTE attr[] = {
+ {CKA_VALUE, NULL, 0},
+ };
+ enumerator_t *enumerator;
+ chunk_t data = chunk_empty;
+ public_key_t *key = NULL;
+ certificate_t *cert;
+
+ enumerator = this->lib->create_object_enumerator(this->lib, this->session,
+ tmpl, countof(tmpl), attr, countof(attr));
+ if (enumerator->enumerate(enumerator, &object))
+ {
+ data = chunk_clone(chunk_create(attr[0].pValue, attr[0].ulValueLen));
+ }
+ enumerator->destroy(enumerator);
+
+ if (data.ptr)
+ {
+ cert = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509,
+ BUILD_BLOB_ASN1_DER, data, BUILD_END);
+ free(data.ptr);
+ if (cert)
+ {
+ key = cert->get_public_key(cert);
+ cert->destroy(cert);
+ }
+ }
+ return key;
+}
+
+/**
* See header.
*/
pkcs11_private_key_t *pkcs11_private_key_connect(key_type_t type, va_list args)
@@ -644,7 +683,11 @@ pkcs11_private_key_t *pkcs11_private_key_connect(key_type_t type, va_list args)
}
else
{
- this->lib = find_lib_by_keyid(keyid, &slot);
+ this->lib = find_lib_by_keyid(keyid, &slot, CKO_PUBLIC_KEY);
+ if (!this->lib)
+ {
+ this->lib = find_lib_by_keyid(keyid, &slot, CKO_CERTIFICATE);
+ }
if (!this->lib)
{
DBG1(DBG_CFG, "no PKCS#11 module found having a keyid %#B", &keyid);
@@ -678,12 +721,17 @@ pkcs11_private_key_t *pkcs11_private_key_connect(key_type_t type, va_list args)
return NULL;
}
- this->pubkey = pkcs11_public_key_connect(this->lib, slot, this->type,
- keyid);
+ this->pubkey = pkcs11_public_key_connect(this->lib, slot, this->type, keyid);
if (!this->pubkey)
{
- destroy(this);
- return NULL;
+ this->pubkey = find_pubkey_in_certs(this, keyid);
+ if (!this->pubkey)
+ {
+ DBG1(DBG_CFG, "no public key or certificate found for private key "
+ "on '%s':%d", module, slot);
+ destroy(this);
+ return NULL;
+ }
}
return &this->public;
diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_public_key.c b/src/libstrongswan/plugins/pkcs11/pkcs11_public_key.c
index f0d7093db..0302c0edd 100644
--- a/src/libstrongswan/plugins/pkcs11/pkcs11_public_key.c
+++ b/src/libstrongswan/plugins/pkcs11/pkcs11_public_key.c
@@ -25,7 +25,7 @@
#include <asn1/oid.h>
#include <asn1/asn1.h>
#include <asn1/asn1_parser.h>
-#include <debug.h>
+#include <utils/debug.h>
typedef struct private_pkcs11_public_key_t private_pkcs11_public_key_t;
@@ -882,20 +882,10 @@ static private_pkcs11_public_key_t *find_key_by_keyid(pkcs11_library_t *p11,
}
/**
- * Find a public key on the given token with a specific keyid.
- *
- * Used by pkcs11_private_key_t.
- *
- * TODO: if no public key is found, we should perhaps search for a certificate
- * with the given keyid and extract the key from there
- *
- * @param p11 PKCS#11 module
- * @param slot slot id
- * @param type type of the key
- * @param keyid key id
+ * See header.
*/
-pkcs11_public_key_t *pkcs11_public_key_connect(pkcs11_library_t *p11,
- int slot, key_type_t type, chunk_t keyid)
+public_key_t *pkcs11_public_key_connect(pkcs11_library_t *p11, int slot,
+ key_type_t type, chunk_t keyid)
{
private_pkcs11_public_key_t *this;
@@ -904,5 +894,5 @@ pkcs11_public_key_t *pkcs11_public_key_connect(pkcs11_library_t *p11,
{
return NULL;
}
- return &this->public;
+ return &this->public.key;
}
diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_public_key.h b/src/libstrongswan/plugins/pkcs11/pkcs11_public_key.h
index b3ea725a2..4585e736e 100644
--- a/src/libstrongswan/plugins/pkcs11/pkcs11_public_key.h
+++ b/src/libstrongswan/plugins/pkcs11/pkcs11_public_key.h
@@ -26,6 +26,8 @@ typedef struct pkcs11_public_key_t pkcs11_public_key_t;
#include <credentials/builder.h>
#include <credentials/keys/private_key.h>
+#include "pkcs11_library.h"
+
/**
* PKCS#11 based public key implementation.
*/
@@ -46,4 +48,15 @@ struct pkcs11_public_key_t {
*/
pkcs11_public_key_t *pkcs11_public_key_load(key_type_t type, va_list args);
+/**
+ * Find a public key on the given token with a specific keyid.
+ *
+ * @param p11 PKCS#11 module
+ * @param slot slot id
+ * @param type type of the key
+ * @param keyid key id
+ */
+public_key_t *pkcs11_public_key_connect(pkcs11_library_t *p11, int slot,
+ key_type_t type, chunk_t keyid);
+
#endif /** PKCS11_PUBLIC_KEY_H_ @}*/
diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_rng.c b/src/libstrongswan/plugins/pkcs11/pkcs11_rng.c
index 20e4b6f76..d18028b45 100644
--- a/src/libstrongswan/plugins/pkcs11/pkcs11_rng.c
+++ b/src/libstrongswan/plugins/pkcs11/pkcs11_rng.c
@@ -15,7 +15,7 @@
#include "pkcs11_rng.h"
-#include <debug.h>
+#include <utils/debug.h>
#include "pkcs11_manager.h"
diff --git a/src/libstrongswan/plugins/pkcs7/Makefile.am b/src/libstrongswan/plugins/pkcs7/Makefile.am
new file mode 100644
index 000000000..6310daece
--- /dev/null
+++ b/src/libstrongswan/plugins/pkcs7/Makefile.am
@@ -0,0 +1,20 @@
+
+INCLUDES = -I$(top_srcdir)/src/libstrongswan
+
+AM_CFLAGS = -rdynamic
+
+if MONOLITHIC
+noinst_LTLIBRARIES = libstrongswan-pkcs7.la
+else
+plugin_LTLIBRARIES = libstrongswan-pkcs7.la
+endif
+
+libstrongswan_pkcs7_la_SOURCES = \
+ pkcs7_generic.h pkcs7_generic.c \
+ pkcs7_signed_data.h pkcs7_signed_data.c \
+ pkcs7_enveloped_data.h pkcs7_enveloped_data.c \
+ pkcs7_data.h pkcs7_data.c \
+ pkcs7_attributes.h pkcs7_attributes.c \
+ pkcs7_plugin.h pkcs7_plugin.c
+
+libstrongswan_pkcs7_la_LDFLAGS = -module -avoid-version
diff --git a/src/libstrongswan/plugins/pkcs7/Makefile.in b/src/libstrongswan/plugins/pkcs7/Makefile.in
new file mode 100644
index 000000000..ef45de39d
--- /dev/null
+++ b/src/libstrongswan/plugins/pkcs7/Makefile.in
@@ -0,0 +1,641 @@
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+subdir = src/libstrongswan/plugins/pkcs7
+DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
+ $(top_srcdir)/m4/config/ltoptions.m4 \
+ $(top_srcdir)/m4/config/ltsugar.m4 \
+ $(top_srcdir)/m4/config/ltversion.m4 \
+ $(top_srcdir)/m4/config/lt~obsolete.m4 \
+ $(top_srcdir)/m4/macros/with.m4 \
+ $(top_srcdir)/m4/macros/enable-disable.m4 \
+ $(top_srcdir)/m4/macros/add-plugin.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+CONFIG_CLEAN_VPATH_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`;
+am__install_max = 40
+am__nobase_strip_setup = \
+ srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'`
+am__nobase_strip = \
+ for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||"
+am__nobase_list = $(am__nobase_strip_setup); \
+ for p in $$list; do echo "$$p $$p"; done | \
+ sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \
+ $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \
+ if (++n[$$2] == $(am__install_max)) \
+ { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \
+ END { for (dir in files) print dir, files[dir] }'
+am__base_list = \
+ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
+ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
+am__installdirs = "$(DESTDIR)$(plugindir)"
+LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
+libstrongswan_pkcs7_la_LIBADD =
+am_libstrongswan_pkcs7_la_OBJECTS = pkcs7_generic.lo \
+ pkcs7_signed_data.lo pkcs7_enveloped_data.lo pkcs7_data.lo \
+ pkcs7_attributes.lo pkcs7_plugin.lo
+libstrongswan_pkcs7_la_OBJECTS = $(am_libstrongswan_pkcs7_la_OBJECTS)
+libstrongswan_pkcs7_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
+ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+ $(libstrongswan_pkcs7_la_LDFLAGS) $(LDFLAGS) -o $@
+@MONOLITHIC_FALSE@am_libstrongswan_pkcs7_la_rpath = -rpath \
+@MONOLITHIC_FALSE@ $(plugindir)
+@MONOLITHIC_TRUE@am_libstrongswan_pkcs7_la_rpath =
+DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+am__mv = mv -f
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = $(libstrongswan_pkcs7_la_SOURCES)
+DIST_SOURCES = $(libstrongswan_pkcs7_la_SOURCES)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+ALLOCA = @ALLOCA@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BFDLIB = @BFDLIB@
+BTLIB = @BTLIB@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DLLIB = @DLLIB@
+DLLTOOL = @DLLTOOL@
+DSYMUTIL = @DSYMUTIL@
+DUMPBIN = @DUMPBIN@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+FGREP = @FGREP@
+GPERF = @GPERF@
+GREP = @GREP@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+LD = @LD@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBOBJS = @LIBOBJS@
+LIBS = @LIBS@
+LIBTOOL = @LIBTOOL@
+LIPO = @LIPO@
+LN_S = @LN_S@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
+MKDIR_P = @MKDIR_P@
+MYSQLCFLAG = @MYSQLCFLAG@
+MYSQLCONFIG = @MYSQLCONFIG@
+MYSQLLIB = @MYSQLLIB@
+NM = @NM@
+NMEDIT = @NMEDIT@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PERL = @PERL@
+PKG_CONFIG = @PKG_CONFIG@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
+PTHREADLIB = @PTHREADLIB@
+RANLIB = @RANLIB@
+RTLIB = @RTLIB@
+RUBY = @RUBY@
+RUBYINCLUDE = @RUBYINCLUDE@
+RUBYLIB = @RUBYLIB@
+SED = @SED@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+SOCKLIB = @SOCKLIB@
+STRIP = @STRIP@
+VERSION = @VERSION@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+attest_plugins = @attest_plugins@
+axis2c_CFLAGS = @axis2c_CFLAGS@
+axis2c_LIBS = @axis2c_LIBS@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+c_plugins = @c_plugins@
+charon_natt_port = @charon_natt_port@
+charon_plugins = @charon_plugins@
+charon_udp_port = @charon_udp_port@
+clearsilver_LIBS = @clearsilver_LIBS@
+datadir = @datadir@
+datarootdir = @datarootdir@
+dbusservicedir = @dbusservicedir@
+dev_headers = @dev_headers@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+gtk_CFLAGS = @gtk_CFLAGS@
+gtk_LIBS = @gtk_LIBS@
+h_plugins = @h_plugins@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+imcvdir = @imcvdir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+ipsec_script = @ipsec_script@
+ipsec_script_upper = @ipsec_script_upper@
+ipsecdir = @ipsecdir@
+ipsecgroup = @ipsecgroup@
+ipseclibdir = @ipseclibdir@
+ipsecuser = @ipsecuser@
+libdir = @libdir@
+libexecdir = @libexecdir@
+linux_headers = @linux_headers@
+localedir = @localedir@
+localstatedir = @localstatedir@
+maemo_CFLAGS = @maemo_CFLAGS@
+maemo_LIBS = @maemo_LIBS@
+manager_plugins = @manager_plugins@
+mandir = @mandir@
+medsrv_plugins = @medsrv_plugins@
+mkdir_p = @mkdir_p@
+nm_CFLAGS = @nm_CFLAGS@
+nm_LIBS = @nm_LIBS@
+nm_ca_dir = @nm_ca_dir@
+nm_plugins = @nm_plugins@
+oldincludedir = @oldincludedir@
+openac_plugins = @openac_plugins@
+p_plugins = @p_plugins@
+pcsclite_CFLAGS = @pcsclite_CFLAGS@
+pcsclite_LIBS = @pcsclite_LIBS@
+pdfdir = @pdfdir@
+piddir = @piddir@
+pki_plugins = @pki_plugins@
+plugindir = @plugindir@
+pool_plugins = @pool_plugins@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+random_device = @random_device@
+resolv_conf = @resolv_conf@
+routing_table = @routing_table@
+routing_table_prio = @routing_table_prio@
+s_plugins = @s_plugins@
+sbindir = @sbindir@
+scepclient_plugins = @scepclient_plugins@
+scripts_plugins = @scripts_plugins@
+sharedstatedir = @sharedstatedir@
+soup_CFLAGS = @soup_CFLAGS@
+soup_LIBS = @soup_LIBS@
+srcdir = @srcdir@
+starter_plugins = @starter_plugins@
+strongswan_conf = @strongswan_conf@
+sysconfdir = @sysconfdir@
+systemdsystemunitdir = @systemdsystemunitdir@
+target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+urandom_device = @urandom_device@
+xml_CFLAGS = @xml_CFLAGS@
+xml_LIBS = @xml_LIBS@
+INCLUDES = -I$(top_srcdir)/src/libstrongswan
+AM_CFLAGS = -rdynamic
+@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-pkcs7.la
+@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-pkcs7.la
+libstrongswan_pkcs7_la_SOURCES = \
+ pkcs7_generic.h pkcs7_generic.c \
+ pkcs7_signed_data.h pkcs7_signed_data.c \
+ pkcs7_enveloped_data.h pkcs7_enveloped_data.c \
+ pkcs7_data.h pkcs7_data.c \
+ pkcs7_attributes.h pkcs7_attributes.c \
+ pkcs7_plugin.h pkcs7_plugin.c
+
+libstrongswan_pkcs7_la_LDFLAGS = -module -avoid-version
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+ && { if test -f $@; then exit 0; else break; fi; }; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/pkcs7/Makefile'; \
+ $(am__cd) $(top_srcdir) && \
+ $(AUTOMAKE) --gnu src/libstrongswan/plugins/pkcs7/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):
+
+clean-noinstLTLIBRARIES:
+ -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES)
+ @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)"
+ @list='$(plugin_LTLIBRARIES)'; test -n "$(plugindir)" || list=; \
+ list2=; for p in $$list; do \
+ if test -f $$p; then \
+ list2="$$list2 $$p"; \
+ else :; fi; \
+ done; \
+ test -z "$$list2" || { \
+ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(plugindir)'"; \
+ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(plugindir)"; \
+ }
+
+uninstall-pluginLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(plugin_LTLIBRARIES)'; test -n "$(plugindir)" || list=; \
+ for p in $$list; do \
+ $(am__strip_dir) \
+ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(plugindir)/$$f'"; \
+ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(plugindir)/$$f"; \
+ done
+
+clean-pluginLTLIBRARIES:
+ -test -z "$(plugin_LTLIBRARIES)" || rm -f $(plugin_LTLIBRARIES)
+ @list='$(plugin_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+libstrongswan-pkcs7.la: $(libstrongswan_pkcs7_la_OBJECTS) $(libstrongswan_pkcs7_la_DEPENDENCIES) $(EXTRA_libstrongswan_pkcs7_la_DEPENDENCIES)
+ $(libstrongswan_pkcs7_la_LINK) $(am_libstrongswan_pkcs7_la_rpath) $(libstrongswan_pkcs7_la_OBJECTS) $(libstrongswan_pkcs7_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pkcs7_attributes.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pkcs7_data.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pkcs7_enveloped_data.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pkcs7_generic.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pkcs7_plugin.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pkcs7_signed_data.Plo@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
+ END { if (nonempty) { for (i in files) print i; }; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ set x; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
+ END { if (nonempty) { for (i in files) print i; }; }'`; \
+ shift; \
+ if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ if test $$# -gt 0; then \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ "$$@" $$unique; \
+ else \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$unique; \
+ fi; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
+ END { if (nonempty) { for (i in files) print i; }; }'`; \
+ test -z "$(CTAGS_ARGS)$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && $(am__cd) $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) "$$here"
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d "$(distdir)/$$file"; then \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+ else \
+ test -f "$(distdir)/$$file" \
+ || cp -p $$d/$$file "$(distdir)/$$file" \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+check: check-am
+all-am: Makefile $(LTLIBRARIES)
+installdirs:
+ for dir in "$(DESTDIR)$(plugindir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+ -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \
+ clean-pluginLTLIBRARIES mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+html-am:
+
+info: info-am
+
+info-am:
+
+install-data-am: install-pluginLTLIBRARIES
+
+install-dvi: install-dvi-am
+
+install-dvi-am:
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-html-am:
+
+install-info: install-info-am
+
+install-info-am:
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-pdf-am:
+
+install-ps: install-ps-am
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-pluginLTLIBRARIES
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
+ clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \
+ ctags distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-pdf install-pdf-am \
+ install-pluginLTLIBRARIES install-ps install-ps-am \
+ install-strip installcheck installcheck-am installdirs \
+ maintainer-clean maintainer-clean-generic mostlyclean \
+ mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
+ pdf pdf-am ps ps-am tags uninstall uninstall-am \
+ uninstall-pluginLTLIBRARIES
+
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/src/libstrongswan/plugins/pkcs7/pkcs7_attributes.c b/src/libstrongswan/plugins/pkcs7/pkcs7_attributes.c
new file mode 100644
index 000000000..ca6899786
--- /dev/null
+++ b/src/libstrongswan/plugins/pkcs7/pkcs7_attributes.c
@@ -0,0 +1,273 @@
+/*
+ * Copyright (C) 2012 Tobias Brunner
+ * Copyright (C) 2008 Andreas Steffen
+ * Hochschule fuer Technik Rapperswil, Switzerland
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include <library.h>
+#include <utils/debug.h>
+
+#include <asn1/oid.h>
+#include <asn1/asn1.h>
+#include <asn1/asn1_parser.h>
+#include <collections/linked_list.h>
+
+#include "pkcs7_attributes.h"
+
+typedef struct private_pkcs7_attributes_t private_pkcs7_attributes_t;
+typedef struct attribute_t attribute_t;
+
+/**
+ * Private data of a pkcs7_attributes_t attribute list.
+ */
+struct private_pkcs7_attributes_t {
+ /**
+ * Public interface
+ */
+ pkcs7_attributes_t public;
+
+ /**
+ * DER encoding of PKCS#9 attributes
+ */
+ chunk_t encoding;
+
+ /**
+ * Linked list of PKCS#9 attributes
+ */
+ linked_list_t *attributes;
+};
+
+/**
+ * Definition of an attribute_t object.
+ */
+struct attribute_t {
+
+ /**
+ * Object Identifier (OID)
+ */
+ int oid;
+
+ /**
+ * Attribute value
+ */
+ chunk_t value;
+
+ /**
+ * ASN.1 encoding
+ */
+ chunk_t encoding;
+};
+
+/**
+ * Destroy an attribute_t object.
+ */
+static void attribute_destroy(attribute_t *this)
+{
+ free(this->value.ptr);
+ free(this);
+}
+
+/**
+ * Create an attribute_t object.
+ */
+static attribute_t *attribute_create(int oid, chunk_t value)
+{
+ attribute_t *this;
+
+ INIT(this,
+ .oid = oid,
+ .value = chunk_clone(value),
+ );
+
+ return this;
+}
+
+/**
+ * Build encoding of the attribute list
+ */
+static void build_encoding(private_pkcs7_attributes_t *this)
+{
+ enumerator_t *enumerator;
+ attribute_t *attribute;
+ u_int len = 0, count, i = 0;
+ chunk_t *chunks;
+ u_char *pos;
+
+ count = this->attributes->get_count(this->attributes);
+ chunks = malloc(sizeof(chunk_t) * count);
+
+ enumerator = this->attributes->create_enumerator(this->attributes);
+ while (enumerator->enumerate(enumerator, &attribute))
+ {
+ chunks[i] = asn1_wrap(ASN1_SEQUENCE, "mm",
+ asn1_build_known_oid(attribute->oid),
+ asn1_wrap(ASN1_SET, "c", attribute->value));
+ len += chunks[i].len;
+ i++;
+ }
+ enumerator->destroy(enumerator);
+
+ pos = asn1_build_object(&this->encoding, ASN1_SET, len);
+ for (i = 0; i < count; i++)
+ {
+ memcpy(pos, chunks[i].ptr, chunks[i].len);
+ pos += chunks[i].len;
+ free(chunks[i].ptr);
+ }
+ free(chunks);
+}
+
+METHOD(pkcs7_attributes_t, get_encoding, chunk_t,
+ private_pkcs7_attributes_t *this)
+{
+ if (!this->encoding.len)
+ {
+ build_encoding(this);
+ }
+ return this->encoding;
+}
+
+METHOD(pkcs7_attributes_t, get_attribute, chunk_t,
+ private_pkcs7_attributes_t *this, int oid)
+{
+ enumerator_t *enumerator;
+ chunk_t value = chunk_empty;
+ attribute_t *attribute;
+
+ enumerator = this->attributes->create_enumerator(this->attributes);
+ while (enumerator->enumerate(enumerator, &attribute))
+ {
+ if (attribute->oid == oid)
+ {
+ value = attribute->value;
+ break;
+ }
+ }
+ enumerator->destroy(enumerator);
+ if (value.len && asn1_unwrap(&value, &value) != ASN1_INVALID)
+ {
+ return value;
+ }
+ return chunk_empty;
+}
+
+METHOD(pkcs7_attributes_t, add_attribute, void,
+ private_pkcs7_attributes_t *this, int oid, chunk_t value)
+{
+ this->attributes->insert_last(this->attributes,
+ attribute_create(oid, value));
+ chunk_free(&value);
+
+ /* rebuild encoding when adding attributes */
+ chunk_free(&this->encoding);
+}
+
+METHOD(pkcs7_attributes_t, destroy, void,
+ private_pkcs7_attributes_t *this)
+{
+ this->attributes->destroy_function(this->attributes,
+ (void*)attribute_destroy);
+ free(this->encoding.ptr);
+ free(this);
+}
+
+/*
+ * Described in header.
+ */
+pkcs7_attributes_t *pkcs7_attributes_create(void)
+{
+ private_pkcs7_attributes_t *this;
+
+ INIT(this,
+ .public = {
+ .get_encoding = _get_encoding,
+ .get_attribute = _get_attribute,
+ .add_attribute = _add_attribute,
+ .destroy = _destroy,
+ },
+ .attributes = linked_list_create(),
+ );
+
+ return &this->public;
+}
+
+/**
+ * ASN.1 definition of the X.501 atttribute type
+ */
+static const asn1Object_t attributesObjects[] = {
+ { 0, "attributes", ASN1_SET, ASN1_LOOP }, /* 0 */
+ { 1, "attribute", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
+ { 2, "type", ASN1_OID, ASN1_BODY }, /* 2 */
+ { 2, "values", ASN1_SET, ASN1_LOOP }, /* 3 */
+ { 3, "value", ASN1_EOC, ASN1_RAW }, /* 4 */
+ { 2, "end loop", ASN1_EOC, ASN1_END }, /* 5 */
+ { 0, "end loop", ASN1_EOC, ASN1_END }, /* 6 */
+ { 0, "exit", ASN1_EOC, ASN1_EXIT }
+};
+#define ATTRIBUTE_OBJ_TYPE 2
+#define ATTRIBUTE_OBJ_VALUE 4
+
+/**
+ * Parse a PKCS#9 attribute list
+ */
+static bool parse_attributes(chunk_t chunk, int level0,
+ private_pkcs7_attributes_t* this)
+{
+ asn1_parser_t *parser;
+ chunk_t object;
+ int objectID;
+ int oid = OID_UNKNOWN;
+ bool success = FALSE;
+
+ parser = asn1_parser_create(attributesObjects, chunk);
+ parser->set_top_level(parser, level0);
+
+ while (parser->iterate(parser, &objectID, &object))
+ {
+ switch (objectID)
+ {
+ case ATTRIBUTE_OBJ_TYPE:
+ oid = asn1_known_oid(object);
+ break;
+ case ATTRIBUTE_OBJ_VALUE:
+ if (oid != OID_UNKNOWN)
+ {
+ this->attributes->insert_last(this->attributes,
+ attribute_create(oid, object));
+ }
+ break;
+ }
+ }
+ success = parser->success(parser);
+
+ parser->destroy(parser);
+ return success;
+}
+
+ /*
+ * Described in header.
+ */
+pkcs7_attributes_t *pkcs7_attributes_create_from_chunk(chunk_t chunk,
+ u_int level)
+{
+ private_pkcs7_attributes_t *this;
+
+ this = (private_pkcs7_attributes_t*)pkcs7_attributes_create();
+ this->encoding = chunk_clone(chunk);
+ if (!parse_attributes(chunk, level, this))
+ {
+ destroy(this);
+ return NULL;
+ }
+ return &this->public;
+}
diff --git a/src/libstrongswan/crypto/pkcs9.h b/src/libstrongswan/plugins/pkcs7/pkcs7_attributes.h
index c442d4441..d5f6156a1 100644
--- a/src/libstrongswan/crypto/pkcs9.h
+++ b/src/libstrongswan/plugins/pkcs7/pkcs7_attributes.h
@@ -15,78 +15,65 @@
*/
/**
- * @defgroup pkcs9 pkcs9
- * @{ @ingroup crypto
+ * @defgroup pkcs7_attributes pkcs7_attributes
+ * @{ @ingroup pkcs7p
*/
-#ifndef PKCS9_H_
-#define PKCS9_H_
+#ifndef PKCS7_ATTRIBUTES_H_
+#define PKCS7_ATTRIBUTES_H_
-typedef struct pkcs9_t pkcs9_t;
+typedef struct pkcs7_attributes_t pkcs7_attributes_t;
#include <library.h>
/**
- * PKCS#9 attributes.
+ * PKCS#7 attribute lists, aka PKCS#9.
*/
-struct pkcs9_t {
+struct pkcs7_attributes_t {
/**
- * Generate ASN.1 encoding of attribute list
- */
- void (*build_encoding) (pkcs9_t *this);
-
- /**
- * Gets ASN.1 encoding of PKCS#9 attribute list
+ * Gets ASN.1 encoding of PKCS#9 attribute list.
*
* @return ASN.1 encoded PKCSI#9 list
*/
- chunk_t (*get_encoding) (pkcs9_t *this);
+ chunk_t (*get_encoding) (pkcs7_attributes_t *this);
/**
- * Gets a PKCS#9 attribute
+ * Gets a PKCS#9 attribute from the list.
*
* @param oid OID of the attribute
* @return value of the attribute (internal data)
*/
- chunk_t (*get_attribute) (pkcs9_t *this, int oid);
-
- /**
- * Adds a PKCS#9 attribute
- *
- * @param oid OID of the attribute
- * @param value value of the attribute (gets cloned)
- */
- void (*set_attribute) (pkcs9_t *this, int oid, chunk_t value);
+ chunk_t (*get_attribute) (pkcs7_attributes_t *this, int oid);
/**
- * Adds a ASN.1 encoded PKCS#9 attribute
+ * Adds a PKCS#9 attribute.
*
* @param oid OID of the attribute
- * @param value ASN.1 encoded value of the attribute (gets adopted)
+ * @param value value of the attribute, with ASN1 type (gets owned)
*/
- void (*set_attribute_raw) (pkcs9_t *this, int oid, chunk_t value);
+ void (*add_attribute) (pkcs7_attributes_t *this, int oid, chunk_t value);
/**
* Destroys the PKCS#9 attribute list.
*/
- void (*destroy) (pkcs9_t *this);
+ void (*destroy) (pkcs7_attributes_t *this);
};
/**
- * Read a PKCS#9 attribute list from a DER encoded chunk.
+ * Read a PKCS#7 attribute list (aka PKCS#9) from a DER encoded chunk.
*
* @param chunk chunk containing DER encoded data
* @param level ASN.1 parsing start level
* @return created pkcs9 attribute list, or NULL if invalid.
*/
-pkcs9_t *pkcs9_create_from_chunk(chunk_t chunk, u_int level);
+pkcs7_attributes_t *pkcs7_attributes_create_from_chunk(chunk_t chunk, u_int level);
/**
- * Create an empty PKCS#9 attribute list
+ * Create an empty PKCS#7 attribute list, aka PKCS#9.
*
* @return created pkcs9 attribute list.
*/
-pkcs9_t *pkcs9_create(void);
+pkcs7_attributes_t *pkcs7_attributes_create(void);
#endif /** PKCS9_H_ @}*/
diff --git a/src/libstrongswan/plugins/pkcs7/pkcs7_data.c b/src/libstrongswan/plugins/pkcs7/pkcs7_data.c
new file mode 100644
index 000000000..06816095c
--- /dev/null
+++ b/src/libstrongswan/plugins/pkcs7/pkcs7_data.c
@@ -0,0 +1,156 @@
+/*
+ * Copyright (C) 2012 Martin Willi
+ * Copyright (C) 2012 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "pkcs7_data.h"
+
+#include <asn1/asn1.h>
+#include <asn1/oid.h>
+
+typedef struct private_pkcs7_data_t private_pkcs7_data_t;
+
+/**
+ * Private data of a PKCS#7 signed-data container.
+ */
+struct private_pkcs7_data_t {
+
+ /**
+ * Implements pkcs7_t.
+ */
+ pkcs7_t public;
+
+ /**
+ * Encoded data
+ */
+ chunk_t content;
+
+ /**
+ * Encoded PKCS#7 data
+ */
+ chunk_t encoding;
+};
+
+METHOD(container_t, get_type, container_type_t,
+ private_pkcs7_data_t *this)
+{
+ return CONTAINER_PKCS7_DATA;
+}
+
+METHOD(container_t, create_signature_enumerator, enumerator_t*,
+ private_pkcs7_data_t *this)
+{
+ return enumerator_create_empty();
+}
+
+METHOD(container_t, get_data, bool,
+ private_pkcs7_data_t *this, chunk_t *data)
+{
+ chunk_t chunk;
+
+ chunk = this->content;
+ if (asn1_unwrap(&chunk, &chunk) == ASN1_OCTET_STRING)
+ {
+ *data = chunk_clone(chunk);
+ return TRUE;
+ }
+ return FALSE;
+}
+
+METHOD(container_t, get_encoding, bool,
+ private_pkcs7_data_t *this, chunk_t *data)
+{
+ *data = chunk_clone(this->encoding);
+ return TRUE;
+}
+
+METHOD(container_t, destroy, void,
+ private_pkcs7_data_t *this)
+{
+ free(this->content.ptr);
+ free(this->encoding.ptr);
+ free(this);
+}
+
+/**
+ * Create an empty container
+ */
+static private_pkcs7_data_t* create_empty()
+{
+ private_pkcs7_data_t *this;
+
+ INIT(this,
+ .public = {
+ .container = {
+ .get_type = _get_type,
+ .create_signature_enumerator = _create_signature_enumerator,
+ .get_data = _get_data,
+ .get_encoding = _get_encoding,
+ .destroy = _destroy,
+ },
+ .get_attribute = (void*)return_false,
+ .create_cert_enumerator = (void*)enumerator_create_empty,
+ },
+ );
+
+ return this;
+}
+
+/**
+ * See header.
+ */
+pkcs7_t *pkcs7_data_load(chunk_t encoding, chunk_t content)
+{
+ private_pkcs7_data_t *this = create_empty();
+
+ this->encoding = chunk_clone(encoding);
+ this->content = chunk_clone(content);
+
+ return &this->public;
+}
+
+/**
+ * See header.
+ */
+pkcs7_t *pkcs7_data_gen(container_type_t type, va_list args)
+{
+ private_pkcs7_data_t *this;
+ chunk_t blob = chunk_empty;
+
+ while (TRUE)
+ {
+ switch (va_arg(args, builder_part_t))
+ {
+ case BUILD_BLOB:
+ blob = va_arg(args, chunk_t);
+ continue;
+ case BUILD_END:
+ break;
+ default:
+ return NULL;
+ }
+ break;
+ }
+
+ if (blob.len)
+ {
+ this = create_empty();
+
+ this->content = asn1_wrap(ASN1_OCTET_STRING, "c", blob);
+ this->encoding = asn1_wrap(ASN1_SEQUENCE, "mm",
+ asn1_build_known_oid(OID_PKCS7_DATA),
+ asn1_wrap(ASN1_CONTEXT_C_0, "c", this->content));
+ return &this->public;
+ }
+ return NULL;
+}
diff --git a/src/libstrongswan/plugins/pkcs7/pkcs7_data.h b/src/libstrongswan/plugins/pkcs7/pkcs7_data.h
new file mode 100644
index 000000000..86512b76f
--- /dev/null
+++ b/src/libstrongswan/plugins/pkcs7/pkcs7_data.h
@@ -0,0 +1,46 @@
+/*
+ * Copyright (C) 2012 Martin Willi
+ * Copyright (C) 2012 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup pkcs7_data pkcs7_data
+ * @{ @ingroup pkcs7p
+ */
+
+#ifndef PKCS7_DATA_H_
+#define PKCS7_DATA_H_
+
+#include <credentials/builder.h>
+#include <credentials/containers/pkcs7.h>
+
+/**
+ * Parse a PKCS#7 "data" container.
+ *
+ * @param encoding full contentInfo encoding
+ * @param content DER encoded content from contentInfo
+ * @return CONTAINER_PKCS7_DATA container, NULL on failure
+ */
+pkcs7_t *pkcs7_data_load(chunk_t encoding, chunk_t content);
+
+/**
+ * Generate a PKCS#7 data container.
+ *
+ * The only accepted builder argument is BUILDER_BLOB.
+ *
+ * @param type container type, must be CONTAINER_PKCS7_DATA
+ * @param args builder_t arguments to use.
+ */
+pkcs7_t *pkcs7_data_gen(container_type_t type, va_list args);
+
+#endif /** PKCS7_DATA_H_ @}*/
diff --git a/src/libstrongswan/plugins/pkcs7/pkcs7_enveloped_data.c b/src/libstrongswan/plugins/pkcs7/pkcs7_enveloped_data.c
new file mode 100644
index 000000000..5cd0d8f93
--- /dev/null
+++ b/src/libstrongswan/plugins/pkcs7/pkcs7_enveloped_data.c
@@ -0,0 +1,613 @@
+/*
+ * Copyright (C) 2012 Martin Willi
+ * Copyright (C) 2012 revosec AG
+ * Copyright (C) 2012 Tobias Brunner
+ * Copyright (C) 2002-2008 Andreas Steffen
+ * Copyright (C) 2005 Jan Hutter, Martin Willi
+ * Hochschule fuer Technik Rapperswil, Switzerland
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "pkcs7_enveloped_data.h"
+
+#include <asn1/asn1.h>
+#include <asn1/asn1_parser.h>
+#include <asn1/oid.h>
+#include <credentials/certificates/x509.h>
+#include <utils/debug.h>
+
+typedef struct private_pkcs7_enveloped_data_t private_pkcs7_enveloped_data_t;
+
+/**
+ * Private data of a PKCS#7 signed-data container.
+ */
+struct private_pkcs7_enveloped_data_t {
+
+ /**
+ * Implements pkcs7_t.
+ */
+ pkcs7_t public;
+
+ /**
+ * Decrypted content
+ */
+ chunk_t content;
+
+ /**
+ * Encrypted and encoded PKCS#7 enveloped-data
+ */
+ chunk_t encoding;
+};
+
+/**
+ * ASN.1 definition of the PKCS#7 envelopedData type
+ */
+static const asn1Object_t envelopedDataObjects[] = {
+ { 0, "envelopedData", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
+ { 1, "version", ASN1_INTEGER, ASN1_BODY }, /* 1 */
+ { 1, "recipientInfos", ASN1_SET, ASN1_LOOP }, /* 2 */
+ { 2, "recipientInfo", ASN1_SEQUENCE, ASN1_BODY }, /* 3 */
+ { 3, "version", ASN1_INTEGER, ASN1_BODY }, /* 4 */
+ { 3, "issuerAndSerialNumber", ASN1_SEQUENCE, ASN1_BODY }, /* 5 */
+ { 4, "issuer", ASN1_SEQUENCE, ASN1_OBJ }, /* 6 */
+ { 4, "serial", ASN1_INTEGER, ASN1_BODY }, /* 7 */
+ { 3, "encryptionAlgorithm", ASN1_EOC, ASN1_RAW }, /* 8 */
+ { 3, "encryptedKey", ASN1_OCTET_STRING, ASN1_BODY }, /* 9 */
+ { 1, "end loop", ASN1_EOC, ASN1_END }, /* 10 */
+ { 1, "encryptedContentInfo", ASN1_SEQUENCE, ASN1_OBJ }, /* 11 */
+ { 2, "contentType", ASN1_OID, ASN1_BODY }, /* 12 */
+ { 2, "contentEncryptionAlgorithm", ASN1_EOC, ASN1_RAW }, /* 13 */
+ { 2, "encryptedContent", ASN1_CONTEXT_S_0, ASN1_BODY }, /* 14 */
+ { 0, "exit", ASN1_EOC, ASN1_EXIT }
+};
+#define PKCS7_VERSION 1
+#define PKCS7_RECIPIENT_INFO_VERSION 4
+#define PKCS7_ISSUER 6
+#define PKCS7_SERIAL_NUMBER 7
+#define PKCS7_ENCRYPTION_ALG 8
+#define PKCS7_ENCRYPTED_KEY 9
+#define PKCS7_CONTENT_TYPE 12
+#define PKCS7_CONTENT_ENC_ALGORITHM 13
+#define PKCS7_ENCRYPTED_CONTENT 14
+
+/**
+ * Find a private key for issuerAndSerialNumber
+ */
+static private_key_t *find_private(identification_t *issuer,
+ identification_t *serial)
+{
+ enumerator_t *enumerator;
+ certificate_t *cert;
+ public_key_t *public;
+ private_key_t *private = NULL;
+ identification_t *id;
+ chunk_t fp;
+
+ enumerator = lib->credmgr->create_cert_enumerator(lib->credmgr,
+ CERT_X509, KEY_RSA, serial, FALSE);
+ while (enumerator->enumerate(enumerator, &cert))
+ {
+ if (issuer->equals(issuer, cert->get_issuer(cert)))
+ {
+ public = cert->get_public_key(cert);
+ if (public)
+ {
+ if (public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &fp))
+ {
+ id = identification_create_from_encoding(ID_KEY_ID, fp);
+ private = lib->credmgr->get_private(lib->credmgr,
+ KEY_ANY, id, NULL);
+ id->destroy(id);
+ }
+ public->destroy(public);
+ }
+ }
+ if (private)
+ {
+ break;
+ }
+ }
+ enumerator->destroy(enumerator);
+ return private;
+}
+
+/**
+ * Decrypt content using a private key from "issuer"
+ */
+static bool decrypt(private_key_t *private, chunk_t key, chunk_t iv, int oid,
+ chunk_t encrypted, chunk_t *plain)
+{
+ encryption_algorithm_t alg;
+ chunk_t plain_key;
+ crypter_t *crypter;
+ size_t key_size;
+
+ alg = encryption_algorithm_from_oid(oid, &key_size);
+ if (alg == ENCR_UNDEFINED)
+ {
+ DBG1(DBG_LIB, "unsupported content encryption algorithm");
+ return FALSE;
+ }
+ if (!private->decrypt(private, ENCRYPT_RSA_PKCS1, key, &plain_key))
+ {
+ DBG1(DBG_LIB, "symmetric key could not be decrypted with rsa");
+ return FALSE;
+ }
+ crypter = lib->crypto->create_crypter(lib->crypto, alg, key_size / 8);
+ if (!crypter)
+ {
+ DBG1(DBG_LIB, "crypter %N-%d not available",
+ encryption_algorithm_names, alg, key_size);
+ free(plain_key.ptr);
+ return FALSE;
+ }
+ if (plain_key.len != crypter->get_key_size(crypter))
+ {
+ DBG1(DBG_LIB, "symmetric key length %d is wrong", plain_key.len);
+ free(plain_key.ptr);
+ crypter->destroy(crypter);
+ return FALSE;
+ }
+ if (iv.len != crypter->get_iv_size(crypter))
+ {
+ DBG1(DBG_LIB, "IV length %d is wrong", iv.len);
+ free(plain_key.ptr);
+ crypter->destroy(crypter);
+ return FALSE;
+ }
+ if (!crypter->set_key(crypter, plain_key) ||
+ !crypter->decrypt(crypter, encrypted, iv, plain))
+ {
+ free(plain_key.ptr);
+ crypter->destroy(crypter);
+ return FALSE;
+ }
+ DBG4(DBG_LIB, "decrypted content with padding: %B", plain);
+ free(plain_key.ptr);
+ crypter->destroy(crypter);
+ return TRUE;
+}
+
+/**
+ * Remove the padding from plain data
+ */
+static bool remove_padding(private_pkcs7_enveloped_data_t *this)
+{
+ u_char *pos = this->content.ptr + this->content.len - 1;
+ u_char pattern = *pos;
+ size_t padding = pattern;
+
+ if (padding > this->content.len)
+ {
+ DBG1(DBG_LIB, "padding greater than data length");
+ return FALSE;
+ }
+ this->content.len -= padding;
+
+ while (padding-- > 0)
+ {
+ if (*pos-- != pattern)
+ {
+ DBG1(DBG_LIB, "wrong padding pattern");
+ return FALSE;
+ }
+ }
+ return TRUE;
+}
+
+/**
+ * Parse and decrypt enveloped-data
+ */
+static bool parse(private_pkcs7_enveloped_data_t *this, chunk_t content)
+{
+ asn1_parser_t *parser;
+ chunk_t object;
+ int objectID, version, alg = OID_UNKNOWN;
+ bool success = FALSE;
+ identification_t *issuer = NULL, *serial = NULL;
+ private_key_t *private = NULL;
+ chunk_t iv = chunk_empty, key = chunk_empty, encrypted = chunk_empty;
+
+ parser = asn1_parser_create(envelopedDataObjects, content);
+ parser->set_top_level(parser, 0);
+
+ while (parser->iterate(parser, &objectID, &object))
+ {
+ u_int level = parser->get_level(parser);
+
+ switch (objectID)
+ {
+ case PKCS7_VERSION:
+ version = object.len ? (int)*object.ptr : 0;
+ DBG2(DBG_LIB, " v%d", version);
+ if (version != 0)
+ {
+ DBG1(DBG_LIB, "envelopedData version is not 0");
+ goto end;
+ }
+ break;
+ case PKCS7_RECIPIENT_INFO_VERSION:
+ version = object.len ? (int)*object.ptr : 0;
+ DBG2(DBG_LIB, " v%d", version);
+ if (version != 0)
+ {
+ DBG1(DBG_LIB, "recipient info version is not 0");
+ goto end;
+ }
+ break;
+ case PKCS7_ISSUER:
+ if (!issuer)
+ {
+ issuer = identification_create_from_encoding(ID_DER_ASN1_DN,
+ object);
+ }
+ break;
+ case PKCS7_SERIAL_NUMBER:
+ if (!serial)
+ {
+ serial = identification_create_from_encoding(ID_KEY_ID,
+ object);
+ }
+ break;
+ case PKCS7_ENCRYPTION_ALG:
+ if (asn1_parse_algorithmIdentifier(object, level,
+ NULL) != OID_RSA_ENCRYPTION)
+ {
+ DBG1(DBG_LIB, "only rsa encryption supported");
+ goto end;
+ }
+ break;
+ case PKCS7_ENCRYPTED_KEY:
+ key = object;
+ break;
+ case PKCS7_CONTENT_TYPE:
+ if (asn1_known_oid(object) != OID_PKCS7_DATA)
+ {
+ DBG1(DBG_LIB, "encrypted content not of type pkcs7 data");
+ goto end;
+ }
+ break;
+ case PKCS7_CONTENT_ENC_ALGORITHM:
+ alg = asn1_parse_algorithmIdentifier(object, level, &iv);
+ if (!asn1_parse_simple_object(&iv, ASN1_OCTET_STRING,
+ level + 1, "IV"))
+ {
+ DBG1(DBG_LIB, "IV could not be parsed");
+ goto end;
+ }
+ break;
+ case PKCS7_ENCRYPTED_CONTENT:
+ encrypted = object;
+ break;
+ }
+ }
+ success = parser->success(parser);
+
+end:
+ parser->destroy(parser);
+ if (!success)
+ {
+ goto failed;
+ }
+ success = FALSE;
+ if (!issuer)
+ {
+ goto failed;
+ }
+ private = find_private(issuer, serial);
+ if (!private)
+ {
+ DBG1(DBG_LIB, "no private key found to decrypt pkcs7");
+ goto failed;
+ }
+ if (!decrypt(private, key, iv, alg, encrypted, &this->content))
+ {
+ goto failed;
+ }
+ if (!remove_padding(this))
+ {
+ goto failed;
+ }
+
+ success = TRUE;
+failed:
+ DESTROY_IF(issuer);
+ DESTROY_IF(serial);
+ DESTROY_IF(private);
+ return success;
+}
+
+METHOD(container_t, get_type, container_type_t,
+ private_pkcs7_enveloped_data_t *this)
+{
+ return CONTAINER_PKCS7_ENVELOPED_DATA;
+}
+
+METHOD(container_t, create_signature_enumerator, enumerator_t*,
+ private_pkcs7_enveloped_data_t *this)
+{
+ return enumerator_create_empty();
+}
+
+METHOD(container_t, get_data, bool,
+ private_pkcs7_enveloped_data_t *this, chunk_t *data)
+{
+ if (this->content.len)
+ {
+ *data = chunk_clone(this->content);
+ return TRUE;
+ }
+ return FALSE;
+}
+
+METHOD(container_t, get_encoding, bool,
+ private_pkcs7_enveloped_data_t *this, chunk_t *data)
+{
+ *data = chunk_clone(this->encoding);
+ return TRUE;
+}
+
+METHOD(container_t, destroy, void,
+ private_pkcs7_enveloped_data_t *this)
+{
+ free(this->content.ptr);
+ free(this->encoding.ptr);
+ free(this);
+}
+
+/**
+ * Generic constructor
+ */
+static private_pkcs7_enveloped_data_t* create_empty()
+{
+ private_pkcs7_enveloped_data_t *this;
+
+ INIT(this,
+ .public = {
+ .container = {
+ .get_type = _get_type,
+ .create_signature_enumerator = _create_signature_enumerator,
+ .get_data = _get_data,
+ .get_encoding = _get_encoding,
+ .destroy = _destroy,
+ },
+ .create_cert_enumerator = (void*)enumerator_create_empty,
+ .get_attribute = (void*)return_false,
+ },
+ );
+
+ return this;
+}
+
+/**
+ * See header.
+ */
+pkcs7_t *pkcs7_enveloped_data_load(chunk_t encoding, chunk_t content)
+{
+ private_pkcs7_enveloped_data_t *this = create_empty();
+
+ this->encoding = chunk_clone(encoding);
+ if (!parse(this, content))
+ {
+ destroy(this);
+ return NULL;
+ }
+
+ return &this->public;
+}
+
+/**
+ * Allocate data with an RNG
+ */
+static bool get_random(rng_quality_t quality, size_t size, chunk_t *out)
+{
+ rng_t *rng;
+
+ rng = lib->crypto->create_rng(lib->crypto, quality);
+ if (!rng)
+ {
+ return FALSE;
+ }
+ if (!rng->allocate_bytes(rng, size, out))
+ {
+ rng->destroy(rng);
+ return FALSE;
+ }
+ rng->destroy(rng);
+ return TRUE;
+}
+
+/**
+ * Encrypt symmetric key using a public key from a certificate
+ */
+static bool encrypt_key(certificate_t *cert, chunk_t in, chunk_t *out)
+{
+ public_key_t *key;
+
+ key = cert->get_public_key(cert);
+ if (!key)
+ {
+ return FALSE;
+ }
+ if (!key->encrypt(key, ENCRYPT_RSA_PKCS1, in, out))
+ {
+ key->destroy(key);
+ return FALSE;
+ }
+ key->destroy(key);
+ return TRUE;
+}
+
+/**
+ * build a DER-encoded issuerAndSerialNumber object
+ */
+static chunk_t build_issuerAndSerialNumber(certificate_t *cert)
+{
+ identification_t *issuer = cert->get_issuer(cert);
+ chunk_t serial = chunk_empty;
+
+ if (cert->get_type(cert) == CERT_X509)
+ {
+ x509_t *x509 = (x509_t*)cert;
+ serial = x509->get_serial(x509);
+ }
+
+ return asn1_wrap(ASN1_SEQUENCE, "cm",
+ issuer->get_encoding(issuer),
+ asn1_integer("c", serial));
+}
+
+/**
+ * Generate a new PKCS#7 enveloped-data container
+ */
+static bool generate(private_pkcs7_enveloped_data_t *this,
+ certificate_t *cert, encryption_algorithm_t alg, int key_size)
+{
+ chunk_t contentEncryptionAlgorithm, encryptedContentInfo, recipientInfo;
+ chunk_t iv, symmetricKey, protectedKey, content;
+ crypter_t *crypter;
+ size_t bs, padding;
+ int alg_oid;
+
+ alg_oid = encryption_algorithm_to_oid(alg, key_size);
+ if (alg_oid == OID_UNKNOWN)
+ {
+ DBG1(DBG_LIB, " encryption algorithm %N not supported",
+ encryption_algorithm_names, alg);
+ return FALSE;
+ }
+ crypter = lib->crypto->create_crypter(lib->crypto, alg, key_size / 8);
+ if (crypter == NULL)
+ {
+ DBG1(DBG_LIB, " could not create crypter for algorithm %N",
+ encryption_algorithm_names, alg);
+ return FALSE;
+ }
+
+ if (!get_random(RNG_TRUE, crypter->get_key_size(crypter), &symmetricKey))
+ {
+ DBG1(DBG_LIB, " failed to allocate symmetric encryption key");
+ crypter->destroy(crypter);
+ return FALSE;
+ }
+ DBG4(DBG_LIB, " symmetric encryption key: %B", &symmetricKey);
+
+ if (!get_random(RNG_WEAK, crypter->get_iv_size(crypter), &iv))
+ {
+ DBG1(DBG_LIB, " failed to allocate initialization vector");
+ crypter->destroy(crypter);
+ return FALSE;
+ }
+ DBG4(DBG_LIB, " initialization vector: %B", &iv);
+
+ bs = crypter->get_block_size(crypter);
+ padding = bs - this->content.len % bs;
+ content = chunk_alloc(this->content.len + padding);
+ memcpy(content.ptr, this->content.ptr, this->content.len);
+ memset(content.ptr + this->content.len, padding, padding);
+ DBG3(DBG_LIB, " padded unencrypted data: %B", &content);
+
+ /* symmetric inline encryption of content */
+ if (!crypter->set_key(crypter, symmetricKey) ||
+ !crypter->encrypt(crypter, content, iv, NULL))
+ {
+ crypter->destroy(crypter);
+ chunk_clear(&symmetricKey);
+ chunk_free(&iv);
+ return FALSE;
+ }
+ crypter->destroy(crypter);
+ DBG3(DBG_LIB, " encrypted data: %B", &content);
+
+ if (!encrypt_key(cert, symmetricKey, &protectedKey))
+ {
+ DBG1(DBG_LIB, " encrypting symmetric key failed");
+ chunk_clear(&symmetricKey);
+ chunk_free(&iv);
+ chunk_free(&content);
+ return FALSE;
+ }
+ chunk_clear(&symmetricKey);
+
+ contentEncryptionAlgorithm = asn1_wrap(ASN1_SEQUENCE, "mm",
+ asn1_build_known_oid(alg_oid),
+ asn1_wrap(ASN1_OCTET_STRING, "m", iv));
+
+ encryptedContentInfo = asn1_wrap(ASN1_SEQUENCE, "mmm",
+ asn1_build_known_oid(OID_PKCS7_DATA),
+ contentEncryptionAlgorithm,
+ asn1_wrap(ASN1_CONTEXT_S_0, "m", content));
+
+ recipientInfo = asn1_wrap(ASN1_SEQUENCE, "cmmm",
+ ASN1_INTEGER_0,
+ build_issuerAndSerialNumber(cert),
+ asn1_algorithmIdentifier(OID_RSA_ENCRYPTION),
+ asn1_wrap(ASN1_OCTET_STRING, "m", protectedKey));
+
+ this->encoding = asn1_wrap(ASN1_SEQUENCE, "mm",
+ asn1_build_known_oid(OID_PKCS7_ENVELOPED_DATA),
+ asn1_wrap(ASN1_CONTEXT_C_0, "m",
+ asn1_wrap(ASN1_SEQUENCE, "cmm",
+ ASN1_INTEGER_0,
+ asn1_wrap(ASN1_SET, "m", recipientInfo),
+ encryptedContentInfo)));
+
+ return TRUE;
+}
+
+/**
+ * See header.
+ */
+pkcs7_t *pkcs7_enveloped_data_gen(container_type_t type, va_list args)
+{
+ private_pkcs7_enveloped_data_t *this;
+ chunk_t blob = chunk_empty;
+ encryption_algorithm_t alg = ENCR_AES_CBC;
+ certificate_t *cert = NULL;
+ int key_size = 128;
+
+ while (TRUE)
+ {
+ switch (va_arg(args, builder_part_t))
+ {
+ case BUILD_CERT:
+ cert = va_arg(args, certificate_t*);
+ continue;
+ case BUILD_ENCRYPTION_ALG:
+ alg = va_arg(args, int);
+ continue;
+ case BUILD_KEY_SIZE:
+ key_size = va_arg(args, int);
+ continue;
+ case BUILD_BLOB:
+ blob = va_arg(args, chunk_t);
+ continue;
+ case BUILD_END:
+ break;
+ default:
+ return NULL;
+ }
+ break;
+ }
+ if (blob.len && cert)
+ {
+ this = create_empty();
+
+ this->content = chunk_clone(blob);
+ if (generate(this, cert, alg, key_size))
+ {
+ return &this->public;
+ }
+ destroy(this);
+ }
+ return NULL;
+}
diff --git a/src/libstrongswan/plugins/pkcs7/pkcs7_enveloped_data.h b/src/libstrongswan/plugins/pkcs7/pkcs7_enveloped_data.h
new file mode 100644
index 000000000..5e35abd54
--- /dev/null
+++ b/src/libstrongswan/plugins/pkcs7/pkcs7_enveloped_data.h
@@ -0,0 +1,44 @@
+/*
+ * Copyright (C) 2012 Martin Willi
+ * Copyright (C) 2012 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup pkcs7_enveloped_data pkcs7_enveloped_data
+ * @{ @ingroup pkcs7p
+ */
+
+#ifndef PKCS7_ENVELOPED_DATA_H_
+#define PKCS7_ENVELOPED_DATA_H_
+
+#include <credentials/builder.h>
+#include <credentials/containers/pkcs7.h>
+
+/**
+ * Parse a PKCS#7 enveloped-data container.
+ *
+ * @param encoding full contentInfo encoding
+ * @param content DER encoded content from contentInfo
+ * @return CONTAINER_PKCS7_ENVELOPED_DATA container, NULL on failure
+ */
+pkcs7_t *pkcs7_enveloped_data_load(chunk_t encoding, chunk_t content);
+
+/**
+ * Generate a PKCS#7 enveloped-data container.
+ *
+ * @param type container type, must be CONTAINER_PKCS7_ENVELOPED_DATA
+ * @param args builder_t arguments to use.
+ */
+pkcs7_t *pkcs7_enveloped_data_gen(container_type_t type, va_list args);
+
+#endif /** PKCS7_ENVELOPED_DATA_H_ @}*/
diff --git a/src/libstrongswan/plugins/pkcs7/pkcs7_generic.c b/src/libstrongswan/plugins/pkcs7/pkcs7_generic.c
new file mode 100644
index 000000000..35d8d11a7
--- /dev/null
+++ b/src/libstrongswan/plugins/pkcs7/pkcs7_generic.c
@@ -0,0 +1,126 @@
+/*
+ * Copyright (C) 2012 Martin Willi
+ * Copyright (C) 2012 revosec AG
+ * Copyright (C) 2012 Tobias Brunner
+ * Copyright (C) 2002-2008 Andreas Steffen
+ * Copyright (C) 2005 Jan Hutter, Martin Willi
+ * Hochschule fuer Technik Rapperswil, Switzerland
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "pkcs7_generic.h"
+#include "pkcs7_data.h"
+#include "pkcs7_signed_data.h"
+#include "pkcs7_enveloped_data.h"
+
+#include <utils/debug.h>
+#include <asn1/oid.h>
+#include <asn1/asn1.h>
+#include <asn1/asn1_parser.h>
+
+/**
+ * ASN.1 definition of the PKCS#7 ContentInfo type
+ */
+static const asn1Object_t contentInfoObjects[] = {
+ { 0, "contentInfo", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
+ { 1, "contentType", ASN1_OID, ASN1_BODY }, /* 1 */
+ { 1, "content", ASN1_CONTEXT_C_0, ASN1_OPT |
+ ASN1_BODY }, /* 2 */
+ { 1, "end opt", ASN1_EOC, ASN1_END }, /* 3 */
+ { 0, "exit", ASN1_EOC, ASN1_EXIT }
+};
+#define PKCS7_INFO_TYPE 1
+#define PKCS7_INFO_CONTENT 2
+
+/**
+ * Parse PKCS#7 contentInfo object
+ */
+static pkcs7_t* parse_contentInfo(chunk_t blob)
+{
+ asn1_parser_t *parser;
+ chunk_t object, content = chunk_empty;
+ int objectID, type = OID_UNKNOWN;
+ bool success = FALSE;
+
+ parser = asn1_parser_create(contentInfoObjects, blob);
+ parser->set_top_level(parser, 0);
+
+ while (parser->iterate(parser, &objectID, &object))
+ {
+ if (objectID == PKCS7_INFO_TYPE)
+ {
+ type = asn1_known_oid(object);
+ if (type < OID_PKCS7_DATA || type > OID_PKCS7_ENCRYPTED_DATA)
+ {
+ DBG1(DBG_ASN, "unknown pkcs7 content type");
+ goto end;
+ }
+ }
+ else if (objectID == PKCS7_INFO_CONTENT)
+ {
+ content = object;
+ }
+ }
+ success = parser->success(parser);
+
+end:
+ parser->destroy(parser);
+
+ if (success)
+ {
+ switch (type)
+ {
+ case OID_PKCS7_DATA:
+ return pkcs7_data_load(blob, content);
+ case OID_PKCS7_SIGNED_DATA:
+ return pkcs7_signed_data_load(blob, content);
+ case OID_PKCS7_ENVELOPED_DATA:
+ return pkcs7_enveloped_data_load(blob, content);
+ default:
+ DBG1(DBG_ASN, "pkcs7 content type %d not supported", type);
+ return NULL;
+ }
+ }
+ return NULL;
+}
+
+
+pkcs7_t *pkcs7_generic_load(container_type_t type, va_list args)
+{
+ chunk_t blob = chunk_empty;
+
+ while (TRUE)
+ {
+ switch (va_arg(args, builder_part_t))
+ {
+ case BUILD_BLOB_ASN1_DER:
+ blob = va_arg(args, chunk_t);
+ continue;
+ case BUILD_END:
+ break;
+ default:
+ return NULL;
+ }
+ break;
+ }
+ if (blob.len)
+ {
+ if (blob.len >= 2 &&
+ blob.ptr[0] == ASN1_SEQUENCE && blob.ptr[1] == 0x80)
+ { /* looks like infinite length BER encoding, but we can't handle it.
+ * ignore silently, our openssl backend can handle it */
+ return NULL;
+ }
+ return parse_contentInfo(blob);
+ }
+ return NULL;
+}
diff --git a/src/libstrongswan/plugins/pkcs7/pkcs7_generic.h b/src/libstrongswan/plugins/pkcs7/pkcs7_generic.h
new file mode 100644
index 000000000..819343c4d
--- /dev/null
+++ b/src/libstrongswan/plugins/pkcs7/pkcs7_generic.h
@@ -0,0 +1,38 @@
+/*
+ * Copyright (C) 2012 Martin Willi
+ * Copyright (C) 2012 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup pkcs7_generic pkcs7_generic
+ * @{ @ingroup pkcs7p
+ */
+
+#ifndef PKCS7_GENERIC_H_
+#define PKCS7_GENERIC_H_
+
+#include <credentials/builder.h>
+#include <credentials/containers/pkcs7.h>
+
+/**
+ * Load a generic PKCS#7 container.
+ *
+ * The argument list must contain a single BUILD_BLOB_ASN1_DER argument.
+ *
+ * @param type type of the container, CONTAINER_PKCS7
+ * @param args builder_part_t argument list
+ * @return container, NULL on failure
+ */
+pkcs7_t *pkcs7_generic_load(container_type_t type, va_list args);
+
+#endif /** PKCS7_GENERIC_H_ @}*/
diff --git a/src/libstrongswan/plugins/pkcs7/pkcs7_plugin.c b/src/libstrongswan/plugins/pkcs7/pkcs7_plugin.c
new file mode 100644
index 000000000..7d350155d
--- /dev/null
+++ b/src/libstrongswan/plugins/pkcs7/pkcs7_plugin.c
@@ -0,0 +1,84 @@
+/*
+ * Copyright (C) 2012 Martin Willi
+ * Copyright (C) 2012 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "pkcs7_plugin.h"
+#include "pkcs7_generic.h"
+#include "pkcs7_data.h"
+#include "pkcs7_signed_data.h"
+#include "pkcs7_enveloped_data.h"
+
+#include <library.h>
+
+typedef struct private_pkcs7_plugin_t private_pkcs7_plugin_t;
+
+/**
+ * private data of pkcs7_plugin
+ */
+struct private_pkcs7_plugin_t {
+
+ /**
+ * public functions
+ */
+ pkcs7_plugin_t public;
+};
+
+METHOD(plugin_t, get_name, char*,
+ private_pkcs7_plugin_t *this)
+{
+ return "pkcs7";
+}
+
+METHOD(plugin_t, get_features, int,
+ private_pkcs7_plugin_t *this, plugin_feature_t *features[])
+{
+ static plugin_feature_t f[] = {
+ PLUGIN_REGISTER(CONTAINER_DECODE, pkcs7_generic_load, TRUE),
+ PLUGIN_PROVIDE(CONTAINER_DECODE, CONTAINER_PKCS7),
+ PLUGIN_REGISTER(CONTAINER_ENCODE, pkcs7_data_gen, TRUE),
+ PLUGIN_PROVIDE(CONTAINER_ENCODE, CONTAINER_PKCS7_DATA),
+ PLUGIN_REGISTER(CONTAINER_ENCODE, pkcs7_signed_data_gen, TRUE),
+ PLUGIN_PROVIDE(CONTAINER_ENCODE, CONTAINER_PKCS7_SIGNED_DATA),
+ PLUGIN_REGISTER(CONTAINER_ENCODE, pkcs7_enveloped_data_gen, TRUE),
+ PLUGIN_PROVIDE(CONTAINER_ENCODE, CONTAINER_PKCS7_ENVELOPED_DATA),
+ };
+ *features = f;
+ return countof(f);
+}
+
+METHOD(plugin_t, destroy, void,
+ private_pkcs7_plugin_t *this)
+{
+ free(this);
+}
+
+/*
+ * see header file
+ */
+plugin_t *pkcs7_plugin_create()
+{
+ private_pkcs7_plugin_t *this;
+
+ INIT(this,
+ .public = {
+ .plugin = {
+ .get_name = _get_name,
+ .get_features = _get_features,
+ .destroy = _destroy,
+ },
+ },
+ );
+
+ return &this->public.plugin;
+}
diff --git a/src/libstrongswan/plugins/pkcs7/pkcs7_plugin.h b/src/libstrongswan/plugins/pkcs7/pkcs7_plugin.h
new file mode 100644
index 000000000..3d582c7c6
--- /dev/null
+++ b/src/libstrongswan/plugins/pkcs7/pkcs7_plugin.h
@@ -0,0 +1,42 @@
+/*
+ * Copyright (C) 2012 Martin Willi
+ * Copyright (C) 2012 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPSE. See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup pkcs7p pkcs7
+ * @ingroup plugins
+ *
+ * @defgroup pkcs7_plugin pkcs7_plugin
+ * @{ @ingroup pkcs7p
+ */
+
+#ifndef PKCS7_PLUGIN_H_
+#define PKCS7_PLUGIN_H_
+
+#include <plugins/plugin.h>
+
+typedef struct pkcs7_plugin_t pkcs7_plugin_t;
+
+/**
+ * Plugin providing PKCS#7 container functionality.
+ */
+struct pkcs7_plugin_t {
+
+ /**
+ * Implements plugin interface.
+ */
+ plugin_t plugin;
+};
+
+#endif /** PKCS7_PLUGIN_H_ @}*/
diff --git a/src/libstrongswan/plugins/pkcs7/pkcs7_signed_data.c b/src/libstrongswan/plugins/pkcs7/pkcs7_signed_data.c
new file mode 100644
index 000000000..48fb5e6a4
--- /dev/null
+++ b/src/libstrongswan/plugins/pkcs7/pkcs7_signed_data.c
@@ -0,0 +1,678 @@
+/*
+ * Copyright (C) 2012 Martin Willi
+ * Copyright (C) 2012 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "pkcs7_signed_data.h"
+#include "pkcs7_attributes.h"
+
+#include <time.h>
+
+#include <utils/debug.h>
+#include <asn1/oid.h>
+#include <asn1/asn1.h>
+#include <asn1/asn1_parser.h>
+#include <credentials/sets/mem_cred.h>
+#include <credentials/certificates/x509.h>
+#include <credentials/keys/private_key.h>
+
+typedef struct private_pkcs7_signed_data_t private_pkcs7_signed_data_t;
+
+/**
+ * Private data of a PKCS#7 signed-data container.
+ */
+struct private_pkcs7_signed_data_t {
+
+ /**
+ * Implements pkcs7_t.
+ */
+ pkcs7_t public;
+
+ /**
+ * Signed content data
+ */
+ container_t *content;
+
+ /**
+ * Encoded PKCS#7 signed-data
+ */
+ chunk_t encoding;
+
+ /**
+ * list of signerInfos, signerinfo_t
+ */
+ linked_list_t *signerinfos;
+
+ /**
+ * Contained certificates
+ */
+ mem_cred_t *creds;
+};
+
+/**
+ * A single signerInfo
+ */
+typedef struct {
+
+ /**
+ * Signed attributes of signerInfo
+ */
+ pkcs7_attributes_t *attributes;
+
+ /**
+ * Serial of signing certificate
+ */
+ identification_t *serial;
+
+ /**
+ * Issuer of signing certificate
+ */
+ identification_t *issuer;
+
+ /**
+ * EncryptedDigest
+ */
+ chunk_t encrypted_digest;
+
+ /**
+ * Digesting algorithm OID
+ */
+ int digest_alg;
+
+ /**
+ * Public key encryption algorithm OID
+ */
+ int enc_alg;
+
+} signerinfo_t;
+
+/**
+ * Destroy a signerinfo_t entry
+ */
+void signerinfo_destroy(signerinfo_t *this)
+{
+ DESTROY_IF(this->attributes);
+ DESTROY_IF(this->serial);
+ DESTROY_IF(this->issuer);
+ free(this->encrypted_digest.ptr);
+ free(this);
+}
+
+/**
+ * ASN.1 definition of the PKCS#7 signedData type
+ */
+static const asn1Object_t signedDataObjects[] = {
+ { 0, "signedData", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
+ { 1, "version", ASN1_INTEGER, ASN1_BODY }, /* 1 */
+ { 1, "digestAlgorithms", ASN1_SET, ASN1_LOOP }, /* 2 */
+ { 2, "algorithm", ASN1_EOC, ASN1_RAW }, /* 3 */
+ { 1, "end loop", ASN1_EOC, ASN1_END }, /* 4 */
+ { 1, "contentInfo", ASN1_EOC, ASN1_RAW }, /* 5 */
+ { 1, "certificates", ASN1_CONTEXT_C_0, ASN1_OPT |
+ ASN1_LOOP }, /* 6 */
+ { 2, "certificate", ASN1_SEQUENCE, ASN1_OBJ }, /* 7 */
+ { 1, "end opt or loop", ASN1_EOC, ASN1_END }, /* 8 */
+ { 1, "crls", ASN1_CONTEXT_C_1, ASN1_OPT |
+ ASN1_LOOP }, /* 9 */
+ { 2, "crl", ASN1_SEQUENCE, ASN1_OBJ }, /* 10 */
+ { 1, "end opt or loop", ASN1_EOC, ASN1_END }, /* 11 */
+ { 1, "signerInfos", ASN1_SET, ASN1_LOOP }, /* 12 */
+ { 2, "signerInfo", ASN1_SEQUENCE, ASN1_NONE }, /* 13 */
+ { 3, "version", ASN1_INTEGER, ASN1_BODY }, /* 14 */
+ { 3, "issuerAndSerialNumber", ASN1_SEQUENCE, ASN1_BODY }, /* 15 */
+ { 4, "issuer", ASN1_SEQUENCE, ASN1_OBJ }, /* 16 */
+ { 4, "serial", ASN1_INTEGER, ASN1_BODY }, /* 17 */
+ { 3, "digestAlgorithm", ASN1_EOC, ASN1_RAW }, /* 18 */
+ { 3, "authenticatedAttributes", ASN1_CONTEXT_C_0, ASN1_OPT |
+ ASN1_OBJ }, /* 19 */
+ { 3, "end opt", ASN1_EOC, ASN1_END }, /* 20 */
+ { 3, "digestEncryptionAlgorithm", ASN1_EOC, ASN1_RAW }, /* 21 */
+ { 3, "encryptedDigest", ASN1_OCTET_STRING, ASN1_BODY }, /* 22 */
+ { 3, "unauthenticatedAttributes", ASN1_CONTEXT_C_1, ASN1_OPT }, /* 23 */
+ { 3, "end opt", ASN1_EOC, ASN1_END }, /* 24 */
+ { 1, "end loop", ASN1_EOC, ASN1_END }, /* 25 */
+ { 0, "exit", ASN1_EOC, ASN1_EXIT }
+};
+#define PKCS7_VERSION 1
+#define PKCS7_DIGEST_ALG 3
+#define PKCS7_CONTENT_INFO 5
+#define PKCS7_CERT 7
+#define PKCS7_SIGNER_INFO 13
+#define PKCS7_SIGNER_INFO_VERSION 14
+#define PKCS7_ISSUER 16
+#define PKCS7_SERIAL_NUMBER 17
+#define PKCS7_DIGEST_ALGORITHM 18
+#define PKCS7_AUTH_ATTRIBUTES 19
+#define PKCS7_DIGEST_ENC_ALGORITHM 21
+#define PKCS7_ENCRYPTED_DIGEST 22
+
+METHOD(container_t, get_type, container_type_t,
+ private_pkcs7_signed_data_t *this)
+{
+ return CONTAINER_PKCS7_SIGNED_DATA;
+}
+
+/**
+ * Signature enumerator implementation
+ */
+typedef struct {
+ /** implements enumerator */
+ enumerator_t public;
+ /** inner signerinfos enumerator */
+ enumerator_t *inner;
+ /** currently enumerated auth_cfg */
+ auth_cfg_t *auth;
+ /** currently enumerating signerinfo */
+ signerinfo_t *info;
+ /** reference to container */
+ private_pkcs7_signed_data_t *this;
+} signature_enumerator_t;
+
+METHOD(enumerator_t, enumerate, bool,
+ signature_enumerator_t *this, auth_cfg_t **out)
+{
+ signerinfo_t *info;
+ signature_scheme_t scheme;
+ hash_algorithm_t algorithm;
+ enumerator_t *enumerator;
+ certificate_t *cert;
+ public_key_t *key;
+ auth_cfg_t *auth;
+ chunk_t chunk, hash, content;
+ hasher_t *hasher;
+ bool valid;
+
+ while (this->inner->enumerate(this->inner, &info))
+ {
+ /* clean up previous round */
+ DESTROY_IF(this->auth);
+ this->auth = NULL;
+
+ scheme = signature_scheme_from_oid(info->digest_alg);
+ if (scheme == SIGN_UNKNOWN)
+ {
+ DBG1(DBG_LIB, "unsupported signature scheme");
+ continue;
+ }
+ if (!info->attributes)
+ {
+ DBG1(DBG_LIB, "no authenticatedAttributes object found");
+ continue;
+ }
+ if (info->enc_alg != OID_RSA_ENCRYPTION)
+ {
+ DBG1(DBG_LIB, "only RSA digest encryption supported");
+ continue;
+ }
+
+ enumerator = lib->credmgr->create_trusted_enumerator(lib->credmgr,
+ KEY_RSA, info->serial, FALSE);
+ while (enumerator->enumerate(enumerator, &cert, &auth))
+ {
+ if (info->issuer->equals(info->issuer, cert->get_issuer(cert)))
+ {
+ key = cert->get_public_key(cert);
+ if (key)
+ {
+ chunk = info->attributes->get_encoding(info->attributes);
+ if (key->verify(key, scheme, chunk, info->encrypted_digest))
+ {
+ this->auth = auth->clone(auth);
+ key->destroy(key);
+ break;
+ }
+ key->destroy(key);
+ }
+ }
+ }
+ enumerator->destroy(enumerator);
+
+ if (!this->auth)
+ {
+ DBG1(DBG_LIB, "unable to verify pkcs7 attributes signature");
+ continue;
+ }
+
+ chunk = info->attributes->get_attribute(info->attributes,
+ OID_PKCS9_MESSAGE_DIGEST);
+ if (!chunk.len)
+ {
+ DBG1(DBG_LIB, "messageDigest attribute not found");
+ continue;
+ }
+ if (!this->this->content->get_data(this->this->content, &content))
+ {
+ continue;
+ }
+
+ algorithm = hasher_algorithm_from_oid(info->digest_alg);
+ hasher = lib->crypto->create_hasher(lib->crypto, algorithm);
+ if (!hasher || !hasher->allocate_hash(hasher, content, &hash))
+ {
+ free(content.ptr);
+ DESTROY_IF(hasher);
+ DBG1(DBG_LIB, "hash algorithm %N not supported",
+ hash_algorithm_names, algorithm);
+ continue;
+ }
+ free(content.ptr);
+ hasher->destroy(hasher);
+ DBG3(DBG_LIB, "hash: %B", &hash);
+
+ valid = chunk_equals(chunk, hash);
+ free(hash.ptr);
+ if (!valid)
+ {
+ DBG1(DBG_LIB, "invalid messageDigest");
+ continue;
+ }
+ *out = this->auth;
+ this->info = info;
+ return TRUE;
+ }
+ this->info = NULL;
+ return FALSE;
+}
+
+METHOD(enumerator_t, enumerator_destroy, void,
+ signature_enumerator_t *this)
+{
+ lib->credmgr->remove_local_set(lib->credmgr, &this->this->creds->set);
+ this->inner->destroy(this->inner);
+ DESTROY_IF(this->auth);
+ free(this);
+}
+
+METHOD(container_t, create_signature_enumerator, enumerator_t*,
+ private_pkcs7_signed_data_t *this)
+{
+ signature_enumerator_t *enumerator;
+
+ INIT(enumerator,
+ .public = {
+ .enumerate = (void*)_enumerate,
+ .destroy = _enumerator_destroy,
+ },
+ .inner = this->signerinfos->create_enumerator(this->signerinfos),
+ .this = this,
+ );
+
+ lib->credmgr->add_local_set(lib->credmgr, &this->creds->set, FALSE);
+ return &enumerator->public;
+}
+
+METHOD(pkcs7_t, get_attribute, bool,
+ private_pkcs7_signed_data_t *this, int oid, enumerator_t *enumerator, chunk_t *value)
+{
+ signature_enumerator_t *e;
+ chunk_t chunk;
+
+ e = (signature_enumerator_t*)enumerator;
+ if (e->info)
+ {
+ chunk = e->info->attributes->get_attribute(e->info->attributes, oid);
+ if (chunk.len)
+ {
+ *value = chunk_clone(chunk);
+ return TRUE;
+ }
+ }
+ return FALSE;
+}
+
+METHOD(pkcs7_t, create_cert_enumerator, enumerator_t*,
+ private_pkcs7_signed_data_t *this)
+{
+ return this->creds->set.create_cert_enumerator(&this->creds->set,
+ CERT_ANY, KEY_ANY, NULL, FALSE);
+}
+
+METHOD(container_t, get_data, bool,
+ private_pkcs7_signed_data_t *this, chunk_t *data)
+{
+ if (this->content)
+ {
+ return this->content->get_data(this->content, data);
+ }
+ return FALSE;
+}
+
+METHOD(container_t, get_encoding, bool,
+ private_pkcs7_signed_data_t *this, chunk_t *data)
+{
+ *data = chunk_clone(this->encoding);
+ return TRUE;
+}
+
+METHOD(container_t, destroy, void,
+ private_pkcs7_signed_data_t *this)
+{
+ this->creds->destroy(this->creds);
+ this->signerinfos->destroy_function(this->signerinfos,
+ (void*)signerinfo_destroy);
+ DESTROY_IF(this->content);
+ free(this->encoding.ptr);
+ free(this);
+}
+
+/**
+ * Create an empty PKCS#7 signed-data container.
+ */
+static private_pkcs7_signed_data_t* create_empty()
+{
+ private_pkcs7_signed_data_t *this;
+
+ INIT(this,
+ .public = {
+ .container = {
+ .get_type = _get_type,
+ .create_signature_enumerator = _create_signature_enumerator,
+ .get_data = _get_data,
+ .get_encoding = _get_encoding,
+ .destroy = _destroy,
+ },
+ .get_attribute = _get_attribute,
+ .create_cert_enumerator = _create_cert_enumerator,
+ },
+ .creds = mem_cred_create(),
+ .signerinfos = linked_list_create(),
+ );
+
+ return this;
+}
+
+/**
+ * Parse PKCS#7 signed data
+ */
+static bool parse(private_pkcs7_signed_data_t *this, chunk_t content)
+{
+ asn1_parser_t *parser;
+ chunk_t object;
+ int objectID, version;
+ signerinfo_t *info = NULL;
+ bool success = FALSE;
+
+ parser = asn1_parser_create(signedDataObjects, content);
+ parser->set_top_level(parser, 0);
+ while (parser->iterate(parser, &objectID, &object))
+ {
+ u_int level = parser->get_level(parser);
+
+ switch (objectID)
+ {
+ case PKCS7_VERSION:
+ version = object.len ? (int)*object.ptr : 0;
+ DBG2(DBG_LIB, " v%d", version);
+ break;
+ case PKCS7_CONTENT_INFO:
+ this->content = lib->creds->create(lib->creds,
+ CRED_CONTAINER, CONTAINER_PKCS7,
+ BUILD_BLOB_ASN1_DER, object, BUILD_END);
+ break;
+ case PKCS7_CERT:
+ {
+ certificate_t *cert;
+
+ DBG2(DBG_LIB, " parsing pkcs7-wrapped certificate");
+ cert = lib->creds->create(lib->creds,
+ CRED_CERTIFICATE, CERT_X509,
+ BUILD_BLOB_ASN1_DER, object,
+ BUILD_END);
+ if (cert)
+ {
+ this->creds->add_cert(this->creds, FALSE, cert);
+ }
+ break;
+ }
+ case PKCS7_SIGNER_INFO:
+ INIT(info,
+ .digest_alg = OID_UNKNOWN,
+ .enc_alg = OID_UNKNOWN,
+ );
+ this->signerinfos->insert_last(this->signerinfos, info);
+ break;
+ case PKCS7_SIGNER_INFO_VERSION:
+ version = object.len ? (int)*object.ptr : 0;
+ DBG2(DBG_LIB, " v%d", version);
+ break;
+ case PKCS7_ISSUER:
+ info->issuer = identification_create_from_encoding(
+ ID_DER_ASN1_DN, object);
+ break;
+ case PKCS7_SERIAL_NUMBER:
+ info->serial = identification_create_from_encoding(
+ ID_KEY_ID, object);
+ break;
+ case PKCS7_AUTH_ATTRIBUTES:
+ *object.ptr = ASN1_SET;
+ info->attributes = pkcs7_attributes_create_from_chunk(
+ object, level+1);
+ *object.ptr = ASN1_CONTEXT_C_0;
+ break;
+ case PKCS7_DIGEST_ALGORITHM:
+ info->digest_alg = asn1_parse_algorithmIdentifier(object,
+ level, NULL);
+ break;
+ case PKCS7_DIGEST_ENC_ALGORITHM:
+ info->enc_alg = asn1_parse_algorithmIdentifier(object,
+ level, NULL);
+ break;
+ case PKCS7_ENCRYPTED_DIGEST:
+ info->encrypted_digest = chunk_clone(object);
+ break;
+ }
+ }
+ success = parser->success(parser);
+ parser->destroy(parser);
+
+ return success;
+}
+
+/**
+ * See header.
+ */
+pkcs7_t *pkcs7_signed_data_load(chunk_t encoding, chunk_t content)
+{
+ private_pkcs7_signed_data_t *this = create_empty();
+
+ this->encoding = chunk_clone(encoding);
+ if (!parse(this, content))
+ {
+ destroy(this);
+ return NULL;
+ }
+ return &this->public;
+}
+
+/**
+ * build a DER-encoded issuerAndSerialNumber object
+ */
+static chunk_t build_issuerAndSerialNumber(certificate_t *cert)
+{
+ identification_t *issuer = cert->get_issuer(cert);
+ chunk_t serial = chunk_empty;
+
+ if (cert->get_type(cert) == CERT_X509)
+ {
+ x509_t *x509 = (x509_t*)cert;
+ serial = x509->get_serial(x509);
+ }
+
+ return asn1_wrap(ASN1_SEQUENCE, "cm",
+ issuer->get_encoding(issuer),
+ asn1_integer("c", serial));
+}
+
+/**
+ * Generate a new PKCS#7 signed-data container
+ */
+static bool generate(private_pkcs7_signed_data_t *this, private_key_t *key,
+ certificate_t *cert, hash_algorithm_t alg,
+ pkcs7_attributes_t *pkcs9)
+{
+ chunk_t authenticatedAttributes = chunk_empty;
+ chunk_t encryptedDigest = chunk_empty;
+ chunk_t data, signerInfo, encoding = chunk_empty;
+ chunk_t messageDigest, signingTime, attributes;
+ signature_scheme_t scheme;
+ hasher_t *hasher;
+ time_t now;
+ int digest_oid;
+
+ digest_oid = hasher_algorithm_to_oid(alg);
+ scheme = signature_scheme_from_oid(digest_oid);
+
+ if (!this->content->get_data(this->content, &data))
+ {
+ return FALSE;
+ }
+
+ hasher = lib->crypto->create_hasher(lib->crypto, alg);
+ if (!hasher || !hasher->allocate_hash(hasher, data, &messageDigest))
+ {
+ DESTROY_IF(hasher);
+ DBG1(DBG_LIB, " hash algorithm %N not support",
+ hash_algorithm_names, alg);
+ free(data.ptr);
+ return FALSE;
+ }
+ hasher->destroy(hasher);
+ pkcs9->add_attribute(pkcs9,
+ OID_PKCS9_MESSAGE_DIGEST,
+ asn1_wrap(ASN1_OCTET_STRING, "m", messageDigest));
+
+ /* take the current time as signingTime */
+ now = time(NULL);
+ signingTime = asn1_from_time(&now, ASN1_UTCTIME);
+ pkcs9->add_attribute(pkcs9, OID_PKCS9_SIGNING_TIME, signingTime);
+ pkcs9->add_attribute(pkcs9, OID_PKCS9_CONTENT_TYPE,
+ asn1_build_known_oid(OID_PKCS7_DATA));
+
+ attributes = pkcs9->get_encoding(pkcs9);
+
+ if (!key->sign(key, scheme, attributes, &encryptedDigest))
+ {
+ free(data.ptr);
+ return FALSE;
+ }
+ authenticatedAttributes = chunk_clone(attributes);
+ *authenticatedAttributes.ptr = ASN1_CONTEXT_C_0;
+
+ free(data.ptr);
+ if (encryptedDigest.ptr)
+ {
+ encryptedDigest = asn1_wrap(ASN1_OCTET_STRING, "m", encryptedDigest);
+ }
+ signerInfo = asn1_wrap(ASN1_SEQUENCE, "cmmmmm",
+ ASN1_INTEGER_1,
+ build_issuerAndSerialNumber(cert),
+ asn1_algorithmIdentifier(digest_oid),
+ authenticatedAttributes,
+ asn1_algorithmIdentifier(OID_RSA_ENCRYPTION),
+ encryptedDigest);
+
+ if (!cert->get_encoding(cert, CERT_ASN1_DER, &encoding))
+ {
+ free(signerInfo.ptr);
+ return FALSE;
+ }
+ if (!this->content->get_encoding(this->content, &data))
+ {
+ free(encoding.ptr);
+ free(signerInfo.ptr);
+ return FALSE;
+ }
+
+ this->encoding = asn1_wrap(ASN1_SEQUENCE, "mm",
+ asn1_build_known_oid(OID_PKCS7_SIGNED_DATA),
+ asn1_wrap(ASN1_CONTEXT_C_0, "m",
+ asn1_wrap(ASN1_SEQUENCE, "cmmmm",
+ ASN1_INTEGER_1,
+ asn1_wrap(ASN1_SET, "m", asn1_algorithmIdentifier(digest_oid)),
+ data,
+ asn1_wrap(ASN1_CONTEXT_C_0, "m", encoding),
+ asn1_wrap(ASN1_SET, "m", signerInfo))));
+
+
+ pkcs9->destroy(pkcs9);
+ /* TODO: create signerInfos entry */
+ return TRUE;
+}
+
+/**
+ * See header.
+ */
+pkcs7_t *pkcs7_signed_data_gen(container_type_t type, va_list args)
+{
+ private_pkcs7_signed_data_t *this;
+ chunk_t blob = chunk_empty;
+ hash_algorithm_t alg = HASH_SHA1;
+ private_key_t *key = NULL;
+ certificate_t *cert = NULL;
+ pkcs7_attributes_t *pkcs9;
+ chunk_t value;
+ int oid;
+
+ pkcs9 = pkcs7_attributes_create();
+
+ while (TRUE)
+ {
+ switch (va_arg(args, builder_part_t))
+ {
+ case BUILD_SIGNING_KEY:
+ key = va_arg(args, private_key_t*);
+ continue;
+ case BUILD_SIGNING_CERT:
+ cert = va_arg(args, certificate_t*);
+ continue;
+ case BUILD_DIGEST_ALG:
+ alg = va_arg(args, int);
+ continue;
+ case BUILD_BLOB:
+ blob = va_arg(args, chunk_t);
+ continue;
+ case BUILD_PKCS7_ATTRIBUTE:
+ oid = va_arg(args, int);
+ value = va_arg(args, chunk_t);
+ pkcs9->add_attribute(pkcs9, oid, chunk_clone(value));
+ continue;
+ case BUILD_END:
+ break;
+ default:
+ pkcs9->destroy(pkcs9);
+ return NULL;
+ }
+ break;
+ }
+ if (blob.len && key && cert)
+ {
+ this = create_empty();
+
+ this->creds->add_cert(this->creds, FALSE, cert->get_ref(cert));
+ this->content = lib->creds->create(lib->creds,
+ CRED_CONTAINER, CONTAINER_PKCS7_DATA,
+ BUILD_BLOB, blob, BUILD_END);
+
+ if (this->content && generate(this, key, cert, alg, pkcs9))
+ {
+ return &this->public;
+ }
+ pkcs9->destroy(pkcs9);
+ destroy(this);
+ }
+ else
+ {
+ pkcs9->destroy(pkcs9);
+ }
+ return NULL;
+}
diff --git a/src/libstrongswan/plugins/pkcs7/pkcs7_signed_data.h b/src/libstrongswan/plugins/pkcs7/pkcs7_signed_data.h
new file mode 100644
index 000000000..5de672117
--- /dev/null
+++ b/src/libstrongswan/plugins/pkcs7/pkcs7_signed_data.h
@@ -0,0 +1,44 @@
+/*
+ * Copyright (C) 2012 Martin Willi
+ * Copyright (C) 2012 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup pkcs7_signed_data pkcs7_signed_data
+ * @{ @ingroup pkcs7p
+ */
+
+#ifndef PKCS7_SIGNED_DATA_H_
+#define PKCS7_SIGNED_DATA_H_
+
+#include <credentials/builder.h>
+#include <credentials/containers/pkcs7.h>
+
+/**
+ * Parse a PKCS#7 signed-data container.
+ *
+ * @param encoding full contentInfo encoding
+ * @param content DER encoded content from contentInfo
+ * @return CONTAINER_PKCS7_SIGNED_DATA container, NULL on failure
+ */
+pkcs7_t *pkcs7_signed_data_load(chunk_t encoding, chunk_t content);
+
+/**
+ * Generate a PKCS#7 signed-data container.
+ *
+ * @param type container type, must be CONTAINER_PKCS7_SIGNED_DATA
+ * @param args builder_t arguments to use.
+ */
+pkcs7_t *pkcs7_signed_data_gen(container_type_t type, va_list args);
+
+#endif /** PKCS7_SIGNED_DATA_H_ @}*/
diff --git a/src/libstrongswan/plugins/pkcs8/Makefile.in b/src/libstrongswan/plugins/pkcs8/Makefile.in
index 60d7ae643..45a1e16e8 100644
--- a/src/libstrongswan/plugins/pkcs8/Makefile.in
+++ b/src/libstrongswan/plugins/pkcs8/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11.1 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -73,6 +73,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
am__installdirs = "$(DESTDIR)$(plugindir)"
LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_pkcs8_la_LIBADD =
@@ -121,6 +127,7 @@ CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DLLIB = @DLLIB@
+DLLTOOL = @DLLTOOL@
DSYMUTIL = @DSYMUTIL@
DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
@@ -148,6 +155,7 @@ LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
MYSQLCFLAG = @MYSQLCFLAG@
MYSQLCONFIG = @MYSQLCONFIG@
@@ -175,6 +183,7 @@ RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
RUBYINCLUDE = @RUBYINCLUDE@
+RUBYLIB = @RUBYLIB@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
@@ -187,6 +196,7 @@ abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
@@ -240,7 +250,6 @@ libexecdir = @libexecdir@
linux_headers = @linux_headers@
localedir = @localedir@
localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
maemo_CFLAGS = @maemo_CFLAGS@
maemo_LIBS = @maemo_LIBS@
manager_plugins = @manager_plugins@
@@ -370,7 +379,7 @@ clean-pluginLTLIBRARIES:
echo "rm -f \"$${dir}/so_locations\""; \
rm -f "$${dir}/so_locations"; \
done
-libstrongswan-pkcs8.la: $(libstrongswan_pkcs8_la_OBJECTS) $(libstrongswan_pkcs8_la_DEPENDENCIES)
+libstrongswan-pkcs8.la: $(libstrongswan_pkcs8_la_OBJECTS) $(libstrongswan_pkcs8_la_DEPENDENCIES) $(EXTRA_libstrongswan_pkcs8_la_DEPENDENCIES)
$(libstrongswan_pkcs8_la_LINK) $(am_libstrongswan_pkcs8_la_rpath) $(libstrongswan_pkcs8_la_OBJECTS) $(libstrongswan_pkcs8_la_LIBADD) $(LIBS)
mostlyclean-compile:
@@ -508,10 +517,15 @@ install-am: all-am
installcheck: installcheck-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
- install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
- `test -z '$(STRIP)' || \
- echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
mostlyclean-generic:
clean-generic:
diff --git a/src/libstrongswan/plugins/pkcs8/pkcs8_builder.c b/src/libstrongswan/plugins/pkcs8/pkcs8_builder.c
index a501423b1..26a3620d7 100644
--- a/src/libstrongswan/plugins/pkcs8/pkcs8_builder.c
+++ b/src/libstrongswan/plugins/pkcs8/pkcs8_builder.c
@@ -15,7 +15,7 @@
#include "pkcs8_builder.h"
-#include <debug.h>
+#include <utils/debug.h>
#include <asn1/oid.h>
#include <asn1/asn1.h>
#include <asn1/asn1_parser.h>
diff --git a/src/libstrongswan/plugins/plugin_feature.c b/src/libstrongswan/plugins/plugin_feature.c
index 6e043878c..6c954f76d 100644
--- a/src/libstrongswan/plugins/plugin_feature.c
+++ b/src/libstrongswan/plugins/plugin_feature.c
@@ -21,7 +21,7 @@
#include "plugin_feature.h"
-#include <debug.h>
+#include <utils/debug.h>
ENUM(plugin_feature_names, FEATURE_NONE, FEATURE_CUSTOM,
"NONE",
@@ -42,6 +42,8 @@ ENUM(plugin_feature_names, FEATURE_NONE, FEATURE_CUSTOM,
"PUBKEY_ENCRYPT",
"CERT_DECODE",
"CERT_ENCODE",
+ "CONTAINER_DECODE",
+ "CONTAINER_ENCODE",
"EAP_SERVER",
"EAP_CLIENT",
"XAUTH_SERVER",
@@ -83,6 +85,8 @@ u_int32_t plugin_feature_hash(plugin_feature_t *feature)
case FEATURE_PUBKEY_ENCRYPT:
case FEATURE_CERT_DECODE:
case FEATURE_CERT_ENCODE:
+ case FEATURE_CONTAINER_DECODE:
+ case FEATURE_CONTAINER_ENCODE:
case FEATURE_EAP_SERVER:
case FEATURE_EAP_PEER:
data = chunk_from_thing(feature->arg);
@@ -143,6 +147,9 @@ bool plugin_feature_matches(plugin_feature_t *a, plugin_feature_t *b)
case FEATURE_CERT_DECODE:
case FEATURE_CERT_ENCODE:
return a->arg.cert == b->arg.cert;
+ case FEATURE_CONTAINER_DECODE:
+ case FEATURE_CONTAINER_ENCODE:
+ return a->arg.container == b->arg.container;
case FEATURE_EAP_SERVER:
case FEATURE_EAP_PEER:
return a->arg.eap == b->arg.eap;
@@ -267,6 +274,14 @@ char* plugin_feature_get_string(plugin_feature_t *feature)
return str;
}
break;
+ case FEATURE_CONTAINER_DECODE:
+ case FEATURE_CONTAINER_ENCODE:
+ if (asprintf(&str, "%N:%N", plugin_feature_names, feature->type,
+ container_type_names, feature->arg.container) > 0)
+ {
+ return str;
+ }
+ break;
case FEATURE_EAP_SERVER:
case FEATURE_EAP_PEER:
if (asprintf(&str, "%N:%N", plugin_feature_names, feature->type,
@@ -385,6 +400,12 @@ bool plugin_feature_load(plugin_t *plugin, plugin_feature_t *feature,
feature->arg.cert, reg->arg.reg.final,
reg->arg.reg.f);
break;
+ case FEATURE_CONTAINER_DECODE:
+ case FEATURE_CONTAINER_ENCODE:
+ lib->creds->add_builder(lib->creds, CRED_CONTAINER,
+ feature->arg.container, reg->arg.reg.final,
+ reg->arg.reg.f);
+ break;
case FEATURE_DATABASE:
lib->db->add_database(lib->db, reg->arg.reg.f);
break;
@@ -454,6 +475,10 @@ bool plugin_feature_unload(plugin_t *plugin, plugin_feature_t *feature,
case FEATURE_CERT_ENCODE:
lib->creds->remove_builder(lib->creds, reg->arg.reg.f);
break;
+ case FEATURE_CONTAINER_DECODE:
+ case FEATURE_CONTAINER_ENCODE:
+ lib->creds->remove_builder(lib->creds, reg->arg.reg.f);
+ break;
case FEATURE_DATABASE:
lib->db->remove_database(lib->db, reg->arg.reg.f);
break;
diff --git a/src/libstrongswan/plugins/plugin_feature.h b/src/libstrongswan/plugins/plugin_feature.h
index 90f8a948a..7667fff3e 100644
--- a/src/libstrongswan/plugins/plugin_feature.h
+++ b/src/libstrongswan/plugins/plugin_feature.h
@@ -29,6 +29,7 @@ typedef struct plugin_feature_t plugin_feature_t;
#include <library.h>
#include <eap/eap.h>
#include <plugins/plugin.h>
+#include <credentials/containers/container.h>
/**
* Callback function of a plugin to (un-)register a specified feature.
@@ -133,6 +134,10 @@ struct plugin_feature_t {
FEATURE_CERT_DECODE,
/** generating certificates */
FEATURE_CERT_ENCODE,
+ /** parsing containers */
+ FEATURE_CONTAINER_DECODE,
+ /** generating containers */
+ FEATURE_CONTAINER_ENCODE,
/** EAP server implementation */
FEATURE_EAP_SERVER,
/** EAP peer implementation */
@@ -186,6 +191,8 @@ struct plugin_feature_t {
encryption_scheme_t pubkey_encrypt;
/** FEATURE_CERT_DECODE/ENCODE */
certificate_type_t cert;
+ /** FEATURE_CONTAINER_DECODE/ENCODE */
+ container_type_t container;
/** FEATURE_EAP_SERVER/CLIENT */
eap_type_t eap;
/** FEATURE_DATABASE */
@@ -281,6 +288,8 @@ struct plugin_feature_t {
#define _PLUGIN_FEATURE_PUBKEY_ENCRYPT(kind, scheme) __PLUGIN_FEATURE(kind, PUBKEY_ENCRYPT, .pubkey_encrypt = scheme)
#define _PLUGIN_FEATURE_CERT_DECODE(kind, type) __PLUGIN_FEATURE(kind, CERT_DECODE, .cert = type)
#define _PLUGIN_FEATURE_CERT_ENCODE(kind, type) __PLUGIN_FEATURE(kind, CERT_ENCODE, .cert = type)
+#define _PLUGIN_FEATURE_CONTAINER_DECODE(kind, type) __PLUGIN_FEATURE(kind, CONTAINER_DECODE, .container = type)
+#define _PLUGIN_FEATURE_CONTAINER_ENCODE(kind, type) __PLUGIN_FEATURE(kind, CONTAINER_ENCODE, .container = type)
#define _PLUGIN_FEATURE_EAP_SERVER(kind, type) __PLUGIN_FEATURE(kind, EAP_SERVER, .eap = type)
#define _PLUGIN_FEATURE_EAP_PEER(kind, type) __PLUGIN_FEATURE(kind, EAP_PEER, .eap = type)
#define _PLUGIN_FEATURE_DATABASE(kind, type) __PLUGIN_FEATURE(kind, DATABASE, .database = type)
@@ -304,6 +313,8 @@ struct plugin_feature_t {
#define _PLUGIN_FEATURE_REGISTER_PUBKEY(type, f, final) __PLUGIN_FEATURE_REGISTER_BUILDER(type, f, final)
#define _PLUGIN_FEATURE_REGISTER_CERT_DECODE(type, f, final)__PLUGIN_FEATURE_REGISTER_BUILDER(type, f, final)
#define _PLUGIN_FEATURE_REGISTER_CERT_ENCODE(type, f, final)__PLUGIN_FEATURE_REGISTER_BUILDER(type, f, final)
+#define _PLUGIN_FEATURE_REGISTER_CONTAINER_DECODE(type, f, final)__PLUGIN_FEATURE_REGISTER_BUILDER(type, f, final)
+#define _PLUGIN_FEATURE_REGISTER_CONTAINER_ENCODE(type, f, final)__PLUGIN_FEATURE_REGISTER_BUILDER(type, f, final)
#define _PLUGIN_FEATURE_REGISTER_DATABASE(type, f) __PLUGIN_FEATURE_REGISTER(type, f)
#define _PLUGIN_FEATURE_REGISTER_FETCHER(type, f) __PLUGIN_FEATURE_REGISTER(type, f)
diff --git a/src/libstrongswan/plugins/plugin_loader.c b/src/libstrongswan/plugins/plugin_loader.c
index 95a0bfc02..cea219e92 100644
--- a/src/libstrongswan/plugins/plugin_loader.c
+++ b/src/libstrongswan/plugins/plugin_loader.c
@@ -22,12 +22,12 @@
#include <limits.h>
#include <stdio.h>
-#include <debug.h>
+#include <utils/debug.h>
#include <library.h>
-#include <integrity_checker.h>
-#include <utils/hashtable.h>
-#include <utils/linked_list.h>
+#include <collections/hashtable.h>
+#include <collections/linked_list.h>
#include <plugins/plugin.h>
+#include <utils/integrity_checker.h>
typedef struct private_plugin_loader_t private_plugin_loader_t;
typedef struct plugin_entry_t plugin_entry_t;
diff --git a/src/libstrongswan/plugins/plugin_loader.h b/src/libstrongswan/plugins/plugin_loader.h
index 94181dbb6..6a8f8f6a1 100644
--- a/src/libstrongswan/plugins/plugin_loader.h
+++ b/src/libstrongswan/plugins/plugin_loader.h
@@ -24,7 +24,7 @@
typedef struct plugin_loader_t plugin_loader_t;
-#include <utils/enumerator.h>
+#include <collections/enumerator.h>
/* to avoid circular references we can't include plugin_feature.h */
struct plugin_feature_t;
diff --git a/src/libstrongswan/plugins/pubkey/Makefile.in b/src/libstrongswan/plugins/pubkey/Makefile.in
index 6680873c2..165314993 100644
--- a/src/libstrongswan/plugins/pubkey/Makefile.in
+++ b/src/libstrongswan/plugins/pubkey/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11.1 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -73,6 +73,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
am__installdirs = "$(DESTDIR)$(plugindir)"
LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_pubkey_la_LIBADD =
@@ -122,6 +128,7 @@ CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DLLIB = @DLLIB@
+DLLTOOL = @DLLTOOL@
DSYMUTIL = @DSYMUTIL@
DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
@@ -149,6 +156,7 @@ LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
MYSQLCFLAG = @MYSQLCFLAG@
MYSQLCONFIG = @MYSQLCONFIG@
@@ -176,6 +184,7 @@ RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
RUBYINCLUDE = @RUBYINCLUDE@
+RUBYLIB = @RUBYLIB@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
@@ -188,6 +197,7 @@ abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
@@ -241,7 +251,6 @@ libexecdir = @libexecdir@
linux_headers = @linux_headers@
localedir = @localedir@
localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
maemo_CFLAGS = @maemo_CFLAGS@
maemo_LIBS = @maemo_LIBS@
manager_plugins = @manager_plugins@
@@ -371,7 +380,7 @@ clean-pluginLTLIBRARIES:
echo "rm -f \"$${dir}/so_locations\""; \
rm -f "$${dir}/so_locations"; \
done
-libstrongswan-pubkey.la: $(libstrongswan_pubkey_la_OBJECTS) $(libstrongswan_pubkey_la_DEPENDENCIES)
+libstrongswan-pubkey.la: $(libstrongswan_pubkey_la_OBJECTS) $(libstrongswan_pubkey_la_DEPENDENCIES) $(EXTRA_libstrongswan_pubkey_la_DEPENDENCIES)
$(libstrongswan_pubkey_la_LINK) $(am_libstrongswan_pubkey_la_rpath) $(libstrongswan_pubkey_la_OBJECTS) $(libstrongswan_pubkey_la_LIBADD) $(LIBS)
mostlyclean-compile:
@@ -509,10 +518,15 @@ install-am: all-am
installcheck: installcheck-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
- install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
- `test -z '$(STRIP)' || \
- echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
mostlyclean-generic:
clean-generic:
diff --git a/src/libstrongswan/plugins/pubkey/pubkey_cert.c b/src/libstrongswan/plugins/pubkey/pubkey_cert.c
index 0304ccb36..95f53f919 100644
--- a/src/libstrongswan/plugins/pubkey/pubkey_cert.c
+++ b/src/libstrongswan/plugins/pubkey/pubkey_cert.c
@@ -17,7 +17,7 @@
#include <time.h>
-#include <debug.h>
+#include <utils/debug.h>
typedef struct private_pubkey_cert_t private_pubkey_cert_t;
diff --git a/src/libstrongswan/plugins/random/Makefile.in b/src/libstrongswan/plugins/random/Makefile.in
index a393e8049..07e5dba40 100644
--- a/src/libstrongswan/plugins/random/Makefile.in
+++ b/src/libstrongswan/plugins/random/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11.1 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -73,6 +73,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
am__installdirs = "$(DESTDIR)$(plugindir)"
LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_random_la_LIBADD =
@@ -122,6 +128,7 @@ CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DLLIB = @DLLIB@
+DLLTOOL = @DLLTOOL@
DSYMUTIL = @DSYMUTIL@
DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
@@ -149,6 +156,7 @@ LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
MYSQLCFLAG = @MYSQLCFLAG@
MYSQLCONFIG = @MYSQLCONFIG@
@@ -176,6 +184,7 @@ RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
RUBYINCLUDE = @RUBYINCLUDE@
+RUBYLIB = @RUBYLIB@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
@@ -188,6 +197,7 @@ abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
@@ -241,7 +251,6 @@ libexecdir = @libexecdir@
linux_headers = @linux_headers@
localedir = @localedir@
localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
maemo_CFLAGS = @maemo_CFLAGS@
maemo_LIBS = @maemo_LIBS@
manager_plugins = @manager_plugins@
@@ -374,7 +383,7 @@ clean-pluginLTLIBRARIES:
echo "rm -f \"$${dir}/so_locations\""; \
rm -f "$${dir}/so_locations"; \
done
-libstrongswan-random.la: $(libstrongswan_random_la_OBJECTS) $(libstrongswan_random_la_DEPENDENCIES)
+libstrongswan-random.la: $(libstrongswan_random_la_OBJECTS) $(libstrongswan_random_la_DEPENDENCIES) $(EXTRA_libstrongswan_random_la_DEPENDENCIES)
$(libstrongswan_random_la_LINK) $(am_libstrongswan_random_la_rpath) $(libstrongswan_random_la_OBJECTS) $(libstrongswan_random_la_LIBADD) $(LIBS)
mostlyclean-compile:
@@ -512,10 +521,15 @@ install-am: all-am
installcheck: installcheck-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
- install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
- `test -z '$(STRIP)' || \
- echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
mostlyclean-generic:
clean-generic:
diff --git a/src/libstrongswan/plugins/random/random_plugin.c b/src/libstrongswan/plugins/random/random_plugin.c
index cef20047a..24c711a69 100644
--- a/src/libstrongswan/plugins/random/random_plugin.c
+++ b/src/libstrongswan/plugins/random/random_plugin.c
@@ -22,7 +22,7 @@
#include <errno.h>
#include <library.h>
-#include <debug.h>
+#include <utils/debug.h>
#include "random_rng.h"
#ifndef DEV_RANDOM
diff --git a/src/libstrongswan/plugins/random/random_rng.c b/src/libstrongswan/plugins/random/random_rng.c
index 52cfc080e..568844899 100644
--- a/src/libstrongswan/plugins/random/random_rng.c
+++ b/src/libstrongswan/plugins/random/random_rng.c
@@ -17,7 +17,7 @@
#include <string.h>
#include <unistd.h>
#include <errno.h>
-#include <debug.h>
+#include <utils/debug.h>
#include "random_rng.h"
#include "random_plugin.h"
diff --git a/src/libstrongswan/plugins/rdrand/Makefile.am b/src/libstrongswan/plugins/rdrand/Makefile.am
new file mode 100644
index 000000000..4be7b7215
--- /dev/null
+++ b/src/libstrongswan/plugins/rdrand/Makefile.am
@@ -0,0 +1,16 @@
+
+INCLUDES = -I$(top_srcdir)/src/libstrongswan
+
+AM_CFLAGS = -rdynamic
+
+if MONOLITHIC
+noinst_LTLIBRARIES = libstrongswan-rdrand.la
+else
+plugin_LTLIBRARIES = libstrongswan-rdrand.la
+endif
+
+libstrongswan_rdrand_la_SOURCES = \
+ rdrand_plugin.h rdrand_plugin.c \
+ rdrand_rng.h rdrand_rng.c
+
+libstrongswan_rdrand_la_LDFLAGS = -module -avoid-version
diff --git a/src/libstrongswan/plugins/rdrand/Makefile.in b/src/libstrongswan/plugins/rdrand/Makefile.in
new file mode 100644
index 000000000..9da0ae0c2
--- /dev/null
+++ b/src/libstrongswan/plugins/rdrand/Makefile.in
@@ -0,0 +1,632 @@
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+subdir = src/libstrongswan/plugins/rdrand
+DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
+ $(top_srcdir)/m4/config/ltoptions.m4 \
+ $(top_srcdir)/m4/config/ltsugar.m4 \
+ $(top_srcdir)/m4/config/ltversion.m4 \
+ $(top_srcdir)/m4/config/lt~obsolete.m4 \
+ $(top_srcdir)/m4/macros/with.m4 \
+ $(top_srcdir)/m4/macros/enable-disable.m4 \
+ $(top_srcdir)/m4/macros/add-plugin.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+CONFIG_CLEAN_VPATH_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`;
+am__install_max = 40
+am__nobase_strip_setup = \
+ srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'`
+am__nobase_strip = \
+ for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||"
+am__nobase_list = $(am__nobase_strip_setup); \
+ for p in $$list; do echo "$$p $$p"; done | \
+ sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \
+ $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \
+ if (++n[$$2] == $(am__install_max)) \
+ { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \
+ END { for (dir in files) print dir, files[dir] }'
+am__base_list = \
+ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
+ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
+am__installdirs = "$(DESTDIR)$(plugindir)"
+LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
+libstrongswan_rdrand_la_LIBADD =
+am_libstrongswan_rdrand_la_OBJECTS = rdrand_plugin.lo rdrand_rng.lo
+libstrongswan_rdrand_la_OBJECTS = \
+ $(am_libstrongswan_rdrand_la_OBJECTS)
+libstrongswan_rdrand_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
+ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+ $(libstrongswan_rdrand_la_LDFLAGS) $(LDFLAGS) -o $@
+@MONOLITHIC_FALSE@am_libstrongswan_rdrand_la_rpath = -rpath \
+@MONOLITHIC_FALSE@ $(plugindir)
+@MONOLITHIC_TRUE@am_libstrongswan_rdrand_la_rpath =
+DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+am__mv = mv -f
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+SOURCES = $(libstrongswan_rdrand_la_SOURCES)
+DIST_SOURCES = $(libstrongswan_rdrand_la_SOURCES)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+ALLOCA = @ALLOCA@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BFDLIB = @BFDLIB@
+BTLIB = @BTLIB@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DLLIB = @DLLIB@
+DLLTOOL = @DLLTOOL@
+DSYMUTIL = @DSYMUTIL@
+DUMPBIN = @DUMPBIN@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+FGREP = @FGREP@
+GPERF = @GPERF@
+GREP = @GREP@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+LD = @LD@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBOBJS = @LIBOBJS@
+LIBS = @LIBS@
+LIBTOOL = @LIBTOOL@
+LIPO = @LIPO@
+LN_S = @LN_S@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
+MKDIR_P = @MKDIR_P@
+MYSQLCFLAG = @MYSQLCFLAG@
+MYSQLCONFIG = @MYSQLCONFIG@
+MYSQLLIB = @MYSQLLIB@
+NM = @NM@
+NMEDIT = @NMEDIT@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PERL = @PERL@
+PKG_CONFIG = @PKG_CONFIG@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
+PTHREADLIB = @PTHREADLIB@
+RANLIB = @RANLIB@
+RTLIB = @RTLIB@
+RUBY = @RUBY@
+RUBYINCLUDE = @RUBYINCLUDE@
+RUBYLIB = @RUBYLIB@
+SED = @SED@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+SOCKLIB = @SOCKLIB@
+STRIP = @STRIP@
+VERSION = @VERSION@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+attest_plugins = @attest_plugins@
+axis2c_CFLAGS = @axis2c_CFLAGS@
+axis2c_LIBS = @axis2c_LIBS@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+c_plugins = @c_plugins@
+charon_natt_port = @charon_natt_port@
+charon_plugins = @charon_plugins@
+charon_udp_port = @charon_udp_port@
+clearsilver_LIBS = @clearsilver_LIBS@
+datadir = @datadir@
+datarootdir = @datarootdir@
+dbusservicedir = @dbusservicedir@
+dev_headers = @dev_headers@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+gtk_CFLAGS = @gtk_CFLAGS@
+gtk_LIBS = @gtk_LIBS@
+h_plugins = @h_plugins@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+imcvdir = @imcvdir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+ipsec_script = @ipsec_script@
+ipsec_script_upper = @ipsec_script_upper@
+ipsecdir = @ipsecdir@
+ipsecgroup = @ipsecgroup@
+ipseclibdir = @ipseclibdir@
+ipsecuser = @ipsecuser@
+libdir = @libdir@
+libexecdir = @libexecdir@
+linux_headers = @linux_headers@
+localedir = @localedir@
+localstatedir = @localstatedir@
+maemo_CFLAGS = @maemo_CFLAGS@
+maemo_LIBS = @maemo_LIBS@
+manager_plugins = @manager_plugins@
+mandir = @mandir@
+medsrv_plugins = @medsrv_plugins@
+mkdir_p = @mkdir_p@
+nm_CFLAGS = @nm_CFLAGS@
+nm_LIBS = @nm_LIBS@
+nm_ca_dir = @nm_ca_dir@
+nm_plugins = @nm_plugins@
+oldincludedir = @oldincludedir@
+openac_plugins = @openac_plugins@
+p_plugins = @p_plugins@
+pcsclite_CFLAGS = @pcsclite_CFLAGS@
+pcsclite_LIBS = @pcsclite_LIBS@
+pdfdir = @pdfdir@
+piddir = @piddir@
+pki_plugins = @pki_plugins@
+plugindir = @plugindir@
+pool_plugins = @pool_plugins@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+random_device = @random_device@
+resolv_conf = @resolv_conf@
+routing_table = @routing_table@
+routing_table_prio = @routing_table_prio@
+s_plugins = @s_plugins@
+sbindir = @sbindir@
+scepclient_plugins = @scepclient_plugins@
+scripts_plugins = @scripts_plugins@
+sharedstatedir = @sharedstatedir@
+soup_CFLAGS = @soup_CFLAGS@
+soup_LIBS = @soup_LIBS@
+srcdir = @srcdir@
+starter_plugins = @starter_plugins@
+strongswan_conf = @strongswan_conf@
+sysconfdir = @sysconfdir@
+systemdsystemunitdir = @systemdsystemunitdir@
+target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+urandom_device = @urandom_device@
+xml_CFLAGS = @xml_CFLAGS@
+xml_LIBS = @xml_LIBS@
+INCLUDES = -I$(top_srcdir)/src/libstrongswan
+AM_CFLAGS = -rdynamic
+@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-rdrand.la
+@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-rdrand.la
+libstrongswan_rdrand_la_SOURCES = \
+ rdrand_plugin.h rdrand_plugin.c \
+ rdrand_rng.h rdrand_rng.c
+
+libstrongswan_rdrand_la_LDFLAGS = -module -avoid-version
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+ && { if test -f $@; then exit 0; else break; fi; }; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/rdrand/Makefile'; \
+ $(am__cd) $(top_srcdir) && \
+ $(AUTOMAKE) --gnu src/libstrongswan/plugins/rdrand/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):
+
+clean-noinstLTLIBRARIES:
+ -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES)
+ @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)"
+ @list='$(plugin_LTLIBRARIES)'; test -n "$(plugindir)" || list=; \
+ list2=; for p in $$list; do \
+ if test -f $$p; then \
+ list2="$$list2 $$p"; \
+ else :; fi; \
+ done; \
+ test -z "$$list2" || { \
+ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(plugindir)'"; \
+ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(plugindir)"; \
+ }
+
+uninstall-pluginLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(plugin_LTLIBRARIES)'; test -n "$(plugindir)" || list=; \
+ for p in $$list; do \
+ $(am__strip_dir) \
+ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(plugindir)/$$f'"; \
+ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(plugindir)/$$f"; \
+ done
+
+clean-pluginLTLIBRARIES:
+ -test -z "$(plugin_LTLIBRARIES)" || rm -f $(plugin_LTLIBRARIES)
+ @list='$(plugin_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+libstrongswan-rdrand.la: $(libstrongswan_rdrand_la_OBJECTS) $(libstrongswan_rdrand_la_DEPENDENCIES) $(EXTRA_libstrongswan_rdrand_la_DEPENDENCIES)
+ $(libstrongswan_rdrand_la_LINK) $(am_libstrongswan_rdrand_la_rpath) $(libstrongswan_rdrand_la_OBJECTS) $(libstrongswan_rdrand_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/rdrand_plugin.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/rdrand_rng.Plo@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
+ END { if (nonempty) { for (i in files) print i; }; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ set x; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
+ END { if (nonempty) { for (i in files) print i; }; }'`; \
+ shift; \
+ if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ if test $$# -gt 0; then \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ "$$@" $$unique; \
+ else \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$unique; \
+ fi; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
+ END { if (nonempty) { for (i in files) print i; }; }'`; \
+ test -z "$(CTAGS_ARGS)$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && $(am__cd) $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) "$$here"
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d "$(distdir)/$$file"; then \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+ else \
+ test -f "$(distdir)/$$file" \
+ || cp -p $$d/$$file "$(distdir)/$$file" \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+check: check-am
+all-am: Makefile $(LTLIBRARIES)
+installdirs:
+ for dir in "$(DESTDIR)$(plugindir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+ -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \
+ clean-pluginLTLIBRARIES mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+html-am:
+
+info: info-am
+
+info-am:
+
+install-data-am: install-pluginLTLIBRARIES
+
+install-dvi: install-dvi-am
+
+install-dvi-am:
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-html-am:
+
+install-info: install-info-am
+
+install-info-am:
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-pdf-am:
+
+install-ps: install-ps-am
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-pluginLTLIBRARIES
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
+ clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \
+ ctags distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-pdf install-pdf-am \
+ install-pluginLTLIBRARIES install-ps install-ps-am \
+ install-strip installcheck installcheck-am installdirs \
+ maintainer-clean maintainer-clean-generic mostlyclean \
+ mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
+ pdf pdf-am ps ps-am tags uninstall uninstall-am \
+ uninstall-pluginLTLIBRARIES
+
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/src/libstrongswan/plugins/rdrand/rdrand_plugin.c b/src/libstrongswan/plugins/rdrand/rdrand_plugin.c
new file mode 100644
index 000000000..4bdfc258e
--- /dev/null
+++ b/src/libstrongswan/plugins/rdrand/rdrand_plugin.c
@@ -0,0 +1,137 @@
+/*
+ * Copyright (C) 2012 Martin Willi
+ * Copyright (C) 2012 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "rdrand_plugin.h"
+#include "rdrand_rng.h"
+
+#include <stdio.h>
+
+#include <library.h>
+#include <utils/debug.h>
+
+typedef struct private_rdrand_plugin_t private_rdrand_plugin_t;
+typedef enum cpuid_feature_t cpuid_feature_t;
+
+/**
+ * private data of rdrand_plugin
+ */
+struct private_rdrand_plugin_t {
+
+ /**
+ * public functions
+ */
+ rdrand_plugin_t public;
+};
+
+/**
+ * CPU feature flags, returned via cpuid(1)
+ */
+enum cpuid_feature_t {
+ CPUID_RDRAND = (1<<30),
+};
+
+/**
+ * Get cpuid for info, return eax, ebx, ecx and edx.
+ * -fPIC requires to save ebx on IA-32.
+ */
+static void cpuid(u_int op, u_int *a, u_int *b, u_int *c, u_int *d)
+{
+#ifdef __x86_64__
+ asm("cpuid" : "=a" (*a), "=b" (*b), "=c" (*c), "=d" (*d) : "a" (op));
+#else /* __i386__ */
+ asm("pushl %%ebx;"
+ "cpuid;"
+ "movl %%ebx, %1;"
+ "popl %%ebx;"
+ : "=a" (*a), "=r" (*b), "=c" (*c), "=d" (*d) : "a" (op));
+#endif /* __x86_64__ / __i386__*/
+}
+
+/**
+ * Check if we have RDRAND instruction
+ */
+static bool have_rdrand()
+{
+ char vendor[3 * sizeof(u_int32_t) + 1];
+ u_int a, b, c, d;
+
+ cpuid(0, &a, &b, &c, &d);
+ /* VendorID string is in b-d-c (yes, in this order) */
+ snprintf(vendor, sizeof(vendor), "%.4s%.4s%.4s", &b, &d, &c);
+
+ /* check if we have an Intel CPU */
+ if (streq(vendor, "GenuineIntel"))
+ {
+ cpuid(1, &a, &b, &c, &d);
+ if (c & CPUID_RDRAND)
+ {
+ DBG1(DBG_LIB, "detected RDRAND support on %s CPU", vendor);
+ return TRUE;
+ }
+ }
+ DBG1(DBG_LIB, "no RDRAND support on %s CPU, disabled", vendor);
+ return FALSE;
+}
+
+METHOD(plugin_t, get_name, char*,
+ private_rdrand_plugin_t *this)
+{
+ return "rdrand";
+}
+
+METHOD(plugin_t, get_features, int,
+ private_rdrand_plugin_t *this, plugin_feature_t *features[])
+{
+ static plugin_feature_t f[] = {
+ PLUGIN_REGISTER(RNG, rdrand_rng_create),
+ PLUGIN_PROVIDE(RNG, RNG_WEAK),
+ PLUGIN_PROVIDE(RNG, RNG_STRONG),
+ PLUGIN_PROVIDE(RNG, RNG_TRUE),
+ PLUGIN_DEPENDS(CRYPTER, ENCR_AES_CBC, 16),
+ };
+ *features = f;
+ return countof(f);
+}
+
+METHOD(plugin_t, destroy, void,
+ private_rdrand_plugin_t *this)
+{
+ free(this);
+}
+
+/*
+ * see header file
+ */
+plugin_t *rdrand_plugin_create()
+{
+ private_rdrand_plugin_t *this;
+
+ INIT(this,
+ .public = {
+ .plugin = {
+ .get_name = _get_name,
+ .reload = (void*)return_false,
+ .destroy = _destroy,
+ },
+ },
+ );
+
+ if (have_rdrand())
+ {
+ this->public.plugin.get_features = _get_features;
+ }
+
+ return &this->public.plugin;
+}
diff --git a/src/libstrongswan/plugins/rdrand/rdrand_plugin.h b/src/libstrongswan/plugins/rdrand/rdrand_plugin.h
new file mode 100644
index 000000000..6f0e55313
--- /dev/null
+++ b/src/libstrongswan/plugins/rdrand/rdrand_plugin.h
@@ -0,0 +1,42 @@
+/*
+ * Copyright (C) 2012 Martin Willi
+ * Copyright (C) 2012 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup rdrand_p rdrand
+ * @ingroup plugins
+ *
+ * @defgroup rdrand_plugin rdrand_plugin
+ * @{ @ingroup rdrand_p
+ */
+
+#ifndef RDRAND_PLUGIN_H_
+#define RDRAND_PLUGIN_H_
+
+#include <plugins/plugin.h>
+
+typedef struct rdrand_plugin_t rdrand_plugin_t;
+
+/**
+ * Plugin providing random generators based on Intels RDRAND instruction.
+ */
+struct rdrand_plugin_t {
+
+ /**
+ * implements plugin interface
+ */
+ plugin_t plugin;
+};
+
+#endif /** RDRAND_PLUGIN_H_ @}*/
diff --git a/src/libstrongswan/plugins/rdrand/rdrand_rng.c b/src/libstrongswan/plugins/rdrand/rdrand_rng.c
new file mode 100644
index 000000000..fa66f3ad7
--- /dev/null
+++ b/src/libstrongswan/plugins/rdrand/rdrand_rng.c
@@ -0,0 +1,442 @@
+/*
+ * Copyright (C) 2012 Martin Willi
+ * Copyright (C) 2012 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "rdrand_rng.h"
+
+#include <unistd.h>
+
+typedef struct private_rdrand_rng_t private_rdrand_rng_t;
+
+/**
+ * Private data of an rdrand_rng_t object.
+ */
+struct private_rdrand_rng_t {
+
+ /**
+ * Public rdrand_rng_t interface.
+ */
+ rdrand_rng_t public;
+
+ /**
+ * Quality we produce RNG data
+ */
+ rng_quality_t quality;
+};
+
+/**
+ * Retries for failed RDRAND instructions
+ */
+#define MAX_TRIES 16
+
+/**
+ * After how many bytes should we reseed for RNG_STRONG
+ * (must be a power of two >= 8)
+ */
+#define FORCE_RESEED 16
+
+/**
+ * How many times we mix reseeded RDRAND output when using RNG_TRUE
+ */
+#define MIX_ROUNDS 32
+
+/**
+ * Get a two byte word using RDRAND
+ */
+static bool rdrand16(u_int16_t *out)
+{
+ u_char res;
+ int i;
+
+ for (i = 0; i < MAX_TRIES; i++)
+ {
+ asm(".byte 0x66;.byte 0x0f;.byte 0xc7;.byte 0xf0; " /* rdrand */
+ "setc %1;"
+ : "=a"(*out), "=qm"(res));
+
+ if (res)
+ {
+ return TRUE;
+ }
+ }
+ return FALSE;
+}
+
+/**
+ * Get a four byte word using RDRAND
+ */
+static bool rdrand32(u_int32_t *out)
+{
+ u_char res;
+ int i;
+
+ for (i = 0; i < MAX_TRIES; i++)
+ {
+ asm(".byte 0x0f;.byte 0xc7;.byte 0xf0;" /* rdrand */
+ "setc %1;"
+ : "=a"(*out), "=qm"(res));
+
+ if (res)
+ {
+ return TRUE;
+ }
+ }
+ return FALSE;
+}
+
+#ifdef __x86_64__
+/**
+ * Get a eight byte word using RDRAND
+ */
+static bool rdrand64(u_int64_t *out)
+{
+ u_char res;
+ int i;
+
+ for (i = 0; i < MAX_TRIES; i++)
+ {
+ asm(".byte 0x48;.byte 0x0f;.byte 0xc7;.byte 0xf0;" /* rdrand */
+ "setc %1;"
+ : "=a"(*out), "=qm"(res));
+
+ if (res)
+ {
+ return TRUE;
+ }
+ }
+ return FALSE;
+}
+#endif /* __x86_64__ */
+
+/**
+ * Get a one byte word using RDRAND
+ */
+static bool rdrand8(u_int8_t *out)
+{
+ u_int16_t u16;
+
+ if (!rdrand16(&u16))
+ {
+ return FALSE;
+ }
+ *out = u16;
+ return TRUE;
+}
+
+/**
+ * Get a 16 byte word using RDRAND
+ */
+static bool rdrand128(void *out)
+{
+#ifdef __x86_64__
+ if (!rdrand64(out) ||
+ !rdrand64(out + sizeof(u_int64_t)))
+ {
+ return FALSE;
+ }
+#else /* __i386__ */
+ if (!rdrand32(out) ||
+ !rdrand32(out + 1 * sizeof(u_int32_t)) ||
+ !rdrand32(out + 2 * sizeof(u_int32_t)) ||
+ !rdrand32(out + 3 * sizeof(u_int32_t)))
+ {
+ return FALSE;
+ }
+#endif /* __x86_64__ / __i386__ */
+ return TRUE;
+}
+
+/**
+ * Enforce a DRNG reseed by reading 511 128-bit samples
+ */
+static bool reseed()
+{
+ int i;
+
+#ifdef __x86_64__
+ u_int64_t tmp;
+
+ for (i = 0; i < 511 * 16 / sizeof(u_int64_t); i++)
+ {
+ if (!rdrand64(&tmp))
+ {
+ return FALSE;
+ }
+ }
+#else /* __i386__ */
+ u_int32_t tmp;
+
+ for (i = 0; i < 511 * 16 / sizeof(u_int32_t); i++)
+ {
+ if (!rdrand32(&tmp))
+ {
+ return FALSE;
+ }
+ }
+#endif /* __x86_64__ / __i386__ */
+ return TRUE;
+}
+
+/**
+ * Fill a preallocated chunk of data with random bytes
+ */
+static bool rdrand_chunk(private_rdrand_rng_t *this, chunk_t chunk)
+{
+ if (this->quality == RNG_STRONG)
+ {
+ if (!reseed())
+ {
+ return FALSE;
+ }
+ }
+
+ /* align to 2 byte */
+ if (chunk.len >= sizeof(u_int8_t))
+ {
+ if ((uintptr_t)chunk.ptr % 2)
+ {
+ if (!rdrand8((u_int8_t*)chunk.ptr))
+ {
+ return FALSE;
+ }
+ chunk = chunk_skip(chunk, sizeof(u_int8_t));
+ }
+ }
+
+ /* align to 4 byte */
+ if (chunk.len >= sizeof(u_int16_t))
+ {
+ if ((uintptr_t)chunk.ptr % 4)
+ {
+ if (!rdrand16((u_int16_t*)chunk.ptr))
+ {
+ return FALSE;
+ }
+ chunk = chunk_skip(chunk, sizeof(u_int16_t));
+ }
+ }
+
+#ifdef __x86_64__
+
+ /* align to 8 byte */
+ if (chunk.len >= sizeof(u_int32_t))
+ {
+ if ((uintptr_t)chunk.ptr % 8)
+ {
+ if (!rdrand32((u_int32_t*)chunk.ptr))
+ {
+ return FALSE;
+ }
+ chunk = chunk_skip(chunk, sizeof(u_int32_t));
+ }
+ }
+
+ /* fill with 8 byte words */
+ while (chunk.len >= sizeof(u_int64_t))
+ {
+ if (this->quality == RNG_STRONG && chunk.len % FORCE_RESEED == 0)
+ {
+ if (!reseed())
+ {
+ return FALSE;
+ }
+ }
+ if (!rdrand64((u_int64_t*)chunk.ptr))
+ {
+ return FALSE;
+ }
+ chunk = chunk_skip(chunk, sizeof(u_int64_t));
+ }
+
+ /* append 4 byte word */
+ if (chunk.len >= sizeof(u_int32_t))
+ {
+ if (!rdrand32((u_int32_t*)chunk.ptr))
+ {
+ return FALSE;
+ }
+ chunk = chunk_skip(chunk, sizeof(u_int32_t));
+ }
+
+#else /* __i386__ */
+
+ /* fill with 4 byte words */
+ while (chunk.len >= sizeof(u_int32_t))
+ {
+ if (this->quality == RNG_STRONG && chunk.len % FORCE_RESEED == 0)
+ {
+ if (!reseed())
+ {
+ return FALSE;
+ }
+ }
+ if (!rdrand32((u_int32_t*)chunk.ptr))
+ {
+ return FALSE;
+ }
+ chunk = chunk_skip(chunk, sizeof(u_int32_t));
+ }
+
+#endif /* __x86_64__ / __i386__ */
+
+ if (this->quality == RNG_STRONG)
+ {
+ if (!reseed())
+ {
+ return FALSE;
+ }
+ }
+
+ /* append 2 byte word */
+ if (chunk.len >= sizeof(u_int16_t))
+ {
+ if (!rdrand16((u_int16_t*)chunk.ptr))
+ {
+ return FALSE;
+ }
+ chunk = chunk_skip(chunk, sizeof(u_int16_t));
+ }
+
+ /* append 1 byte word */
+ if (chunk.len >= sizeof(u_int8_t))
+ {
+ if (!rdrand8((u_int8_t*)chunk.ptr))
+ {
+ return FALSE;
+ }
+ chunk = chunk_skip(chunk, sizeof(u_int8_t));
+ }
+
+ return TRUE;
+}
+
+/**
+ * Stronger variant mixing reseeded results of rdrand output
+ *
+ * This is based on the Intel DRNG "Software Implementation Guide", using
+ * AES-CBC to mix several reseeded RDRAND outputs.
+ */
+static bool rdrand_mixed(private_rdrand_rng_t *this, chunk_t chunk)
+{
+ u_char block[16], forward[16], key[16], iv[16];
+ crypter_t *crypter;
+ int i, len;
+
+ memset(iv, 0, sizeof(iv));
+ crypter = lib->crypto->create_crypter(lib->crypto, ENCR_AES_CBC, 16);
+ if (!crypter)
+ {
+ return FALSE;
+ }
+ for (i = 0; i < sizeof(key); i++)
+ {
+ key[i] = i;
+ }
+ if (!crypter->set_key(crypter, chunk_from_thing(key)))
+ {
+ crypter->destroy(crypter);
+ return FALSE;
+ }
+ while (chunk.len > 0)
+ {
+ memset(forward, 0, sizeof(forward));
+ for (i = 0; i < MIX_ROUNDS; i++)
+ {
+ /* sleep to reseed PRNG */
+ usleep(10);
+ if (!rdrand128(block))
+ {
+ crypter->destroy(crypter);
+ return FALSE;
+ }
+ memxor(forward, block, sizeof(block));
+ if (!crypter->encrypt(crypter, chunk_from_thing(forward),
+ chunk_from_thing(iv), NULL))
+ {
+ crypter->destroy(crypter);
+ return FALSE;
+ }
+ }
+ len = min(chunk.len, sizeof(forward));
+ memcpy(chunk.ptr, forward, len);
+ chunk = chunk_skip(chunk, len);
+ }
+ crypter->destroy(crypter);
+
+ return TRUE;
+}
+
+METHOD(rng_t, get_bytes, bool,
+ private_rdrand_rng_t *this, size_t bytes, u_int8_t *buffer)
+{
+ switch (this->quality)
+ {
+ case RNG_WEAK:
+ case RNG_STRONG:
+ return rdrand_chunk(this, chunk_create(buffer, bytes));
+ case RNG_TRUE:
+ return rdrand_mixed(this, chunk_create(buffer, bytes));
+ default:
+ return FALSE;
+ }
+}
+
+METHOD(rng_t, allocate_bytes, bool,
+ private_rdrand_rng_t *this, size_t bytes, chunk_t *chunk)
+{
+ *chunk = chunk_alloc(bytes);
+ if (get_bytes(this, bytes, chunk->ptr))
+ {
+ return TRUE;
+ }
+ free(chunk->ptr);
+ return FALSE;
+}
+
+METHOD(rng_t, destroy, void,
+ private_rdrand_rng_t *this)
+{
+ free(this);
+}
+
+/*
+ * Described in header.
+ */
+rdrand_rng_t *rdrand_rng_create(rng_quality_t quality)
+{
+ private_rdrand_rng_t *this;
+
+ switch (quality)
+ {
+ case RNG_WEAK:
+ case RNG_STRONG:
+ case RNG_TRUE:
+ break;
+ default:
+ return NULL;
+ }
+
+ INIT(this,
+ .public = {
+ .rng = {
+ .get_bytes = _get_bytes,
+ .allocate_bytes = _allocate_bytes,
+ .destroy = _destroy,
+ },
+ },
+ .quality = quality,
+ );
+
+ return &this->public;
+}
diff --git a/src/libstrongswan/plugins/rdrand/rdrand_rng.h b/src/libstrongswan/plugins/rdrand/rdrand_rng.h
new file mode 100644
index 000000000..d15a48224
--- /dev/null
+++ b/src/libstrongswan/plugins/rdrand/rdrand_rng.h
@@ -0,0 +1,47 @@
+/*
+ * Copyright (C) 2012 Martin Willi
+ * Copyright (C) 2012 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup rdrand_rng rdrand_rng
+ * @{ @ingroup rdrand
+ */
+
+#ifndef RDRAND_RNG_H_
+#define RDRAND_RNG_H_
+
+#include <crypto/rngs/rng.h>
+
+typedef struct rdrand_rng_t rdrand_rng_t;
+
+/**
+ * RNG implemented with Intels RDRAND instructions, introduced in Ivy Bridge.
+ */
+struct rdrand_rng_t {
+
+ /**
+ * Implements rng_t interface.
+ */
+ rng_t rng;
+};
+
+/**
+ * Create a rdrand_rng instance.
+ *
+ * @param quality RNG quality
+ * @return RNG instance
+ */
+rdrand_rng_t *rdrand_rng_create(rng_quality_t quality);
+
+#endif /** RDRAND_RNG_H_ @}*/
diff --git a/src/libstrongswan/plugins/revocation/Makefile.in b/src/libstrongswan/plugins/revocation/Makefile.in
index e2cbbbbe0..df94dc36e 100644
--- a/src/libstrongswan/plugins/revocation/Makefile.in
+++ b/src/libstrongswan/plugins/revocation/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11.1 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -73,6 +73,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
am__installdirs = "$(DESTDIR)$(plugindir)"
LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_revocation_la_LIBADD =
@@ -124,6 +130,7 @@ CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DLLIB = @DLLIB@
+DLLTOOL = @DLLTOOL@
DSYMUTIL = @DSYMUTIL@
DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
@@ -151,6 +158,7 @@ LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
MYSQLCFLAG = @MYSQLCFLAG@
MYSQLCONFIG = @MYSQLCONFIG@
@@ -178,6 +186,7 @@ RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
RUBYINCLUDE = @RUBYINCLUDE@
+RUBYLIB = @RUBYLIB@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
@@ -190,6 +199,7 @@ abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
@@ -243,7 +253,6 @@ libexecdir = @libexecdir@
linux_headers = @linux_headers@
localedir = @localedir@
localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
maemo_CFLAGS = @maemo_CFLAGS@
maemo_LIBS = @maemo_LIBS@
manager_plugins = @manager_plugins@
@@ -373,7 +382,7 @@ clean-pluginLTLIBRARIES:
echo "rm -f \"$${dir}/so_locations\""; \
rm -f "$${dir}/so_locations"; \
done
-libstrongswan-revocation.la: $(libstrongswan_revocation_la_OBJECTS) $(libstrongswan_revocation_la_DEPENDENCIES)
+libstrongswan-revocation.la: $(libstrongswan_revocation_la_OBJECTS) $(libstrongswan_revocation_la_DEPENDENCIES) $(EXTRA_libstrongswan_revocation_la_DEPENDENCIES)
$(libstrongswan_revocation_la_LINK) $(am_libstrongswan_revocation_la_rpath) $(libstrongswan_revocation_la_OBJECTS) $(libstrongswan_revocation_la_LIBADD) $(LIBS)
mostlyclean-compile:
@@ -511,10 +520,15 @@ install-am: all-am
installcheck: installcheck-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
- install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
- `test -z '$(STRIP)' || \
- echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
mostlyclean-generic:
clean-generic:
diff --git a/src/libstrongswan/plugins/revocation/revocation_validator.c b/src/libstrongswan/plugins/revocation/revocation_validator.c
index dc8e454e7..44c234559 100644
--- a/src/libstrongswan/plugins/revocation/revocation_validator.c
+++ b/src/libstrongswan/plugins/revocation/revocation_validator.c
@@ -17,7 +17,7 @@
#include "revocation_validator.h"
-#include <debug.h>
+#include <utils/debug.h>
#include <credentials/certificates/x509.h>
#include <credentials/certificates/crl.h>
#include <credentials/certificates/ocsp_request.h>
diff --git a/src/libstrongswan/plugins/sha1/Makefile.in b/src/libstrongswan/plugins/sha1/Makefile.in
index 5188c3fbf..bfc35d1b8 100644
--- a/src/libstrongswan/plugins/sha1/Makefile.in
+++ b/src/libstrongswan/plugins/sha1/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11.1 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -73,6 +73,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
am__installdirs = "$(DESTDIR)$(plugindir)"
LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_sha1_la_LIBADD =
@@ -121,6 +127,7 @@ CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DLLIB = @DLLIB@
+DLLTOOL = @DLLTOOL@
DSYMUTIL = @DSYMUTIL@
DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
@@ -148,6 +155,7 @@ LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
MYSQLCFLAG = @MYSQLCFLAG@
MYSQLCONFIG = @MYSQLCONFIG@
@@ -175,6 +183,7 @@ RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
RUBYINCLUDE = @RUBYINCLUDE@
+RUBYLIB = @RUBYLIB@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
@@ -187,6 +196,7 @@ abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
@@ -240,7 +250,6 @@ libexecdir = @libexecdir@
linux_headers = @linux_headers@
localedir = @localedir@
localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
maemo_CFLAGS = @maemo_CFLAGS@
maemo_LIBS = @maemo_LIBS@
manager_plugins = @manager_plugins@
@@ -370,7 +379,7 @@ clean-pluginLTLIBRARIES:
echo "rm -f \"$${dir}/so_locations\""; \
rm -f "$${dir}/so_locations"; \
done
-libstrongswan-sha1.la: $(libstrongswan_sha1_la_OBJECTS) $(libstrongswan_sha1_la_DEPENDENCIES)
+libstrongswan-sha1.la: $(libstrongswan_sha1_la_OBJECTS) $(libstrongswan_sha1_la_DEPENDENCIES) $(EXTRA_libstrongswan_sha1_la_DEPENDENCIES)
$(libstrongswan_sha1_la_LINK) $(am_libstrongswan_sha1_la_rpath) $(libstrongswan_sha1_la_OBJECTS) $(libstrongswan_sha1_la_LIBADD) $(LIBS)
mostlyclean-compile:
@@ -509,10 +518,15 @@ install-am: all-am
installcheck: installcheck-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
- install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
- `test -z '$(STRIP)' || \
- echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
mostlyclean-generic:
clean-generic:
diff --git a/src/libstrongswan/plugins/sha2/Makefile.in b/src/libstrongswan/plugins/sha2/Makefile.in
index adf7d10b4..1b9d7b717 100644
--- a/src/libstrongswan/plugins/sha2/Makefile.in
+++ b/src/libstrongswan/plugins/sha2/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11.1 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -73,6 +73,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
am__installdirs = "$(DESTDIR)$(plugindir)"
LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_sha2_la_LIBADD =
@@ -120,6 +126,7 @@ CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DLLIB = @DLLIB@
+DLLTOOL = @DLLTOOL@
DSYMUTIL = @DSYMUTIL@
DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
@@ -147,6 +154,7 @@ LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
MYSQLCFLAG = @MYSQLCFLAG@
MYSQLCONFIG = @MYSQLCONFIG@
@@ -174,6 +182,7 @@ RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
RUBYINCLUDE = @RUBYINCLUDE@
+RUBYLIB = @RUBYLIB@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
@@ -186,6 +195,7 @@ abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
@@ -239,7 +249,6 @@ libexecdir = @libexecdir@
linux_headers = @linux_headers@
localedir = @localedir@
localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
maemo_CFLAGS = @maemo_CFLAGS@
maemo_LIBS = @maemo_LIBS@
manager_plugins = @manager_plugins@
@@ -368,7 +377,7 @@ clean-pluginLTLIBRARIES:
echo "rm -f \"$${dir}/so_locations\""; \
rm -f "$${dir}/so_locations"; \
done
-libstrongswan-sha2.la: $(libstrongswan_sha2_la_OBJECTS) $(libstrongswan_sha2_la_DEPENDENCIES)
+libstrongswan-sha2.la: $(libstrongswan_sha2_la_OBJECTS) $(libstrongswan_sha2_la_DEPENDENCIES) $(EXTRA_libstrongswan_sha2_la_DEPENDENCIES)
$(libstrongswan_sha2_la_LINK) $(am_libstrongswan_sha2_la_rpath) $(libstrongswan_sha2_la_OBJECTS) $(libstrongswan_sha2_la_LIBADD) $(LIBS)
mostlyclean-compile:
@@ -506,10 +515,15 @@ install-am: all-am
installcheck: installcheck-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
- install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
- `test -z '$(STRIP)' || \
- echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
mostlyclean-generic:
clean-generic:
diff --git a/src/libstrongswan/plugins/soup/Makefile.in b/src/libstrongswan/plugins/soup/Makefile.in
index 5ab3f94aa..41cd7bac5 100644
--- a/src/libstrongswan/plugins/soup/Makefile.in
+++ b/src/libstrongswan/plugins/soup/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11.1 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -73,6 +73,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
am__installdirs = "$(DESTDIR)$(plugindir)"
LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
am__DEPENDENCIES_1 =
@@ -121,6 +127,7 @@ CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DLLIB = @DLLIB@
+DLLTOOL = @DLLTOOL@
DSYMUTIL = @DSYMUTIL@
DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
@@ -148,6 +155,7 @@ LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
MYSQLCFLAG = @MYSQLCFLAG@
MYSQLCONFIG = @MYSQLCONFIG@
@@ -175,6 +183,7 @@ RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
RUBYINCLUDE = @RUBYINCLUDE@
+RUBYLIB = @RUBYLIB@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
@@ -187,6 +196,7 @@ abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
@@ -240,7 +250,6 @@ libexecdir = @libexecdir@
linux_headers = @linux_headers@
localedir = @localedir@
localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
maemo_CFLAGS = @maemo_CFLAGS@
maemo_LIBS = @maemo_LIBS@
manager_plugins = @manager_plugins@
@@ -370,7 +379,7 @@ clean-pluginLTLIBRARIES:
echo "rm -f \"$${dir}/so_locations\""; \
rm -f "$${dir}/so_locations"; \
done
-libstrongswan-soup.la: $(libstrongswan_soup_la_OBJECTS) $(libstrongswan_soup_la_DEPENDENCIES)
+libstrongswan-soup.la: $(libstrongswan_soup_la_OBJECTS) $(libstrongswan_soup_la_DEPENDENCIES) $(EXTRA_libstrongswan_soup_la_DEPENDENCIES)
$(libstrongswan_soup_la_LINK) $(am_libstrongswan_soup_la_rpath) $(libstrongswan_soup_la_OBJECTS) $(libstrongswan_soup_la_LIBADD) $(LIBS)
mostlyclean-compile:
@@ -508,10 +517,15 @@ install-am: all-am
installcheck: installcheck-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
- install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
- `test -z '$(STRIP)' || \
- echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
mostlyclean-generic:
clean-generic:
diff --git a/src/libstrongswan/plugins/soup/soup_fetcher.c b/src/libstrongswan/plugins/soup/soup_fetcher.c
index 3e5786b12..681a3c357 100644
--- a/src/libstrongswan/plugins/soup/soup_fetcher.c
+++ b/src/libstrongswan/plugins/soup/soup_fetcher.c
@@ -18,7 +18,7 @@
#include <libsoup/soup.h>
#include <library.h>
-#include <debug.h>
+#include <utils/debug.h>
#define DEFAULT_TIMEOUT 10
diff --git a/src/libstrongswan/plugins/soup/soup_plugin.c b/src/libstrongswan/plugins/soup/soup_plugin.c
index b21b28b9f..1260a5a60 100644
--- a/src/libstrongswan/plugins/soup/soup_plugin.c
+++ b/src/libstrongswan/plugins/soup/soup_plugin.c
@@ -66,10 +66,13 @@ plugin_t *soup_plugin_create()
private_soup_plugin_t *this;
g_type_init();
+
+#if !GLIB_CHECK_VERSION(2,23,0)
if (!g_thread_get_initialized())
{
g_thread_init(NULL);
}
+#endif
INIT(this,
.public = {
diff --git a/src/libstrongswan/plugins/sqlite/Makefile.in b/src/libstrongswan/plugins/sqlite/Makefile.in
index f13540edb..8e5b21e49 100644
--- a/src/libstrongswan/plugins/sqlite/Makefile.in
+++ b/src/libstrongswan/plugins/sqlite/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11.1 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -73,6 +73,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
am__installdirs = "$(DESTDIR)$(plugindir)"
LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_sqlite_la_DEPENDENCIES =
@@ -123,6 +129,7 @@ CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DLLIB = @DLLIB@
+DLLTOOL = @DLLTOOL@
DSYMUTIL = @DSYMUTIL@
DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
@@ -150,6 +157,7 @@ LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
MYSQLCFLAG = @MYSQLCFLAG@
MYSQLCONFIG = @MYSQLCONFIG@
@@ -177,6 +185,7 @@ RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
RUBYINCLUDE = @RUBYINCLUDE@
+RUBYLIB = @RUBYLIB@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
@@ -189,6 +198,7 @@ abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
@@ -242,7 +252,6 @@ libexecdir = @libexecdir@
linux_headers = @linux_headers@
localedir = @localedir@
localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
maemo_CFLAGS = @maemo_CFLAGS@
maemo_LIBS = @maemo_LIBS@
manager_plugins = @manager_plugins@
@@ -373,7 +382,7 @@ clean-pluginLTLIBRARIES:
echo "rm -f \"$${dir}/so_locations\""; \
rm -f "$${dir}/so_locations"; \
done
-libstrongswan-sqlite.la: $(libstrongswan_sqlite_la_OBJECTS) $(libstrongswan_sqlite_la_DEPENDENCIES)
+libstrongswan-sqlite.la: $(libstrongswan_sqlite_la_OBJECTS) $(libstrongswan_sqlite_la_DEPENDENCIES) $(EXTRA_libstrongswan_sqlite_la_DEPENDENCIES)
$(libstrongswan_sqlite_la_LINK) $(am_libstrongswan_sqlite_la_rpath) $(libstrongswan_sqlite_la_OBJECTS) $(libstrongswan_sqlite_la_LIBADD) $(LIBS)
mostlyclean-compile:
@@ -511,10 +520,15 @@ install-am: all-am
installcheck: installcheck-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
- install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
- `test -z '$(STRIP)' || \
- echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
mostlyclean-generic:
clean-generic:
diff --git a/src/libstrongswan/plugins/sqlite/sqlite_database.c b/src/libstrongswan/plugins/sqlite/sqlite_database.c
index 0fb3c7fff..1fb306579 100644
--- a/src/libstrongswan/plugins/sqlite/sqlite_database.c
+++ b/src/libstrongswan/plugins/sqlite/sqlite_database.c
@@ -18,7 +18,7 @@
#include <sqlite3.h>
#include <unistd.h>
#include <library.h>
-#include <debug.h>
+#include <utils/debug.h>
#include <threading/mutex.h>
typedef struct private_sqlite_database_t private_sqlite_database_t;
@@ -300,7 +300,10 @@ static int busy_handler(private_sqlite_database_t *this, int count)
METHOD(database_t, destroy, void,
private_sqlite_database_t *this)
{
- sqlite3_close(this->db);
+ if (sqlite3_close(this->db) == SQLITE_BUSY)
+ {
+ DBG1(DBG_LIB, "sqlite close failed because database is busy");
+ }
this->mutex->destroy(this->mutex);
free(this);
}
diff --git a/src/libstrongswan/plugins/test_vectors/Makefile.in b/src/libstrongswan/plugins/test_vectors/Makefile.in
index f717ad6d9..f7ac9f9d0 100644
--- a/src/libstrongswan/plugins/test_vectors/Makefile.in
+++ b/src/libstrongswan/plugins/test_vectors/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11.1 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -73,6 +73,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
am__installdirs = "$(DESTDIR)$(plugindir)"
LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_test_vectors_la_LIBADD =
@@ -129,6 +135,7 @@ CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DLLIB = @DLLIB@
+DLLTOOL = @DLLTOOL@
DSYMUTIL = @DSYMUTIL@
DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
@@ -156,6 +163,7 @@ LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
MYSQLCFLAG = @MYSQLCFLAG@
MYSQLCONFIG = @MYSQLCONFIG@
@@ -183,6 +191,7 @@ RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
RUBYINCLUDE = @RUBYINCLUDE@
+RUBYLIB = @RUBYLIB@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
@@ -195,6 +204,7 @@ abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
@@ -248,7 +258,6 @@ libexecdir = @libexecdir@
linux_headers = @linux_headers@
localedir = @localedir@
localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
maemo_CFLAGS = @maemo_CFLAGS@
maemo_LIBS = @maemo_LIBS@
manager_plugins = @manager_plugins@
@@ -405,7 +414,7 @@ clean-pluginLTLIBRARIES:
echo "rm -f \"$${dir}/so_locations\""; \
rm -f "$${dir}/so_locations"; \
done
-libstrongswan-test-vectors.la: $(libstrongswan_test_vectors_la_OBJECTS) $(libstrongswan_test_vectors_la_DEPENDENCIES)
+libstrongswan-test-vectors.la: $(libstrongswan_test_vectors_la_OBJECTS) $(libstrongswan_test_vectors_la_DEPENDENCIES) $(EXTRA_libstrongswan_test_vectors_la_DEPENDENCIES)
$(libstrongswan_test_vectors_la_LINK) $(am_libstrongswan_test_vectors_la_rpath) $(libstrongswan_test_vectors_la_OBJECTS) $(libstrongswan_test_vectors_la_LIBADD) $(LIBS)
mostlyclean-compile:
@@ -766,10 +775,15 @@ install-am: all-am
installcheck: installcheck-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
- install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
- `test -z '$(STRIP)' || \
- echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
mostlyclean-generic:
clean-generic:
diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/rng.c b/src/libstrongswan/plugins/test_vectors/test_vectors/rng.c
index 18e0c9278..3316c364d 100644
--- a/src/libstrongswan/plugins/test_vectors/test_vectors/rng.c
+++ b/src/libstrongswan/plugins/test_vectors/test_vectors/rng.c
@@ -15,7 +15,7 @@
#include <crypto/crypto_tester.h>
-#include <debug.h>
+#include <utils/debug.h>
/**
* Monobit test
diff --git a/src/libstrongswan/plugins/x509/Makefile.in b/src/libstrongswan/plugins/x509/Makefile.in
index 6d9f88647..5c1258986 100644
--- a/src/libstrongswan/plugins/x509/Makefile.in
+++ b/src/libstrongswan/plugins/x509/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11.1 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -73,6 +73,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
am__installdirs = "$(DESTDIR)$(plugindir)"
LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_x509_la_LIBADD =
@@ -122,6 +128,7 @@ CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DLLIB = @DLLIB@
+DLLTOOL = @DLLTOOL@
DSYMUTIL = @DSYMUTIL@
DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
@@ -149,6 +156,7 @@ LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
MYSQLCFLAG = @MYSQLCFLAG@
MYSQLCONFIG = @MYSQLCONFIG@
@@ -176,6 +184,7 @@ RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
RUBYINCLUDE = @RUBYINCLUDE@
+RUBYLIB = @RUBYLIB@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
@@ -188,6 +197,7 @@ abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
@@ -241,7 +251,6 @@ libexecdir = @libexecdir@
linux_headers = @linux_headers@
localedir = @localedir@
localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
maemo_CFLAGS = @maemo_CFLAGS@
maemo_LIBS = @maemo_LIBS@
manager_plugins = @manager_plugins@
@@ -376,7 +385,7 @@ clean-pluginLTLIBRARIES:
echo "rm -f \"$${dir}/so_locations\""; \
rm -f "$${dir}/so_locations"; \
done
-libstrongswan-x509.la: $(libstrongswan_x509_la_OBJECTS) $(libstrongswan_x509_la_DEPENDENCIES)
+libstrongswan-x509.la: $(libstrongswan_x509_la_OBJECTS) $(libstrongswan_x509_la_DEPENDENCIES) $(EXTRA_libstrongswan_x509_la_DEPENDENCIES)
$(libstrongswan_x509_la_LINK) $(am_libstrongswan_x509_la_rpath) $(libstrongswan_x509_la_OBJECTS) $(libstrongswan_x509_la_LIBADD) $(LIBS)
mostlyclean-compile:
@@ -519,10 +528,15 @@ install-am: all-am
installcheck: installcheck-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
- install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
- `test -z '$(STRIP)' || \
- echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
mostlyclean-generic:
clean-generic:
diff --git a/src/libstrongswan/plugins/x509/x509_ac.c b/src/libstrongswan/plugins/x509/x509_ac.c
index d6ca8c4fa..7d83e48ea 100644
--- a/src/libstrongswan/plugins/x509/x509_ac.c
+++ b/src/libstrongswan/plugins/x509/x509_ac.c
@@ -22,12 +22,12 @@
#include <time.h>
#include <library.h>
-#include <debug.h>
+#include <utils/debug.h>
#include <asn1/oid.h>
#include <asn1/asn1.h>
#include <asn1/asn1_parser.h>
#include <utils/identification.h>
-#include <utils/linked_list.h>
+#include <collections/linked_list.h>
#include <credentials/certificates/x509.h>
#include <credentials/ietf_attributes/ietf_attributes.h>
#include <credentials/keys/private_key.h>
diff --git a/src/libstrongswan/plugins/x509/x509_cert.c b/src/libstrongswan/plugins/x509/x509_cert.c
index 2269eb453..85c481552 100644
--- a/src/libstrongswan/plugins/x509/x509_cert.c
+++ b/src/libstrongswan/plugins/x509/x509_cert.c
@@ -29,13 +29,13 @@
#include <stdio.h>
#include <library.h>
-#include <debug.h>
+#include <utils/debug.h>
#include <asn1/oid.h>
#include <asn1/asn1.h>
#include <asn1/asn1_parser.h>
#include <crypto/hashers/hasher.h>
#include <credentials/keys/private_key.h>
-#include <utils/linked_list.h>
+#include <collections/linked_list.h>
#include <utils/identification.h>
#include <selectors/traffic_selector.h>
@@ -1547,6 +1547,10 @@ METHOD(certificate_t, has_subject, id_match_t,
{
return ID_MATCH_PERFECT;
}
+ if (chunk_equals(this->serialNumber, encoding))
+ {
+ return ID_MATCH_PERFECT;
+ }
}
best = this->subject->matches(this->subject, subject);
enumerator = this->subjectAltNames->create_enumerator(this->subjectAltNames);
diff --git a/src/libstrongswan/plugins/x509/x509_crl.c b/src/libstrongswan/plugins/x509/x509_crl.c
index 47621103e..5350d4a51 100644
--- a/src/libstrongswan/plugins/x509/x509_crl.c
+++ b/src/libstrongswan/plugins/x509/x509_crl.c
@@ -20,14 +20,14 @@ typedef struct revoked_t revoked_t;
#include <time.h>
-#include <debug.h>
+#include <utils/debug.h>
#include <library.h>
#include <asn1/oid.h>
#include <asn1/asn1.h>
#include <asn1/asn1_parser.h>
#include <credentials/certificates/x509.h>
#include <credentials/keys/private_key.h>
-#include <utils/linked_list.h>
+#include <collections/linked_list.h>
/**
* entry for a revoked certificate
diff --git a/src/libstrongswan/plugins/x509/x509_ocsp_request.c b/src/libstrongswan/plugins/x509/x509_ocsp_request.c
index bbd1c5905..09c5a8539 100644
--- a/src/libstrongswan/plugins/x509/x509_ocsp_request.c
+++ b/src/libstrongswan/plugins/x509/x509_ocsp_request.c
@@ -21,8 +21,8 @@
#include <asn1/oid.h>
#include <asn1/asn1.h>
#include <utils/identification.h>
-#include <utils/linked_list.h>
-#include <debug.h>
+#include <collections/linked_list.h>
+#include <utils/debug.h>
#include <credentials/certificates/x509.h>
#include <credentials/keys/private_key.h>
diff --git a/src/libstrongswan/plugins/x509/x509_ocsp_response.c b/src/libstrongswan/plugins/x509/x509_ocsp_response.c
index 27497e0e3..1f8929958 100644
--- a/src/libstrongswan/plugins/x509/x509_ocsp_response.c
+++ b/src/libstrongswan/plugins/x509/x509_ocsp_response.c
@@ -23,8 +23,8 @@
#include <asn1/asn1.h>
#include <asn1/asn1_parser.h>
#include <utils/identification.h>
-#include <utils/linked_list.h>
-#include <debug.h>
+#include <collections/linked_list.h>
+#include <utils/debug.h>
#include <library.h>
#include <credentials/certificates/x509.h>
diff --git a/src/libstrongswan/plugins/x509/x509_pkcs10.c b/src/libstrongswan/plugins/x509/x509_pkcs10.c
index 9fa91fed2..024b4dba5 100644
--- a/src/libstrongswan/plugins/x509/x509_pkcs10.c
+++ b/src/libstrongswan/plugins/x509/x509_pkcs10.c
@@ -18,12 +18,12 @@
#include "x509_pkcs10.h"
#include <library.h>
-#include <debug.h>
+#include <utils/debug.h>
#include <asn1/oid.h>
#include <asn1/asn1.h>
#include <asn1/asn1_parser.h>
#include <credentials/keys/private_key.h>
-#include <utils/linked_list.h>
+#include <collections/linked_list.h>
#include <utils/identification.h>
typedef struct private_x509_pkcs10_t private_x509_pkcs10_t;
diff --git a/src/libstrongswan/plugins/xcbc/Makefile.in b/src/libstrongswan/plugins/xcbc/Makefile.in
index b4d0a2160..b29989c9d 100644
--- a/src/libstrongswan/plugins/xcbc/Makefile.in
+++ b/src/libstrongswan/plugins/xcbc/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11.1 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -73,6 +73,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
am__installdirs = "$(DESTDIR)$(plugindir)"
LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
libstrongswan_xcbc_la_LIBADD =
@@ -120,6 +126,7 @@ CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DLLIB = @DLLIB@
+DLLTOOL = @DLLTOOL@
DSYMUTIL = @DSYMUTIL@
DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
@@ -147,6 +154,7 @@ LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
MYSQLCFLAG = @MYSQLCFLAG@
MYSQLCONFIG = @MYSQLCONFIG@
@@ -174,6 +182,7 @@ RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
RUBYINCLUDE = @RUBYINCLUDE@
+RUBYLIB = @RUBYLIB@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
@@ -186,6 +195,7 @@ abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
@@ -239,7 +249,6 @@ libexecdir = @libexecdir@
linux_headers = @linux_headers@
localedir = @localedir@
localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
maemo_CFLAGS = @maemo_CFLAGS@
maemo_LIBS = @maemo_LIBS@
manager_plugins = @manager_plugins@
@@ -368,7 +377,7 @@ clean-pluginLTLIBRARIES:
echo "rm -f \"$${dir}/so_locations\""; \
rm -f "$${dir}/so_locations"; \
done
-libstrongswan-xcbc.la: $(libstrongswan_xcbc_la_OBJECTS) $(libstrongswan_xcbc_la_DEPENDENCIES)
+libstrongswan-xcbc.la: $(libstrongswan_xcbc_la_OBJECTS) $(libstrongswan_xcbc_la_DEPENDENCIES) $(EXTRA_libstrongswan_xcbc_la_DEPENDENCIES)
$(libstrongswan_xcbc_la_LINK) $(am_libstrongswan_xcbc_la_rpath) $(libstrongswan_xcbc_la_OBJECTS) $(libstrongswan_xcbc_la_LIBADD) $(LIBS)
mostlyclean-compile:
@@ -506,10 +515,15 @@ install-am: all-am
installcheck: installcheck-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
- install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
- `test -z '$(STRIP)' || \
- echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
mostlyclean-generic:
clean-generic:
diff --git a/src/libstrongswan/plugins/xcbc/xcbc.c b/src/libstrongswan/plugins/xcbc/xcbc.c
index 1bb7e640a..802c8a39f 100644
--- a/src/libstrongswan/plugins/xcbc/xcbc.c
+++ b/src/libstrongswan/plugins/xcbc/xcbc.c
@@ -18,7 +18,7 @@
#include "xcbc.h"
-#include <debug.h>
+#include <utils/debug.h>
#include <crypto/mac.h>
#include <crypto/prfs/mac_prf.h>
#include <crypto/signers/mac_signer.h>
diff --git a/src/libstrongswan/processing/jobs/callback_job.c b/src/libstrongswan/processing/jobs/callback_job.c
index a5ddc8ff6..8258ccb33 100644
--- a/src/libstrongswan/processing/jobs/callback_job.c
+++ b/src/libstrongswan/processing/jobs/callback_job.c
@@ -21,7 +21,7 @@
#include <threading/condvar.h>
#include <threading/semaphore.h>
#include <threading/mutex.h>
-#include <utils/linked_list.h>
+#include <collections/linked_list.h>
typedef struct private_callback_job_t private_callback_job_t;
diff --git a/src/libstrongswan/processing/processor.c b/src/libstrongswan/processing/processor.c
index 5b7fd467c..934636fc0 100644
--- a/src/libstrongswan/processing/processor.c
+++ b/src/libstrongswan/processing/processor.c
@@ -22,12 +22,12 @@
#include "processor.h"
-#include <debug.h>
+#include <utils/debug.h>
#include <threading/thread.h>
#include <threading/condvar.h>
#include <threading/mutex.h>
#include <threading/thread_value.h>
-#include <utils/linked_list.h>
+#include <collections/linked_list.h>
typedef struct private_processor_t private_processor_t;
diff --git a/src/libstrongswan/processing/scheduler.c b/src/libstrongswan/processing/scheduler.c
index c97dbc4be..3f1598fc4 100644
--- a/src/libstrongswan/processing/scheduler.c
+++ b/src/libstrongswan/processing/scheduler.c
@@ -19,7 +19,7 @@
#include "scheduler.h"
-#include <debug.h>
+#include <utils/debug.h>
#include <processing/processor.h>
#include <processing/jobs/callback_job.h>
#include <threading/thread.h>
diff --git a/src/libstrongswan/selectors/traffic_selector.c b/src/libstrongswan/selectors/traffic_selector.c
index b19b962e6..87e57095c 100644
--- a/src/libstrongswan/selectors/traffic_selector.c
+++ b/src/libstrongswan/selectors/traffic_selector.c
@@ -22,9 +22,9 @@
#include "traffic_selector.h"
-#include <utils/linked_list.h>
+#include <collections/linked_list.h>
#include <utils/identification.h>
-#include <debug.h>
+#include <utils/debug.h>
#define NON_SUBNET_ADDRESS_RANGE 255
@@ -818,6 +818,23 @@ traffic_selector_t *traffic_selector_create_from_string(
/*
* see header
*/
+traffic_selector_t *traffic_selector_create_from_cidr(char *string,
+ u_int8_t protocol, u_int16_t port)
+{
+ host_t *net;
+ int bits;
+
+ net = host_create_from_subnet(string, &bits);
+ if (net)
+ {
+ return traffic_selector_create_from_subnet(net, bits, protocol, port);
+ }
+ return NULL;
+}
+
+/*
+ * see header
+ */
traffic_selector_t *traffic_selector_create_dynamic(u_int8_t protocol,
u_int16_t from_port, u_int16_t to_port)
{
diff --git a/src/libstrongswan/selectors/traffic_selector.h b/src/libstrongswan/selectors/traffic_selector.h
index 7a81521e9..b6da391aa 100644
--- a/src/libstrongswan/selectors/traffic_selector.h
+++ b/src/libstrongswan/selectors/traffic_selector.h
@@ -27,7 +27,7 @@ typedef enum ts_type_t ts_type_t;
typedef struct traffic_selector_t traffic_selector_t;
#include <library.h>
-#include <utils/host.h>
+#include <networking/host.h>
/**
* Traffic selector types.
@@ -231,6 +231,19 @@ traffic_selector_t *traffic_selector_create_from_string(
char *from_addr, u_int16_t from_port,
char *to_addr, u_int16_t to_port);
+
+
+/**
+ * Create a traffic selector from a CIDR string.
+ *
+ * @param string CIDR string, such as 10.1.0.0/16
+ * @param protocol protocol for this ts, such as TCP or UDP
+ * @param port single port for this TS, 0 for any port
+ * @return traffic selector, NULL if string invalid
+ */
+traffic_selector_t *traffic_selector_create_from_cidr(char *string,
+ u_int8_t protocol, u_int16_t port);
+
/**
* Create a new traffic selector using data read from the net.
*
diff --git a/src/libstrongswan/threading/mutex.c b/src/libstrongswan/threading/mutex.c
index 2ef918a28..f86e781c5 100644
--- a/src/libstrongswan/threading/mutex.c
+++ b/src/libstrongswan/threading/mutex.c
@@ -21,7 +21,7 @@
#include <errno.h>
#include <library.h>
-#include <debug.h>
+#include <utils/debug.h>
#include "condvar.h"
#include "mutex.h"
@@ -282,13 +282,7 @@ METHOD(condvar_t, timed_wait, bool,
ms = timeout % 1000;
tv.tv_sec += s;
- tv.tv_usec += ms * 1000;
-
- if (tv.tv_usec > 1000000 /* 1s */)
- {
- tv.tv_usec -= 1000000;
- tv.tv_sec++;
- }
+ timeval_add_ms(&tv, ms);
return timed_wait_abs(this, mutex, tv);
}
diff --git a/src/libstrongswan/threading/rwlock.c b/src/libstrongswan/threading/rwlock.c
index 7097a8e8c..176445705 100644
--- a/src/libstrongswan/threading/rwlock.c
+++ b/src/libstrongswan/threading/rwlock.c
@@ -18,7 +18,7 @@
#include <pthread.h>
#include <library.h>
-#include <debug.h>
+#include <utils/debug.h>
#include "rwlock.h"
#include "rwlock_condvar.h"
@@ -433,13 +433,8 @@ METHOD(rwlock_condvar_t, timed_wait, bool,
ms = timeout % 1000;
tv.tv_sec += s;
- tv.tv_usec += ms * 1000;
+ timeval_add_ms(&tv, ms);
- if (tv.tv_usec > 1000000 /* 1s */)
- {
- tv.tv_usec -= 1000000;
- tv.tv_sec++;
- }
return timed_wait_abs(this, lock, tv);
}
diff --git a/src/libstrongswan/threading/spinlock.c b/src/libstrongswan/threading/spinlock.c
index 812cf696b..a0de02ce5 100644
--- a/src/libstrongswan/threading/spinlock.c
+++ b/src/libstrongswan/threading/spinlock.c
@@ -13,20 +13,15 @@
* for more details.
*/
-#include <unistd.h> /* for _POSIX_SPIN_LOCKS */
#include <pthread.h>
#include <library.h>
-#include <debug.h>
+#include <utils/debug.h>
#include "spinlock.h"
#include "mutex.h"
#include "lock_profiler.h"
-#if defined(_POSIX_SPIN_LOCKS) && _POSIX_SPIN_LOCKS == -1
-#undef _POSIX_SPIN_LOCKS
-#endif
-
typedef struct private_spinlock_t private_spinlock_t;
/**
@@ -39,7 +34,7 @@ struct private_spinlock_t {
*/
spinlock_t public;
-#ifdef _POSIX_SPIN_LOCKS
+#ifdef HAVE_PTHREAD_SPIN_INIT
/**
* wrapped pthread spin lock
@@ -51,20 +46,20 @@ struct private_spinlock_t {
*/
lock_profile_t profile;
-#else /* _POSIX_SPIN_LOCKS */
+#else /* HAVE_PTHREAD_SPIN_INIT */
/**
* use a mutex if spin locks are not available
*/
mutex_t *mutex;
-#endif /* _POSIX_SPIN_LOCKS */
+#endif /* HAVE_PTHREAD_SPIN_INIT */
};
METHOD(spinlock_t, lock, void,
private_spinlock_t *this)
{
-#ifdef _POSIX_SPIN_LOCKS
+#ifdef HAVE_PTHREAD_SPIN_INIT
int err;
profiler_start(&this->profile);
@@ -82,7 +77,7 @@ METHOD(spinlock_t, lock, void,
METHOD(spinlock_t, unlock, void,
private_spinlock_t *this)
{
-#ifdef _POSIX_SPIN_LOCKS
+#ifdef HAVE_PTHREAD_SPIN_INIT
int err;
err = pthread_spin_unlock(&this->spinlock);
@@ -98,7 +93,7 @@ METHOD(spinlock_t, unlock, void,
METHOD(spinlock_t, destroy, void,
private_spinlock_t *this)
{
-#ifdef _POSIX_SPIN_LOCKS
+#ifdef HAVE_PTHREAD_SPIN_INIT
profiler_cleanup(&this->profile);
pthread_spin_destroy(&this->spinlock);
#else
@@ -122,15 +117,12 @@ spinlock_t *spinlock_create()
},
);
-#ifdef _POSIX_SPIN_LOCKS
+#ifdef HAVE_PTHREAD_SPIN_INIT
pthread_spin_init(&this->spinlock, PTHREAD_PROCESS_PRIVATE);
profiler_init(&this->profile);
#else
- #warning Using mutexes as spin lock alternatives
this->mutex = mutex_create(MUTEX_TYPE_DEFAULT);
#endif
return &this->public;
}
-
-
diff --git a/src/libstrongswan/threading/thread.c b/src/libstrongswan/threading/thread.c
index 9ef514ebc..e524409c7 100644
--- a/src/libstrongswan/threading/thread.c
+++ b/src/libstrongswan/threading/thread.c
@@ -32,11 +32,11 @@ static inline pid_t gettid()
#endif
#include <library.h>
-#include <debug.h>
+#include <utils/debug.h>
#include <threading/thread_value.h>
#include <threading/mutex.h>
-#include <utils/linked_list.h>
+#include <collections/linked_list.h>
#include "thread.h"
diff --git a/src/libstrongswan/utils/backtrace.c b/src/libstrongswan/utils/backtrace.c
index b6015fb35..0b6683233 100644
--- a/src/libstrongswan/utils/backtrace.c
+++ b/src/libstrongswan/utils/backtrace.c
@@ -54,7 +54,7 @@ struct private_backtrace_t {
#ifdef HAVE_BFD_H
#include <bfd.h>
-#include <utils/hashtable.h>
+#include <collections/hashtable.h>
#include <threading/mutex.h>
/**
diff --git a/src/libstrongswan/utils/capabilities.c b/src/libstrongswan/utils/capabilities.c
index 34128d010..c36a76efe 100644
--- a/src/libstrongswan/utils/capabilities.c
+++ b/src/libstrongswan/utils/capabilities.c
@@ -27,7 +27,7 @@
# include <sys/prctl.h>
#endif /* HAVE_PRCTL */
-#include <debug.h>
+#include <utils/debug.h>
#if !defined(HAVE_GETPWNAM_R) || !defined(HAVE_GETGRNAM_R)
# include <threading/mutex.h>
diff --git a/src/libstrongswan/chunk.c b/src/libstrongswan/utils/chunk.c
index d7f1c31d9..d7f1c31d9 100644
--- a/src/libstrongswan/chunk.c
+++ b/src/libstrongswan/utils/chunk.c
diff --git a/src/libstrongswan/chunk.h b/src/libstrongswan/utils/chunk.h
index 91b23da3b..67848eec1 100644
--- a/src/libstrongswan/chunk.h
+++ b/src/libstrongswan/utils/chunk.h
@@ -17,7 +17,7 @@
/**
* @defgroup chunk chunk
- * @{ @ingroup libstrongswan
+ * @{ @ingroup utils
*/
#ifndef CHUNK_H_
diff --git a/src/libstrongswan/debug.c b/src/libstrongswan/utils/debug.c
index e8c9e6b98..e8c9e6b98 100644
--- a/src/libstrongswan/debug.c
+++ b/src/libstrongswan/utils/debug.c
diff --git a/src/libstrongswan/debug.h b/src/libstrongswan/utils/debug.h
index ff4b4a1e9..c46d3fe55 100644
--- a/src/libstrongswan/debug.h
+++ b/src/libstrongswan/utils/debug.h
@@ -15,7 +15,7 @@
/**
* @defgroup debug debug
- * @{ @ingroup libstrongswan
+ * @{ @ingroup utils
*/
#ifndef DEBUG_H_
@@ -26,7 +26,7 @@ typedef enum level_t level_t;
#include <stdio.h>
-#include "enum.h"
+#include "utils/enum.h"
/**
* Debug message group.
diff --git a/src/libstrongswan/enum.c b/src/libstrongswan/utils/enum.c
index 2dc7c5dde..9b3c4d566 100644
--- a/src/libstrongswan/enum.c
+++ b/src/libstrongswan/utils/enum.c
@@ -65,15 +65,17 @@ int enum_printf_hook(printf_hook_data_t *data, printf_hook_spec_t *spec,
{
enum_name_t *ed = *((enum_name_t**)(args[0]));
int val = *((int*)(args[1]));
+ char *name, buf[32];
- char *name = enum_to_name(ed, val);
-
+ name = enum_to_name(ed, val);
if (name == NULL)
{
- return print_in_hook(data, "(%d)", val);
+ snprintf(buf, sizeof(buf), "(%d)", val);
+ name = buf;
}
- else
+ if (spec->minus)
{
- return print_in_hook(data, "%s", name);
+ return print_in_hook(data, "%-*s", spec->width, name);
}
+ return print_in_hook(data, "%*s", spec->width, name);
}
diff --git a/src/libstrongswan/enum.h b/src/libstrongswan/utils/enum.h
index 840371245..df8dbf8c1 100644
--- a/src/libstrongswan/enum.h
+++ b/src/libstrongswan/utils/enum.h
@@ -16,7 +16,7 @@
/**
* @defgroup enum enum
- * @{ @ingroup libstrongswan
+ * @{ @ingroup utils
*/
#ifndef ENUM_H_
diff --git a/src/libstrongswan/utils/identification.h b/src/libstrongswan/utils/identification.h
index 024fcea4b..cdf229127 100644
--- a/src/libstrongswan/utils/identification.h
+++ b/src/libstrongswan/utils/identification.h
@@ -29,8 +29,8 @@ typedef struct identification_t identification_t;
typedef enum id_match_t id_match_t;
typedef enum id_part_t id_part_t;
-#include <chunk.h>
-#include <utils/enumerator.h>
+#include <utils/chunk.h>
+#include <collections/enumerator.h>
/**
* Matches returned from identification_t.match
diff --git a/src/libstrongswan/integrity_checker.c b/src/libstrongswan/utils/integrity_checker.c
index e962aba70..e962aba70 100644
--- a/src/libstrongswan/integrity_checker.c
+++ b/src/libstrongswan/utils/integrity_checker.c
diff --git a/src/libstrongswan/integrity_checker.h b/src/libstrongswan/utils/integrity_checker.h
index 891ccccf7..afaa114b3 100644
--- a/src/libstrongswan/integrity_checker.h
+++ b/src/libstrongswan/utils/integrity_checker.h
@@ -15,7 +15,7 @@
/**
* @defgroup integrity_checker integrity_checker
- * @{ @ingroup libstrongswan
+ * @{ @ingroup utils
*/
#ifndef INTEGRITY_CHECKER_H_
diff --git a/src/libstrongswan/utils/leak_detective.c b/src/libstrongswan/utils/leak_detective.c
index cface0538..2b0be1661 100644
--- a/src/libstrongswan/utils/leak_detective.c
+++ b/src/libstrongswan/utils/leak_detective.c
@@ -32,9 +32,9 @@
#include "leak_detective.h"
#include <library.h>
-#include <debug.h>
+#include <utils/debug.h>
#include <utils/backtrace.h>
-#include <utils/hashtable.h>
+#include <collections/hashtable.h>
typedef struct private_leak_detective_t private_leak_detective_t;
diff --git a/src/libstrongswan/utils/optionsfrom.c b/src/libstrongswan/utils/optionsfrom.c
index 5fd4cfd4d..117071351 100644
--- a/src/libstrongswan/utils/optionsfrom.c
+++ b/src/libstrongswan/utils/optionsfrom.c
@@ -2,22 +2,22 @@
* Copyright (C) 2007-2008 Andreas Steffen
* Hochschule fuer Technik Rapperswil
*
- * This library is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Library General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>.
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
*
- * This library is distributed in the hope that it will be useful, but
+ * This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public
- * License for more details.
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
*/
#include <stdio.h>
#include <errno.h>
#include <library.h>
-#include <debug.h>
+#include <utils/debug.h>
#include <utils/lexparser.h>
#include "optionsfrom.h"
diff --git a/src/libstrongswan/printf_hook.c b/src/libstrongswan/utils/printf_hook.c
index 6e51aa4c3..6e51aa4c3 100644
--- a/src/libstrongswan/printf_hook.c
+++ b/src/libstrongswan/utils/printf_hook.c
diff --git a/src/libstrongswan/printf_hook.h b/src/libstrongswan/utils/printf_hook.h
index 7d3f23bce..1425910be 100644
--- a/src/libstrongswan/printf_hook.h
+++ b/src/libstrongswan/utils/printf_hook.h
@@ -16,7 +16,7 @@
/**
* @defgroup printf_hook printf_hook
- * @{ @ingroup libstrongswan
+ * @{ @ingroup utils
*/
#ifndef PRINTF_HOOK_H_
diff --git a/src/libstrongswan/settings.c b/src/libstrongswan/utils/settings.c
index 8977cd9ed..712ea6ee2 100644
--- a/src/libstrongswan/settings.c
+++ b/src/libstrongswan/utils/settings.c
@@ -31,9 +31,9 @@
#include "settings.h"
-#include "debug.h"
-#include "utils/linked_list.h"
+#include "collections/linked_list.h"
#include "threading/rwlock.h"
+#include "utils/debug.h"
#define MAX_INCLUSION_LEVEL 10
diff --git a/src/libstrongswan/settings.h b/src/libstrongswan/utils/settings.h
index c8b50d008..a861325f5 100644
--- a/src/libstrongswan/settings.h
+++ b/src/libstrongswan/utils/settings.h
@@ -16,7 +16,7 @@
/**
* @defgroup settings settings
- * @{ @ingroup libstrongswan
+ * @{ @ingroup utils
*/
#ifndef SETTINGS_H_
@@ -25,7 +25,7 @@
typedef struct settings_t settings_t;
#include "utils.h"
-#include "utils/enumerator.h"
+#include "collections/enumerator.h"
/**
* Convert a string value returned by a key/value enumerator to a boolean.
diff --git a/src/libstrongswan/utils.c b/src/libstrongswan/utils/utils.c
index d43a4bc2f..bf0224c5f 100644
--- a/src/libstrongswan/utils.c
+++ b/src/libstrongswan/utils/utils.c
@@ -27,9 +27,8 @@
#include <time.h>
#include <pthread.h>
-#include "enum.h"
-#include "debug.h"
-#include "utils/enumerator.h"
+#include "collections/enumerator.h"
+#include "utils/debug.h"
ENUM(status_names, SUCCESS, NEED_MORE,
"SUCCESS",
diff --git a/src/libstrongswan/utils.h b/src/libstrongswan/utils/utils.h
index f47c65ac1..7b1beb93a 100644
--- a/src/libstrongswan/utils.h
+++ b/src/libstrongswan/utils/utils.h
@@ -15,8 +15,8 @@
*/
/**
- * @defgroup utils utils
- * @{ @ingroup libstrongswan
+ * @defgroup utils_i utils
+ * @{ @ingroup utils
*/
#ifndef UTILS_H_
@@ -455,6 +455,22 @@ void closefrom(int lowfd);
time_t time_monotonic(timeval_t *tv);
/**
+ * Add the given number of milliseconds to the given timeval struct
+ *
+ * @param tv timeval struct to modify
+ * @param ms number of milliseconds
+ */
+static inline void timeval_add_ms(timeval_t *tv, u_int ms)
+{
+ tv->tv_usec += ms * 1000;
+ while (tv->tv_usec > 1000000 /* 1s */)
+ {
+ tv->tv_usec -= 1000000;
+ tv->tv_sec++;
+ }
+}
+
+/**
* returns null
*/
void *return_null();