From 49104abddf3d71d5abf5cf75dc7f95fa6c55fa63 Mon Sep 17 00:00:00 2001 From: Rene Mayrhofer Date: Fri, 26 Oct 2007 14:10:02 +0000 Subject: [svn-upgrade] Integrating new upstream version, strongswan (4.1.8) --- src/Makefile.am | 11 +- src/Makefile.in | 142 +- src/_copyright/Makefile.in | 136 +- src/_copyright/_copyright.8 | 2 +- src/_copyright/_copyright.c | 2 +- src/_updown/Makefile.am | 10 +- src/_updown/Makefile.in | 151 +- src/_updown/_updown | 524 ---- src/_updown/_updown.8 | 2 +- src/_updown/_updown.in | 536 ++++ src/_updown_espmark/Makefile.in | 113 +- src/_updown_espmark/_updown_espmark | 2 +- src/_updown_espmark/_updown_espmark.8 | 2 +- src/charon/Makefile.am | 19 +- src/charon/Makefile.in | 1297 +++++---- src/charon/bus/bus.h | 2 +- src/charon/config/backend_manager.c | 17 + src/charon/config/backend_manager.h | 9 + src/charon/config/backends/backend.h | 9 + src/charon/config/backends/local_backend.c | 48 + src/charon/config/backends/sqlite_backend.c | 308 ++ src/charon/config/backends/sqlite_backend.h | 58 + src/charon/config/child_cfg.c | 22 +- .../config/credentials/local_credential_store.c | 249 +- src/charon/config/ike_cfg.c | 18 +- src/charon/config/ike_cfg.h | 12 +- src/charon/config/peer_cfg.c | 116 +- src/charon/config/peer_cfg.h | 71 +- src/charon/control/interface_manager.c | 15 + src/charon/control/interface_manager.h | 14 + src/charon/control/interfaces/dbus_interface.c | 55 +- src/charon/control/interfaces/stroke_interface.c | 204 +- src/charon/control/interfaces/xml_interface.c | 396 ++- src/charon/daemon.c | 68 +- src/charon/daemon.h | 20 +- src/charon/encoding/message.c | 47 +- src/charon/encoding/message.h | 13 +- src/charon/encoding/payloads/endpoint_notify.c | 422 +++ src/charon/encoding/payloads/endpoint_notify.h | 185 ++ src/charon/encoding/payloads/id_payload.c | 44 +- src/charon/encoding/payloads/id_payload.h | 36 +- src/charon/encoding/payloads/ike_header.c | 22 +- src/charon/encoding/payloads/ike_header.h | 11 +- src/charon/encoding/payloads/notify_payload.c | 42 +- src/charon/encoding/payloads/notify_payload.h | 16 +- src/charon/encoding/payloads/payload.c | 21 +- src/charon/encoding/payloads/payload.h | 23 +- src/charon/encoding/payloads/sa_payload.c | 2 +- src/charon/kernel/kernel_interface.c | 386 ++- src/charon/network/sender.h | 2 +- src/charon/processing/jobs/callback_job.c | 2 +- .../processing/jobs/initiate_mediation_job.c | 253 ++ .../processing/jobs/initiate_mediation_job.h | 74 + src/charon/processing/jobs/mediation_job.c | 203 ++ src/charon/processing/jobs/mediation_job.h | 84 + src/charon/processing/jobs/process_message_job.c | 16 + src/charon/processing/jobs/roam_job.c | 1 - src/charon/processing/jobs/send_dpd_job.c | 1 - src/charon/processing/jobs/send_keepalive_job.c | 1 - src/charon/sa/authenticators/eap_authenticator.h | 2 +- src/charon/sa/authenticators/psk_authenticator.c | 4 +- src/charon/sa/authenticators/rsa_authenticator.c | 27 +- src/charon/sa/child_sa.c | 10 + src/charon/sa/connect_manager.c | 1615 +++++++++++ src/charon/sa/connect_manager.h | 131 + src/charon/sa/ike_sa.c | 459 ++- src/charon/sa/ike_sa.h | 102 +- src/charon/sa/ike_sa_manager.c | 5 +- src/charon/sa/mediation_manager.c | 343 +++ src/charon/sa/mediation_manager.h | 104 + src/charon/sa/task_manager.c | 168 +- src/charon/sa/task_manager.h | 14 + src/charon/sa/tasks/child_create.c | 6 +- src/charon/sa/tasks/ike_auth.c | 16 +- src/charon/sa/tasks/ike_init.c | 17 +- src/charon/sa/tasks/ike_mobike.c | 126 +- src/charon/sa/tasks/ike_mobike.h | 21 + src/charon/sa/tasks/ike_natd.c | 106 +- src/charon/sa/tasks/ike_p2p.c | 851 ++++++ src/charon/sa/tasks/ike_p2p.h | 110 + src/charon/sa/tasks/task.c | 4 + src/charon/sa/tasks/task.h | 5 + src/dumm/Makefile.am | 12 + src/dumm/Makefile.in | 538 ++++ src/dumm/bridge.c | 171 ++ src/dumm/bridge.h | 76 + src/dumm/cowfs.c | 913 ++++++ src/dumm/cowfs.h | 54 + src/dumm/dumm.c | 391 +++ src/dumm/dumm.h | 95 + src/dumm/guest.c | 567 ++++ src/dumm/guest.h | 155 + src/dumm/iface.c | 179 ++ src/dumm/iface.h | 79 + src/dumm/main.c | 632 +++++ src/dumm/mconsole.c | 349 +++ src/dumm/mconsole.h | 71 + src/include/Makefile.in | 101 +- src/ipsec/Makefile.in | 105 +- src/ipsec/ipsec.8 | 2 +- src/ipsec/ipsec.in | 14 +- src/libcrypto/Makefile.in | 269 +- src/libfreeswan/Makefile.in | 130 +- src/libfreeswan/addrtoa.c | 2 +- src/libfreeswan/addrtot.c | 2 +- src/libfreeswan/addrtypeof.c | 2 +- src/libfreeswan/anyaddr.3 | 2 +- src/libfreeswan/anyaddr.c | 2 +- src/libfreeswan/atoaddr.3 | 2 +- src/libfreeswan/atoaddr.c | 2 +- src/libfreeswan/atoasr.3 | 2 +- src/libfreeswan/atoasr.c | 2 +- src/libfreeswan/atosa.3 | 2 +- src/libfreeswan/atosa.c | 2 +- src/libfreeswan/atosubnet.c | 2 +- src/libfreeswan/atoul.3 | 2 +- src/libfreeswan/atoul.c | 2 +- src/libfreeswan/copyright.c | 7 +- src/libfreeswan/datatot.c | 2 +- src/libfreeswan/freeswan.h | 2 +- src/libfreeswan/goodmask.3 | 2 +- src/libfreeswan/goodmask.c | 2 +- src/libfreeswan/initaddr.3 | 2 +- src/libfreeswan/initaddr.c | 2 +- src/libfreeswan/initsaid.c | 2 +- src/libfreeswan/initsubnet.3 | 2 +- src/libfreeswan/initsubnet.c | 2 +- src/libfreeswan/internal.h | 2 +- src/libfreeswan/ipcomp.h | 2 +- src/libfreeswan/ipsec_ah.h | 2 +- src/libfreeswan/ipsec_alg.h | 2 +- src/libfreeswan/ipsec_encap.h | 2 +- src/libfreeswan/ipsec_eroute.h | 2 +- src/libfreeswan/ipsec_errs.h | 2 +- src/libfreeswan/ipsec_esp.h | 2 +- src/libfreeswan/ipsec_ipe4.h | 2 +- src/libfreeswan/ipsec_kversion.h | 2 +- src/libfreeswan/ipsec_life.h | 2 +- src/libfreeswan/ipsec_md5h.h | 2 +- src/libfreeswan/ipsec_param.h | 2 +- src/libfreeswan/ipsec_policy.h | 2 +- src/libfreeswan/ipsec_proto.h | 2 +- src/libfreeswan/ipsec_radij.h | 2 +- src/libfreeswan/ipsec_rcv.h | 2 +- src/libfreeswan/ipsec_sa.h | 2 +- src/libfreeswan/ipsec_sha1.h | 2 +- src/libfreeswan/ipsec_stats.h | 2 +- src/libfreeswan/ipsec_tunnel.h | 2 +- src/libfreeswan/ipsec_xform.h | 2 +- src/libfreeswan/ipsec_xmit.h | 2 +- src/libfreeswan/keyblobtoid.3 | 2 +- src/libfreeswan/keyblobtoid.c | 2 +- src/libfreeswan/optionsfrom.3 | 2 +- src/libfreeswan/optionsfrom.c | 2 +- src/libfreeswan/pfkey.h | 2 +- src/libfreeswan/pfkey_v2_build.c | 4 +- src/libfreeswan/pfkey_v2_debug.c | 2 +- src/libfreeswan/pfkey_v2_ext_bits.c | 4 +- src/libfreeswan/pfkey_v2_parse.c | 4 +- src/libfreeswan/pfkeyv2.h | 2 +- src/libfreeswan/portof.3 | 2 +- src/libfreeswan/portof.c | 2 +- src/libfreeswan/prng.3 | 2 +- src/libfreeswan/prng.c | 2 +- src/libfreeswan/radij.h | 2 +- src/libfreeswan/rangetoa.c | 2 +- src/libfreeswan/rangetosubnet.3 | 2 +- src/libfreeswan/rangetosubnet.c | 2 +- src/libfreeswan/sameaddr.3 | 2 +- src/libfreeswan/sameaddr.c | 2 +- src/libfreeswan/satoa.c | 2 +- src/libfreeswan/satot.c | 2 +- src/libfreeswan/subnetof.3 | 2 +- src/libfreeswan/subnetof.c | 2 +- src/libfreeswan/subnettoa.c | 2 +- src/libfreeswan/subnettot.c | 2 +- src/libfreeswan/subnettypeof.c | 2 +- src/libfreeswan/ttoaddr.3 | 2 +- src/libfreeswan/ttoaddr.c | 2 +- src/libfreeswan/ttodata.3 | 2 +- src/libfreeswan/ttodata.c | 2 +- src/libfreeswan/ttoprotoport.c | 2 +- src/libfreeswan/ttosa.3 | 2 +- src/libfreeswan/ttosa.c | 2 +- src/libfreeswan/ttosubnet.c | 2 +- src/libfreeswan/ttoul.3 | 2 +- src/libfreeswan/ttoul.c | 2 +- src/libfreeswan/ultoa.c | 2 +- src/libfreeswan/ultot.c | 2 +- src/libfreeswan/version.3 | 2 +- src/libfreeswan/version.c | 2 +- src/libstrongswan/Makefile.am | 44 +- src/libstrongswan/Makefile.in | 703 +++-- src/libstrongswan/asn1/asn1.c | 102 +- src/libstrongswan/asn1/asn1.h | 14 +- src/libstrongswan/asn1/oid.c | 385 +-- src/libstrongswan/asn1/oid.h | 63 +- src/libstrongswan/asn1/oid.txt | 5 + src/libstrongswan/asn1/pem.c | 4 +- src/libstrongswan/asn1/ttodata.c | 185 +- src/libstrongswan/chunk.c | 57 +- src/libstrongswan/chunk.h | 10 + src/libstrongswan/credential_store.h | 43 +- src/libstrongswan/crypto/ac.c | 239 +- src/libstrongswan/crypto/ac.h | 37 +- src/libstrongswan/crypto/crl.c | 19 +- src/libstrongswan/crypto/crl.h | 2 + src/libstrongswan/crypto/diffie_hellman.c | 293 +- src/libstrongswan/crypto/diffie_hellman.h | 69 +- src/libstrongswan/crypto/hashers/hasher.c | 79 +- src/libstrongswan/crypto/hashers/hasher.h | 44 +- src/libstrongswan/crypto/hmac.h | 2 +- src/libstrongswan/crypto/ietf_attr_list.c | 405 +++ src/libstrongswan/crypto/ietf_attr_list.h | 89 + src/libstrongswan/crypto/ocsp.c | 16 +- src/libstrongswan/crypto/pkcs7.c | 710 +++++ src/libstrongswan/crypto/pkcs7.h | 132 + src/libstrongswan/crypto/rsa/rsa_private_key.c | 307 +- src/libstrongswan/crypto/rsa/rsa_private_key.h | 67 +- src/libstrongswan/crypto/rsa/rsa_public_key.c | 326 +-- src/libstrongswan/crypto/rsa/rsa_public_key.h | 43 +- src/libstrongswan/crypto/signers/hmac_signer.c | 45 +- src/libstrongswan/crypto/signers/signer.h | 6 + src/libstrongswan/crypto/x509.c | 225 +- src/libstrongswan/crypto/x509.h | 76 +- src/libstrongswan/debug.c | 4 +- src/libstrongswan/debug.h | 3 + src/libstrongswan/fips/fips.c | 103 + src/libstrongswan/fips/fips.h | 47 + src/libstrongswan/fips/fips_canister_end.c | 173 ++ src/libstrongswan/fips/fips_canister_start.c | 174 ++ src/libstrongswan/fips/fips_signer.c | 63 + src/libstrongswan/library.h | 34 +- src/libstrongswan/utils/enumerator.c | 44 + src/libstrongswan/utils/enumerator.h | 57 + src/libstrongswan/utils/identification.c | 49 +- src/libstrongswan/utils/leak_detective.c | 3 +- src/libstrongswan/utils/linked_list.c | 108 +- src/libstrongswan/utils/linked_list.h | 46 +- src/libstrongswan/utils/optionsfrom.c | 148 + src/libstrongswan/utils/optionsfrom.h | 37 + src/manager/Makefile.am | 53 + src/manager/Makefile.in | 783 ++++++ src/manager/controller/auth_controller.c | 132 + src/manager/controller/auth_controller.h | 47 + src/manager/controller/gateway_controller.c | 148 + src/manager/controller/gateway_controller.h | 47 + src/manager/controller/status_controller.c | 238 ++ src/manager/controller/status_controller.h | 47 + src/manager/database.c | 183 ++ src/manager/database.h | 69 + src/manager/gateway.c | 253 ++ src/manager/gateway.h | 74 + src/manager/lib/context.h | 47 + src/manager/lib/controller.h | 84 + src/manager/lib/dispatcher.c | 402 +++ src/manager/lib/dispatcher.h | 95 + src/manager/lib/request.c | 305 ++ src/manager/lib/request.h | 127 + src/manager/lib/session.c | 175 ++ src/manager/lib/session.h | 73 + src/manager/lib/xml.c | 169 ++ src/manager/lib/xml.h | 63 + src/manager/main.c | 68 + src/manager/manager.c | 167 ++ src/manager/manager.db | Bin 0 -> 12288 bytes src/manager/manager.h | 93 + src/manager/templates/auth/login.cs | 17 + src/manager/templates/error.cs | 3 + src/manager/templates/footer.cs | 4 + src/manager/templates/gateway/list.cs | 15 + src/manager/templates/header.cs | 24 + src/manager/templates/static/client-left.png | Bin 0 -> 10228 bytes src/manager/templates/static/client-right.png | Bin 0 -> 10349 bytes src/manager/templates/static/gateway-left.png | Bin 0 -> 12206 bytes src/manager/templates/static/gateway-right.png | Bin 0 -> 12180 bytes src/manager/templates/static/jquery.js | 2965 ++++++++++++++++++++ src/manager/templates/static/pipe-bad.png | Bin 0 -> 4905 bytes src/manager/templates/static/pipe-good.png | Bin 0 -> 322 bytes src/manager/templates/static/pipe-thin-left.png | Bin 0 -> 345 bytes src/manager/templates/static/pipe-thin-right.png | Bin 0 -> 357 bytes src/manager/templates/static/pipe-thin.png | Bin 0 -> 256 bytes src/manager/templates/static/pipe.png | Bin 0 -> 322 bytes src/manager/templates/static/router.png | Bin 0 -> 3300 bytes src/manager/templates/static/script.js | 8 + src/manager/templates/static/strongswan.png | Bin 0 -> 19837 bytes src/manager/templates/static/style.css | 122 + src/manager/templates/status/ikesalist.cs | 101 + src/openac/Makefile.am | 98 +- src/openac/Makefile.in | 242 +- src/openac/build.c | 125 +- src/openac/build.h | 24 +- src/openac/loglite.c | 295 -- src/openac/openac.8 | 29 +- src/openac/openac.c | 381 ++- src/pluto/Makefile.am | 29 +- src/pluto/Makefile.in | 269 +- src/pluto/TODO | 2 +- src/pluto/ac.c | 8 +- src/pluto/ac.h | 2 +- src/pluto/adns.c | 2 +- src/pluto/adns.h | 2 +- src/pluto/alg_info.c | 5 +- src/pluto/alg_info.h | 2 +- src/pluto/asn1.c | 4 +- src/pluto/asn1.h | 2 +- src/pluto/ca.c | 33 +- src/pluto/ca.h | 4 +- src/pluto/certs.c | 2 +- src/pluto/certs.h | 2 +- src/pluto/connections.c | 59 +- src/pluto/connections.h | 2 +- src/pluto/constants.c | 4 +- src/pluto/constants.h | 4 +- src/pluto/cookie.c | 2 +- src/pluto/cookie.h | 2 +- src/pluto/crl.c | 4 +- src/pluto/crl.h | 2 +- src/pluto/crypto.c | 2 +- src/pluto/crypto.h | 2 +- src/pluto/db_ops.c | 2 +- src/pluto/db_ops.h | 2 +- src/pluto/defs.c | 2 +- src/pluto/defs.h | 2 +- src/pluto/demux.c | 8 +- src/pluto/demux.h | 2 +- src/pluto/dnskey.c | 2 +- src/pluto/dnskey.h | 2 +- src/pluto/fetch.c | 2 +- src/pluto/fetch.h | 2 +- src/pluto/foodgroups.c | 2 +- src/pluto/foodgroups.h | 2 +- src/pluto/gcryptfix.c | 2 +- src/pluto/gcryptfix.h | 2 +- src/pluto/id.c | 2 +- src/pluto/id.h | 2 +- src/pluto/ike_alg.c | 2 +- src/pluto/ike_alg.h | 2 +- src/pluto/ipsec_doi.c | 37 +- src/pluto/ipsec_doi.h | 2 +- src/pluto/kernel.c | 2 +- src/pluto/kernel.h | 2 +- src/pluto/kernel_alg.c | 2 +- src/pluto/kernel_alg.h | 2 +- src/pluto/kernel_netlink.c | 2 +- src/pluto/kernel_netlink.h | 2 +- src/pluto/kernel_noklips.c | 2 +- src/pluto/kernel_noklips.h | 2 +- src/pluto/kernel_pfkey.c | 2 +- src/pluto/kernel_pfkey.h | 2 +- src/pluto/keys.c | 36 +- src/pluto/keys.h | 2 +- src/pluto/lex.c | 2 +- src/pluto/lex.h | 2 +- src/pluto/log.c | 2 +- src/pluto/log.h | 2 +- src/pluto/modecfg.c | 2 +- src/pluto/modecfg.h | 2 +- src/pluto/mp_defs.c | 2 +- src/pluto/mp_defs.h | 2 +- src/pluto/nat_traversal.c | 2 +- src/pluto/nat_traversal.h | 2 +- src/pluto/ocsp.c | 12 +- src/pluto/ocsp.h | 1 + src/pluto/oid.c | 198 -- src/pluto/oid.h | 79 - src/pluto/oid.pl | 123 - src/pluto/oid.txt | 185 -- src/pluto/packet.c | 2 +- src/pluto/packet.h | 2 +- src/pluto/pem.c | 2 +- src/pluto/pem.h | 2 +- src/pluto/pgp.c | 2 +- src/pluto/pgp.h | 2 +- src/pluto/pkcs1.c | 4 +- src/pluto/pkcs1.h | 2 +- src/pluto/pkcs7.c | 4 +- src/pluto/pkcs7.h | 2 +- src/pluto/plutomain.c | 6 +- src/pluto/rcv_whack.c | 2 +- src/pluto/rcv_whack.h | 2 +- src/pluto/rnd.c | 2 +- src/pluto/rnd.h | 2 +- src/pluto/server.c | 2 +- src/pluto/server.h | 2 +- src/pluto/smartcard.c | 8 +- src/pluto/smartcard.h | 2 +- src/pluto/spdb.c | 6 +- src/pluto/spdb.h | 2 +- src/pluto/state.c | 2 +- src/pluto/state.h | 2 +- src/pluto/timer.c | 2 +- src/pluto/timer.h | 2 +- src/pluto/vendor.c | 13 +- src/pluto/vendor.h | 81 +- src/pluto/virtual.c | 2 +- src/pluto/virtual.h | 2 +- src/pluto/x509.c | 9 +- src/pluto/x509.h | 2 +- src/pluto/xauth.c | 2 +- src/pluto/xauth.h | 2 +- src/scepclient/Makefile.am | 34 +- src/scepclient/Makefile.in | 177 +- src/scepclient/loglite.c | 295 ++ src/scepclient/pkcs10.c | 2 +- src/scepclient/scep.c | 2 +- src/scepclient/scepclient.c | 2 +- src/starter/Makefile.am | 11 +- src/starter/Makefile.in | 162 +- src/starter/args.c | 8 +- src/starter/args.h | 2 +- src/starter/cmp.c | 11 +- src/starter/cmp.h | 2 +- src/starter/confread.c | 45 +- src/starter/confread.h | 12 +- src/starter/exec.c | 2 +- src/starter/exec.h | 2 +- src/starter/files.h | 2 +- src/starter/interfaces.c | 2 +- src/starter/interfaces.h | 2 +- src/starter/invokecharon.c | 2 +- src/starter/invokecharon.h | 2 +- src/starter/invokepluto.c | 2 +- src/starter/invokepluto.h | 2 +- src/starter/ipsec.conf.5 | 48 +- src/starter/keywords.c | 81 +- src/starter/keywords.h | 10 +- src/starter/keywords.txt | 8 +- src/starter/lex.yy.c | 2 +- src/starter/loglite.c | 295 ++ src/starter/netkey.c | 2 +- src/starter/netkey.h | 2 +- src/starter/parser.h | 2 +- src/starter/parser.l | 2 +- src/starter/parser.y | 2 +- src/starter/starter.c | 2 +- src/starter/starterstroke.c | 11 +- src/starter/starterstroke.h | 2 +- src/starter/starterwhack.c | 4 +- src/starter/starterwhack.h | 2 +- src/starter/y.tab.c | 28 +- src/starter/y.tab.h | 4 +- src/stroke/Makefile.in | 133 +- src/stroke/stroke.c | 31 +- src/stroke/stroke.h | 23 +- src/stroke/stroke_keywords.c | 64 +- src/stroke/stroke_keywords.h | 5 +- src/stroke/stroke_keywords.txt | 3 +- src/whack/Makefile.in | 133 +- src/whack/whack.c | 2 +- src/whack/whack.h | 2 +- 451 files changed, 27140 insertions(+), 6172 deletions(-) delete mode 100755 src/_updown/_updown create mode 100644 src/_updown/_updown.in create mode 100644 src/charon/config/backends/sqlite_backend.c create mode 100644 src/charon/config/backends/sqlite_backend.h create mode 100644 src/charon/encoding/payloads/endpoint_notify.c create mode 100644 src/charon/encoding/payloads/endpoint_notify.h create mode 100644 src/charon/processing/jobs/initiate_mediation_job.c create mode 100644 src/charon/processing/jobs/initiate_mediation_job.h create mode 100644 src/charon/processing/jobs/mediation_job.c create mode 100644 src/charon/processing/jobs/mediation_job.h create mode 100644 src/charon/sa/connect_manager.c create mode 100644 src/charon/sa/connect_manager.h create mode 100644 src/charon/sa/mediation_manager.c create mode 100644 src/charon/sa/mediation_manager.h create mode 100644 src/charon/sa/tasks/ike_p2p.c create mode 100644 src/charon/sa/tasks/ike_p2p.h create mode 100644 src/dumm/Makefile.am create mode 100644 src/dumm/Makefile.in create mode 100644 src/dumm/bridge.c create mode 100644 src/dumm/bridge.h create mode 100644 src/dumm/cowfs.c create mode 100644 src/dumm/cowfs.h create mode 100644 src/dumm/dumm.c create mode 100644 src/dumm/dumm.h create mode 100644 src/dumm/guest.c create mode 100644 src/dumm/guest.h create mode 100644 src/dumm/iface.c create mode 100644 src/dumm/iface.h create mode 100644 src/dumm/main.c create mode 100644 src/dumm/mconsole.c create mode 100644 src/dumm/mconsole.h create mode 100644 src/libstrongswan/crypto/ietf_attr_list.c create mode 100644 src/libstrongswan/crypto/ietf_attr_list.h create mode 100644 src/libstrongswan/crypto/pkcs7.c create mode 100644 src/libstrongswan/crypto/pkcs7.h create mode 100644 src/libstrongswan/fips/fips.c create mode 100644 src/libstrongswan/fips/fips.h create mode 100644 src/libstrongswan/fips/fips_canister_end.c create mode 100644 src/libstrongswan/fips/fips_canister_start.c create mode 100644 src/libstrongswan/fips/fips_signer.c create mode 100644 src/libstrongswan/utils/enumerator.c create mode 100644 src/libstrongswan/utils/enumerator.h create mode 100644 src/libstrongswan/utils/optionsfrom.c create mode 100644 src/libstrongswan/utils/optionsfrom.h create mode 100644 src/manager/Makefile.am create mode 100644 src/manager/Makefile.in create mode 100644 src/manager/controller/auth_controller.c create mode 100644 src/manager/controller/auth_controller.h create mode 100644 src/manager/controller/gateway_controller.c create mode 100644 src/manager/controller/gateway_controller.h create mode 100644 src/manager/controller/status_controller.c create mode 100644 src/manager/controller/status_controller.h create mode 100644 src/manager/database.c create mode 100644 src/manager/database.h create mode 100644 src/manager/gateway.c create mode 100644 src/manager/gateway.h create mode 100644 src/manager/lib/context.h create mode 100644 src/manager/lib/controller.h create mode 100644 src/manager/lib/dispatcher.c create mode 100644 src/manager/lib/dispatcher.h create mode 100644 src/manager/lib/request.c create mode 100644 src/manager/lib/request.h create mode 100644 src/manager/lib/session.c create mode 100644 src/manager/lib/session.h create mode 100644 src/manager/lib/xml.c create mode 100644 src/manager/lib/xml.h create mode 100644 src/manager/main.c create mode 100644 src/manager/manager.c create mode 100644 src/manager/manager.db create mode 100644 src/manager/manager.h create mode 100644 src/manager/templates/auth/login.cs create mode 100644 src/manager/templates/error.cs create mode 100644 src/manager/templates/footer.cs create mode 100644 src/manager/templates/gateway/list.cs create mode 100644 src/manager/templates/header.cs create mode 100644 src/manager/templates/static/client-left.png create mode 100644 src/manager/templates/static/client-right.png create mode 100644 src/manager/templates/static/gateway-left.png create mode 100644 src/manager/templates/static/gateway-right.png create mode 100644 src/manager/templates/static/jquery.js create mode 100644 src/manager/templates/static/pipe-bad.png create mode 100644 src/manager/templates/static/pipe-good.png create mode 100644 src/manager/templates/static/pipe-thin-left.png create mode 100644 src/manager/templates/static/pipe-thin-right.png create mode 100644 src/manager/templates/static/pipe-thin.png create mode 100644 src/manager/templates/static/pipe.png create mode 100644 src/manager/templates/static/router.png create mode 100644 src/manager/templates/static/script.js create mode 100644 src/manager/templates/static/strongswan.png create mode 100644 src/manager/templates/static/style.css create mode 100644 src/manager/templates/status/ikesalist.cs delete mode 100644 src/openac/loglite.c delete mode 100644 src/pluto/oid.c delete mode 100644 src/pluto/oid.h delete mode 100644 src/pluto/oid.pl delete mode 100644 src/pluto/oid.txt create mode 100644 src/scepclient/loglite.c create mode 100644 src/starter/loglite.c (limited to 'src') diff --git a/src/Makefile.am b/src/Makefile.am index 204a211e4..4d41ea9e5 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -1 +1,10 @@ -SUBDIRS = include libfreeswan libcrypto libstrongswan pluto whack charon stroke starter openac scepclient ipsec _updown _updown_espmark _copyright +SUBDIRS = include libfreeswan libcrypto libstrongswan pluto whack charon stroke starter openac scepclient ipsec _updown _updown_espmark _copyright + +if USE_UML + SUBDIRS += dumm +endif + +if USE_MANAGER + SUBDIRS += manager +endif + diff --git a/src/Makefile.in b/src/Makefile.in index d9d363ab4..aea3c7a2b 100644 --- a/src/Makefile.in +++ b/src/Makefile.in @@ -1,8 +1,8 @@ -# Makefile.in generated by automake 1.9.6 from Makefile.am. +# Makefile.in generated by automake 1.10 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -13,15 +13,11 @@ # PARTICULAR PURPOSE. @SET_MAKE@ -srcdir = @srcdir@ -top_srcdir = @top_srcdir@ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ -top_builddir = .. am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -INSTALL = @INSTALL@ install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c @@ -35,6 +31,8 @@ PRE_UNINSTALL = : POST_UNINSTALL = : build_triplet = @build@ host_triplet = @host@ +@USE_UML_TRUE@am__append_1 = dumm +@USE_MANAGER_TRUE@am__append_2 = manager subdir = src DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 @@ -47,25 +45,26 @@ SOURCES = DIST_SOURCES = RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \ html-recursive info-recursive install-data-recursive \ - install-exec-recursive install-info-recursive \ - install-recursive installcheck-recursive installdirs-recursive \ - pdf-recursive ps-recursive uninstall-info-recursive \ - uninstall-recursive + install-dvi-recursive install-exec-recursive \ + install-html-recursive install-info-recursive \ + install-pdf-recursive install-ps-recursive install-recursive \ + installcheck-recursive installdirs-recursive pdf-recursive \ + ps-recursive uninstall-recursive +RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \ + distclean-recursive maintainer-clean-recursive ETAGS = etags CTAGS = ctags -DIST_SUBDIRS = $(SUBDIRS) +DIST_SUBDIRS = include libfreeswan libcrypto libstrongswan pluto whack \ + charon stroke starter openac scepclient ipsec _updown \ + _updown_espmark _copyright dumm manager DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) ACLOCAL = @ACLOCAL@ -AMDEP_FALSE = @AMDEP_FALSE@ -AMDEP_TRUE = @AMDEP_TRUE@ AMTAR = @AMTAR@ AR = @AR@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ -BUILD_EAP_SIM_FALSE = @BUILD_EAP_SIM_FALSE@ -BUILD_EAP_SIM_TRUE = @BUILD_EAP_SIM_TRUE@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ @@ -88,10 +87,13 @@ F77 = @F77@ FFLAGS = @FFLAGS@ GPERF = @GPERF@ GREP = @GREP@ +INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@ +IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ @@ -103,6 +105,7 @@ LINUX_HEADERS = @LINUX_HEADERS@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ +MKDIR_P = @MKDIR_P@ OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ @@ -118,34 +121,16 @@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ STRIP = @STRIP@ -USE_CISCO_QUIRKS_FALSE = @USE_CISCO_QUIRKS_FALSE@ -USE_CISCO_QUIRKS_TRUE = @USE_CISCO_QUIRKS_TRUE@ -USE_LEAK_DETECTIVE_FALSE = @USE_LEAK_DETECTIVE_FALSE@ -USE_LEAK_DETECTIVE_TRUE = @USE_LEAK_DETECTIVE_TRUE@ -USE_LIBCURL_FALSE = @USE_LIBCURL_FALSE@ -USE_LIBCURL_TRUE = @USE_LIBCURL_TRUE@ -USE_LIBDBUS_FALSE = @USE_LIBDBUS_FALSE@ -USE_LIBDBUS_TRUE = @USE_LIBDBUS_TRUE@ -USE_LIBLDAP_FALSE = @USE_LIBLDAP_FALSE@ -USE_LIBLDAP_TRUE = @USE_LIBLDAP_TRUE@ -USE_LIBXML_FALSE = @USE_LIBXML_FALSE@ -USE_LIBXML_TRUE = @USE_LIBXML_TRUE@ -USE_NAT_TRANSPORT_FALSE = @USE_NAT_TRANSPORT_FALSE@ -USE_NAT_TRANSPORT_TRUE = @USE_NAT_TRANSPORT_TRUE@ -USE_SMARTCARD_FALSE = @USE_SMARTCARD_FALSE@ -USE_SMARTCARD_TRUE = @USE_SMARTCARD_TRUE@ -USE_VENDORID_FALSE = @USE_VENDORID_FALSE@ -USE_VENDORID_TRUE = @USE_VENDORID_TRUE@ VERSION = @VERSION@ YACC = @YACC@ YFLAGS = @YFLAGS@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ ac_ct_CC = @ac_ct_CC@ ac_ct_CXX = @ac_ct_CXX@ ac_ct_F77 = @ac_ct_F77@ -am__fastdepCC_FALSE = @am__fastdepCC_FALSE@ -am__fastdepCC_TRUE = @am__fastdepCC_TRUE@ -am__fastdepCXX_FALSE = @am__fastdepCXX_FALSE@ -am__fastdepCXX_TRUE = @am__fastdepCXX_TRUE@ am__include = @am__include@ am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ @@ -158,6 +143,7 @@ build_alias = @build_alias@ build_cpu = @build_cpu@ build_os = @build_os@ build_vendor = @build_vendor@ +builddir = @builddir@ confdir = @confdir@ datadir = @datadir@ datarootdir = @datarootdir@ @@ -195,11 +181,16 @@ program_transform_name = @program_transform_name@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ +srcdir = @srcdir@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ xml_CFLAGS = @xml_CFLAGS@ xml_LIBS = @xml_LIBS@ -SUBDIRS = include libfreeswan libcrypto libstrongswan pluto whack charon stroke starter openac scepclient ipsec _updown _updown_espmark _copyright +SUBDIRS = include libfreeswan libcrypto libstrongswan pluto whack \ + charon stroke starter openac scepclient ipsec _updown \ + _updown_espmark _copyright $(am__append_1) $(am__append_2) all: all-recursive .SUFFIXES: @@ -239,10 +230,6 @@ mostlyclean-libtool: clean-libtool: -rm -rf .libs _libs -distclean-libtool: - -rm -f libtool -uninstall-info-am: - # This directory's subdirectories are mostly independent; you can cd # into them and run `make' without going through this Makefile. # To change the values of `make' variables: instead of editing Makefiles, @@ -274,8 +261,7 @@ $(RECURSIVE_TARGETS): $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \ fi; test -z "$$fail" -mostlyclean-recursive clean-recursive distclean-recursive \ -maintainer-clean-recursive: +$(RECURSIVE_CLEAN_TARGETS): @failcom='exit 1'; \ for f in x $$MAKEFLAGS; do \ case $$f in \ @@ -376,22 +362,21 @@ distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \ - list='$(DISTFILES)'; for file in $$list; do \ - case $$file in \ - $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \ - $(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \ - esac; \ + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test "$$dir" != "$$file" && test "$$dir" != "."; then \ - dir="/$$dir"; \ - $(mkdir_p) "$(distdir)$$dir"; \ - else \ - dir=''; \ - fi; \ if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ fi; \ @@ -405,7 +390,7 @@ distdir: $(DISTFILES) list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ if test "$$subdir" = .; then :; else \ test -d "$(distdir)/$$subdir" \ - || $(mkdir_p) "$(distdir)/$$subdir" \ + || $(MKDIR_P) "$(distdir)/$$subdir" \ || exit 1; \ distdir=`$(am__cd) $(distdir) && pwd`; \ top_distdir=`$(am__cd) $(top_distdir) && pwd`; \ @@ -413,6 +398,8 @@ distdir: $(DISTFILES) $(MAKE) $(AM_MAKEFLAGS) \ top_distdir="$$top_distdir" \ distdir="$$distdir/$$subdir" \ + am__remove_distdir=: \ + am__skip_length_check=: \ distdir) \ || exit 1; \ fi; \ @@ -452,8 +439,7 @@ clean-am: clean-generic clean-libtool mostlyclean-am distclean: distclean-recursive -rm -f Makefile -distclean-am: clean-am distclean-generic distclean-libtool \ - distclean-tags +distclean-am: clean-am distclean-generic distclean-tags dvi: dvi-recursive @@ -467,12 +453,20 @@ info-am: install-data-am: +install-dvi: install-dvi-recursive + install-exec-am: +install-html: install-html-recursive + install-info: install-info-recursive install-man: +install-pdf: install-pdf-recursive + +install-ps: install-ps-recursive + installcheck-am: maintainer-clean: maintainer-clean-recursive @@ -491,22 +485,24 @@ ps: ps-recursive ps-am: -uninstall-am: uninstall-info-am +uninstall-am: -uninstall-info: uninstall-info-recursive +.MAKE: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) install-am \ + install-strip -.PHONY: $(RECURSIVE_TARGETS) CTAGS GTAGS all all-am check check-am \ - clean clean-generic clean-libtool clean-recursive ctags \ - ctags-recursive distclean distclean-generic distclean-libtool \ - distclean-recursive distclean-tags distdir dvi dvi-am html \ +.PHONY: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) CTAGS GTAGS \ + all all-am check check-am clean clean-generic clean-libtool \ + ctags ctags-recursive distclean distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ html-am info info-am install install-am install-data \ - install-data-am install-exec install-exec-am install-info \ - install-info-am install-man install-strip installcheck \ + install-data-am install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-man install-pdf install-pdf-am \ + install-ps install-ps-am install-strip installcheck \ installcheck-am installdirs installdirs-am maintainer-clean \ - maintainer-clean-generic maintainer-clean-recursive \ - mostlyclean mostlyclean-generic mostlyclean-libtool \ - mostlyclean-recursive pdf pdf-am ps ps-am tags tags-recursive \ - uninstall uninstall-am uninstall-info-am + maintainer-clean-generic mostlyclean mostlyclean-generic \ + mostlyclean-libtool pdf pdf-am ps ps-am tags tags-recursive \ + uninstall uninstall-am # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. diff --git a/src/_copyright/Makefile.in b/src/_copyright/Makefile.in index 3b49498a3..6516a22fa 100644 --- a/src/_copyright/Makefile.in +++ b/src/_copyright/Makefile.in @@ -1,8 +1,8 @@ -# Makefile.in generated by automake 1.9.6 from Makefile.am. +# Makefile.in generated by automake 1.10 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,15 +14,11 @@ @SET_MAKE@ -srcdir = @srcdir@ -top_srcdir = @top_srcdir@ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ -top_builddir = ../.. am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -INSTALL = @INSTALL@ install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c @@ -52,17 +48,18 @@ PROGRAMS = $(ipsec_PROGRAMS) am__copyright_OBJECTS = _copyright.$(OBJEXT) _copyright_OBJECTS = $(am__copyright_OBJECTS) _copyright_DEPENDENCIES = $(top_srcdir)/src/libfreeswan/libfreeswan.a -DEFAULT_INCLUDES = -I. -I$(srcdir) +DEFAULT_INCLUDES = -I.@am__isrc@ depcomp = $(SHELL) $(top_srcdir)/depcomp am__depfiles_maybe = depfiles COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) \ - $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \ - $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ + $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ - $(AM_LDFLAGS) $(LDFLAGS) -o $@ +LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ + $(LDFLAGS) -o $@ SOURCES = $(_copyright_SOURCES) DIST_SOURCES = $(_copyright_SOURCES) man8dir = $(mandir)/man8 @@ -72,16 +69,12 @@ ETAGS = etags CTAGS = ctags DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) ACLOCAL = @ACLOCAL@ -AMDEP_FALSE = @AMDEP_FALSE@ -AMDEP_TRUE = @AMDEP_TRUE@ AMTAR = @AMTAR@ AR = @AR@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ -BUILD_EAP_SIM_FALSE = @BUILD_EAP_SIM_FALSE@ -BUILD_EAP_SIM_TRUE = @BUILD_EAP_SIM_TRUE@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ @@ -104,10 +97,13 @@ F77 = @F77@ FFLAGS = @FFLAGS@ GPERF = @GPERF@ GREP = @GREP@ +INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@ +IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ @@ -119,6 +115,7 @@ LINUX_HEADERS = @LINUX_HEADERS@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ +MKDIR_P = @MKDIR_P@ OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ @@ -134,34 +131,16 @@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ STRIP = @STRIP@ -USE_CISCO_QUIRKS_FALSE = @USE_CISCO_QUIRKS_FALSE@ -USE_CISCO_QUIRKS_TRUE = @USE_CISCO_QUIRKS_TRUE@ -USE_LEAK_DETECTIVE_FALSE = @USE_LEAK_DETECTIVE_FALSE@ -USE_LEAK_DETECTIVE_TRUE = @USE_LEAK_DETECTIVE_TRUE@ -USE_LIBCURL_FALSE = @USE_LIBCURL_FALSE@ -USE_LIBCURL_TRUE = @USE_LIBCURL_TRUE@ -USE_LIBDBUS_FALSE = @USE_LIBDBUS_FALSE@ -USE_LIBDBUS_TRUE = @USE_LIBDBUS_TRUE@ -USE_LIBLDAP_FALSE = @USE_LIBLDAP_FALSE@ -USE_LIBLDAP_TRUE = @USE_LIBLDAP_TRUE@ -USE_LIBXML_FALSE = @USE_LIBXML_FALSE@ -USE_LIBXML_TRUE = @USE_LIBXML_TRUE@ -USE_NAT_TRANSPORT_FALSE = @USE_NAT_TRANSPORT_FALSE@ -USE_NAT_TRANSPORT_TRUE = @USE_NAT_TRANSPORT_TRUE@ -USE_SMARTCARD_FALSE = @USE_SMARTCARD_FALSE@ -USE_SMARTCARD_TRUE = @USE_SMARTCARD_TRUE@ -USE_VENDORID_FALSE = @USE_VENDORID_FALSE@ -USE_VENDORID_TRUE = @USE_VENDORID_TRUE@ VERSION = @VERSION@ YACC = @YACC@ YFLAGS = @YFLAGS@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ ac_ct_CC = @ac_ct_CC@ ac_ct_CXX = @ac_ct_CXX@ ac_ct_F77 = @ac_ct_F77@ -am__fastdepCC_FALSE = @am__fastdepCC_FALSE@ -am__fastdepCC_TRUE = @am__fastdepCC_TRUE@ -am__fastdepCXX_FALSE = @am__fastdepCXX_FALSE@ -am__fastdepCXX_TRUE = @am__fastdepCXX_TRUE@ am__include = @am__include@ am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ @@ -174,6 +153,7 @@ build_alias = @build_alias@ build_cpu = @build_cpu@ build_os = @build_os@ build_vendor = @build_vendor@ +builddir = @builddir@ confdir = @confdir@ datadir = @datadir@ datarootdir = @datarootdir@ @@ -211,8 +191,11 @@ program_transform_name = @program_transform_name@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ +srcdir = @srcdir@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ xml_CFLAGS = @xml_CFLAGS@ xml_LIBS = @xml_LIBS@ _copyright_SOURCES = _copyright.c @@ -254,7 +237,7 @@ $(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh install-ipsecPROGRAMS: $(ipsec_PROGRAMS) @$(NORMAL_INSTALL) - test -z "$(ipsecdir)" || $(mkdir_p) "$(DESTDIR)$(ipsecdir)" + test -z "$(ipsecdir)" || $(MKDIR_P) "$(DESTDIR)$(ipsecdir)" @list='$(ipsec_PROGRAMS)'; for p in $$list; do \ p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ if test -f $$p \ @@ -282,7 +265,7 @@ clean-ipsecPROGRAMS: done _copyright$(EXEEXT): $(_copyright_OBJECTS) $(_copyright_DEPENDENCIES) @rm -f _copyright$(EXEEXT) - $(LINK) $(_copyright_LDFLAGS) $(_copyright_OBJECTS) $(_copyright_LDADD) $(LIBS) + $(LINK) $(_copyright_OBJECTS) $(_copyright_LDADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) @@ -293,22 +276,22 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/_copyright.Po@am__quote@ .c.o: -@am__fastdepCC_TRUE@ if $(COMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ $<; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Po"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(COMPILE) -c $< .c.obj: -@am__fastdepCC_TRUE@ if $(COMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ `$(CYGPATH_W) '$<'`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Po"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` .c.lo: -@am__fastdepCC_TRUE@ if $(LTCOMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ $<; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Plo"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< @@ -318,13 +301,9 @@ mostlyclean-libtool: clean-libtool: -rm -rf .libs _libs - -distclean-libtool: - -rm -f libtool -uninstall-info-am: install-man8: $(man8_MANS) $(man_MANS) @$(NORMAL_INSTALL) - test -z "$(man8dir)" || $(mkdir_p) "$(DESTDIR)$(man8dir)" + test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)" @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ for i in $$l2; do \ @@ -417,22 +396,21 @@ distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \ - list='$(DISTFILES)'; for file in $$list; do \ - case $$file in \ - $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \ - $(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \ - esac; \ + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test "$$dir" != "$$file" && test "$$dir" != "."; then \ - dir="/$$dir"; \ - $(mkdir_p) "$(distdir)$$dir"; \ - else \ - dir=''; \ - fi; \ if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ fi; \ @@ -448,7 +426,7 @@ check: check-am all-am: Makefile $(PROGRAMS) $(MANS) installdirs: for dir in "$(DESTDIR)$(ipsecdir)" "$(DESTDIR)$(man8dir)"; do \ - test -z "$$dir" || $(mkdir_p) "$$dir"; \ + test -z "$$dir" || $(MKDIR_P) "$$dir"; \ done install: install-am install-exec: install-exec-am @@ -483,7 +461,7 @@ distclean: distclean-am -rm -rf ./$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ - distclean-libtool distclean-tags + distclean-tags dvi: dvi-am @@ -497,12 +475,20 @@ info-am: install-data-am: install-ipsecPROGRAMS install-man +install-dvi: install-dvi-am + install-exec-am: +install-html: install-html-am + install-info: install-info-am install-man: install-man8 +install-pdf: install-pdf-am + +install-ps: install-ps-am + installcheck-am: maintainer-clean: maintainer-clean-am @@ -523,22 +509,26 @@ ps: ps-am ps-am: -uninstall-am: uninstall-info-am uninstall-ipsecPROGRAMS uninstall-man +uninstall-am: uninstall-ipsecPROGRAMS uninstall-man uninstall-man: uninstall-man8 +.MAKE: install-am install-strip + .PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ clean-ipsecPROGRAMS clean-libtool ctags distclean \ distclean-compile distclean-generic distclean-libtool \ distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-exec \ - install-exec-am install-info install-info-am \ - install-ipsecPROGRAMS install-man install-man8 install-strip \ + install install-am install-data install-data-am install-dvi \ + install-dvi-am install-exec install-exec-am install-html \ + install-html-am install-info install-info-am \ + install-ipsecPROGRAMS install-man install-man8 install-pdf \ + install-pdf-am install-ps install-ps-am install-strip \ installcheck installcheck-am installdirs maintainer-clean \ maintainer-clean-generic mostlyclean mostlyclean-compile \ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-info-am \ - uninstall-ipsecPROGRAMS uninstall-man uninstall-man8 + tags uninstall uninstall-am uninstall-ipsecPROGRAMS \ + uninstall-man uninstall-man8 # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. diff --git a/src/_copyright/_copyright.8 b/src/_copyright/_copyright.8 index 87e4adc98..a0358750a 100644 --- a/src/_copyright/_copyright.8 +++ b/src/_copyright/_copyright.8 @@ -1,6 +1,6 @@ .TH _COPYRIGHT 8 "25 Apr 2002" .\" -.\" RCSID $Id: _copyright.8,v 1.1 2004/03/15 20:35:27 as Exp $ +.\" RCSID $Id: _copyright.8 3266 2007-10-08 19:57:37Z andreas $ .\" .SH NAME ipsec _copyright \- prints FreeSWAN copyright diff --git a/src/_copyright/_copyright.c b/src/_copyright/_copyright.c index 0fb360f40..ff4294f81 100644 --- a/src/_copyright/_copyright.c +++ b/src/_copyright/_copyright.c @@ -13,7 +13,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: _copyright.c,v 1.1 2004/03/15 20:35:27 as Exp $ + * RCSID $Id: _copyright.c 3266 2007-10-08 19:57:37Z andreas $ */ #include diff --git a/src/_updown/Makefile.am b/src/_updown/Makefile.am index 27a467c4f..d0b7a27a4 100644 --- a/src/_updown/Makefile.am +++ b/src/_updown/Makefile.am @@ -1,3 +1,11 @@ -dist_ipsec_SCRIPTS = _updown +ipsec_SCRIPTS = _updown +CLEANFILES = _updown dist_man8_MANS = _updown.8 +EXTRA_DIST = _updown.in +_updown : _updown.in + sed \ + -e "s:\@IPSEC_ROUTING_TABLE\@:$(IPSEC_ROUTING_TABLE):" \ + -e "s:\@IPSEC_ROUTING_TABLE_PRIO\@:$(IPSEC_ROUTING_TABLE_PRIO):" \ + $< > $@ + chmod +x $@ diff --git a/src/_updown/Makefile.in b/src/_updown/Makefile.in index ff4651d05..21e38da5d 100644 --- a/src/_updown/Makefile.in +++ b/src/_updown/Makefile.in @@ -1,8 +1,8 @@ -# Makefile.in generated by automake 1.9.6 from Makefile.am. +# Makefile.in generated by automake 1.10 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,15 +14,11 @@ @SET_MAKE@ -srcdir = @srcdir@ -top_srcdir = @top_srcdir@ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ -top_builddir = ../.. am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -INSTALL = @INSTALL@ install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c @@ -37,8 +33,8 @@ POST_UNINSTALL = : build_triplet = @build@ host_triplet = @host@ subdir = src/_updown -DIST_COMMON = $(dist_ipsec_SCRIPTS) $(dist_man8_MANS) \ - $(srcdir)/Makefile.am $(srcdir)/Makefile.in +DIST_COMMON = $(dist_man8_MANS) $(srcdir)/Makefile.am \ + $(srcdir)/Makefile.in ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/configure.in am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ @@ -46,8 +42,8 @@ am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ mkinstalldirs = $(install_sh) -d CONFIG_CLEAN_FILES = am__installdirs = "$(DESTDIR)$(ipsecdir)" "$(DESTDIR)$(man8dir)" -dist_ipsecSCRIPT_INSTALL = $(INSTALL_SCRIPT) -SCRIPTS = $(dist_ipsec_SCRIPTS) +ipsecSCRIPT_INSTALL = $(INSTALL_SCRIPT) +SCRIPTS = $(ipsec_SCRIPTS) SOURCES = DIST_SOURCES = man8dir = $(mandir)/man8 @@ -55,16 +51,12 @@ NROFF = nroff MANS = $(dist_man8_MANS) DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) ACLOCAL = @ACLOCAL@ -AMDEP_FALSE = @AMDEP_FALSE@ -AMDEP_TRUE = @AMDEP_TRUE@ AMTAR = @AMTAR@ AR = @AR@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ -BUILD_EAP_SIM_FALSE = @BUILD_EAP_SIM_FALSE@ -BUILD_EAP_SIM_TRUE = @BUILD_EAP_SIM_TRUE@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ @@ -87,10 +79,13 @@ F77 = @F77@ FFLAGS = @FFLAGS@ GPERF = @GPERF@ GREP = @GREP@ +INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@ +IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ @@ -102,6 +97,7 @@ LINUX_HEADERS = @LINUX_HEADERS@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ +MKDIR_P = @MKDIR_P@ OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ @@ -117,34 +113,16 @@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ STRIP = @STRIP@ -USE_CISCO_QUIRKS_FALSE = @USE_CISCO_QUIRKS_FALSE@ -USE_CISCO_QUIRKS_TRUE = @USE_CISCO_QUIRKS_TRUE@ -USE_LEAK_DETECTIVE_FALSE = @USE_LEAK_DETECTIVE_FALSE@ -USE_LEAK_DETECTIVE_TRUE = @USE_LEAK_DETECTIVE_TRUE@ -USE_LIBCURL_FALSE = @USE_LIBCURL_FALSE@ -USE_LIBCURL_TRUE = @USE_LIBCURL_TRUE@ -USE_LIBDBUS_FALSE = @USE_LIBDBUS_FALSE@ -USE_LIBDBUS_TRUE = @USE_LIBDBUS_TRUE@ -USE_LIBLDAP_FALSE = @USE_LIBLDAP_FALSE@ -USE_LIBLDAP_TRUE = @USE_LIBLDAP_TRUE@ -USE_LIBXML_FALSE = @USE_LIBXML_FALSE@ -USE_LIBXML_TRUE = @USE_LIBXML_TRUE@ -USE_NAT_TRANSPORT_FALSE = @USE_NAT_TRANSPORT_FALSE@ -USE_NAT_TRANSPORT_TRUE = @USE_NAT_TRANSPORT_TRUE@ -USE_SMARTCARD_FALSE = @USE_SMARTCARD_FALSE@ -USE_SMARTCARD_TRUE = @USE_SMARTCARD_TRUE@ -USE_VENDORID_FALSE = @USE_VENDORID_FALSE@ -USE_VENDORID_TRUE = @USE_VENDORID_TRUE@ VERSION = @VERSION@ YACC = @YACC@ YFLAGS = @YFLAGS@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ ac_ct_CC = @ac_ct_CC@ ac_ct_CXX = @ac_ct_CXX@ ac_ct_F77 = @ac_ct_F77@ -am__fastdepCC_FALSE = @am__fastdepCC_FALSE@ -am__fastdepCC_TRUE = @am__fastdepCC_TRUE@ -am__fastdepCXX_FALSE = @am__fastdepCXX_FALSE@ -am__fastdepCXX_TRUE = @am__fastdepCXX_TRUE@ am__include = @am__include@ am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ @@ -157,6 +135,7 @@ build_alias = @build_alias@ build_cpu = @build_cpu@ build_os = @build_os@ build_vendor = @build_vendor@ +builddir = @builddir@ confdir = @confdir@ datadir = @datadir@ datarootdir = @datarootdir@ @@ -194,12 +173,17 @@ program_transform_name = @program_transform_name@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ +srcdir = @srcdir@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ xml_CFLAGS = @xml_CFLAGS@ xml_LIBS = @xml_LIBS@ -dist_ipsec_SCRIPTS = _updown +ipsec_SCRIPTS = _updown +CLEANFILES = _updown dist_man8_MANS = _updown.8 +EXTRA_DIST = _updown.in all: all-am .SUFFIXES: @@ -232,21 +216,21 @@ $(top_srcdir)/configure: $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -install-dist_ipsecSCRIPTS: $(dist_ipsec_SCRIPTS) +install-ipsecSCRIPTS: $(ipsec_SCRIPTS) @$(NORMAL_INSTALL) - test -z "$(ipsecdir)" || $(mkdir_p) "$(DESTDIR)$(ipsecdir)" - @list='$(dist_ipsec_SCRIPTS)'; for p in $$list; do \ + test -z "$(ipsecdir)" || $(MKDIR_P) "$(DESTDIR)$(ipsecdir)" + @list='$(ipsec_SCRIPTS)'; for p in $$list; do \ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ if test -f $$d$$p; then \ f=`echo "$$p" | sed 's|^.*/||;$(transform)'`; \ - echo " $(dist_ipsecSCRIPT_INSTALL) '$$d$$p' '$(DESTDIR)$(ipsecdir)/$$f'"; \ - $(dist_ipsecSCRIPT_INSTALL) "$$d$$p" "$(DESTDIR)$(ipsecdir)/$$f"; \ + echo " $(ipsecSCRIPT_INSTALL) '$$d$$p' '$(DESTDIR)$(ipsecdir)/$$f'"; \ + $(ipsecSCRIPT_INSTALL) "$$d$$p" "$(DESTDIR)$(ipsecdir)/$$f"; \ else :; fi; \ done -uninstall-dist_ipsecSCRIPTS: +uninstall-ipsecSCRIPTS: @$(NORMAL_UNINSTALL) - @list='$(dist_ipsec_SCRIPTS)'; for p in $$list; do \ + @list='$(ipsec_SCRIPTS)'; for p in $$list; do \ f=`echo "$$p" | sed 's|^.*/||;$(transform)'`; \ echo " rm -f '$(DESTDIR)$(ipsecdir)/$$f'"; \ rm -f "$(DESTDIR)$(ipsecdir)/$$f"; \ @@ -257,13 +241,9 @@ mostlyclean-libtool: clean-libtool: -rm -rf .libs _libs - -distclean-libtool: - -rm -f libtool -uninstall-info-am: install-man8: $(man8_MANS) $(man_MANS) @$(NORMAL_INSTALL) - test -z "$(man8dir)" || $(mkdir_p) "$(DESTDIR)$(man8dir)" + test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)" @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ for i in $$l2; do \ @@ -314,22 +294,21 @@ CTAGS: distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \ - list='$(DISTFILES)'; for file in $$list; do \ - case $$file in \ - $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \ - $(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \ - esac; \ + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test "$$dir" != "$$file" && test "$$dir" != "."; then \ - dir="/$$dir"; \ - $(mkdir_p) "$(distdir)$$dir"; \ - else \ - dir=''; \ - fi; \ if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ fi; \ @@ -345,7 +324,7 @@ check: check-am all-am: Makefile $(SCRIPTS) $(MANS) installdirs: for dir in "$(DESTDIR)$(ipsecdir)" "$(DESTDIR)$(man8dir)"; do \ - test -z "$$dir" || $(mkdir_p) "$$dir"; \ + test -z "$$dir" || $(MKDIR_P) "$$dir"; \ done install: install-am install-exec: install-exec-am @@ -364,6 +343,7 @@ install-strip: mostlyclean-generic: clean-generic: + -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) @@ -377,7 +357,7 @@ clean-am: clean-generic clean-libtool mostlyclean-am distclean: distclean-am -rm -f Makefile -distclean-am: clean-am distclean-generic distclean-libtool +distclean-am: clean-am distclean-generic dvi: dvi-am @@ -389,14 +369,22 @@ info: info-am info-am: -install-data-am: install-dist_ipsecSCRIPTS install-man +install-data-am: install-ipsecSCRIPTS install-man + +install-dvi: install-dvi-am install-exec-am: +install-html: install-html-am + install-info: install-info-am install-man: install-man8 +install-pdf: install-pdf-am + +install-ps: install-ps-am + installcheck-am: maintainer-clean: maintainer-clean-am @@ -415,23 +403,32 @@ ps: ps-am ps-am: -uninstall-am: uninstall-dist_ipsecSCRIPTS uninstall-info-am \ - uninstall-man +uninstall-am: uninstall-ipsecSCRIPTS uninstall-man uninstall-man: uninstall-man8 +.MAKE: install-am install-strip + .PHONY: all all-am check check-am clean clean-generic clean-libtool \ distclean distclean-generic distclean-libtool distdir dvi \ dvi-am html html-am info info-am install install-am \ - install-data install-data-am install-dist_ipsecSCRIPTS \ - install-exec install-exec-am install-info install-info-am \ - install-man install-man8 install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-generic \ - mostlyclean-libtool pdf pdf-am ps ps-am uninstall uninstall-am \ - uninstall-dist_ipsecSCRIPTS uninstall-info-am uninstall-man \ - uninstall-man8 - + install-data install-data-am install-dvi install-dvi-am \ + install-exec install-exec-am install-html install-html-am \ + install-info install-info-am install-ipsecSCRIPTS install-man \ + install-man8 install-pdf install-pdf-am install-ps \ + install-ps-am install-strip installcheck installcheck-am \ + installdirs maintainer-clean maintainer-clean-generic \ + mostlyclean mostlyclean-generic mostlyclean-libtool pdf pdf-am \ + ps ps-am uninstall uninstall-am uninstall-ipsecSCRIPTS \ + uninstall-man uninstall-man8 + + +_updown : _updown.in + sed \ + -e "s:\@IPSEC_ROUTING_TABLE\@:$(IPSEC_ROUTING_TABLE):" \ + -e "s:\@IPSEC_ROUTING_TABLE_PRIO\@:$(IPSEC_ROUTING_TABLE_PRIO):" \ + $< > $@ + chmod +x $@ # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/src/_updown/_updown b/src/_updown/_updown deleted file mode 100755 index 795b6f388..000000000 --- a/src/_updown/_updown +++ /dev/null @@ -1,524 +0,0 @@ -#! /bin/sh -# iproute2 version, default updown script -# -# Copyright (C) 2003-2004 Nigel Meteringham -# Copyright (C) 2003-2004 Tuomo Soini -# Copyright (C) 2002-2004 Michael Richardson -# Copyright (C) 2005-2007 Andreas Steffen -# -# This program is free software; you can redistribute it and/or modify it -# under the terms of the GNU General Public License as published by the -# Free Software Foundation; either version 2 of the License, or (at your -# option) any later version. See . -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY -# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License -# for more details. -# -# RCSID $Id: _updown.in,v 1.2 2006/04/17 15:06:29 as Exp $ - -# CAUTION: Installing a new version of strongSwan will install a new -# copy of this script, wiping out any custom changes you make. If -# you need changes, make a copy of this under another name, and customize -# that, and use the (left/right)updown parameters in ipsec.conf to make -# strongSwan use yours instead of this default one. - -# things that this script gets (from ipsec_pluto(8) man page) -# -# PLUTO_VERSION -# indicates what version of this interface is being -# used. This document describes version 1.1. This -# is upwardly compatible with version 1.0. -# -# PLUTO_VERB -# specifies the name of the operation to be performed -# (prepare-host, prepare-client, up-host, up-client, -# down-host, or down-client). If the address family -# for security gateway to security gateway communica­ -# tions is IPv6, then a suffix of -v6 is added to the -# verb. -# -# PLUTO_CONNECTION -# is the name of the connection for which we are -# routing. -# -# PLUTO_NEXT_HOP -# is the next hop to which packets bound for the peer -# must be sent. -# -# PLUTO_INTERFACE -# is the name of the ipsec interface to be used. -# -# PLUTO_REQID -# is the requid of the ESP policy -# -# PLUTO_ME -# is the IP address of our host. -# -# PLUTO_MY_ID -# is the ID of our host. -# -# PLUTO_MY_CLIENT -# is the IP address / count of our client subnet. If -# the client is just the host, this will be the -# host's own IP address / max (where max is 32 for -# IPv4 and 128 for IPv6). -# -# PLUTO_MY_CLIENT_NET -# is the IP address of our client net. If the client -# is just the host, this will be the host's own IP -# address. -# -# PLUTO_MY_CLIENT_MASK -# is the mask for our client net. If the client is -# just the host, this will be 255.255.255.255. -# -# PLUTO_MY_SOURCEIP -# if non-empty, then the source address for the route will be -# set to this IP address. -# -# PLUTO_MY_PROTOCOL -# is the IP protocol that will be transported. -# -# PLUTO_MY_PORT -# is the UDP/TCP port to which the IPsec SA is -# restricted on our side. -# -# PLUTO_PEER -# is the IP address of our peer. -# -# PLUTO_PEER_ID -# is the ID of our peer. -# -# PLUTO_PEER_CA -# is the CA which issued the cert of our peer. -# -# PLUTO_PEER_CLIENT -# is the IP address / count of the peer's client sub­ -# net. If the client is just the peer, this will be -# the peer's own IP address / max (where max is 32 -# for IPv4 and 128 for IPv6). -# -# PLUTO_PEER_CLIENT_NET -# is the IP address of the peer's client net. If the -# client is just the peer, this will be the peer's -# own IP address. -# -# PLUTO_PEER_CLIENT_MASK -# is the mask for the peer's client net. If the -# client is just the peer, this will be -# 255.255.255.255. -# -# PLUTO_PEER_PROTOCOL -# is the IP protocol that will be transported. -# -# PLUTO_PEER_PORT -# is the UDP/TCP port to which the IPsec SA is -# restricted on the peer side. -# - -# uncomment to log VPN connections -VPN_LOGGING=1 -# -# tag put in front of each log entry: -TAG=vpn -# -# syslog facility and priority used: -FAC_PRIO=local0.notice -# -# to create a special vpn logging file, put the following line into -# the syslog configuration file /etc/syslog.conf: -# -# local0.notice -/var/log/vpn -# - -# check interface version -case "$PLUTO_VERSION" in -1.[0|1]) # Older Pluto?!? Play it safe, script may be using new features. - echo "$0: obsolete interface version \`$PLUTO_VERSION'," >&2 - echo "$0: called by obsolete Pluto?" >&2 - exit 2 - ;; -1.*) ;; -*) echo "$0: unknown interface version \`$PLUTO_VERSION'" >&2 - exit 2 - ;; -esac - -# check parameter(s) -case "$1:$*" in -':') # no parameters - ;; -iptables:iptables) # due to (left/right)firewall; for default script only - ;; -custom:*) # custom parameters (see above CAUTION comment) - ;; -*) echo "$0: unknown parameters \`$*'" >&2 - exit 2 - ;; -esac - -# utility functions for route manipulation -# Meddling with this stuff should not be necessary and requires great care. -uproute() { - doroute add - ip route flush cache -} -downroute() { - doroute delete - ip route flush cache -} - -addsource() { - st=0 - if ! ip -o route get ${PLUTO_MY_SOURCEIP%/*} | grep -q ^local - then - it="ip addr add ${PLUTO_MY_SOURCEIP%/*}/32 dev $PLUTO_INTERFACE" - oops="`eval $it 2>&1`" - st=$? - if test " $oops" = " " -a " $st" != " 0" - then - oops="silent error, exit status $st" - fi - if test " $oops" != " " -o " $st" != " 0" - then - echo "$0: addsource \`$it' failed ($oops)" >&2 - fi - fi - return $st -} - -doroute() { - st=0 - - if [ -z "$PLUTO_MY_SOURCEIP" ] - then - if [ -f /etc/sysconfig/defaultsource ] - then - . /etc/sysconfig/defaultsource - fi - - if [ -f /etc/conf.d/defaultsource ] - then - . /etc/conf.d/defaultsource - fi - - if [ -n "$DEFAULTSOURCE" ] - then - PLUTO_MY_SOURCEIP=$DEFAULTSOURCE - fi - fi - - if [ -z "$KLIPS" -a -z "$PLUTO_MY_SOURCEIP" ] - then - # leave because no route entry is required - return $st - fi - - parms1="$PLUTO_PEER_CLIENT" - - parms2= - if [ -n "$KLIPS" ] - then - if [ -n "$PLUTO_NEXT_HOP" ] - then - parms2="via $PLUTO_NEXT_HOP" - fi - else - parms2="via $PLUTO_ME" - fi - parms2="$parms2 dev $PLUTO_INTERFACE" - - parms3= - if test "$1" = "add" -a -n "$PLUTO_MY_SOURCEIP" - then - addsource - parms3="$parms3 src ${PLUTO_MY_SOURCEIP%/*}" - fi - - case "$PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK" in - "0.0.0.0/0.0.0.0") - # opportunistic encryption work around - # need to provide route that eclipses default, without - # replacing it. - it="ip route $1 0.0.0.0/1 $parms2 $parms3 && - ip route $1 128.0.0.0/1 $parms2 $parms3" - ;; - *) it="ip route $1 $parms1 $parms2 $parms3" - ;; - esac - oops="`eval $it 2>&1`" - st=$? - if test " $oops" = " " -a " $st" != " 0" - then - oops="silent error, exit status $st" - fi - if test " $oops" != " " -o " $st" != " 0" - then - echo "$0: doroute \`$it' failed ($oops)" >&2 - fi - return $st -} - -# in the presence of KLIPS and ipsecN interfaces do not use IPSEC_POLICY -if [ `echo "$PLUTO_INTERFACE" | grep "ipsec"` ] -then - KLIPS=1 - IPSEC_POLICY_IN="" - IPSEC_POLICY_OUT="" -else - KLIPS= - IPSEC_POLICY="-m policy --pol ipsec --proto esp --reqid $PLUTO_REQID" - IPSEC_POLICY_IN="$IPSEC_POLICY --dir in" - IPSEC_POLICY_OUT="$IPSEC_POLICY --dir out" -fi - -# are there port numbers? -if [ "$PLUTO_MY_PORT" != 0 ] -then - S_MY_PORT="--sport $PLUTO_MY_PORT" - D_MY_PORT="--dport $PLUTO_MY_PORT" -fi -if [ "$PLUTO_PEER_PORT" != 0 ] -then - S_PEER_PORT="--sport $PLUTO_PEER_PORT" - D_PEER_PORT="--dport $PLUTO_PEER_PORT" -fi - -# the big choice -case "$PLUTO_VERB:$1" in -prepare-host:*|prepare-client:*) - if [ -z "$KLIPS" -a -z "$PLUTO_MY_SOURCEIP" ] - then - # exit because no route will be added, - # so that existing routes can stay - exit 0 - fi - - # delete possibly-existing route (preliminary to adding a route) - case "$PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK" in - "0.0.0.0/0.0.0.0") - # need to provide route that eclipses default, without - # replacing it. - parms1="0.0.0.0/1" - parms2="128.0.0.0/1" - it="ip route delete $parms1 2>&1 ; ip route delete $parms2 2>&1" - oops="`ip route delete $parms1 2>&1 ; ip route delete $parms2 2>&1`" - ;; - *) - parms="$PLUTO_PEER_CLIENT" - it="ip route delete $parms 2>&1" - oops="`ip route delete $parms 2>&1`" - ;; - esac - status="$?" - if test " $oops" = " " -a " $status" != " 0" - then - oops="silent error, exit status $status" - fi - case "$oops" in - *'RTNETLINK answers: No such process'*) - # This is what route (currently -- not documented!) gives - # for "could not find such a route". - oops= - status=0 - ;; - esac - if test " $oops" != " " -o " $status" != " 0" - then - echo "$0: \`$it' failed ($oops)" >&2 - fi - exit $status - ;; -route-host:*|route-client:*) - # connection to me or my client subnet being routed - uproute - ;; -unroute-host:*|unroute-client:*) - # connection to me or my client subnet being unrouted - downroute - ;; -up-host:) - # connection to me coming up - # If you are doing a custom version, firewall commands go here. - ;; -down-host:) - # connection to me going down - # If you are doing a custom version, firewall commands go here. - ;; -up-client:) - # connection to my client subnet coming up - # If you are doing a custom version, firewall commands go here. - ;; -down-client:) - # connection to my client subnet going down - # If you are doing a custom version, firewall commands go here. - ;; -up-host:iptables) - # connection to me, with (left/right)firewall=yes, coming up - # This is used only by the default updown script, not by your custom - # ones, so do not mess with it; see CAUTION comment up at top. - iptables -I INPUT 1 -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \ - -s $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $S_PEER_PORT \ - -d $PLUTO_ME $D_MY_PORT $IPSEC_POLICY_IN -j ACCEPT - iptables -I OUTPUT 1 -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \ - -s $PLUTO_ME $S_MY_PORT $IPSEC_POLICY_OUT \ - -d $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $D_PEER_PORT -j ACCEPT - # - # log IPsec host connection setup - if [ $VPN_LOGGING ] - then - if [ "$PLUTO_PEER_CLIENT" == "$PLUTO_PEER/32" ] - then - logger -t $TAG -p $FAC_PRIO \ - "+ `echo -e $PLUTO_PEER_ID` $PLUTO_PEER -- $PLUTO_ME" - else - logger -t $TAG -p $FAC_PRIO \ - "+ `echo -e $PLUTO_PEER_ID` $PLUTO_PEER_CLIENT == $PLUTO_PEER -- $PLUTO_ME" - fi - fi - ;; -down-host:iptables) - # connection to me, with (left/right)firewall=yes, going down - # This is used only by the default updown script, not by your custom - # ones, so do not mess with it; see CAUTION comment up at top. - iptables -D INPUT -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \ - -s $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $S_PEER_PORT \ - -d $PLUTO_ME $D_MY_PORT $IPSEC_POLICY_IN -j ACCEPT - iptables -D OUTPUT -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \ - -s $PLUTO_ME $S_MY_PORT $IPSEC_POLICY_OUT \ - -d $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $D_PEER_PORT -j ACCEPT - # - # log IPsec host connection teardown - if [ $VPN_LOGGING ] - then - if [ "$PLUTO_PEER_CLIENT" == "$PLUTO_PEER/32" ] - then - logger -t $TAG -p $FAC_PRIO -- \ - "- `echo -e $PLUTO_PEER_ID` $PLUTO_PEER -- $PLUTO_ME" - else - logger -t $TAG -p $FAC_PRIO -- \ - "- `echo -e $PLUTO_PEER_ID` $PLUTO_PEER_CLIENT == $PLUTO_PEER -- $PLUTO_ME" - fi - fi - ;; -up-client:iptables) - # connection to client subnet, with (left/right)firewall=yes, coming up - # This is used only by the default updown script, not by your custom - # ones, so do not mess with it; see CAUTION comment up at top. - if [ "$PLUTO_PEER_CLIENT" != "$PLUTO_MY_SOURCEIP/32" ] - then - iptables -I FORWARD 1 -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \ - -s $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK $S_MY_PORT \ - -d $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $D_PEER_PORT \ - $IPSEC_POLICY_OUT -j ACCEPT - iptables -I FORWARD 1 -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \ - -s $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $S_PEER_PORT \ - -d $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK $D_MY_PORT \ - $IPSEC_POLICY_IN -j ACCEPT - fi - # - # a virtual IP requires an INPUT and OUTPUT rule on the host - # or sometimes host access via the internal IP is needed - if [ -n "$PLUTO_MY_SOURCEIP" -o -n "$PLUTO_HOST_ACCESS" ] - then - iptables -I INPUT 1 -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \ - -s $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $S_PEER_PORT \ - -d $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK $D_MY_PORT \ - $IPSEC_POLICY_IN -j ACCEPT - iptables -I OUTPUT 1 -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \ - -s $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK $S_MY_PORT \ - -d $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $D_PEER_PORT \ - $IPSEC_POLICY_OUT -j ACCEPT - fi - # - # log IPsec client connection setup - if [ $VPN_LOGGING ] - then - if [ "$PLUTO_PEER_CLIENT" == "$PLUTO_PEER/32" ] - then - logger -t $TAG -p $FAC_PRIO \ - "+ `echo -e $PLUTO_PEER_ID` $PLUTO_PEER -- $PLUTO_ME == $PLUTO_MY_CLIENT" - else - logger -t $TAG -p $FAC_PRIO \ - "+ `echo -e $PLUTO_PEER_ID` $PLUTO_PEER_CLIENT == $PLUTO_PEER -- $PLUTO_ME == $PLUTO_MY_CLIENT" - fi - fi - ;; -down-client:iptables) - # connection to client subnet, with (left/right)firewall=yes, going down - # This is used only by the default updown script, not by your custom - # ones, so do not mess with it; see CAUTION comment up at top. - if [ "$PLUTO_PEER_CLIENT" != "$PLUTO_MY_SOURCEIP/32" ] - then - iptables -D FORWARD -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \ - -s $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK $S_MY_PORT \ - -d $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $D_PEER_PORT \ - $IPSEC_POLICY_OUT -j ACCEPT - iptables -D FORWARD -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \ - -s $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $S_PEER_PORT \ - -d $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK $D_MY_PORT \ - $IPSEC_POLICY_IN -j ACCEPT - fi - # - # a virtual IP requires an INPUT and OUTPUT rule on the host - # or sometimes host access via the internal IP is needed - if [ -n "$PLUTO_MY_SOURCEIP" -o -n "$PLUTO_HOST_ACCESS" ] - then - iptables -D INPUT -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \ - -s $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $S_PEER_PORT \ - -d $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK $D_MY_PORT \ - $IPSEC_POLICY_IN -j ACCEPT - iptables -D OUTPUT -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \ - -s $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK $S_MY_PORT \ - -d $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $D_PEER_PORT \ - $IPSEC_POLICY_OUT -j ACCEPT - fi - # - # log IPsec client connection teardown - if [ $VPN_LOGGING ] - then - if [ "$PLUTO_PEER_CLIENT" == "$PLUTO_PEER/32" ] - then - logger -t $TAG -p $FAC_PRIO -- \ - "- `echo -e $PLUTO_PEER_ID` $PLUTO_PEER -- $PLUTO_ME == $PLUTO_MY_CLIENT" - else - logger -t $TAG -p $FAC_PRIO -- \ - "- `echo -e $PLUTO_PEER_ID` $PLUTO_PEER_CLIENT == $PLUTO_PEER -- $PLUTO_ME == $PLUTO_MY_CLIENT" - fi - fi - ;; -# -# IPv6 -# -prepare-host-v6:*|prepare-client-v6:*) - ;; -route-host-v6:*|route-client-v6:*) - # connection to me or my client subnet being routed - #uproute_v6 - ;; -unroute-host-v6:*|unroute-client-v6:*) - # connection to me or my client subnet being unrouted - #downroute_v6 - ;; -up-host-v6:*) - # connection to me coming up - # If you are doing a custom version, firewall commands go here. - ;; -down-host-v6:*) - # connection to me going down - # If you are doing a custom version, firewall commands go here. - ;; -up-client-v6:) - # connection to my client subnet coming up - # If you are doing a custom version, firewall commands go here. - ;; -down-client-v6:) - # connection to my client subnet going down - # If you are doing a custom version, firewall commands go here. - ;; -*) echo "$0: unknown verb \`$PLUTO_VERB' or parameter \`$1'" >&2 - exit 1 - ;; -esac diff --git a/src/_updown/_updown.8 b/src/_updown/_updown.8 index 5107d3694..0f7b17ba5 100644 --- a/src/_updown/_updown.8 +++ b/src/_updown/_updown.8 @@ -1,6 +1,6 @@ .TH _UPDOWN 8 "27 Apr 2006" .\" -.\" RCSID $Id: _updown.8,v 1.2 2006/04/17 06:48:49 as Exp $ +.\" RCSID $Id: _updown.8 3268 2007-10-08 19:59:18Z andreas $ .\" .SH NAME ipsec _updown \- route and firewall manipulation script diff --git a/src/_updown/_updown.in b/src/_updown/_updown.in new file mode 100644 index 000000000..4002449dd --- /dev/null +++ b/src/_updown/_updown.in @@ -0,0 +1,536 @@ +#! /bin/sh +# iproute2 version, default updown script +# +# Copyright (C) 2003-2004 Nigel Meteringham +# Copyright (C) 2003-2004 Tuomo Soini +# Copyright (C) 2002-2004 Michael Richardson +# Copyright (C) 2005-2007 Andreas Steffen +# +# This program is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation; either version 2 of the License, or (at your +# option) any later version. See . +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY +# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +# for more details. +# +# RCSID $Id: _updown.in 3268 2007-10-08 19:59:18Z andreas $ + +# CAUTION: Installing a new version of strongSwan will install a new +# copy of this script, wiping out any custom changes you make. If +# you need changes, make a copy of this under another name, and customize +# that, and use the (left/right)updown parameters in ipsec.conf to make +# strongSwan use yours instead of this default one. + +# things that this script gets (from ipsec_pluto(8) man page) +# +# PLUTO_VERSION +# indicates what version of this interface is being +# used. This document describes version 1.1. This +# is upwardly compatible with version 1.0. +# +# PLUTO_VERB +# specifies the name of the operation to be performed +# (prepare-host, prepare-client, up-host, up-client, +# down-host, or down-client). If the address family +# for security gateway to security gateway communica­ +# tions is IPv6, then a suffix of -v6 is added to the +# verb. +# +# PLUTO_CONNECTION +# is the name of the connection for which we are +# routing. +# +# PLUTO_NEXT_HOP +# is the next hop to which packets bound for the peer +# must be sent. +# +# PLUTO_INTERFACE +# is the name of the ipsec interface to be used. +# +# PLUTO_REQID +# is the requid of the ESP policy +# +# PLUTO_ME +# is the IP address of our host. +# +# PLUTO_MY_ID +# is the ID of our host. +# +# PLUTO_MY_CLIENT +# is the IP address / count of our client subnet. If +# the client is just the host, this will be the +# host's own IP address / max (where max is 32 for +# IPv4 and 128 for IPv6). +# +# PLUTO_MY_CLIENT_NET +# is the IP address of our client net. If the client +# is just the host, this will be the host's own IP +# address. +# +# PLUTO_MY_CLIENT_MASK +# is the mask for our client net. If the client is +# just the host, this will be 255.255.255.255. +# +# PLUTO_MY_SOURCEIP +# if non-empty, then the source address for the route will be +# set to this IP address. +# +# PLUTO_MY_PROTOCOL +# is the IP protocol that will be transported. +# +# PLUTO_MY_PORT +# is the UDP/TCP port to which the IPsec SA is +# restricted on our side. +# +# PLUTO_PEER +# is the IP address of our peer. +# +# PLUTO_PEER_ID +# is the ID of our peer. +# +# PLUTO_PEER_CA +# is the CA which issued the cert of our peer. +# +# PLUTO_PEER_CLIENT +# is the IP address / count of the peer's client sub­ +# net. If the client is just the peer, this will be +# the peer's own IP address / max (where max is 32 +# for IPv4 and 128 for IPv6). +# +# PLUTO_PEER_CLIENT_NET +# is the IP address of the peer's client net. If the +# client is just the peer, this will be the peer's +# own IP address. +# +# PLUTO_PEER_CLIENT_MASK +# is the mask for the peer's client net. If the +# client is just the peer, this will be +# 255.255.255.255. +# +# PLUTO_PEER_PROTOCOL +# is the IP protocol that will be transported. +# +# PLUTO_PEER_PORT +# is the UDP/TCP port to which the IPsec SA is +# restricted on the peer side. +# + +# uncomment to log VPN connections +VPN_LOGGING=1 +# +# tag put in front of each log entry: +TAG=vpn +# +# syslog facility and priority used: +FAC_PRIO=local0.notice +# +# to create a special vpn logging file, put the following line into +# the syslog configuration file /etc/syslog.conf: +# +# local0.notice -/var/log/vpn + +# in order to use source IP routing the Linux kernel options +# CONFIG_IP_ADVANCED_ROUTER and CONFIG_IP_MULTIPLE_TABLES +# must be enabled +# +# special routing table for sourceip routes +SOURCEIP_ROUTING_TABLE=@IPSEC_ROUTING_TABLE@ +# +# priority of the sourceip routing table +SOURCEIP_ROUTING_TABLE_PRIO=@IPSEC_ROUTING_TABLE_PRIO@ + +# check interface version +case "$PLUTO_VERSION" in +1.[0|1]) # Older Pluto?!? Play it safe, script may be using new features. + echo "$0: obsolete interface version \`$PLUTO_VERSION'," >&2 + echo "$0: called by obsolete Pluto?" >&2 + exit 2 + ;; +1.*) ;; +*) echo "$0: unknown interface version \`$PLUTO_VERSION'" >&2 + exit 2 + ;; +esac + +# check parameter(s) +case "$1:$*" in +':') # no parameters + ;; +iptables:iptables) # due to (left/right)firewall; for default script only + ;; +custom:*) # custom parameters (see above CAUTION comment) + ;; +*) echo "$0: unknown parameters \`$*'" >&2 + exit 2 + ;; +esac + +# utility functions for route manipulation +# Meddling with this stuff should not be necessary and requires great care. +uproute() { + doroute add + ip route flush cache +} +downroute() { + doroute delete + ip route flush cache +} + +addsource() { + st=0 + if ! ip -o route get ${PLUTO_MY_SOURCEIP%/*} | grep -q ^local + then + it="ip addr add ${PLUTO_MY_SOURCEIP%/*}/32 dev $PLUTO_INTERFACE" + oops="`eval $it 2>&1`" + st=$? + if test " $oops" = " " -a " $st" != " 0" + then + oops="silent error, exit status $st" + fi + if test " $oops" != " " -o " $st" != " 0" + then + echo "$0: addsource \`$it' failed ($oops)" >&2 + fi + fi + return $st +} + +doroute() { + st=0 + + if [ -z "$PLUTO_MY_SOURCEIP" ] + then + if [ -f /etc/sysconfig/defaultsource ] + then + . /etc/sysconfig/defaultsource + fi + + if [ -f /etc/conf.d/defaultsource ] + then + . /etc/conf.d/defaultsource + fi + + if [ -n "$DEFAULTSOURCE" ] + then + PLUTO_MY_SOURCEIP=$DEFAULTSOURCE + fi + fi + + if [ -z "$KLIPS" -a -z "$PLUTO_MY_SOURCEIP" ] + then + # leave because no route entry is required + return $st + fi + + parms1="$PLUTO_PEER_CLIENT" + + if [ -n "$PLUTO_NEXT_HOP" ] + then + parms2="via $PLUTO_NEXT_HOP" + else + parms2="via $PLUTO_PEER" + fi + parms2="$parms2 dev $PLUTO_INTERFACE" + + parms3= + if [ -n "$PLUTO_MY_SOURCEIP" ] + then + if test "$1" = "add" + then + addsource + if ! ip rule list | grep -q "lookup $SOURCEIP_ROUTING_TABLE" + then + ip rule add pref $SOURCEIP_ROUTING_TABLE_PRIO table $SOURCEIP_ROUTING_TABLE + fi + fi + parms3="$parms3 src ${PLUTO_MY_SOURCEIP%/*} table $SOURCEIP_ROUTING_TABLE" + fi + + case "$PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK" in + "0.0.0.0/0.0.0.0") + # opportunistic encryption work around + # need to provide route that eclipses default, without + # replacing it. + it="ip route $1 0.0.0.0/1 $parms2 $parms3 && + ip route $1 128.0.0.0/1 $parms2 $parms3" + ;; + *) it="ip route $1 $parms1 $parms2 $parms3" + ;; + esac + oops="`eval $it 2>&1`" + st=$? + if test " $oops" = " " -a " $st" != " 0" + then + oops="silent error, exit status $st" + fi + if test " $oops" != " " -o " $st" != " 0" + then + echo "$0: doroute \`$it' failed ($oops)" >&2 + fi + return $st +} + +# in the presence of KLIPS and ipsecN interfaces do not use IPSEC_POLICY +if [ `echo "$PLUTO_INTERFACE" | grep "ipsec"` ] +then + KLIPS=1 + IPSEC_POLICY_IN="" + IPSEC_POLICY_OUT="" +else + KLIPS= + IPSEC_POLICY="-m policy --pol ipsec --proto esp --reqid $PLUTO_REQID" + IPSEC_POLICY_IN="$IPSEC_POLICY --dir in" + IPSEC_POLICY_OUT="$IPSEC_POLICY --dir out" +fi + +# are there port numbers? +if [ "$PLUTO_MY_PORT" != 0 ] +then + S_MY_PORT="--sport $PLUTO_MY_PORT" + D_MY_PORT="--dport $PLUTO_MY_PORT" +fi +if [ "$PLUTO_PEER_PORT" != 0 ] +then + S_PEER_PORT="--sport $PLUTO_PEER_PORT" + D_PEER_PORT="--dport $PLUTO_PEER_PORT" +fi + +# the big choice +case "$PLUTO_VERB:$1" in +prepare-host:*|prepare-client:*) + if [ -z "$KLIPS" -a -z "$PLUTO_MY_SOURCEIP" ] + then + # exit because no route will be added, + # so that existing routes can stay + exit 0 + fi + + # delete possibly-existing route (preliminary to adding a route) + case "$PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK" in + "0.0.0.0/0.0.0.0") + # need to provide route that eclipses default, without + # replacing it. + parms1="0.0.0.0/1" + parms2="128.0.0.0/1" + it="ip route delete $parms1 2>&1 ; ip route delete $parms2 2>&1" + oops="`ip route delete $parms1 2>&1 ; ip route delete $parms2 2>&1`" + ;; + *) + parms="$PLUTO_PEER_CLIENT" + it="ip route delete $parms 2>&1" + oops="`ip route delete $parms 2>&1`" + ;; + esac + status="$?" + if test " $oops" = " " -a " $status" != " 0" + then + oops="silent error, exit status $status" + fi + case "$oops" in + *'RTNETLINK answers: No such process'*) + # This is what route (currently -- not documented!) gives + # for "could not find such a route". + oops= + status=0 + ;; + esac + if test " $oops" != " " -o " $status" != " 0" + then + echo "$0: \`$it' failed ($oops)" >&2 + fi + exit $status + ;; +route-host:*|route-client:*) + # connection to me or my client subnet being routed + uproute + ;; +unroute-host:*|unroute-client:*) + # connection to me or my client subnet being unrouted + downroute + ;; +up-host:) + # connection to me coming up + # If you are doing a custom version, firewall commands go here. + ;; +down-host:) + # connection to me going down + # If you are doing a custom version, firewall commands go here. + ;; +up-client:) + # connection to my client subnet coming up + # If you are doing a custom version, firewall commands go here. + ;; +down-client:) + # connection to my client subnet going down + # If you are doing a custom version, firewall commands go here. + ;; +up-host:iptables) + # connection to me, with (left/right)firewall=yes, coming up + # This is used only by the default updown script, not by your custom + # ones, so do not mess with it; see CAUTION comment up at top. + iptables -I INPUT 1 -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \ + -s $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $S_PEER_PORT \ + -d $PLUTO_ME $D_MY_PORT $IPSEC_POLICY_IN -j ACCEPT + iptables -I OUTPUT 1 -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \ + -s $PLUTO_ME $S_MY_PORT $IPSEC_POLICY_OUT \ + -d $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $D_PEER_PORT -j ACCEPT + # + # log IPsec host connection setup + if [ $VPN_LOGGING ] + then + if [ "$PLUTO_PEER_CLIENT" == "$PLUTO_PEER/32" ] + then + logger -t $TAG -p $FAC_PRIO \ + "+ `echo -e $PLUTO_PEER_ID` $PLUTO_PEER -- $PLUTO_ME" + else + logger -t $TAG -p $FAC_PRIO \ + "+ `echo -e $PLUTO_PEER_ID` $PLUTO_PEER_CLIENT == $PLUTO_PEER -- $PLUTO_ME" + fi + fi + ;; +down-host:iptables) + # connection to me, with (left/right)firewall=yes, going down + # This is used only by the default updown script, not by your custom + # ones, so do not mess with it; see CAUTION comment up at top. + iptables -D INPUT -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \ + -s $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $S_PEER_PORT \ + -d $PLUTO_ME $D_MY_PORT $IPSEC_POLICY_IN -j ACCEPT + iptables -D OUTPUT -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \ + -s $PLUTO_ME $S_MY_PORT $IPSEC_POLICY_OUT \ + -d $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $D_PEER_PORT -j ACCEPT + # + # log IPsec host connection teardown + if [ $VPN_LOGGING ] + then + if [ "$PLUTO_PEER_CLIENT" == "$PLUTO_PEER/32" ] + then + logger -t $TAG -p $FAC_PRIO -- \ + "- `echo -e $PLUTO_PEER_ID` $PLUTO_PEER -- $PLUTO_ME" + else + logger -t $TAG -p $FAC_PRIO -- \ + "- `echo -e $PLUTO_PEER_ID` $PLUTO_PEER_CLIENT == $PLUTO_PEER -- $PLUTO_ME" + fi + fi + ;; +up-client:iptables) + # connection to client subnet, with (left/right)firewall=yes, coming up + # This is used only by the default updown script, not by your custom + # ones, so do not mess with it; see CAUTION comment up at top. + if [ "$PLUTO_PEER_CLIENT" != "$PLUTO_MY_SOURCEIP/32" ] + then + iptables -I FORWARD 1 -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \ + -s $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK $S_MY_PORT \ + -d $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $D_PEER_PORT \ + $IPSEC_POLICY_OUT -j ACCEPT + iptables -I FORWARD 1 -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \ + -s $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $S_PEER_PORT \ + -d $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK $D_MY_PORT \ + $IPSEC_POLICY_IN -j ACCEPT + fi + # + # a virtual IP requires an INPUT and OUTPUT rule on the host + # or sometimes host access via the internal IP is needed + if [ -n "$PLUTO_MY_SOURCEIP" -o -n "$PLUTO_HOST_ACCESS" ] + then + iptables -I INPUT 1 -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \ + -s $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $S_PEER_PORT \ + -d $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK $D_MY_PORT \ + $IPSEC_POLICY_IN -j ACCEPT + iptables -I OUTPUT 1 -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \ + -s $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK $S_MY_PORT \ + -d $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $D_PEER_PORT \ + $IPSEC_POLICY_OUT -j ACCEPT + fi + # + # log IPsec client connection setup + if [ $VPN_LOGGING ] + then + if [ "$PLUTO_PEER_CLIENT" == "$PLUTO_PEER/32" ] + then + logger -t $TAG -p $FAC_PRIO \ + "+ `echo -e $PLUTO_PEER_ID` $PLUTO_PEER -- $PLUTO_ME == $PLUTO_MY_CLIENT" + else + logger -t $TAG -p $FAC_PRIO \ + "+ `echo -e $PLUTO_PEER_ID` $PLUTO_PEER_CLIENT == $PLUTO_PEER -- $PLUTO_ME == $PLUTO_MY_CLIENT" + fi + fi + ;; +down-client:iptables) + # connection to client subnet, with (left/right)firewall=yes, going down + # This is used only by the default updown script, not by your custom + # ones, so do not mess with it; see CAUTION comment up at top. + if [ "$PLUTO_PEER_CLIENT" != "$PLUTO_MY_SOURCEIP/32" ] + then + iptables -D FORWARD -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \ + -s $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK $S_MY_PORT \ + -d $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $D_PEER_PORT \ + $IPSEC_POLICY_OUT -j ACCEPT + iptables -D FORWARD -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \ + -s $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $S_PEER_PORT \ + -d $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK $D_MY_PORT \ + $IPSEC_POLICY_IN -j ACCEPT + fi + # + # a virtual IP requires an INPUT and OUTPUT rule on the host + # or sometimes host access via the internal IP is needed + if [ -n "$PLUTO_MY_SOURCEIP" -o -n "$PLUTO_HOST_ACCESS" ] + then + iptables -D INPUT -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \ + -s $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $S_PEER_PORT \ + -d $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK $D_MY_PORT \ + $IPSEC_POLICY_IN -j ACCEPT + iptables -D OUTPUT -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \ + -s $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK $S_MY_PORT \ + -d $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $D_PEER_PORT \ + $IPSEC_POLICY_OUT -j ACCEPT + fi + # + # log IPsec client connection teardown + if [ $VPN_LOGGING ] + then + if [ "$PLUTO_PEER_CLIENT" == "$PLUTO_PEER/32" ] + then + logger -t $TAG -p $FAC_PRIO -- \ + "- `echo -e $PLUTO_PEER_ID` $PLUTO_PEER -- $PLUTO_ME == $PLUTO_MY_CLIENT" + else + logger -t $TAG -p $FAC_PRIO -- \ + "- `echo -e $PLUTO_PEER_ID` $PLUTO_PEER_CLIENT == $PLUTO_PEER -- $PLUTO_ME == $PLUTO_MY_CLIENT" + fi + fi + ;; +# +# IPv6 +# +prepare-host-v6:*|prepare-client-v6:*) + ;; +route-host-v6:*|route-client-v6:*) + # connection to me or my client subnet being routed + #uproute_v6 + ;; +unroute-host-v6:*|unroute-client-v6:*) + # connection to me or my client subnet being unrouted + #downroute_v6 + ;; +up-host-v6:*) + # connection to me coming up + # If you are doing a custom version, firewall commands go here. + ;; +down-host-v6:*) + # connection to me going down + # If you are doing a custom version, firewall commands go here. + ;; +up-client-v6:) + # connection to my client subnet coming up + # If you are doing a custom version, firewall commands go here. + ;; +down-client-v6:) + # connection to my client subnet going down + # If you are doing a custom version, firewall commands go here. + ;; +*) echo "$0: unknown verb \`$PLUTO_VERB' or parameter \`$1'" >&2 + exit 1 + ;; +esac diff --git a/src/_updown_espmark/Makefile.in b/src/_updown_espmark/Makefile.in index f2d3eadd6..e30555c1b 100644 --- a/src/_updown_espmark/Makefile.in +++ b/src/_updown_espmark/Makefile.in @@ -1,8 +1,8 @@ -# Makefile.in generated by automake 1.9.6 from Makefile.am. +# Makefile.in generated by automake 1.10 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,15 +14,11 @@ @SET_MAKE@ -srcdir = @srcdir@ -top_srcdir = @top_srcdir@ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ -top_builddir = ../.. am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -INSTALL = @INSTALL@ install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c @@ -55,16 +51,12 @@ NROFF = nroff MANS = $(dist_man8_MANS) DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) ACLOCAL = @ACLOCAL@ -AMDEP_FALSE = @AMDEP_FALSE@ -AMDEP_TRUE = @AMDEP_TRUE@ AMTAR = @AMTAR@ AR = @AR@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ -BUILD_EAP_SIM_FALSE = @BUILD_EAP_SIM_FALSE@ -BUILD_EAP_SIM_TRUE = @BUILD_EAP_SIM_TRUE@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ @@ -87,10 +79,13 @@ F77 = @F77@ FFLAGS = @FFLAGS@ GPERF = @GPERF@ GREP = @GREP@ +INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@ +IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ @@ -102,6 +97,7 @@ LINUX_HEADERS = @LINUX_HEADERS@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ +MKDIR_P = @MKDIR_P@ OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ @@ -117,34 +113,16 @@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ STRIP = @STRIP@ -USE_CISCO_QUIRKS_FALSE = @USE_CISCO_QUIRKS_FALSE@ -USE_CISCO_QUIRKS_TRUE = @USE_CISCO_QUIRKS_TRUE@ -USE_LEAK_DETECTIVE_FALSE = @USE_LEAK_DETECTIVE_FALSE@ -USE_LEAK_DETECTIVE_TRUE = @USE_LEAK_DETECTIVE_TRUE@ -USE_LIBCURL_FALSE = @USE_LIBCURL_FALSE@ -USE_LIBCURL_TRUE = @USE_LIBCURL_TRUE@ -USE_LIBDBUS_FALSE = @USE_LIBDBUS_FALSE@ -USE_LIBDBUS_TRUE = @USE_LIBDBUS_TRUE@ -USE_LIBLDAP_FALSE = @USE_LIBLDAP_FALSE@ -USE_LIBLDAP_TRUE = @USE_LIBLDAP_TRUE@ -USE_LIBXML_FALSE = @USE_LIBXML_FALSE@ -USE_LIBXML_TRUE = @USE_LIBXML_TRUE@ -USE_NAT_TRANSPORT_FALSE = @USE_NAT_TRANSPORT_FALSE@ -USE_NAT_TRANSPORT_TRUE = @USE_NAT_TRANSPORT_TRUE@ -USE_SMARTCARD_FALSE = @USE_SMARTCARD_FALSE@ -USE_SMARTCARD_TRUE = @USE_SMARTCARD_TRUE@ -USE_VENDORID_FALSE = @USE_VENDORID_FALSE@ -USE_VENDORID_TRUE = @USE_VENDORID_TRUE@ VERSION = @VERSION@ YACC = @YACC@ YFLAGS = @YFLAGS@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ ac_ct_CC = @ac_ct_CC@ ac_ct_CXX = @ac_ct_CXX@ ac_ct_F77 = @ac_ct_F77@ -am__fastdepCC_FALSE = @am__fastdepCC_FALSE@ -am__fastdepCC_TRUE = @am__fastdepCC_TRUE@ -am__fastdepCXX_FALSE = @am__fastdepCXX_FALSE@ -am__fastdepCXX_TRUE = @am__fastdepCXX_TRUE@ am__include = @am__include@ am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ @@ -157,6 +135,7 @@ build_alias = @build_alias@ build_cpu = @build_cpu@ build_os = @build_os@ build_vendor = @build_vendor@ +builddir = @builddir@ confdir = @confdir@ datadir = @datadir@ datarootdir = @datarootdir@ @@ -194,8 +173,11 @@ program_transform_name = @program_transform_name@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ +srcdir = @srcdir@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ xml_CFLAGS = @xml_CFLAGS@ xml_LIBS = @xml_LIBS@ dist_ipsec_SCRIPTS = _updown_espmark @@ -234,7 +216,7 @@ $(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh install-dist_ipsecSCRIPTS: $(dist_ipsec_SCRIPTS) @$(NORMAL_INSTALL) - test -z "$(ipsecdir)" || $(mkdir_p) "$(DESTDIR)$(ipsecdir)" + test -z "$(ipsecdir)" || $(MKDIR_P) "$(DESTDIR)$(ipsecdir)" @list='$(dist_ipsec_SCRIPTS)'; for p in $$list; do \ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ if test -f $$d$$p; then \ @@ -257,13 +239,9 @@ mostlyclean-libtool: clean-libtool: -rm -rf .libs _libs - -distclean-libtool: - -rm -f libtool -uninstall-info-am: install-man8: $(man8_MANS) $(man_MANS) @$(NORMAL_INSTALL) - test -z "$(man8dir)" || $(mkdir_p) "$(DESTDIR)$(man8dir)" + test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)" @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ for i in $$l2; do \ @@ -314,22 +292,21 @@ CTAGS: distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \ - list='$(DISTFILES)'; for file in $$list; do \ - case $$file in \ - $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \ - $(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \ - esac; \ + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test "$$dir" != "$$file" && test "$$dir" != "."; then \ - dir="/$$dir"; \ - $(mkdir_p) "$(distdir)$$dir"; \ - else \ - dir=''; \ - fi; \ if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ fi; \ @@ -345,7 +322,7 @@ check: check-am all-am: Makefile $(SCRIPTS) $(MANS) installdirs: for dir in "$(DESTDIR)$(ipsecdir)" "$(DESTDIR)$(man8dir)"; do \ - test -z "$$dir" || $(mkdir_p) "$$dir"; \ + test -z "$$dir" || $(MKDIR_P) "$$dir"; \ done install: install-am install-exec: install-exec-am @@ -377,7 +354,7 @@ clean-am: clean-generic clean-libtool mostlyclean-am distclean: distclean-am -rm -f Makefile -distclean-am: clean-am distclean-generic distclean-libtool +distclean-am: clean-am distclean-generic dvi: dvi-am @@ -391,12 +368,20 @@ info-am: install-data-am: install-dist_ipsecSCRIPTS install-man +install-dvi: install-dvi-am + install-exec-am: +install-html: install-html-am + install-info: install-info-am install-man: install-man8 +install-pdf: install-pdf-am + +install-ps: install-ps-am + installcheck-am: maintainer-clean: maintainer-clean-am @@ -415,22 +400,24 @@ ps: ps-am ps-am: -uninstall-am: uninstall-dist_ipsecSCRIPTS uninstall-info-am \ - uninstall-man +uninstall-am: uninstall-dist_ipsecSCRIPTS uninstall-man uninstall-man: uninstall-man8 +.MAKE: install-am install-strip + .PHONY: all all-am check check-am clean clean-generic clean-libtool \ distclean distclean-generic distclean-libtool distdir dvi \ dvi-am html html-am info info-am install install-am \ install-data install-data-am install-dist_ipsecSCRIPTS \ - install-exec install-exec-am install-info install-info-am \ - install-man install-man8 install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-generic \ - mostlyclean-libtool pdf pdf-am ps ps-am uninstall uninstall-am \ - uninstall-dist_ipsecSCRIPTS uninstall-info-am uninstall-man \ - uninstall-man8 + install-dvi install-dvi-am install-exec install-exec-am \ + install-html install-html-am install-info install-info-am \ + install-man install-man8 install-pdf install-pdf-am install-ps \ + install-ps-am install-strip installcheck installcheck-am \ + installdirs maintainer-clean maintainer-clean-generic \ + mostlyclean mostlyclean-generic mostlyclean-libtool pdf pdf-am \ + ps ps-am uninstall uninstall-am uninstall-dist_ipsecSCRIPTS \ + uninstall-man uninstall-man8 # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. diff --git a/src/_updown_espmark/_updown_espmark b/src/_updown_espmark/_updown_espmark index 3627d470d..00d77a7e5 100644 --- a/src/_updown_espmark/_updown_espmark +++ b/src/_updown_espmark/_updown_espmark @@ -16,7 +16,7 @@ # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License # for more details. # -# RCSID $Id: _updown_espmark.in,v 1.4 2005/09/14 14:33:05 as Exp $ +# RCSID $Id: _updown_espmark 3268 2007-10-08 19:59:18Z andreas $ diff --git a/src/_updown_espmark/_updown_espmark.8 b/src/_updown_espmark/_updown_espmark.8 index 91eaa5cb7..07db3b548 100644 --- a/src/_updown_espmark/_updown_espmark.8 +++ b/src/_updown_espmark/_updown_espmark.8 @@ -1,6 +1,6 @@ .TH _UPDOWN_ESPMARK 8 "7 Apr 2005" .\" -.\" RCSID $Id: _updown_espmark.8,v 1.1 2005/04/07 21:34:19 as Exp $ +.\" RCSID $Id: _updown_espmark.8 3268 2007-10-08 19:59:18Z andreas $ .\" .SH NAME ipsec _updown_espmark \- manages routes and firewall rules diff --git a/src/charon/Makefile.am b/src/charon/Makefile.am index 9812a32ae..0d783cbbb 100644 --- a/src/charon/Makefile.am +++ b/src/charon/Makefile.am @@ -1,5 +1,3 @@ - - ipsec_PROGRAMS = charon charon_SOURCES = \ @@ -87,9 +85,17 @@ sa/tasks/ike_rekey.c sa/tasks/ike_rekey.h \ sa/tasks/ike_reauth.c sa/tasks/ike_reauth.h \ sa/tasks/task.c sa/tasks/task.h +if USE_P2P + charon_SOURCES += encoding/payloads/endpoint_notify.c encoding/payloads/endpoint_notify.h \ + processing/jobs/initiate_mediation_job.c processing/jobs/initiate_mediation_job.h \ + processing/jobs/mediation_job.c processing/jobs/mediation_job.h \ + sa/connect_manager.c sa/connect_manager.h \ + sa/mediation_manager.c sa/mediation_manager.h \ + sa/tasks/ike_p2p.c sa/tasks/ike_p2p.h +endif INCLUDES = -I${linuxdir} -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/charon -I$(top_srcdir)/src/stroke -AM_CFLAGS = -rdynamic -DIPSEC_CONFDIR=\"${confdir}\" -DIPSEC_PIDDIR=\"${piddir}\" \ +AM_CFLAGS = -rdynamic -DIPSEC_CONFDIR=\"${confdir}\" -DIPSEC_DIR=\"${ipsecdir}\" -DIPSEC_PIDDIR=\"${piddir}\" \ -DIPSEC_EAPDIR=\"${eapdir}\" -DIPSEC_BACKENDDIR=\"${backenddir}\" -DIPSEC_INTERFACEDIR=\"${interfacedir}\" charon_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la -lgmp -lpthread -lm -ldl @@ -120,6 +126,13 @@ backend_LTLIBRARIES += liblocal.la liblocal_la_SOURCES = config/backends/local_backend.h config/backends/local_backend.c liblocal_la_LDFLAGS = -module +if USE_LIBSQLITE + backend_LTLIBRARIES += libsqlite.la + libsqlite_la_SOURCES = config/backends/sqlite_backend.h config/backends/sqlite_backend.c + libsqlite_la_LIBADD = -lsqlite3 + libsqlite_la_LDFLAGS = -module +endif + # build control interfaces, stroke interface is always built ############################################################ interface_LTLIBRARIES = diff --git a/src/charon/Makefile.in b/src/charon/Makefile.in index 1646eec6c..e3b397f4e 100644 --- a/src/charon/Makefile.in +++ b/src/charon/Makefile.in @@ -1,8 +1,8 @@ -# Makefile.in generated by automake 1.9.6 from Makefile.am. +# Makefile.in generated by automake 1.10 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -15,15 +15,11 @@ @SET_MAKE@ -srcdir = @srcdir@ -top_srcdir = @top_srcdir@ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ -top_builddir = ../.. am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -INSTALL = @INSTALL@ install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c @@ -38,12 +34,20 @@ POST_UNINSTALL = : build_triplet = @build@ host_triplet = @host@ ipsec_PROGRAMS = charon$(EXEEXT) -@USE_LIBCURL_TRUE@am__append_1 = -lcurl -@BUILD_EAP_SIM_TRUE@am__append_2 = libeapsim.la -@USE_LIBDBUS_TRUE@am__append_3 = libdbus.la -@USE_LIBDBUS_TRUE@am__append_4 = ${dbus_CFLAGS} -@USE_LIBXML_TRUE@am__append_5 = libxml.la -@USE_LIBXML_TRUE@am__append_6 = ${xml_CFLAGS} +@USE_P2P_TRUE@am__append_1 = encoding/payloads/endpoint_notify.c encoding/payloads/endpoint_notify.h \ +@USE_P2P_TRUE@ processing/jobs/initiate_mediation_job.c processing/jobs/initiate_mediation_job.h \ +@USE_P2P_TRUE@ processing/jobs/mediation_job.c processing/jobs/mediation_job.h \ +@USE_P2P_TRUE@ sa/connect_manager.c sa/connect_manager.h \ +@USE_P2P_TRUE@ sa/mediation_manager.c sa/mediation_manager.h \ +@USE_P2P_TRUE@ sa/tasks/ike_p2p.c sa/tasks/ike_p2p.h + +@USE_LIBCURL_TRUE@am__append_2 = -lcurl +@BUILD_EAP_SIM_TRUE@am__append_3 = libeapsim.la +@USE_LIBSQLITE_TRUE@am__append_4 = libsqlite.la +@USE_LIBDBUS_TRUE@am__append_5 = libdbus.la +@USE_LIBDBUS_TRUE@am__append_6 = ${dbus_CFLAGS} +@USE_LIBXML_TRUE@am__append_7 = libxml.la +@USE_LIBXML_TRUE@am__append_8 = ${xml_CFLAGS} subdir = src/charon DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 @@ -71,30 +75,170 @@ am__libdbus_la_SOURCES_DIST = control/interfaces/dbus_interface.h \ control/interfaces/dbus_interface.c @USE_LIBDBUS_TRUE@am_libdbus_la_OBJECTS = dbus_interface.lo libdbus_la_OBJECTS = $(am_libdbus_la_OBJECTS) +libdbus_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ + $(libdbus_la_LDFLAGS) $(LDFLAGS) -o $@ @USE_LIBDBUS_TRUE@am_libdbus_la_rpath = -rpath $(interfacedir) libeapidentity_la_LIBADD = am_libeapidentity_la_OBJECTS = eap_identity.lo libeapidentity_la_OBJECTS = $(am_libeapidentity_la_OBJECTS) +libeapidentity_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ + $(libeapidentity_la_LDFLAGS) $(LDFLAGS) -o $@ libeapsim_la_LIBADD = am__libeapsim_la_SOURCES_DIST = sa/authenticators/eap/eap_sim.h \ sa/authenticators/eap/eap_sim.c @BUILD_EAP_SIM_TRUE@am_libeapsim_la_OBJECTS = eap_sim.lo libeapsim_la_OBJECTS = $(am_libeapsim_la_OBJECTS) +libeapsim_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ + $(libeapsim_la_LDFLAGS) $(LDFLAGS) -o $@ @BUILD_EAP_SIM_TRUE@am_libeapsim_la_rpath = -rpath $(eapdir) liblocal_la_LIBADD = am_liblocal_la_OBJECTS = local_backend.lo liblocal_la_OBJECTS = $(am_liblocal_la_OBJECTS) +liblocal_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ + $(liblocal_la_LDFLAGS) $(LDFLAGS) -o $@ +libsqlite_la_DEPENDENCIES = +am__libsqlite_la_SOURCES_DIST = config/backends/sqlite_backend.h \ + config/backends/sqlite_backend.c +@USE_LIBSQLITE_TRUE@am_libsqlite_la_OBJECTS = sqlite_backend.lo +libsqlite_la_OBJECTS = $(am_libsqlite_la_OBJECTS) +libsqlite_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ + $(libsqlite_la_LDFLAGS) $(LDFLAGS) -o $@ +@USE_LIBSQLITE_TRUE@am_libsqlite_la_rpath = -rpath $(backenddir) libstroke_la_LIBADD = am_libstroke_la_OBJECTS = stroke_interface.lo libstroke_la_OBJECTS = $(am_libstroke_la_OBJECTS) +libstroke_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ + $(libstroke_la_LDFLAGS) $(LDFLAGS) -o $@ @USE_LIBXML_TRUE@libxml_la_DEPENDENCIES = $(am__DEPENDENCIES_1) am__libxml_la_SOURCES_DIST = control/interfaces/xml_interface.h \ control/interfaces/xml_interface.c @USE_LIBXML_TRUE@am_libxml_la_OBJECTS = xml_interface.lo libxml_la_OBJECTS = $(am_libxml_la_OBJECTS) +libxml_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ + $(libxml_la_LDFLAGS) $(LDFLAGS) -o $@ @USE_LIBXML_TRUE@am_libxml_la_rpath = -rpath $(interfacedir) ipsecPROGRAMS_INSTALL = $(INSTALL_PROGRAM) PROGRAMS = $(ipsec_PROGRAMS) +am__charon_SOURCES_DIST = bus/bus.c bus/bus.h \ + bus/listeners/file_logger.c bus/listeners/file_logger.h \ + bus/listeners/sys_logger.c bus/listeners/sys_logger.h \ + config/backends/backend.h config/backends/writeable_backend.h \ + config/backend_manager.c config/backend_manager.h \ + config/child_cfg.c config/child_cfg.h \ + config/credentials/local_credential_store.c \ + config/credentials/local_credential_store.h config/ike_cfg.c \ + config/ike_cfg.h config/peer_cfg.c config/peer_cfg.h \ + config/proposal.c config/proposal.h config/traffic_selector.c \ + config/traffic_selector.h control/interfaces/interface.h \ + control/interface_manager.c control/interface_manager.h \ + daemon.c daemon.h encoding/generator.c encoding/generator.h \ + encoding/message.c encoding/message.h encoding/parser.c \ + encoding/parser.h encoding/payloads/auth_payload.c \ + encoding/payloads/auth_payload.h \ + encoding/payloads/cert_payload.c \ + encoding/payloads/cert_payload.h \ + encoding/payloads/certreq_payload.c \ + encoding/payloads/certreq_payload.h \ + encoding/payloads/configuration_attribute.c \ + encoding/payloads/configuration_attribute.h \ + encoding/payloads/cp_payload.c encoding/payloads/cp_payload.h \ + encoding/payloads/delete_payload.c \ + encoding/payloads/delete_payload.h \ + encoding/payloads/eap_payload.c \ + encoding/payloads/eap_payload.h encoding/payloads/encodings.c \ + encoding/payloads/encodings.h \ + encoding/payloads/encryption_payload.c \ + encoding/payloads/encryption_payload.h \ + encoding/payloads/id_payload.c encoding/payloads/id_payload.h \ + encoding/payloads/ike_header.c encoding/payloads/ike_header.h \ + encoding/payloads/ke_payload.c encoding/payloads/ke_payload.h \ + encoding/payloads/nonce_payload.c \ + encoding/payloads/nonce_payload.h \ + encoding/payloads/notify_payload.c \ + encoding/payloads/notify_payload.h encoding/payloads/payload.c \ + encoding/payloads/payload.h \ + encoding/payloads/proposal_substructure.c \ + encoding/payloads/proposal_substructure.h \ + encoding/payloads/sa_payload.c encoding/payloads/sa_payload.h \ + encoding/payloads/traffic_selector_substructure.c \ + encoding/payloads/traffic_selector_substructure.h \ + encoding/payloads/transform_attribute.c \ + encoding/payloads/transform_attribute.h \ + encoding/payloads/transform_substructure.c \ + encoding/payloads/transform_substructure.h \ + encoding/payloads/ts_payload.c encoding/payloads/ts_payload.h \ + encoding/payloads/unknown_payload.c \ + encoding/payloads/unknown_payload.h \ + encoding/payloads/vendor_id_payload.c \ + encoding/payloads/vendor_id_payload.h \ + kernel/kernel_interface.c kernel/kernel_interface.h \ + network/packet.c network/packet.h network/receiver.c \ + network/receiver.h network/sender.c network/sender.h \ + network/socket.c network/socket.h processing/jobs/job.h \ + processing/jobs/acquire_job.c processing/jobs/acquire_job.h \ + processing/jobs/callback_job.c processing/jobs/callback_job.h \ + processing/jobs/delete_child_sa_job.c \ + processing/jobs/delete_child_sa_job.h \ + processing/jobs/delete_ike_sa_job.c \ + processing/jobs/delete_ike_sa_job.h \ + processing/jobs/process_message_job.c \ + processing/jobs/process_message_job.h \ + processing/jobs/rekey_child_sa_job.c \ + processing/jobs/rekey_child_sa_job.h \ + processing/jobs/rekey_ike_sa_job.c \ + processing/jobs/rekey_ike_sa_job.h \ + processing/jobs/retransmit_job.c \ + processing/jobs/retransmit_job.h \ + processing/jobs/send_dpd_job.c processing/jobs/send_dpd_job.h \ + processing/jobs/send_keepalive_job.c \ + processing/jobs/send_keepalive_job.h \ + processing/jobs/roam_job.c processing/jobs/roam_job.h \ + processing/scheduler.c processing/scheduler.h \ + processing/processor.c processing/processor.h \ + sa/authenticators/authenticator.c \ + sa/authenticators/authenticator.h \ + sa/authenticators/eap_authenticator.c \ + sa/authenticators/eap_authenticator.h \ + sa/authenticators/eap/eap_method.c \ + sa/authenticators/eap/eap_method.h \ + sa/authenticators/psk_authenticator.c \ + sa/authenticators/psk_authenticator.h \ + sa/authenticators/rsa_authenticator.c \ + sa/authenticators/rsa_authenticator.h sa/child_sa.c \ + sa/child_sa.h sa/ike_sa.c sa/ike_sa.h sa/ike_sa_id.c \ + sa/ike_sa_id.h sa/ike_sa_manager.c sa/ike_sa_manager.h \ + sa/task_manager.c sa/task_manager.h sa/tasks/child_create.c \ + sa/tasks/child_create.h sa/tasks/child_delete.c \ + sa/tasks/child_delete.h sa/tasks/child_rekey.c \ + sa/tasks/child_rekey.h sa/tasks/ike_auth.c sa/tasks/ike_auth.h \ + sa/tasks/ike_cert.c sa/tasks/ike_cert.h sa/tasks/ike_config.c \ + sa/tasks/ike_config.h sa/tasks/ike_delete.c \ + sa/tasks/ike_delete.h sa/tasks/ike_dpd.c sa/tasks/ike_dpd.h \ + sa/tasks/ike_init.c sa/tasks/ike_init.h sa/tasks/ike_natd.c \ + sa/tasks/ike_natd.h sa/tasks/ike_mobike.c \ + sa/tasks/ike_mobike.h sa/tasks/ike_rekey.c \ + sa/tasks/ike_rekey.h sa/tasks/ike_reauth.c \ + sa/tasks/ike_reauth.h sa/tasks/task.c sa/tasks/task.h \ + encoding/payloads/endpoint_notify.c \ + encoding/payloads/endpoint_notify.h \ + processing/jobs/initiate_mediation_job.c \ + processing/jobs/initiate_mediation_job.h \ + processing/jobs/mediation_job.c \ + processing/jobs/mediation_job.h sa/connect_manager.c \ + sa/connect_manager.h sa/mediation_manager.c \ + sa/mediation_manager.h sa/tasks/ike_p2p.c sa/tasks/ike_p2p.h +@USE_P2P_TRUE@am__objects_1 = endpoint_notify.$(OBJEXT) \ +@USE_P2P_TRUE@ initiate_mediation_job.$(OBJEXT) \ +@USE_P2P_TRUE@ mediation_job.$(OBJEXT) \ +@USE_P2P_TRUE@ connect_manager.$(OBJEXT) \ +@USE_P2P_TRUE@ mediation_manager.$(OBJEXT) ike_p2p.$(OBJEXT) am_charon_OBJECTS = bus.$(OBJEXT) file_logger.$(OBJEXT) \ sys_logger.$(OBJEXT) backend_manager.$(OBJEXT) \ child_cfg.$(OBJEXT) local_credential_store.$(OBJEXT) \ @@ -129,43 +273,42 @@ am_charon_OBJECTS = bus.$(OBJEXT) file_logger.$(OBJEXT) \ ike_auth.$(OBJEXT) ike_cert.$(OBJEXT) ike_config.$(OBJEXT) \ ike_delete.$(OBJEXT) ike_dpd.$(OBJEXT) ike_init.$(OBJEXT) \ ike_natd.$(OBJEXT) ike_mobike.$(OBJEXT) ike_rekey.$(OBJEXT) \ - ike_reauth.$(OBJEXT) task.$(OBJEXT) + ike_reauth.$(OBJEXT) task.$(OBJEXT) $(am__objects_1) charon_OBJECTS = $(am_charon_OBJECTS) charon_DEPENDENCIES = \ $(top_builddir)/src/libstrongswan/libstrongswan.la \ $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(srcdir) +DEFAULT_INCLUDES = -I.@am__isrc@ depcomp = $(SHELL) $(top_srcdir)/depcomp am__depfiles_maybe = depfiles COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) \ - $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \ - $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ + $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ - $(AM_LDFLAGS) $(LDFLAGS) -o $@ +LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ + $(LDFLAGS) -o $@ SOURCES = $(libdbus_la_SOURCES) $(libeapidentity_la_SOURCES) \ $(libeapsim_la_SOURCES) $(liblocal_la_SOURCES) \ - $(libstroke_la_SOURCES) $(libxml_la_SOURCES) $(charon_SOURCES) + $(libsqlite_la_SOURCES) $(libstroke_la_SOURCES) \ + $(libxml_la_SOURCES) $(charon_SOURCES) DIST_SOURCES = $(am__libdbus_la_SOURCES_DIST) \ $(libeapidentity_la_SOURCES) $(am__libeapsim_la_SOURCES_DIST) \ - $(liblocal_la_SOURCES) $(libstroke_la_SOURCES) \ - $(am__libxml_la_SOURCES_DIST) $(charon_SOURCES) + $(liblocal_la_SOURCES) $(am__libsqlite_la_SOURCES_DIST) \ + $(libstroke_la_SOURCES) $(am__libxml_la_SOURCES_DIST) \ + $(am__charon_SOURCES_DIST) ETAGS = etags CTAGS = ctags DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) ACLOCAL = @ACLOCAL@ -AMDEP_FALSE = @AMDEP_FALSE@ -AMDEP_TRUE = @AMDEP_TRUE@ AMTAR = @AMTAR@ AR = @AR@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ -BUILD_EAP_SIM_FALSE = @BUILD_EAP_SIM_FALSE@ -BUILD_EAP_SIM_TRUE = @BUILD_EAP_SIM_TRUE@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ @@ -188,10 +331,13 @@ F77 = @F77@ FFLAGS = @FFLAGS@ GPERF = @GPERF@ GREP = @GREP@ +INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@ +IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ @@ -203,6 +349,7 @@ LINUX_HEADERS = @LINUX_HEADERS@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ +MKDIR_P = @MKDIR_P@ OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ @@ -218,34 +365,16 @@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ STRIP = @STRIP@ -USE_CISCO_QUIRKS_FALSE = @USE_CISCO_QUIRKS_FALSE@ -USE_CISCO_QUIRKS_TRUE = @USE_CISCO_QUIRKS_TRUE@ -USE_LEAK_DETECTIVE_FALSE = @USE_LEAK_DETECTIVE_FALSE@ -USE_LEAK_DETECTIVE_TRUE = @USE_LEAK_DETECTIVE_TRUE@ -USE_LIBCURL_FALSE = @USE_LIBCURL_FALSE@ -USE_LIBCURL_TRUE = @USE_LIBCURL_TRUE@ -USE_LIBDBUS_FALSE = @USE_LIBDBUS_FALSE@ -USE_LIBDBUS_TRUE = @USE_LIBDBUS_TRUE@ -USE_LIBLDAP_FALSE = @USE_LIBLDAP_FALSE@ -USE_LIBLDAP_TRUE = @USE_LIBLDAP_TRUE@ -USE_LIBXML_FALSE = @USE_LIBXML_FALSE@ -USE_LIBXML_TRUE = @USE_LIBXML_TRUE@ -USE_NAT_TRANSPORT_FALSE = @USE_NAT_TRANSPORT_FALSE@ -USE_NAT_TRANSPORT_TRUE = @USE_NAT_TRANSPORT_TRUE@ -USE_SMARTCARD_FALSE = @USE_SMARTCARD_FALSE@ -USE_SMARTCARD_TRUE = @USE_SMARTCARD_TRUE@ -USE_VENDORID_FALSE = @USE_VENDORID_FALSE@ -USE_VENDORID_TRUE = @USE_VENDORID_TRUE@ VERSION = @VERSION@ YACC = @YACC@ YFLAGS = @YFLAGS@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ ac_ct_CC = @ac_ct_CC@ ac_ct_CXX = @ac_ct_CXX@ ac_ct_F77 = @ac_ct_F77@ -am__fastdepCC_FALSE = @am__fastdepCC_FALSE@ -am__fastdepCC_TRUE = @am__fastdepCC_TRUE@ -am__fastdepCXX_FALSE = @am__fastdepCXX_FALSE@ -am__fastdepCXX_TRUE = @am__fastdepCXX_TRUE@ am__include = @am__include@ am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ @@ -258,6 +387,7 @@ build_alias = @build_alias@ build_cpu = @build_cpu@ build_os = @build_os@ build_vendor = @build_vendor@ +builddir = @builddir@ confdir = @confdir@ datadir = @datadir@ datarootdir = @datarootdir@ @@ -295,107 +425,125 @@ program_transform_name = @program_transform_name@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ +srcdir = @srcdir@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ xml_CFLAGS = @xml_CFLAGS@ xml_LIBS = @xml_LIBS@ -charon_SOURCES = \ -bus/bus.c bus/bus.h \ -bus/listeners/file_logger.c bus/listeners/file_logger.h \ -bus/listeners/sys_logger.c bus/listeners/sys_logger.h \ -config/backends/backend.h config/backends/writeable_backend.h \ -config/backend_manager.c config/backend_manager.h \ -config/child_cfg.c config/child_cfg.h \ -config/credentials/local_credential_store.c config/credentials/local_credential_store.h \ -config/ike_cfg.c config/ike_cfg.h \ -config/peer_cfg.c config/peer_cfg.h \ -config/proposal.c config/proposal.h \ -config/traffic_selector.c config/traffic_selector.h \ -control/interfaces/interface.h \ -control/interface_manager.c control/interface_manager.h \ -daemon.c daemon.h \ -encoding/generator.c encoding/generator.h \ -encoding/message.c encoding/message.h \ -encoding/parser.c encoding/parser.h \ -encoding/payloads/auth_payload.c encoding/payloads/auth_payload.h \ -encoding/payloads/cert_payload.c encoding/payloads/cert_payload.h \ -encoding/payloads/certreq_payload.c encoding/payloads/certreq_payload.h \ -encoding/payloads/configuration_attribute.c encoding/payloads/configuration_attribute.h \ -encoding/payloads/cp_payload.c encoding/payloads/cp_payload.h \ -encoding/payloads/delete_payload.c encoding/payloads/delete_payload.h \ -encoding/payloads/eap_payload.c encoding/payloads/eap_payload.h \ -encoding/payloads/encodings.c encoding/payloads/encodings.h \ -encoding/payloads/encryption_payload.c encoding/payloads/encryption_payload.h \ -encoding/payloads/id_payload.c encoding/payloads/id_payload.h \ -encoding/payloads/ike_header.c encoding/payloads/ike_header.h \ -encoding/payloads/ke_payload.c encoding/payloads/ke_payload.h \ -encoding/payloads/nonce_payload.c encoding/payloads/nonce_payload.h \ -encoding/payloads/notify_payload.c encoding/payloads/notify_payload.h \ -encoding/payloads/payload.c encoding/payloads/payload.h \ -encoding/payloads/proposal_substructure.c encoding/payloads/proposal_substructure.h \ -encoding/payloads/sa_payload.c encoding/payloads/sa_payload.h \ -encoding/payloads/traffic_selector_substructure.c encoding/payloads/traffic_selector_substructure.h \ -encoding/payloads/transform_attribute.c encoding/payloads/transform_attribute.h \ -encoding/payloads/transform_substructure.c encoding/payloads/transform_substructure.h \ -encoding/payloads/ts_payload.c encoding/payloads/ts_payload.h \ -encoding/payloads/unknown_payload.c encoding/payloads/unknown_payload.h \ -encoding/payloads/vendor_id_payload.c encoding/payloads/vendor_id_payload.h \ -kernel/kernel_interface.c kernel/kernel_interface.h \ -network/packet.c network/packet.h \ -network/receiver.c network/receiver.h \ -network/sender.c network/sender.h \ -network/socket.c network/socket.h \ -processing/jobs/job.h \ -processing/jobs/acquire_job.c processing/jobs/acquire_job.h \ -processing/jobs/callback_job.c processing/jobs/callback_job.h \ -processing/jobs/delete_child_sa_job.c processing/jobs/delete_child_sa_job.h \ -processing/jobs/delete_ike_sa_job.c processing/jobs/delete_ike_sa_job.h \ -processing/jobs/process_message_job.c processing/jobs/process_message_job.h \ -processing/jobs/rekey_child_sa_job.c processing/jobs/rekey_child_sa_job.h \ -processing/jobs/rekey_ike_sa_job.c processing/jobs/rekey_ike_sa_job.h \ -processing/jobs/retransmit_job.c processing/jobs/retransmit_job.h \ -processing/jobs/send_dpd_job.c processing/jobs/send_dpd_job.h \ -processing/jobs/send_keepalive_job.c processing/jobs/send_keepalive_job.h \ -processing/jobs/roam_job.c processing/jobs/roam_job.h \ -processing/scheduler.c processing/scheduler.h \ -processing/processor.c processing/processor.h \ -sa/authenticators/authenticator.c sa/authenticators/authenticator.h \ -sa/authenticators/eap_authenticator.c sa/authenticators/eap_authenticator.h \ -sa/authenticators/eap/eap_method.c sa/authenticators/eap/eap_method.h \ -sa/authenticators/psk_authenticator.c sa/authenticators/psk_authenticator.h \ -sa/authenticators/rsa_authenticator.c sa/authenticators/rsa_authenticator.h \ -sa/child_sa.c sa/child_sa.h \ -sa/ike_sa.c sa/ike_sa.h \ -sa/ike_sa_id.c sa/ike_sa_id.h \ -sa/ike_sa_manager.c sa/ike_sa_manager.h \ -sa/task_manager.c sa/task_manager.h \ -sa/tasks/child_create.c sa/tasks/child_create.h \ -sa/tasks/child_delete.c sa/tasks/child_delete.h \ -sa/tasks/child_rekey.c sa/tasks/child_rekey.h \ -sa/tasks/ike_auth.c sa/tasks/ike_auth.h \ -sa/tasks/ike_cert.c sa/tasks/ike_cert.h \ -sa/tasks/ike_config.c sa/tasks/ike_config.h \ -sa/tasks/ike_delete.c sa/tasks/ike_delete.h \ -sa/tasks/ike_dpd.c sa/tasks/ike_dpd.h \ -sa/tasks/ike_init.c sa/tasks/ike_init.h \ -sa/tasks/ike_natd.c sa/tasks/ike_natd.h \ -sa/tasks/ike_mobike.c sa/tasks/ike_mobike.h \ -sa/tasks/ike_rekey.c sa/tasks/ike_rekey.h \ -sa/tasks/ike_reauth.c sa/tasks/ike_reauth.h \ -sa/tasks/task.c sa/tasks/task.h - +charon_SOURCES = bus/bus.c bus/bus.h bus/listeners/file_logger.c \ + bus/listeners/file_logger.h bus/listeners/sys_logger.c \ + bus/listeners/sys_logger.h config/backends/backend.h \ + config/backends/writeable_backend.h config/backend_manager.c \ + config/backend_manager.h config/child_cfg.c config/child_cfg.h \ + config/credentials/local_credential_store.c \ + config/credentials/local_credential_store.h config/ike_cfg.c \ + config/ike_cfg.h config/peer_cfg.c config/peer_cfg.h \ + config/proposal.c config/proposal.h config/traffic_selector.c \ + config/traffic_selector.h control/interfaces/interface.h \ + control/interface_manager.c control/interface_manager.h \ + daemon.c daemon.h encoding/generator.c encoding/generator.h \ + encoding/message.c encoding/message.h encoding/parser.c \ + encoding/parser.h encoding/payloads/auth_payload.c \ + encoding/payloads/auth_payload.h \ + encoding/payloads/cert_payload.c \ + encoding/payloads/cert_payload.h \ + encoding/payloads/certreq_payload.c \ + encoding/payloads/certreq_payload.h \ + encoding/payloads/configuration_attribute.c \ + encoding/payloads/configuration_attribute.h \ + encoding/payloads/cp_payload.c encoding/payloads/cp_payload.h \ + encoding/payloads/delete_payload.c \ + encoding/payloads/delete_payload.h \ + encoding/payloads/eap_payload.c \ + encoding/payloads/eap_payload.h encoding/payloads/encodings.c \ + encoding/payloads/encodings.h \ + encoding/payloads/encryption_payload.c \ + encoding/payloads/encryption_payload.h \ + encoding/payloads/id_payload.c encoding/payloads/id_payload.h \ + encoding/payloads/ike_header.c encoding/payloads/ike_header.h \ + encoding/payloads/ke_payload.c encoding/payloads/ke_payload.h \ + encoding/payloads/nonce_payload.c \ + encoding/payloads/nonce_payload.h \ + encoding/payloads/notify_payload.c \ + encoding/payloads/notify_payload.h encoding/payloads/payload.c \ + encoding/payloads/payload.h \ + encoding/payloads/proposal_substructure.c \ + encoding/payloads/proposal_substructure.h \ + encoding/payloads/sa_payload.c encoding/payloads/sa_payload.h \ + encoding/payloads/traffic_selector_substructure.c \ + encoding/payloads/traffic_selector_substructure.h \ + encoding/payloads/transform_attribute.c \ + encoding/payloads/transform_attribute.h \ + encoding/payloads/transform_substructure.c \ + encoding/payloads/transform_substructure.h \ + encoding/payloads/ts_payload.c encoding/payloads/ts_payload.h \ + encoding/payloads/unknown_payload.c \ + encoding/payloads/unknown_payload.h \ + encoding/payloads/vendor_id_payload.c \ + encoding/payloads/vendor_id_payload.h \ + kernel/kernel_interface.c kernel/kernel_interface.h \ + network/packet.c network/packet.h network/receiver.c \ + network/receiver.h network/sender.c network/sender.h \ + network/socket.c network/socket.h processing/jobs/job.h \ + processing/jobs/acquire_job.c processing/jobs/acquire_job.h \ + processing/jobs/callback_job.c processing/jobs/callback_job.h \ + processing/jobs/delete_child_sa_job.c \ + processing/jobs/delete_child_sa_job.h \ + processing/jobs/delete_ike_sa_job.c \ + processing/jobs/delete_ike_sa_job.h \ + processing/jobs/process_message_job.c \ + processing/jobs/process_message_job.h \ + processing/jobs/rekey_child_sa_job.c \ + processing/jobs/rekey_child_sa_job.h \ + processing/jobs/rekey_ike_sa_job.c \ + processing/jobs/rekey_ike_sa_job.h \ + processing/jobs/retransmit_job.c \ + processing/jobs/retransmit_job.h \ + processing/jobs/send_dpd_job.c processing/jobs/send_dpd_job.h \ + processing/jobs/send_keepalive_job.c \ + processing/jobs/send_keepalive_job.h \ + processing/jobs/roam_job.c processing/jobs/roam_job.h \ + processing/scheduler.c processing/scheduler.h \ + processing/processor.c processing/processor.h \ + sa/authenticators/authenticator.c \ + sa/authenticators/authenticator.h \ + sa/authenticators/eap_authenticator.c \ + sa/authenticators/eap_authenticator.h \ + sa/authenticators/eap/eap_method.c \ + sa/authenticators/eap/eap_method.h \ + sa/authenticators/psk_authenticator.c \ + sa/authenticators/psk_authenticator.h \ + sa/authenticators/rsa_authenticator.c \ + sa/authenticators/rsa_authenticator.h sa/child_sa.c \ + sa/child_sa.h sa/ike_sa.c sa/ike_sa.h sa/ike_sa_id.c \ + sa/ike_sa_id.h sa/ike_sa_manager.c sa/ike_sa_manager.h \ + sa/task_manager.c sa/task_manager.h sa/tasks/child_create.c \ + sa/tasks/child_create.h sa/tasks/child_delete.c \ + sa/tasks/child_delete.h sa/tasks/child_rekey.c \ + sa/tasks/child_rekey.h sa/tasks/ike_auth.c sa/tasks/ike_auth.h \ + sa/tasks/ike_cert.c sa/tasks/ike_cert.h sa/tasks/ike_config.c \ + sa/tasks/ike_config.h sa/tasks/ike_delete.c \ + sa/tasks/ike_delete.h sa/tasks/ike_dpd.c sa/tasks/ike_dpd.h \ + sa/tasks/ike_init.c sa/tasks/ike_init.h sa/tasks/ike_natd.c \ + sa/tasks/ike_natd.h sa/tasks/ike_mobike.c \ + sa/tasks/ike_mobike.h sa/tasks/ike_rekey.c \ + sa/tasks/ike_rekey.h sa/tasks/ike_reauth.c \ + sa/tasks/ike_reauth.h sa/tasks/task.c sa/tasks/task.h \ + $(am__append_1) INCLUDES = -I${linuxdir} -I$(top_srcdir)/src/libstrongswan \ -I$(top_srcdir)/src/charon -I$(top_srcdir)/src/stroke \ - $(am__append_4) $(am__append_6) -AM_CFLAGS = -rdynamic -DIPSEC_CONFDIR=\"${confdir}\" -DIPSEC_PIDDIR=\"${piddir}\" \ + $(am__append_6) $(am__append_8) +AM_CFLAGS = -rdynamic -DIPSEC_CONFDIR=\"${confdir}\" -DIPSEC_DIR=\"${ipsecdir}\" -DIPSEC_PIDDIR=\"${piddir}\" \ -DIPSEC_EAPDIR=\"${eapdir}\" -DIPSEC_BACKENDDIR=\"${backenddir}\" -DIPSEC_INTERFACEDIR=\"${interfacedir}\" charon_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la \ - -lgmp -lpthread -lm -ldl $(am__append_1) + -lgmp -lpthread -lm -ldl $(am__append_2) # build EAP plugins, EAP-Identity is always built ################################################# -eap_LTLIBRARIES = libeapidentity.la $(am__append_2) +eap_LTLIBRARIES = libeapidentity.la $(am__append_3) libeapidentity_la_SOURCES = sa/authenticators/eap/eap_identity.h sa/authenticators/eap/eap_identity.c libeapidentity_la_LDFLAGS = -module @BUILD_EAP_SIM_TRUE@libeapsim_la_SOURCES = sa/authenticators/eap/eap_sim.h sa/authenticators/eap/eap_sim.c @@ -403,13 +551,16 @@ libeapidentity_la_LDFLAGS = -module # build backends, local backend is always built ############################################### -backend_LTLIBRARIES = liblocal.la +backend_LTLIBRARIES = liblocal.la $(am__append_4) liblocal_la_SOURCES = config/backends/local_backend.h config/backends/local_backend.c liblocal_la_LDFLAGS = -module +@USE_LIBSQLITE_TRUE@libsqlite_la_SOURCES = config/backends/sqlite_backend.h config/backends/sqlite_backend.c +@USE_LIBSQLITE_TRUE@libsqlite_la_LIBADD = -lsqlite3 +@USE_LIBSQLITE_TRUE@libsqlite_la_LDFLAGS = -module # build control interfaces, stroke interface is always built ############################################################ -interface_LTLIBRARIES = libstroke.la $(am__append_3) $(am__append_5) +interface_LTLIBRARIES = libstroke.la $(am__append_5) $(am__append_7) libstroke_la_SOURCES = control/interfaces/stroke_interface.h control/interfaces/stroke_interface.c libstroke_la_LDFLAGS = -module @USE_LIBDBUS_TRUE@libdbus_la_SOURCES = control/interfaces/dbus_interface.h control/interfaces/dbus_interface.c @@ -453,7 +604,7 @@ $(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh install-backendLTLIBRARIES: $(backend_LTLIBRARIES) @$(NORMAL_INSTALL) - test -z "$(backenddir)" || $(mkdir_p) "$(DESTDIR)$(backenddir)" + test -z "$(backenddir)" || $(MKDIR_P) "$(DESTDIR)$(backenddir)" @list='$(backend_LTLIBRARIES)'; for p in $$list; do \ if test -f $$p; then \ f=$(am__strip_dir) \ @@ -464,7 +615,7 @@ install-backendLTLIBRARIES: $(backend_LTLIBRARIES) uninstall-backendLTLIBRARIES: @$(NORMAL_UNINSTALL) - @set -x; list='$(backend_LTLIBRARIES)'; for p in $$list; do \ + @list='$(backend_LTLIBRARIES)'; for p in $$list; do \ p=$(am__strip_dir) \ echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(backenddir)/$$p'"; \ $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(backenddir)/$$p"; \ @@ -480,7 +631,7 @@ clean-backendLTLIBRARIES: done install-eapLTLIBRARIES: $(eap_LTLIBRARIES) @$(NORMAL_INSTALL) - test -z "$(eapdir)" || $(mkdir_p) "$(DESTDIR)$(eapdir)" + test -z "$(eapdir)" || $(MKDIR_P) "$(DESTDIR)$(eapdir)" @list='$(eap_LTLIBRARIES)'; for p in $$list; do \ if test -f $$p; then \ f=$(am__strip_dir) \ @@ -491,7 +642,7 @@ install-eapLTLIBRARIES: $(eap_LTLIBRARIES) uninstall-eapLTLIBRARIES: @$(NORMAL_UNINSTALL) - @set -x; list='$(eap_LTLIBRARIES)'; for p in $$list; do \ + @list='$(eap_LTLIBRARIES)'; for p in $$list; do \ p=$(am__strip_dir) \ echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(eapdir)/$$p'"; \ $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(eapdir)/$$p"; \ @@ -507,7 +658,7 @@ clean-eapLTLIBRARIES: done install-interfaceLTLIBRARIES: $(interface_LTLIBRARIES) @$(NORMAL_INSTALL) - test -z "$(interfacedir)" || $(mkdir_p) "$(DESTDIR)$(interfacedir)" + test -z "$(interfacedir)" || $(MKDIR_P) "$(DESTDIR)$(interfacedir)" @list='$(interface_LTLIBRARIES)'; for p in $$list; do \ if test -f $$p; then \ f=$(am__strip_dir) \ @@ -518,7 +669,7 @@ install-interfaceLTLIBRARIES: $(interface_LTLIBRARIES) uninstall-interfaceLTLIBRARIES: @$(NORMAL_UNINSTALL) - @set -x; list='$(interface_LTLIBRARIES)'; for p in $$list; do \ + @list='$(interface_LTLIBRARIES)'; for p in $$list; do \ p=$(am__strip_dir) \ echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(interfacedir)/$$p'"; \ $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(interfacedir)/$$p"; \ @@ -533,20 +684,22 @@ clean-interfaceLTLIBRARIES: rm -f "$${dir}/so_locations"; \ done libdbus.la: $(libdbus_la_OBJECTS) $(libdbus_la_DEPENDENCIES) - $(LINK) $(am_libdbus_la_rpath) $(libdbus_la_LDFLAGS) $(libdbus_la_OBJECTS) $(libdbus_la_LIBADD) $(LIBS) + $(libdbus_la_LINK) $(am_libdbus_la_rpath) $(libdbus_la_OBJECTS) $(libdbus_la_LIBADD) $(LIBS) libeapidentity.la: $(libeapidentity_la_OBJECTS) $(libeapidentity_la_DEPENDENCIES) - $(LINK) -rpath $(eapdir) $(libeapidentity_la_LDFLAGS) $(libeapidentity_la_OBJECTS) $(libeapidentity_la_LIBADD) $(LIBS) + $(libeapidentity_la_LINK) -rpath $(eapdir) $(libeapidentity_la_OBJECTS) $(libeapidentity_la_LIBADD) $(LIBS) libeapsim.la: $(libeapsim_la_OBJECTS) $(libeapsim_la_DEPENDENCIES) - $(LINK) $(am_libeapsim_la_rpath) $(libeapsim_la_LDFLAGS) $(libeapsim_la_OBJECTS) $(libeapsim_la_LIBADD) $(LIBS) + $(libeapsim_la_LINK) $(am_libeapsim_la_rpath) $(libeapsim_la_OBJECTS) $(libeapsim_la_LIBADD) $(LIBS) liblocal.la: $(liblocal_la_OBJECTS) $(liblocal_la_DEPENDENCIES) - $(LINK) -rpath $(backenddir) $(liblocal_la_LDFLAGS) $(liblocal_la_OBJECTS) $(liblocal_la_LIBADD) $(LIBS) + $(liblocal_la_LINK) -rpath $(backenddir) $(liblocal_la_OBJECTS) $(liblocal_la_LIBADD) $(LIBS) +libsqlite.la: $(libsqlite_la_OBJECTS) $(libsqlite_la_DEPENDENCIES) + $(libsqlite_la_LINK) $(am_libsqlite_la_rpath) $(libsqlite_la_OBJECTS) $(libsqlite_la_LIBADD) $(LIBS) libstroke.la: $(libstroke_la_OBJECTS) $(libstroke_la_DEPENDENCIES) - $(LINK) -rpath $(interfacedir) $(libstroke_la_LDFLAGS) $(libstroke_la_OBJECTS) $(libstroke_la_LIBADD) $(LIBS) + $(libstroke_la_LINK) -rpath $(interfacedir) $(libstroke_la_OBJECTS) $(libstroke_la_LIBADD) $(LIBS) libxml.la: $(libxml_la_OBJECTS) $(libxml_la_DEPENDENCIES) - $(LINK) $(am_libxml_la_rpath) $(libxml_la_LDFLAGS) $(libxml_la_OBJECTS) $(libxml_la_LIBADD) $(LIBS) + $(libxml_la_LINK) $(am_libxml_la_rpath) $(libxml_la_OBJECTS) $(libxml_la_LIBADD) $(LIBS) install-ipsecPROGRAMS: $(ipsec_PROGRAMS) @$(NORMAL_INSTALL) - test -z "$(ipsecdir)" || $(mkdir_p) "$(DESTDIR)$(ipsecdir)" + test -z "$(ipsecdir)" || $(MKDIR_P) "$(DESTDIR)$(ipsecdir)" @list='$(ipsec_PROGRAMS)'; for p in $$list; do \ p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ if test -f $$p \ @@ -574,7 +727,7 @@ clean-ipsecPROGRAMS: done charon$(EXEEXT): $(charon_OBJECTS) $(charon_DEPENDENCIES) @rm -f charon$(EXEEXT) - $(LINK) $(charon_LDFLAGS) $(charon_OBJECTS) $(charon_LDADD) $(LIBS) + $(LINK) $(charon_OBJECTS) $(charon_LDADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) @@ -596,6 +749,7 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/child_rekey.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/child_sa.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/configuration_attribute.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/connect_manager.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/cp_payload.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/daemon.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dbus_interface.Plo@am__quote@ @@ -609,6 +763,7 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/eap_sim.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/encodings.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/encryption_payload.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/endpoint_notify.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/file_logger.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/generator.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/id_payload.Po@am__quote@ @@ -622,16 +777,20 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ike_init.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ike_mobike.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ike_natd.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ike_p2p.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ike_reauth.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ike_rekey.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ike_sa.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ike_sa_id.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ike_sa_manager.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/initiate_mediation_job.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/interface_manager.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ke_payload.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/kernel_interface.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/local_backend.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/local_credential_store.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mediation_job.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mediation_manager.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/message.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/nonce_payload.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/notify_payload.Po@am__quote@ @@ -656,6 +815,7 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/send_keepalive_job.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sender.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/socket.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sqlite_backend.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/stroke_interface.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sys_logger.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/task.Po@am__quote@ @@ -670,1184 +830,1271 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/xml_interface.Plo@am__quote@ .c.o: -@am__fastdepCC_TRUE@ if $(COMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ $<; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Po"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(COMPILE) -c $< .c.obj: -@am__fastdepCC_TRUE@ if $(COMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ `$(CYGPATH_W) '$<'`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Po"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` .c.lo: -@am__fastdepCC_TRUE@ if $(LTCOMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ $<; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Plo"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< dbus_interface.lo: control/interfaces/dbus_interface.c -@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT dbus_interface.lo -MD -MP -MF "$(DEPDIR)/dbus_interface.Tpo" -c -o dbus_interface.lo `test -f 'control/interfaces/dbus_interface.c' || echo '$(srcdir)/'`control/interfaces/dbus_interface.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/dbus_interface.Tpo" "$(DEPDIR)/dbus_interface.Plo"; else rm -f "$(DEPDIR)/dbus_interface.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT dbus_interface.lo -MD -MP -MF $(DEPDIR)/dbus_interface.Tpo -c -o dbus_interface.lo `test -f 'control/interfaces/dbus_interface.c' || echo '$(srcdir)/'`control/interfaces/dbus_interface.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/dbus_interface.Tpo $(DEPDIR)/dbus_interface.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='control/interfaces/dbus_interface.c' object='dbus_interface.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o dbus_interface.lo `test -f 'control/interfaces/dbus_interface.c' || echo '$(srcdir)/'`control/interfaces/dbus_interface.c +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o dbus_interface.lo `test -f 'control/interfaces/dbus_interface.c' || echo '$(srcdir)/'`control/interfaces/dbus_interface.c eap_identity.lo: sa/authenticators/eap/eap_identity.c -@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT eap_identity.lo -MD -MP -MF "$(DEPDIR)/eap_identity.Tpo" -c -o eap_identity.lo `test -f 'sa/authenticators/eap/eap_identity.c' || echo '$(srcdir)/'`sa/authenticators/eap/eap_identity.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/eap_identity.Tpo" "$(DEPDIR)/eap_identity.Plo"; else rm -f "$(DEPDIR)/eap_identity.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT eap_identity.lo -MD -MP -MF $(DEPDIR)/eap_identity.Tpo -c -o eap_identity.lo `test -f 'sa/authenticators/eap/eap_identity.c' || echo '$(srcdir)/'`sa/authenticators/eap/eap_identity.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/eap_identity.Tpo $(DEPDIR)/eap_identity.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/authenticators/eap/eap_identity.c' object='eap_identity.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o eap_identity.lo `test -f 'sa/authenticators/eap/eap_identity.c' || echo '$(srcdir)/'`sa/authenticators/eap/eap_identity.c +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o eap_identity.lo `test -f 'sa/authenticators/eap/eap_identity.c' || echo '$(srcdir)/'`sa/authenticators/eap/eap_identity.c eap_sim.lo: sa/authenticators/eap/eap_sim.c -@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT eap_sim.lo -MD -MP -MF "$(DEPDIR)/eap_sim.Tpo" -c -o eap_sim.lo `test -f 'sa/authenticators/eap/eap_sim.c' || echo '$(srcdir)/'`sa/authenticators/eap/eap_sim.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/eap_sim.Tpo" "$(DEPDIR)/eap_sim.Plo"; else rm -f "$(DEPDIR)/eap_sim.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT eap_sim.lo -MD -MP -MF $(DEPDIR)/eap_sim.Tpo -c -o eap_sim.lo `test -f 'sa/authenticators/eap/eap_sim.c' || echo '$(srcdir)/'`sa/authenticators/eap/eap_sim.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/eap_sim.Tpo $(DEPDIR)/eap_sim.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/authenticators/eap/eap_sim.c' object='eap_sim.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o eap_sim.lo `test -f 'sa/authenticators/eap/eap_sim.c' || echo '$(srcdir)/'`sa/authenticators/eap/eap_sim.c +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o eap_sim.lo `test -f 'sa/authenticators/eap/eap_sim.c' || echo '$(srcdir)/'`sa/authenticators/eap/eap_sim.c local_backend.lo: config/backends/local_backend.c -@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT local_backend.lo -MD -MP -MF "$(DEPDIR)/local_backend.Tpo" -c -o local_backend.lo `test -f 'config/backends/local_backend.c' || echo '$(srcdir)/'`config/backends/local_backend.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/local_backend.Tpo" "$(DEPDIR)/local_backend.Plo"; else rm -f "$(DEPDIR)/local_backend.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT local_backend.lo -MD -MP -MF $(DEPDIR)/local_backend.Tpo -c -o local_backend.lo `test -f 'config/backends/local_backend.c' || echo '$(srcdir)/'`config/backends/local_backend.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/local_backend.Tpo $(DEPDIR)/local_backend.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='config/backends/local_backend.c' object='local_backend.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o local_backend.lo `test -f 'config/backends/local_backend.c' || echo '$(srcdir)/'`config/backends/local_backend.c +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o local_backend.lo `test -f 'config/backends/local_backend.c' || echo '$(srcdir)/'`config/backends/local_backend.c + +sqlite_backend.lo: config/backends/sqlite_backend.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT sqlite_backend.lo -MD -MP -MF $(DEPDIR)/sqlite_backend.Tpo -c -o sqlite_backend.lo `test -f 'config/backends/sqlite_backend.c' || echo '$(srcdir)/'`config/backends/sqlite_backend.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/sqlite_backend.Tpo $(DEPDIR)/sqlite_backend.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='config/backends/sqlite_backend.c' object='sqlite_backend.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o sqlite_backend.lo `test -f 'config/backends/sqlite_backend.c' || echo '$(srcdir)/'`config/backends/sqlite_backend.c stroke_interface.lo: control/interfaces/stroke_interface.c -@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT stroke_interface.lo -MD -MP -MF "$(DEPDIR)/stroke_interface.Tpo" -c -o stroke_interface.lo `test -f 'control/interfaces/stroke_interface.c' || echo '$(srcdir)/'`control/interfaces/stroke_interface.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/stroke_interface.Tpo" "$(DEPDIR)/stroke_interface.Plo"; else rm -f "$(DEPDIR)/stroke_interface.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT stroke_interface.lo -MD -MP -MF $(DEPDIR)/stroke_interface.Tpo -c -o stroke_interface.lo `test -f 'control/interfaces/stroke_interface.c' || echo '$(srcdir)/'`control/interfaces/stroke_interface.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/stroke_interface.Tpo $(DEPDIR)/stroke_interface.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='control/interfaces/stroke_interface.c' object='stroke_interface.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o stroke_interface.lo `test -f 'control/interfaces/stroke_interface.c' || echo '$(srcdir)/'`control/interfaces/stroke_interface.c +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o stroke_interface.lo `test -f 'control/interfaces/stroke_interface.c' || echo '$(srcdir)/'`control/interfaces/stroke_interface.c xml_interface.lo: control/interfaces/xml_interface.c -@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT xml_interface.lo -MD -MP -MF "$(DEPDIR)/xml_interface.Tpo" -c -o xml_interface.lo `test -f 'control/interfaces/xml_interface.c' || echo '$(srcdir)/'`control/interfaces/xml_interface.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/xml_interface.Tpo" "$(DEPDIR)/xml_interface.Plo"; else rm -f "$(DEPDIR)/xml_interface.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT xml_interface.lo -MD -MP -MF $(DEPDIR)/xml_interface.Tpo -c -o xml_interface.lo `test -f 'control/interfaces/xml_interface.c' || echo '$(srcdir)/'`control/interfaces/xml_interface.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/xml_interface.Tpo $(DEPDIR)/xml_interface.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='control/interfaces/xml_interface.c' object='xml_interface.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o xml_interface.lo `test -f 'control/interfaces/xml_interface.c' || echo '$(srcdir)/'`control/interfaces/xml_interface.c +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o xml_interface.lo `test -f 'control/interfaces/xml_interface.c' || echo '$(srcdir)/'`control/interfaces/xml_interface.c bus.o: bus/bus.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT bus.o -MD -MP -MF "$(DEPDIR)/bus.Tpo" -c -o bus.o `test -f 'bus/bus.c' || echo '$(srcdir)/'`bus/bus.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/bus.Tpo" "$(DEPDIR)/bus.Po"; else rm -f "$(DEPDIR)/bus.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT bus.o -MD -MP -MF $(DEPDIR)/bus.Tpo -c -o bus.o `test -f 'bus/bus.c' || echo '$(srcdir)/'`bus/bus.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/bus.Tpo $(DEPDIR)/bus.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='bus/bus.c' object='bus.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o bus.o `test -f 'bus/bus.c' || echo '$(srcdir)/'`bus/bus.c bus.obj: bus/bus.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT bus.obj -MD -MP -MF "$(DEPDIR)/bus.Tpo" -c -o bus.obj `if test -f 'bus/bus.c'; then $(CYGPATH_W) 'bus/bus.c'; else $(CYGPATH_W) '$(srcdir)/bus/bus.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/bus.Tpo" "$(DEPDIR)/bus.Po"; else rm -f "$(DEPDIR)/bus.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT bus.obj -MD -MP -MF $(DEPDIR)/bus.Tpo -c -o bus.obj `if test -f 'bus/bus.c'; then $(CYGPATH_W) 'bus/bus.c'; else $(CYGPATH_W) '$(srcdir)/bus/bus.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/bus.Tpo $(DEPDIR)/bus.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='bus/bus.c' object='bus.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o bus.obj `if test -f 'bus/bus.c'; then $(CYGPATH_W) 'bus/bus.c'; else $(CYGPATH_W) '$(srcdir)/bus/bus.c'; fi` file_logger.o: bus/listeners/file_logger.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT file_logger.o -MD -MP -MF "$(DEPDIR)/file_logger.Tpo" -c -o file_logger.o `test -f 'bus/listeners/file_logger.c' || echo '$(srcdir)/'`bus/listeners/file_logger.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/file_logger.Tpo" "$(DEPDIR)/file_logger.Po"; else rm -f "$(DEPDIR)/file_logger.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT file_logger.o -MD -MP -MF $(DEPDIR)/file_logger.Tpo -c -o file_logger.o `test -f 'bus/listeners/file_logger.c' || echo '$(srcdir)/'`bus/listeners/file_logger.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/file_logger.Tpo $(DEPDIR)/file_logger.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='bus/listeners/file_logger.c' object='file_logger.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o file_logger.o `test -f 'bus/listeners/file_logger.c' || echo '$(srcdir)/'`bus/listeners/file_logger.c file_logger.obj: bus/listeners/file_logger.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT file_logger.obj -MD -MP -MF "$(DEPDIR)/file_logger.Tpo" -c -o file_logger.obj `if test -f 'bus/listeners/file_logger.c'; then $(CYGPATH_W) 'bus/listeners/file_logger.c'; else $(CYGPATH_W) '$(srcdir)/bus/listeners/file_logger.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/file_logger.Tpo" "$(DEPDIR)/file_logger.Po"; else rm -f "$(DEPDIR)/file_logger.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT file_logger.obj -MD -MP -MF $(DEPDIR)/file_logger.Tpo -c -o file_logger.obj `if test -f 'bus/listeners/file_logger.c'; then $(CYGPATH_W) 'bus/listeners/file_logger.c'; else $(CYGPATH_W) '$(srcdir)/bus/listeners/file_logger.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/file_logger.Tpo $(DEPDIR)/file_logger.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='bus/listeners/file_logger.c' object='file_logger.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o file_logger.obj `if test -f 'bus/listeners/file_logger.c'; then $(CYGPATH_W) 'bus/listeners/file_logger.c'; else $(CYGPATH_W) '$(srcdir)/bus/listeners/file_logger.c'; fi` sys_logger.o: bus/listeners/sys_logger.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT sys_logger.o -MD -MP -MF "$(DEPDIR)/sys_logger.Tpo" -c -o sys_logger.o `test -f 'bus/listeners/sys_logger.c' || echo '$(srcdir)/'`bus/listeners/sys_logger.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/sys_logger.Tpo" "$(DEPDIR)/sys_logger.Po"; else rm -f "$(DEPDIR)/sys_logger.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT sys_logger.o -MD -MP -MF $(DEPDIR)/sys_logger.Tpo -c -o sys_logger.o `test -f 'bus/listeners/sys_logger.c' || echo '$(srcdir)/'`bus/listeners/sys_logger.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/sys_logger.Tpo $(DEPDIR)/sys_logger.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='bus/listeners/sys_logger.c' object='sys_logger.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o sys_logger.o `test -f 'bus/listeners/sys_logger.c' || echo '$(srcdir)/'`bus/listeners/sys_logger.c sys_logger.obj: bus/listeners/sys_logger.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT sys_logger.obj -MD -MP -MF "$(DEPDIR)/sys_logger.Tpo" -c -o sys_logger.obj `if test -f 'bus/listeners/sys_logger.c'; then $(CYGPATH_W) 'bus/listeners/sys_logger.c'; else $(CYGPATH_W) '$(srcdir)/bus/listeners/sys_logger.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/sys_logger.Tpo" "$(DEPDIR)/sys_logger.Po"; else rm -f "$(DEPDIR)/sys_logger.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT sys_logger.obj -MD -MP -MF $(DEPDIR)/sys_logger.Tpo -c -o sys_logger.obj `if test -f 'bus/listeners/sys_logger.c'; then $(CYGPATH_W) 'bus/listeners/sys_logger.c'; else $(CYGPATH_W) '$(srcdir)/bus/listeners/sys_logger.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/sys_logger.Tpo $(DEPDIR)/sys_logger.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='bus/listeners/sys_logger.c' object='sys_logger.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o sys_logger.obj `if test -f 'bus/listeners/sys_logger.c'; then $(CYGPATH_W) 'bus/listeners/sys_logger.c'; else $(CYGPATH_W) '$(srcdir)/bus/listeners/sys_logger.c'; fi` backend_manager.o: config/backend_manager.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT backend_manager.o -MD -MP -MF "$(DEPDIR)/backend_manager.Tpo" -c -o backend_manager.o `test -f 'config/backend_manager.c' || echo '$(srcdir)/'`config/backend_manager.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/backend_manager.Tpo" "$(DEPDIR)/backend_manager.Po"; else rm -f "$(DEPDIR)/backend_manager.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT backend_manager.o -MD -MP -MF $(DEPDIR)/backend_manager.Tpo -c -o backend_manager.o `test -f 'config/backend_manager.c' || echo '$(srcdir)/'`config/backend_manager.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/backend_manager.Tpo $(DEPDIR)/backend_manager.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='config/backend_manager.c' object='backend_manager.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o backend_manager.o `test -f 'config/backend_manager.c' || echo '$(srcdir)/'`config/backend_manager.c backend_manager.obj: config/backend_manager.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT backend_manager.obj -MD -MP -MF "$(DEPDIR)/backend_manager.Tpo" -c -o backend_manager.obj `if test -f 'config/backend_manager.c'; then $(CYGPATH_W) 'config/backend_manager.c'; else $(CYGPATH_W) '$(srcdir)/config/backend_manager.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/backend_manager.Tpo" "$(DEPDIR)/backend_manager.Po"; else rm -f "$(DEPDIR)/backend_manager.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT backend_manager.obj -MD -MP -MF $(DEPDIR)/backend_manager.Tpo -c -o backend_manager.obj `if test -f 'config/backend_manager.c'; then $(CYGPATH_W) 'config/backend_manager.c'; else $(CYGPATH_W) '$(srcdir)/config/backend_manager.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/backend_manager.Tpo $(DEPDIR)/backend_manager.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='config/backend_manager.c' object='backend_manager.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o backend_manager.obj `if test -f 'config/backend_manager.c'; then $(CYGPATH_W) 'config/backend_manager.c'; else $(CYGPATH_W) '$(srcdir)/config/backend_manager.c'; fi` child_cfg.o: config/child_cfg.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT child_cfg.o -MD -MP -MF "$(DEPDIR)/child_cfg.Tpo" -c -o child_cfg.o `test -f 'config/child_cfg.c' || echo '$(srcdir)/'`config/child_cfg.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/child_cfg.Tpo" "$(DEPDIR)/child_cfg.Po"; else rm -f "$(DEPDIR)/child_cfg.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT child_cfg.o -MD -MP -MF $(DEPDIR)/child_cfg.Tpo -c -o child_cfg.o `test -f 'config/child_cfg.c' || echo '$(srcdir)/'`config/child_cfg.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/child_cfg.Tpo $(DEPDIR)/child_cfg.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='config/child_cfg.c' object='child_cfg.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o child_cfg.o `test -f 'config/child_cfg.c' || echo '$(srcdir)/'`config/child_cfg.c child_cfg.obj: config/child_cfg.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT child_cfg.obj -MD -MP -MF "$(DEPDIR)/child_cfg.Tpo" -c -o child_cfg.obj `if test -f 'config/child_cfg.c'; then $(CYGPATH_W) 'config/child_cfg.c'; else $(CYGPATH_W) '$(srcdir)/config/child_cfg.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/child_cfg.Tpo" "$(DEPDIR)/child_cfg.Po"; else rm -f "$(DEPDIR)/child_cfg.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT child_cfg.obj -MD -MP -MF $(DEPDIR)/child_cfg.Tpo -c -o child_cfg.obj `if test -f 'config/child_cfg.c'; then $(CYGPATH_W) 'config/child_cfg.c'; else $(CYGPATH_W) '$(srcdir)/config/child_cfg.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/child_cfg.Tpo $(DEPDIR)/child_cfg.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='config/child_cfg.c' object='child_cfg.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o child_cfg.obj `if test -f 'config/child_cfg.c'; then $(CYGPATH_W) 'config/child_cfg.c'; else $(CYGPATH_W) '$(srcdir)/config/child_cfg.c'; fi` local_credential_store.o: config/credentials/local_credential_store.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT local_credential_store.o -MD -MP -MF "$(DEPDIR)/local_credential_store.Tpo" -c -o local_credential_store.o `test -f 'config/credentials/local_credential_store.c' || echo '$(srcdir)/'`config/credentials/local_credential_store.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/local_credential_store.Tpo" "$(DEPDIR)/local_credential_store.Po"; else rm -f "$(DEPDIR)/local_credential_store.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT local_credential_store.o -MD -MP -MF $(DEPDIR)/local_credential_store.Tpo -c -o local_credential_store.o `test -f 'config/credentials/local_credential_store.c' || echo '$(srcdir)/'`config/credentials/local_credential_store.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/local_credential_store.Tpo $(DEPDIR)/local_credential_store.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='config/credentials/local_credential_store.c' object='local_credential_store.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o local_credential_store.o `test -f 'config/credentials/local_credential_store.c' || echo '$(srcdir)/'`config/credentials/local_credential_store.c local_credential_store.obj: config/credentials/local_credential_store.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT local_credential_store.obj -MD -MP -MF "$(DEPDIR)/local_credential_store.Tpo" -c -o local_credential_store.obj `if test -f 'config/credentials/local_credential_store.c'; then $(CYGPATH_W) 'config/credentials/local_credential_store.c'; else $(CYGPATH_W) '$(srcdir)/config/credentials/local_credential_store.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/local_credential_store.Tpo" "$(DEPDIR)/local_credential_store.Po"; else rm -f "$(DEPDIR)/local_credential_store.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT local_credential_store.obj -MD -MP -MF $(DEPDIR)/local_credential_store.Tpo -c -o local_credential_store.obj `if test -f 'config/credentials/local_credential_store.c'; then $(CYGPATH_W) 'config/credentials/local_credential_store.c'; else $(CYGPATH_W) '$(srcdir)/config/credentials/local_credential_store.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/local_credential_store.Tpo $(DEPDIR)/local_credential_store.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='config/credentials/local_credential_store.c' object='local_credential_store.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o local_credential_store.obj `if test -f 'config/credentials/local_credential_store.c'; then $(CYGPATH_W) 'config/credentials/local_credential_store.c'; else $(CYGPATH_W) '$(srcdir)/config/credentials/local_credential_store.c'; fi` ike_cfg.o: config/ike_cfg.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_cfg.o -MD -MP -MF "$(DEPDIR)/ike_cfg.Tpo" -c -o ike_cfg.o `test -f 'config/ike_cfg.c' || echo '$(srcdir)/'`config/ike_cfg.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ike_cfg.Tpo" "$(DEPDIR)/ike_cfg.Po"; else rm -f "$(DEPDIR)/ike_cfg.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_cfg.o -MD -MP -MF $(DEPDIR)/ike_cfg.Tpo -c -o ike_cfg.o `test -f 'config/ike_cfg.c' || echo '$(srcdir)/'`config/ike_cfg.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ike_cfg.Tpo $(DEPDIR)/ike_cfg.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='config/ike_cfg.c' object='ike_cfg.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ike_cfg.o `test -f 'config/ike_cfg.c' || echo '$(srcdir)/'`config/ike_cfg.c ike_cfg.obj: config/ike_cfg.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_cfg.obj -MD -MP -MF "$(DEPDIR)/ike_cfg.Tpo" -c -o ike_cfg.obj `if test -f 'config/ike_cfg.c'; then $(CYGPATH_W) 'config/ike_cfg.c'; else $(CYGPATH_W) '$(srcdir)/config/ike_cfg.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ike_cfg.Tpo" "$(DEPDIR)/ike_cfg.Po"; else rm -f "$(DEPDIR)/ike_cfg.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_cfg.obj -MD -MP -MF $(DEPDIR)/ike_cfg.Tpo -c -o ike_cfg.obj `if test -f 'config/ike_cfg.c'; then $(CYGPATH_W) 'config/ike_cfg.c'; else $(CYGPATH_W) '$(srcdir)/config/ike_cfg.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ike_cfg.Tpo $(DEPDIR)/ike_cfg.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='config/ike_cfg.c' object='ike_cfg.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ike_cfg.obj `if test -f 'config/ike_cfg.c'; then $(CYGPATH_W) 'config/ike_cfg.c'; else $(CYGPATH_W) '$(srcdir)/config/ike_cfg.c'; fi` peer_cfg.o: config/peer_cfg.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT peer_cfg.o -MD -MP -MF "$(DEPDIR)/peer_cfg.Tpo" -c -o peer_cfg.o `test -f 'config/peer_cfg.c' || echo '$(srcdir)/'`config/peer_cfg.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/peer_cfg.Tpo" "$(DEPDIR)/peer_cfg.Po"; else rm -f "$(DEPDIR)/peer_cfg.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT peer_cfg.o -MD -MP -MF $(DEPDIR)/peer_cfg.Tpo -c -o peer_cfg.o `test -f 'config/peer_cfg.c' || echo '$(srcdir)/'`config/peer_cfg.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/peer_cfg.Tpo $(DEPDIR)/peer_cfg.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='config/peer_cfg.c' object='peer_cfg.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o peer_cfg.o `test -f 'config/peer_cfg.c' || echo '$(srcdir)/'`config/peer_cfg.c peer_cfg.obj: config/peer_cfg.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT peer_cfg.obj -MD -MP -MF "$(DEPDIR)/peer_cfg.Tpo" -c -o peer_cfg.obj `if test -f 'config/peer_cfg.c'; then $(CYGPATH_W) 'config/peer_cfg.c'; else $(CYGPATH_W) '$(srcdir)/config/peer_cfg.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/peer_cfg.Tpo" "$(DEPDIR)/peer_cfg.Po"; else rm -f "$(DEPDIR)/peer_cfg.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT peer_cfg.obj -MD -MP -MF $(DEPDIR)/peer_cfg.Tpo -c -o peer_cfg.obj `if test -f 'config/peer_cfg.c'; then $(CYGPATH_W) 'config/peer_cfg.c'; else $(CYGPATH_W) '$(srcdir)/config/peer_cfg.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/peer_cfg.Tpo $(DEPDIR)/peer_cfg.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='config/peer_cfg.c' object='peer_cfg.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o peer_cfg.obj `if test -f 'config/peer_cfg.c'; then $(CYGPATH_W) 'config/peer_cfg.c'; else $(CYGPATH_W) '$(srcdir)/config/peer_cfg.c'; fi` proposal.o: config/proposal.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT proposal.o -MD -MP -MF "$(DEPDIR)/proposal.Tpo" -c -o proposal.o `test -f 'config/proposal.c' || echo '$(srcdir)/'`config/proposal.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/proposal.Tpo" "$(DEPDIR)/proposal.Po"; else rm -f "$(DEPDIR)/proposal.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT proposal.o -MD -MP -MF $(DEPDIR)/proposal.Tpo -c -o proposal.o `test -f 'config/proposal.c' || echo '$(srcdir)/'`config/proposal.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/proposal.Tpo $(DEPDIR)/proposal.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='config/proposal.c' object='proposal.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o proposal.o `test -f 'config/proposal.c' || echo '$(srcdir)/'`config/proposal.c proposal.obj: config/proposal.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT proposal.obj -MD -MP -MF "$(DEPDIR)/proposal.Tpo" -c -o proposal.obj `if test -f 'config/proposal.c'; then $(CYGPATH_W) 'config/proposal.c'; else $(CYGPATH_W) '$(srcdir)/config/proposal.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/proposal.Tpo" "$(DEPDIR)/proposal.Po"; else rm -f "$(DEPDIR)/proposal.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT proposal.obj -MD -MP -MF $(DEPDIR)/proposal.Tpo -c -o proposal.obj `if test -f 'config/proposal.c'; then $(CYGPATH_W) 'config/proposal.c'; else $(CYGPATH_W) '$(srcdir)/config/proposal.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/proposal.Tpo $(DEPDIR)/proposal.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='config/proposal.c' object='proposal.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o proposal.obj `if test -f 'config/proposal.c'; then $(CYGPATH_W) 'config/proposal.c'; else $(CYGPATH_W) '$(srcdir)/config/proposal.c'; fi` traffic_selector.o: config/traffic_selector.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT traffic_selector.o -MD -MP -MF "$(DEPDIR)/traffic_selector.Tpo" -c -o traffic_selector.o `test -f 'config/traffic_selector.c' || echo '$(srcdir)/'`config/traffic_selector.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/traffic_selector.Tpo" "$(DEPDIR)/traffic_selector.Po"; else rm -f "$(DEPDIR)/traffic_selector.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT traffic_selector.o -MD -MP -MF $(DEPDIR)/traffic_selector.Tpo -c -o traffic_selector.o `test -f 'config/traffic_selector.c' || echo '$(srcdir)/'`config/traffic_selector.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/traffic_selector.Tpo $(DEPDIR)/traffic_selector.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='config/traffic_selector.c' object='traffic_selector.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o traffic_selector.o `test -f 'config/traffic_selector.c' || echo '$(srcdir)/'`config/traffic_selector.c traffic_selector.obj: config/traffic_selector.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT traffic_selector.obj -MD -MP -MF "$(DEPDIR)/traffic_selector.Tpo" -c -o traffic_selector.obj `if test -f 'config/traffic_selector.c'; then $(CYGPATH_W) 'config/traffic_selector.c'; else $(CYGPATH_W) '$(srcdir)/config/traffic_selector.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/traffic_selector.Tpo" "$(DEPDIR)/traffic_selector.Po"; else rm -f "$(DEPDIR)/traffic_selector.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT traffic_selector.obj -MD -MP -MF $(DEPDIR)/traffic_selector.Tpo -c -o traffic_selector.obj `if test -f 'config/traffic_selector.c'; then $(CYGPATH_W) 'config/traffic_selector.c'; else $(CYGPATH_W) '$(srcdir)/config/traffic_selector.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/traffic_selector.Tpo $(DEPDIR)/traffic_selector.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='config/traffic_selector.c' object='traffic_selector.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o traffic_selector.obj `if test -f 'config/traffic_selector.c'; then $(CYGPATH_W) 'config/traffic_selector.c'; else $(CYGPATH_W) '$(srcdir)/config/traffic_selector.c'; fi` interface_manager.o: control/interface_manager.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT interface_manager.o -MD -MP -MF "$(DEPDIR)/interface_manager.Tpo" -c -o interface_manager.o `test -f 'control/interface_manager.c' || echo '$(srcdir)/'`control/interface_manager.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/interface_manager.Tpo" "$(DEPDIR)/interface_manager.Po"; else rm -f "$(DEPDIR)/interface_manager.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT interface_manager.o -MD -MP -MF $(DEPDIR)/interface_manager.Tpo -c -o interface_manager.o `test -f 'control/interface_manager.c' || echo '$(srcdir)/'`control/interface_manager.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/interface_manager.Tpo $(DEPDIR)/interface_manager.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='control/interface_manager.c' object='interface_manager.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o interface_manager.o `test -f 'control/interface_manager.c' || echo '$(srcdir)/'`control/interface_manager.c interface_manager.obj: control/interface_manager.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT interface_manager.obj -MD -MP -MF "$(DEPDIR)/interface_manager.Tpo" -c -o interface_manager.obj `if test -f 'control/interface_manager.c'; then $(CYGPATH_W) 'control/interface_manager.c'; else $(CYGPATH_W) '$(srcdir)/control/interface_manager.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/interface_manager.Tpo" "$(DEPDIR)/interface_manager.Po"; else rm -f "$(DEPDIR)/interface_manager.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT interface_manager.obj -MD -MP -MF $(DEPDIR)/interface_manager.Tpo -c -o interface_manager.obj `if test -f 'control/interface_manager.c'; then $(CYGPATH_W) 'control/interface_manager.c'; else $(CYGPATH_W) '$(srcdir)/control/interface_manager.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/interface_manager.Tpo $(DEPDIR)/interface_manager.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='control/interface_manager.c' object='interface_manager.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o interface_manager.obj `if test -f 'control/interface_manager.c'; then $(CYGPATH_W) 'control/interface_manager.c'; else $(CYGPATH_W) '$(srcdir)/control/interface_manager.c'; fi` generator.o: encoding/generator.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT generator.o -MD -MP -MF "$(DEPDIR)/generator.Tpo" -c -o generator.o `test -f 'encoding/generator.c' || echo '$(srcdir)/'`encoding/generator.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/generator.Tpo" "$(DEPDIR)/generator.Po"; else rm -f "$(DEPDIR)/generator.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT generator.o -MD -MP -MF $(DEPDIR)/generator.Tpo -c -o generator.o `test -f 'encoding/generator.c' || echo '$(srcdir)/'`encoding/generator.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/generator.Tpo $(DEPDIR)/generator.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/generator.c' object='generator.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o generator.o `test -f 'encoding/generator.c' || echo '$(srcdir)/'`encoding/generator.c generator.obj: encoding/generator.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT generator.obj -MD -MP -MF "$(DEPDIR)/generator.Tpo" -c -o generator.obj `if test -f 'encoding/generator.c'; then $(CYGPATH_W) 'encoding/generator.c'; else $(CYGPATH_W) '$(srcdir)/encoding/generator.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/generator.Tpo" "$(DEPDIR)/generator.Po"; else rm -f "$(DEPDIR)/generator.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT generator.obj -MD -MP -MF $(DEPDIR)/generator.Tpo -c -o generator.obj `if test -f 'encoding/generator.c'; then $(CYGPATH_W) 'encoding/generator.c'; else $(CYGPATH_W) '$(srcdir)/encoding/generator.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/generator.Tpo $(DEPDIR)/generator.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/generator.c' object='generator.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o generator.obj `if test -f 'encoding/generator.c'; then $(CYGPATH_W) 'encoding/generator.c'; else $(CYGPATH_W) '$(srcdir)/encoding/generator.c'; fi` message.o: encoding/message.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT message.o -MD -MP -MF "$(DEPDIR)/message.Tpo" -c -o message.o `test -f 'encoding/message.c' || echo '$(srcdir)/'`encoding/message.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/message.Tpo" "$(DEPDIR)/message.Po"; else rm -f "$(DEPDIR)/message.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT message.o -MD -MP -MF $(DEPDIR)/message.Tpo -c -o message.o `test -f 'encoding/message.c' || echo '$(srcdir)/'`encoding/message.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/message.Tpo $(DEPDIR)/message.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/message.c' object='message.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o message.o `test -f 'encoding/message.c' || echo '$(srcdir)/'`encoding/message.c message.obj: encoding/message.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT message.obj -MD -MP -MF "$(DEPDIR)/message.Tpo" -c -o message.obj `if test -f 'encoding/message.c'; then $(CYGPATH_W) 'encoding/message.c'; else $(CYGPATH_W) '$(srcdir)/encoding/message.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/message.Tpo" "$(DEPDIR)/message.Po"; else rm -f "$(DEPDIR)/message.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT message.obj -MD -MP -MF $(DEPDIR)/message.Tpo -c -o message.obj `if test -f 'encoding/message.c'; then $(CYGPATH_W) 'encoding/message.c'; else $(CYGPATH_W) '$(srcdir)/encoding/message.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/message.Tpo $(DEPDIR)/message.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/message.c' object='message.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o message.obj `if test -f 'encoding/message.c'; then $(CYGPATH_W) 'encoding/message.c'; else $(CYGPATH_W) '$(srcdir)/encoding/message.c'; fi` parser.o: encoding/parser.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT parser.o -MD -MP -MF "$(DEPDIR)/parser.Tpo" -c -o parser.o `test -f 'encoding/parser.c' || echo '$(srcdir)/'`encoding/parser.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/parser.Tpo" "$(DEPDIR)/parser.Po"; else rm -f "$(DEPDIR)/parser.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT parser.o -MD -MP -MF $(DEPDIR)/parser.Tpo -c -o parser.o `test -f 'encoding/parser.c' || echo '$(srcdir)/'`encoding/parser.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/parser.Tpo $(DEPDIR)/parser.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/parser.c' object='parser.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o parser.o `test -f 'encoding/parser.c' || echo '$(srcdir)/'`encoding/parser.c parser.obj: encoding/parser.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT parser.obj -MD -MP -MF "$(DEPDIR)/parser.Tpo" -c -o parser.obj `if test -f 'encoding/parser.c'; then $(CYGPATH_W) 'encoding/parser.c'; else $(CYGPATH_W) '$(srcdir)/encoding/parser.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/parser.Tpo" "$(DEPDIR)/parser.Po"; else rm -f "$(DEPDIR)/parser.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT parser.obj -MD -MP -MF $(DEPDIR)/parser.Tpo -c -o parser.obj `if test -f 'encoding/parser.c'; then $(CYGPATH_W) 'encoding/parser.c'; else $(CYGPATH_W) '$(srcdir)/encoding/parser.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/parser.Tpo $(DEPDIR)/parser.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/parser.c' object='parser.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o parser.obj `if test -f 'encoding/parser.c'; then $(CYGPATH_W) 'encoding/parser.c'; else $(CYGPATH_W) '$(srcdir)/encoding/parser.c'; fi` auth_payload.o: encoding/payloads/auth_payload.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT auth_payload.o -MD -MP -MF "$(DEPDIR)/auth_payload.Tpo" -c -o auth_payload.o `test -f 'encoding/payloads/auth_payload.c' || echo '$(srcdir)/'`encoding/payloads/auth_payload.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/auth_payload.Tpo" "$(DEPDIR)/auth_payload.Po"; else rm -f "$(DEPDIR)/auth_payload.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT auth_payload.o -MD -MP -MF $(DEPDIR)/auth_payload.Tpo -c -o auth_payload.o `test -f 'encoding/payloads/auth_payload.c' || echo '$(srcdir)/'`encoding/payloads/auth_payload.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/auth_payload.Tpo $(DEPDIR)/auth_payload.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/payloads/auth_payload.c' object='auth_payload.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o auth_payload.o `test -f 'encoding/payloads/auth_payload.c' || echo '$(srcdir)/'`encoding/payloads/auth_payload.c auth_payload.obj: encoding/payloads/auth_payload.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT auth_payload.obj -MD -MP -MF "$(DEPDIR)/auth_payload.Tpo" -c -o auth_payload.obj `if test -f 'encoding/payloads/auth_payload.c'; then $(CYGPATH_W) 'encoding/payloads/auth_payload.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/auth_payload.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/auth_payload.Tpo" "$(DEPDIR)/auth_payload.Po"; else rm -f "$(DEPDIR)/auth_payload.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT auth_payload.obj -MD -MP -MF $(DEPDIR)/auth_payload.Tpo -c -o auth_payload.obj `if test -f 'encoding/payloads/auth_payload.c'; then $(CYGPATH_W) 'encoding/payloads/auth_payload.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/auth_payload.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/auth_payload.Tpo $(DEPDIR)/auth_payload.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/payloads/auth_payload.c' object='auth_payload.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o auth_payload.obj `if test -f 'encoding/payloads/auth_payload.c'; then $(CYGPATH_W) 'encoding/payloads/auth_payload.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/auth_payload.c'; fi` cert_payload.o: encoding/payloads/cert_payload.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT cert_payload.o -MD -MP -MF "$(DEPDIR)/cert_payload.Tpo" -c -o cert_payload.o `test -f 'encoding/payloads/cert_payload.c' || echo '$(srcdir)/'`encoding/payloads/cert_payload.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/cert_payload.Tpo" "$(DEPDIR)/cert_payload.Po"; else rm -f "$(DEPDIR)/cert_payload.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT cert_payload.o -MD -MP -MF $(DEPDIR)/cert_payload.Tpo -c -o cert_payload.o `test -f 'encoding/payloads/cert_payload.c' || echo '$(srcdir)/'`encoding/payloads/cert_payload.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/cert_payload.Tpo $(DEPDIR)/cert_payload.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/payloads/cert_payload.c' object='cert_payload.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o cert_payload.o `test -f 'encoding/payloads/cert_payload.c' || echo '$(srcdir)/'`encoding/payloads/cert_payload.c cert_payload.obj: encoding/payloads/cert_payload.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT cert_payload.obj -MD -MP -MF "$(DEPDIR)/cert_payload.Tpo" -c -o cert_payload.obj `if test -f 'encoding/payloads/cert_payload.c'; then $(CYGPATH_W) 'encoding/payloads/cert_payload.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/cert_payload.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/cert_payload.Tpo" "$(DEPDIR)/cert_payload.Po"; else rm -f "$(DEPDIR)/cert_payload.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT cert_payload.obj -MD -MP -MF $(DEPDIR)/cert_payload.Tpo -c -o cert_payload.obj `if test -f 'encoding/payloads/cert_payload.c'; then $(CYGPATH_W) 'encoding/payloads/cert_payload.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/cert_payload.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/cert_payload.Tpo $(DEPDIR)/cert_payload.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/payloads/cert_payload.c' object='cert_payload.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o cert_payload.obj `if test -f 'encoding/payloads/cert_payload.c'; then $(CYGPATH_W) 'encoding/payloads/cert_payload.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/cert_payload.c'; fi` certreq_payload.o: encoding/payloads/certreq_payload.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT certreq_payload.o -MD -MP -MF "$(DEPDIR)/certreq_payload.Tpo" -c -o certreq_payload.o `test -f 'encoding/payloads/certreq_payload.c' || echo '$(srcdir)/'`encoding/payloads/certreq_payload.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/certreq_payload.Tpo" "$(DEPDIR)/certreq_payload.Po"; else rm -f "$(DEPDIR)/certreq_payload.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT certreq_payload.o -MD -MP -MF $(DEPDIR)/certreq_payload.Tpo -c -o certreq_payload.o `test -f 'encoding/payloads/certreq_payload.c' || echo '$(srcdir)/'`encoding/payloads/certreq_payload.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/certreq_payload.Tpo $(DEPDIR)/certreq_payload.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/payloads/certreq_payload.c' object='certreq_payload.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o certreq_payload.o `test -f 'encoding/payloads/certreq_payload.c' || echo '$(srcdir)/'`encoding/payloads/certreq_payload.c certreq_payload.obj: encoding/payloads/certreq_payload.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT certreq_payload.obj -MD -MP -MF "$(DEPDIR)/certreq_payload.Tpo" -c -o certreq_payload.obj `if test -f 'encoding/payloads/certreq_payload.c'; then $(CYGPATH_W) 'encoding/payloads/certreq_payload.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/certreq_payload.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/certreq_payload.Tpo" "$(DEPDIR)/certreq_payload.Po"; else rm -f "$(DEPDIR)/certreq_payload.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT certreq_payload.obj -MD -MP -MF $(DEPDIR)/certreq_payload.Tpo -c -o certreq_payload.obj `if test -f 'encoding/payloads/certreq_payload.c'; then $(CYGPATH_W) 'encoding/payloads/certreq_payload.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/certreq_payload.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/certreq_payload.Tpo $(DEPDIR)/certreq_payload.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/payloads/certreq_payload.c' object='certreq_payload.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o certreq_payload.obj `if test -f 'encoding/payloads/certreq_payload.c'; then $(CYGPATH_W) 'encoding/payloads/certreq_payload.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/certreq_payload.c'; fi` configuration_attribute.o: encoding/payloads/configuration_attribute.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT configuration_attribute.o -MD -MP -MF "$(DEPDIR)/configuration_attribute.Tpo" -c -o configuration_attribute.o `test -f 'encoding/payloads/configuration_attribute.c' || echo '$(srcdir)/'`encoding/payloads/configuration_attribute.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/configuration_attribute.Tpo" "$(DEPDIR)/configuration_attribute.Po"; else rm -f "$(DEPDIR)/configuration_attribute.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT configuration_attribute.o -MD -MP -MF $(DEPDIR)/configuration_attribute.Tpo -c -o configuration_attribute.o `test -f 'encoding/payloads/configuration_attribute.c' || echo '$(srcdir)/'`encoding/payloads/configuration_attribute.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/configuration_attribute.Tpo $(DEPDIR)/configuration_attribute.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/payloads/configuration_attribute.c' object='configuration_attribute.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o configuration_attribute.o `test -f 'encoding/payloads/configuration_attribute.c' || echo '$(srcdir)/'`encoding/payloads/configuration_attribute.c configuration_attribute.obj: encoding/payloads/configuration_attribute.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT configuration_attribute.obj -MD -MP -MF "$(DEPDIR)/configuration_attribute.Tpo" -c -o configuration_attribute.obj `if test -f 'encoding/payloads/configuration_attribute.c'; then $(CYGPATH_W) 'encoding/payloads/configuration_attribute.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/configuration_attribute.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/configuration_attribute.Tpo" "$(DEPDIR)/configuration_attribute.Po"; else rm -f "$(DEPDIR)/configuration_attribute.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT configuration_attribute.obj -MD -MP -MF $(DEPDIR)/configuration_attribute.Tpo -c -o configuration_attribute.obj `if test -f 'encoding/payloads/configuration_attribute.c'; then $(CYGPATH_W) 'encoding/payloads/configuration_attribute.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/configuration_attribute.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/configuration_attribute.Tpo $(DEPDIR)/configuration_attribute.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/payloads/configuration_attribute.c' object='configuration_attribute.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o configuration_attribute.obj `if test -f 'encoding/payloads/configuration_attribute.c'; then $(CYGPATH_W) 'encoding/payloads/configuration_attribute.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/configuration_attribute.c'; fi` cp_payload.o: encoding/payloads/cp_payload.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT cp_payload.o -MD -MP -MF "$(DEPDIR)/cp_payload.Tpo" -c -o cp_payload.o `test -f 'encoding/payloads/cp_payload.c' || echo '$(srcdir)/'`encoding/payloads/cp_payload.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/cp_payload.Tpo" "$(DEPDIR)/cp_payload.Po"; else rm -f "$(DEPDIR)/cp_payload.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT cp_payload.o -MD -MP -MF $(DEPDIR)/cp_payload.Tpo -c -o cp_payload.o `test -f 'encoding/payloads/cp_payload.c' || echo '$(srcdir)/'`encoding/payloads/cp_payload.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/cp_payload.Tpo $(DEPDIR)/cp_payload.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/payloads/cp_payload.c' object='cp_payload.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o cp_payload.o `test -f 'encoding/payloads/cp_payload.c' || echo '$(srcdir)/'`encoding/payloads/cp_payload.c cp_payload.obj: encoding/payloads/cp_payload.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT cp_payload.obj -MD -MP -MF "$(DEPDIR)/cp_payload.Tpo" -c -o cp_payload.obj `if test -f 'encoding/payloads/cp_payload.c'; then $(CYGPATH_W) 'encoding/payloads/cp_payload.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/cp_payload.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/cp_payload.Tpo" "$(DEPDIR)/cp_payload.Po"; else rm -f "$(DEPDIR)/cp_payload.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT cp_payload.obj -MD -MP -MF $(DEPDIR)/cp_payload.Tpo -c -o cp_payload.obj `if test -f 'encoding/payloads/cp_payload.c'; then $(CYGPATH_W) 'encoding/payloads/cp_payload.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/cp_payload.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/cp_payload.Tpo $(DEPDIR)/cp_payload.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/payloads/cp_payload.c' object='cp_payload.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o cp_payload.obj `if test -f 'encoding/payloads/cp_payload.c'; then $(CYGPATH_W) 'encoding/payloads/cp_payload.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/cp_payload.c'; fi` delete_payload.o: encoding/payloads/delete_payload.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT delete_payload.o -MD -MP -MF "$(DEPDIR)/delete_payload.Tpo" -c -o delete_payload.o `test -f 'encoding/payloads/delete_payload.c' || echo '$(srcdir)/'`encoding/payloads/delete_payload.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/delete_payload.Tpo" "$(DEPDIR)/delete_payload.Po"; else rm -f "$(DEPDIR)/delete_payload.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT delete_payload.o -MD -MP -MF $(DEPDIR)/delete_payload.Tpo -c -o delete_payload.o `test -f 'encoding/payloads/delete_payload.c' || echo '$(srcdir)/'`encoding/payloads/delete_payload.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/delete_payload.Tpo $(DEPDIR)/delete_payload.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/payloads/delete_payload.c' object='delete_payload.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o delete_payload.o `test -f 'encoding/payloads/delete_payload.c' || echo '$(srcdir)/'`encoding/payloads/delete_payload.c delete_payload.obj: encoding/payloads/delete_payload.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT delete_payload.obj -MD -MP -MF "$(DEPDIR)/delete_payload.Tpo" -c -o delete_payload.obj `if test -f 'encoding/payloads/delete_payload.c'; then $(CYGPATH_W) 'encoding/payloads/delete_payload.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/delete_payload.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/delete_payload.Tpo" "$(DEPDIR)/delete_payload.Po"; else rm -f "$(DEPDIR)/delete_payload.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT delete_payload.obj -MD -MP -MF $(DEPDIR)/delete_payload.Tpo -c -o delete_payload.obj `if test -f 'encoding/payloads/delete_payload.c'; then $(CYGPATH_W) 'encoding/payloads/delete_payload.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/delete_payload.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/delete_payload.Tpo $(DEPDIR)/delete_payload.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/payloads/delete_payload.c' object='delete_payload.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o delete_payload.obj `if test -f 'encoding/payloads/delete_payload.c'; then $(CYGPATH_W) 'encoding/payloads/delete_payload.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/delete_payload.c'; fi` eap_payload.o: encoding/payloads/eap_payload.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT eap_payload.o -MD -MP -MF "$(DEPDIR)/eap_payload.Tpo" -c -o eap_payload.o `test -f 'encoding/payloads/eap_payload.c' || echo '$(srcdir)/'`encoding/payloads/eap_payload.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/eap_payload.Tpo" "$(DEPDIR)/eap_payload.Po"; else rm -f "$(DEPDIR)/eap_payload.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT eap_payload.o -MD -MP -MF $(DEPDIR)/eap_payload.Tpo -c -o eap_payload.o `test -f 'encoding/payloads/eap_payload.c' || echo '$(srcdir)/'`encoding/payloads/eap_payload.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/eap_payload.Tpo $(DEPDIR)/eap_payload.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/payloads/eap_payload.c' object='eap_payload.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o eap_payload.o `test -f 'encoding/payloads/eap_payload.c' || echo '$(srcdir)/'`encoding/payloads/eap_payload.c eap_payload.obj: encoding/payloads/eap_payload.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT eap_payload.obj -MD -MP -MF "$(DEPDIR)/eap_payload.Tpo" -c -o eap_payload.obj `if test -f 'encoding/payloads/eap_payload.c'; then $(CYGPATH_W) 'encoding/payloads/eap_payload.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/eap_payload.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/eap_payload.Tpo" "$(DEPDIR)/eap_payload.Po"; else rm -f "$(DEPDIR)/eap_payload.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT eap_payload.obj -MD -MP -MF $(DEPDIR)/eap_payload.Tpo -c -o eap_payload.obj `if test -f 'encoding/payloads/eap_payload.c'; then $(CYGPATH_W) 'encoding/payloads/eap_payload.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/eap_payload.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/eap_payload.Tpo $(DEPDIR)/eap_payload.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/payloads/eap_payload.c' object='eap_payload.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o eap_payload.obj `if test -f 'encoding/payloads/eap_payload.c'; then $(CYGPATH_W) 'encoding/payloads/eap_payload.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/eap_payload.c'; fi` encodings.o: encoding/payloads/encodings.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT encodings.o -MD -MP -MF "$(DEPDIR)/encodings.Tpo" -c -o encodings.o `test -f 'encoding/payloads/encodings.c' || echo '$(srcdir)/'`encoding/payloads/encodings.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/encodings.Tpo" "$(DEPDIR)/encodings.Po"; else rm -f "$(DEPDIR)/encodings.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT encodings.o -MD -MP -MF $(DEPDIR)/encodings.Tpo -c -o encodings.o `test -f 'encoding/payloads/encodings.c' || echo '$(srcdir)/'`encoding/payloads/encodings.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/encodings.Tpo $(DEPDIR)/encodings.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/payloads/encodings.c' object='encodings.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o encodings.o `test -f 'encoding/payloads/encodings.c' || echo '$(srcdir)/'`encoding/payloads/encodings.c encodings.obj: encoding/payloads/encodings.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT encodings.obj -MD -MP -MF "$(DEPDIR)/encodings.Tpo" -c -o encodings.obj `if test -f 'encoding/payloads/encodings.c'; then $(CYGPATH_W) 'encoding/payloads/encodings.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/encodings.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/encodings.Tpo" "$(DEPDIR)/encodings.Po"; else rm -f "$(DEPDIR)/encodings.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT encodings.obj -MD -MP -MF $(DEPDIR)/encodings.Tpo -c -o encodings.obj `if test -f 'encoding/payloads/encodings.c'; then $(CYGPATH_W) 'encoding/payloads/encodings.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/encodings.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/encodings.Tpo $(DEPDIR)/encodings.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/payloads/encodings.c' object='encodings.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o encodings.obj `if test -f 'encoding/payloads/encodings.c'; then $(CYGPATH_W) 'encoding/payloads/encodings.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/encodings.c'; fi` encryption_payload.o: encoding/payloads/encryption_payload.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT encryption_payload.o -MD -MP -MF "$(DEPDIR)/encryption_payload.Tpo" -c -o encryption_payload.o `test -f 'encoding/payloads/encryption_payload.c' || echo '$(srcdir)/'`encoding/payloads/encryption_payload.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/encryption_payload.Tpo" "$(DEPDIR)/encryption_payload.Po"; else rm -f "$(DEPDIR)/encryption_payload.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT encryption_payload.o -MD -MP -MF $(DEPDIR)/encryption_payload.Tpo -c -o encryption_payload.o `test -f 'encoding/payloads/encryption_payload.c' || echo '$(srcdir)/'`encoding/payloads/encryption_payload.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/encryption_payload.Tpo $(DEPDIR)/encryption_payload.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/payloads/encryption_payload.c' object='encryption_payload.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o encryption_payload.o `test -f 'encoding/payloads/encryption_payload.c' || echo '$(srcdir)/'`encoding/payloads/encryption_payload.c encryption_payload.obj: encoding/payloads/encryption_payload.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT encryption_payload.obj -MD -MP -MF "$(DEPDIR)/encryption_payload.Tpo" -c -o encryption_payload.obj `if test -f 'encoding/payloads/encryption_payload.c'; then $(CYGPATH_W) 'encoding/payloads/encryption_payload.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/encryption_payload.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/encryption_payload.Tpo" "$(DEPDIR)/encryption_payload.Po"; else rm -f "$(DEPDIR)/encryption_payload.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT encryption_payload.obj -MD -MP -MF $(DEPDIR)/encryption_payload.Tpo -c -o encryption_payload.obj `if test -f 'encoding/payloads/encryption_payload.c'; then $(CYGPATH_W) 'encoding/payloads/encryption_payload.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/encryption_payload.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/encryption_payload.Tpo $(DEPDIR)/encryption_payload.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/payloads/encryption_payload.c' object='encryption_payload.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o encryption_payload.obj `if test -f 'encoding/payloads/encryption_payload.c'; then $(CYGPATH_W) 'encoding/payloads/encryption_payload.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/encryption_payload.c'; fi` id_payload.o: encoding/payloads/id_payload.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT id_payload.o -MD -MP -MF "$(DEPDIR)/id_payload.Tpo" -c -o id_payload.o `test -f 'encoding/payloads/id_payload.c' || echo '$(srcdir)/'`encoding/payloads/id_payload.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/id_payload.Tpo" "$(DEPDIR)/id_payload.Po"; else rm -f "$(DEPDIR)/id_payload.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT id_payload.o -MD -MP -MF $(DEPDIR)/id_payload.Tpo -c -o id_payload.o `test -f 'encoding/payloads/id_payload.c' || echo '$(srcdir)/'`encoding/payloads/id_payload.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/id_payload.Tpo $(DEPDIR)/id_payload.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/payloads/id_payload.c' object='id_payload.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o id_payload.o `test -f 'encoding/payloads/id_payload.c' || echo '$(srcdir)/'`encoding/payloads/id_payload.c id_payload.obj: encoding/payloads/id_payload.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT id_payload.obj -MD -MP -MF "$(DEPDIR)/id_payload.Tpo" -c -o id_payload.obj `if test -f 'encoding/payloads/id_payload.c'; then $(CYGPATH_W) 'encoding/payloads/id_payload.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/id_payload.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/id_payload.Tpo" "$(DEPDIR)/id_payload.Po"; else rm -f "$(DEPDIR)/id_payload.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT id_payload.obj -MD -MP -MF $(DEPDIR)/id_payload.Tpo -c -o id_payload.obj `if test -f 'encoding/payloads/id_payload.c'; then $(CYGPATH_W) 'encoding/payloads/id_payload.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/id_payload.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/id_payload.Tpo $(DEPDIR)/id_payload.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/payloads/id_payload.c' object='id_payload.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o id_payload.obj `if test -f 'encoding/payloads/id_payload.c'; then $(CYGPATH_W) 'encoding/payloads/id_payload.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/id_payload.c'; fi` ike_header.o: encoding/payloads/ike_header.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_header.o -MD -MP -MF "$(DEPDIR)/ike_header.Tpo" -c -o ike_header.o `test -f 'encoding/payloads/ike_header.c' || echo '$(srcdir)/'`encoding/payloads/ike_header.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ike_header.Tpo" "$(DEPDIR)/ike_header.Po"; else rm -f "$(DEPDIR)/ike_header.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_header.o -MD -MP -MF $(DEPDIR)/ike_header.Tpo -c -o ike_header.o `test -f 'encoding/payloads/ike_header.c' || echo '$(srcdir)/'`encoding/payloads/ike_header.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ike_header.Tpo $(DEPDIR)/ike_header.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/payloads/ike_header.c' object='ike_header.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ike_header.o `test -f 'encoding/payloads/ike_header.c' || echo '$(srcdir)/'`encoding/payloads/ike_header.c ike_header.obj: encoding/payloads/ike_header.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_header.obj -MD -MP -MF "$(DEPDIR)/ike_header.Tpo" -c -o ike_header.obj `if test -f 'encoding/payloads/ike_header.c'; then $(CYGPATH_W) 'encoding/payloads/ike_header.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/ike_header.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ike_header.Tpo" "$(DEPDIR)/ike_header.Po"; else rm -f "$(DEPDIR)/ike_header.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_header.obj -MD -MP -MF $(DEPDIR)/ike_header.Tpo -c -o ike_header.obj `if test -f 'encoding/payloads/ike_header.c'; then $(CYGPATH_W) 'encoding/payloads/ike_header.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/ike_header.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ike_header.Tpo $(DEPDIR)/ike_header.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/payloads/ike_header.c' object='ike_header.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ike_header.obj `if test -f 'encoding/payloads/ike_header.c'; then $(CYGPATH_W) 'encoding/payloads/ike_header.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/ike_header.c'; fi` ke_payload.o: encoding/payloads/ke_payload.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ke_payload.o -MD -MP -MF "$(DEPDIR)/ke_payload.Tpo" -c -o ke_payload.o `test -f 'encoding/payloads/ke_payload.c' || echo '$(srcdir)/'`encoding/payloads/ke_payload.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ke_payload.Tpo" "$(DEPDIR)/ke_payload.Po"; else rm -f "$(DEPDIR)/ke_payload.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ke_payload.o -MD -MP -MF $(DEPDIR)/ke_payload.Tpo -c -o ke_payload.o `test -f 'encoding/payloads/ke_payload.c' || echo '$(srcdir)/'`encoding/payloads/ke_payload.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ke_payload.Tpo $(DEPDIR)/ke_payload.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/payloads/ke_payload.c' object='ke_payload.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ke_payload.o `test -f 'encoding/payloads/ke_payload.c' || echo '$(srcdir)/'`encoding/payloads/ke_payload.c ke_payload.obj: encoding/payloads/ke_payload.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ke_payload.obj -MD -MP -MF "$(DEPDIR)/ke_payload.Tpo" -c -o ke_payload.obj `if test -f 'encoding/payloads/ke_payload.c'; then $(CYGPATH_W) 'encoding/payloads/ke_payload.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/ke_payload.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ke_payload.Tpo" "$(DEPDIR)/ke_payload.Po"; else rm -f "$(DEPDIR)/ke_payload.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ke_payload.obj -MD -MP -MF $(DEPDIR)/ke_payload.Tpo -c -o ke_payload.obj `if test -f 'encoding/payloads/ke_payload.c'; then $(CYGPATH_W) 'encoding/payloads/ke_payload.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/ke_payload.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ke_payload.Tpo $(DEPDIR)/ke_payload.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/payloads/ke_payload.c' object='ke_payload.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ke_payload.obj `if test -f 'encoding/payloads/ke_payload.c'; then $(CYGPATH_W) 'encoding/payloads/ke_payload.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/ke_payload.c'; fi` nonce_payload.o: encoding/payloads/nonce_payload.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT nonce_payload.o -MD -MP -MF "$(DEPDIR)/nonce_payload.Tpo" -c -o nonce_payload.o `test -f 'encoding/payloads/nonce_payload.c' || echo '$(srcdir)/'`encoding/payloads/nonce_payload.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/nonce_payload.Tpo" "$(DEPDIR)/nonce_payload.Po"; else rm -f "$(DEPDIR)/nonce_payload.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT nonce_payload.o -MD -MP -MF $(DEPDIR)/nonce_payload.Tpo -c -o nonce_payload.o `test -f 'encoding/payloads/nonce_payload.c' || echo '$(srcdir)/'`encoding/payloads/nonce_payload.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/nonce_payload.Tpo $(DEPDIR)/nonce_payload.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/payloads/nonce_payload.c' object='nonce_payload.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o nonce_payload.o `test -f 'encoding/payloads/nonce_payload.c' || echo '$(srcdir)/'`encoding/payloads/nonce_payload.c nonce_payload.obj: encoding/payloads/nonce_payload.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT nonce_payload.obj -MD -MP -MF "$(DEPDIR)/nonce_payload.Tpo" -c -o nonce_payload.obj `if test -f 'encoding/payloads/nonce_payload.c'; then $(CYGPATH_W) 'encoding/payloads/nonce_payload.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/nonce_payload.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/nonce_payload.Tpo" "$(DEPDIR)/nonce_payload.Po"; else rm -f "$(DEPDIR)/nonce_payload.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT nonce_payload.obj -MD -MP -MF $(DEPDIR)/nonce_payload.Tpo -c -o nonce_payload.obj `if test -f 'encoding/payloads/nonce_payload.c'; then $(CYGPATH_W) 'encoding/payloads/nonce_payload.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/nonce_payload.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/nonce_payload.Tpo $(DEPDIR)/nonce_payload.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/payloads/nonce_payload.c' object='nonce_payload.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o nonce_payload.obj `if test -f 'encoding/payloads/nonce_payload.c'; then $(CYGPATH_W) 'encoding/payloads/nonce_payload.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/nonce_payload.c'; fi` notify_payload.o: encoding/payloads/notify_payload.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT notify_payload.o -MD -MP -MF "$(DEPDIR)/notify_payload.Tpo" -c -o notify_payload.o `test -f 'encoding/payloads/notify_payload.c' || echo '$(srcdir)/'`encoding/payloads/notify_payload.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/notify_payload.Tpo" "$(DEPDIR)/notify_payload.Po"; else rm -f "$(DEPDIR)/notify_payload.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT notify_payload.o -MD -MP -MF $(DEPDIR)/notify_payload.Tpo -c -o notify_payload.o `test -f 'encoding/payloads/notify_payload.c' || echo '$(srcdir)/'`encoding/payloads/notify_payload.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/notify_payload.Tpo $(DEPDIR)/notify_payload.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/payloads/notify_payload.c' object='notify_payload.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o notify_payload.o `test -f 'encoding/payloads/notify_payload.c' || echo '$(srcdir)/'`encoding/payloads/notify_payload.c notify_payload.obj: encoding/payloads/notify_payload.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT notify_payload.obj -MD -MP -MF "$(DEPDIR)/notify_payload.Tpo" -c -o notify_payload.obj `if test -f 'encoding/payloads/notify_payload.c'; then $(CYGPATH_W) 'encoding/payloads/notify_payload.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/notify_payload.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/notify_payload.Tpo" "$(DEPDIR)/notify_payload.Po"; else rm -f "$(DEPDIR)/notify_payload.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT notify_payload.obj -MD -MP -MF $(DEPDIR)/notify_payload.Tpo -c -o notify_payload.obj `if test -f 'encoding/payloads/notify_payload.c'; then $(CYGPATH_W) 'encoding/payloads/notify_payload.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/notify_payload.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/notify_payload.Tpo $(DEPDIR)/notify_payload.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/payloads/notify_payload.c' object='notify_payload.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o notify_payload.obj `if test -f 'encoding/payloads/notify_payload.c'; then $(CYGPATH_W) 'encoding/payloads/notify_payload.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/notify_payload.c'; fi` payload.o: encoding/payloads/payload.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT payload.o -MD -MP -MF "$(DEPDIR)/payload.Tpo" -c -o payload.o `test -f 'encoding/payloads/payload.c' || echo '$(srcdir)/'`encoding/payloads/payload.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/payload.Tpo" "$(DEPDIR)/payload.Po"; else rm -f "$(DEPDIR)/payload.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT payload.o -MD -MP -MF $(DEPDIR)/payload.Tpo -c -o payload.o `test -f 'encoding/payloads/payload.c' || echo '$(srcdir)/'`encoding/payloads/payload.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/payload.Tpo $(DEPDIR)/payload.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/payloads/payload.c' object='payload.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o payload.o `test -f 'encoding/payloads/payload.c' || echo '$(srcdir)/'`encoding/payloads/payload.c payload.obj: encoding/payloads/payload.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT payload.obj -MD -MP -MF "$(DEPDIR)/payload.Tpo" -c -o payload.obj `if test -f 'encoding/payloads/payload.c'; then $(CYGPATH_W) 'encoding/payloads/payload.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/payload.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/payload.Tpo" "$(DEPDIR)/payload.Po"; else rm -f "$(DEPDIR)/payload.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT payload.obj -MD -MP -MF $(DEPDIR)/payload.Tpo -c -o payload.obj `if test -f 'encoding/payloads/payload.c'; then $(CYGPATH_W) 'encoding/payloads/payload.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/payload.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/payload.Tpo $(DEPDIR)/payload.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/payloads/payload.c' object='payload.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o payload.obj `if test -f 'encoding/payloads/payload.c'; then $(CYGPATH_W) 'encoding/payloads/payload.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/payload.c'; fi` proposal_substructure.o: encoding/payloads/proposal_substructure.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT proposal_substructure.o -MD -MP -MF "$(DEPDIR)/proposal_substructure.Tpo" -c -o proposal_substructure.o `test -f 'encoding/payloads/proposal_substructure.c' || echo '$(srcdir)/'`encoding/payloads/proposal_substructure.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/proposal_substructure.Tpo" "$(DEPDIR)/proposal_substructure.Po"; else rm -f "$(DEPDIR)/proposal_substructure.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT proposal_substructure.o -MD -MP -MF $(DEPDIR)/proposal_substructure.Tpo -c -o proposal_substructure.o `test -f 'encoding/payloads/proposal_substructure.c' || echo '$(srcdir)/'`encoding/payloads/proposal_substructure.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/proposal_substructure.Tpo $(DEPDIR)/proposal_substructure.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/payloads/proposal_substructure.c' object='proposal_substructure.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o proposal_substructure.o `test -f 'encoding/payloads/proposal_substructure.c' || echo '$(srcdir)/'`encoding/payloads/proposal_substructure.c proposal_substructure.obj: encoding/payloads/proposal_substructure.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT proposal_substructure.obj -MD -MP -MF "$(DEPDIR)/proposal_substructure.Tpo" -c -o proposal_substructure.obj `if test -f 'encoding/payloads/proposal_substructure.c'; then $(CYGPATH_W) 'encoding/payloads/proposal_substructure.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/proposal_substructure.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/proposal_substructure.Tpo" "$(DEPDIR)/proposal_substructure.Po"; else rm -f "$(DEPDIR)/proposal_substructure.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT proposal_substructure.obj -MD -MP -MF $(DEPDIR)/proposal_substructure.Tpo -c -o proposal_substructure.obj `if test -f 'encoding/payloads/proposal_substructure.c'; then $(CYGPATH_W) 'encoding/payloads/proposal_substructure.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/proposal_substructure.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/proposal_substructure.Tpo $(DEPDIR)/proposal_substructure.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/payloads/proposal_substructure.c' object='proposal_substructure.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o proposal_substructure.obj `if test -f 'encoding/payloads/proposal_substructure.c'; then $(CYGPATH_W) 'encoding/payloads/proposal_substructure.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/proposal_substructure.c'; fi` sa_payload.o: encoding/payloads/sa_payload.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT sa_payload.o -MD -MP -MF "$(DEPDIR)/sa_payload.Tpo" -c -o sa_payload.o `test -f 'encoding/payloads/sa_payload.c' || echo '$(srcdir)/'`encoding/payloads/sa_payload.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/sa_payload.Tpo" "$(DEPDIR)/sa_payload.Po"; else rm -f "$(DEPDIR)/sa_payload.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT sa_payload.o -MD -MP -MF $(DEPDIR)/sa_payload.Tpo -c -o sa_payload.o `test -f 'encoding/payloads/sa_payload.c' || echo '$(srcdir)/'`encoding/payloads/sa_payload.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/sa_payload.Tpo $(DEPDIR)/sa_payload.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/payloads/sa_payload.c' object='sa_payload.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o sa_payload.o `test -f 'encoding/payloads/sa_payload.c' || echo '$(srcdir)/'`encoding/payloads/sa_payload.c sa_payload.obj: encoding/payloads/sa_payload.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT sa_payload.obj -MD -MP -MF "$(DEPDIR)/sa_payload.Tpo" -c -o sa_payload.obj `if test -f 'encoding/payloads/sa_payload.c'; then $(CYGPATH_W) 'encoding/payloads/sa_payload.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/sa_payload.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/sa_payload.Tpo" "$(DEPDIR)/sa_payload.Po"; else rm -f "$(DEPDIR)/sa_payload.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT sa_payload.obj -MD -MP -MF $(DEPDIR)/sa_payload.Tpo -c -o sa_payload.obj `if test -f 'encoding/payloads/sa_payload.c'; then $(CYGPATH_W) 'encoding/payloads/sa_payload.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/sa_payload.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/sa_payload.Tpo $(DEPDIR)/sa_payload.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/payloads/sa_payload.c' object='sa_payload.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o sa_payload.obj `if test -f 'encoding/payloads/sa_payload.c'; then $(CYGPATH_W) 'encoding/payloads/sa_payload.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/sa_payload.c'; fi` traffic_selector_substructure.o: encoding/payloads/traffic_selector_substructure.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT traffic_selector_substructure.o -MD -MP -MF "$(DEPDIR)/traffic_selector_substructure.Tpo" -c -o traffic_selector_substructure.o `test -f 'encoding/payloads/traffic_selector_substructure.c' || echo '$(srcdir)/'`encoding/payloads/traffic_selector_substructure.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/traffic_selector_substructure.Tpo" "$(DEPDIR)/traffic_selector_substructure.Po"; else rm -f "$(DEPDIR)/traffic_selector_substructure.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT traffic_selector_substructure.o -MD -MP -MF $(DEPDIR)/traffic_selector_substructure.Tpo -c -o traffic_selector_substructure.o `test -f 'encoding/payloads/traffic_selector_substructure.c' || echo '$(srcdir)/'`encoding/payloads/traffic_selector_substructure.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/traffic_selector_substructure.Tpo $(DEPDIR)/traffic_selector_substructure.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/payloads/traffic_selector_substructure.c' object='traffic_selector_substructure.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o traffic_selector_substructure.o `test -f 'encoding/payloads/traffic_selector_substructure.c' || echo '$(srcdir)/'`encoding/payloads/traffic_selector_substructure.c traffic_selector_substructure.obj: encoding/payloads/traffic_selector_substructure.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT traffic_selector_substructure.obj -MD -MP -MF "$(DEPDIR)/traffic_selector_substructure.Tpo" -c -o traffic_selector_substructure.obj `if test -f 'encoding/payloads/traffic_selector_substructure.c'; then $(CYGPATH_W) 'encoding/payloads/traffic_selector_substructure.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/traffic_selector_substructure.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/traffic_selector_substructure.Tpo" "$(DEPDIR)/traffic_selector_substructure.Po"; else rm -f "$(DEPDIR)/traffic_selector_substructure.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT traffic_selector_substructure.obj -MD -MP -MF $(DEPDIR)/traffic_selector_substructure.Tpo -c -o traffic_selector_substructure.obj `if test -f 'encoding/payloads/traffic_selector_substructure.c'; then $(CYGPATH_W) 'encoding/payloads/traffic_selector_substructure.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/traffic_selector_substructure.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/traffic_selector_substructure.Tpo $(DEPDIR)/traffic_selector_substructure.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/payloads/traffic_selector_substructure.c' object='traffic_selector_substructure.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o traffic_selector_substructure.obj `if test -f 'encoding/payloads/traffic_selector_substructure.c'; then $(CYGPATH_W) 'encoding/payloads/traffic_selector_substructure.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/traffic_selector_substructure.c'; fi` transform_attribute.o: encoding/payloads/transform_attribute.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT transform_attribute.o -MD -MP -MF "$(DEPDIR)/transform_attribute.Tpo" -c -o transform_attribute.o `test -f 'encoding/payloads/transform_attribute.c' || echo '$(srcdir)/'`encoding/payloads/transform_attribute.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/transform_attribute.Tpo" "$(DEPDIR)/transform_attribute.Po"; else rm -f "$(DEPDIR)/transform_attribute.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT transform_attribute.o -MD -MP -MF $(DEPDIR)/transform_attribute.Tpo -c -o transform_attribute.o `test -f 'encoding/payloads/transform_attribute.c' || echo '$(srcdir)/'`encoding/payloads/transform_attribute.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/transform_attribute.Tpo $(DEPDIR)/transform_attribute.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/payloads/transform_attribute.c' object='transform_attribute.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o transform_attribute.o `test -f 'encoding/payloads/transform_attribute.c' || echo '$(srcdir)/'`encoding/payloads/transform_attribute.c transform_attribute.obj: encoding/payloads/transform_attribute.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT transform_attribute.obj -MD -MP -MF "$(DEPDIR)/transform_attribute.Tpo" -c -o transform_attribute.obj `if test -f 'encoding/payloads/transform_attribute.c'; then $(CYGPATH_W) 'encoding/payloads/transform_attribute.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/transform_attribute.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/transform_attribute.Tpo" "$(DEPDIR)/transform_attribute.Po"; else rm -f "$(DEPDIR)/transform_attribute.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT transform_attribute.obj -MD -MP -MF $(DEPDIR)/transform_attribute.Tpo -c -o transform_attribute.obj `if test -f 'encoding/payloads/transform_attribute.c'; then $(CYGPATH_W) 'encoding/payloads/transform_attribute.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/transform_attribute.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/transform_attribute.Tpo $(DEPDIR)/transform_attribute.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/payloads/transform_attribute.c' object='transform_attribute.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o transform_attribute.obj `if test -f 'encoding/payloads/transform_attribute.c'; then $(CYGPATH_W) 'encoding/payloads/transform_attribute.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/transform_attribute.c'; fi` transform_substructure.o: encoding/payloads/transform_substructure.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT transform_substructure.o -MD -MP -MF "$(DEPDIR)/transform_substructure.Tpo" -c -o transform_substructure.o `test -f 'encoding/payloads/transform_substructure.c' || echo '$(srcdir)/'`encoding/payloads/transform_substructure.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/transform_substructure.Tpo" "$(DEPDIR)/transform_substructure.Po"; else rm -f "$(DEPDIR)/transform_substructure.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT transform_substructure.o -MD -MP -MF $(DEPDIR)/transform_substructure.Tpo -c -o transform_substructure.o `test -f 'encoding/payloads/transform_substructure.c' || echo '$(srcdir)/'`encoding/payloads/transform_substructure.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/transform_substructure.Tpo $(DEPDIR)/transform_substructure.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/payloads/transform_substructure.c' object='transform_substructure.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o transform_substructure.o `test -f 'encoding/payloads/transform_substructure.c' || echo '$(srcdir)/'`encoding/payloads/transform_substructure.c transform_substructure.obj: encoding/payloads/transform_substructure.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT transform_substructure.obj -MD -MP -MF "$(DEPDIR)/transform_substructure.Tpo" -c -o transform_substructure.obj `if test -f 'encoding/payloads/transform_substructure.c'; then $(CYGPATH_W) 'encoding/payloads/transform_substructure.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/transform_substructure.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/transform_substructure.Tpo" "$(DEPDIR)/transform_substructure.Po"; else rm -f "$(DEPDIR)/transform_substructure.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT transform_substructure.obj -MD -MP -MF $(DEPDIR)/transform_substructure.Tpo -c -o transform_substructure.obj `if test -f 'encoding/payloads/transform_substructure.c'; then $(CYGPATH_W) 'encoding/payloads/transform_substructure.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/transform_substructure.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/transform_substructure.Tpo $(DEPDIR)/transform_substructure.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/payloads/transform_substructure.c' object='transform_substructure.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o transform_substructure.obj `if test -f 'encoding/payloads/transform_substructure.c'; then $(CYGPATH_W) 'encoding/payloads/transform_substructure.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/transform_substructure.c'; fi` ts_payload.o: encoding/payloads/ts_payload.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ts_payload.o -MD -MP -MF "$(DEPDIR)/ts_payload.Tpo" -c -o ts_payload.o `test -f 'encoding/payloads/ts_payload.c' || echo '$(srcdir)/'`encoding/payloads/ts_payload.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ts_payload.Tpo" "$(DEPDIR)/ts_payload.Po"; else rm -f "$(DEPDIR)/ts_payload.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ts_payload.o -MD -MP -MF $(DEPDIR)/ts_payload.Tpo -c -o ts_payload.o `test -f 'encoding/payloads/ts_payload.c' || echo '$(srcdir)/'`encoding/payloads/ts_payload.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ts_payload.Tpo $(DEPDIR)/ts_payload.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/payloads/ts_payload.c' object='ts_payload.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ts_payload.o `test -f 'encoding/payloads/ts_payload.c' || echo '$(srcdir)/'`encoding/payloads/ts_payload.c ts_payload.obj: encoding/payloads/ts_payload.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ts_payload.obj -MD -MP -MF "$(DEPDIR)/ts_payload.Tpo" -c -o ts_payload.obj `if test -f 'encoding/payloads/ts_payload.c'; then $(CYGPATH_W) 'encoding/payloads/ts_payload.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/ts_payload.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ts_payload.Tpo" "$(DEPDIR)/ts_payload.Po"; else rm -f "$(DEPDIR)/ts_payload.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ts_payload.obj -MD -MP -MF $(DEPDIR)/ts_payload.Tpo -c -o ts_payload.obj `if test -f 'encoding/payloads/ts_payload.c'; then $(CYGPATH_W) 'encoding/payloads/ts_payload.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/ts_payload.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ts_payload.Tpo $(DEPDIR)/ts_payload.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/payloads/ts_payload.c' object='ts_payload.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ts_payload.obj `if test -f 'encoding/payloads/ts_payload.c'; then $(CYGPATH_W) 'encoding/payloads/ts_payload.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/ts_payload.c'; fi` unknown_payload.o: encoding/payloads/unknown_payload.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT unknown_payload.o -MD -MP -MF "$(DEPDIR)/unknown_payload.Tpo" -c -o unknown_payload.o `test -f 'encoding/payloads/unknown_payload.c' || echo '$(srcdir)/'`encoding/payloads/unknown_payload.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/unknown_payload.Tpo" "$(DEPDIR)/unknown_payload.Po"; else rm -f "$(DEPDIR)/unknown_payload.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT unknown_payload.o -MD -MP -MF $(DEPDIR)/unknown_payload.Tpo -c -o unknown_payload.o `test -f 'encoding/payloads/unknown_payload.c' || echo '$(srcdir)/'`encoding/payloads/unknown_payload.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/unknown_payload.Tpo $(DEPDIR)/unknown_payload.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/payloads/unknown_payload.c' object='unknown_payload.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o unknown_payload.o `test -f 'encoding/payloads/unknown_payload.c' || echo '$(srcdir)/'`encoding/payloads/unknown_payload.c unknown_payload.obj: encoding/payloads/unknown_payload.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT unknown_payload.obj -MD -MP -MF "$(DEPDIR)/unknown_payload.Tpo" -c -o unknown_payload.obj `if test -f 'encoding/payloads/unknown_payload.c'; then $(CYGPATH_W) 'encoding/payloads/unknown_payload.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/unknown_payload.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/unknown_payload.Tpo" "$(DEPDIR)/unknown_payload.Po"; else rm -f "$(DEPDIR)/unknown_payload.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT unknown_payload.obj -MD -MP -MF $(DEPDIR)/unknown_payload.Tpo -c -o unknown_payload.obj `if test -f 'encoding/payloads/unknown_payload.c'; then $(CYGPATH_W) 'encoding/payloads/unknown_payload.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/unknown_payload.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/unknown_payload.Tpo $(DEPDIR)/unknown_payload.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/payloads/unknown_payload.c' object='unknown_payload.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o unknown_payload.obj `if test -f 'encoding/payloads/unknown_payload.c'; then $(CYGPATH_W) 'encoding/payloads/unknown_payload.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/unknown_payload.c'; fi` vendor_id_payload.o: encoding/payloads/vendor_id_payload.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT vendor_id_payload.o -MD -MP -MF "$(DEPDIR)/vendor_id_payload.Tpo" -c -o vendor_id_payload.o `test -f 'encoding/payloads/vendor_id_payload.c' || echo '$(srcdir)/'`encoding/payloads/vendor_id_payload.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/vendor_id_payload.Tpo" "$(DEPDIR)/vendor_id_payload.Po"; else rm -f "$(DEPDIR)/vendor_id_payload.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT vendor_id_payload.o -MD -MP -MF $(DEPDIR)/vendor_id_payload.Tpo -c -o vendor_id_payload.o `test -f 'encoding/payloads/vendor_id_payload.c' || echo '$(srcdir)/'`encoding/payloads/vendor_id_payload.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/vendor_id_payload.Tpo $(DEPDIR)/vendor_id_payload.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/payloads/vendor_id_payload.c' object='vendor_id_payload.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o vendor_id_payload.o `test -f 'encoding/payloads/vendor_id_payload.c' || echo '$(srcdir)/'`encoding/payloads/vendor_id_payload.c vendor_id_payload.obj: encoding/payloads/vendor_id_payload.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT vendor_id_payload.obj -MD -MP -MF "$(DEPDIR)/vendor_id_payload.Tpo" -c -o vendor_id_payload.obj `if test -f 'encoding/payloads/vendor_id_payload.c'; then $(CYGPATH_W) 'encoding/payloads/vendor_id_payload.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/vendor_id_payload.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/vendor_id_payload.Tpo" "$(DEPDIR)/vendor_id_payload.Po"; else rm -f "$(DEPDIR)/vendor_id_payload.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT vendor_id_payload.obj -MD -MP -MF $(DEPDIR)/vendor_id_payload.Tpo -c -o vendor_id_payload.obj `if test -f 'encoding/payloads/vendor_id_payload.c'; then $(CYGPATH_W) 'encoding/payloads/vendor_id_payload.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/vendor_id_payload.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/vendor_id_payload.Tpo $(DEPDIR)/vendor_id_payload.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/payloads/vendor_id_payload.c' object='vendor_id_payload.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o vendor_id_payload.obj `if test -f 'encoding/payloads/vendor_id_payload.c'; then $(CYGPATH_W) 'encoding/payloads/vendor_id_payload.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/vendor_id_payload.c'; fi` kernel_interface.o: kernel/kernel_interface.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT kernel_interface.o -MD -MP -MF "$(DEPDIR)/kernel_interface.Tpo" -c -o kernel_interface.o `test -f 'kernel/kernel_interface.c' || echo '$(srcdir)/'`kernel/kernel_interface.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/kernel_interface.Tpo" "$(DEPDIR)/kernel_interface.Po"; else rm -f "$(DEPDIR)/kernel_interface.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT kernel_interface.o -MD -MP -MF $(DEPDIR)/kernel_interface.Tpo -c -o kernel_interface.o `test -f 'kernel/kernel_interface.c' || echo '$(srcdir)/'`kernel/kernel_interface.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/kernel_interface.Tpo $(DEPDIR)/kernel_interface.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='kernel/kernel_interface.c' object='kernel_interface.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o kernel_interface.o `test -f 'kernel/kernel_interface.c' || echo '$(srcdir)/'`kernel/kernel_interface.c kernel_interface.obj: kernel/kernel_interface.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT kernel_interface.obj -MD -MP -MF "$(DEPDIR)/kernel_interface.Tpo" -c -o kernel_interface.obj `if test -f 'kernel/kernel_interface.c'; then $(CYGPATH_W) 'kernel/kernel_interface.c'; else $(CYGPATH_W) '$(srcdir)/kernel/kernel_interface.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/kernel_interface.Tpo" "$(DEPDIR)/kernel_interface.Po"; else rm -f "$(DEPDIR)/kernel_interface.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT kernel_interface.obj -MD -MP -MF $(DEPDIR)/kernel_interface.Tpo -c -o kernel_interface.obj `if test -f 'kernel/kernel_interface.c'; then $(CYGPATH_W) 'kernel/kernel_interface.c'; else $(CYGPATH_W) '$(srcdir)/kernel/kernel_interface.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/kernel_interface.Tpo $(DEPDIR)/kernel_interface.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='kernel/kernel_interface.c' object='kernel_interface.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o kernel_interface.obj `if test -f 'kernel/kernel_interface.c'; then $(CYGPATH_W) 'kernel/kernel_interface.c'; else $(CYGPATH_W) '$(srcdir)/kernel/kernel_interface.c'; fi` packet.o: network/packet.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT packet.o -MD -MP -MF "$(DEPDIR)/packet.Tpo" -c -o packet.o `test -f 'network/packet.c' || echo '$(srcdir)/'`network/packet.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/packet.Tpo" "$(DEPDIR)/packet.Po"; else rm -f "$(DEPDIR)/packet.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT packet.o -MD -MP -MF $(DEPDIR)/packet.Tpo -c -o packet.o `test -f 'network/packet.c' || echo '$(srcdir)/'`network/packet.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/packet.Tpo $(DEPDIR)/packet.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='network/packet.c' object='packet.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o packet.o `test -f 'network/packet.c' || echo '$(srcdir)/'`network/packet.c packet.obj: network/packet.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT packet.obj -MD -MP -MF "$(DEPDIR)/packet.Tpo" -c -o packet.obj `if test -f 'network/packet.c'; then $(CYGPATH_W) 'network/packet.c'; else $(CYGPATH_W) '$(srcdir)/network/packet.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/packet.Tpo" "$(DEPDIR)/packet.Po"; else rm -f "$(DEPDIR)/packet.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT packet.obj -MD -MP -MF $(DEPDIR)/packet.Tpo -c -o packet.obj `if test -f 'network/packet.c'; then $(CYGPATH_W) 'network/packet.c'; else $(CYGPATH_W) '$(srcdir)/network/packet.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/packet.Tpo $(DEPDIR)/packet.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='network/packet.c' object='packet.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o packet.obj `if test -f 'network/packet.c'; then $(CYGPATH_W) 'network/packet.c'; else $(CYGPATH_W) '$(srcdir)/network/packet.c'; fi` receiver.o: network/receiver.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT receiver.o -MD -MP -MF "$(DEPDIR)/receiver.Tpo" -c -o receiver.o `test -f 'network/receiver.c' || echo '$(srcdir)/'`network/receiver.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/receiver.Tpo" "$(DEPDIR)/receiver.Po"; else rm -f "$(DEPDIR)/receiver.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT receiver.o -MD -MP -MF $(DEPDIR)/receiver.Tpo -c -o receiver.o `test -f 'network/receiver.c' || echo '$(srcdir)/'`network/receiver.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/receiver.Tpo $(DEPDIR)/receiver.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='network/receiver.c' object='receiver.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o receiver.o `test -f 'network/receiver.c' || echo '$(srcdir)/'`network/receiver.c receiver.obj: network/receiver.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT receiver.obj -MD -MP -MF "$(DEPDIR)/receiver.Tpo" -c -o receiver.obj `if test -f 'network/receiver.c'; then $(CYGPATH_W) 'network/receiver.c'; else $(CYGPATH_W) '$(srcdir)/network/receiver.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/receiver.Tpo" "$(DEPDIR)/receiver.Po"; else rm -f "$(DEPDIR)/receiver.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT receiver.obj -MD -MP -MF $(DEPDIR)/receiver.Tpo -c -o receiver.obj `if test -f 'network/receiver.c'; then $(CYGPATH_W) 'network/receiver.c'; else $(CYGPATH_W) '$(srcdir)/network/receiver.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/receiver.Tpo $(DEPDIR)/receiver.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='network/receiver.c' object='receiver.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o receiver.obj `if test -f 'network/receiver.c'; then $(CYGPATH_W) 'network/receiver.c'; else $(CYGPATH_W) '$(srcdir)/network/receiver.c'; fi` sender.o: network/sender.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT sender.o -MD -MP -MF "$(DEPDIR)/sender.Tpo" -c -o sender.o `test -f 'network/sender.c' || echo '$(srcdir)/'`network/sender.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/sender.Tpo" "$(DEPDIR)/sender.Po"; else rm -f "$(DEPDIR)/sender.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT sender.o -MD -MP -MF $(DEPDIR)/sender.Tpo -c -o sender.o `test -f 'network/sender.c' || echo '$(srcdir)/'`network/sender.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/sender.Tpo $(DEPDIR)/sender.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='network/sender.c' object='sender.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o sender.o `test -f 'network/sender.c' || echo '$(srcdir)/'`network/sender.c sender.obj: network/sender.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT sender.obj -MD -MP -MF "$(DEPDIR)/sender.Tpo" -c -o sender.obj `if test -f 'network/sender.c'; then $(CYGPATH_W) 'network/sender.c'; else $(CYGPATH_W) '$(srcdir)/network/sender.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/sender.Tpo" "$(DEPDIR)/sender.Po"; else rm -f "$(DEPDIR)/sender.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT sender.obj -MD -MP -MF $(DEPDIR)/sender.Tpo -c -o sender.obj `if test -f 'network/sender.c'; then $(CYGPATH_W) 'network/sender.c'; else $(CYGPATH_W) '$(srcdir)/network/sender.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/sender.Tpo $(DEPDIR)/sender.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='network/sender.c' object='sender.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o sender.obj `if test -f 'network/sender.c'; then $(CYGPATH_W) 'network/sender.c'; else $(CYGPATH_W) '$(srcdir)/network/sender.c'; fi` socket.o: network/socket.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT socket.o -MD -MP -MF "$(DEPDIR)/socket.Tpo" -c -o socket.o `test -f 'network/socket.c' || echo '$(srcdir)/'`network/socket.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/socket.Tpo" "$(DEPDIR)/socket.Po"; else rm -f "$(DEPDIR)/socket.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT socket.o -MD -MP -MF $(DEPDIR)/socket.Tpo -c -o socket.o `test -f 'network/socket.c' || echo '$(srcdir)/'`network/socket.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/socket.Tpo $(DEPDIR)/socket.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='network/socket.c' object='socket.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o socket.o `test -f 'network/socket.c' || echo '$(srcdir)/'`network/socket.c socket.obj: network/socket.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT socket.obj -MD -MP -MF "$(DEPDIR)/socket.Tpo" -c -o socket.obj `if test -f 'network/socket.c'; then $(CYGPATH_W) 'network/socket.c'; else $(CYGPATH_W) '$(srcdir)/network/socket.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/socket.Tpo" "$(DEPDIR)/socket.Po"; else rm -f "$(DEPDIR)/socket.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT socket.obj -MD -MP -MF $(DEPDIR)/socket.Tpo -c -o socket.obj `if test -f 'network/socket.c'; then $(CYGPATH_W) 'network/socket.c'; else $(CYGPATH_W) '$(srcdir)/network/socket.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/socket.Tpo $(DEPDIR)/socket.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='network/socket.c' object='socket.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o socket.obj `if test -f 'network/socket.c'; then $(CYGPATH_W) 'network/socket.c'; else $(CYGPATH_W) '$(srcdir)/network/socket.c'; fi` acquire_job.o: processing/jobs/acquire_job.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT acquire_job.o -MD -MP -MF "$(DEPDIR)/acquire_job.Tpo" -c -o acquire_job.o `test -f 'processing/jobs/acquire_job.c' || echo '$(srcdir)/'`processing/jobs/acquire_job.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/acquire_job.Tpo" "$(DEPDIR)/acquire_job.Po"; else rm -f "$(DEPDIR)/acquire_job.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT acquire_job.o -MD -MP -MF $(DEPDIR)/acquire_job.Tpo -c -o acquire_job.o `test -f 'processing/jobs/acquire_job.c' || echo '$(srcdir)/'`processing/jobs/acquire_job.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/acquire_job.Tpo $(DEPDIR)/acquire_job.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='processing/jobs/acquire_job.c' object='acquire_job.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o acquire_job.o `test -f 'processing/jobs/acquire_job.c' || echo '$(srcdir)/'`processing/jobs/acquire_job.c acquire_job.obj: processing/jobs/acquire_job.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT acquire_job.obj -MD -MP -MF "$(DEPDIR)/acquire_job.Tpo" -c -o acquire_job.obj `if test -f 'processing/jobs/acquire_job.c'; then $(CYGPATH_W) 'processing/jobs/acquire_job.c'; else $(CYGPATH_W) '$(srcdir)/processing/jobs/acquire_job.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/acquire_job.Tpo" "$(DEPDIR)/acquire_job.Po"; else rm -f "$(DEPDIR)/acquire_job.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT acquire_job.obj -MD -MP -MF $(DEPDIR)/acquire_job.Tpo -c -o acquire_job.obj `if test -f 'processing/jobs/acquire_job.c'; then $(CYGPATH_W) 'processing/jobs/acquire_job.c'; else $(CYGPATH_W) '$(srcdir)/processing/jobs/acquire_job.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/acquire_job.Tpo $(DEPDIR)/acquire_job.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='processing/jobs/acquire_job.c' object='acquire_job.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o acquire_job.obj `if test -f 'processing/jobs/acquire_job.c'; then $(CYGPATH_W) 'processing/jobs/acquire_job.c'; else $(CYGPATH_W) '$(srcdir)/processing/jobs/acquire_job.c'; fi` callback_job.o: processing/jobs/callback_job.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT callback_job.o -MD -MP -MF "$(DEPDIR)/callback_job.Tpo" -c -o callback_job.o `test -f 'processing/jobs/callback_job.c' || echo '$(srcdir)/'`processing/jobs/callback_job.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/callback_job.Tpo" "$(DEPDIR)/callback_job.Po"; else rm -f "$(DEPDIR)/callback_job.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT callback_job.o -MD -MP -MF $(DEPDIR)/callback_job.Tpo -c -o callback_job.o `test -f 'processing/jobs/callback_job.c' || echo '$(srcdir)/'`processing/jobs/callback_job.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/callback_job.Tpo $(DEPDIR)/callback_job.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='processing/jobs/callback_job.c' object='callback_job.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o callback_job.o `test -f 'processing/jobs/callback_job.c' || echo '$(srcdir)/'`processing/jobs/callback_job.c callback_job.obj: processing/jobs/callback_job.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT callback_job.obj -MD -MP -MF "$(DEPDIR)/callback_job.Tpo" -c -o callback_job.obj `if test -f 'processing/jobs/callback_job.c'; then $(CYGPATH_W) 'processing/jobs/callback_job.c'; else $(CYGPATH_W) '$(srcdir)/processing/jobs/callback_job.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/callback_job.Tpo" "$(DEPDIR)/callback_job.Po"; else rm -f "$(DEPDIR)/callback_job.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT callback_job.obj -MD -MP -MF $(DEPDIR)/callback_job.Tpo -c -o callback_job.obj `if test -f 'processing/jobs/callback_job.c'; then $(CYGPATH_W) 'processing/jobs/callback_job.c'; else $(CYGPATH_W) '$(srcdir)/processing/jobs/callback_job.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/callback_job.Tpo $(DEPDIR)/callback_job.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='processing/jobs/callback_job.c' object='callback_job.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o callback_job.obj `if test -f 'processing/jobs/callback_job.c'; then $(CYGPATH_W) 'processing/jobs/callback_job.c'; else $(CYGPATH_W) '$(srcdir)/processing/jobs/callback_job.c'; fi` delete_child_sa_job.o: processing/jobs/delete_child_sa_job.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT delete_child_sa_job.o -MD -MP -MF "$(DEPDIR)/delete_child_sa_job.Tpo" -c -o delete_child_sa_job.o `test -f 'processing/jobs/delete_child_sa_job.c' || echo '$(srcdir)/'`processing/jobs/delete_child_sa_job.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/delete_child_sa_job.Tpo" "$(DEPDIR)/delete_child_sa_job.Po"; else rm -f "$(DEPDIR)/delete_child_sa_job.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT delete_child_sa_job.o -MD -MP -MF $(DEPDIR)/delete_child_sa_job.Tpo -c -o delete_child_sa_job.o `test -f 'processing/jobs/delete_child_sa_job.c' || echo '$(srcdir)/'`processing/jobs/delete_child_sa_job.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/delete_child_sa_job.Tpo $(DEPDIR)/delete_child_sa_job.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='processing/jobs/delete_child_sa_job.c' object='delete_child_sa_job.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o delete_child_sa_job.o `test -f 'processing/jobs/delete_child_sa_job.c' || echo '$(srcdir)/'`processing/jobs/delete_child_sa_job.c delete_child_sa_job.obj: processing/jobs/delete_child_sa_job.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT delete_child_sa_job.obj -MD -MP -MF "$(DEPDIR)/delete_child_sa_job.Tpo" -c -o delete_child_sa_job.obj `if test -f 'processing/jobs/delete_child_sa_job.c'; then $(CYGPATH_W) 'processing/jobs/delete_child_sa_job.c'; else $(CYGPATH_W) '$(srcdir)/processing/jobs/delete_child_sa_job.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/delete_child_sa_job.Tpo" "$(DEPDIR)/delete_child_sa_job.Po"; else rm -f "$(DEPDIR)/delete_child_sa_job.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT delete_child_sa_job.obj -MD -MP -MF $(DEPDIR)/delete_child_sa_job.Tpo -c -o delete_child_sa_job.obj `if test -f 'processing/jobs/delete_child_sa_job.c'; then $(CYGPATH_W) 'processing/jobs/delete_child_sa_job.c'; else $(CYGPATH_W) '$(srcdir)/processing/jobs/delete_child_sa_job.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/delete_child_sa_job.Tpo $(DEPDIR)/delete_child_sa_job.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='processing/jobs/delete_child_sa_job.c' object='delete_child_sa_job.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o delete_child_sa_job.obj `if test -f 'processing/jobs/delete_child_sa_job.c'; then $(CYGPATH_W) 'processing/jobs/delete_child_sa_job.c'; else $(CYGPATH_W) '$(srcdir)/processing/jobs/delete_child_sa_job.c'; fi` delete_ike_sa_job.o: processing/jobs/delete_ike_sa_job.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT delete_ike_sa_job.o -MD -MP -MF "$(DEPDIR)/delete_ike_sa_job.Tpo" -c -o delete_ike_sa_job.o `test -f 'processing/jobs/delete_ike_sa_job.c' || echo '$(srcdir)/'`processing/jobs/delete_ike_sa_job.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/delete_ike_sa_job.Tpo" "$(DEPDIR)/delete_ike_sa_job.Po"; else rm -f "$(DEPDIR)/delete_ike_sa_job.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT delete_ike_sa_job.o -MD -MP -MF $(DEPDIR)/delete_ike_sa_job.Tpo -c -o delete_ike_sa_job.o `test -f 'processing/jobs/delete_ike_sa_job.c' || echo '$(srcdir)/'`processing/jobs/delete_ike_sa_job.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/delete_ike_sa_job.Tpo $(DEPDIR)/delete_ike_sa_job.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='processing/jobs/delete_ike_sa_job.c' object='delete_ike_sa_job.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o delete_ike_sa_job.o `test -f 'processing/jobs/delete_ike_sa_job.c' || echo '$(srcdir)/'`processing/jobs/delete_ike_sa_job.c delete_ike_sa_job.obj: processing/jobs/delete_ike_sa_job.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT delete_ike_sa_job.obj -MD -MP -MF "$(DEPDIR)/delete_ike_sa_job.Tpo" -c -o delete_ike_sa_job.obj `if test -f 'processing/jobs/delete_ike_sa_job.c'; then $(CYGPATH_W) 'processing/jobs/delete_ike_sa_job.c'; else $(CYGPATH_W) '$(srcdir)/processing/jobs/delete_ike_sa_job.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/delete_ike_sa_job.Tpo" "$(DEPDIR)/delete_ike_sa_job.Po"; else rm -f "$(DEPDIR)/delete_ike_sa_job.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT delete_ike_sa_job.obj -MD -MP -MF $(DEPDIR)/delete_ike_sa_job.Tpo -c -o delete_ike_sa_job.obj `if test -f 'processing/jobs/delete_ike_sa_job.c'; then $(CYGPATH_W) 'processing/jobs/delete_ike_sa_job.c'; else $(CYGPATH_W) '$(srcdir)/processing/jobs/delete_ike_sa_job.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/delete_ike_sa_job.Tpo $(DEPDIR)/delete_ike_sa_job.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='processing/jobs/delete_ike_sa_job.c' object='delete_ike_sa_job.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o delete_ike_sa_job.obj `if test -f 'processing/jobs/delete_ike_sa_job.c'; then $(CYGPATH_W) 'processing/jobs/delete_ike_sa_job.c'; else $(CYGPATH_W) '$(srcdir)/processing/jobs/delete_ike_sa_job.c'; fi` process_message_job.o: processing/jobs/process_message_job.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT process_message_job.o -MD -MP -MF "$(DEPDIR)/process_message_job.Tpo" -c -o process_message_job.o `test -f 'processing/jobs/process_message_job.c' || echo '$(srcdir)/'`processing/jobs/process_message_job.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/process_message_job.Tpo" "$(DEPDIR)/process_message_job.Po"; else rm -f "$(DEPDIR)/process_message_job.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT process_message_job.o -MD -MP -MF $(DEPDIR)/process_message_job.Tpo -c -o process_message_job.o `test -f 'processing/jobs/process_message_job.c' || echo '$(srcdir)/'`processing/jobs/process_message_job.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/process_message_job.Tpo $(DEPDIR)/process_message_job.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='processing/jobs/process_message_job.c' object='process_message_job.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o process_message_job.o `test -f 'processing/jobs/process_message_job.c' || echo '$(srcdir)/'`processing/jobs/process_message_job.c process_message_job.obj: processing/jobs/process_message_job.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT process_message_job.obj -MD -MP -MF "$(DEPDIR)/process_message_job.Tpo" -c -o process_message_job.obj `if test -f 'processing/jobs/process_message_job.c'; then $(CYGPATH_W) 'processing/jobs/process_message_job.c'; else $(CYGPATH_W) '$(srcdir)/processing/jobs/process_message_job.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/process_message_job.Tpo" "$(DEPDIR)/process_message_job.Po"; else rm -f "$(DEPDIR)/process_message_job.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT process_message_job.obj -MD -MP -MF $(DEPDIR)/process_message_job.Tpo -c -o process_message_job.obj `if test -f 'processing/jobs/process_message_job.c'; then $(CYGPATH_W) 'processing/jobs/process_message_job.c'; else $(CYGPATH_W) '$(srcdir)/processing/jobs/process_message_job.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/process_message_job.Tpo $(DEPDIR)/process_message_job.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='processing/jobs/process_message_job.c' object='process_message_job.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o process_message_job.obj `if test -f 'processing/jobs/process_message_job.c'; then $(CYGPATH_W) 'processing/jobs/process_message_job.c'; else $(CYGPATH_W) '$(srcdir)/processing/jobs/process_message_job.c'; fi` rekey_child_sa_job.o: processing/jobs/rekey_child_sa_job.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT rekey_child_sa_job.o -MD -MP -MF "$(DEPDIR)/rekey_child_sa_job.Tpo" -c -o rekey_child_sa_job.o `test -f 'processing/jobs/rekey_child_sa_job.c' || echo '$(srcdir)/'`processing/jobs/rekey_child_sa_job.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/rekey_child_sa_job.Tpo" "$(DEPDIR)/rekey_child_sa_job.Po"; else rm -f "$(DEPDIR)/rekey_child_sa_job.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT rekey_child_sa_job.o -MD -MP -MF $(DEPDIR)/rekey_child_sa_job.Tpo -c -o rekey_child_sa_job.o `test -f 'processing/jobs/rekey_child_sa_job.c' || echo '$(srcdir)/'`processing/jobs/rekey_child_sa_job.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/rekey_child_sa_job.Tpo $(DEPDIR)/rekey_child_sa_job.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='processing/jobs/rekey_child_sa_job.c' object='rekey_child_sa_job.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o rekey_child_sa_job.o `test -f 'processing/jobs/rekey_child_sa_job.c' || echo '$(srcdir)/'`processing/jobs/rekey_child_sa_job.c rekey_child_sa_job.obj: processing/jobs/rekey_child_sa_job.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT rekey_child_sa_job.obj -MD -MP -MF "$(DEPDIR)/rekey_child_sa_job.Tpo" -c -o rekey_child_sa_job.obj `if test -f 'processing/jobs/rekey_child_sa_job.c'; then $(CYGPATH_W) 'processing/jobs/rekey_child_sa_job.c'; else $(CYGPATH_W) '$(srcdir)/processing/jobs/rekey_child_sa_job.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/rekey_child_sa_job.Tpo" "$(DEPDIR)/rekey_child_sa_job.Po"; else rm -f "$(DEPDIR)/rekey_child_sa_job.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT rekey_child_sa_job.obj -MD -MP -MF $(DEPDIR)/rekey_child_sa_job.Tpo -c -o rekey_child_sa_job.obj `if test -f 'processing/jobs/rekey_child_sa_job.c'; then $(CYGPATH_W) 'processing/jobs/rekey_child_sa_job.c'; else $(CYGPATH_W) '$(srcdir)/processing/jobs/rekey_child_sa_job.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/rekey_child_sa_job.Tpo $(DEPDIR)/rekey_child_sa_job.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='processing/jobs/rekey_child_sa_job.c' object='rekey_child_sa_job.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o rekey_child_sa_job.obj `if test -f 'processing/jobs/rekey_child_sa_job.c'; then $(CYGPATH_W) 'processing/jobs/rekey_child_sa_job.c'; else $(CYGPATH_W) '$(srcdir)/processing/jobs/rekey_child_sa_job.c'; fi` rekey_ike_sa_job.o: processing/jobs/rekey_ike_sa_job.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT rekey_ike_sa_job.o -MD -MP -MF "$(DEPDIR)/rekey_ike_sa_job.Tpo" -c -o rekey_ike_sa_job.o `test -f 'processing/jobs/rekey_ike_sa_job.c' || echo '$(srcdir)/'`processing/jobs/rekey_ike_sa_job.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/rekey_ike_sa_job.Tpo" "$(DEPDIR)/rekey_ike_sa_job.Po"; else rm -f "$(DEPDIR)/rekey_ike_sa_job.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT rekey_ike_sa_job.o -MD -MP -MF $(DEPDIR)/rekey_ike_sa_job.Tpo -c -o rekey_ike_sa_job.o `test -f 'processing/jobs/rekey_ike_sa_job.c' || echo '$(srcdir)/'`processing/jobs/rekey_ike_sa_job.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/rekey_ike_sa_job.Tpo $(DEPDIR)/rekey_ike_sa_job.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='processing/jobs/rekey_ike_sa_job.c' object='rekey_ike_sa_job.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o rekey_ike_sa_job.o `test -f 'processing/jobs/rekey_ike_sa_job.c' || echo '$(srcdir)/'`processing/jobs/rekey_ike_sa_job.c rekey_ike_sa_job.obj: processing/jobs/rekey_ike_sa_job.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT rekey_ike_sa_job.obj -MD -MP -MF "$(DEPDIR)/rekey_ike_sa_job.Tpo" -c -o rekey_ike_sa_job.obj `if test -f 'processing/jobs/rekey_ike_sa_job.c'; then $(CYGPATH_W) 'processing/jobs/rekey_ike_sa_job.c'; else $(CYGPATH_W) '$(srcdir)/processing/jobs/rekey_ike_sa_job.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/rekey_ike_sa_job.Tpo" "$(DEPDIR)/rekey_ike_sa_job.Po"; else rm -f "$(DEPDIR)/rekey_ike_sa_job.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT rekey_ike_sa_job.obj -MD -MP -MF $(DEPDIR)/rekey_ike_sa_job.Tpo -c -o rekey_ike_sa_job.obj `if test -f 'processing/jobs/rekey_ike_sa_job.c'; then $(CYGPATH_W) 'processing/jobs/rekey_ike_sa_job.c'; else $(CYGPATH_W) '$(srcdir)/processing/jobs/rekey_ike_sa_job.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/rekey_ike_sa_job.Tpo $(DEPDIR)/rekey_ike_sa_job.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='processing/jobs/rekey_ike_sa_job.c' object='rekey_ike_sa_job.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o rekey_ike_sa_job.obj `if test -f 'processing/jobs/rekey_ike_sa_job.c'; then $(CYGPATH_W) 'processing/jobs/rekey_ike_sa_job.c'; else $(CYGPATH_W) '$(srcdir)/processing/jobs/rekey_ike_sa_job.c'; fi` retransmit_job.o: processing/jobs/retransmit_job.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT retransmit_job.o -MD -MP -MF "$(DEPDIR)/retransmit_job.Tpo" -c -o retransmit_job.o `test -f 'processing/jobs/retransmit_job.c' || echo '$(srcdir)/'`processing/jobs/retransmit_job.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/retransmit_job.Tpo" "$(DEPDIR)/retransmit_job.Po"; else rm -f "$(DEPDIR)/retransmit_job.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT retransmit_job.o -MD -MP -MF $(DEPDIR)/retransmit_job.Tpo -c -o retransmit_job.o `test -f 'processing/jobs/retransmit_job.c' || echo '$(srcdir)/'`processing/jobs/retransmit_job.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/retransmit_job.Tpo $(DEPDIR)/retransmit_job.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='processing/jobs/retransmit_job.c' object='retransmit_job.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o retransmit_job.o `test -f 'processing/jobs/retransmit_job.c' || echo '$(srcdir)/'`processing/jobs/retransmit_job.c retransmit_job.obj: processing/jobs/retransmit_job.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT retransmit_job.obj -MD -MP -MF "$(DEPDIR)/retransmit_job.Tpo" -c -o retransmit_job.obj `if test -f 'processing/jobs/retransmit_job.c'; then $(CYGPATH_W) 'processing/jobs/retransmit_job.c'; else $(CYGPATH_W) '$(srcdir)/processing/jobs/retransmit_job.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/retransmit_job.Tpo" "$(DEPDIR)/retransmit_job.Po"; else rm -f "$(DEPDIR)/retransmit_job.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT retransmit_job.obj -MD -MP -MF $(DEPDIR)/retransmit_job.Tpo -c -o retransmit_job.obj `if test -f 'processing/jobs/retransmit_job.c'; then $(CYGPATH_W) 'processing/jobs/retransmit_job.c'; else $(CYGPATH_W) '$(srcdir)/processing/jobs/retransmit_job.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/retransmit_job.Tpo $(DEPDIR)/retransmit_job.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='processing/jobs/retransmit_job.c' object='retransmit_job.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o retransmit_job.obj `if test -f 'processing/jobs/retransmit_job.c'; then $(CYGPATH_W) 'processing/jobs/retransmit_job.c'; else $(CYGPATH_W) '$(srcdir)/processing/jobs/retransmit_job.c'; fi` send_dpd_job.o: processing/jobs/send_dpd_job.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT send_dpd_job.o -MD -MP -MF "$(DEPDIR)/send_dpd_job.Tpo" -c -o send_dpd_job.o `test -f 'processing/jobs/send_dpd_job.c' || echo '$(srcdir)/'`processing/jobs/send_dpd_job.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/send_dpd_job.Tpo" "$(DEPDIR)/send_dpd_job.Po"; else rm -f "$(DEPDIR)/send_dpd_job.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT send_dpd_job.o -MD -MP -MF $(DEPDIR)/send_dpd_job.Tpo -c -o send_dpd_job.o `test -f 'processing/jobs/send_dpd_job.c' || echo '$(srcdir)/'`processing/jobs/send_dpd_job.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/send_dpd_job.Tpo $(DEPDIR)/send_dpd_job.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='processing/jobs/send_dpd_job.c' object='send_dpd_job.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o send_dpd_job.o `test -f 'processing/jobs/send_dpd_job.c' || echo '$(srcdir)/'`processing/jobs/send_dpd_job.c send_dpd_job.obj: processing/jobs/send_dpd_job.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT send_dpd_job.obj -MD -MP -MF "$(DEPDIR)/send_dpd_job.Tpo" -c -o send_dpd_job.obj `if test -f 'processing/jobs/send_dpd_job.c'; then $(CYGPATH_W) 'processing/jobs/send_dpd_job.c'; else $(CYGPATH_W) '$(srcdir)/processing/jobs/send_dpd_job.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/send_dpd_job.Tpo" "$(DEPDIR)/send_dpd_job.Po"; else rm -f "$(DEPDIR)/send_dpd_job.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT send_dpd_job.obj -MD -MP -MF $(DEPDIR)/send_dpd_job.Tpo -c -o send_dpd_job.obj `if test -f 'processing/jobs/send_dpd_job.c'; then $(CYGPATH_W) 'processing/jobs/send_dpd_job.c'; else $(CYGPATH_W) '$(srcdir)/processing/jobs/send_dpd_job.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/send_dpd_job.Tpo $(DEPDIR)/send_dpd_job.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='processing/jobs/send_dpd_job.c' object='send_dpd_job.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o send_dpd_job.obj `if test -f 'processing/jobs/send_dpd_job.c'; then $(CYGPATH_W) 'processing/jobs/send_dpd_job.c'; else $(CYGPATH_W) '$(srcdir)/processing/jobs/send_dpd_job.c'; fi` send_keepalive_job.o: processing/jobs/send_keepalive_job.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT send_keepalive_job.o -MD -MP -MF "$(DEPDIR)/send_keepalive_job.Tpo" -c -o send_keepalive_job.o `test -f 'processing/jobs/send_keepalive_job.c' || echo '$(srcdir)/'`processing/jobs/send_keepalive_job.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/send_keepalive_job.Tpo" "$(DEPDIR)/send_keepalive_job.Po"; else rm -f "$(DEPDIR)/send_keepalive_job.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT send_keepalive_job.o -MD -MP -MF $(DEPDIR)/send_keepalive_job.Tpo -c -o send_keepalive_job.o `test -f 'processing/jobs/send_keepalive_job.c' || echo '$(srcdir)/'`processing/jobs/send_keepalive_job.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/send_keepalive_job.Tpo $(DEPDIR)/send_keepalive_job.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='processing/jobs/send_keepalive_job.c' object='send_keepalive_job.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o send_keepalive_job.o `test -f 'processing/jobs/send_keepalive_job.c' || echo '$(srcdir)/'`processing/jobs/send_keepalive_job.c send_keepalive_job.obj: processing/jobs/send_keepalive_job.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT send_keepalive_job.obj -MD -MP -MF "$(DEPDIR)/send_keepalive_job.Tpo" -c -o send_keepalive_job.obj `if test -f 'processing/jobs/send_keepalive_job.c'; then $(CYGPATH_W) 'processing/jobs/send_keepalive_job.c'; else $(CYGPATH_W) '$(srcdir)/processing/jobs/send_keepalive_job.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/send_keepalive_job.Tpo" "$(DEPDIR)/send_keepalive_job.Po"; else rm -f "$(DEPDIR)/send_keepalive_job.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT send_keepalive_job.obj -MD -MP -MF $(DEPDIR)/send_keepalive_job.Tpo -c -o send_keepalive_job.obj `if test -f 'processing/jobs/send_keepalive_job.c'; then $(CYGPATH_W) 'processing/jobs/send_keepalive_job.c'; else $(CYGPATH_W) '$(srcdir)/processing/jobs/send_keepalive_job.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/send_keepalive_job.Tpo $(DEPDIR)/send_keepalive_job.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='processing/jobs/send_keepalive_job.c' object='send_keepalive_job.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o send_keepalive_job.obj `if test -f 'processing/jobs/send_keepalive_job.c'; then $(CYGPATH_W) 'processing/jobs/send_keepalive_job.c'; else $(CYGPATH_W) '$(srcdir)/processing/jobs/send_keepalive_job.c'; fi` roam_job.o: processing/jobs/roam_job.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT roam_job.o -MD -MP -MF "$(DEPDIR)/roam_job.Tpo" -c -o roam_job.o `test -f 'processing/jobs/roam_job.c' || echo '$(srcdir)/'`processing/jobs/roam_job.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/roam_job.Tpo" "$(DEPDIR)/roam_job.Po"; else rm -f "$(DEPDIR)/roam_job.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT roam_job.o -MD -MP -MF $(DEPDIR)/roam_job.Tpo -c -o roam_job.o `test -f 'processing/jobs/roam_job.c' || echo '$(srcdir)/'`processing/jobs/roam_job.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/roam_job.Tpo $(DEPDIR)/roam_job.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='processing/jobs/roam_job.c' object='roam_job.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o roam_job.o `test -f 'processing/jobs/roam_job.c' || echo '$(srcdir)/'`processing/jobs/roam_job.c roam_job.obj: processing/jobs/roam_job.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT roam_job.obj -MD -MP -MF "$(DEPDIR)/roam_job.Tpo" -c -o roam_job.obj `if test -f 'processing/jobs/roam_job.c'; then $(CYGPATH_W) 'processing/jobs/roam_job.c'; else $(CYGPATH_W) '$(srcdir)/processing/jobs/roam_job.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/roam_job.Tpo" "$(DEPDIR)/roam_job.Po"; else rm -f "$(DEPDIR)/roam_job.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT roam_job.obj -MD -MP -MF $(DEPDIR)/roam_job.Tpo -c -o roam_job.obj `if test -f 'processing/jobs/roam_job.c'; then $(CYGPATH_W) 'processing/jobs/roam_job.c'; else $(CYGPATH_W) '$(srcdir)/processing/jobs/roam_job.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/roam_job.Tpo $(DEPDIR)/roam_job.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='processing/jobs/roam_job.c' object='roam_job.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o roam_job.obj `if test -f 'processing/jobs/roam_job.c'; then $(CYGPATH_W) 'processing/jobs/roam_job.c'; else $(CYGPATH_W) '$(srcdir)/processing/jobs/roam_job.c'; fi` scheduler.o: processing/scheduler.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT scheduler.o -MD -MP -MF "$(DEPDIR)/scheduler.Tpo" -c -o scheduler.o `test -f 'processing/scheduler.c' || echo '$(srcdir)/'`processing/scheduler.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/scheduler.Tpo" "$(DEPDIR)/scheduler.Po"; else rm -f "$(DEPDIR)/scheduler.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT scheduler.o -MD -MP -MF $(DEPDIR)/scheduler.Tpo -c -o scheduler.o `test -f 'processing/scheduler.c' || echo '$(srcdir)/'`processing/scheduler.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/scheduler.Tpo $(DEPDIR)/scheduler.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='processing/scheduler.c' object='scheduler.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o scheduler.o `test -f 'processing/scheduler.c' || echo '$(srcdir)/'`processing/scheduler.c scheduler.obj: processing/scheduler.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT scheduler.obj -MD -MP -MF "$(DEPDIR)/scheduler.Tpo" -c -o scheduler.obj `if test -f 'processing/scheduler.c'; then $(CYGPATH_W) 'processing/scheduler.c'; else $(CYGPATH_W) '$(srcdir)/processing/scheduler.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/scheduler.Tpo" "$(DEPDIR)/scheduler.Po"; else rm -f "$(DEPDIR)/scheduler.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT scheduler.obj -MD -MP -MF $(DEPDIR)/scheduler.Tpo -c -o scheduler.obj `if test -f 'processing/scheduler.c'; then $(CYGPATH_W) 'processing/scheduler.c'; else $(CYGPATH_W) '$(srcdir)/processing/scheduler.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/scheduler.Tpo $(DEPDIR)/scheduler.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='processing/scheduler.c' object='scheduler.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o scheduler.obj `if test -f 'processing/scheduler.c'; then $(CYGPATH_W) 'processing/scheduler.c'; else $(CYGPATH_W) '$(srcdir)/processing/scheduler.c'; fi` processor.o: processing/processor.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT processor.o -MD -MP -MF "$(DEPDIR)/processor.Tpo" -c -o processor.o `test -f 'processing/processor.c' || echo '$(srcdir)/'`processing/processor.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/processor.Tpo" "$(DEPDIR)/processor.Po"; else rm -f "$(DEPDIR)/processor.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT processor.o -MD -MP -MF $(DEPDIR)/processor.Tpo -c -o processor.o `test -f 'processing/processor.c' || echo '$(srcdir)/'`processing/processor.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/processor.Tpo $(DEPDIR)/processor.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='processing/processor.c' object='processor.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o processor.o `test -f 'processing/processor.c' || echo '$(srcdir)/'`processing/processor.c processor.obj: processing/processor.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT processor.obj -MD -MP -MF "$(DEPDIR)/processor.Tpo" -c -o processor.obj `if test -f 'processing/processor.c'; then $(CYGPATH_W) 'processing/processor.c'; else $(CYGPATH_W) '$(srcdir)/processing/processor.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/processor.Tpo" "$(DEPDIR)/processor.Po"; else rm -f "$(DEPDIR)/processor.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT processor.obj -MD -MP -MF $(DEPDIR)/processor.Tpo -c -o processor.obj `if test -f 'processing/processor.c'; then $(CYGPATH_W) 'processing/processor.c'; else $(CYGPATH_W) '$(srcdir)/processing/processor.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/processor.Tpo $(DEPDIR)/processor.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='processing/processor.c' object='processor.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o processor.obj `if test -f 'processing/processor.c'; then $(CYGPATH_W) 'processing/processor.c'; else $(CYGPATH_W) '$(srcdir)/processing/processor.c'; fi` authenticator.o: sa/authenticators/authenticator.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT authenticator.o -MD -MP -MF "$(DEPDIR)/authenticator.Tpo" -c -o authenticator.o `test -f 'sa/authenticators/authenticator.c' || echo '$(srcdir)/'`sa/authenticators/authenticator.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/authenticator.Tpo" "$(DEPDIR)/authenticator.Po"; else rm -f "$(DEPDIR)/authenticator.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT authenticator.o -MD -MP -MF $(DEPDIR)/authenticator.Tpo -c -o authenticator.o `test -f 'sa/authenticators/authenticator.c' || echo '$(srcdir)/'`sa/authenticators/authenticator.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/authenticator.Tpo $(DEPDIR)/authenticator.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/authenticators/authenticator.c' object='authenticator.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o authenticator.o `test -f 'sa/authenticators/authenticator.c' || echo '$(srcdir)/'`sa/authenticators/authenticator.c authenticator.obj: sa/authenticators/authenticator.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT authenticator.obj -MD -MP -MF "$(DEPDIR)/authenticator.Tpo" -c -o authenticator.obj `if test -f 'sa/authenticators/authenticator.c'; then $(CYGPATH_W) 'sa/authenticators/authenticator.c'; else $(CYGPATH_W) '$(srcdir)/sa/authenticators/authenticator.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/authenticator.Tpo" "$(DEPDIR)/authenticator.Po"; else rm -f "$(DEPDIR)/authenticator.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT authenticator.obj -MD -MP -MF $(DEPDIR)/authenticator.Tpo -c -o authenticator.obj `if test -f 'sa/authenticators/authenticator.c'; then $(CYGPATH_W) 'sa/authenticators/authenticator.c'; else $(CYGPATH_W) '$(srcdir)/sa/authenticators/authenticator.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/authenticator.Tpo $(DEPDIR)/authenticator.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/authenticators/authenticator.c' object='authenticator.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o authenticator.obj `if test -f 'sa/authenticators/authenticator.c'; then $(CYGPATH_W) 'sa/authenticators/authenticator.c'; else $(CYGPATH_W) '$(srcdir)/sa/authenticators/authenticator.c'; fi` eap_authenticator.o: sa/authenticators/eap_authenticator.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT eap_authenticator.o -MD -MP -MF "$(DEPDIR)/eap_authenticator.Tpo" -c -o eap_authenticator.o `test -f 'sa/authenticators/eap_authenticator.c' || echo '$(srcdir)/'`sa/authenticators/eap_authenticator.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/eap_authenticator.Tpo" "$(DEPDIR)/eap_authenticator.Po"; else rm -f "$(DEPDIR)/eap_authenticator.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT eap_authenticator.o -MD -MP -MF $(DEPDIR)/eap_authenticator.Tpo -c -o eap_authenticator.o `test -f 'sa/authenticators/eap_authenticator.c' || echo '$(srcdir)/'`sa/authenticators/eap_authenticator.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/eap_authenticator.Tpo $(DEPDIR)/eap_authenticator.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/authenticators/eap_authenticator.c' object='eap_authenticator.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o eap_authenticator.o `test -f 'sa/authenticators/eap_authenticator.c' || echo '$(srcdir)/'`sa/authenticators/eap_authenticator.c eap_authenticator.obj: sa/authenticators/eap_authenticator.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT eap_authenticator.obj -MD -MP -MF "$(DEPDIR)/eap_authenticator.Tpo" -c -o eap_authenticator.obj `if test -f 'sa/authenticators/eap_authenticator.c'; then $(CYGPATH_W) 'sa/authenticators/eap_authenticator.c'; else $(CYGPATH_W) '$(srcdir)/sa/authenticators/eap_authenticator.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/eap_authenticator.Tpo" "$(DEPDIR)/eap_authenticator.Po"; else rm -f "$(DEPDIR)/eap_authenticator.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT eap_authenticator.obj -MD -MP -MF $(DEPDIR)/eap_authenticator.Tpo -c -o eap_authenticator.obj `if test -f 'sa/authenticators/eap_authenticator.c'; then $(CYGPATH_W) 'sa/authenticators/eap_authenticator.c'; else $(CYGPATH_W) '$(srcdir)/sa/authenticators/eap_authenticator.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/eap_authenticator.Tpo $(DEPDIR)/eap_authenticator.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/authenticators/eap_authenticator.c' object='eap_authenticator.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o eap_authenticator.obj `if test -f 'sa/authenticators/eap_authenticator.c'; then $(CYGPATH_W) 'sa/authenticators/eap_authenticator.c'; else $(CYGPATH_W) '$(srcdir)/sa/authenticators/eap_authenticator.c'; fi` eap_method.o: sa/authenticators/eap/eap_method.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT eap_method.o -MD -MP -MF "$(DEPDIR)/eap_method.Tpo" -c -o eap_method.o `test -f 'sa/authenticators/eap/eap_method.c' || echo '$(srcdir)/'`sa/authenticators/eap/eap_method.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/eap_method.Tpo" "$(DEPDIR)/eap_method.Po"; else rm -f "$(DEPDIR)/eap_method.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT eap_method.o -MD -MP -MF $(DEPDIR)/eap_method.Tpo -c -o eap_method.o `test -f 'sa/authenticators/eap/eap_method.c' || echo '$(srcdir)/'`sa/authenticators/eap/eap_method.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/eap_method.Tpo $(DEPDIR)/eap_method.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/authenticators/eap/eap_method.c' object='eap_method.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o eap_method.o `test -f 'sa/authenticators/eap/eap_method.c' || echo '$(srcdir)/'`sa/authenticators/eap/eap_method.c eap_method.obj: sa/authenticators/eap/eap_method.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT eap_method.obj -MD -MP -MF "$(DEPDIR)/eap_method.Tpo" -c -o eap_method.obj `if test -f 'sa/authenticators/eap/eap_method.c'; then $(CYGPATH_W) 'sa/authenticators/eap/eap_method.c'; else $(CYGPATH_W) '$(srcdir)/sa/authenticators/eap/eap_method.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/eap_method.Tpo" "$(DEPDIR)/eap_method.Po"; else rm -f "$(DEPDIR)/eap_method.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT eap_method.obj -MD -MP -MF $(DEPDIR)/eap_method.Tpo -c -o eap_method.obj `if test -f 'sa/authenticators/eap/eap_method.c'; then $(CYGPATH_W) 'sa/authenticators/eap/eap_method.c'; else $(CYGPATH_W) '$(srcdir)/sa/authenticators/eap/eap_method.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/eap_method.Tpo $(DEPDIR)/eap_method.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/authenticators/eap/eap_method.c' object='eap_method.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o eap_method.obj `if test -f 'sa/authenticators/eap/eap_method.c'; then $(CYGPATH_W) 'sa/authenticators/eap/eap_method.c'; else $(CYGPATH_W) '$(srcdir)/sa/authenticators/eap/eap_method.c'; fi` psk_authenticator.o: sa/authenticators/psk_authenticator.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT psk_authenticator.o -MD -MP -MF "$(DEPDIR)/psk_authenticator.Tpo" -c -o psk_authenticator.o `test -f 'sa/authenticators/psk_authenticator.c' || echo '$(srcdir)/'`sa/authenticators/psk_authenticator.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/psk_authenticator.Tpo" "$(DEPDIR)/psk_authenticator.Po"; else rm -f "$(DEPDIR)/psk_authenticator.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT psk_authenticator.o -MD -MP -MF $(DEPDIR)/psk_authenticator.Tpo -c -o psk_authenticator.o `test -f 'sa/authenticators/psk_authenticator.c' || echo '$(srcdir)/'`sa/authenticators/psk_authenticator.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/psk_authenticator.Tpo $(DEPDIR)/psk_authenticator.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/authenticators/psk_authenticator.c' object='psk_authenticator.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o psk_authenticator.o `test -f 'sa/authenticators/psk_authenticator.c' || echo '$(srcdir)/'`sa/authenticators/psk_authenticator.c psk_authenticator.obj: sa/authenticators/psk_authenticator.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT psk_authenticator.obj -MD -MP -MF "$(DEPDIR)/psk_authenticator.Tpo" -c -o psk_authenticator.obj `if test -f 'sa/authenticators/psk_authenticator.c'; then $(CYGPATH_W) 'sa/authenticators/psk_authenticator.c'; else $(CYGPATH_W) '$(srcdir)/sa/authenticators/psk_authenticator.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/psk_authenticator.Tpo" "$(DEPDIR)/psk_authenticator.Po"; else rm -f "$(DEPDIR)/psk_authenticator.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT psk_authenticator.obj -MD -MP -MF $(DEPDIR)/psk_authenticator.Tpo -c -o psk_authenticator.obj `if test -f 'sa/authenticators/psk_authenticator.c'; then $(CYGPATH_W) 'sa/authenticators/psk_authenticator.c'; else $(CYGPATH_W) '$(srcdir)/sa/authenticators/psk_authenticator.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/psk_authenticator.Tpo $(DEPDIR)/psk_authenticator.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/authenticators/psk_authenticator.c' object='psk_authenticator.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o psk_authenticator.obj `if test -f 'sa/authenticators/psk_authenticator.c'; then $(CYGPATH_W) 'sa/authenticators/psk_authenticator.c'; else $(CYGPATH_W) '$(srcdir)/sa/authenticators/psk_authenticator.c'; fi` rsa_authenticator.o: sa/authenticators/rsa_authenticator.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT rsa_authenticator.o -MD -MP -MF "$(DEPDIR)/rsa_authenticator.Tpo" -c -o rsa_authenticator.o `test -f 'sa/authenticators/rsa_authenticator.c' || echo '$(srcdir)/'`sa/authenticators/rsa_authenticator.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/rsa_authenticator.Tpo" "$(DEPDIR)/rsa_authenticator.Po"; else rm -f "$(DEPDIR)/rsa_authenticator.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT rsa_authenticator.o -MD -MP -MF $(DEPDIR)/rsa_authenticator.Tpo -c -o rsa_authenticator.o `test -f 'sa/authenticators/rsa_authenticator.c' || echo '$(srcdir)/'`sa/authenticators/rsa_authenticator.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/rsa_authenticator.Tpo $(DEPDIR)/rsa_authenticator.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/authenticators/rsa_authenticator.c' object='rsa_authenticator.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o rsa_authenticator.o `test -f 'sa/authenticators/rsa_authenticator.c' || echo '$(srcdir)/'`sa/authenticators/rsa_authenticator.c rsa_authenticator.obj: sa/authenticators/rsa_authenticator.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT rsa_authenticator.obj -MD -MP -MF "$(DEPDIR)/rsa_authenticator.Tpo" -c -o rsa_authenticator.obj `if test -f 'sa/authenticators/rsa_authenticator.c'; then $(CYGPATH_W) 'sa/authenticators/rsa_authenticator.c'; else $(CYGPATH_W) '$(srcdir)/sa/authenticators/rsa_authenticator.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/rsa_authenticator.Tpo" "$(DEPDIR)/rsa_authenticator.Po"; else rm -f "$(DEPDIR)/rsa_authenticator.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT rsa_authenticator.obj -MD -MP -MF $(DEPDIR)/rsa_authenticator.Tpo -c -o rsa_authenticator.obj `if test -f 'sa/authenticators/rsa_authenticator.c'; then $(CYGPATH_W) 'sa/authenticators/rsa_authenticator.c'; else $(CYGPATH_W) '$(srcdir)/sa/authenticators/rsa_authenticator.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/rsa_authenticator.Tpo $(DEPDIR)/rsa_authenticator.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/authenticators/rsa_authenticator.c' object='rsa_authenticator.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o rsa_authenticator.obj `if test -f 'sa/authenticators/rsa_authenticator.c'; then $(CYGPATH_W) 'sa/authenticators/rsa_authenticator.c'; else $(CYGPATH_W) '$(srcdir)/sa/authenticators/rsa_authenticator.c'; fi` child_sa.o: sa/child_sa.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT child_sa.o -MD -MP -MF "$(DEPDIR)/child_sa.Tpo" -c -o child_sa.o `test -f 'sa/child_sa.c' || echo '$(srcdir)/'`sa/child_sa.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/child_sa.Tpo" "$(DEPDIR)/child_sa.Po"; else rm -f "$(DEPDIR)/child_sa.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT child_sa.o -MD -MP -MF $(DEPDIR)/child_sa.Tpo -c -o child_sa.o `test -f 'sa/child_sa.c' || echo '$(srcdir)/'`sa/child_sa.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/child_sa.Tpo $(DEPDIR)/child_sa.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/child_sa.c' object='child_sa.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o child_sa.o `test -f 'sa/child_sa.c' || echo '$(srcdir)/'`sa/child_sa.c child_sa.obj: sa/child_sa.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT child_sa.obj -MD -MP -MF "$(DEPDIR)/child_sa.Tpo" -c -o child_sa.obj `if test -f 'sa/child_sa.c'; then $(CYGPATH_W) 'sa/child_sa.c'; else $(CYGPATH_W) '$(srcdir)/sa/child_sa.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/child_sa.Tpo" "$(DEPDIR)/child_sa.Po"; else rm -f "$(DEPDIR)/child_sa.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT child_sa.obj -MD -MP -MF $(DEPDIR)/child_sa.Tpo -c -o child_sa.obj `if test -f 'sa/child_sa.c'; then $(CYGPATH_W) 'sa/child_sa.c'; else $(CYGPATH_W) '$(srcdir)/sa/child_sa.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/child_sa.Tpo $(DEPDIR)/child_sa.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/child_sa.c' object='child_sa.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o child_sa.obj `if test -f 'sa/child_sa.c'; then $(CYGPATH_W) 'sa/child_sa.c'; else $(CYGPATH_W) '$(srcdir)/sa/child_sa.c'; fi` ike_sa.o: sa/ike_sa.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_sa.o -MD -MP -MF "$(DEPDIR)/ike_sa.Tpo" -c -o ike_sa.o `test -f 'sa/ike_sa.c' || echo '$(srcdir)/'`sa/ike_sa.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ike_sa.Tpo" "$(DEPDIR)/ike_sa.Po"; else rm -f "$(DEPDIR)/ike_sa.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_sa.o -MD -MP -MF $(DEPDIR)/ike_sa.Tpo -c -o ike_sa.o `test -f 'sa/ike_sa.c' || echo '$(srcdir)/'`sa/ike_sa.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ike_sa.Tpo $(DEPDIR)/ike_sa.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/ike_sa.c' object='ike_sa.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ike_sa.o `test -f 'sa/ike_sa.c' || echo '$(srcdir)/'`sa/ike_sa.c ike_sa.obj: sa/ike_sa.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_sa.obj -MD -MP -MF "$(DEPDIR)/ike_sa.Tpo" -c -o ike_sa.obj `if test -f 'sa/ike_sa.c'; then $(CYGPATH_W) 'sa/ike_sa.c'; else $(CYGPATH_W) '$(srcdir)/sa/ike_sa.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ike_sa.Tpo" "$(DEPDIR)/ike_sa.Po"; else rm -f "$(DEPDIR)/ike_sa.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_sa.obj -MD -MP -MF $(DEPDIR)/ike_sa.Tpo -c -o ike_sa.obj `if test -f 'sa/ike_sa.c'; then $(CYGPATH_W) 'sa/ike_sa.c'; else $(CYGPATH_W) '$(srcdir)/sa/ike_sa.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ike_sa.Tpo $(DEPDIR)/ike_sa.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/ike_sa.c' object='ike_sa.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ike_sa.obj `if test -f 'sa/ike_sa.c'; then $(CYGPATH_W) 'sa/ike_sa.c'; else $(CYGPATH_W) '$(srcdir)/sa/ike_sa.c'; fi` ike_sa_id.o: sa/ike_sa_id.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_sa_id.o -MD -MP -MF "$(DEPDIR)/ike_sa_id.Tpo" -c -o ike_sa_id.o `test -f 'sa/ike_sa_id.c' || echo '$(srcdir)/'`sa/ike_sa_id.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ike_sa_id.Tpo" "$(DEPDIR)/ike_sa_id.Po"; else rm -f "$(DEPDIR)/ike_sa_id.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_sa_id.o -MD -MP -MF $(DEPDIR)/ike_sa_id.Tpo -c -o ike_sa_id.o `test -f 'sa/ike_sa_id.c' || echo '$(srcdir)/'`sa/ike_sa_id.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ike_sa_id.Tpo $(DEPDIR)/ike_sa_id.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/ike_sa_id.c' object='ike_sa_id.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ike_sa_id.o `test -f 'sa/ike_sa_id.c' || echo '$(srcdir)/'`sa/ike_sa_id.c ike_sa_id.obj: sa/ike_sa_id.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_sa_id.obj -MD -MP -MF "$(DEPDIR)/ike_sa_id.Tpo" -c -o ike_sa_id.obj `if test -f 'sa/ike_sa_id.c'; then $(CYGPATH_W) 'sa/ike_sa_id.c'; else $(CYGPATH_W) '$(srcdir)/sa/ike_sa_id.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ike_sa_id.Tpo" "$(DEPDIR)/ike_sa_id.Po"; else rm -f "$(DEPDIR)/ike_sa_id.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_sa_id.obj -MD -MP -MF $(DEPDIR)/ike_sa_id.Tpo -c -o ike_sa_id.obj `if test -f 'sa/ike_sa_id.c'; then $(CYGPATH_W) 'sa/ike_sa_id.c'; else $(CYGPATH_W) '$(srcdir)/sa/ike_sa_id.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ike_sa_id.Tpo $(DEPDIR)/ike_sa_id.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/ike_sa_id.c' object='ike_sa_id.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ike_sa_id.obj `if test -f 'sa/ike_sa_id.c'; then $(CYGPATH_W) 'sa/ike_sa_id.c'; else $(CYGPATH_W) '$(srcdir)/sa/ike_sa_id.c'; fi` ike_sa_manager.o: sa/ike_sa_manager.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_sa_manager.o -MD -MP -MF "$(DEPDIR)/ike_sa_manager.Tpo" -c -o ike_sa_manager.o `test -f 'sa/ike_sa_manager.c' || echo '$(srcdir)/'`sa/ike_sa_manager.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ike_sa_manager.Tpo" "$(DEPDIR)/ike_sa_manager.Po"; else rm -f "$(DEPDIR)/ike_sa_manager.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_sa_manager.o -MD -MP -MF $(DEPDIR)/ike_sa_manager.Tpo -c -o ike_sa_manager.o `test -f 'sa/ike_sa_manager.c' || echo '$(srcdir)/'`sa/ike_sa_manager.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ike_sa_manager.Tpo $(DEPDIR)/ike_sa_manager.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/ike_sa_manager.c' object='ike_sa_manager.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ike_sa_manager.o `test -f 'sa/ike_sa_manager.c' || echo '$(srcdir)/'`sa/ike_sa_manager.c ike_sa_manager.obj: sa/ike_sa_manager.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_sa_manager.obj -MD -MP -MF "$(DEPDIR)/ike_sa_manager.Tpo" -c -o ike_sa_manager.obj `if test -f 'sa/ike_sa_manager.c'; then $(CYGPATH_W) 'sa/ike_sa_manager.c'; else $(CYGPATH_W) '$(srcdir)/sa/ike_sa_manager.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ike_sa_manager.Tpo" "$(DEPDIR)/ike_sa_manager.Po"; else rm -f "$(DEPDIR)/ike_sa_manager.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_sa_manager.obj -MD -MP -MF $(DEPDIR)/ike_sa_manager.Tpo -c -o ike_sa_manager.obj `if test -f 'sa/ike_sa_manager.c'; then $(CYGPATH_W) 'sa/ike_sa_manager.c'; else $(CYGPATH_W) '$(srcdir)/sa/ike_sa_manager.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ike_sa_manager.Tpo $(DEPDIR)/ike_sa_manager.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/ike_sa_manager.c' object='ike_sa_manager.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ike_sa_manager.obj `if test -f 'sa/ike_sa_manager.c'; then $(CYGPATH_W) 'sa/ike_sa_manager.c'; else $(CYGPATH_W) '$(srcdir)/sa/ike_sa_manager.c'; fi` task_manager.o: sa/task_manager.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT task_manager.o -MD -MP -MF "$(DEPDIR)/task_manager.Tpo" -c -o task_manager.o `test -f 'sa/task_manager.c' || echo '$(srcdir)/'`sa/task_manager.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/task_manager.Tpo" "$(DEPDIR)/task_manager.Po"; else rm -f "$(DEPDIR)/task_manager.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT task_manager.o -MD -MP -MF $(DEPDIR)/task_manager.Tpo -c -o task_manager.o `test -f 'sa/task_manager.c' || echo '$(srcdir)/'`sa/task_manager.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/task_manager.Tpo $(DEPDIR)/task_manager.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/task_manager.c' object='task_manager.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o task_manager.o `test -f 'sa/task_manager.c' || echo '$(srcdir)/'`sa/task_manager.c task_manager.obj: sa/task_manager.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT task_manager.obj -MD -MP -MF "$(DEPDIR)/task_manager.Tpo" -c -o task_manager.obj `if test -f 'sa/task_manager.c'; then $(CYGPATH_W) 'sa/task_manager.c'; else $(CYGPATH_W) '$(srcdir)/sa/task_manager.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/task_manager.Tpo" "$(DEPDIR)/task_manager.Po"; else rm -f "$(DEPDIR)/task_manager.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT task_manager.obj -MD -MP -MF $(DEPDIR)/task_manager.Tpo -c -o task_manager.obj `if test -f 'sa/task_manager.c'; then $(CYGPATH_W) 'sa/task_manager.c'; else $(CYGPATH_W) '$(srcdir)/sa/task_manager.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/task_manager.Tpo $(DEPDIR)/task_manager.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/task_manager.c' object='task_manager.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o task_manager.obj `if test -f 'sa/task_manager.c'; then $(CYGPATH_W) 'sa/task_manager.c'; else $(CYGPATH_W) '$(srcdir)/sa/task_manager.c'; fi` child_create.o: sa/tasks/child_create.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT child_create.o -MD -MP -MF "$(DEPDIR)/child_create.Tpo" -c -o child_create.o `test -f 'sa/tasks/child_create.c' || echo '$(srcdir)/'`sa/tasks/child_create.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/child_create.Tpo" "$(DEPDIR)/child_create.Po"; else rm -f "$(DEPDIR)/child_create.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT child_create.o -MD -MP -MF $(DEPDIR)/child_create.Tpo -c -o child_create.o `test -f 'sa/tasks/child_create.c' || echo '$(srcdir)/'`sa/tasks/child_create.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/child_create.Tpo $(DEPDIR)/child_create.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/tasks/child_create.c' object='child_create.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o child_create.o `test -f 'sa/tasks/child_create.c' || echo '$(srcdir)/'`sa/tasks/child_create.c child_create.obj: sa/tasks/child_create.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT child_create.obj -MD -MP -MF "$(DEPDIR)/child_create.Tpo" -c -o child_create.obj `if test -f 'sa/tasks/child_create.c'; then $(CYGPATH_W) 'sa/tasks/child_create.c'; else $(CYGPATH_W) '$(srcdir)/sa/tasks/child_create.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/child_create.Tpo" "$(DEPDIR)/child_create.Po"; else rm -f "$(DEPDIR)/child_create.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT child_create.obj -MD -MP -MF $(DEPDIR)/child_create.Tpo -c -o child_create.obj `if test -f 'sa/tasks/child_create.c'; then $(CYGPATH_W) 'sa/tasks/child_create.c'; else $(CYGPATH_W) '$(srcdir)/sa/tasks/child_create.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/child_create.Tpo $(DEPDIR)/child_create.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/tasks/child_create.c' object='child_create.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o child_create.obj `if test -f 'sa/tasks/child_create.c'; then $(CYGPATH_W) 'sa/tasks/child_create.c'; else $(CYGPATH_W) '$(srcdir)/sa/tasks/child_create.c'; fi` child_delete.o: sa/tasks/child_delete.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT child_delete.o -MD -MP -MF "$(DEPDIR)/child_delete.Tpo" -c -o child_delete.o `test -f 'sa/tasks/child_delete.c' || echo '$(srcdir)/'`sa/tasks/child_delete.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/child_delete.Tpo" "$(DEPDIR)/child_delete.Po"; else rm -f "$(DEPDIR)/child_delete.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT child_delete.o -MD -MP -MF $(DEPDIR)/child_delete.Tpo -c -o child_delete.o `test -f 'sa/tasks/child_delete.c' || echo '$(srcdir)/'`sa/tasks/child_delete.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/child_delete.Tpo $(DEPDIR)/child_delete.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/tasks/child_delete.c' object='child_delete.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o child_delete.o `test -f 'sa/tasks/child_delete.c' || echo '$(srcdir)/'`sa/tasks/child_delete.c child_delete.obj: sa/tasks/child_delete.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT child_delete.obj -MD -MP -MF "$(DEPDIR)/child_delete.Tpo" -c -o child_delete.obj `if test -f 'sa/tasks/child_delete.c'; then $(CYGPATH_W) 'sa/tasks/child_delete.c'; else $(CYGPATH_W) '$(srcdir)/sa/tasks/child_delete.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/child_delete.Tpo" "$(DEPDIR)/child_delete.Po"; else rm -f "$(DEPDIR)/child_delete.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT child_delete.obj -MD -MP -MF $(DEPDIR)/child_delete.Tpo -c -o child_delete.obj `if test -f 'sa/tasks/child_delete.c'; then $(CYGPATH_W) 'sa/tasks/child_delete.c'; else $(CYGPATH_W) '$(srcdir)/sa/tasks/child_delete.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/child_delete.Tpo $(DEPDIR)/child_delete.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/tasks/child_delete.c' object='child_delete.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o child_delete.obj `if test -f 'sa/tasks/child_delete.c'; then $(CYGPATH_W) 'sa/tasks/child_delete.c'; else $(CYGPATH_W) '$(srcdir)/sa/tasks/child_delete.c'; fi` child_rekey.o: sa/tasks/child_rekey.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT child_rekey.o -MD -MP -MF "$(DEPDIR)/child_rekey.Tpo" -c -o child_rekey.o `test -f 'sa/tasks/child_rekey.c' || echo '$(srcdir)/'`sa/tasks/child_rekey.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/child_rekey.Tpo" "$(DEPDIR)/child_rekey.Po"; else rm -f "$(DEPDIR)/child_rekey.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT child_rekey.o -MD -MP -MF $(DEPDIR)/child_rekey.Tpo -c -o child_rekey.o `test -f 'sa/tasks/child_rekey.c' || echo '$(srcdir)/'`sa/tasks/child_rekey.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/child_rekey.Tpo $(DEPDIR)/child_rekey.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/tasks/child_rekey.c' object='child_rekey.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o child_rekey.o `test -f 'sa/tasks/child_rekey.c' || echo '$(srcdir)/'`sa/tasks/child_rekey.c child_rekey.obj: sa/tasks/child_rekey.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT child_rekey.obj -MD -MP -MF "$(DEPDIR)/child_rekey.Tpo" -c -o child_rekey.obj `if test -f 'sa/tasks/child_rekey.c'; then $(CYGPATH_W) 'sa/tasks/child_rekey.c'; else $(CYGPATH_W) '$(srcdir)/sa/tasks/child_rekey.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/child_rekey.Tpo" "$(DEPDIR)/child_rekey.Po"; else rm -f "$(DEPDIR)/child_rekey.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT child_rekey.obj -MD -MP -MF $(DEPDIR)/child_rekey.Tpo -c -o child_rekey.obj `if test -f 'sa/tasks/child_rekey.c'; then $(CYGPATH_W) 'sa/tasks/child_rekey.c'; else $(CYGPATH_W) '$(srcdir)/sa/tasks/child_rekey.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/child_rekey.Tpo $(DEPDIR)/child_rekey.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/tasks/child_rekey.c' object='child_rekey.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o child_rekey.obj `if test -f 'sa/tasks/child_rekey.c'; then $(CYGPATH_W) 'sa/tasks/child_rekey.c'; else $(CYGPATH_W) '$(srcdir)/sa/tasks/child_rekey.c'; fi` ike_auth.o: sa/tasks/ike_auth.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_auth.o -MD -MP -MF "$(DEPDIR)/ike_auth.Tpo" -c -o ike_auth.o `test -f 'sa/tasks/ike_auth.c' || echo '$(srcdir)/'`sa/tasks/ike_auth.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ike_auth.Tpo" "$(DEPDIR)/ike_auth.Po"; else rm -f "$(DEPDIR)/ike_auth.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_auth.o -MD -MP -MF $(DEPDIR)/ike_auth.Tpo -c -o ike_auth.o `test -f 'sa/tasks/ike_auth.c' || echo '$(srcdir)/'`sa/tasks/ike_auth.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ike_auth.Tpo $(DEPDIR)/ike_auth.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/tasks/ike_auth.c' object='ike_auth.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ike_auth.o `test -f 'sa/tasks/ike_auth.c' || echo '$(srcdir)/'`sa/tasks/ike_auth.c ike_auth.obj: sa/tasks/ike_auth.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_auth.obj -MD -MP -MF "$(DEPDIR)/ike_auth.Tpo" -c -o ike_auth.obj `if test -f 'sa/tasks/ike_auth.c'; then $(CYGPATH_W) 'sa/tasks/ike_auth.c'; else $(CYGPATH_W) '$(srcdir)/sa/tasks/ike_auth.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ike_auth.Tpo" "$(DEPDIR)/ike_auth.Po"; else rm -f "$(DEPDIR)/ike_auth.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_auth.obj -MD -MP -MF $(DEPDIR)/ike_auth.Tpo -c -o ike_auth.obj `if test -f 'sa/tasks/ike_auth.c'; then $(CYGPATH_W) 'sa/tasks/ike_auth.c'; else $(CYGPATH_W) '$(srcdir)/sa/tasks/ike_auth.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ike_auth.Tpo $(DEPDIR)/ike_auth.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/tasks/ike_auth.c' object='ike_auth.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ike_auth.obj `if test -f 'sa/tasks/ike_auth.c'; then $(CYGPATH_W) 'sa/tasks/ike_auth.c'; else $(CYGPATH_W) '$(srcdir)/sa/tasks/ike_auth.c'; fi` ike_cert.o: sa/tasks/ike_cert.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_cert.o -MD -MP -MF "$(DEPDIR)/ike_cert.Tpo" -c -o ike_cert.o `test -f 'sa/tasks/ike_cert.c' || echo '$(srcdir)/'`sa/tasks/ike_cert.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ike_cert.Tpo" "$(DEPDIR)/ike_cert.Po"; else rm -f "$(DEPDIR)/ike_cert.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_cert.o -MD -MP -MF $(DEPDIR)/ike_cert.Tpo -c -o ike_cert.o `test -f 'sa/tasks/ike_cert.c' || echo '$(srcdir)/'`sa/tasks/ike_cert.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ike_cert.Tpo $(DEPDIR)/ike_cert.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/tasks/ike_cert.c' object='ike_cert.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ike_cert.o `test -f 'sa/tasks/ike_cert.c' || echo '$(srcdir)/'`sa/tasks/ike_cert.c ike_cert.obj: sa/tasks/ike_cert.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_cert.obj -MD -MP -MF "$(DEPDIR)/ike_cert.Tpo" -c -o ike_cert.obj `if test -f 'sa/tasks/ike_cert.c'; then $(CYGPATH_W) 'sa/tasks/ike_cert.c'; else $(CYGPATH_W) '$(srcdir)/sa/tasks/ike_cert.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ike_cert.Tpo" "$(DEPDIR)/ike_cert.Po"; else rm -f "$(DEPDIR)/ike_cert.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_cert.obj -MD -MP -MF $(DEPDIR)/ike_cert.Tpo -c -o ike_cert.obj `if test -f 'sa/tasks/ike_cert.c'; then $(CYGPATH_W) 'sa/tasks/ike_cert.c'; else $(CYGPATH_W) '$(srcdir)/sa/tasks/ike_cert.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ike_cert.Tpo $(DEPDIR)/ike_cert.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/tasks/ike_cert.c' object='ike_cert.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ike_cert.obj `if test -f 'sa/tasks/ike_cert.c'; then $(CYGPATH_W) 'sa/tasks/ike_cert.c'; else $(CYGPATH_W) '$(srcdir)/sa/tasks/ike_cert.c'; fi` ike_config.o: sa/tasks/ike_config.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_config.o -MD -MP -MF "$(DEPDIR)/ike_config.Tpo" -c -o ike_config.o `test -f 'sa/tasks/ike_config.c' || echo '$(srcdir)/'`sa/tasks/ike_config.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ike_config.Tpo" "$(DEPDIR)/ike_config.Po"; else rm -f "$(DEPDIR)/ike_config.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_config.o -MD -MP -MF $(DEPDIR)/ike_config.Tpo -c -o ike_config.o `test -f 'sa/tasks/ike_config.c' || echo '$(srcdir)/'`sa/tasks/ike_config.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ike_config.Tpo $(DEPDIR)/ike_config.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/tasks/ike_config.c' object='ike_config.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ike_config.o `test -f 'sa/tasks/ike_config.c' || echo '$(srcdir)/'`sa/tasks/ike_config.c ike_config.obj: sa/tasks/ike_config.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_config.obj -MD -MP -MF "$(DEPDIR)/ike_config.Tpo" -c -o ike_config.obj `if test -f 'sa/tasks/ike_config.c'; then $(CYGPATH_W) 'sa/tasks/ike_config.c'; else $(CYGPATH_W) '$(srcdir)/sa/tasks/ike_config.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ike_config.Tpo" "$(DEPDIR)/ike_config.Po"; else rm -f "$(DEPDIR)/ike_config.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_config.obj -MD -MP -MF $(DEPDIR)/ike_config.Tpo -c -o ike_config.obj `if test -f 'sa/tasks/ike_config.c'; then $(CYGPATH_W) 'sa/tasks/ike_config.c'; else $(CYGPATH_W) '$(srcdir)/sa/tasks/ike_config.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ike_config.Tpo $(DEPDIR)/ike_config.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/tasks/ike_config.c' object='ike_config.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ike_config.obj `if test -f 'sa/tasks/ike_config.c'; then $(CYGPATH_W) 'sa/tasks/ike_config.c'; else $(CYGPATH_W) '$(srcdir)/sa/tasks/ike_config.c'; fi` ike_delete.o: sa/tasks/ike_delete.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_delete.o -MD -MP -MF "$(DEPDIR)/ike_delete.Tpo" -c -o ike_delete.o `test -f 'sa/tasks/ike_delete.c' || echo '$(srcdir)/'`sa/tasks/ike_delete.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ike_delete.Tpo" "$(DEPDIR)/ike_delete.Po"; else rm -f "$(DEPDIR)/ike_delete.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_delete.o -MD -MP -MF $(DEPDIR)/ike_delete.Tpo -c -o ike_delete.o `test -f 'sa/tasks/ike_delete.c' || echo '$(srcdir)/'`sa/tasks/ike_delete.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ike_delete.Tpo $(DEPDIR)/ike_delete.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/tasks/ike_delete.c' object='ike_delete.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ike_delete.o `test -f 'sa/tasks/ike_delete.c' || echo '$(srcdir)/'`sa/tasks/ike_delete.c ike_delete.obj: sa/tasks/ike_delete.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_delete.obj -MD -MP -MF "$(DEPDIR)/ike_delete.Tpo" -c -o ike_delete.obj `if test -f 'sa/tasks/ike_delete.c'; then $(CYGPATH_W) 'sa/tasks/ike_delete.c'; else $(CYGPATH_W) '$(srcdir)/sa/tasks/ike_delete.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ike_delete.Tpo" "$(DEPDIR)/ike_delete.Po"; else rm -f "$(DEPDIR)/ike_delete.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_delete.obj -MD -MP -MF $(DEPDIR)/ike_delete.Tpo -c -o ike_delete.obj `if test -f 'sa/tasks/ike_delete.c'; then $(CYGPATH_W) 'sa/tasks/ike_delete.c'; else $(CYGPATH_W) '$(srcdir)/sa/tasks/ike_delete.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ike_delete.Tpo $(DEPDIR)/ike_delete.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/tasks/ike_delete.c' object='ike_delete.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ike_delete.obj `if test -f 'sa/tasks/ike_delete.c'; then $(CYGPATH_W) 'sa/tasks/ike_delete.c'; else $(CYGPATH_W) '$(srcdir)/sa/tasks/ike_delete.c'; fi` ike_dpd.o: sa/tasks/ike_dpd.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_dpd.o -MD -MP -MF "$(DEPDIR)/ike_dpd.Tpo" -c -o ike_dpd.o `test -f 'sa/tasks/ike_dpd.c' || echo '$(srcdir)/'`sa/tasks/ike_dpd.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ike_dpd.Tpo" "$(DEPDIR)/ike_dpd.Po"; else rm -f "$(DEPDIR)/ike_dpd.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_dpd.o -MD -MP -MF $(DEPDIR)/ike_dpd.Tpo -c -o ike_dpd.o `test -f 'sa/tasks/ike_dpd.c' || echo '$(srcdir)/'`sa/tasks/ike_dpd.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ike_dpd.Tpo $(DEPDIR)/ike_dpd.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/tasks/ike_dpd.c' object='ike_dpd.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ike_dpd.o `test -f 'sa/tasks/ike_dpd.c' || echo '$(srcdir)/'`sa/tasks/ike_dpd.c ike_dpd.obj: sa/tasks/ike_dpd.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_dpd.obj -MD -MP -MF "$(DEPDIR)/ike_dpd.Tpo" -c -o ike_dpd.obj `if test -f 'sa/tasks/ike_dpd.c'; then $(CYGPATH_W) 'sa/tasks/ike_dpd.c'; else $(CYGPATH_W) '$(srcdir)/sa/tasks/ike_dpd.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ike_dpd.Tpo" "$(DEPDIR)/ike_dpd.Po"; else rm -f "$(DEPDIR)/ike_dpd.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_dpd.obj -MD -MP -MF $(DEPDIR)/ike_dpd.Tpo -c -o ike_dpd.obj `if test -f 'sa/tasks/ike_dpd.c'; then $(CYGPATH_W) 'sa/tasks/ike_dpd.c'; else $(CYGPATH_W) '$(srcdir)/sa/tasks/ike_dpd.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ike_dpd.Tpo $(DEPDIR)/ike_dpd.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/tasks/ike_dpd.c' object='ike_dpd.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ike_dpd.obj `if test -f 'sa/tasks/ike_dpd.c'; then $(CYGPATH_W) 'sa/tasks/ike_dpd.c'; else $(CYGPATH_W) '$(srcdir)/sa/tasks/ike_dpd.c'; fi` ike_init.o: sa/tasks/ike_init.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_init.o -MD -MP -MF "$(DEPDIR)/ike_init.Tpo" -c -o ike_init.o `test -f 'sa/tasks/ike_init.c' || echo '$(srcdir)/'`sa/tasks/ike_init.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ike_init.Tpo" "$(DEPDIR)/ike_init.Po"; else rm -f "$(DEPDIR)/ike_init.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_init.o -MD -MP -MF $(DEPDIR)/ike_init.Tpo -c -o ike_init.o `test -f 'sa/tasks/ike_init.c' || echo '$(srcdir)/'`sa/tasks/ike_init.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ike_init.Tpo $(DEPDIR)/ike_init.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/tasks/ike_init.c' object='ike_init.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ike_init.o `test -f 'sa/tasks/ike_init.c' || echo '$(srcdir)/'`sa/tasks/ike_init.c ike_init.obj: sa/tasks/ike_init.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_init.obj -MD -MP -MF "$(DEPDIR)/ike_init.Tpo" -c -o ike_init.obj `if test -f 'sa/tasks/ike_init.c'; then $(CYGPATH_W) 'sa/tasks/ike_init.c'; else $(CYGPATH_W) '$(srcdir)/sa/tasks/ike_init.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ike_init.Tpo" "$(DEPDIR)/ike_init.Po"; else rm -f "$(DEPDIR)/ike_init.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_init.obj -MD -MP -MF $(DEPDIR)/ike_init.Tpo -c -o ike_init.obj `if test -f 'sa/tasks/ike_init.c'; then $(CYGPATH_W) 'sa/tasks/ike_init.c'; else $(CYGPATH_W) '$(srcdir)/sa/tasks/ike_init.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ike_init.Tpo $(DEPDIR)/ike_init.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/tasks/ike_init.c' object='ike_init.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ike_init.obj `if test -f 'sa/tasks/ike_init.c'; then $(CYGPATH_W) 'sa/tasks/ike_init.c'; else $(CYGPATH_W) '$(srcdir)/sa/tasks/ike_init.c'; fi` ike_natd.o: sa/tasks/ike_natd.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_natd.o -MD -MP -MF "$(DEPDIR)/ike_natd.Tpo" -c -o ike_natd.o `test -f 'sa/tasks/ike_natd.c' || echo '$(srcdir)/'`sa/tasks/ike_natd.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ike_natd.Tpo" "$(DEPDIR)/ike_natd.Po"; else rm -f "$(DEPDIR)/ike_natd.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_natd.o -MD -MP -MF $(DEPDIR)/ike_natd.Tpo -c -o ike_natd.o `test -f 'sa/tasks/ike_natd.c' || echo '$(srcdir)/'`sa/tasks/ike_natd.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ike_natd.Tpo $(DEPDIR)/ike_natd.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/tasks/ike_natd.c' object='ike_natd.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ike_natd.o `test -f 'sa/tasks/ike_natd.c' || echo '$(srcdir)/'`sa/tasks/ike_natd.c ike_natd.obj: sa/tasks/ike_natd.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_natd.obj -MD -MP -MF "$(DEPDIR)/ike_natd.Tpo" -c -o ike_natd.obj `if test -f 'sa/tasks/ike_natd.c'; then $(CYGPATH_W) 'sa/tasks/ike_natd.c'; else $(CYGPATH_W) '$(srcdir)/sa/tasks/ike_natd.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ike_natd.Tpo" "$(DEPDIR)/ike_natd.Po"; else rm -f "$(DEPDIR)/ike_natd.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_natd.obj -MD -MP -MF $(DEPDIR)/ike_natd.Tpo -c -o ike_natd.obj `if test -f 'sa/tasks/ike_natd.c'; then $(CYGPATH_W) 'sa/tasks/ike_natd.c'; else $(CYGPATH_W) '$(srcdir)/sa/tasks/ike_natd.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ike_natd.Tpo $(DEPDIR)/ike_natd.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/tasks/ike_natd.c' object='ike_natd.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ike_natd.obj `if test -f 'sa/tasks/ike_natd.c'; then $(CYGPATH_W) 'sa/tasks/ike_natd.c'; else $(CYGPATH_W) '$(srcdir)/sa/tasks/ike_natd.c'; fi` ike_mobike.o: sa/tasks/ike_mobike.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_mobike.o -MD -MP -MF "$(DEPDIR)/ike_mobike.Tpo" -c -o ike_mobike.o `test -f 'sa/tasks/ike_mobike.c' || echo '$(srcdir)/'`sa/tasks/ike_mobike.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ike_mobike.Tpo" "$(DEPDIR)/ike_mobike.Po"; else rm -f "$(DEPDIR)/ike_mobike.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_mobike.o -MD -MP -MF $(DEPDIR)/ike_mobike.Tpo -c -o ike_mobike.o `test -f 'sa/tasks/ike_mobike.c' || echo '$(srcdir)/'`sa/tasks/ike_mobike.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ike_mobike.Tpo $(DEPDIR)/ike_mobike.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/tasks/ike_mobike.c' object='ike_mobike.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ike_mobike.o `test -f 'sa/tasks/ike_mobike.c' || echo '$(srcdir)/'`sa/tasks/ike_mobike.c ike_mobike.obj: sa/tasks/ike_mobike.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_mobike.obj -MD -MP -MF "$(DEPDIR)/ike_mobike.Tpo" -c -o ike_mobike.obj `if test -f 'sa/tasks/ike_mobike.c'; then $(CYGPATH_W) 'sa/tasks/ike_mobike.c'; else $(CYGPATH_W) '$(srcdir)/sa/tasks/ike_mobike.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ike_mobike.Tpo" "$(DEPDIR)/ike_mobike.Po"; else rm -f "$(DEPDIR)/ike_mobike.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_mobike.obj -MD -MP -MF $(DEPDIR)/ike_mobike.Tpo -c -o ike_mobike.obj `if test -f 'sa/tasks/ike_mobike.c'; then $(CYGPATH_W) 'sa/tasks/ike_mobike.c'; else $(CYGPATH_W) '$(srcdir)/sa/tasks/ike_mobike.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ike_mobike.Tpo $(DEPDIR)/ike_mobike.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/tasks/ike_mobike.c' object='ike_mobike.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ike_mobike.obj `if test -f 'sa/tasks/ike_mobike.c'; then $(CYGPATH_W) 'sa/tasks/ike_mobike.c'; else $(CYGPATH_W) '$(srcdir)/sa/tasks/ike_mobike.c'; fi` ike_rekey.o: sa/tasks/ike_rekey.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_rekey.o -MD -MP -MF "$(DEPDIR)/ike_rekey.Tpo" -c -o ike_rekey.o `test -f 'sa/tasks/ike_rekey.c' || echo '$(srcdir)/'`sa/tasks/ike_rekey.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ike_rekey.Tpo" "$(DEPDIR)/ike_rekey.Po"; else rm -f "$(DEPDIR)/ike_rekey.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_rekey.o -MD -MP -MF $(DEPDIR)/ike_rekey.Tpo -c -o ike_rekey.o `test -f 'sa/tasks/ike_rekey.c' || echo '$(srcdir)/'`sa/tasks/ike_rekey.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ike_rekey.Tpo $(DEPDIR)/ike_rekey.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/tasks/ike_rekey.c' object='ike_rekey.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ike_rekey.o `test -f 'sa/tasks/ike_rekey.c' || echo '$(srcdir)/'`sa/tasks/ike_rekey.c ike_rekey.obj: sa/tasks/ike_rekey.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_rekey.obj -MD -MP -MF "$(DEPDIR)/ike_rekey.Tpo" -c -o ike_rekey.obj `if test -f 'sa/tasks/ike_rekey.c'; then $(CYGPATH_W) 'sa/tasks/ike_rekey.c'; else $(CYGPATH_W) '$(srcdir)/sa/tasks/ike_rekey.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ike_rekey.Tpo" "$(DEPDIR)/ike_rekey.Po"; else rm -f "$(DEPDIR)/ike_rekey.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_rekey.obj -MD -MP -MF $(DEPDIR)/ike_rekey.Tpo -c -o ike_rekey.obj `if test -f 'sa/tasks/ike_rekey.c'; then $(CYGPATH_W) 'sa/tasks/ike_rekey.c'; else $(CYGPATH_W) '$(srcdir)/sa/tasks/ike_rekey.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ike_rekey.Tpo $(DEPDIR)/ike_rekey.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/tasks/ike_rekey.c' object='ike_rekey.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ike_rekey.obj `if test -f 'sa/tasks/ike_rekey.c'; then $(CYGPATH_W) 'sa/tasks/ike_rekey.c'; else $(CYGPATH_W) '$(srcdir)/sa/tasks/ike_rekey.c'; fi` ike_reauth.o: sa/tasks/ike_reauth.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_reauth.o -MD -MP -MF "$(DEPDIR)/ike_reauth.Tpo" -c -o ike_reauth.o `test -f 'sa/tasks/ike_reauth.c' || echo '$(srcdir)/'`sa/tasks/ike_reauth.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ike_reauth.Tpo" "$(DEPDIR)/ike_reauth.Po"; else rm -f "$(DEPDIR)/ike_reauth.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_reauth.o -MD -MP -MF $(DEPDIR)/ike_reauth.Tpo -c -o ike_reauth.o `test -f 'sa/tasks/ike_reauth.c' || echo '$(srcdir)/'`sa/tasks/ike_reauth.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ike_reauth.Tpo $(DEPDIR)/ike_reauth.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/tasks/ike_reauth.c' object='ike_reauth.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ike_reauth.o `test -f 'sa/tasks/ike_reauth.c' || echo '$(srcdir)/'`sa/tasks/ike_reauth.c ike_reauth.obj: sa/tasks/ike_reauth.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_reauth.obj -MD -MP -MF "$(DEPDIR)/ike_reauth.Tpo" -c -o ike_reauth.obj `if test -f 'sa/tasks/ike_reauth.c'; then $(CYGPATH_W) 'sa/tasks/ike_reauth.c'; else $(CYGPATH_W) '$(srcdir)/sa/tasks/ike_reauth.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ike_reauth.Tpo" "$(DEPDIR)/ike_reauth.Po"; else rm -f "$(DEPDIR)/ike_reauth.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_reauth.obj -MD -MP -MF $(DEPDIR)/ike_reauth.Tpo -c -o ike_reauth.obj `if test -f 'sa/tasks/ike_reauth.c'; then $(CYGPATH_W) 'sa/tasks/ike_reauth.c'; else $(CYGPATH_W) '$(srcdir)/sa/tasks/ike_reauth.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ike_reauth.Tpo $(DEPDIR)/ike_reauth.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/tasks/ike_reauth.c' object='ike_reauth.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ike_reauth.obj `if test -f 'sa/tasks/ike_reauth.c'; then $(CYGPATH_W) 'sa/tasks/ike_reauth.c'; else $(CYGPATH_W) '$(srcdir)/sa/tasks/ike_reauth.c'; fi` task.o: sa/tasks/task.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT task.o -MD -MP -MF "$(DEPDIR)/task.Tpo" -c -o task.o `test -f 'sa/tasks/task.c' || echo '$(srcdir)/'`sa/tasks/task.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/task.Tpo" "$(DEPDIR)/task.Po"; else rm -f "$(DEPDIR)/task.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT task.o -MD -MP -MF $(DEPDIR)/task.Tpo -c -o task.o `test -f 'sa/tasks/task.c' || echo '$(srcdir)/'`sa/tasks/task.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/task.Tpo $(DEPDIR)/task.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/tasks/task.c' object='task.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o task.o `test -f 'sa/tasks/task.c' || echo '$(srcdir)/'`sa/tasks/task.c task.obj: sa/tasks/task.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT task.obj -MD -MP -MF "$(DEPDIR)/task.Tpo" -c -o task.obj `if test -f 'sa/tasks/task.c'; then $(CYGPATH_W) 'sa/tasks/task.c'; else $(CYGPATH_W) '$(srcdir)/sa/tasks/task.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/task.Tpo" "$(DEPDIR)/task.Po"; else rm -f "$(DEPDIR)/task.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT task.obj -MD -MP -MF $(DEPDIR)/task.Tpo -c -o task.obj `if test -f 'sa/tasks/task.c'; then $(CYGPATH_W) 'sa/tasks/task.c'; else $(CYGPATH_W) '$(srcdir)/sa/tasks/task.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/task.Tpo $(DEPDIR)/task.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/tasks/task.c' object='task.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o task.obj `if test -f 'sa/tasks/task.c'; then $(CYGPATH_W) 'sa/tasks/task.c'; else $(CYGPATH_W) '$(srcdir)/sa/tasks/task.c'; fi` +endpoint_notify.o: encoding/payloads/endpoint_notify.c +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT endpoint_notify.o -MD -MP -MF $(DEPDIR)/endpoint_notify.Tpo -c -o endpoint_notify.o `test -f 'encoding/payloads/endpoint_notify.c' || echo '$(srcdir)/'`encoding/payloads/endpoint_notify.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/endpoint_notify.Tpo $(DEPDIR)/endpoint_notify.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/payloads/endpoint_notify.c' object='endpoint_notify.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o endpoint_notify.o `test -f 'encoding/payloads/endpoint_notify.c' || echo '$(srcdir)/'`encoding/payloads/endpoint_notify.c + +endpoint_notify.obj: encoding/payloads/endpoint_notify.c +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT endpoint_notify.obj -MD -MP -MF $(DEPDIR)/endpoint_notify.Tpo -c -o endpoint_notify.obj `if test -f 'encoding/payloads/endpoint_notify.c'; then $(CYGPATH_W) 'encoding/payloads/endpoint_notify.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/endpoint_notify.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/endpoint_notify.Tpo $(DEPDIR)/endpoint_notify.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='encoding/payloads/endpoint_notify.c' object='endpoint_notify.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o endpoint_notify.obj `if test -f 'encoding/payloads/endpoint_notify.c'; then $(CYGPATH_W) 'encoding/payloads/endpoint_notify.c'; else $(CYGPATH_W) '$(srcdir)/encoding/payloads/endpoint_notify.c'; fi` + +initiate_mediation_job.o: processing/jobs/initiate_mediation_job.c +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT initiate_mediation_job.o -MD -MP -MF $(DEPDIR)/initiate_mediation_job.Tpo -c -o initiate_mediation_job.o `test -f 'processing/jobs/initiate_mediation_job.c' || echo '$(srcdir)/'`processing/jobs/initiate_mediation_job.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/initiate_mediation_job.Tpo $(DEPDIR)/initiate_mediation_job.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='processing/jobs/initiate_mediation_job.c' object='initiate_mediation_job.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o initiate_mediation_job.o `test -f 'processing/jobs/initiate_mediation_job.c' || echo '$(srcdir)/'`processing/jobs/initiate_mediation_job.c + +initiate_mediation_job.obj: processing/jobs/initiate_mediation_job.c +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT initiate_mediation_job.obj -MD -MP -MF $(DEPDIR)/initiate_mediation_job.Tpo -c -o initiate_mediation_job.obj `if test -f 'processing/jobs/initiate_mediation_job.c'; then $(CYGPATH_W) 'processing/jobs/initiate_mediation_job.c'; else $(CYGPATH_W) '$(srcdir)/processing/jobs/initiate_mediation_job.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/initiate_mediation_job.Tpo $(DEPDIR)/initiate_mediation_job.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='processing/jobs/initiate_mediation_job.c' object='initiate_mediation_job.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o initiate_mediation_job.obj `if test -f 'processing/jobs/initiate_mediation_job.c'; then $(CYGPATH_W) 'processing/jobs/initiate_mediation_job.c'; else $(CYGPATH_W) '$(srcdir)/processing/jobs/initiate_mediation_job.c'; fi` + +mediation_job.o: processing/jobs/mediation_job.c +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT mediation_job.o -MD -MP -MF $(DEPDIR)/mediation_job.Tpo -c -o mediation_job.o `test -f 'processing/jobs/mediation_job.c' || echo '$(srcdir)/'`processing/jobs/mediation_job.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/mediation_job.Tpo $(DEPDIR)/mediation_job.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='processing/jobs/mediation_job.c' object='mediation_job.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o mediation_job.o `test -f 'processing/jobs/mediation_job.c' || echo '$(srcdir)/'`processing/jobs/mediation_job.c + +mediation_job.obj: processing/jobs/mediation_job.c +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT mediation_job.obj -MD -MP -MF $(DEPDIR)/mediation_job.Tpo -c -o mediation_job.obj `if test -f 'processing/jobs/mediation_job.c'; then $(CYGPATH_W) 'processing/jobs/mediation_job.c'; else $(CYGPATH_W) '$(srcdir)/processing/jobs/mediation_job.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/mediation_job.Tpo $(DEPDIR)/mediation_job.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='processing/jobs/mediation_job.c' object='mediation_job.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o mediation_job.obj `if test -f 'processing/jobs/mediation_job.c'; then $(CYGPATH_W) 'processing/jobs/mediation_job.c'; else $(CYGPATH_W) '$(srcdir)/processing/jobs/mediation_job.c'; fi` + +connect_manager.o: sa/connect_manager.c +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT connect_manager.o -MD -MP -MF $(DEPDIR)/connect_manager.Tpo -c -o connect_manager.o `test -f 'sa/connect_manager.c' || echo '$(srcdir)/'`sa/connect_manager.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/connect_manager.Tpo $(DEPDIR)/connect_manager.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/connect_manager.c' object='connect_manager.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o connect_manager.o `test -f 'sa/connect_manager.c' || echo '$(srcdir)/'`sa/connect_manager.c + +connect_manager.obj: sa/connect_manager.c +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT connect_manager.obj -MD -MP -MF $(DEPDIR)/connect_manager.Tpo -c -o connect_manager.obj `if test -f 'sa/connect_manager.c'; then $(CYGPATH_W) 'sa/connect_manager.c'; else $(CYGPATH_W) '$(srcdir)/sa/connect_manager.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/connect_manager.Tpo $(DEPDIR)/connect_manager.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/connect_manager.c' object='connect_manager.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o connect_manager.obj `if test -f 'sa/connect_manager.c'; then $(CYGPATH_W) 'sa/connect_manager.c'; else $(CYGPATH_W) '$(srcdir)/sa/connect_manager.c'; fi` + +mediation_manager.o: sa/mediation_manager.c +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT mediation_manager.o -MD -MP -MF $(DEPDIR)/mediation_manager.Tpo -c -o mediation_manager.o `test -f 'sa/mediation_manager.c' || echo '$(srcdir)/'`sa/mediation_manager.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/mediation_manager.Tpo $(DEPDIR)/mediation_manager.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/mediation_manager.c' object='mediation_manager.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o mediation_manager.o `test -f 'sa/mediation_manager.c' || echo '$(srcdir)/'`sa/mediation_manager.c + +mediation_manager.obj: sa/mediation_manager.c +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT mediation_manager.obj -MD -MP -MF $(DEPDIR)/mediation_manager.Tpo -c -o mediation_manager.obj `if test -f 'sa/mediation_manager.c'; then $(CYGPATH_W) 'sa/mediation_manager.c'; else $(CYGPATH_W) '$(srcdir)/sa/mediation_manager.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/mediation_manager.Tpo $(DEPDIR)/mediation_manager.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/mediation_manager.c' object='mediation_manager.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o mediation_manager.obj `if test -f 'sa/mediation_manager.c'; then $(CYGPATH_W) 'sa/mediation_manager.c'; else $(CYGPATH_W) '$(srcdir)/sa/mediation_manager.c'; fi` + +ike_p2p.o: sa/tasks/ike_p2p.c +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_p2p.o -MD -MP -MF $(DEPDIR)/ike_p2p.Tpo -c -o ike_p2p.o `test -f 'sa/tasks/ike_p2p.c' || echo '$(srcdir)/'`sa/tasks/ike_p2p.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ike_p2p.Tpo $(DEPDIR)/ike_p2p.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/tasks/ike_p2p.c' object='ike_p2p.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ike_p2p.o `test -f 'sa/tasks/ike_p2p.c' || echo '$(srcdir)/'`sa/tasks/ike_p2p.c + +ike_p2p.obj: sa/tasks/ike_p2p.c +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_p2p.obj -MD -MP -MF $(DEPDIR)/ike_p2p.Tpo -c -o ike_p2p.obj `if test -f 'sa/tasks/ike_p2p.c'; then $(CYGPATH_W) 'sa/tasks/ike_p2p.c'; else $(CYGPATH_W) '$(srcdir)/sa/tasks/ike_p2p.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ike_p2p.Tpo $(DEPDIR)/ike_p2p.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sa/tasks/ike_p2p.c' object='ike_p2p.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ike_p2p.obj `if test -f 'sa/tasks/ike_p2p.c'; then $(CYGPATH_W) 'sa/tasks/ike_p2p.c'; else $(CYGPATH_W) '$(srcdir)/sa/tasks/ike_p2p.c'; fi` + mostlyclean-libtool: -rm -f *.lo clean-libtool: -rm -rf .libs _libs -distclean-libtool: - -rm -f libtool -uninstall-info-am: - ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ @@ -1897,22 +2144,21 @@ distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \ - list='$(DISTFILES)'; for file in $$list; do \ - case $$file in \ - $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \ - $(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \ - esac; \ + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test "$$dir" != "$$file" && test "$$dir" != "."; then \ - dir="/$$dir"; \ - $(mkdir_p) "$(distdir)$$dir"; \ - else \ - dir=''; \ - fi; \ if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ fi; \ @@ -1928,7 +2174,7 @@ check: check-am all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) installdirs: for dir in "$(DESTDIR)$(backenddir)" "$(DESTDIR)$(eapdir)" "$(DESTDIR)$(interfacedir)" "$(DESTDIR)$(ipsecdir)"; do \ - test -z "$$dir" || $(mkdir_p) "$$dir"; \ + test -z "$$dir" || $(MKDIR_P) "$$dir"; \ done install: install-am install-exec: install-exec-am @@ -1964,7 +2210,7 @@ distclean: distclean-am -rm -rf ./$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ - distclean-libtool distclean-tags + distclean-tags dvi: dvi-am @@ -1979,12 +2225,20 @@ info-am: install-data-am: install-backendLTLIBRARIES install-eapLTLIBRARIES \ install-interfaceLTLIBRARIES install-ipsecPROGRAMS +install-dvi: install-dvi-am + install-exec-am: +install-html: install-html-am + install-info: install-info-am install-man: +install-pdf: install-pdf-am + +install-ps: install-ps-am + installcheck-am: maintainer-clean: maintainer-clean-am @@ -2006,8 +2260,9 @@ ps: ps-am ps-am: uninstall-am: uninstall-backendLTLIBRARIES uninstall-eapLTLIBRARIES \ - uninstall-info-am uninstall-interfaceLTLIBRARIES \ - uninstall-ipsecPROGRAMS + uninstall-interfaceLTLIBRARIES uninstall-ipsecPROGRAMS + +.MAKE: install-am install-strip .PHONY: CTAGS GTAGS all all-am check check-am clean \ clean-backendLTLIBRARIES clean-eapLTLIBRARIES clean-generic \ @@ -2016,15 +2271,17 @@ uninstall-am: uninstall-backendLTLIBRARIES uninstall-eapLTLIBRARIES \ distclean-libtool distclean-tags distdir dvi dvi-am html \ html-am info info-am install install-am \ install-backendLTLIBRARIES install-data install-data-am \ - install-eapLTLIBRARIES install-exec install-exec-am \ - install-info install-info-am install-interfaceLTLIBRARIES \ - install-ipsecPROGRAMS install-man install-strip installcheck \ + install-dvi install-dvi-am install-eapLTLIBRARIES install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-interfaceLTLIBRARIES \ + install-ipsecPROGRAMS install-man install-pdf install-pdf-am \ + install-ps install-ps-am install-strip installcheck \ installcheck-am installdirs maintainer-clean \ maintainer-clean-generic mostlyclean mostlyclean-compile \ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ tags uninstall uninstall-am uninstall-backendLTLIBRARIES \ - uninstall-eapLTLIBRARIES uninstall-info-am \ - uninstall-interfaceLTLIBRARIES uninstall-ipsecPROGRAMS + uninstall-eapLTLIBRARIES uninstall-interfaceLTLIBRARIES \ + uninstall-ipsecPROGRAMS # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. diff --git a/src/charon/bus/bus.h b/src/charon/bus/bus.h index e54fb1b1b..00f1ab7ac 100644 --- a/src/charon/bus/bus.h +++ b/src/charon/bus/bus.h @@ -310,7 +310,7 @@ struct bus_t { * must register themself to the bus before starting to listen(). When * a signal occurs, the emitter waits until all threads with listen_state * TRUE are waiting in the listen() method to process the signal. - * It is important that a thread with liste_state TRUE calls listen() + * It is important that a thread with listen_state TRUE calls listen() * periodically, or sets it's listening state to FALSE; otherwise * all signal emitting threads get blocked on the bus. * diff --git a/src/charon/config/backend_manager.c b/src/charon/config/backend_manager.c index 6df68c700..b2104acea 100644 --- a/src/charon/config/backend_manager.c +++ b/src/charon/config/backend_manager.c @@ -95,6 +95,22 @@ static peer_cfg_t *get_peer_cfg(private_backend_manager_t *this, return config; } +/** + * implements backend_manager_t.get_peer_cfg_by_name. + */ +static peer_cfg_t *get_peer_cfg_by_name(private_backend_manager_t *this, char *name) +{ + backend_t *backend; + peer_cfg_t *config = NULL; + iterator_t *iterator = this->backends->create_iterator(this->backends, TRUE); + while (config == NULL && iterator->iterate(iterator, (void**)&backend)) + { + config = backend->get_peer_cfg_by_name(backend, name); + } + iterator->destroy(iterator); + return config; +} + /** * implements backend_manager_t.add_peer_cfg. */ @@ -214,6 +230,7 @@ backend_manager_t *backend_manager_create() this->public.get_ike_cfg = (ike_cfg_t* (*)(backend_manager_t*, host_t*, host_t*))get_ike_cfg; this->public.get_peer_cfg = (peer_cfg_t* (*)(backend_manager_t*,identification_t*,identification_t*,ca_info_t*))get_peer_cfg; + this->public.get_peer_cfg_by_name = (peer_cfg_t* (*)(backend_manager_t*,char*))get_peer_cfg_by_name; this->public.add_peer_cfg = (void (*)(backend_manager_t*,peer_cfg_t*))add_peer_cfg; this->public.create_iterator = (iterator_t* (*)(backend_manager_t*))create_iterator; this->public.destroy = (void (*)(backend_manager_t*))destroy; diff --git a/src/charon/config/backend_manager.h b/src/charon/config/backend_manager.h index 22a19a218..7ca6d660e 100644 --- a/src/charon/config/backend_manager.h +++ b/src/charon/config/backend_manager.h @@ -87,6 +87,15 @@ struct backend_manager_t { identification_t *my_id, identification_t *other_id, ca_info_t *other_ca_info); + /** + * @brief Get a peer_config identified by it's name. + * + * @param this calling object + * @param name name of the peer_config + * @return matching peer_config, or NULL if none found + */ + peer_cfg_t* (*get_peer_cfg_by_name)(backend_manager_t *this, char *name); + /** * @brief Add a peer_config to the first found writable backend. * diff --git a/src/charon/config/backends/backend.h b/src/charon/config/backends/backend.h index acab660b6..592d1dd4c 100644 --- a/src/charon/config/backends/backend.h +++ b/src/charon/config/backends/backend.h @@ -70,6 +70,15 @@ struct backend_t { identification_t *my_id, identification_t *other_id, ca_info_t *other_ca_info); + /** + * @brief Get a peer_cfg identified by it's name, or a name of its child. + * + * @param this calling object + * @param name + * @return matching peer_config, or NULL if none found + */ + peer_cfg_t *(*get_peer_cfg_by_name)(backend_t *this, char *name); + /** * @brief Check if a backend is writable and implements writable_backend_t. * diff --git a/src/charon/config/backends/local_backend.c b/src/charon/config/backends/local_backend.c index 2e80cc870..e04c72ac1 100644 --- a/src/charon/config/backends/local_backend.c +++ b/src/charon/config/backends/local_backend.c @@ -146,6 +146,13 @@ static peer_cfg_t *get_peer_cfg(private_local_backend_t *this, int prio = (wc1 + wc2) * (MAX_CA_PATH_LEN + 1); int pathlen = 0; identification_t *other_candidate_ca = current->get_other_ca(current); + linked_list_t *groups = current->get_groups(current); + + /* is a group membership required? */ + if (groups->get_count(groups) > 0) + { + DBG1(DBG_CFG, " group membership required"); + } /* are there any ca constraints? */ if (other_candidate_ca->get_type(other_candidate_ca) != ID_ANY) @@ -217,6 +224,46 @@ static peer_cfg_t *get_peer_cfg(private_local_backend_t *this, return found; } +/** + * implements backend_t.get_peer_cfg_by_name. + */ +static peer_cfg_t *get_peer_cfg_by_name(private_local_backend_t *this, char *name) +{ + iterator_t *i1, *i2; + peer_cfg_t *current, *found = NULL; + child_cfg_t *child; + + i1 = this->cfgs->create_iterator(this->cfgs, TRUE); + while (i1->iterate(i1, (void**)¤t)) + { + /* compare peer_cfgs name first */ + if (streq(current->get_name(current), name)) + { + found = current; + found->get_ref(found); + break; + } + /* compare all child_cfg names otherwise */ + i2 = current->create_child_cfg_iterator(current); + while (i2->iterate(i2, (void**)&child)) + { + if (streq(child->get_name(child), name)) + { + found = current; + found->get_ref(found); + break; + } + } + i2->destroy(i2); + if (found) + { + break; + } + } + i1->destroy(i1); + return found; +} + /** * Implementation of backend_t.is_writable. */ @@ -261,6 +308,7 @@ backend_t *backend_create(void) this->public.backend.backend.get_ike_cfg = (ike_cfg_t* (*)(backend_t*, host_t*, host_t*))get_ike_cfg; this->public.backend.backend.get_peer_cfg = (peer_cfg_t* (*)(backend_t*,identification_t*,identification_t*,ca_info_t*))get_peer_cfg; + this->public.backend.backend.get_peer_cfg_by_name = (peer_cfg_t* (*)(backend_t*,char*))get_peer_cfg_by_name; this->public.backend.backend.is_writeable = (bool(*) (backend_t*))is_writeable; this->public.backend.backend.destroy = (void (*)(backend_t*))destroy; this->public.backend.create_iterator = (iterator_t* (*)(writeable_backend_t*))create_iterator; diff --git a/src/charon/config/backends/sqlite_backend.c b/src/charon/config/backends/sqlite_backend.c new file mode 100644 index 000000000..33093a735 --- /dev/null +++ b/src/charon/config/backends/sqlite_backend.c @@ -0,0 +1,308 @@ +/** + * @file sqlite_backend.c + * + * @brief Implementation of sqlite_backend_t. + * + */ + +/* + * Copyright (C) 2006 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include +#include + +#include "sqlite_backend.h" + +#include + + +typedef struct private_sqlite_backend_t private_sqlite_backend_t; + +/** + * Private data of an sqlite_backend_t object + */ +struct private_sqlite_backend_t { + + /** + * Public part + */ + sqlite_backend_t public; + + /** + * SQLite database handle + */ + sqlite3 *db; +}; + +/** + * implements backen_t.get_ike_cfg. + */ +static ike_cfg_t *get_ike_cfg(private_sqlite_backend_t *this, + host_t *my_host, host_t *other_host) +{ + return NULL; +} + +/** + * add TS with child "id" to "child_cfg" + */ +static void add_ts(private_sqlite_backend_t *this, child_cfg_t *child_cfg, int id) +{ + sqlite3_stmt *stmt; + + if (sqlite3_prepare_v2(this->db, + "SELECT type, protocol, start_addr, end_addr, start_port, end_port, kind " + "FROM traffic_selectors, child_config_traffic_selector " + "ON traffic_selectors.oid = child_config_traffic_selector.traffic_selector " + "WHERE child_config_traffic_selector.child_cfg = ?;", + -1, &stmt, NULL) == SQLITE_OK && + sqlite3_bind_int(stmt, 1, id) == SQLITE_OK) + { + while (sqlite3_step(stmt) == SQLITE_ROW) + { + traffic_selector_t *ts; + bool local = FALSE; + enum { + TS_LOCAL = 0, + TS_REMOTE = 1, + TS_LOCAL_DYNAMIC = 2, + TS_REMOTE_DYNAMIC = 3, + } kind; + + kind = sqlite3_column_int(stmt, 6); + switch (kind) + { + case TS_LOCAL: + local = TRUE; + /* FALL */ + case TS_REMOTE: + ts = traffic_selector_create_from_string( + sqlite3_column_int(stmt, 1), /* protocol */ + sqlite3_column_int(stmt, 0), /* type */ + (char*)sqlite3_column_text(stmt, 2), /* from addr */ + sqlite3_column_int(stmt, 4), /* from port */ + (char*)sqlite3_column_text(stmt, 3), /* to addr */ + sqlite3_column_int(stmt, 5)); /* to port */ + break; + case TS_LOCAL_DYNAMIC: + local = TRUE; + /* FALL */ + case TS_REMOTE_DYNAMIC: + ts = traffic_selector_create_dynamic( + sqlite3_column_int(stmt, 1), /* protocol */ + sqlite3_column_int(stmt, 0), /* type */ + sqlite3_column_int(stmt, 4), /* from port */ + sqlite3_column_int(stmt, 5)); /* to port */ + break; + default: + continue; + } + if (ts) + { + child_cfg->add_traffic_selector(child_cfg, local, ts); + } + } + } + sqlite3_finalize(stmt); +} + +/** + * add childrens belonging to config with "id" to "peer_cfg" + */ +static void add_children(private_sqlite_backend_t *this, peer_cfg_t *peer_cfg, int id) +{ + sqlite3_stmt *stmt; + child_cfg_t *child_cfg; + + if (sqlite3_prepare_v2(this->db, + "SELECT child_configs.oid, name, updown, hostaccess, mode, " + "lifetime, rekeytime, jitter " + "FROM child_configs, peer_config_child_config " + "ON child_configs.oid = peer_config_child_config.child_cfg " + "WHERE peer_config_child_config.peer_cfg = ?;", + -1, &stmt, NULL) == SQLITE_OK && + sqlite3_bind_int(stmt, 1, id) == SQLITE_OK) + { + while (sqlite3_step(stmt) == SQLITE_ROW) + { + child_cfg = child_cfg_create( + (char*)sqlite3_column_text(stmt, 1), /* name */ + sqlite3_column_int(stmt, 5), /* lifetime */ + sqlite3_column_int(stmt, 6), /* rekeytime */ + sqlite3_column_int(stmt, 7), /* jitter */ + (char*)sqlite3_column_text(stmt, 2), /* updown */ + sqlite3_column_int(stmt, 3), /* hostaccess */ + sqlite3_column_int(stmt, 4)); /* mode */ + add_ts(this, child_cfg, sqlite3_column_int(stmt, 0)); + child_cfg->add_proposal(child_cfg, proposal_create_default(PROTO_ESP)); + peer_cfg->add_child_cfg(peer_cfg, child_cfg); + } + } + sqlite3_finalize(stmt); +} + +/** + * processing function for get_peer_cfg and get_peer_cfg_by_name + */ +static peer_cfg_t *process_peer_cfg_row(private_sqlite_backend_t *this, + sqlite3_stmt *stmt) +{ + host_t *local_host, *remote_host, *local_vip = NULL, *remote_vip = NULL; + identification_t *local_id, *remote_id; + peer_cfg_t *peer_cfg; + ike_cfg_t *ike_cfg; + + local_host = host_create_from_string((char*)sqlite3_column_text(stmt, 17), IKEV2_UDP_PORT); + remote_host = host_create_from_string((char*)sqlite3_column_text(stmt, 18), IKEV2_UDP_PORT); + if (sqlite3_column_text(stmt, 15)) + { + local_vip = host_create_from_string((char*)sqlite3_column_text(stmt, 15), 0); + } + if (sqlite3_column_text(stmt, 16)) + { + remote_vip = host_create_from_string((char*)sqlite3_column_text(stmt, 16), 0); + } + local_id = identification_create_from_string((char*)sqlite3_column_text(stmt, 2)); + remote_id = identification_create_from_string((char*)sqlite3_column_text(stmt, 3)); + if (local_host && remote_host && local_id && remote_id) + { + ike_cfg = ike_cfg_create(sqlite3_column_int(stmt, 19), FALSE, + local_host, remote_host); + ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE)); + peer_cfg = peer_cfg_create( + (char*)sqlite3_column_text(stmt, 1), /* name */ + 2, ike_cfg, local_id, remote_id, NULL, NULL, linked_list_create(), + sqlite3_column_int(stmt, 4), /* cert_policy */ + sqlite3_column_int(stmt, 5), /* auth_method */ + sqlite3_column_int(stmt, 6), /* eap_type */ + sqlite3_column_int(stmt, 7), /* keyingtries */ + sqlite3_column_int(stmt, 8), /* lifetime */ + sqlite3_column_int(stmt, 9), /* rekeytime */ + sqlite3_column_int(stmt, 10), /* jitter */ + sqlite3_column_int(stmt, 13), /* reauth */ + sqlite3_column_int(stmt, 14), /* mobike */ + sqlite3_column_int(stmt, 11), /* dpd_delay */ + sqlite3_column_int(stmt, 12), /* dpd_action */ + local_vip, remote_vip, FALSE, NULL, NULL); + add_children(this, peer_cfg, sqlite3_column_int(stmt, 0)); + return peer_cfg; + } + + DESTROY_IF(local_host); + DESTROY_IF(remote_host); + DESTROY_IF(local_id); + DESTROY_IF(remote_id); + DESTROY_IF(local_vip); + DESTROY_IF(remote_vip); + return NULL; +} + +/** + * implements backend_t.get_peer_cfg. + */ +static peer_cfg_t *get_peer_cfg(private_sqlite_backend_t *this, + identification_t *my_id, identification_t *other_id, + ca_info_t *other_ca_info) +{ + sqlite3_stmt *stmt; + char local[256], remote[256]; + peer_cfg_t *peer_cfg = NULL; + + snprintf(local, sizeof(local), "%D", my_id); + snprintf(remote, sizeof(remote), "%D", other_id); + + if (sqlite3_prepare_v2(this->db, + "SELECT peer_configs.oid, name, local_id, remote_id, cert_policy, " + "auth_method, eap_type, keyingtries, lifetime, rekeytime, jitter, " + "dpd_delay, dpd_action, reauth, mobike, local_vip, remote_vip, " + "local, remote, certreq " + "FROM peer_configs, ike_configs " + "ON peer_configs.ike_cfg = ike_configs.oid " + "WHERE local_id = ? and remote_id = ?;", -1, &stmt, NULL) == SQLITE_OK && + sqlite3_bind_text(stmt, 1, local, -1, SQLITE_STATIC) == SQLITE_OK && + sqlite3_bind_text(stmt, 2, remote, -1, SQLITE_STATIC) == SQLITE_OK && + sqlite3_step(stmt) == SQLITE_ROW) + { + peer_cfg = process_peer_cfg_row(this, stmt); + } + sqlite3_finalize(stmt); + return peer_cfg; +} + +/** + * implements backend_t.get_peer_cfg_by_name. + */ +static peer_cfg_t *get_peer_cfg_by_name(private_sqlite_backend_t *this, char *name) +{ + sqlite3_stmt *stmt; + peer_cfg_t *peer_cfg = NULL; + + if (sqlite3_prepare_v2(this->db, + "SELECT peer_configs.oid, name, local_id, remote_id, cert_policy, " + "auth_method, eap_type, keyingtries, lifetime, rekeytime, jitter, " + "dpd_delay, dpd_action, reauth, mobike, local_vip, remote_vip, " + "local, remote, certreq " + "FROM peer_configs, ike_configs " + "ON peer_configs.ike_cfg = ike_configs.oid " + "WHERE name = ? ;", -1, &stmt, NULL) == SQLITE_OK && + sqlite3_bind_text(stmt, 1, name, -1, SQLITE_STATIC) == SQLITE_OK && + sqlite3_step(stmt) == SQLITE_ROW) + { + peer_cfg = process_peer_cfg_row(this, stmt); + } + sqlite3_finalize(stmt); + return peer_cfg; +} + +/** + * Implementation of backend_t.is_writable. + */ +static bool is_writeable(private_sqlite_backend_t *this) +{ + return FALSE; +} + +/** + * Implementation of backend_t.destroy. + */ +static void destroy(private_sqlite_backend_t *this) +{ + sqlite3_close(this->db); + free(this); +} + +/** + * Described in header. + */ +backend_t *backend_create(void) +{ + private_sqlite_backend_t *this = malloc_thing(private_sqlite_backend_t); + + this->public.backend.get_ike_cfg = (ike_cfg_t* (*)(backend_t*, host_t*, host_t*))get_ike_cfg; + this->public.backend.get_peer_cfg = (peer_cfg_t* (*)(backend_t*,identification_t*,identification_t*,ca_info_t*))get_peer_cfg; + this->public.backend.get_peer_cfg_by_name = (peer_cfg_t* (*)(backend_t*,char*))get_peer_cfg_by_name; + this->public.backend.is_writeable = (bool(*) (backend_t*))is_writeable; + this->public.backend.destroy = (void (*)(backend_t*))destroy; + + if (sqlite3_open(IPSEC_DIR "/manager.db", &this->db) != SQLITE_OK) + { + DBG1(DBG_CFG, "opening SQLite database '" IPSEC_DIR "/manager.db' failed."); + destroy(this); + return NULL; + } + + return &this->public.backend; +} + diff --git a/src/charon/config/backends/sqlite_backend.h b/src/charon/config/backends/sqlite_backend.h new file mode 100644 index 000000000..4bc146583 --- /dev/null +++ b/src/charon/config/backends/sqlite_backend.h @@ -0,0 +1,58 @@ +/** + * @file sqlite_backend.h + * + * @brief Interface of sqlite_backend_t. + * + */ + +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#ifndef SQLITE_BACKEND_H_ +#define SQLITE_BACKEND_H_ + +typedef struct sqlite_backend_t sqlite_backend_t; + +#include + +#include "backend.h" + +/** + * @brief An SQLite based configuration backend. + * + * @b Constructors: + * - sqlite_backend_create() + * + * @ingroup backends + */ +struct sqlite_backend_t { + + /** + * Implements backend_t interface + */ + backend_t backend; +}; + +/** + * @brief Create a backend_t instance implemented as sqlite backend. + * + * @return backend instance + * + * @ingroup backends + */ +backend_t *backend_create(void); + +#endif /* SQLITE_BACKEND_H_ */ + diff --git a/src/charon/config/child_cfg.c b/src/charon/config/child_cfg.c index e9f0e5249..5827b4f61 100644 --- a/src/charon/config/child_cfg.c +++ b/src/charon/config/child_cfg.c @@ -239,21 +239,25 @@ static linked_list_t* get_traffic_selectors(private_child_cfg_t *this, bool loca /* no list supplied, just fetch the stored traffic selectors */ if (supplied == NULL) { + DBG2(DBG_CFG, "proposing traffic selectors for %s:", + local ? "us" : "other"); while (i1->iterate(i1, (void**)&ts1)) { /* we make a copy of the TS, this allows us to update dynamic TS' */ - ts1 = ts1->clone(ts1); + selected = ts1->clone(ts1); if (host) { - ts1->set_address(ts1, host); + selected->set_address(selected, host); } - result->insert_last(result, ts1); + DBG2(DBG_CFG, " %R (derived from %R)", selected, ts1); + result->insert_last(result, selected); } i1->destroy(i1); } else { - DBG2(DBG_CFG, "selecting traffic selectors"); + DBG2(DBG_CFG, "selecting traffic selectors for %s:", + local ? "us" : "other"); i2 = supplied->create_iterator(supplied, TRUE); /* iterate over all stored selectors */ while (i1->iterate(i1, (void**)&ts1)) @@ -269,13 +273,17 @@ static linked_list_t* get_traffic_selectors(private_child_cfg_t *this, bool loca /* iterate over all supplied traffic selectors */ while (i2->iterate(i2, (void**)&ts2)) { - DBG2(DBG_CFG, "stored %R <=> %R received", ts1, ts2); selected = ts1->get_subset(ts1, ts2); if (selected) { + DBG2(DBG_CFG, " config: %R, received: %R => match: %R", + ts1, ts2, selected); result->insert_last(result, selected); - DBG2(DBG_CFG, "found traffic selector for %s: %R", - local ? "us" : "other", selected); + } + else + { + DBG2(DBG_CFG, " config: %R, received: %R => no match", + ts1, ts2, selected); } } ts1->destroy(ts1); diff --git a/src/charon/config/credentials/local_credential_store.c b/src/charon/config/credentials/local_credential_store.c index 649fcbcfb..b71e9e9e2 100644 --- a/src/charon/config/credentials/local_credential_store.c +++ b/src/charon/config/credentials/local_credential_store.c @@ -66,7 +66,7 @@ struct shared_key_t { static void shared_key_destroy(shared_key_t *this) { this->peers->destroy_offset(this->peers, offsetof(identification_t, destroy)); - chunk_free(&this->secret); + chunk_free_randomized(&this->secret); free(this); } @@ -83,7 +83,7 @@ static shared_key_t *shared_key_create(chunk_t secret) shared_key_t *this = malloc_thing(shared_key_t); /* private data */ - this->secret = chunk_clone(secret); + this->secret = secret; this->peers = linked_list_create(); return (this); @@ -157,6 +157,11 @@ struct private_local_credential_store_t { */ linked_list_t *private_keys; + /** + * mutex controls access to the linked lists of secret keys + */ + pthread_mutex_t keys_mutex; + /** * list of X.509 certificates with public keys */ @@ -171,6 +176,16 @@ struct private_local_credential_store_t { * list of X.509 CA information records */ linked_list_t *ca_infos; + + /** + * list of X.509 attribute certificates + */ + linked_list_t *acerts; + + /** + * mutex controls access to the linked list of attribute certificates + */ + pthread_mutex_t acerts_mutex; }; @@ -191,8 +206,9 @@ static status_t get_key(linked_list_t *keys, prio_t best_prio = PRIO_UNDEFINED; chunk_t found = chunk_empty; shared_key_t *shared_key; + iterator_t *iterator; - iterator_t *iterator = keys->create_iterator(keys, TRUE); + iterator = keys->create_iterator(keys, TRUE); while (iterator->iterate(iterator, (void**)&shared_key)) { @@ -242,7 +258,6 @@ static status_t get_key(linked_list_t *keys, } } - /** * Implementation of local_credential_store_t.get_shared_key. */ @@ -250,7 +265,12 @@ static status_t get_shared_key(private_local_credential_store_t *this, identification_t *my_id, identification_t *other_id, chunk_t *secret) { - return get_key(this->shared_keys, my_id, other_id, secret); + status_t status; + + pthread_mutex_lock(&(this->keys_mutex)); + status = get_key(this->shared_keys, my_id, other_id, secret); + pthread_mutex_unlock(&(this->keys_mutex)); + return status; } /** @@ -260,7 +280,12 @@ static status_t get_eap_key(private_local_credential_store_t *this, identification_t *my_id, identification_t *other_id, chunk_t *secret) { - return get_key(this->eap_keys, my_id, other_id, secret); + status_t status; + + pthread_mutex_lock(&(this->keys_mutex)); + status = get_key(this->eap_keys, my_id, other_id, secret); + pthread_mutex_unlock(&(this->keys_mutex)); + return status; } /** @@ -324,28 +349,6 @@ static ca_info_t* get_issuer(private_local_credential_store_t *this, x509_t *cer return found; } -/** - * Implementation of local_credential_store_t.get_rsa_private_key. - */ -static rsa_private_key_t *get_rsa_private_key(private_local_credential_store_t *this, - rsa_public_key_t *pubkey) -{ - rsa_private_key_t *found = NULL, *current; - - iterator_t *iterator = this->private_keys->create_iterator(this->private_keys, TRUE); - - while (iterator->iterate(iterator, (void**)¤t)) - { - if (current->belongs_to(current, pubkey)) - { - found = current->clone(current); - break; - } - } - iterator->destroy(iterator); - return found; -} - /** * Implementation of local_credential_store_t.has_rsa_private_key. */ @@ -353,8 +356,10 @@ static bool has_rsa_private_key(private_local_credential_store_t *this, rsa_publ { bool found = FALSE; rsa_private_key_t *current; + iterator_t *iterator; - iterator_t *iterator = this->private_keys->create_iterator(this->private_keys, TRUE); + pthread_mutex_lock(&(this->keys_mutex)); + iterator = this->private_keys->create_iterator(this->private_keys, TRUE); while (iterator->iterate(iterator, (void**)¤t)) { @@ -365,6 +370,7 @@ static bool has_rsa_private_key(private_local_credential_store_t *this, rsa_publ } } iterator->destroy(iterator); + pthread_mutex_unlock(&(this->keys_mutex)); return found; } @@ -724,11 +730,52 @@ static bool verify(private_local_credential_store_t *this, x509_t *cert, bool *f return FALSE; } +/** + * Implementation of local_credential_store_t.rsa_signature. + */ +static status_t rsa_signature(private_local_credential_store_t *this, + rsa_public_key_t *pubkey, + hash_algorithm_t hash_algorithm, + chunk_t data, chunk_t *signature) +{ + rsa_private_key_t *current, *key = NULL; + iterator_t *iterator; + status_t status; + chunk_t keyid = pubkey->get_keyid(pubkey); + + DBG2(DBG_IKE, "looking for RSA private key with keyid %#B...", &keyid); + pthread_mutex_lock(&(this->keys_mutex)); + + iterator = this->private_keys->create_iterator(this->private_keys, TRUE); + while (iterator->iterate(iterator, (void**)¤t)) + { + if (current->belongs_to(current, pubkey)) + { + key = current; + break; + } + } + iterator->destroy(iterator); + + if (key) + { + DBG2(DBG_IKE, " matching RSA private key found"); + status = key->build_emsa_pkcs1_signature(key, hash_algorithm, data, signature); + } + else + { + DBG1(DBG_IKE, "no RSA private key found with keyid %#B", &keyid); + status = NOT_FOUND; + } + pthread_mutex_unlock(&(this->keys_mutex)); + return status; +} + /** * Implementation of local_credential_store_t.verify_signature. */ static status_t verify_signature(private_local_credential_store_t *this, - chunk_t hash, chunk_t sig, + chunk_t hash, chunk_t signature, identification_t *id, ca_info_t **issuer_p) { iterator_t *iterator = this->certs->create_iterator(this->certs, TRUE); @@ -785,7 +832,7 @@ static status_t verify_signature(private_local_credential_store_t *this, } *issuer_p = issuer; } - sig_status = public_key->verify_emsa_pkcs1_signature(public_key, hash, sig); + sig_status = public_key->verify_emsa_pkcs1_signature(public_key, HASH_UNKNOWN, hash, signature); if (sig_status == SUCCESS) { DBG2(DBG_CFG, "candidate peer certificate has a matching RSA public key"); @@ -937,6 +984,14 @@ static iterator_t* create_cainfo_iterator(private_local_credential_store_t *this return this->ca_infos->create_iterator(this->ca_infos, TRUE); } +/** + * Implements local_credential_store_t.create_acert_iterator + */ +static iterator_t* create_acert_iterator(private_local_credential_store_t *this) +{ + return this->acerts->create_iterator_locked(this->acerts, &this->acerts_mutex); +} + /** * Implements local_credential_store_t.load_auth_certificates */ @@ -1053,7 +1108,39 @@ static void load_aa_certificates(private_local_credential_store_t *this) */ static void add_attr_certificate(private_local_credential_store_t *this, x509ac_t *cert) { - /* TODO add a new attribute certificate to the linked list */ + iterator_t *iterator; + x509ac_t *current_cert; + bool found = FALSE; + + pthread_mutex_lock(&(this->acerts_mutex)); + iterator = this->acerts->create_iterator(this->acerts, TRUE); + + while (iterator->iterate(iterator, (void **)¤t_cert)) + { + if (cert->equals_holder(cert, current_cert)) + { + if (cert->is_newer(cert, current_cert)) + { + iterator->replace(iterator, NULL, (void *)cert); + current_cert->destroy(current_cert); + DBG1(DBG_CFG, " this attr cert is newer - existing attr cert replaced"); + } + else + { + cert->destroy(cert); + DBG1(DBG_CFG, " this attr cert is not newer - existing attr cert retained"); + } + found = TRUE; + break; + } + } + iterator->destroy(iterator); + + if (!found) + { + this->acerts->insert_last(this->acerts, (void *)cert); + } + pthread_mutex_unlock(&(this->acerts_mutex)); } /** @@ -1230,21 +1317,26 @@ static err_t extract_secret(chunk_t *secret, chunk_t *line) } if (quotes) - { /* treat as an ASCII string */ - if (raw_secret.len > secret->len) - return "secret larger than buffer"; - memcpy(secret->ptr, raw_secret.ptr, raw_secret.len); - secret->len = raw_secret.len; + { + /* treat as an ASCII string */ + *secret = chunk_clone(raw_secret); } else - { /* convert from HEX or Base64 to binary */ + { size_t len; - err_t ugh = ttodata(raw_secret.ptr, raw_secret.len, 0, secret->ptr, secret->len, &len); + err_t ugh; + + /* secret converted to binary form doesn't use more space than the raw_secret */ + *secret = chunk_alloc(raw_secret.len); + + /* convert from HEX or Base64 to binary */ + ugh = ttodata(raw_secret.ptr, raw_secret.len, 0, secret->ptr, secret->len, &len); if (ugh != NULL) + { + chunk_free_randomized(secret); return ugh; - if (len > secret->len) - return "secret larger than buffer"; + } secret->len = len; } return NULL; @@ -1253,17 +1345,18 @@ static err_t extract_secret(chunk_t *secret, chunk_t *line) /** * Implements local_credential_store_t.load_secrets */ -static void load_secrets(private_local_credential_store_t *this) +static void load_secrets(private_local_credential_store_t *this, bool reload) { FILE *fd = fopen(SECRETS_FILE, "r"); if (fd) { - int bytes; + size_t bytes; int line_nr = 0; chunk_t chunk, src, line; - DBG1(DBG_CFG, "loading secrets from \"%s\"", SECRETS_FILE); + DBG1(DBG_CFG, "%sloading secrets from \"%s\"", + reload? "re":"", SECRETS_FILE); fseek(fd, 0, SEEK_END); chunk.len = ftell(fd); @@ -1271,9 +1364,25 @@ static void load_secrets(private_local_credential_store_t *this) chunk.ptr = malloc(chunk.len); bytes = fread(chunk.ptr, 1, chunk.len, fd); fclose(fd); - src = chunk; + pthread_mutex_lock(&(this->keys_mutex)); + if (reload) + { + DBG1(DBG_CFG, " forgetting old secrets"); + this->private_keys->destroy_offset(this->private_keys, + offsetof(rsa_private_key_t, destroy)); + this->private_keys = linked_list_create(); + + this->shared_keys->destroy_function(this->shared_keys, + (void*)shared_key_destroy); + this->shared_keys = linked_list_create(); + + this->eap_keys->destroy_function(this->eap_keys, + (void*)shared_key_destroy); + this->eap_keys = linked_list_create(); + } + while (fetchline(&src, &line)) { chunk_t ids, token; @@ -1302,9 +1411,7 @@ static void load_secrets(private_local_credential_store_t *this) { char path[PATH_BUF]; chunk_t filename; - - char buf[BUF_LEN]; - chunk_t secret = { buf, BUF_LEN }; + chunk_t secret = chunk_empty; chunk_t *passphrase = NULL; rsa_private_key_t *key; @@ -1350,14 +1457,13 @@ static void load_secrets(private_local_credential_store_t *this) { this->private_keys->insert_last(this->private_keys, (void*)key); } + chunk_free_randomized(&secret); } else if ( match("PSK", &token) || ((match("EAP", &token) || match("XAUTH", &token)) && (is_eap = TRUE))) { shared_key_t *shared_key; - - char buf[BUF_LEN]; - chunk_t secret = { buf, BUF_LEN }; + chunk_t secret = chunk_empty; err_t ugh = extract_secret(&secret, &line); if (ugh != NULL) @@ -1373,16 +1479,13 @@ static void load_secrets(private_local_credential_store_t *this) DBG4(DBG_CFG, " secret:", secret); shared_key = shared_key_create(secret); - if (shared_key) + if (is_eap) { - if (is_eap) - { - this->eap_keys->insert_last(this->eap_keys, (void*)shared_key); - } - else - { - this->shared_keys->insert_last(this->shared_keys, (void*)shared_key); - } + this->eap_keys->insert_last(this->eap_keys, (void*)shared_key); + } + else + { + this->shared_keys->insert_last(this->shared_keys, (void*)shared_key); } while (ids.len > 0) { @@ -1430,7 +1533,8 @@ static void load_secrets(private_local_credential_store_t *this) } } error: - free(chunk.ptr); + chunk_free_randomized(&chunk); + pthread_mutex_unlock(&(this->keys_mutex)); } else { @@ -1447,9 +1551,17 @@ static void destroy(private_local_credential_store_t *this) this->certs->destroy_offset(this->certs, offsetof(x509_t, destroy)); this->auth_certs->destroy_offset(this->auth_certs, offsetof(x509_t, destroy)); this->ca_infos->destroy_offset(this->ca_infos, offsetof(ca_info_t, destroy)); + + pthread_mutex_lock(&(this->acerts_mutex)); + this->acerts->destroy_offset(this->acerts, offsetof(x509ac_t, destroy)); + pthread_mutex_unlock(&(this->acerts_mutex)); + + pthread_mutex_lock(&(this->keys_mutex)); this->private_keys->destroy_offset(this->private_keys, offsetof(rsa_private_key_t, destroy)); this->shared_keys->destroy_function(this->shared_keys, (void*)shared_key_destroy); this->eap_keys->destroy_function(this->eap_keys, (void*)shared_key_destroy); + pthread_mutex_unlock(&(this->keys_mutex)); + free(this); } @@ -1459,17 +1571,18 @@ static void destroy(private_local_credential_store_t *this) local_credential_store_t * local_credential_store_create(void) { private_local_credential_store_t *this = malloc_thing(private_local_credential_store_t); - + + /* public functions */ this->public.credential_store.get_shared_key = (status_t (*) (credential_store_t*,identification_t*,identification_t*,chunk_t*))get_shared_key; this->public.credential_store.get_eap_key = (status_t (*) (credential_store_t*,identification_t*,identification_t*,chunk_t*))get_eap_key; this->public.credential_store.get_rsa_public_key = (rsa_public_key_t*(*)(credential_store_t*,identification_t*))get_rsa_public_key; - this->public.credential_store.get_rsa_private_key = (rsa_private_key_t* (*) (credential_store_t*,rsa_public_key_t*))get_rsa_private_key; this->public.credential_store.has_rsa_private_key = (bool (*) (credential_store_t*,rsa_public_key_t*))has_rsa_private_key; this->public.credential_store.get_certificate = (x509_t* (*) (credential_store_t*,identification_t*))get_certificate; this->public.credential_store.get_auth_certificate = (x509_t* (*) (credential_store_t*,u_int,identification_t*))get_auth_certificate; this->public.credential_store.get_ca_certificate_by_keyid = (x509_t* (*) (credential_store_t*,chunk_t))get_ca_certificate_by_keyid; this->public.credential_store.get_issuer = (ca_info_t* (*) (credential_store_t*,x509_t*))get_issuer; this->public.credential_store.is_trusted = (bool (*) (credential_store_t*,const char*,x509_t*))is_trusted; + this->public.credential_store.rsa_signature = (status_t (*) (credential_store_t*,rsa_public_key_t*,hash_algorithm_t,chunk_t,chunk_t*))rsa_signature; this->public.credential_store.verify_signature = (status_t (*) (credential_store_t*,chunk_t,chunk_t,identification_t*,ca_info_t**))verify_signature; this->public.credential_store.verify = (bool (*) (credential_store_t*,x509_t*,bool*))verify; this->public.credential_store.add_end_certificate = (x509_t* (*) (credential_store_t*,x509_t*))add_end_certificate; @@ -1479,14 +1592,19 @@ local_credential_store_t * local_credential_store_create(void) this->public.credential_store.create_cert_iterator = (iterator_t* (*) (credential_store_t*))create_cert_iterator; this->public.credential_store.create_auth_cert_iterator = (iterator_t* (*) (credential_store_t*))create_auth_cert_iterator; this->public.credential_store.create_cainfo_iterator = (iterator_t* (*) (credential_store_t*))create_cainfo_iterator; + this->public.credential_store.create_acert_iterator = (iterator_t* (*) (credential_store_t*))create_acert_iterator; this->public.credential_store.load_ca_certificates = (void (*) (credential_store_t*))load_ca_certificates; this->public.credential_store.load_aa_certificates = (void (*) (credential_store_t*))load_aa_certificates; this->public.credential_store.load_attr_certificates = (void (*) (credential_store_t*))load_attr_certificates; this->public.credential_store.load_ocsp_certificates = (void (*) (credential_store_t*))load_ocsp_certificates; this->public.credential_store.load_crls = (void (*) (credential_store_t*))load_crls; - this->public.credential_store.load_secrets = (void (*) (credential_store_t*))load_secrets; + this->public.credential_store.load_secrets = (void (*) (credential_store_t*,bool))load_secrets; this->public.credential_store.destroy = (void (*) (credential_store_t*))destroy; - + + /* initialize the mutexes */ + pthread_mutex_init(&(this->keys_mutex), NULL); + pthread_mutex_init(&(this->acerts_mutex), NULL); + /* private variables */ this->shared_keys = linked_list_create(); this->eap_keys = linked_list_create(); @@ -1494,6 +1612,7 @@ local_credential_store_t * local_credential_store_create(void) this->certs = linked_list_create(); this->auth_certs = linked_list_create(); this->ca_infos = linked_list_create(); + this->acerts = linked_list_create(); return (&this->public); } diff --git a/src/charon/config/ike_cfg.c b/src/charon/config/ike_cfg.c index 35f46a6b7..abb300aab 100644 --- a/src/charon/config/ike_cfg.c +++ b/src/charon/config/ike_cfg.c @@ -58,6 +58,11 @@ struct private_ike_cfg_t { */ bool certreq; + /** + * enforce UDP encapsulation + */ + bool force_encap; + /** * List of proposals to use */ @@ -71,6 +76,14 @@ static bool send_certreq(private_ike_cfg_t *this) { return this->certreq; } + +/** + * Implementation of ike_cfg_t.force_encap. + */ +static bool force_encap_meth(private_ike_cfg_t *this) +{ + return this->force_encap; +} /** * Implementation of ike_cfg_t.get_my_host. @@ -201,12 +214,14 @@ static void destroy(private_ike_cfg_t *this) /** * Described in header. */ -ike_cfg_t *ike_cfg_create(bool certreq, host_t *my_host, host_t *other_host) +ike_cfg_t *ike_cfg_create(bool certreq, bool force_encap, + host_t *my_host, host_t *other_host) { private_ike_cfg_t *this = malloc_thing(private_ike_cfg_t); /* public functions */ this->public.send_certreq = (bool(*)(ike_cfg_t*))send_certreq; + this->public.force_encap = (bool (*) (ike_cfg_t *))force_encap_meth; this->public.get_my_host = (host_t*(*)(ike_cfg_t*))get_my_host; this->public.get_other_host = (host_t*(*)(ike_cfg_t*))get_other_host; this->public.add_proposal = (void(*)(ike_cfg_t*, proposal_t*)) add_proposal; @@ -219,6 +234,7 @@ ike_cfg_t *ike_cfg_create(bool certreq, host_t *my_host, host_t *other_host) /* private variables */ this->refcount = 1; this->certreq = certreq; + this->force_encap = force_encap; this->my_host = my_host; this->other_host = other_host; diff --git a/src/charon/config/ike_cfg.h b/src/charon/config/ike_cfg.h index bcdc90d9e..5165d12a6 100644 --- a/src/charon/config/ike_cfg.h +++ b/src/charon/config/ike_cfg.h @@ -101,6 +101,14 @@ struct ike_cfg_t { */ bool (*send_certreq) (ike_cfg_t *this); + /** + * @brief Enforce UDP encapsulation by faking NATD notifies? + * + * @param this calling object + * @return TRUE to enfoce UDP encapsulation + */ + bool (*force_encap) (ike_cfg_t *this); + /** * @brief Get the DH group to use for IKE_SA setup. * @@ -140,12 +148,14 @@ struct ike_cfg_t { * * @param name ike_cfg identifier * @param certreq TRUE to send a certificate request + * @param force_encap enforce UDP encapsulation by faking NATD notify * @param my_host host_t representing local address * @param other_host host_t representing remote address * @return ike_cfg_t object. * * @ingroup config */ -ike_cfg_t *ike_cfg_create(bool certreq, host_t *my_host, host_t *other_host); +ike_cfg_t *ike_cfg_create(bool certreq, bool force_encap, + host_t *my_host, host_t *other_host); #endif /* IKE_CFG_H_ */ diff --git a/src/charon/config/peer_cfg.c b/src/charon/config/peer_cfg.c index 1d9176e0d..d61ed9512 100644 --- a/src/charon/config/peer_cfg.c +++ b/src/charon/config/peer_cfg.c @@ -6,6 +6,7 @@ */ /* + * Copyright (C) 2007 Tobias Brunner * Copyright (C) 2005-2007 Martin Willi * Copyright (C) 2005 Jan Hutter * Hochschule fuer Technik Rapperswil @@ -28,6 +29,7 @@ #include #include +#include ENUM(cert_policy_names, CERT_ALWAYS_SEND, CERT_NEVER_SEND, "CERT_ALWAYS_SEND", @@ -104,6 +106,11 @@ struct private_peer_cfg_t { */ identification_t *other_ca; + /** + * we require the other end to belong to at least one group + */ + linked_list_t *groups; + /** * should we send a certificate */ @@ -129,6 +136,11 @@ struct private_peer_cfg_t { */ bool use_reauth; + /** + * enable support for MOBIKE + */ + bool use_mobike; + /** * Time before an SA gets invalid */ @@ -164,6 +176,24 @@ struct private_peer_cfg_t { * virtual IP to use remotly */ host_t *other_virtual_ip; + +#ifdef P2P + /** + * Is this a mediation connection? + */ + bool p2p_mediation; + + /** + * Name of the mediation connection to mediate through + */ + peer_cfg_t *p2p_mediated_by; + + /** + * ID of our peer at the mediation server (= leftid of the peer's conn with + * the mediation server) + */ + identification_t *peer_id; +#endif /* P2P */ }; /** @@ -274,10 +304,21 @@ static identification_t *get_my_ca(private_peer_cfg_t *this) return this->my_ca; } +/** + * Implementation of peer_cfg_t.get_other_ca + */ static identification_t *get_other_ca(private_peer_cfg_t *this) { return this->other_ca; -} +} + +/** + * Implementation of peer_cfg_t.get_groups + */ +static linked_list_t *get_groups(private_peer_cfg_t *this) +{ + return this->groups; +} /** * Implementation of peer_cfg_t.get_cert_policy. @@ -330,10 +371,18 @@ static u_int32_t get_lifetime(private_peer_cfg_t *this, bool rekey) /** * Implementation of peer_cfg_t.use_reauth. */ -static bool use_reauth(private_peer_cfg_t *this, bool rekey) +static bool use_reauth(private_peer_cfg_t *this) { return this->use_reauth; } + +/** + * Implementation of peer_cfg_t.use_mobike. + */ +static bool use_mobike(private_peer_cfg_t *this) +{ + return this->use_mobike; +} /** * Implements peer_cfg_t.get_dpd_delay @@ -383,6 +432,36 @@ static host_t* get_other_virtual_ip(private_peer_cfg_t *this, host_t *suggestion return suggestion->clone(suggestion); } +#ifdef P2P +/** + * Implementation of peer_cfg_t.is_mediation. + */ +static bool is_mediation(private_peer_cfg_t *this) +{ + return this->p2p_mediation; +} + +/** + * Implementation of peer_cfg_t.get_mediated_by. + */ +static peer_cfg_t* get_mediated_by(private_peer_cfg_t *this) +{ + if (this->p2p_mediated_by) { + this->p2p_mediated_by->get_ref(this->p2p_mediated_by); + return this->p2p_mediated_by; + } + return NULL; +} + +/** + * Implementation of peer_cfg_t.get_peer_id. + */ +static identification_t* get_peer_id(private_peer_cfg_t *this) +{ + return this->peer_id; +} +#endif /* P2P */ + /** * Implements peer_cfg_t.get_ref. */ @@ -404,9 +483,13 @@ static void destroy(private_peer_cfg_t *this) this->other_id->destroy(this->other_id); DESTROY_IF(this->my_ca); DESTROY_IF(this->other_ca); - DESTROY_IF(this->my_virtual_ip); DESTROY_IF(this->other_virtual_ip); +#ifdef P2P + DESTROY_IF(this->p2p_mediated_by); + DESTROY_IF(this->peer_id); +#endif /* P2P */ + ietfAttr_list_destroy(this->groups); free(this->name); free(this); } @@ -418,12 +501,15 @@ static void destroy(private_peer_cfg_t *this) peer_cfg_t *peer_cfg_create(char *name, u_int ike_version, ike_cfg_t *ike_cfg, identification_t *my_id, identification_t *other_id, identification_t *my_ca, identification_t *other_ca, - cert_policy_t cert_policy, auth_method_t auth_method, - eap_type_t eap_type, u_int32_t keyingtries, - u_int32_t lifetime, u_int32_t rekeytime, - u_int32_t jitter, bool reauth, + linked_list_t *groups, cert_policy_t cert_policy, + auth_method_t auth_method, eap_type_t eap_type, + u_int32_t keyingtries, u_int32_t lifetime, + u_int32_t rekeytime, u_int32_t jitter, + bool reauth, bool mobike, u_int32_t dpd_delay, dpd_action_t dpd_action, - host_t *my_virtual_ip, host_t *other_virtual_ip) + host_t *my_virtual_ip, host_t *other_virtual_ip, + bool p2p_mediation, peer_cfg_t *p2p_mediated_by, + identification_t *peer_id) { private_peer_cfg_t *this = malloc_thing(private_peer_cfg_t); @@ -438,18 +524,25 @@ peer_cfg_t *peer_cfg_create(char *name, u_int ike_version, ike_cfg_t *ike_cfg, this->public.get_other_id = (identification_t* (*)(peer_cfg_t *))get_other_id; this->public.get_my_ca = (identification_t* (*)(peer_cfg_t *))get_my_ca; this->public.get_other_ca = (identification_t* (*)(peer_cfg_t *))get_other_ca; + this->public.get_groups = (linked_list_t* (*)(peer_cfg_t *))get_groups; this->public.get_cert_policy = (cert_policy_t (*) (peer_cfg_t *))get_cert_policy; this->public.get_auth_method = (auth_method_t (*) (peer_cfg_t *))get_auth_method; this->public.get_eap_type = (eap_type_t (*) (peer_cfg_t *))get_eap_type; this->public.get_keyingtries = (u_int32_t (*) (peer_cfg_t *))get_keyingtries; this->public.get_lifetime = (u_int32_t (*) (peer_cfg_t *, bool rekey))get_lifetime; this->public.use_reauth = (bool (*) (peer_cfg_t *))use_reauth; + this->public.use_mobike = (bool (*) (peer_cfg_t *))use_mobike; this->public.get_dpd_delay = (u_int32_t (*) (peer_cfg_t *))get_dpd_delay; this->public.get_dpd_action = (dpd_action_t (*) (peer_cfg_t *))get_dpd_action; this->public.get_my_virtual_ip = (host_t* (*) (peer_cfg_t *))get_my_virtual_ip; this->public.get_other_virtual_ip = (host_t* (*) (peer_cfg_t *, host_t *))get_other_virtual_ip; this->public.get_ref = (void(*)(peer_cfg_t *))get_ref; this->public.destroy = (void(*)(peer_cfg_t *))destroy; +#ifdef P2P + this->public.is_mediation = (bool (*) (peer_cfg_t *))is_mediation; + this->public.get_mediated_by = (peer_cfg_t* (*) (peer_cfg_t *))get_mediated_by; + this->public.get_peer_id = (identification_t* (*) (peer_cfg_t *))get_peer_id; +#endif /* P2P */ /* apply init values */ this->name = strdup(name); @@ -461,6 +554,7 @@ peer_cfg_t *peer_cfg_create(char *name, u_int ike_version, ike_cfg_t *ike_cfg, this->other_id = other_id; this->my_ca = my_ca; this->other_ca = other_ca; + this->groups = groups; this->cert_policy = cert_policy; this->auth_method = auth_method; this->eap_type = eap_type; @@ -469,11 +563,17 @@ peer_cfg_t *peer_cfg_create(char *name, u_int ike_version, ike_cfg_t *ike_cfg, this->rekeytime = rekeytime; this->jitter = jitter; this->use_reauth = reauth; + this->use_mobike = mobike; this->dpd_delay = dpd_delay; this->dpd_action = dpd_action; this->my_virtual_ip = my_virtual_ip; this->other_virtual_ip = other_virtual_ip; this->refcount = 1; +#ifdef P2P + this->p2p_mediation = p2p_mediation; + this->p2p_mediated_by = p2p_mediated_by; + this->peer_id = peer_id; +#endif /* P2P */ return &this->public; } diff --git a/src/charon/config/peer_cfg.h b/src/charon/config/peer_cfg.h index 63c87674c..3d238e6aa 100644 --- a/src/charon/config/peer_cfg.h +++ b/src/charon/config/peer_cfg.h @@ -6,6 +6,7 @@ */ /* + * Copyright (C) 2007 Tobias Brunner * Copyright (C) 2005-2007 Martin Willi * Copyright (C) 2005 Jan Hutter * Hochschule fuer Technik Rapperswil @@ -30,6 +31,7 @@ typedef struct peer_cfg_t peer_cfg_t; #include #include +#include #include #include #include @@ -194,13 +196,21 @@ struct peer_cfg_t { identification_t* (*get_my_ca)(peer_cfg_t *this); /** - * @brief Get peers CA. + * @brief Get peer CA. * * @param this calling object * @return other ca */ identification_t* (*get_other_ca)(peer_cfg_t *this); + /** + * @brief Get list of group attributes. + * + * @param this calling object + * @return linked list of group attributes + */ + linked_list_t* (*get_groups)(peer_cfg_t *this); + /** * @brief Should be sent a certificate for this connection? * @@ -256,6 +266,14 @@ struct peer_cfg_t { */ bool (*use_reauth) (peer_cfg_t *this); + /** + * @brief Use MOBIKE (RFC4555) if peer supports it? + * + * @param this calling object + * @return TRUE to enable MOBIKE support + */ + bool (*use_mobike) (peer_cfg_t *this); + /** * @brief Get the DPD check interval. * @@ -297,6 +315,37 @@ struct peer_cfg_t { * @return clone of an IP to use */ host_t* (*get_other_virtual_ip) (peer_cfg_t *this, host_t *suggestion); + +#ifdef P2P + /** + * @brief Is this a mediation connection? + * + * @param this peer_cfg + * @return TRUE, if this is a mediation connection + */ + bool (*is_mediation) (peer_cfg_t *this); + + /** + * @brief Get peer_cfg of the connection this one is mediated through. + * + * @param this peer_cfg + * @return reference to peer_cfg of the mediation connection + */ + peer_cfg_t* (*get_mediated_by) (peer_cfg_t *this); + + /** + * @brief Get the id of the other peer at the mediation server. + * + * This is the leftid of the peer's connection with the mediation server. + * + * If it is not configured, it is assumed to be the same as the right id + * of this connection. + * + * @param this peer_cfg + * @return the id of the other peer + */ + identification_t* (*get_peer_id) (peer_cfg_t *this); +#endif /* P2P */ /** * @brief Get a new reference. @@ -339,6 +388,7 @@ struct peer_cfg_t { * @param other_id identification_t for the remote guy * @param my_ca CA to use for us * @param other_ca CA to use for other + * @param groups list of group memberships * @param cert_policy should we send a certificate payload? * @param auth_method auth method to use to authenticate us * @param eap_type EAP type to use for peer authentication @@ -346,11 +396,15 @@ struct peer_cfg_t { * @param lifetime lifetime before deleting an SA * @param rekeytime lifetime before rekeying an SA * @param jitter range of random to substract from rekeytime - * @param use_reauth sould be done reauthentication instead of rekeying? + * @param reauth sould be done reauthentication instead of rekeying? + * @param mobike use MOBIKE (RFC4555) if peer supports it * @param dpd_delay after how many seconds of inactivity to check DPD * @param dpd_action what to do with CHILD_SAs when detected a dead peer * @param my_virtual_ip virtual IP for local host, or NULL * @param other_virtual_ip virtual IP for remote host, or NULL + * @param p2p_mediation TRUE if this is a mediation connection + * @param p2p_mediated_by name of the mediation connection to mediate through + * @param peer_id ID that identifies our peer at the mediation server * @return peer_cfg_t object * * @ingroup config @@ -358,11 +412,14 @@ struct peer_cfg_t { peer_cfg_t *peer_cfg_create(char *name, u_int ikev_version, ike_cfg_t *ike_cfg, identification_t *my_id, identification_t *other_id, identification_t *my_ca, identification_t *other_ca, - cert_policy_t cert_policy, auth_method_t auth_method, - eap_type_t eap_type, u_int32_t keyingtries, - u_int32_t lifetime, u_int32_t rekeytime, - u_int32_t jitter, bool use_reauth, + linked_list_t *groups, cert_policy_t cert_policy, + auth_method_t auth_method, eap_type_t eap_type, + u_int32_t keyingtries, u_int32_t lifetime, + u_int32_t rekeytime, u_int32_t jitter, + bool reauth, bool mobike, u_int32_t dpd_delay, dpd_action_t dpd_action, - host_t *my_virtual_ip, host_t *other_virtual_ip); + host_t *my_virtual_ip, host_t *other_virtual_ip, + bool p2p_mediation, peer_cfg_t *p2p_mediated_by, + identification_t *peer_id); #endif /* PEER_CFG_H_ */ diff --git a/src/charon/control/interface_manager.c b/src/charon/control/interface_manager.c index 700174c5b..c71036567 100644 --- a/src/charon/control/interface_manager.c +++ b/src/charon/control/interface_manager.c @@ -290,6 +290,13 @@ static status_t initiate(private_interface_manager_t *this, } charon->ike_sa_manager->checkin(charon->ike_sa_manager, ike_sa); + if (callback == NULL) + { + /* don't wait for a result if no callback is specified */ + charon->bus->set_listen_state(charon->bus, FALSE); + return NEED_MORE; + } + /* wait until we get a result */ while (TRUE) { @@ -669,6 +676,14 @@ static void load_interfaces(private_interface_manager_t *this) closedir(dir); } +/** + * See header + */ +bool interface_manager_cb_empty(void *param, signal_t signal, level_t level, + ike_sa_t *ike_sa, char *format, va_list args) +{ + return TRUE; +} /** * Implementation of stroke_t.destroy. diff --git a/src/charon/control/interface_manager.h b/src/charon/control/interface_manager.h index 06a5fe6c4..3ee1f0e39 100644 --- a/src/charon/control/interface_manager.h +++ b/src/charon/control/interface_manager.h @@ -40,6 +40,15 @@ typedef bool(*interface_manager_cb_t)(void* param, signal_t signal, level_t level, ike_sa_t* ike_sa, char* format, va_list args); +/** + * @brief Empty callback function for interface_manager_t functions. + * + * If you wan't to do a syncrhonous call, but don't need a callback, pass + * this function to the interface_managers methods. + */ +bool interface_manager_cb_empty(void *param, signal_t signal, level_t level, + ike_sa_t *ike_sa, char *format, va_list args); + typedef struct interface_manager_t interface_manager_t; /** @@ -62,6 +71,11 @@ typedef struct interface_manager_t interface_manager_t; * use the manager to fullfill their tasks (initiating, terminating, ...). * The interface_manager starts actions by creating jobs. It then tries to * evaluate the result of the operation by listening on the bus. + * + * Passing NULL as callback to the managers function calls them asynchronously. + * If a callback is specified, they are called synchronoulsy. There is a default + * callback "interface_manager_cb_empty" if you wan't to call a function + * synchronously, but don't need a callback. * * @b Constructors: * - interface_manager_create() diff --git a/src/charon/control/interfaces/dbus_interface.c b/src/charon/control/interfaces/dbus_interface.c index d93a5d048..39226aaef 100644 --- a/src/charon/control/interfaces/dbus_interface.c +++ b/src/charon/control/interfaces/dbus_interface.c @@ -118,55 +118,6 @@ static child_cfg_t* get_child_from_peer(peer_cfg_t *peer_cfg, char *name) return found; } -/** - * get a peer configuration by its name, or a name of its children - */ -static peer_cfg_t *get_peer_cfg_by_name(char *name) -{ - iterator_t *i1, *i2; - peer_cfg_t *current, *found = NULL; - child_cfg_t *child; - - i1 = charon->backends->create_iterator(charon->backends); - while (i1->iterate(i1, (void**)¤t)) - { - /* compare peer_cfgs name first */ - if (streq(current->get_name(current), name)) - { - found = current; - found->get_ref(found); - break; - } - /* compare all child_cfg names otherwise */ - i2 = current->create_child_cfg_iterator(current); - while (i2->iterate(i2, (void**)&child)) - { - if (streq(child->get_name(child), name)) - { - found = current; - found->get_ref(found); - break; - } - } - i2->destroy(i2); - if (found) - { - break; - } - } - i1->destroy(i1); - return found; -} - -/** - * logging dummy - */ -static bool dbus_log(void *param, signal_t signal, level_t level, - ike_sa_t *ike_sa, char *format, va_list args) -{ - return TRUE; -} - /** * process NetworkManagers startConnection method call @@ -197,7 +148,7 @@ static bool start_connection(private_dbus_interface_t *this, DBusMessage* msg) } set_state(this, NM_VPN_STATE_STARTING); - peer_cfg = get_peer_cfg_by_name(name); + peer_cfg = charon->backends->get_peer_cfg_by_name(charon->backends, name); if (peer_cfg) { free(this->name); @@ -205,8 +156,8 @@ static bool start_connection(private_dbus_interface_t *this, DBusMessage* msg) child_cfg = get_child_from_peer(peer_cfg, name); if (child_cfg) { - status = charon->interfaces->initiate(charon->interfaces, peer_cfg, - child_cfg, dbus_log, NULL); + status = charon->interfaces->initiate(charon->interfaces, + peer_cfg, child_cfg, interface_manager_cb_empty, NULL); } else { diff --git a/src/charon/control/interfaces/stroke_interface.c b/src/charon/control/interfaces/stroke_interface.c index 7885fc2e6..66ed423ae 100755 --- a/src/charon/control/interfaces/stroke_interface.c +++ b/src/charon/control/interfaces/stroke_interface.c @@ -6,6 +6,7 @@ */ /* + * Copyright (C) 2007 Tobias Brunner * Copyright (C) 2006-2007 Martin Willi * Hochschule fuer Technik Rapperswil * @@ -38,6 +39,8 @@ #include #include #include +#include +#include #include #include #include @@ -49,9 +52,6 @@ #define PATH_BUF 256 #define STROKE_THREADS 3 -struct sockaddr_un socket_addr = { AF_UNIX, STROKE_SOCKET}; - - typedef struct private_stroke_interface_t private_stroke_interface_t; /** @@ -229,14 +229,18 @@ static void stroke_add_conn(stroke_msg_t *msg, FILE *out) { ike_cfg_t *ike_cfg; peer_cfg_t *peer_cfg; + peer_cfg_t *mediated_by_cfg = NULL; child_cfg_t *child_cfg; identification_t *my_id, *other_id; identification_t *my_ca = NULL; identification_t *other_ca = NULL; + identification_t *peer_id = NULL; bool my_ca_same = FALSE; bool other_ca_same =FALSE; host_t *my_host, *other_host, *my_subnet, *other_subnet; host_t *my_vip = NULL, *other_vip = NULL; + linked_list_t *my_groups = linked_list_create(); + linked_list_t *other_groups = linked_list_create(); proposal_t *proposal; traffic_selector_t *my_ts, *other_ts; char *interface; @@ -252,7 +256,12 @@ static void stroke_add_conn(stroke_msg_t *msg, FILE *out) pop_string(msg, &msg->add_conn.algorithms.esp); DBG2(DBG_CFG, " ike=%s", msg->add_conn.algorithms.ike); DBG2(DBG_CFG, " esp=%s", msg->add_conn.algorithms.esp); - + pop_string(msg, &msg->add_conn.p2p.mediated_by); + pop_string(msg, &msg->add_conn.p2p.peerid); + DBG2(DBG_CFG, " p2p_mediation=%s", msg->add_conn.p2p.mediation ? "yes" : "no"); + DBG2(DBG_CFG, " p2p_mediated_by=%s", msg->add_conn.p2p.mediated_by); + DBG2(DBG_CFG, " p2p_peerid=%s", msg->add_conn.p2p.peerid); + my_host = msg->add_conn.me.address? host_create_from_string(msg->add_conn.me.address, IKE_PORT) : NULL; if (my_host == NULL) @@ -319,6 +328,49 @@ static void stroke_add_conn(stroke_msg_t *msg, FILE *out) goto destroy_hosts; } +#ifdef P2P + if (msg->add_conn.p2p.mediation && msg->add_conn.p2p.mediated_by) + { + DBG1(DBG_CFG, "a mediation connection cannot be a" + " mediated connection at the same time, aborting"); + goto destroy_ids; + } + + if (msg->add_conn.p2p.mediated_by) + { + mediated_by_cfg = charon->backends->get_peer_cfg_by_name(charon->backends, msg->add_conn.p2p.mediated_by); + if (!mediated_by_cfg) + { + DBG1(DBG_CFG, "mediation connection '%s' not found, aborting", + msg->add_conn.p2p.mediated_by); + goto destroy_ids; + } + + if (!mediated_by_cfg->is_mediation(mediated_by_cfg)) + { + DBG1(DBG_CFG, "connection '%s' as referred to by '%s' is" + "no mediation connection, aborting", + msg->add_conn.p2p.mediated_by, msg->add_conn.name); + goto destroy_ids; + } + } + + if (msg->add_conn.p2p.peerid) + { + peer_id = identification_create_from_string(msg->add_conn.p2p.peerid); + if (!peer_id) + { + DBG1(DBG_CFG, "invalid peer ID: %s\n", msg->add_conn.p2p.peerid); + goto destroy_ids; + } + } + else +#endif /* P2P */ + { + // no peer ID supplied, assume right ID + peer_id = other_id->clone(other_id); + } + my_subnet = host_create_from_string(msg->add_conn.me.subnet ? msg->add_conn.me.subnet : msg->add_conn.me.address, IKE_PORT); if (my_subnet == NULL) @@ -336,11 +388,11 @@ static void stroke_add_conn(stroke_msg_t *msg, FILE *out) goto destroy_ids; } - if (msg->add_conn.me.virtual_ip) + if (msg->add_conn.me.virtual_ip && msg->add_conn.me.sourceip) { my_vip = host_create_from_string(msg->add_conn.me.sourceip, 0); } - if (msg->add_conn.other.virtual_ip) + if (msg->add_conn.other.virtual_ip && msg->add_conn.other.sourceip) { other_vip = host_create_from_string(msg->add_conn.other.sourceip, 0); } @@ -474,6 +526,11 @@ static void stroke_add_conn(stroke_msg_t *msg, FILE *out) DBG2(DBG_CFG, " my ca: '%D'", my_ca); DBG2(DBG_CFG, " other ca:'%D'", other_ca); + if (msg->add_conn.other.groups) + { + ietfAttr_list_create_from_string(msg->add_conn.other.groups, other_groups); + } + /* have a look for an (almost) identical peer config to reuse */ iterator = charon->backends->create_iterator(charon->backends); while (iterator->iterate(iterator, (void**)&peer_cfg)) @@ -484,6 +541,7 @@ static void stroke_add_conn(stroke_msg_t *msg, FILE *out) && my_host->equals(my_host, ike_cfg->get_my_host(ike_cfg)) && other_host->equals(other_host, ike_cfg->get_other_host(ike_cfg)) && other_ca->equals(other_ca, peer_cfg->get_other_ca(peer_cfg)) + && ietfAttr_list_equals(other_groups, peer_cfg->get_groups(peer_cfg)) && peer_cfg->get_ike_version(peer_cfg) == (msg->add_conn.ikev2 ? 2 : 1) && peer_cfg->get_auth_method(peer_cfg) == msg->add_conn.auth_method && peer_cfg->get_eap_type(peer_cfg) == msg->add_conn.eap_type) @@ -506,11 +564,15 @@ static void stroke_add_conn(stroke_msg_t *msg, FILE *out) other_host->destroy(other_host); other_id->destroy(other_id); other_ca->destroy(other_ca); + peer_id->destroy(peer_id); + DESTROY_IF(mediated_by_cfg); + ietfAttr_list_destroy(my_groups); + ietfAttr_list_destroy(other_groups); } else { ike_cfg = ike_cfg_create(msg->add_conn.other.sendcert != CERT_NEVER_SEND, - my_host, other_host); + msg->add_conn.force_encap, my_host, other_host); if (msg->add_conn.algorithms.ike) { @@ -553,13 +615,15 @@ static void stroke_add_conn(stroke_msg_t *msg, FILE *out) peer_cfg = peer_cfg_create(msg->add_conn.name, msg->add_conn.ikev2 ? 2 : 1, - ike_cfg, my_id, other_id, my_ca, other_ca, msg->add_conn.me.sendcert, + ike_cfg, my_id, other_id, my_ca, other_ca, other_groups, + msg->add_conn.me.sendcert, msg->add_conn.auth_method, msg->add_conn.eap_type, msg->add_conn.rekey.tries, msg->add_conn.rekey.ike_lifetime, msg->add_conn.rekey.ike_lifetime - msg->add_conn.rekey.margin, msg->add_conn.rekey.margin * msg->add_conn.rekey.fuzz / 100, - msg->add_conn.rekey.reauth, msg->add_conn.dpd.delay, - msg->add_conn.dpd.action,my_vip, other_vip); + msg->add_conn.rekey.reauth, msg->add_conn.mobike, + msg->add_conn.dpd.delay, msg->add_conn.dpd.action, my_vip, other_vip, + msg->add_conn.p2p.mediation, mediated_by_cfg, peer_id); } child_cfg = child_cfg_create( @@ -621,6 +685,8 @@ static void stroke_add_conn(stroke_msg_t *msg, FILE *out) destroy_ids: my_id->destroy(my_id); other_id->destroy(other_id); + DESTROY_IF(mediated_by_cfg); + DESTROY_IF(peer_id); destroy_hosts: my_host->destroy(my_host); @@ -633,7 +699,8 @@ destroy_hosts: static void stroke_del_conn(stroke_msg_t *msg, FILE *out) { iterator_t *peer_iter, *child_iter; - peer_cfg_t *peer, *child; + peer_cfg_t *peer; + child_cfg_t *child; pop_string(msg, &(msg->del_conn.name)); DBG1(DBG_CFG, "received stroke: delete connection '%s'", msg->del_conn.name); @@ -705,46 +772,6 @@ static bool stroke_log(stroke_log_info_t *info, signal_t signal, level_t level, return TRUE; } -/** - * get a peer configuration by its name, or a name of its children - */ -static peer_cfg_t *get_peer_cfg_by_name(char *name) -{ - iterator_t *i1, *i2; - peer_cfg_t *current, *found = NULL; - child_cfg_t *child; - - i1 = charon->backends->create_iterator(charon->backends); - while (i1->iterate(i1, (void**)¤t)) - { - /* compare peer_cfgs name first */ - if (streq(current->get_name(current), name)) - { - found = current; - found->get_ref(found); - break; - } - /* compare all child_cfg names otherwise */ - i2 = current->create_child_cfg_iterator(current); - while (i2->iterate(i2, (void**)&child)) - { - if (streq(child->get_name(child), name)) - { - found = current; - found->get_ref(found); - break; - } - } - i2->destroy(i2); - if (found) - { - break; - } - } - i1->destroy(i1); - return found; -} - /** * initiate a connection by name */ @@ -757,7 +784,8 @@ static void stroke_initiate(stroke_msg_t *msg, FILE *out) pop_string(msg, &(msg->initiate.name)); DBG1(DBG_CFG, "received stroke: initiate '%s'", msg->initiate.name); - peer_cfg = get_peer_cfg_by_name(msg->initiate.name); + peer_cfg = charon->backends->get_peer_cfg_by_name(charon->backends, + msg->initiate.name); if (peer_cfg == NULL) { fprintf(out, "no config named '%s'\n", msg->initiate.name); @@ -779,10 +807,18 @@ static void stroke_initiate(stroke_msg_t *msg, FILE *out) return; } - info.out = out; - info.level = msg->output_verbosity; - charon->interfaces->initiate(charon->interfaces, peer_cfg, child_cfg, - (interface_manager_cb_t)stroke_log, &info); + if (msg->output_verbosity < 0) + { + charon->interfaces->initiate(charon->interfaces, peer_cfg, child_cfg, + NULL, NULL); + } + else + { + info.out = out; + info.level = msg->output_verbosity; + charon->interfaces->initiate(charon->interfaces, peer_cfg, child_cfg, + (interface_manager_cb_t)stroke_log, &info); + } } /** @@ -797,7 +833,8 @@ static void stroke_route(stroke_msg_t *msg, FILE *out) pop_string(msg, &(msg->route.name)); DBG1(DBG_CFG, "received stroke: route '%s'", msg->route.name); - peer_cfg = get_peer_cfg_by_name(msg->route.name); + peer_cfg = charon->backends->get_peer_cfg_by_name(charon->backends, + msg->route.name); if (peer_cfg == NULL) { fprintf(out, "no config named '%s'\n", msg->route.name); @@ -1079,10 +1116,10 @@ static void log_ike_sa(FILE *out, ike_sa_t *ike_sa, bool all) if (all) { - fprintf(out, "%12s[%d]: IKE SPIs: 0x%0llx_i%s 0x%0llx_r%s, ", + fprintf(out, "%12s[%d]: IKE SPIs: %.16llx_i%s %.16llx_r%s, ", ike_sa->get_name(ike_sa), ike_sa->get_unique_id(ike_sa), id->get_initiator_spi(id), id->is_initiator(id) ? "*" : "", - id->get_responder_spi(id), id->is_initiator(id) ? "" : ""); + id->get_responder_spi(id), id->is_initiator(id) ? "" : "*"); ike_sa->get_stats(ike_sa, &next); if (next) @@ -1120,7 +1157,7 @@ static void log_child_sa(FILE *out, child_sa_t *child_sa, bool all) if (child_sa->get_state(child_sa) == CHILD_INSTALLED) { - fprintf(out, ", %N SPIs: 0x%0x_i 0x%0x_o", + fprintf(out, ", %N SPIs: %.8x_i %.8x_o", protocol_id_names, child_sa->get_protocol(child_sa), htonl(child_sa->get_spi(child_sa, TRUE)), htonl(child_sa->get_spi(child_sa, FALSE))); @@ -1242,6 +1279,7 @@ static void stroke_status(stroke_msg_t *msg, FILE *out, bool all) { identification_t *my_ca = peer_cfg->get_my_ca(peer_cfg); identification_t *other_ca = peer_cfg->get_other_ca(peer_cfg); + linked_list_t *groups = peer_cfg->get_groups(peer_cfg); if (my_ca->get_type(my_ca) != ID_ANY || other_ca->get_type(other_ca) != ID_ANY) @@ -1249,6 +1287,13 @@ static void stroke_status(stroke_msg_t *msg, FILE *out, bool all) fprintf(out, "%12s: CAs: '%D'...'%D'\n", peer_cfg->get_name(peer_cfg), my_ca, other_ca); } + if (groups->get_count(groups) > 0) + { + fprintf(out, "%12s: groups: ", peer_cfg->get_name(peer_cfg)); + ietfAttr_list_list(groups, out); + fprintf(out, "\n"); + } + } children = peer_cfg->create_child_cfg_iterator(peer_cfg); while (children->iterate(children, (void**)&child_cfg)) @@ -1372,6 +1417,23 @@ static void stroke_list(stroke_msg_t *msg, FILE *out) { list_auth_certificates(AUTH_AA, "AA", msg->list.utc, out); } + if (msg->list.flags & LIST_ACERTS) + { + x509ac_t *cert; + + iterator = charon->credentials->create_acert_iterator(charon->credentials); + if (iterator->get_count(iterator)) + { + fprintf(out, "\n"); + fprintf(out, "List of X.509 Attribute Certificates:\n"); + fprintf(out, "\n"); + } + while (iterator->iterate(iterator, (void**)&cert)) + { + cert->list(cert, out, msg->list.utc); + } + iterator->destroy(iterator); + } if (msg->list.flags & LIST_CAINFOS) { ca_info_t *ca_info; @@ -1445,6 +1507,10 @@ static void stroke_list(stroke_msg_t *msg, FILE *out) */ static void stroke_reread(stroke_msg_t *msg, FILE *out) { + if (msg->reread.flags & REREAD_SECRETS) + { + charon->credentials->load_secrets(charon->credentials, TRUE); + } if (msg->reread.flags & REREAD_CACERTS) { charon->credentials->load_ca_certificates(charon->credentials); @@ -1453,6 +1519,14 @@ static void stroke_reread(stroke_msg_t *msg, FILE *out) { charon->credentials->load_ocsp_certificates(charon->credentials); } + if (msg->reread.flags & REREAD_AACERTS) + { + charon->credentials->load_aa_certificates(charon->credentials); + } + if (msg->reread.flags & REREAD_ACERTS) + { + charon->credentials->load_attr_certificates(charon->credentials); + } if (msg->reread.flags & REREAD_CRLS) { charon->credentials->load_crls(charon->credentials); @@ -1655,7 +1729,6 @@ static void destroy(private_stroke_interface_t *this) { this->job->cancel(this->job); free(this); - unlink(socket_addr.sun_path); } /* @@ -1663,6 +1736,7 @@ static void destroy(private_stroke_interface_t *this) */ interface_t *interface_create() { + struct sockaddr_un socket_addr = { AF_UNIX, STROKE_SOCKET}; private_stroke_interface_t *this = malloc_thing(private_stroke_interface_t); mode_t old; @@ -1678,7 +1752,8 @@ interface_t *interface_create() return NULL; } - old = umask(~S_IRWXU); + unlink(socket_addr.sun_path); + old = umask(~(S_IRWXU | S_IRWXG)); if (bind(this->socket, (struct sockaddr *)&socket_addr, sizeof(socket_addr)) < 0) { DBG1(DBG_CFG, "could not bind stroke socket: %s", strerror(errno)); @@ -1687,6 +1762,11 @@ interface_t *interface_create() return NULL; } umask(old); + if (chown(socket_addr.sun_path, IPSEC_UID, IPSEC_GID) != 0) + { + DBG1(DBG_CFG, "changing stroke socket permissions failed: %s", + strerror(errno)); + } if (listen(this->socket, 0) < 0) { diff --git a/src/charon/control/interfaces/xml_interface.c b/src/charon/control/interfaces/xml_interface.c index 992377436..02da1064d 100644 --- a/src/charon/control/interfaces/xml_interface.c +++ b/src/charon/control/interfaces/xml_interface.c @@ -39,8 +39,6 @@ #include #include -static struct sockaddr_un socket_addr = { AF_UNIX, "/var/run/charon.xml"}; - typedef struct private_xml_interface_t private_xml_interface_t; @@ -65,27 +63,293 @@ struct private_xml_interface_t { callback_job_t *job; }; +ENUM(ike_sa_state_lower_names, IKE_CREATED, IKE_DELETING, + "created", + "connecting", + "established", + "rekeying", + "deleting", +); + +/** + * write a bool into element + */ +static void write_bool(xmlTextWriterPtr writer, char *element, bool val) +{ + xmlTextWriterWriteElement(writer, element, val ? "true" : "false"); +} + +/** + * write a identification_t into element + */ +static void write_id(xmlTextWriterPtr writer, char *element, identification_t *id) +{ + xmlTextWriterStartElement(writer, element); + switch (id->get_type(id)) + { + { + char *type = ""; + while (TRUE) + { + case ID_IPV4_ADDR: + type = "ipv4"; + break; + case ID_IPV6_ADDR: + type = "ipv6"; + break; + case ID_FQDN: + type = "fqdn"; + break; + case ID_RFC822_ADDR: + type = "email"; + break; + case ID_DER_ASN1_DN: + type = "asn1dn"; + break; + case ID_DER_ASN1_GN: + type = "asn1gn"; + break; + } + xmlTextWriterWriteAttribute(writer, "type", type); + xmlTextWriterWriteFormatString(writer, "%D", id); + break; + } + case ID_ANY: + xmlTextWriterWriteAttribute(writer, "type", "any"); + break; + default: + /* TODO: base64 keyid */ + xmlTextWriterWriteAttribute(writer, "type", "keyid"); + break; + } + xmlTextWriterEndElement(writer); +} + +/** + * write a host_t address into an element + */ +static void write_address(xmlTextWriterPtr writer, char *element, host_t *host) +{ + xmlTextWriterStartElement(writer, element); + xmlTextWriterWriteAttribute(writer, "type", + host->get_family(host) == AF_INET ? "ipv4" : "ipv6"); + if (host->is_anyaddr(host)) + { /* do not use %any for XML */ + xmlTextWriterWriteFormatString(writer, "%s", + host->get_family(host) == AF_INET ? "0.0.0.0" : "::"); + } + else + { + xmlTextWriterWriteFormatString(writer, "%H", host); + } + xmlTextWriterEndElement(writer); +} + /** - * process a getRequest message + * write a childEnd */ -static void process_get(xmlTextReaderPtr reader, xmlTextWriterPtr writer) +static void write_childend(xmlTextWriterPtr writer, child_sa_t *child, bool local) { - if (/* */ - xmlTextWriterStartElement(writer, "GetResponse") < 0 || - /* */ - xmlTextWriterStartElement(writer, "Status") < 0 || - xmlTextWriterWriteAttribute(writer, "Code", "200") < 0 || - xmlTextWriterStartElement(writer, "Message") < 0 || - xmlTextWriterEndElement(writer) < 0 || - xmlTextWriterEndElement(writer) < 0 || - /* */ - xmlTextWriterStartElement(writer, "ConnectionList") < 0 || - xmlTextWriterEndElement(writer) < 0 || - /* */ - xmlTextWriterEndElement(writer) < 0) + iterator_t *iterator; + linked_list_t *list; + traffic_selector_t *ts; + xmlTextWriterWriteFormatElement(writer, "spi", "%lx", + htonl(child->get_spi(child, local))); + xmlTextWriterStartElement(writer, "networks"); + list = child->get_traffic_selectors(child, local); + iterator = list->create_iterator(list, TRUE); + while (iterator->iterate(iterator, (void**)&ts)) { - DBG1(DBG_CFG, "error writing XML document (GetResponse)"); + xmlTextWriterStartElement(writer, "network"); + xmlTextWriterWriteAttribute(writer, "type", + ts->get_type(ts) == TS_IPV4_ADDR_RANGE ? "ipv4" : "ipv6"); + xmlTextWriterWriteFormatString(writer, "%R", ts); + xmlTextWriterEndElement(writer); } + iterator->destroy(iterator); + xmlTextWriterEndElement(writer); +} + +/** + * write a child_sa_t + */ +static void write_child(xmlTextWriterPtr writer, child_sa_t *child) +{ + mode_t mode; + encryption_algorithm_t encr; + integrity_algorithm_t int_algo; + size_t encr_len, int_len; + u_int32_t rekey, use_in, use_out, use_fwd; + child_cfg_t *config; + + config = child->get_config(child); + child->get_stats(child, &mode, &encr, &encr_len, &int_algo, &int_len, + &rekey, &use_in, &use_out, &use_fwd); + + xmlTextWriterStartElement(writer, "childsa"); + xmlTextWriterWriteFormatElement(writer, "reqid", "%d", child->get_reqid(child)); + xmlTextWriterWriteFormatElement(writer, "childconfig", "%s", + config->get_name(config)); + xmlTextWriterStartElement(writer, "local"); + write_childend(writer, child, TRUE); + xmlTextWriterEndElement(writer); + xmlTextWriterStartElement(writer, "remote"); + write_childend(writer, child, FALSE); + xmlTextWriterEndElement(writer); + xmlTextWriterEndElement(writer); +} + +/** + * process a ikesalist query request message + */ +static void request_query_ikesa(xmlTextReaderPtr reader, xmlTextWriterPtr writer) +{ + iterator_t *iterator; + ike_sa_t *ike_sa; + + /* */ + xmlTextWriterStartElement(writer, "ikesalist"); + + iterator = charon->ike_sa_manager->create_iterator(charon->ike_sa_manager); + while (iterator->iterate(iterator, (void**)&ike_sa)) + { + ike_sa_id_t *id; + host_t *local, *remote; + iterator_t *children; + child_sa_t *child_sa; + + id = ike_sa->get_id(ike_sa); + + xmlTextWriterStartElement(writer, "ikesa"); + xmlTextWriterWriteFormatElement(writer, "id", "%d", + ike_sa->get_unique_id(ike_sa)); + xmlTextWriterWriteFormatElement(writer, "status", "%N", + ike_sa_state_lower_names, ike_sa->get_state(ike_sa)); + xmlTextWriterWriteElement(writer, "role", + id->is_initiator(id) ? "initiator" : "responder"); + xmlTextWriterWriteElement(writer, "peerconfig", ike_sa->get_name(ike_sa)); + + /* */ + local = ike_sa->get_my_host(ike_sa); + xmlTextWriterStartElement(writer, "local"); + xmlTextWriterWriteFormatElement(writer, "spi", "%.16llx", + id->is_initiator(id) ? id->get_initiator_spi(id) + : id->get_responder_spi(id)); + write_id(writer, "identification", ike_sa->get_my_id(ike_sa)); + write_address(writer, "address", local); + xmlTextWriterWriteFormatElement(writer, "port", "%d", + local->get_port(local)); + if (ike_sa->supports_extension(ike_sa, EXT_NATT)) + { + write_bool(writer, "nat", ike_sa->has_condition(ike_sa, COND_NAT_HERE)); + } + xmlTextWriterEndElement(writer); + /* */ + + /* */ + remote = ike_sa->get_other_host(ike_sa); + xmlTextWriterStartElement(writer, "remote"); + xmlTextWriterWriteFormatElement(writer, "spi", "%.16llx", + id->is_initiator(id) ? id->get_responder_spi(id) + : id->get_initiator_spi(id)); + write_id(writer, "identification", ike_sa->get_other_id(ike_sa)); + write_address(writer, "address", remote); + xmlTextWriterWriteFormatElement(writer, "port", "%d", + remote->get_port(remote)); + if (ike_sa->supports_extension(ike_sa, EXT_NATT)) + { + write_bool(writer, "nat", ike_sa->has_condition(ike_sa, COND_NAT_THERE)); + } + xmlTextWriterEndElement(writer); + /* */ + + /* */ + xmlTextWriterStartElement(writer, "childsalist"); + children = ike_sa->create_child_sa_iterator(ike_sa); + while (children->iterate(children, (void**)&child_sa)) + { + write_child(writer, child_sa); + } + children->destroy(children); + /* */ + xmlTextWriterEndElement(writer); + + /* */ + xmlTextWriterEndElement(writer); + } + iterator->destroy(iterator); + + /* */ + xmlTextWriterEndElement(writer); +} + +/** + * process a query request + */ +static void request_query(xmlTextReaderPtr reader, xmlTextWriterPtr writer) +{ + /* */ + xmlTextWriterStartElement(writer, "query"); + while (xmlTextReaderRead(reader)) + { + if (xmlTextReaderNodeType(reader) == XML_READER_TYPE_ELEMENT) + { + if (streq(xmlTextReaderConstName(reader), "ikesalist")) + { + request_query_ikesa(reader, writer); + break; + } + } + } + /* */ + xmlTextWriterEndElement(writer); +} + +/** + * process a request message + */ +static void request(xmlTextReaderPtr reader, char *id, int fd) +{ + xmlTextWriterPtr writer; + + writer = xmlNewTextWriter(xmlOutputBufferCreateFd(fd, NULL)); + if (writer == NULL) + { + DBG1(DBG_CFG, "opening SMP XML writer failed"); + return; + } + + xmlTextWriterStartDocument(writer, NULL, NULL, NULL); + /* */ + xmlTextWriterStartElement(writer, "message"); + xmlTextWriterWriteAttribute(writer, "xmlns", + "http://www.strongswan.org/smp/1.0"); + xmlTextWriterWriteAttribute(writer, "id", id); + xmlTextWriterWriteAttribute(writer, "type", "response"); + + while (xmlTextReaderRead(reader)) + { + if (xmlTextReaderNodeType(reader) == XML_READER_TYPE_ELEMENT) + { + if (streq(xmlTextReaderConstName(reader), "query")) + { + request_query(reader, writer); + break; + } + } + } + /* and close document */ + xmlTextWriterEndDocument(writer); + xmlFreeTextWriter(writer); +} + +/** + * cleanup helper function for open file descriptors + */ +static void closefdp(int *fd) +{ + close(*fd); } /** @@ -97,17 +361,20 @@ static job_requeue_t process(int *fdp) char buffer[4096]; size_t len; xmlTextReaderPtr reader; - xmlTextWriterPtr writer; + char *id = NULL, *type = NULL; + pthread_cleanup_push((void*)closefdp, (void*)&fd); pthread_setcancelstate(PTHREAD_CANCEL_ENABLE, &oldstate); len = read(fd, buffer, sizeof(buffer)); pthread_setcancelstate(oldstate, NULL); + pthread_cleanup_pop(0); if (len <= 0) { close(fd); DBG2(DBG_CFG, "SMP XML connection closed"); return JOB_REQUEUE_NONE; } + DBG3(DBG_CFG, "got XML request: %b", buffer, len); reader = xmlReaderForMemory(buffer, len, NULL, NULL, 0); if (reader == NULL) @@ -116,65 +383,32 @@ static job_requeue_t process(int *fdp) return JOB_REQUEUE_FAIR;; } - writer = xmlNewTextWriter(xmlOutputBufferCreateFd(fd, NULL)); - if (writer == NULL) - { - xmlFreeTextReader(reader); - DBG1(DBG_CFG, "opening SMP XML writer failed"); - return JOB_REQUEUE_FAIR;; - } - - /* create the standard message parts */ - if (xmlTextWriterStartDocument(writer, NULL, NULL, NULL) < 0 || - /* */ - xmlTextWriterStartElement(writer, "SMPMessage") < 0 || - xmlTextWriterWriteAttribute(writer, "xmlns", - "http://www.strongswan.org/smp/1.0") < 0 || - /* */ - xmlTextWriterStartElement(writer, "Body") < 0) - { - xmlFreeTextReader(reader); - xmlFreeTextWriter(writer); - DBG1(DBG_CFG, "creating SMP XML message failed"); - return JOB_REQUEUE_FAIR;; - } - - while (TRUE) + /* read message type and id */ + while (xmlTextReaderRead(reader)) { - switch (xmlTextReaderRead(reader)) - { - case 1: - { - if (xmlTextReaderNodeType(reader) == XML_READER_TYPE_ELEMENT) - { - if (streq(xmlTextReaderConstName(reader), "GetRequest")) - { - process_get(reader, writer); - break; - } - } - continue; - } - case 0: - /* end of XML */ - break; - default: - DBG1(DBG_CFG, "parsing SMP XML message failed"); - break; + if (xmlTextReaderNodeType(reader) == XML_READER_TYPE_ELEMENT && + streq(xmlTextReaderConstName(reader), "message")) + { + id = xmlTextReaderGetAttribute(reader, "id"); + type = xmlTextReaderGetAttribute(reader, "type"); + break; } - xmlFreeTextReader(reader); - break; } - /* write and close document */ - if (xmlTextWriterEndDocument(writer) < 0) - { - DBG1(DBG_CFG, "completing SMP XML message failed"); - } - xmlFreeTextWriter(writer); - /* write a newline to indicate end of xml */ - write(fd, "\n", 1); - return JOB_REQUEUE_FAIR;; + /* process message */ + if (id && type) + { + if (streq(type, "request")) + { + request(reader, id, fd); + } + else + { + /* response(reader, id) */ + } + } + xmlFreeTextReader(reader); + return JOB_REQUEUE_FAIR;; } /** @@ -212,7 +446,7 @@ static job_requeue_t dispatch(private_xml_interface_t *this) static void destroy(private_xml_interface_t *this) { this->job->cancel(this->job); - unlink(socket_addr.sun_path); + close(this->socket); free(this); } @@ -221,6 +455,7 @@ static void destroy(private_xml_interface_t *this) */ interface_t *interface_create() { + struct sockaddr_un unix_addr = { AF_UNIX, IPSEC_PIDDIR "/charon.xml"}; private_xml_interface_t *this = malloc_thing(private_xml_interface_t); mode_t old; @@ -235,8 +470,9 @@ interface_t *interface_create() return NULL; } - old = umask(~S_IRWXU); - if (bind(this->socket, (struct sockaddr *)&socket_addr, sizeof(socket_addr)) < 0) + unlink(unix_addr.sun_path); + old = umask(~(S_IRWXU | S_IRWXG)); + if (bind(this->socket, (struct sockaddr *)&unix_addr, sizeof(unix_addr)) < 0) { DBG1(DBG_CFG, "could not bind XML socket: %s", strerror(errno)); close(this->socket); @@ -244,8 +480,12 @@ interface_t *interface_create() return NULL; } umask(old); + if (chown(unix_addr.sun_path, IPSEC_UID, IPSEC_GID) != 0) + { + DBG1(DBG_CFG, "changing XML socket permissions failed: %s", strerror(errno)); + } - if (listen(this->socket, 0) < 0) + if (listen(this->socket, 5) < 0) { DBG1(DBG_CFG, "could not listen on XML socket: %s", strerror(errno)); close(this->socket); diff --git a/src/charon/daemon.c b/src/charon/daemon.c index 37699f83f..9e151c305 100644 --- a/src/charon/daemon.c +++ b/src/charon/daemon.c @@ -5,8 +5,8 @@ * */ -/* - * Copyright (C) 2006 Tobias Brunner, Daniel Roethlisberger +/* Copyright (C) 2006-2007 Tobias Brunner + * Copyright (C) 2006 Daniel Roethlisberger * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter * Hochschule fuer Technik Rapperswil @@ -52,6 +52,11 @@ extern int capset(cap_user_header_t hdrp, const cap_user_data_t datap); #endif /* NO_CAPSET_DEFINED */ +#ifdef INTEGRITY_TEST +#include +#include +#endif /* INTEGRITY_TEST */ + typedef struct private_daemon_t private_daemon_t; /** @@ -169,11 +174,15 @@ static void destroy(private_daemon_t *this) this->public.processor->set_threads(this->public.processor, 0); /* close all IKE_SAs */ DESTROY_IF(this->public.ike_sa_manager); + DESTROY_IF(this->public.kernel_interface); DESTROY_IF(this->public.scheduler); DESTROY_IF(this->public.interfaces); +#ifdef P2P + DESTROY_IF(this->public.connect_manager); + DESTROY_IF(this->public.mediation_manager); +#endif /* P2P */ DESTROY_IF(this->public.backends); DESTROY_IF(this->public.credentials); - DESTROY_IF(this->public.kernel_interface); DESTROY_IF(this->public.sender); DESTROY_IF(this->public.receiver); DESTROY_IF(this->public.socket); @@ -226,10 +235,16 @@ static void drop_capabilities(private_daemon_t *this, bool full) if (full) { # if IPSEC_GID - setgid(IPSEC_GID); + if (setgid(IPSEC_GID) != 0) + { + kill_daemon(this, "changing GID to unprivileged group failed"); + } # endif # if IPSEC_UID - setuid(IPSEC_UID); + if (setuid(IPSEC_UID) != 0) + { + kill_daemon(this, "changing UID to unprivileged user failed"); + } # endif } else @@ -240,12 +255,17 @@ static void drop_capabilities(private_daemon_t *this, bool full) keep |= (1<public.ike_sa_manager = ike_sa_manager_create(); this->public.processor = processor_create(); @@ -300,7 +333,7 @@ static void initialize(private_daemon_t *this, bool syslog, level_t levels[]) this->public.credentials->load_attr_certificates(this->public.credentials); this->public.credentials->load_ocsp_certificates(this->public.credentials); this->public.credentials->load_crls(this->public.credentials); - this->public.credentials->load_secrets(this->public.credentials); + this->public.credentials->load_secrets(this->public.credentials, FALSE); this->public.interfaces = interface_manager_create(); this->public.backends = backend_manager_create(); @@ -309,6 +342,12 @@ static void initialize(private_daemon_t *this, bool syslog, level_t levels[]) this->public.sender = sender_create(); this->public.receiver = receiver_create(); +#ifdef P2P + this->public.connect_manager = connect_manager_create(); + this->public.mediation_manager = mediation_manager_create(); +#endif /* P2P */ + + return TRUE; } /** @@ -508,7 +547,13 @@ int main(int argc, char *argv[]) } /* initialize daemon */ - initialize(private_charon, use_syslog, levels); + if (!initialize(private_charon, use_syslog, levels)) + { + DBG1(DBG_DMN, "initialization failed - aborting charon"); + destroy(private_charon); + exit(-1); + } + /* initialize fetcher_t class */ fetcher_initialize(); /* load pluggable EAP modules */ @@ -528,6 +573,7 @@ int main(int argc, char *argv[]) if (pid_file) { fprintf(pid_file, "%d\n", getpid()); + fchown(fileno(pid_file), IPSEC_UID, IPSEC_GID); fclose(pid_file); } diff --git a/src/charon/daemon.h b/src/charon/daemon.h index 0b5205ce7..33c63091d 100644 --- a/src/charon/daemon.h +++ b/src/charon/daemon.h @@ -6,7 +6,8 @@ */ /* - * Copyright (C) 2006 Tobias Brunner, Daniel Roethlisberger + * Copyright (C) 2006-2007 Tobias Brunner + * Copyright (C) 2006 Daniel Roethlisberger * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter * Hochschule fuer Technik Rapperswil @@ -42,6 +43,11 @@ typedef struct daemon_t daemon_t; #include #include +#ifdef P2P +#include +#include +#endif /* P2P */ + /** * @defgroup charon charon * @@ -427,6 +433,18 @@ struct daemon_t { */ interface_manager_t *interfaces; +#ifdef P2P + /** + * Connect manager + */ + connect_manager_t *connect_manager; + + /** + * Mediation manager + */ + mediation_manager_t *mediation_manager; +#endif /* P2P */ + /** * @brief Shut down the daemon. * diff --git a/src/charon/encoding/message.c b/src/charon/encoding/message.c index 980ff12b5..3dfa64fb9 100644 --- a/src/charon/encoding/message.c +++ b/src/charon/encoding/message.c @@ -6,7 +6,8 @@ */ /* - * Copyright (C) 2006 Tobias Brunner, Daniel Roethlisberger + * Copyright (C) 2006-2007 Tobias Brunner + * Copyright (C) 2006 Daniel Roethlisberger * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter * Hochschule fuer Technik Rapperswil @@ -149,9 +150,15 @@ static payload_rule_t ike_auth_i_payload_rules[] = { {CERTIFICATE,0,1,TRUE,FALSE}, {CERTIFICATE_REQUEST,0,1,TRUE,FALSE}, {ID_RESPONDER,0,1,TRUE,FALSE}, +#ifdef P2P + {SECURITY_ASSOCIATION,0,1,TRUE,FALSE}, + {TRAFFIC_SELECTOR_INITIATOR,0,1,TRUE,FALSE}, + {TRAFFIC_SELECTOR_RESPONDER,0,1,TRUE,FALSE}, +#else {SECURITY_ASSOCIATION,1,1,TRUE,FALSE}, {TRAFFIC_SELECTOR_INITIATOR,1,1,TRUE,FALSE}, {TRAFFIC_SELECTOR_RESPONDER,1,1,TRUE,FALSE}, +#endif /* P2P */ {CONFIGURATION,0,1,TRUE,FALSE}, {VENDOR_ID,0,10,TRUE,FALSE}, }; @@ -222,6 +229,24 @@ static payload_rule_t create_child_sa_r_payload_rules[] = { {VENDOR_ID,0,10,TRUE,FALSE}, }; +#ifdef P2P +/** + * Message rule for P2P_CONNECT from initiator. + */ +static payload_rule_t p2p_connect_i_payload_rules[] = { + {NOTIFY,0,MAX_NOTIFY_PAYLOADS,TRUE,TRUE}, + {ID_PEER,1,1,TRUE,FALSE}, + {VENDOR_ID,0,10,TRUE,FALSE} +}; + +/** + * Message rule for P2P_CONNECT from responder. + */ +static payload_rule_t p2p_connect_r_payload_rules[] = { + {NOTIFY,0,MAX_NOTIFY_PAYLOADS,TRUE,TRUE}, + {VENDOR_ID,0,10,TRUE,FALSE} +}; +#endif /* P2P */ /** * Message rules, defines allowed payloads. @@ -235,6 +260,10 @@ static message_rule_t message_rules[] = { {INFORMATIONAL,FALSE,TRUE,(sizeof(informational_r_payload_rules)/sizeof(payload_rule_t)),informational_r_payload_rules}, {CREATE_CHILD_SA,TRUE,TRUE,(sizeof(create_child_sa_i_payload_rules)/sizeof(payload_rule_t)),create_child_sa_i_payload_rules}, {CREATE_CHILD_SA,FALSE,TRUE,(sizeof(create_child_sa_r_payload_rules)/sizeof(payload_rule_t)),create_child_sa_r_payload_rules}, +#ifdef P2P + {P2P_CONNECT,TRUE,TRUE,(sizeof(p2p_connect_i_payload_rules)/sizeof(payload_rule_t)),p2p_connect_i_payload_rules}, + {P2P_CONNECT,FALSE,TRUE,(sizeof(p2p_connect_r_payload_rules)/sizeof(payload_rule_t)),p2p_connect_r_payload_rules}, +#endif /* P2P */ }; @@ -445,6 +474,14 @@ static exchange_type_t get_exchange_type (private_message_t *this) return this->exchange_type; } +/** + * Implementation of message_t.get_first_payload_type. + */ +static payload_type_t get_first_payload_type (private_message_t *this) +{ + return this->first_payload; +} + /** * Implementation of message_t.set_request. */ @@ -672,6 +709,13 @@ static status_t encrypt_payloads (private_message_t *this,crypter_t *crypter, si return SUCCESS; } + if (!crypter || !signer) + { + DBG2(DBG_ENC, "no crypter or signer specified, do not encrypt message"); + /* message contains no content to encrypt */ + return SUCCESS; + } + DBG2(DBG_ENC, "copy all payloads to a temporary list"); all_payloads = linked_list_create(); @@ -1255,6 +1299,7 @@ message_t *message_create_from_packet(packet_t *packet) this->public.get_ike_sa_id = (ike_sa_id_t*(*)(message_t*))get_ike_sa_id; this->public.set_exchange_type = (void(*)(message_t*, exchange_type_t))set_exchange_type; this->public.get_exchange_type = (exchange_type_t(*)(message_t*))get_exchange_type; + this->public.get_first_payload_type = (payload_type_t(*)(message_t*))get_first_payload_type; this->public.set_request = (void(*)(message_t*, bool))set_request; this->public.get_request = (bool(*)(message_t*))get_request; this->public.add_payload = (void(*)(message_t*,payload_t*))add_payload; diff --git a/src/charon/encoding/message.h b/src/charon/encoding/message.h index 73c2e05c6..35b659f33 100644 --- a/src/charon/encoding/message.h +++ b/src/charon/encoding/message.h @@ -6,7 +6,8 @@ */ /* - * Copyright (C) 2006 Tobias Brunner, Daniel Roethlisberger + * Copyright (C) 2006-2007 Tobias Brunner + * Copyright (C) 2006 Daniel Roethlisberger * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter * Hochschule fuer Technik Rapperswil @@ -152,6 +153,14 @@ struct message_t { * @return exchange type of the message */ exchange_type_t (*get_exchange_type) (message_t *this); + + /** + * @brief Gets the payload type of the first payload. + * + * @param this message_t object + * @return payload type of the first payload + */ + payload_type_t (*get_first_payload_type) (message_t *this); /** * @brief Sets the request flag. @@ -319,7 +328,7 @@ struct message_t { iterator_t * (*get_payload_iterator) (message_t *this); /** - * @brief Find a payload of a spicific type. + * @brief Find a payload of a specific type. * * Returns the first occurance. * diff --git a/src/charon/encoding/payloads/endpoint_notify.c b/src/charon/encoding/payloads/endpoint_notify.c new file mode 100644 index 000000000..30f3ecd5f --- /dev/null +++ b/src/charon/encoding/payloads/endpoint_notify.c @@ -0,0 +1,422 @@ +/** + * @file endpoint_notify.c + * + * @brief Implementation of endpoint_notify_t. + * + */ + +/* + * Copyright (C) 2007 Tobias Brunner + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "endpoint_notify.h" + +#include + +#include + +typedef struct private_endpoint_notify_t private_endpoint_notify_t; + +/** + * Private data of an notify_payload_t object. + * + */ +struct private_endpoint_notify_t { + /** + * Public endpoint_notify_t interface. + */ + endpoint_notify_t public; + + /** + * Priority + */ + u_int32_t priority; + + /** + * Family + */ + p2p_endpoint_family_t family; + + /** + * Endpoint type + */ + p2p_endpoint_type_t type; + + /** + * Endpoint + */ + host_t *endpoint; + + /** + * Base (used for server reflexive endpoints) + */ + host_t *base; +}; + +/* Notification data: + 1 2 3 + 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + ! Priority ! + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + ! Family ! Type ! Port ! + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + ! IP Address (variable) + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +*/ + +/** + * Helper functions to parse integer values + */ +static status_t parse_uint8(u_int8_t **cur, u_int8_t *top, u_int8_t *val) +{ + if (*cur + sizeof(u_int8_t) > top) + { + return FAILED; + } + *val = *(u_int8_t*)*cur; + *cur += sizeof(u_int8_t); + return SUCCESS; +} + +static status_t parse_uint16(u_int8_t **cur, u_int8_t *top, u_int16_t *val) +{ + if (*cur + sizeof(u_int16_t) > top) + { + return FAILED; + } + *val = ntohs(*(u_int16_t*)*cur); + *cur += sizeof(u_int16_t); + return SUCCESS; +} + +static status_t parse_uint32(u_int8_t **cur, u_int8_t *top, u_int32_t *val) +{ + if (*cur + sizeof(u_int32_t) > top) + { + return FAILED; + } + *val = ntohl(*(u_int32_t*)*cur); + *cur += sizeof(u_int32_t); + return SUCCESS; +} + +/** + * Parses the notification data of a P2P_ENDPOINT notify + */ +static status_t parse_notification_data(private_endpoint_notify_t *this, chunk_t data) +{ + u_int8_t family, type, addr_family; + u_int16_t port; + chunk_t addr; + u_int8_t *cur = data.ptr; + u_int8_t *top = data.ptr + data.len; + + DBG3(DBG_IKE, "p2p_endpoint_data %B", &data); + + if (parse_uint32(&cur, top, &this->priority) != SUCCESS) + { + DBG1(DBG_IKE, "failed to parse P2P_ENDPOINT: invalid priority"); + return FAILED; + } + + if (parse_uint8(&cur, top, &family) != SUCCESS || family >= MAX_FAMILY) + { + DBG1(DBG_IKE, "failed to parse P2P_ENDPOINT: invalid family"); + return FAILED; + } + + this->family = (p2p_endpoint_family_t)family; + + if (parse_uint8(&cur, top, &type) != SUCCESS || type >= MAX_TYPE) + { + DBG1(DBG_IKE, "failed to parse P2P_ENDPOINT: invalid type"); + return FAILED; + } + + this->type = (p2p_endpoint_type_t)type; + + addr_family = AF_INET; + addr.len = 4; + + switch(this->family) + { + case NO_FAMILY: + this->endpoint = NULL; + break; + + case IPv6: + addr_family = AF_INET6; + addr.len = 16; + // fall-through + case IPv4: + if (parse_uint16(&cur, top, &port) != SUCCESS) + { + DBG1(DBG_IKE, "failed to parse P2P_ENDPOINT: invalid port"); + return FAILED; + } + + if (cur + addr.len > top) + { + DBG1(DBG_IKE, "failed to parse P2P_ENDPOINT: invalid IP address"); + return FAILED; + } + + addr.ptr = cur; + + this->endpoint = host_create_from_chunk(addr_family, addr, port); + break; + } + + return SUCCESS; +} + + +/** + * Generates the notification data of a P2P_ENDPOINT notify + */ +static chunk_t build_notification_data(private_endpoint_notify_t *this) +{ + chunk_t prio_chunk, family_chunk, type_chunk, port_chunk, addr_chunk; + chunk_t data; + u_int32_t prio; + u_int16_t port; + u_int8_t family, type; + + prio = htonl(this->priority); + prio_chunk = chunk_from_thing(prio); + family = this->family; + family_chunk = chunk_from_thing(family); + type = this->type; + type_chunk = chunk_from_thing(type); + + if (this->endpoint) + { + port = htons(this->endpoint->get_port(this->endpoint)); + addr_chunk = this->endpoint->get_address(this->endpoint); + } + else + { + port = 0; + addr_chunk = chunk_empty; + } + port_chunk = chunk_from_thing(port); + + // data = prio | family | type | port | addr + data = chunk_cat("ccccc", prio_chunk, family_chunk, type_chunk, + port_chunk, addr_chunk); + DBG3(DBG_IKE, "p2p_endpoint_data %B", &data); + + return data; +} + +/** + * Implementation of endpoint_notify_t.build_notify + */ +static notify_payload_t *build_notify(private_endpoint_notify_t *this) +{ + chunk_t data; + notify_payload_t *notify; + + notify = notify_payload_create(); + notify->set_notify_type(notify, P2P_ENDPOINT); + data = build_notification_data(this); + notify->set_notification_data(notify, data); + chunk_free(&data); + + return notify; +} + +/** + * Implementation of endpoint_notify_t.get_priority. + */ +static u_int32_t get_priority(private_endpoint_notify_t *this) +{ + return this->priority; +} + +/** + * Implementation of endpoint_notify_t.set_priority. + */ +static void set_priority(private_endpoint_notify_t *this, u_int32_t priority) +{ + return this->priority = priority; +} + +/** + * Implementation of endpoint_notify_t.get_type. + */ +static p2p_endpoint_type_t get_type(private_endpoint_notify_t *this) +{ + return this->type; +} + +/** + * Implementation of endpoint_notify_t.get_family. + */ +static p2p_endpoint_family_t get_family(private_endpoint_notify_t *this) +{ + return this->family; +} + +/** + * Implementation of endpoint_notify_t.get_host. + */ +static host_t *get_host(private_endpoint_notify_t *this) +{ + return this->endpoint; +} + +/** + * Implementation of endpoint_notify_t.get_base. + */ +static host_t *get_base(private_endpoint_notify_t *this) +{ + return (!this->base) ? this->endpoint : this->base; +} + +/** + * Implementation of endpoint_notify_t.clone. + */ +static endpoint_notify_t *_clone(private_endpoint_notify_t *this) +{ + private_endpoint_notify_t *clone = (private_endpoint_notify_t*)endpoint_notify_create(); + + clone->priority = this->priority; + clone->type = this->type; + clone->family = this->family; + if (this->endpoint) + { + clone->endpoint = this->endpoint->clone(this->endpoint); + } + + if (this->base) + { + clone->base = this->base->clone(this->base); + } + + return &clone->public; +} + +/** + * Implementation of endpoint_notify_t.destroy. + */ +static status_t destroy(private_endpoint_notify_t *this) +{ + DESTROY_IF(this->endpoint); + free(this); + return SUCCESS; +} + +/* + * Described in header + */ +endpoint_notify_t *endpoint_notify_create() +{ + private_endpoint_notify_t *this = malloc_thing(private_endpoint_notify_t); + + /* public functions */ + this->public.get_priority = (u_int32_t (*) (endpoint_notify_t *)) get_priority; + this->public.set_priority = (void (*) (endpoint_notify_t *, u_int32_t)) set_priority; + this->public.get_type = (p2p_endpoint_type_t (*) (endpoint_notify_t *)) get_type; + this->public.get_family = (p2p_endpoint_family_t (*) (endpoint_notify_t *)) get_family; + this->public.get_host = (host_t *(*) (endpoint_notify_t *)) get_host; + this->public.get_base = (host_t *(*) (endpoint_notify_t *)) get_base; + this->public.build_notify = (notify_payload_t *(*) (endpoint_notify_t *)) build_notify; + this->public.clone = (endpoint_notify_t *(*) (endpoint_notify_t *)) _clone; + this->public.destroy = (void (*) (endpoint_notify_t *)) destroy; + + /* set default values of the fields */ + this->priority = 0; + this->family = NO_FAMILY; + this->type = NO_TYPE; + this->endpoint = NULL; + this->base = NULL; + + return &this->public; +} + +/** + * Described in header + */ +endpoint_notify_t *endpoint_notify_create_from_host(p2p_endpoint_type_t type, host_t *host, host_t *base) +{ + private_endpoint_notify_t *this = (private_endpoint_notify_t*)endpoint_notify_create(); + + this->type = type; + + switch(type) + { + case HOST: + this->priority = pow(2, 16) * P2P_PRIO_HOST; + break; + case SERVER_REFLEXIVE: + this->priority = pow(2, 16) * P2P_PRIO_SERVER; + break; + case PEER_REFLEXIVE: + this->priority = pow(2, 16) * P2P_PRIO_PEER; + break; + case RELAYED: + this->priority = pow(2, 16) * P2P_PRIO_RELAY; + break; + } + + this->priority += 65535; + + if (!host) { + return &this->public; + } + + switch(host->get_family(host)) + { + case AF_INET: + this->family = IPv4; + break; + case AF_INET6: + this->family = IPv6; + break; + default: + // unsupported family type, we do not set the hsot (family is set to NO_FAMILY) + return &this->public; + } + + this->endpoint = host->clone(host); + + if (base) + { + this->base = base->clone(base); + } + + return &this->public; +} + +/** + * Described in header + */ +endpoint_notify_t *endpoint_notify_create_from_payload(notify_payload_t *notify) +{ + if (notify->get_notify_type(notify) != P2P_ENDPOINT) + { + return NULL; + } + + private_endpoint_notify_t *this = (private_endpoint_notify_t*)endpoint_notify_create(); + chunk_t data = notify->get_notification_data(notify); + if (parse_notification_data(this, data) != SUCCESS) + { + destroy(this); + return NULL; + } + return &this->public; +} diff --git a/src/charon/encoding/payloads/endpoint_notify.h b/src/charon/encoding/payloads/endpoint_notify.h new file mode 100644 index 000000000..272301d5b --- /dev/null +++ b/src/charon/encoding/payloads/endpoint_notify.h @@ -0,0 +1,185 @@ +/** + * @file endpoint_notify.h + * + * @brief Interface of endpoint_notify_t. + * + */ + +/* + * Copyright (C) 2007 Tobias Brunner + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + + +#ifndef ENDPOINT_NOTIFY_H_ +#define ENDPOINT_NOTIFY_H_ + +#define P2P_PRIO_HOST 255 +#define P2P_PRIO_SERVER 100 +#define P2P_PRIO_PEER 120 +#define P2P_PRIO_RELAY 0 + +typedef enum p2p_endpoint_family_t p2p_endpoint_family_t; +typedef enum p2p_endpoint_type_t p2p_endpoint_type_t; +typedef struct endpoint_notify_t endpoint_notify_t; + +#include + +enum p2p_endpoint_family_t { + + NO_FAMILY = 0, + + IPv4 = 1, + + IPv6 = 2, + + MAX_FAMILY = 3 + +}; + +enum p2p_endpoint_type_t { + + NO_TYPE = 0, + + HOST = 1, + + SERVER_REFLEXIVE = 2, + + PEER_REFLEXIVE = 3, + + RELAYED = 4, + + MAX_TYPE = 5 + +}; + +/** + * @brief Class representing a P2P_ENDPOINT notify. In fact it's not + * the notify per se, but the notification data of that notify that is + * handled with this class. + * + * @b Constructors: + * - endpoint_notify_create() + * - endpoint_notify_create_from_host() + * + * @ingroup payloads + */ +struct endpoint_notify_t { + /** + * @brief Returns the priority of this endpoint. + * + * @param this object + * @return priority + */ + u_int32_t (*get_priority) (endpoint_notify_t *this); + + /** + * @brief Sets the priority of this endpoint. + * + * @param this object + * @param priority priority + */ + void (*set_priority) (endpoint_notify_t *this, u_int32_t priority); + + /** + * @brief Returns the endpoint type of this endpoint. + * + * @param this object + * @return endpoint type + */ + p2p_endpoint_type_t (*get_type) (endpoint_notify_t *this); + + /** + * @brief Returns the endpoint family of this endpoint. + * + * @param this object + * @return endpoint family + */ + p2p_endpoint_family_t (*get_family) (endpoint_notify_t *this); + + /** + * @brief Returns the host of this endpoint. + * + * @param this object + * @return host + */ + host_t *(*get_host) (endpoint_notify_t *this); + + /** + * @brief Returns the base of this endpoint. + * + * If this is not a SERVER_REFLEXIVE endpoint, the returned host is the same + * as the one returned by get_host. + * + * @param this object + * @return host + */ + host_t *(*get_base) (endpoint_notify_t *this); + + /** + * @brief Generates a notification payload from this endpoint. + * + * @param this object + * @return built notify_payload_t + */ + notify_payload_t *(*build_notify) (endpoint_notify_t *this); + + /** + * @brief Clones an endpoint_notify_t object. + * + * @param this endpoint_notify_t object to clone + * @return cloned object + */ + endpoint_notify_t *(*clone) (endpoint_notify_t *this); + + /** + * @brief Destroys an endpoint_notify_t object. + * + * @param this endpoint_notify_t object to destroy + */ + void (*destroy) (endpoint_notify_t *this); +}; + +/** + * @brief Creates an empty endpoint_notify_t object. + * + * @return created endpoint_notify_t object + * + * @ingroup payloads + */ +endpoint_notify_t *endpoint_notify_create(void); + + +/** + * @brief Creates an endpoint_notify_t object from a host. + * + * @param type the endpoint type + * @param host host to base the notify on (gets cloned) + * @param base base of the endpoint, applies only to reflexive endpoints (gets cloned) + * @return created endpoint_notify_t object + * + * @ingroup payloads + */ +endpoint_notify_t *endpoint_notify_create_from_host(p2p_endpoint_type_t type, host_t *host, host_t *base); + +/** + * @brief Creates an endpoint_notify_t object from a notify payload. + * + * @param notify the notify payload + * @return - created endpoint_notify_t object + * - NULL if invalid payload + * @ingroup payloads + */ +endpoint_notify_t *endpoint_notify_create_from_payload(notify_payload_t *notify); + +#endif /*ENDPOINT_NOTIFY_H_*/ diff --git a/src/charon/encoding/payloads/id_payload.c b/src/charon/encoding/payloads/id_payload.c index 74c0ce870..eee5e92db 100644 --- a/src/charon/encoding/payloads/id_payload.c +++ b/src/charon/encoding/payloads/id_payload.c @@ -6,6 +6,7 @@ */ /* + * Copyright (C) 2007 Tobias Brunner * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter * Hochschule fuer Technik Rapperswil @@ -41,14 +42,14 @@ struct private_id_payload_t { id_payload_t public; /** - * TRUE if this ID payload is of type IDi, FALSE for IDr. + * one of ID_INITIATOR, ID_RESPONDER */ - bool is_initiator; + payload_type_t payload_type; /** * Next payload type. */ - u_int8_t next_payload; + payload_type_t next_payload; /** * Critical flag. @@ -149,14 +150,7 @@ static void get_encoding_rules(private_id_payload_t *this, encoding_rule_t **rul */ static payload_type_t get_payload_type(private_id_payload_t *this) { - if (this->is_initiator) - { - return ID_INITIATOR; - } - else - { - return ID_RESPONDER; - } + return this->payload_type; } /** @@ -164,7 +158,7 @@ static payload_type_t get_payload_type(private_id_payload_t *this) */ static payload_type_t get_next_type(private_id_payload_t *this) { - return (this->next_payload); + return this->next_payload; } /** @@ -237,22 +231,6 @@ static chunk_t get_data_clone (private_id_payload_t *this) return cloned_data; } -/** - * Implementation of id_payload_t.get_initiator. - */ -static bool get_initiator (private_id_payload_t *this) -{ - return (this->is_initiator); -} - -/** - * Implementation of id_payload_t.set_initiator. - */ -static void set_initiator (private_id_payload_t *this,bool is_initiator) -{ - this->is_initiator = is_initiator; -} - /** * Implementation of id_payload_t.get_identification. */ @@ -276,7 +254,7 @@ static void destroy(private_id_payload_t *this) /* * Described in header. */ -id_payload_t *id_payload_create(bool is_initiator) +id_payload_t *id_payload_create(payload_type_t payload_type) { private_id_payload_t *this = malloc_thing(private_id_payload_t); @@ -297,8 +275,6 @@ id_payload_t *id_payload_create(bool is_initiator) this->public.get_data = (chunk_t (*) (id_payload_t *)) get_data; this->public.get_data_clone = (chunk_t (*) (id_payload_t *)) get_data_clone; - this->public.get_initiator = (bool (*) (id_payload_t *)) get_initiator; - this->public.set_initiator = (void (*) (id_payload_t *,bool)) set_initiator; this->public.get_identification = (identification_t * (*) (id_payload_t *this)) get_identification; /* private variables */ @@ -306,7 +282,7 @@ id_payload_t *id_payload_create(bool is_initiator) this->next_payload = NO_PAYLOAD; this->payload_length =ID_PAYLOAD_HEADER_LENGTH; this->id_data = chunk_empty; - this->is_initiator = is_initiator; + this->payload_type = payload_type; return (&(this->public)); } @@ -314,9 +290,9 @@ id_payload_t *id_payload_create(bool is_initiator) /* * Described in header. */ -id_payload_t *id_payload_create_from_identification(bool is_initiator,identification_t *identification) +id_payload_t *id_payload_create_from_identification(payload_type_t payload_type, identification_t *identification) { - id_payload_t *this= id_payload_create(is_initiator); + id_payload_t *this= id_payload_create(payload_type); this->set_data(this,identification->get_encoding(identification)); this->set_id_type(this,identification->get_type(identification)); return this; diff --git a/src/charon/encoding/payloads/id_payload.h b/src/charon/encoding/payloads/id_payload.h index b67d85d2e..8e9322b4a 100644 --- a/src/charon/encoding/payloads/id_payload.h +++ b/src/charon/encoding/payloads/id_payload.h @@ -6,6 +6,7 @@ */ /* + * Copyright (C) 2007 Tobias Brunner * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter * Hochschule fuer Technik Rapperswil @@ -111,28 +112,6 @@ struct id_payload_t { */ identification_t *(*get_identification) (id_payload_t *this); - /** - * @brief Get the type of ID payload (IDi or IDr). - * - * @param this calling id_payload_t object - * @return - * - TRUE if this payload is of type IDi - * - FALSE if this payload is of type IDr - * - */ - bool (*get_initiator) (id_payload_t *this); - - /** - * @brief Set the type of ID payload (IDi or IDr). - * - * @param this calling id_payload_t object - * @param is_initiator - * - TRUE if this payload is of type IDi - * - FALSE if this payload is of type IDr - * - */ - void (*set_initiator) (id_payload_t *this,bool is_initiator); - /** * @brief Destroys an id_payload_t object. * @@ -144,28 +123,23 @@ struct id_payload_t { /** * @brief Creates an empty id_payload_t object. * - * @param is_initiator - * - TRUE if this payload is of type IDi - * - FALSE if this payload is of type IDr - * + * @param payload_type one of ID_INITIATOR, ID_RESPONDER * @return id_payload_t object * * @ingroup payloads */ -id_payload_t *id_payload_create(bool is_initiator); +id_payload_t *id_payload_create(payload_type_t payload_type); /** * @brief Creates an id_payload_t from an existing identification_t object. * - * @param is_initiator - * - TRUE if this payload is of type IDi - * - FALSE if this payload is of type IDr + * @param payload_type one of ID_INITIATOR, ID_RESPONDER * @param identification identification_t object * @return id_payload_t object * * @ingroup payloads */ -id_payload_t *id_payload_create_from_identification(bool is_initiator,identification_t *identification); +id_payload_t *id_payload_create_from_identification(payload_type_t payload_type, identification_t *identification); diff --git a/src/charon/encoding/payloads/ike_header.c b/src/charon/encoding/payloads/ike_header.c index b1b4fbf87..7253e4f51 100644 --- a/src/charon/encoding/payloads/ike_header.c +++ b/src/charon/encoding/payloads/ike_header.c @@ -6,6 +6,7 @@ */ /* + * Copyright (C) 2007 Tobias Brunner * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter * Hochschule fuer Technik Rapperswil @@ -109,7 +110,13 @@ ENUM_NEXT(exchange_type_names, IKE_SA_INIT, INFORMATIONAL, EXCHANGE_TYPE_UNDEFIN "IKE_AUTH", "CREATE_CHILD_SA", "INFORMATIONAL"); +#ifdef P2P +ENUM_NEXT(exchange_type_names, P2P_CONNECT, P2P_CONNECT, INFORMATIONAL, + "P2P_CONNECT"); +ENUM_END(exchange_type_names, P2P_CONNECT); +#else ENUM_END(exchange_type_names, INFORMATIONAL); +#endif /* P2P */ /** * Encoding rules to parse or generate a IKEv2-Header. @@ -172,12 +179,23 @@ encoding_rule_t ike_header_encodings[] = { */ static status_t verify(private_ike_header_t *this) { - if ((this->exchange_type < IKE_SA_INIT) || (this->exchange_type > INFORMATIONAL)) + if ((this->exchange_type < IKE_SA_INIT) || + ((this->exchange_type > INFORMATIONAL) +#ifdef P2P + && (this->exchange_type != P2P_CONNECT) +#endif /* P2P */ + )) { /* unsupported exchange type */ return FAILED; } - if (this->initiator_spi == 0) + + if (this->initiator_spi == 0 +#ifdef P2P + // we allow zero spi for INFORMATIONAL exchanges, to allow P2P connectivity checks + && this->exchange_type != INFORMATIONAL +#endif /* P2P */ + ) { /* initiator spi not set */ return FAILED; diff --git a/src/charon/encoding/payloads/ike_header.h b/src/charon/encoding/payloads/ike_header.h index 95c20f810..e80964482 100644 --- a/src/charon/encoding/payloads/ike_header.h +++ b/src/charon/encoding/payloads/ike_header.h @@ -6,6 +6,7 @@ */ /* + * Copyright (C) 2007 Tobias Brunner * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter * Hochschule fuer Technik Rapperswil @@ -70,7 +71,7 @@ enum exchange_type_t{ /** * EXCHANGE_TYPE_UNDEFINED. In private space, since not a official message type. */ - EXCHANGE_TYPE_UNDEFINED = 240, + EXCHANGE_TYPE_UNDEFINED = 255, /** * IKE_SA_INIT. @@ -90,7 +91,13 @@ enum exchange_type_t{ /** * INFORMATIONAL. */ - INFORMATIONAL = 37 + INFORMATIONAL = 37, +#ifdef P2P + /** + * P2P_CONNECT + */ + P2P_CONNECT = 240 +#endif /* P2P */ }; /** diff --git a/src/charon/encoding/payloads/notify_payload.c b/src/charon/encoding/payloads/notify_payload.c index e27d3c68f..74a6c3197 100644 --- a/src/charon/encoding/payloads/notify_payload.c +++ b/src/charon/encoding/payloads/notify_payload.c @@ -6,7 +6,8 @@ */ /* - * Copyright (C) 2006 Tobias Brunner, Daniel Roethlisberger + * Copyright (C) 2006-2007 Tobias Brunner + * Copyright (C) 2006 Daniel Roethlisberger * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter * Hochschule fuer Technik Rapperswil @@ -56,7 +57,13 @@ ENUM_NEXT(notify_type_names, SINGLE_PAIR_REQUIRED, UNEXPECTED_NAT_DETECTED, AUTH "INVALID_SELECTORS", "UNACCEPTABLE_ADDRESSES", "UNEXPECTED_NAT_DETECTED"); +#ifdef P2P +ENUM_NEXT(notify_type_names, P2P_CONNECT_FAILED, P2P_CONNECT_FAILED, UNEXPECTED_NAT_DETECTED, + "P2P_CONNECT_FAILED"); +ENUM_NEXT(notify_type_names, INITIAL_CONTACT, AUTH_LIFETIME, P2P_CONNECT_FAILED, +#else ENUM_NEXT(notify_type_names, INITIAL_CONTACT, AUTH_LIFETIME, UNEXPECTED_NAT_DETECTED, +#endif /* P2P */ "INITIAL_CONTACT", "SET_WINDOW_SIZE", "ADDITIONAL_TS_POSSIBLE", @@ -79,7 +86,20 @@ ENUM_NEXT(notify_type_names, INITIAL_CONTACT, AUTH_LIFETIME, UNEXPECTED_NAT_DETE "AUTH_LIFETIME"); ENUM_NEXT(notify_type_names, EAP_ONLY_AUTHENTICATION, EAP_ONLY_AUTHENTICATION, AUTH_LIFETIME, "EAP_ONLY_AUTHENTICATION"); +#ifdef P2P +ENUM_NEXT(notify_type_names, USE_BEET_MODE, USE_BEET_MODE, EAP_ONLY_AUTHENTICATION, + "USE_BEET_MODE"); +ENUM_NEXT(notify_type_names, P2P_MEDIATION, P2P_RESPONSE, USE_BEET_MODE, + "P2P_MEDIATION", + "P2P_ENDPOINT", + "P2P_CALLBACK", + "P2P_SESSIONID", + "P2P_SESSIONKEY", + "P2P_RESPONSE"); +ENUM_END(notify_type_names, P2P_RESPONSE); +#else ENUM_END(notify_type_names, EAP_ONLY_AUTHENTICATION); +#endif /* P2P */ ENUM_BEGIN(notify_type_short_names, UNSUPPORTED_CRITICAL_PAYLOAD, UNSUPPORTED_CRITICAL_PAYLOAD, @@ -108,7 +128,13 @@ ENUM_NEXT(notify_type_short_names, SINGLE_PAIR_REQUIRED, UNEXPECTED_NAT_DETECTED "INVAL_SEL", "UNACCEPT_ADDR", "UNEXPECT_NAT"); +#ifdef P2P +ENUM_NEXT(notify_type_short_names, P2P_CONNECT_FAILED, P2P_CONNECT_FAILED, UNEXPECTED_NAT_DETECTED, + "P2P_CONN_FAIL"); +ENUM_NEXT(notify_type_short_names, INITIAL_CONTACT, AUTH_LIFETIME, P2P_CONNECT_FAILED, +#else ENUM_NEXT(notify_type_short_names, INITIAL_CONTACT, AUTH_LIFETIME, UNEXPECTED_NAT_DETECTED, +#endif /* P2P */ "INIT_CONTACT", "SET_WINSIZE", "ADD_TS_POSS", @@ -131,7 +157,20 @@ ENUM_NEXT(notify_type_short_names, INITIAL_CONTACT, AUTH_LIFETIME, UNEXPECTED_NA "AUTH_LFT"); ENUM_NEXT(notify_type_short_names, EAP_ONLY_AUTHENTICATION, EAP_ONLY_AUTHENTICATION, AUTH_LIFETIME, "EAP_ONLY"); +#ifdef P2P +ENUM_NEXT(notify_type_short_names, USE_BEET_MODE, USE_BEET_MODE, EAP_ONLY_AUTHENTICATION, + "BEET_MODE"); +ENUM_NEXT(notify_type_short_names, P2P_MEDIATION, P2P_RESPONSE, USE_BEET_MODE, + "P2P_MED", + "P2P_EP", + "P2P_CB", + "P2P_SID", + "P2P_SKEY", + "P2P_R"); +ENUM_END(notify_type_short_names, P2P_RESPONSE); +#else ENUM_END(notify_type_short_names, EAP_ONLY_AUTHENTICATION); +#endif /* P2P */ typedef struct private_notify_payload_t private_notify_payload_t; @@ -303,6 +342,7 @@ static status_t verify(private_notify_payload_t *this) } break; } + // FIXME: check size of P2P-NAT-T payloads default: /* TODO: verify */ break; diff --git a/src/charon/encoding/payloads/notify_payload.h b/src/charon/encoding/payloads/notify_payload.h index 231d0408d..4a9ad992b 100644 --- a/src/charon/encoding/payloads/notify_payload.h +++ b/src/charon/encoding/payloads/notify_payload.h @@ -6,7 +6,8 @@ */ /* - * Copyright (C) 2006 Tobias Brunner, Daniel Roethlisberger + * Copyright (C) 2006-2007 Tobias Brunner + * Copyright (C) 2006 Daniel Roethlisberger * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter * Hochschule fuer Technik Rapperswil @@ -67,6 +68,10 @@ enum notify_type_t { INVALID_SELECTORS = 39, UNACCEPTABLE_ADDRESSES = 40, UNEXPECTED_NAT_DETECTED = 41, +#ifdef P2P + /* P2P-NAT-T, private use */ + P2P_CONNECT_FAILED = 8192, +#endif /* P2P */ /* notify status messages */ INITIAL_CONTACT = 16384, SET_WINDOW_SIZE = 16385, @@ -94,6 +99,15 @@ enum notify_type_t { EAP_ONLY_AUTHENTICATION = 40960, /* BEET mode, not even a draft yet. private use */ USE_BEET_MODE = 40961, +#ifdef P2P + /* P2P-NAT-T, private use */ + P2P_MEDIATION = 40962, + P2P_ENDPOINT = 40963, + P2P_CALLBACK = 40964, + P2P_SESSIONID = 40965, + P2P_SESSIONKEY = 40966, + P2P_RESPONSE = 40967 +#endif /* P2P */ }; /** diff --git a/src/charon/encoding/payloads/payload.c b/src/charon/encoding/payloads/payload.c index 3bd4cdb13..2c51c60de 100644 --- a/src/charon/encoding/payloads/payload.c +++ b/src/charon/encoding/payloads/payload.c @@ -7,6 +7,7 @@ */ /* + * Copyright (C) 2007 Tobias Brunner * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter * Hochschule fuer Technik Rapperswil @@ -63,7 +64,13 @@ ENUM_NEXT(payload_type_names, SECURITY_ASSOCIATION, EXTENSIBLE_AUTHENTICATION, N "ENCRYPTED", "CONFIGURATION", "EXTENSIBLE_AUTHENTICATION"); +#ifdef P2P +ENUM_NEXT(payload_type_names, ID_PEER, ID_PEER, EXTENSIBLE_AUTHENTICATION, + "ID_PEER"); +ENUM_NEXT(payload_type_names, HEADER, UNKNOWN_PAYLOAD, ID_PEER, +#else ENUM_NEXT(payload_type_names, HEADER, UNKNOWN_PAYLOAD, EXTENSIBLE_AUTHENTICATION, +#endif /* P2P */ "HEADER", "PROPOSAL_SUBSTRUCTURE", "TRANSFORM_SUBSTRUCTURE", @@ -93,7 +100,13 @@ ENUM_NEXT(payload_type_short_names, SECURITY_ASSOCIATION, EXTENSIBLE_AUTHENTICAT "E", "CP", "EAP"); +#ifdef P2P +ENUM_NEXT(payload_type_short_names, ID_PEER, ID_PEER, EXTENSIBLE_AUTHENTICATION, + "IDp"); +ENUM_NEXT(payload_type_short_names, HEADER, UNKNOWN_PAYLOAD, ID_PEER, +#else ENUM_NEXT(payload_type_short_names, HEADER, UNKNOWN_PAYLOAD, EXTENSIBLE_AUTHENTICATION, +#endif /* P2P */ "HDR", "PROP", "TRANS", @@ -123,9 +136,13 @@ payload_t *payload_create(payload_type_t type) case NONCE: return (payload_t*)nonce_payload_create(); case ID_INITIATOR: - return (payload_t*)id_payload_create(TRUE); + return (payload_t*)id_payload_create(ID_INITIATOR); case ID_RESPONDER: - return (payload_t*)id_payload_create(FALSE); + return (payload_t*)id_payload_create(ID_RESPONDER); +#ifdef P2P + case ID_PEER: + return (payload_t*)id_payload_create(ID_PEER); +#endif /* P2P */ case AUTHENTICATION: return (payload_t*)auth_payload_create(); case CERTIFICATE: diff --git a/src/charon/encoding/payloads/payload.h b/src/charon/encoding/payloads/payload.h index 9a8c2f482..ab902d755 100644 --- a/src/charon/encoding/payloads/payload.h +++ b/src/charon/encoding/payloads/payload.h @@ -6,6 +6,7 @@ */ /* + * Copyright (C) 2007 Tobias Brunner * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter * Hochschule fuer Technik Rapperswil @@ -126,10 +127,18 @@ enum payload_type_t{ */ EXTENSIBLE_AUTHENTICATION = 48, +#ifdef P2P + /** + * Identification payload for peers in P2P-NAT-T has a value from + * the PRIVATE USE space. + */ + ID_PEER = 128, +#endif /* P2P */ + /** * Header has a value of PRIVATE USE space. * - * This payload type is not send over wire and just + * This payload type is not sent over wire and just * used internally to handle IKEv2-Header like a payload. */ HEADER = 140, @@ -137,7 +146,7 @@ enum payload_type_t{ /** * PROPOSAL_SUBSTRUCTURE has a value of PRIVATE USE space. * - * This payload type is not send over wire and just + * This payload type is not sent over wire and just * used internally to handle a proposal substructure like a payload. */ PROPOSAL_SUBSTRUCTURE = 141, @@ -145,7 +154,7 @@ enum payload_type_t{ /** * TRANSFORM_SUBSTRUCTURE has a value of PRIVATE USE space. * - * This payload type is not send over wire and just + * This payload type is not sent over wire and just * used internally to handle a transform substructure like a payload. */ TRANSFORM_SUBSTRUCTURE = 142, @@ -153,7 +162,7 @@ enum payload_type_t{ /** * TRANSFORM_ATTRIBUTE has a value of PRIVATE USE space. * - * This payload type is not send over wire and just + * This payload type is not sent over wire and just * used internally to handle a transform attribute like a payload. */ TRANSFORM_ATTRIBUTE = 143, @@ -161,7 +170,7 @@ enum payload_type_t{ /** * TRAFFIC_SELECTOR_SUBSTRUCTURE has a value of PRIVATE USE space. * - * This payload type is not send over wire and just + * This payload type is not sent over wire and just * used internally to handle a transform selector like a payload. */ TRAFFIC_SELECTOR_SUBSTRUCTURE = 144, @@ -169,7 +178,7 @@ enum payload_type_t{ /** * CONFIGURATION_ATTRIBUTE has a value of PRIVATE USE space. * - * This payload type is not send over wire and just + * This payload type is not sent over wire and just * used internally to handle a transform attribute like a payload. */ CONFIGURATION_ATTRIBUTE = 145, @@ -177,7 +186,7 @@ enum payload_type_t{ /** * A unknown payload has a value of PRIVATE USE space. * - * This payload type is not send over wire and just + * This payload type is not sent over wire and just * used internally to handle a unknown payload. */ UNKNOWN_PAYLOAD = 146, diff --git a/src/charon/encoding/payloads/sa_payload.c b/src/charon/encoding/payloads/sa_payload.c index e264b2123..304f1b64c 100644 --- a/src/charon/encoding/payloads/sa_payload.c +++ b/src/charon/encoding/payloads/sa_payload.c @@ -123,7 +123,7 @@ static status_t verify(private_sa_payload_t *this) { if (current_number != (expected_number + 1)) { - DBG1(DBG_ENC, "proposal number is %d, excepted %d or %d", + DBG1(DBG_ENC, "proposal number is %d, expected %d or %d", current_number, expected_number, expected_number + 1); status = FAILED; break; diff --git a/src/charon/kernel/kernel_interface.c b/src/charon/kernel/kernel_interface.c index 4770c7538..b7f6a1def 100644 --- a/src/charon/kernel/kernel_interface.c +++ b/src/charon/kernel/kernel_interface.c @@ -29,6 +29,7 @@ #include #include +#include #include #include #include @@ -51,6 +52,14 @@ #include #include +/** routing table for routes installed by us */ +#ifndef IPSEC_ROUTING_TABLE +#define IPSEC_ROUTING_TABLE 100 +#endif +#ifndef IPSEC_ROUTING_TABLE_PRIO +#define IPSEC_ROUTING_TABLE_PRIO 100 +#endif + /** kernel level protocol identifiers */ #define KERNEL_ESP 50 #define KERNEL_AH 51 @@ -59,6 +68,9 @@ #define PRIO_LOW 3000 #define PRIO_HIGH 2000 +/** delay before firing roam jobs (ms) */ +#define ROAM_DELAY 100 + #define BUFFER_SIZE 1024 /** @@ -288,10 +300,20 @@ struct private_kernel_interface_t { kernel_interface_t public; /** - * mutex to lock access to the various lists + * mutex to lock access to netlink socket + */ + pthread_mutex_t nl_mutex; + + /** + * mutex to lock access to various lists */ pthread_mutex_t mutex; + /** + * condition variable to signal virtual IP add/removal + */ + pthread_cond_t cond; + /** * List of installed policies (policy_entry_t) */ @@ -336,6 +358,11 @@ struct private_kernel_interface_t { * Netlink rt socket to receive address change events */ int socket_rt_events; + + /** + * time of the last roam_job + */ + struct timeval last_roam; }; /** @@ -519,6 +546,31 @@ static void process_expire(private_kernel_interface_t *this, struct nlmsghdr *hd charon->processor->queue_job(charon->processor, job); } +/** + * start a roaming job. We delay it for a second and fire only one job + * for multiple events. Otherwise we would create two many jobs. + */ +static void fire_roam_job(private_kernel_interface_t *this, bool address) +{ + struct timeval now; + + if (gettimeofday(&now, NULL) == 0) + { + if (timercmp(&now, &this->last_roam, >)) + { + now.tv_usec += ROAM_DELAY * 1000; + while (now.tv_usec > 1000000) + { + now.tv_sec++; + now.tv_usec -= 1000000; + } + this->last_roam = now; + charon->scheduler->schedule_job(charon->scheduler, + (job_t*)roam_job_create(address), ROAM_DELAY); + } + } +} + /** * process RTM_NEWLINK/RTM_DELLINK from kernel */ @@ -615,8 +667,7 @@ static void process_link(private_kernel_interface_t *this, /* send an update to all IKE_SAs */ if (update && event) { - charon->processor->queue_job(charon->processor, - (job_t*)roam_job_create(TRUE)); + fire_roam_job(this, TRUE); } } @@ -684,8 +735,16 @@ static void process_addr(private_kernel_interface_t *this, { changed = TRUE; addrs->remove(addrs); + if (!addr->virtual) + { + DBG1(DBG_KNL, "%H disappeared from %s", + host, iface->ifname); + } addr_entry_destroy(addr); - DBG1(DBG_KNL, "%H disappeared from %s", host, iface->ifname); + } + else if (hdr->nlmsg_type == RTM_NEWADDR && addr->virtual) + { + addr->refcount = 1; } } } @@ -723,8 +782,7 @@ static void process_addr(private_kernel_interface_t *this, /* send an update to all IKE_SAs */ if (update && event && changed) { - charon->processor->queue_job(charon->processor, - (job_t*)roam_job_create(TRUE)); + fire_roam_job(this, TRUE); } } @@ -813,15 +871,16 @@ static job_requeue_t receive_events(private_kernel_interface_t *this) case RTM_NEWADDR: case RTM_DELADDR: process_addr(this, hdr, TRUE); + pthread_cond_signal(&this->cond); break; case RTM_NEWLINK: case RTM_DELLINK: process_link(this, hdr, TRUE); + pthread_cond_signal(&this->cond); break; case RTM_NEWROUTE: case RTM_DELROUTE: - charon->processor->queue_job(charon->processor, - (job_t*)roam_job_create(FALSE)); + fire_roam_job(this, FALSE); break; default: break; @@ -844,7 +903,7 @@ static status_t netlink_send(private_kernel_interface_t *this, chunk_t result = chunk_empty, tmp; struct nlmsghdr *msg, peek; - pthread_mutex_lock(&this->mutex); + pthread_mutex_lock(&this->nl_mutex); in->nlmsg_seq = ++this->seq; in->nlmsg_pid = getpid(); @@ -866,7 +925,7 @@ static status_t netlink_send(private_kernel_interface_t *this, /* interrupted, try again */ continue; } - pthread_mutex_unlock(&this->mutex); + pthread_mutex_unlock(&this->nl_mutex); DBG1(DBG_KNL, "error sending to netlink socket: %s", strerror(errno)); return FAILED; } @@ -898,13 +957,13 @@ static status_t netlink_send(private_kernel_interface_t *this, continue; } DBG1(DBG_KNL, "error reading from netlink socket: %s", strerror(errno)); - pthread_mutex_unlock(&this->mutex); + pthread_mutex_unlock(&this->nl_mutex); return FAILED; } if (!NLMSG_OK(msg, len)) { DBG1(DBG_KNL, "received corrupted netlink message"); - pthread_mutex_unlock(&this->mutex); + pthread_mutex_unlock(&this->nl_mutex); return FAILED; } if (msg->nlmsg_seq != this->seq) @@ -914,7 +973,7 @@ static status_t netlink_send(private_kernel_interface_t *this, { continue; } - pthread_mutex_unlock(&this->mutex); + pthread_mutex_unlock(&this->nl_mutex); return FAILED; } @@ -937,7 +996,7 @@ static status_t netlink_send(private_kernel_interface_t *this, *out_len = result.len; *out = (struct nlmsghdr*)clalloc(result.ptr, result.len); - pthread_mutex_unlock(&this->mutex); + pthread_mutex_unlock(&this->nl_mutex); return SUCCESS; } @@ -1287,6 +1346,40 @@ static int get_interface_index(private_kernel_interface_t *this, host_t* ip) return ifindex; } +/** + * get the refcount of a virtual ip + */ +static int get_vip_refcount(private_kernel_interface_t *this, host_t* ip) +{ + iterator_t *ifaces, *addrs; + iface_entry_t *iface; + addr_entry_t *addr; + int refcount = 0; + + ifaces = this->ifaces->create_iterator(this->ifaces, TRUE); + while (ifaces->iterate(ifaces, (void**)&iface)) + { + addrs = iface->addrs->create_iterator(iface->addrs, TRUE); + while (addrs->iterate(addrs, (void**)&addr)) + { + if (addr->virtual && (iface->flags & IFF_UP) && + ip->ip_equals(ip, addr->ip)) + { + refcount = addr->refcount; + break; + } + } + addrs->destroy(addrs); + if (refcount) + { + break; + } + } + ifaces->destroy(ifaces); + + return refcount; +} + /** * Manages the creation and deletion of ip addresses on an interface. * By setting the appropriate nlmsg_type, the ip will be set or unset. @@ -1331,11 +1424,11 @@ static status_t manage_srcroute(private_kernel_interface_t *this, int nlmsg_type struct nlmsghdr *hdr; struct rtmsg *msg; chunk_t chunk; - + +#if IPSEC_ROUTING_TABLE == 0 /* if route is 0.0.0.0/0, we can't install it, as it would * overwrite the default route. Instead, we add two routes: - * 0.0.0.0/1 and 128.0.0.0/1 - * TODO: use metrics instead */ + * 0.0.0.0/1 and 128.0.0.0/1 */ if (route->prefixlen == 0) { route_entry_t half; @@ -1353,6 +1446,7 @@ static status_t manage_srcroute(private_kernel_interface_t *this, int nlmsg_type status = manage_srcroute(this, nlmsg_type, flags, &half); return status; } +#endif memset(&request, 0, sizeof(request)); @@ -1364,7 +1458,7 @@ static status_t manage_srcroute(private_kernel_interface_t *this, int nlmsg_type msg = (struct rtmsg*)NLMSG_DATA(hdr); msg->rtm_family = route->src_ip->get_family(route->src_ip); msg->rtm_dst_len = route->prefixlen; - msg->rtm_table = RT_TABLE_MAIN; + msg->rtm_table = IPSEC_ROUTING_TABLE; msg->rtm_protocol = RTPROT_STATIC; msg->rtm_type = RTN_UNICAST; msg->rtm_scope = RT_SCOPE_UNIVERSE; @@ -1382,34 +1476,94 @@ static status_t manage_srcroute(private_kernel_interface_t *this, int nlmsg_type } /** - * Get the nexthop gateway for dest; or the source addr if gateway = FALSE + * create or delete an rule to use our routing table */ -static host_t* get_addr(private_kernel_interface_t *this, - host_t *dest, bool gateway) +static status_t manage_rule(private_kernel_interface_t *this, int nlmsg_type, + u_int32_t table, u_int32_t prio) +{ + unsigned char request[BUFFER_SIZE]; + struct nlmsghdr *hdr; + struct rtmsg *msg; + chunk_t chunk; + + memset(&request, 0, sizeof(request)); + hdr = (struct nlmsghdr*)request; + hdr->nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK; + hdr->nlmsg_type = nlmsg_type; + if (nlmsg_type == RTM_NEWRULE) + { + hdr->nlmsg_flags |= NLM_F_CREATE | NLM_F_EXCL; + } + hdr->nlmsg_len = NLMSG_LENGTH(sizeof(struct rtmsg)); + + msg = (struct rtmsg*)NLMSG_DATA(hdr); + msg->rtm_table = table; + msg->rtm_family = AF_INET; + msg->rtm_protocol = RTPROT_BOOT; + msg->rtm_scope = RT_SCOPE_UNIVERSE; + msg->rtm_type = RTN_UNICAST; + + chunk = chunk_from_thing(prio); + add_attribute(hdr, RTA_PRIORITY, chunk, sizeof(request)); + + return netlink_send_ack(this, this->socket_rt, hdr); +} + +/** + * check if an address (chunk) addr is in subnet (net with net_len net bits) + */ +static bool addr_in_subnet(chunk_t addr, chunk_t net, int net_len) +{ + int bit, byte; + + if (addr.len != net.len) + { + return FALSE; + } + /* scan through all bits, beginning in the front */ + for (byte = 0; byte < addr.len; byte++) + { + for (bit = 7; bit >= 0; bit--) + { + /* check if bits are equal (or we reached the end of the net) */ + if (bit + byte * 8 > net_len) + { + return TRUE; + } + if (((1<nlmsg_flags = NLM_F_REQUEST; + hdr->nlmsg_flags = NLM_F_REQUEST | NLM_F_DUMP | NLM_F_ROOT; hdr->nlmsg_type = RTM_GETROUTE; hdr->nlmsg_len = NLMSG_LENGTH(sizeof(struct rtmsg)); msg = (struct rtmsg*)NLMSG_DATA(hdr); msg->rtm_family = dest->get_family(dest); - msg->rtm_dst_len = msg->rtm_family == AF_INET ? 32 : 128; - msg->rtm_table = RT_TABLE_MAIN; - msg->rtm_protocol = RTPROT_STATIC; - msg->rtm_type = RTN_UNICAST; - msg->rtm_scope = RT_SCOPE_UNIVERSE; chunk = dest->get_address(dest); add_attribute(hdr, RTA_DST, chunk, sizeof(request)); @@ -1430,24 +1584,91 @@ static host_t* get_addr(private_kernel_interface_t *this, { struct rtattr *rta; size_t rtasize; + chunk_t rta_gtw, rta_src, rta_dst; + u_int32_t rta_oif = 0; + rta_gtw = rta_src = rta_dst = chunk_empty; msg = (struct rtmsg*)(NLMSG_DATA(current)); rta = RTM_RTA(msg); rtasize = RTM_PAYLOAD(current); - while(RTA_OK(rta, rtasize)) + while (RTA_OK(rta, rtasize)) { - if ((rta->rta_type == RTA_PREFSRC && !gateway) || - (rta->rta_type == RTA_GATEWAY && gateway)) + switch (rta->rta_type) { - chunk.ptr = RTA_DATA(rta); - chunk.len = RTA_PAYLOAD(rta); - addr = host_create_from_chunk(msg->rtm_family, - chunk, 0); - break; + case RTA_PREFSRC: + rta_src = chunk_create(RTA_DATA(rta), RTA_PAYLOAD(rta)); + break; + case RTA_GATEWAY: + rta_gtw = chunk_create(RTA_DATA(rta), RTA_PAYLOAD(rta)); + break; + case RTA_DST: + rta_dst = chunk_create(RTA_DATA(rta), RTA_PAYLOAD(rta)); + break; + case RTA_OIF: + if (RTA_PAYLOAD(rta) == sizeof(rta_oif)) + { + rta_oif = *(u_int32_t*)RTA_DATA(rta); + } + break; } rta = RTA_NEXT(rta, rtasize); } - break; + + /* apply the route if: + * - it is not from our own ipsec routing table + * - is better than a previous one + * - is the default route or + * - its destination net contains our destination + */ + if (msg->rtm_table != IPSEC_ROUTING_TABLE + && msg->rtm_dst_len > best + && (msg->rtm_dst_len == 0 || /* default route */ + (rta_dst.ptr && addr_in_subnet(chunk, rta_dst, msg->rtm_dst_len)))) + { + iterator_t *ifaces, *addrs; + iface_entry_t *iface; + addr_entry_t *addr; + + best = msg->rtm_dst_len; + if (nexthop) + { + DESTROY_IF(gtw); + gtw = host_create_from_chunk(msg->rtm_family, rta_gtw, 0); + } + else if (rta_src.ptr) + { + DESTROY_IF(src); + src = host_create_from_chunk(msg->rtm_family, rta_src, 0); + } + else + { + /* no source addr, get one from the interfaces */ + ifaces = this->ifaces->create_iterator_locked( + this->ifaces, &this->mutex); + while (ifaces->iterate(ifaces, (void**)&iface)) + { + if (iface->ifindex == rta_oif) + { + addrs = iface->addrs->create_iterator( + iface->addrs, TRUE); + while (addrs->iterate(addrs, (void**)&addr)) + { + chunk_t ip = addr->ip->get_address(addr->ip); + if (msg->rtm_dst_len == 0 + || addr_in_subnet(ip, rta_dst, msg->rtm_dst_len)) + { + DESTROY_IF(src); + src = addr->ip->clone(addr->ip); + break; + } + } + addrs->destroy(addrs); + } + } + ifaces->destroy(ifaces); + } + } + /* FALL through */ } default: current = NLMSG_NEXT(current, len); @@ -1456,11 +1677,16 @@ static host_t* get_addr(private_kernel_interface_t *this, break; } free(out); - if (addr == NULL) + + if (nexthop) { - DBG2(DBG_KNL, "no route found to %H", dest); + if (gtw) + { + return gtw; + } + return dest->clone(dest); } - return addr; + return src; } /** @@ -1468,7 +1694,7 @@ static host_t* get_addr(private_kernel_interface_t *this, */ static host_t* get_source_addr(private_kernel_interface_t *this, host_t *dest) { - return get_addr(this, dest, FALSE); + return get_route(this, dest, FALSE); } /** @@ -1480,6 +1706,7 @@ static status_t add_ip(private_kernel_interface_t *this, iface_entry_t *iface; addr_entry_t *addr; iterator_t *addrs, *ifaces; + int ifindex; DBG2(DBG_KNL, "adding virtual IP %H", virtual_ip); @@ -1509,30 +1736,32 @@ static status_t add_ip(private_kernel_interface_t *this, if (iface_found) { - int ifindex = iface->ifindex; - ifaces->destroy(ifaces); + ifindex = iface->ifindex; + addr = malloc_thing(addr_entry_t); + addr->ip = virtual_ip->clone(virtual_ip); + addr->refcount = 0; + addr->virtual = TRUE; + addr->scope = RT_SCOPE_UNIVERSE; + iface->addrs->insert_last(iface->addrs, addr); + if (manage_ipaddr(this, RTM_NEWADDR, NLM_F_CREATE | NLM_F_EXCL, ifindex, virtual_ip) == SUCCESS) { - addr = malloc_thing(addr_entry_t); - addr->ip = virtual_ip->clone(virtual_ip); - addr->refcount = 1; - addr->virtual = TRUE; - addr->scope = RT_SCOPE_UNIVERSE; - pthread_mutex_lock(&this->mutex); - iface->addrs->insert_last(iface->addrs, addr); - pthread_mutex_unlock(&this->mutex); + while (get_vip_refcount(this, virtual_ip) == 0) + { /* wait until address appears */ + pthread_cond_wait(&this->cond, &this->mutex); + } + ifaces->destroy(ifaces); return SUCCESS; } - DBG2(DBG_KNL, "adding virtual IP %H failed", virtual_ip); + ifaces->destroy(ifaces); + DBG1(DBG_KNL, "adding virtual IP %H failed", virtual_ip); return FAILED; - } - } ifaces->destroy(ifaces); - DBG2(DBG_KNL, "interface address %H not found, unable to install" + DBG1(DBG_KNL, "interface address %H not found, unable to install" "virtual IP %H", iface_ip, virtual_ip); return FAILED; } @@ -1545,6 +1774,8 @@ static status_t del_ip(private_kernel_interface_t *this, host_t *virtual_ip) iface_entry_t *iface; addr_entry_t *addr; iterator_t *addrs, *ifaces; + status_t status; + int ifindex; DBG2(DBG_KNL, "deleting virtual IP %H", virtual_ip); @@ -1556,16 +1787,25 @@ static status_t del_ip(private_kernel_interface_t *this, host_t *virtual_ip) { if (virtual_ip->ip_equals(virtual_ip, addr->ip)) { - int ifindex = iface->ifindex; - addr->refcount--; - if (addr->refcount == 0) + ifindex = iface->ifindex; + if (addr->refcount == 1) { - addrs->remove(addrs); + status = manage_ipaddr(this, RTM_DELADDR, 0, + ifindex, virtual_ip); + if (status == SUCCESS) + { /* wait until the address is really gone */ + while (get_vip_refcount(this, virtual_ip) > 0) + { + pthread_cond_wait(&this->cond, &this->mutex); + } + } addrs->destroy(addrs); ifaces->destroy(ifaces); - addr_entry_destroy(addr); - return manage_ipaddr(this, RTM_DELADDR, 0, - ifindex, virtual_ip); + return status; + } + else + { + addr->refcount--; } DBG2(DBG_KNL, "virtual IP %H used by other SAs, not deleting", virtual_ip); @@ -2155,13 +2395,8 @@ static status_t add_policy(private_kernel_interface_t *this, policy->route = malloc_thing(route_entry_t); if (get_address_by_ts(this, dst_ts, &policy->route->src_ip) == SUCCESS) { - /* if we have a gateway (via), we use it. If it's direct, we - * use the peers address (which is src, as we are in POLICY_FWD).*/ - policy->route->gateway = get_addr(this, src, TRUE); - if (policy->route->gateway == NULL) - { - policy->route->gateway = src->clone(src); - } + /* get the nexthop to src (src as we are in POLICY_FWD).*/ + policy->route->gateway = get_route(this, src, TRUE); policy->route->if_index = get_interface_index(this, dst); policy->route->dst_net = chunk_alloc(policy->sel.family == AF_INET ? 4 : 16); memcpy(policy->route->dst_net.ptr, &policy->sel.saddr, policy->route->dst_net.len); @@ -2340,6 +2575,8 @@ static status_t del_policy(private_kernel_interface_t *this, */ static void destroy(private_kernel_interface_t *this) { + manage_rule(this, RTM_DELRULE, IPSEC_ROUTING_TABLE, IPSEC_ROUTING_TABLE_PRIO); + this->job->cancel(this->job); close(this->socket_xfrm_events); close(this->socket_xfrm); @@ -2379,7 +2616,10 @@ kernel_interface_t *kernel_interface_create() this->ifaces = linked_list_create(); this->hiter = NULL; this->seq = 200; - pthread_mutex_init(&this->mutex,NULL); + pthread_mutex_init(&this->mutex, NULL); + pthread_mutex_init(&this->nl_mutex, NULL); + pthread_cond_init(&this->cond, NULL); + timerclear(&this->last_roam); memset(&addr, 0, sizeof(addr)); addr.nl_family = AF_NETLINK; @@ -2442,6 +2682,12 @@ kernel_interface_t *kernel_interface_create() charon->kill(charon, "unable to get interface list"); } + if (manage_rule(this, RTM_NEWRULE, IPSEC_ROUTING_TABLE, + IPSEC_ROUTING_TABLE_PRIO) != SUCCESS) + { + DBG1(DBG_KNL, "unable to create routing table rule"); + } + return &this->public; } diff --git a/src/charon/network/sender.h b/src/charon/network/sender.h index 6f2a06891..8d611cc90 100644 --- a/src/charon/network/sender.h +++ b/src/charon/network/sender.h @@ -43,7 +43,7 @@ struct sender_t { * @brief Send a packet over the network. * * This function is non blocking and adds the packet to a queue. - * Whenever the sender thread things it's good to send the packet, + * Whenever the sender thread thinks it's good to send the packet, * it'll do so. * * @param this calling object diff --git a/src/charon/processing/jobs/callback_job.c b/src/charon/processing/jobs/callback_job.c index 53e7caa95..6f534e0f7 100644 --- a/src/charon/processing/jobs/callback_job.c +++ b/src/charon/processing/jobs/callback_job.c @@ -130,7 +130,7 @@ static void cancel(private_callback_job_t *this) thread = this->thread; /* terminate its children */ - this->children->invoke(this->children, offsetof(callback_job_t, cancel)); + this->children->invoke_offset(this->children, offsetof(callback_job_t, cancel)); pthread_mutex_unlock(&this->mutex); /* terminate thread */ diff --git a/src/charon/processing/jobs/initiate_mediation_job.c b/src/charon/processing/jobs/initiate_mediation_job.c new file mode 100644 index 000000000..d78f8a202 --- /dev/null +++ b/src/charon/processing/jobs/initiate_mediation_job.c @@ -0,0 +1,253 @@ +/** + * @file initiate_mediation_job.c + * + * @brief Implementation of initiate_mediation_job_t. + * + */ + +/* + * Copyright (C) 2007 Tobias Brunner + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + + +#include "initiate_mediation_job.h" + +#include +#include + + +typedef struct private_initiate_mediation_job_t private_initiate_mediation_job_t; + +/** + * Private data of an initiate_mediation_job_t Object + */ +struct private_initiate_mediation_job_t { + /** + * public initiate_mediation_job_t interface + */ + initiate_mediation_job_t public; + + /** + * ID of the IKE_SA of the mediated connection. + */ + ike_sa_id_t *mediated_sa_id; + + /** + * Child config of the CHILD_SA of the mediated connection. + */ + child_cfg_t *mediated_child; + + /** + * ID of the IKE_SA of the mediation connection. + */ + ike_sa_id_t *mediation_sa_id; +}; + +/** + * Implements job_t.destroy. + */ +static void destroy(private_initiate_mediation_job_t *this) +{ + DESTROY_IF(this->mediation_sa_id); + DESTROY_IF(this->mediated_sa_id); + DESTROY_IF(this->mediated_child); + free(this); +} + +/** + * Callback to handle initiation of mediation connection + */ +static bool initiate_callback(private_initiate_mediation_job_t *this, signal_t signal, level_t level, + ike_sa_t *ike_sa, char *format, va_list args) +{ + if (signal == CHILD_UP_SUCCESS) + { + // mediation connection is up + this->mediation_sa_id = ike_sa->get_id(ike_sa); + this->mediation_sa_id = this->mediation_sa_id->clone(this->mediation_sa_id); + return FALSE; + } + return TRUE; +} + +/** + * Implementation of job_t.execute. + */ +static void initiate(private_initiate_mediation_job_t *this) +{//FIXME: check the logging + ike_sa_t *mediated_sa, *mediation_sa; + peer_cfg_t *mediated_cfg, *mediation_cfg; + + mediated_sa = charon->ike_sa_manager->checkout(charon->ike_sa_manager, + this->mediated_sa_id); + if (mediated_sa) + { + mediated_cfg = mediated_sa->get_peer_cfg(mediated_sa); + mediated_cfg->get_ref(mediated_cfg); // get_peer_cfg returns an internal object + + charon->ike_sa_manager->checkin(charon->ike_sa_manager, mediated_sa); + + mediation_cfg = mediated_cfg->get_mediated_by(mediated_cfg); + + if (charon->connect_manager->check_and_register(charon->connect_manager, + mediation_cfg->get_my_id(mediation_cfg), + mediated_cfg->get_peer_id(mediated_cfg), + this->mediated_sa_id, this->mediated_child)) + { + mediated_cfg->destroy(mediated_cfg); + mediation_cfg->destroy(mediation_cfg); + charon->bus->set_sa(charon->bus, mediated_sa); // this pointer should still be valid + DBG1(DBG_IKE, "mediation with the same peer is already in progress, queued"); + destroy(this); + return; + } + + mediation_cfg->get_ref(mediation_cfg); // we need an additional reference because initiate consumes one + + // this function call blocks until the connection is up or failed + // we do not check the status, but NEED_MORE would be returned on success + // because the registered callback returns FALSE then + // this->mediation_sa_id is set in the callback + charon->interfaces->initiate(charon->interfaces, + mediation_cfg, NULL, (interface_manager_cb_t)initiate_callback, this); + if (!this->mediation_sa_id) + { + DBG1(DBG_JOB, "initiating mediation connection '%s' failed", + mediation_cfg->get_name(mediation_cfg)); + mediation_cfg->destroy(mediation_cfg); + mediated_cfg->destroy(mediated_cfg); + charon->bus->set_sa(charon->bus, mediated_sa); // this pointer should still be valid + SIG(IKE_UP_FAILED, "mediation failed"); + destroy(this); + return; + } + mediation_cfg->destroy(mediation_cfg); + + mediation_sa = charon->ike_sa_manager->checkout(charon->ike_sa_manager, + this->mediation_sa_id); + + if (mediation_sa) + { + if (mediation_sa->initiate_mediation(mediation_sa, mediated_cfg) != SUCCESS) + { + DBG1(DBG_JOB, "initiating mediated connection '%s' failed", + mediated_cfg->get_name(mediated_cfg)); + mediated_cfg->destroy(mediated_cfg); + charon->ike_sa_manager->checkin_and_destroy(charon->ike_sa_manager, mediation_sa); + + charon->bus->set_sa(charon->bus, mediated_sa); // this pointer should still be valid + SIG(IKE_UP_FAILED, "mediation failed"); + destroy(this); + return; + } + + charon->ike_sa_manager->checkin(charon->ike_sa_manager, mediation_sa); + } + + mediated_cfg->destroy(mediated_cfg); + } + destroy(this); +} + +/** + * Implementation of job_t.execute. + */ +static void reinitiate(private_initiate_mediation_job_t *this) +{//FIXME: check the logging + ike_sa_t *mediated_sa, *mediation_sa; + peer_cfg_t *mediated_cfg; + + mediated_sa = charon->ike_sa_manager->checkout(charon->ike_sa_manager, + this->mediated_sa_id); + if (mediated_sa) + { + mediated_cfg = mediated_sa->get_peer_cfg(mediated_sa); + mediated_cfg->get_ref(mediated_cfg); // get_peer_cfg returns an internal object + charon->ike_sa_manager->checkin(charon->ike_sa_manager, mediated_sa); + + mediation_sa = charon->ike_sa_manager->checkout(charon->ike_sa_manager, + this->mediation_sa_id); + if (mediation_sa) + { + if (mediation_sa->initiate_mediation(mediation_sa, mediated_cfg) != SUCCESS) + { + DBG1(DBG_JOB, "initiating mediated connection '%s' failed", + mediated_cfg->get_name(mediated_cfg)); + mediated_cfg->destroy(mediated_cfg); + charon->ike_sa_manager->checkin_and_destroy(charon->ike_sa_manager, mediation_sa); + + charon->bus->set_sa(charon->bus, mediated_sa); // this pointer should still be valid + SIG(IKE_UP_FAILED, "mediation failed"); + destroy(this); + return; + } + + charon->ike_sa_manager->checkin(charon->ike_sa_manager, mediation_sa); + } + + mediated_cfg->destroy(mediated_cfg); + } + destroy(this); +} + +/** + * Creates an empty job + */ +static private_initiate_mediation_job_t *initiate_mediation_job_create_empty() +{ + private_initiate_mediation_job_t *this = malloc_thing(private_initiate_mediation_job_t); + + /* interface functions */ + this->public.job_interface.destroy = (void (*) (job_t *)) destroy; + + /* private variables */ + this->mediation_sa_id = NULL; + this->mediated_sa_id = NULL; + this->mediated_child = NULL; + + return this; +} + +/* + * Described in header + */ +initiate_mediation_job_t *initiate_mediation_job_create(ike_sa_id_t *ike_sa_id, + child_cfg_t *child_cfg) +{ + private_initiate_mediation_job_t *this = initiate_mediation_job_create_empty(); + + this->public.job_interface.execute = (void (*) (job_t *)) initiate; + + this->mediated_sa_id = ike_sa_id->clone(ike_sa_id); + child_cfg->get_ref(child_cfg); + this->mediated_child = child_cfg; + + return &this->public; +} + +/* + * Described in header + */ +initiate_mediation_job_t *reinitiate_mediation_job_create(ike_sa_id_t *mediation_sa_id, + ike_sa_id_t *mediated_sa_id) +{ + private_initiate_mediation_job_t *this = initiate_mediation_job_create_empty(); + + this->public.job_interface.execute = (void (*) (job_t *)) reinitiate; + + this->mediation_sa_id = mediation_sa_id->clone(mediation_sa_id); + this->mediated_sa_id = mediated_sa_id->clone(mediated_sa_id); + + return &this->public; +} diff --git a/src/charon/processing/jobs/initiate_mediation_job.h b/src/charon/processing/jobs/initiate_mediation_job.h new file mode 100644 index 000000000..9fb3b0f7d --- /dev/null +++ b/src/charon/processing/jobs/initiate_mediation_job.h @@ -0,0 +1,74 @@ +/** + * @file initiate_mediation_job.h + * + * @brief Interface of initiate_mediation_job_t. + */ + +/* + * Copyright (C) 2007 Tobias Brunner + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#ifndef INITIATE_MEDIATION_JOB_H_ +#define INITIATE_MEDIATION_JOB_H_ + +typedef struct initiate_mediation_job_t initiate_mediation_job_t; + +#include +#include +#include + +/** + * @brief Class representing a INITIATE_MEDIATION Job. + * + * This job will initiate a mediation on behalf of a mediated connection. + * If required the mediation connection is established. + * + * @b Constructors: + * - initiate_mediation_job_create() + * + * @ingroup jobs + */ +struct initiate_mediation_job_t { + /** + * implements job_t interface + */ + job_t job_interface; +}; + +/** + * @brief Creates a job of type INITIATE_MEDIATION. + * + * @param ike_sa_id identification of the ike_sa as ike_sa_id_t object (gets cloned) + * @param child_cfg child config of the child_sa (gets cloned) + * @return job object + * + * @ingroup jobs + */ +initiate_mediation_job_t *initiate_mediation_job_create(ike_sa_id_t *ike_sa_id, + child_cfg_t *child_cfg); + +/** + * @brief Creates a special job of type INITIATE_MEDIATION that reinitiates a + * specific connection. + * + * @param mediation_sa_id identification of the mediation sa (gets cloned) + * @param mediated_sa_id identification of the mediated sa (gets cloned) + * @return job object + * + * @ingroup jobs + */ +initiate_mediation_job_t *reinitiate_mediation_job_create(ike_sa_id_t *mediation_sa_id, + ike_sa_id_t *mediated_sa_id); + +#endif /*INITIATE_MEDIATION_JOB_H_*/ diff --git a/src/charon/processing/jobs/mediation_job.c b/src/charon/processing/jobs/mediation_job.c new file mode 100644 index 000000000..6f5f74372 --- /dev/null +++ b/src/charon/processing/jobs/mediation_job.c @@ -0,0 +1,203 @@ +/** + * @file mediation_job.c + * + * @brief Implementation of mediation_job_t. + * + */ + +/* + * Copyright (C) 2007 Tobias Brunner + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + + +#include "mediation_job.h" + +#include +#include + + +typedef struct private_mediation_job_t private_mediation_job_t; + +/** + * Private data of an mediation_job_t Object + */ +struct private_mediation_job_t { + /** + * public mediation_job_t interface + */ + mediation_job_t public; + + /** + * ID of target peer. + */ + identification_t *target; + + /** + * ID of the source peer. + */ + identification_t *source; + + /** + * P2P_SESSIONID + */ + chunk_t session_id; + + /** + * P2P_SESSIONKEY + */ + chunk_t session_key; + + /** + * Submitted endpoints + */ + linked_list_t *endpoints; + + /** + * Is this a callback job? + */ + bool callback; + + /** + * Is this a response? + */ + bool response; +}; + +/** + * Implements job_t.destroy. + */ +static void destroy(private_mediation_job_t *this) +{ + DESTROY_IF(this->target); + DESTROY_IF(this->source); + chunk_free(&this->session_id); + chunk_free(&this->session_key); + DESTROY_OFFSET_IF(this->endpoints, offsetof(endpoint_notify_t, destroy)); + free(this); +} + +/** + * Implementation of job_t.execute. + */ +static void execute(private_mediation_job_t *this) +{ + ike_sa_id_t *target_sa_id; + + target_sa_id = charon->mediation_manager->check(charon->mediation_manager, this->target); + + if (target_sa_id) + { + ike_sa_t *target_sa = charon->ike_sa_manager->checkout(charon->ike_sa_manager, + target_sa_id); + if (target_sa) + { + if (this->callback) + { + // send callback to a peer + if (target_sa->callback(target_sa, this->source) != SUCCESS) + { + DBG1(DBG_JOB, "callback for '%D' to '%D' failed", + this->source, this->target); + charon->ike_sa_manager->checkin(charon->ike_sa_manager, target_sa); + destroy(this); + return; + } + } + else + { + // normal mediation between two peers + if (target_sa->relay(target_sa, this->source, this->session_id, + this->session_key, this->endpoints, this->response) != SUCCESS) + { + DBG1(DBG_JOB, "mediation between '%D' and '%D' failed", + this->source, this->target); + charon->ike_sa_manager->checkin(charon->ike_sa_manager, target_sa); + // FIXME: notify the initiator + destroy(this); + return; + } + } + + charon->ike_sa_manager->checkin(charon->ike_sa_manager, target_sa); + } + else + { + DBG1(DBG_JOB, "mediation between '%D' and '%D' failed: " + "SA not found", this->source, this->target); + } + } + else + { + DBG1(DBG_JOB, "mediation between '%D' and '%D' failed: " + "peer is not online anymore", this->source, this->target); + } + destroy(this); +} + +/** + * Creates an empty mediation job + */ +static private_mediation_job_t *mediation_job_create_empty() +{ + private_mediation_job_t *this = malloc_thing(private_mediation_job_t); + + /* interface functions */ + this->public.job_interface.execute = (void (*) (job_t *)) execute; + this->public.job_interface.destroy = (void (*) (job_t *)) destroy; + + /* private variables */ + this->target = NULL; + this->source = NULL; + this->callback = FALSE; + this->session_id = chunk_empty; + this->session_key = chunk_empty; + this->endpoints = NULL; + this->response = FALSE; + + return this; +} + +/* + * Described in header + */ +mediation_job_t *mediation_job_create(identification_t *peer_id, + identification_t *requester, chunk_t session_id, chunk_t session_key, + linked_list_t *endpoints, bool response) +{ + private_mediation_job_t *this = mediation_job_create_empty(); + + this->target = peer_id->clone(peer_id); + this->source = requester->clone(requester); + this->session_id = chunk_clone(session_id); + this->session_key = chunk_clone(session_key); + this->endpoints = endpoints->clone_offset(endpoints, offsetof(endpoint_notify_t, clone)); + this->response = response; + + return &this->public; +} + +/* + * Described in header + */ +mediation_job_t *mediation_callback_job_create(identification_t *requester, + identification_t *peer_id) +{ + private_mediation_job_t *this = mediation_job_create_empty(); + + this->target = requester->clone(requester); + this->source = peer_id->clone(peer_id); + this->callback = TRUE; + + return &this->public; +} diff --git a/src/charon/processing/jobs/mediation_job.h b/src/charon/processing/jobs/mediation_job.h new file mode 100644 index 000000000..6130b2e27 --- /dev/null +++ b/src/charon/processing/jobs/mediation_job.h @@ -0,0 +1,84 @@ +/** + * @file mediation_job.h + * + * @brief Interface of mediation_job_t. + */ + +/* + * Copyright (C) 2007 Tobias Brunner + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#ifndef MEDIATION_JOB_H_ +#define MEDIATION_JOB_H_ + +typedef struct mediation_job_t mediation_job_t; + +#include +#include +#include +#include + +/** + * @brief Class representing a MEDIATION Job. + * + * This job handles the mediation on the mediation server. + * + * @b Constructors: + * - mediation_job_create() + * + * @ingroup jobs + */ +struct mediation_job_t { + /** + * implements job_t interface + */ + job_t job_interface; +}; + +/** + * @brief Creates a job of type MEDIATION. + * + * Parameters get cloned. + * + * @param peer_id ID of the requested peer + * @param requester ID of the requesting peer + * @param session_id content of P2P_SESSIONID (could be NULL) + * @param session_key content of P2P_SESSIONKEY + * @param endpoints list of submitted endpoints + * @param response TRUE if this is a response + * @return job object + * + * @ingroup jobs + */ +mediation_job_t *mediation_job_create(identification_t *peer_id, + identification_t *requester, chunk_t session_id, chunk_t session_key, + linked_list_t *endpoints, bool response); + + +/** + * @brief Creates a special job of type MEDIATION that is used to send a callback + * notification to a peer. + * + * Parameters get cloned. + * + * @param requester ID of the waiting peer + * @param peer_id ID of the requested peer + * @return job object + * + * @ingroup jobs + */ +mediation_job_t *mediation_callback_job_create(identification_t *requester, + identification_t *peer_id); + +#endif /*MEDIATION_JOB_H_*/ diff --git a/src/charon/processing/jobs/process_message_job.c b/src/charon/processing/jobs/process_message_job.c index 6a0921248..ec2e7735d 100644 --- a/src/charon/processing/jobs/process_message_job.c +++ b/src/charon/processing/jobs/process_message_job.c @@ -59,6 +59,22 @@ static void execute(private_process_message_job_t *this) { ike_sa_t *ike_sa; +#ifdef P2P + // if this is an unencrypted INFORMATIONAL exchange it is likely a + // connectivity check + if (this->message->get_exchange_type(this->message) == INFORMATIONAL && + this->message->get_first_payload_type(this->message) != ENCRYPTED) + { + // theoretically this could also be an error message see RFC 4306, section 1.5. + DBG1(DBG_NET, "received unencrypted informational: from %#H to %#H", + this->message->get_source(this->message), + this->message->get_destination(this->message)); + charon->connect_manager->process_check(charon->connect_manager, this->message); + destroy(this); + return; + } +#endif /* P2P */ + ike_sa = charon->ike_sa_manager->checkout_by_message(charon->ike_sa_manager, this->message); if (ike_sa) diff --git a/src/charon/processing/jobs/roam_job.c b/src/charon/processing/jobs/roam_job.c index 3b5cd0ed2..842f57405 100644 --- a/src/charon/processing/jobs/roam_job.c +++ b/src/charon/processing/jobs/roam_job.c @@ -104,7 +104,6 @@ roam_job_t *roam_job_create(bool address) { private_roam_job_t *this = malloc_thing(private_roam_job_t); - this->public.job_interface.destroy = (void (*) (job_t *)) destroy; this->public.job_interface.execute = (void (*) (job_t *)) execute; this->public.job_interface.destroy = (void (*) (job_t *)) destroy; diff --git a/src/charon/processing/jobs/send_dpd_job.c b/src/charon/processing/jobs/send_dpd_job.c index f6786bfb4..d9c457ab6 100644 --- a/src/charon/processing/jobs/send_dpd_job.c +++ b/src/charon/processing/jobs/send_dpd_job.c @@ -86,7 +86,6 @@ send_dpd_job_t *send_dpd_job_create(ike_sa_id_t *ike_sa_id) private_send_dpd_job_t *this = malloc_thing(private_send_dpd_job_t); /* interface functions */ - this->public.job_interface.destroy = (void (*) (job_t *)) destroy; this->public.job_interface.execute = (void (*) (job_t *)) execute; this->public.job_interface.destroy = (void (*) (job_t *)) destroy; diff --git a/src/charon/processing/jobs/send_keepalive_job.c b/src/charon/processing/jobs/send_keepalive_job.c index 8cb51e5dd..34198deb0 100644 --- a/src/charon/processing/jobs/send_keepalive_job.c +++ b/src/charon/processing/jobs/send_keepalive_job.c @@ -80,7 +80,6 @@ send_keepalive_job_t *send_keepalive_job_create(ike_sa_id_t *ike_sa_id) private_send_keepalive_job_t *this = malloc_thing(private_send_keepalive_job_t); /* interface functions */ - this->public.job_interface.destroy = (void (*) (job_t *)) destroy; this->public.job_interface.execute = (void (*) (job_t *)) execute; this->public.job_interface.destroy = (void (*) (job_t *)) destroy; diff --git a/src/charon/sa/authenticators/eap_authenticator.h b/src/charon/sa/authenticators/eap_authenticator.h index ffa162343..64a3267d7 100644 --- a/src/charon/sa/authenticators/eap_authenticator.h +++ b/src/charon/sa/authenticators/eap_authenticator.h @@ -121,7 +121,7 @@ struct eap_authenticator_t { * After receiving an EAP message "in", the peer/server processes * the payload and creates a reply/subsequent request. * The server side always returns NEED_MORE if another EAP message - * is excepted from the client, SUCCESS if EAP exchange completed and + * is expected from the client, SUCCESS if EAP exchange completed and * "out" is EAP_SUCCES, or FAILED if the EAP exchange failed with * a EAP_FAILURE payload in "out". Anyway, a payload in "out" is always * created. diff --git a/src/charon/sa/authenticators/psk_authenticator.c b/src/charon/sa/authenticators/psk_authenticator.c index 37465d029..6b76088bb 100644 --- a/src/charon/sa/authenticators/psk_authenticator.c +++ b/src/charon/sa/authenticators/psk_authenticator.c @@ -124,7 +124,7 @@ static status_t verify(private_psk_authenticator_t *this, chunk_t ike_sa_init, auth_data = build_shared_key_signature(ike_sa_init, my_nonce, shared_key, other_id, this->ike_sa->get_skp_verify(this->ike_sa), this->ike_sa->get_prf(this->ike_sa)); - chunk_free(&shared_key); + chunk_free_randomized(&shared_key); recv_auth_data = auth_payload->get_data(auth_payload); if (auth_data.len != recv_auth_data.len || @@ -168,7 +168,7 @@ static status_t build(private_psk_authenticator_t *this, chunk_t ike_sa_init, my_id, this->ike_sa->get_skp_build(this->ike_sa), this->ike_sa->get_prf(this->ike_sa)); DBG2(DBG_IKE, "successfully created shared key MAC"); - chunk_free(&shared_key); + chunk_free_randomized(&shared_key); *auth_payload = auth_payload_create(); (*auth_payload)->set_auth_method(*auth_payload, AUTH_PSK); (*auth_payload)->set_data(*auth_payload, auth_data); diff --git a/src/charon/sa/authenticators/rsa_authenticator.c b/src/charon/sa/authenticators/rsa_authenticator.c index e5c5cd60e..ba0fad1e3 100644 --- a/src/charon/sa/authenticators/rsa_authenticator.c +++ b/src/charon/sa/authenticators/rsa_authenticator.c @@ -93,19 +93,16 @@ static status_t verify(private_rsa_authenticator_t *this, chunk_t ike_sa_init, static status_t build(private_rsa_authenticator_t *this, chunk_t ike_sa_init, chunk_t other_nonce, auth_payload_t **auth_payload) { - chunk_t chunk; - chunk_t octets; - chunk_t auth_data; + chunk_t octets, auth_data; status_t status; rsa_public_key_t *my_pubkey; - rsa_private_key_t *my_key; identification_t *my_id; prf_t *prf; my_id = this->ike_sa->get_my_id(this->ike_sa); DBG1(DBG_IKE, "authentication of '%D' (myself) with %N", my_id, auth_method_names, AUTH_RSA); - DBG2(DBG_IKE, "looking for RSA public key belonging to '%D'", my_id); + DBG2(DBG_IKE, "looking for RSA public key belonging to '%D'...", my_id); my_pubkey = charon->credentials->get_rsa_public_key(charon->credentials, my_id); if (my_pubkey == NULL) @@ -113,28 +110,18 @@ static status_t build(private_rsa_authenticator_t *this, chunk_t ike_sa_init, DBG1(DBG_IKE, "no RSA public key found for '%D'", my_id); return NOT_FOUND; } - DBG2(DBG_IKE, "matching RSA public key found"); - chunk = my_pubkey->get_keyid(my_pubkey); - DBG2(DBG_IKE, "looking for RSA private key with keyid %#B", &chunk); - my_key = charon->credentials->get_rsa_private_key(charon->credentials, my_pubkey); - if (my_key == NULL) - { - DBG1(DBG_IKE, "no RSA private key found with for %D with keyid %#B", - my_id, &chunk); - return NOT_FOUND; - } - DBG2(DBG_IKE, "matching RSA private key found"); + DBG2(DBG_IKE, " matching RSA public key found"); prf = this->ike_sa->get_prf(this->ike_sa); prf->set_key(prf, this->ike_sa->get_skp_build(this->ike_sa)); octets = build_tbs_octets(ike_sa_init, other_nonce, my_id, prf); - status = my_key->build_emsa_pkcs1_signature(my_key, HASH_SHA1, octets, &auth_data); + status = charon->credentials->rsa_signature(charon->credentials, + my_pubkey, HASH_SHA1, octets, &auth_data); chunk_free(&octets); if (status != SUCCESS) { - my_key->destroy(my_key); - DBG1(DBG_IKE, "build signature of SHA1 hash failed"); + DBG1(DBG_IKE, "building RSA signature with SHA-1 hash failed"); return status; } DBG2(DBG_IKE, "successfully signed with RSA private key"); @@ -142,8 +129,6 @@ static status_t build(private_rsa_authenticator_t *this, chunk_t ike_sa_init, *auth_payload = auth_payload_create(); (*auth_payload)->set_auth_method(*auth_payload, AUTH_RSA); (*auth_payload)->set_data(*auth_payload, auth_data); - - my_key->destroy(my_key); chunk_free(&auth_data); return SUCCESS; } diff --git a/src/charon/sa/child_sa.c b/src/charon/sa/child_sa.c index 118af3b30..44f0298d5 100644 --- a/src/charon/sa/child_sa.c +++ b/src/charon/sa/child_sa.c @@ -832,6 +832,16 @@ static status_t update_hosts(private_child_sa_t *this, { policy->other_ts->set_address(policy->other_ts, other); } + + /* we reinstall the virtual IP to handle interface romaing + * correctly */ + if (this->virtual_ip) + { + charon->kernel_interface->del_ip(charon->kernel_interface, + this->virtual_ip); + charon->kernel_interface->add_ip(charon->kernel_interface, + this->virtual_ip, me); + } /* reinstall updated policies */ charon->kernel_interface->add_policy(charon->kernel_interface, diff --git a/src/charon/sa/connect_manager.c b/src/charon/sa/connect_manager.c new file mode 100644 index 000000000..d583e01bb --- /dev/null +++ b/src/charon/sa/connect_manager.c @@ -0,0 +1,1615 @@ +/** + * @file connect_manager.c + * + * @brief Implementation of connect_manager_t. + * + */ + +/* + * Copyright (C) 2007 Tobias Brunner + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "connect_manager.h" + +#include +#include + +#include +#include + +#include +#include +#include + +// base timeout +// the sending interval is P2P_INTERVAL * active checklists (N) +// retransmission timeout is P2P_INTERVAL * N * checks in waiting state (NW) +#define P2P_INTERVAL 20 // 20 ms +// min retransmission timeout (RTO is P2P_INTERVAL * N * checks in waiting state) +#define P2P_RTO_MIN 100 // 100 ms +// max number of retransmissions (+ the initial check) +#define P2P_MAX_RETRANS 2 + + +typedef struct private_connect_manager_t private_connect_manager_t; + +/** + * Additional private members of connect_manager_t. + */ +struct private_connect_manager_t { + /** + * Public interface of connect_manager_t. + */ + connect_manager_t public; + + /** + * Lock for exclusivly accessing the manager. + */ + pthread_mutex_t mutex; + + /** + * Hasher to generate signatures + */ + hasher_t *hasher; + + /** + * Linked list with initiated mediated connections + */ + linked_list_t *initiated; + + /** + * Linked list with checklists (hash table with session ID as key would be better). + */ + linked_list_t *checklists; +}; + +typedef enum check_state_t check_state_t; + +enum check_state_t { + CHECK_NONE, + CHECK_WAITING, + CHECK_IN_PROGRESS, + CHECK_SUCCEEDED, + CHECK_FAILED +}; + +typedef struct endpoint_pair_t endpoint_pair_t; + +/** + * An entry in the check list. + */ +struct endpoint_pair_t { + /** pair id */ + u_int32_t id; + + /** priority */ + u_int64_t priority; + + /** local endpoint */ + host_t *local; + + /** remote endpoint */ + host_t *remote; + + /** state */ + check_state_t state; + + /** number of retransmissions */ + u_int32_t retransmitted; + + /** the generated packet */ + packet_t *packet; +}; + +/** + * Destroys an endpoint pair + */ +static void endpoint_pair_destroy(endpoint_pair_t *this) +{ + DESTROY_IF(this->local); + DESTROY_IF(this->remote); + DESTROY_IF(this->packet); + free(this); +} + +/** + * Creates a new entry for the list. + */ +static endpoint_pair_t *endpoint_pair_create(endpoint_notify_t *initiator, + endpoint_notify_t *responder, bool initiator_is_local) +{ + endpoint_pair_t *this = malloc_thing(endpoint_pair_t); + + this->id = 0; + + u_int32_t pi = initiator->get_priority(initiator); + u_int32_t pr = responder->get_priority(responder); + this->priority = pow(2, 32) * min(pi, pr) + 2 * max(pi, pr) + (pi > pr ? 1 : 0); + + this->local = initiator_is_local ? initiator->get_base(initiator) : responder->get_base(responder); + this->local = this->local->clone(this->local); + this->remote = initiator_is_local ? responder->get_host(responder) : initiator->get_host(initiator); + this->remote = this->remote->clone(this->remote); + + this->state = CHECK_WAITING; + this->retransmitted = 0; + this->packet = NULL; + + return this; +} + + +typedef struct check_list_t check_list_t; + +/** + * An entry in the linked list. + */ +struct check_list_t { + + struct { + /** initiator's id */ + identification_t *id; + + /** initiator's key */ + chunk_t key; + + /** initiator's endpoints */ + linked_list_t *endpoints; + } initiator; + + struct { + /** responder's id */ + identification_t *id; + + /** responder's key */ + chunk_t key; + + /** responder's endpoints */ + linked_list_t *endpoints; + } responder; + + /** session id */ + chunk_t session_id; + + /** list of endpoint pairs */ + linked_list_t *pairs; + + /** pairs queued for triggered checks */ + linked_list_t *triggered; + + /** state */ + check_state_t state; + + /** TRUE if this is the initiator */ + bool is_initiator; + +}; + +/** + * Destroys a checklist + */ +static void check_list_destroy(check_list_t *this) +{ + DESTROY_IF(this->initiator.id); + DESTROY_IF(this->responder.id); + + chunk_free(&this->session_id); + chunk_free(&this->initiator.key); + chunk_free(&this->responder.key); + + DESTROY_OFFSET_IF(this->initiator.endpoints, offsetof(endpoint_notify_t, destroy)); + DESTROY_OFFSET_IF(this->responder.endpoints, offsetof(endpoint_notify_t, destroy)); + + DESTROY_FUNCTION_IF(this->pairs, (void*)endpoint_pair_destroy); + DESTROY_IF(this->triggered); // this list contains some of the same elements as contained in this->pairs + + free(this); +} + +/** + * Creates a new checklist + */ +static check_list_t *check_list_create(identification_t *initiator, identification_t *responder, + chunk_t session_id, chunk_t initiator_key, linked_list_t *initiator_endpoints, + bool is_initiator) +{ + check_list_t *this = malloc_thing(check_list_t); + + this->session_id = chunk_clone(session_id); + + this->initiator.id = initiator->clone(initiator); + this->initiator.key = chunk_clone(initiator_key); + this->initiator.endpoints = initiator_endpoints->clone_offset(initiator_endpoints, offsetof(endpoint_notify_t, clone)); + + this->responder.id = responder->clone(responder); + this->responder.key = chunk_empty; + this->responder.endpoints = NULL; + + this->pairs = linked_list_create(); + this->triggered = linked_list_create(); + this->state = CHECK_NONE; + this->is_initiator = is_initiator; + + return this; +} + + +typedef struct waiting_sa_t waiting_sa_t; + +/** + * For an initiator, the data stored about a waiting mediated sa + */ +struct waiting_sa_t { + /** ike sa id */ + ike_sa_id_t *ike_sa_id; + + /** list of child_cfg_t */ + linked_list_t *childs; +}; + +/** + * Destroys a queued mediated sa + */ +static void waiting_sa_destroy(waiting_sa_t *this) +{ + DESTROY_IF(this->ike_sa_id); + this->childs->destroy_offset(this->childs, offsetof(child_cfg_t, destroy)); + free(this); +} + +/** + * Creates a new mediated sa object + */ +static waiting_sa_t *waiting_sa_create(ike_sa_id_t *ike_sa_id) +{ + waiting_sa_t *this = malloc_thing(waiting_sa_t); + + this->ike_sa_id = ike_sa_id->clone(ike_sa_id); + this->childs = linked_list_create(); + + return this; +} + +typedef struct initiated_t initiated_t; + +/** + * For an initiator, the data stored about initiated mediation connections + */ +struct initiated_t { + /** my id */ + identification_t *id; + + /** peer id */ + identification_t *peer_id; + + /** list of mediated sas */ + linked_list_t *mediated; +}; + +/** + * Destroys a queued initiation + */ +static void initiated_destroy(initiated_t *this) +{ + DESTROY_IF(this->id); + DESTROY_IF(this->peer_id); + this->mediated->destroy_function(this->mediated, (void*)waiting_sa_destroy); + free(this); +} + +/** + * Creates a queued initiation + */ +static initiated_t *initiated_create(identification_t *id, identification_t *peer_id) +{ + initiated_t *this = malloc_thing(initiated_t); + + this->id = id->clone(id); + this->peer_id = peer_id->clone(peer_id); + this->mediated = linked_list_create(); + + return this; +} + + +typedef struct check_t check_t; + +/** + * Data exchanged in a connectivity check + */ +struct check_t { + /** message id */ + u_int32_t mid; + + /** source of the connectivity check */ + host_t *src; + + /** destination of the connectivity check */ + host_t *dst; + + /** session id */ + chunk_t session_id; + + /** endpoint */ + endpoint_notify_t *endpoint; + + /** raw endpoint payload (to verify the signature) */ + chunk_t endpoint_raw; + + /** cookie */ + chunk_t cookie; +}; + +/** + * Destroys a connectivity check + */ +static void check_destroy(check_t *this) +{ + chunk_free(&this->session_id); + chunk_free(&this->endpoint_raw); + chunk_free(&this->cookie); + DESTROY_IF(this->endpoint); + free(this); +} + +/** + * Creates a new connectivity check + */ +static check_t *check_create() +{ + check_t *this = malloc_thing(check_t); + + this->session_id = chunk_empty; + this->cookie = chunk_empty; + this->endpoint_raw = chunk_empty; + this->endpoint = NULL; + + this->mid = 0; + + return this; +} + +typedef struct sender_data_t sender_data_t; + +/** + * Data required by the sender + */ +struct sender_data_t { + /** connect manager */ + private_connect_manager_t *connect_manager; + + /** session id */ + chunk_t session_id; +}; + +/** + * Destroys a sender data object + */ +static void sender_data_destroy(sender_data_t *this) +{ + chunk_free(&this->session_id); + free(this); +} + +/** + * Creates a new sender data object + */ +static sender_data_t *sender_data_create(private_connect_manager_t *connect_manager, chunk_t session_id) +{ + sender_data_t *this = malloc_thing(sender_data_t); + this->connect_manager = connect_manager; + this->session_id = session_id; + return this; +} + +typedef struct retransmit_data_t retransmit_data_t; + +/** + * Data required by the retransmission job + */ +struct retransmit_data_t { + /** connect manager */ + private_connect_manager_t *connect_manager; + + /** session id */ + chunk_t session_id; + + /** message (pair) id */ + u_int32_t mid; +}; + +/** + * Destroys a retransmission data object + */ +static void retransmit_data_destroy(retransmit_data_t *this) +{ + chunk_free(&this->session_id); + free(this); +} + +/** + * Creates a new retransmission data object + */ +static retransmit_data_t *retransmit_data_create(private_connect_manager_t *connect_manager, + chunk_t session_id, u_int32_t mid) +{ + retransmit_data_t *this = malloc_thing(retransmit_data_t); + + this->connect_manager = connect_manager; + this->session_id = session_id; + this->mid = mid; + + return this; +} + +typedef struct initiate_data_t initiate_data_t; + +/** + * Data required by the initiate mediated + */ +struct initiate_data_t { + /** checklist */ + check_list_t *checklist; + + /** waiting mediated connections */ + initiated_t *initiated; +}; + +/** + * Destroys a initiate data object + */ +static void initiate_data_destroy(initiate_data_t *this) +{ + check_list_destroy(this->checklist); + initiated_destroy(this->initiated); + free(this); +} + +/** + * Creates a new initiate data object + */ +static initiate_data_t *initiate_data_create(check_list_t *checklist, initiated_t *initiated) +{ + initiate_data_t *this = malloc_thing(initiate_data_t); + + this->checklist = checklist; + this->initiated = initiated; + + return this; +} + +// ----------------------------------------------------------------------------- + +/** + * Find an initiated connection by the peers' ids + */ +static status_t get_initiated_by_ids(private_connect_manager_t *this, + identification_t *id, identification_t *peer_id, initiated_t **initiated) +{ + iterator_t *iterator; + initiated_t *current; + status_t status = NOT_FOUND; + + iterator = this->initiated->create_iterator(this->initiated, TRUE); + while (iterator->iterate(iterator, (void**)¤t)) + { + if (id->equals(id, current->id) && peer_id->equals(peer_id, current->peer_id)) + { + if (initiated) + { + *initiated = current; + } + status = SUCCESS; + break; + } + } + iterator->destroy(iterator); + + return status; +} + +/** + * Removes data about initiated connections + */ +static void remove_initiated(private_connect_manager_t *this, initiated_t *initiated) +{ + iterator_t *iterator; + initiated_t *current; + + iterator = this->initiated->create_iterator(this->initiated, TRUE); + while (iterator->iterate(iterator, (void**)¤t)) + { + if (current == initiated) + { + iterator->remove(iterator); + break; + } + } + iterator->destroy(iterator); +} + +/** + * Finds a waiting sa + */ +static status_t get_waiting_sa(initiated_t *initiated, ike_sa_id_t *ike_sa_id, waiting_sa_t **waiting_sa) +{ + iterator_t *iterator; + waiting_sa_t *current; + status_t status = NOT_FOUND; + + iterator = initiated->mediated->create_iterator(initiated->mediated, TRUE); + while (iterator->iterate(iterator, (void**)¤t)) + { + if (ike_sa_id->equals(ike_sa_id, current->ike_sa_id)) + { + if (waiting_sa) + { + *waiting_sa = current; + } + status = SUCCESS; + break; + } + } + iterator->destroy(iterator); + + return status; +} + +/** + * Find the checklist with a specific session ID + */ +static status_t get_checklist_by_id(private_connect_manager_t *this, + chunk_t session_id, check_list_t **check_list) +{ + iterator_t *iterator; + check_list_t *current; + status_t status = NOT_FOUND; + + iterator = this->checklists->create_iterator(this->checklists, TRUE); + while (iterator->iterate(iterator, (void**)¤t)) + { + if (chunk_equals(session_id, current->session_id)) + { + if (check_list) + { + *check_list = current; + } + status = SUCCESS; + break; + } + } + iterator->destroy(iterator); + + return status; +} + +/** + * Removes a checklist + */ +static void remove_checklist(private_connect_manager_t *this, check_list_t *checklist) +{ + iterator_t *iterator; + check_list_t *current; + + iterator = this->checklists->create_iterator(this->checklists, TRUE); + while (iterator->iterate(iterator, (void**)¤t)) + { + if (current == checklist) + { + iterator->remove(iterator); + break; + } + } + iterator->destroy(iterator); +} + +/** + * Checks if a list of endpoint_notify_t contains a certain host_t + */ +static status_t endpoints_contain(linked_list_t *endpoints, host_t *host, endpoint_notify_t **endpoint) +{ + iterator_t *iterator; + endpoint_notify_t *current; + status_t status = NOT_FOUND; + + iterator = endpoints->create_iterator(endpoints, TRUE); + while (iterator->iterate(iterator, (void**)¤t)) + { + if (host->equals(host, current->get_host(current))) + { + if (endpoint) + { + *endpoint = current; + } + status = SUCCESS; + break; + } + } + iterator->destroy(iterator); + + return status; +} + +// ----------------------------------------------------------------------------- + + +/** + * Updates the state of the whole checklist + */ +static void update_checklist_state(check_list_t *checklist) +{ + iterator_t *iterator; + endpoint_pair_t *current; + bool in_progress = FALSE, succeeded = FALSE; + + iterator = checklist->pairs->create_iterator(checklist->pairs, TRUE); + while (iterator->iterate(iterator, (void**)¤t)) + { + switch(current->state) + { + case CHECK_WAITING: + // at least one is still waiting -> checklist remains in waiting state + iterator->destroy(iterator); + return; + case CHECK_IN_PROGRESS: + in_progress = TRUE; + break; + case CHECK_SUCCEEDED: + succeeded = TRUE; + break; + } + } + iterator->destroy(iterator); + + if (in_progress) + { + checklist->state = CHECK_IN_PROGRESS; + } + else if (succeeded) + { + checklist->state = CHECK_SUCCEEDED; + } + else + { + checklist->state = CHECK_FAILED; + } +} + +/** + * Inserts an endpoint pair into the list of pairs ordered by priority (high to low) + */ +static void insert_pair_by_priority(linked_list_t *pairs, endpoint_pair_t *pair) +{ + iterator_t *iterator; + endpoint_pair_t *current; + bool inserted = FALSE; + + iterator = pairs->create_iterator(pairs, TRUE); + while (iterator->iterate(iterator, (void**)¤t)) + { + if (current->priority < pair->priority) + { + iterator->insert_before(iterator, pair); + inserted = TRUE; + break; + } + } + iterator->destroy(iterator); + + if (!inserted) + { + pairs->insert_last(pairs, pair); + } +} + +/** + * Searches a list of endpoint_pair_t for a pair with specific host_ts + */ +static status_t get_pair_by_hosts(linked_list_t *pairs, host_t *local, host_t *remote, endpoint_pair_t **pair) +{ + iterator_t *iterator; + endpoint_pair_t *current; + status_t status = NOT_FOUND; + + iterator = pairs->create_iterator(pairs, TRUE); + while (iterator->iterate(iterator, (void**)¤t)) + { + if (local->equals(local, current->local) && + remote->equals(remote, current->remote)) + { + if (pair) + { + *pair = current; + } + status = SUCCESS; + break; + } + } + iterator->destroy(iterator); + + return status; +} + +/** + * Searches for a pair with a specific id + */ +static status_t get_pair_by_id(check_list_t *checklist, u_int32_t id, endpoint_pair_t **pair) +{ + iterator_t *iterator; + endpoint_pair_t *current; + status_t status = NOT_FOUND; + + iterator = checklist->pairs->create_iterator(checklist->pairs, TRUE); + while (iterator->iterate(iterator, (void**)¤t)) + { + if (current->id == id) + { + if (pair) + { + *pair = current; + } + status = SUCCESS; + break; + } + } + iterator->destroy(iterator); + + return status; +} + +/** + * Returns the best pair of state CHECK_SUCCEEDED from a checklist. + */ +static status_t get_best_valid_pair(check_list_t *checklist, endpoint_pair_t **pair) +{ + iterator_t *iterator; + endpoint_pair_t *current; + status_t status = NOT_FOUND; + + iterator = checklist->pairs->create_iterator(checklist->pairs, TRUE); + while (iterator->iterate(iterator, (void**)¤t)) + { + if (current->state == CHECK_SUCCEEDED) + { + if (pair) + { + *pair = current; + } + status = SUCCESS; + break; + } + } + iterator->destroy(iterator); + + return status; +} + +/** + * Returns and removes the first triggered pair in state CHECK_WAITING. + */ +static status_t get_triggered_pair(check_list_t *checklist, endpoint_pair_t **pair) +{ + iterator_t *iterator; + endpoint_pair_t *current; + status_t status = NOT_FOUND; + + iterator = checklist->triggered->create_iterator(checklist->triggered, TRUE); + while (iterator->iterate(iterator, (void**)¤t)) + { + iterator->remove(iterator); + + if (current->state == CHECK_WAITING) + { + if (pair) + { + *pair = current; + } + status = SUCCESS; + break; + } + } + iterator->destroy(iterator); + + return status; +} + +/** + * Prunes identical pairs with lower priority from the list + * Note: this function also numbers the remaining pairs serially + */ +static void prune_pairs(linked_list_t *pairs) +{ + iterator_t *iterator, *search; + endpoint_pair_t *current, *other; + bool inserted = FALSE; + u_int32_t id = 0; + + iterator = pairs->create_iterator(pairs, TRUE); + search = pairs->create_iterator(pairs, TRUE); + while (iterator->iterate(iterator, (void**)¤t)) + { + current->id = ++id; + + while (search->iterate(search, (void**)&other)) + { + if (current == other) + { + continue; + } + + if (current->local->equals(current->local, other->local) && + current->remote->equals(current->remote, other->remote)) + { + // since the list of pairs is sorted by priority in descending + // order, and we iterate the list from the beginning, we are + // sure that the priority of 'other' is lower than that of + // 'current', remove it + DBG1(DBG_IKE, "pruning endpoint pair %H - %H with priority %d", + other->local, other->remote, other->priority); + search->remove(search); + endpoint_pair_destroy(other); + } + } + search->reset(search); + } + search->destroy(search); + iterator->destroy(iterator); +} + +/** + * Builds a list of endpoint pairs + */ +static void build_pairs(check_list_t *checklist) +{ + iterator_t *iterator_i, *iterator_r; + endpoint_notify_t *initiator, *responder; + + iterator_i = checklist->initiator.endpoints->create_iterator(checklist->initiator.endpoints, TRUE); + while (iterator_i->iterate(iterator_i, (void**)&initiator)) + { + iterator_r = checklist->responder.endpoints->create_iterator(checklist->responder.endpoints, TRUE); + while (iterator_r->iterate(iterator_r, (void**)&responder)) + { + if (initiator->get_family(initiator) != responder->get_family(responder)) + { + continue; + } + + insert_pair_by_priority(checklist->pairs, + endpoint_pair_create(initiator, responder, checklist->is_initiator)); + } + iterator_r->destroy(iterator_r); + } + iterator_i->destroy(iterator_i); + + prune_pairs(checklist->pairs); +} + +// ----------------------------------------------------------------------------- + +/** + * Processes the payloads of a connectivity check and returns the extracted data + */ +static status_t process_payloads(message_t *message, check_t *check) +{ + iterator_t *iterator; + payload_t *payload; + + iterator = message->get_payload_iterator(message); + while (iterator->iterate(iterator, (void**)&payload)) + { + if (payload->get_type(payload) != NOTIFY) + { + DBG1(DBG_IKE, "ignoring payload of type '%N' while processing " + "connectivity check", payload_type_names, payload->get_type(payload)); + continue; + } + + notify_payload_t *notify = (notify_payload_t*)payload; + + switch (notify->get_notify_type(notify)) + { + case P2P_ENDPOINT: + { + if (check->endpoint) + { + DBG1(DBG_IKE, "connectivity check contains multiple P2P_ENDPOINT notifies"); + break; + } + + endpoint_notify_t *endpoint = endpoint_notify_create_from_payload(notify); + if (!endpoint) + { + DBG1(DBG_IKE, "received invalid P2P_ENDPOINT notify"); + break; + } + check->endpoint = endpoint; + check->endpoint_raw = chunk_clone(notify->get_notification_data(notify)); + DBG3(DBG_IKE, "received P2P_ENDPOINT notify"); + break; + } + case P2P_SESSIONID: + { + if (check->session_id.ptr) + { + DBG1(DBG_IKE, "connectivity check contains multiple P2P_SESSIONID notifies"); + break; + } + check->session_id = chunk_clone(notify->get_notification_data(notify)); + DBG3(DBG_IKE, "received p2p_sessionid %B", &check->session_id); + break; + } + case COOKIE: + { + if (check->cookie.ptr) + { + DBG1(DBG_IKE, "connectivity check contains multiple COOKIE notifies"); + break; + } + check->cookie = chunk_clone(notify->get_notification_data(notify)); + DBG3(DBG_IKE, "received cookie %B", &check->cookie); + break; + } + default: + break; + } + } + iterator->destroy(iterator); + + if (!check->session_id.ptr || !check->endpoint || !check->cookie.ptr) + { + DBG1(DBG_IKE, "at least one payload was missing from the connectivity check"); + return FAILED; + } + + return SUCCESS; +} + +/** + * Builds the signature for a connectivity check + */ +static chunk_t build_signature(private_connect_manager_t *this, + check_list_t *checklist, check_t *check, bool outbound) +{ + chunk_t mid_chunk, key_chunk, sig_chunk; + chunk_t sig_hash; + + mid_chunk = chunk_from_thing(check->mid); + + key_chunk = (checklist->is_initiator && outbound) || (!checklist->is_initiator && !outbound) + ? checklist->initiator.key : checklist->responder.key; + + /* signature = SHA1( MID | P2P_SESSIONID | P2P_ENDPOINT | P2P_SESSIONKEY ) */ + sig_chunk = chunk_cat("cccc", mid_chunk, check->session_id, check->endpoint_raw, key_chunk); + this->hasher->allocate_hash(this->hasher, sig_chunk, &sig_hash); + DBG3(DBG_IKE, "sig_chunk %B", &sig_chunk); + DBG3(DBG_IKE, "sig_hash %B", &sig_hash); + + chunk_free(&sig_chunk); + return sig_hash; +} + +// ----------------------------------------------------------------------------- + +// forward declarations +static void queue_retransmission(private_connect_manager_t *this, chunk_t session_id, u_int32_t mid); +static void schedule_checks(private_connect_manager_t *this, check_list_t *checklist, u_int32_t time); +static void finish_checks(private_connect_manager_t *this, check_list_t *checklist); + +/** + * This function is triggered for each sent check after a specific timeout + */ +static job_requeue_t retransmit(retransmit_data_t *data) +{ + private_connect_manager_t *this = data->connect_manager; + + pthread_mutex_lock(&(this->mutex)); + + check_list_t *checklist; + if (get_checklist_by_id(this, data->session_id, &checklist) != SUCCESS) + { + DBG1(DBG_IKE, "checklist with id '%B' not found, can't retransmit connectivity check", + &data->session_id); + pthread_mutex_unlock(&(this->mutex)); + return JOB_REQUEUE_NONE; + } + + endpoint_pair_t *pair; + if (get_pair_by_id(checklist, data->mid, &pair) != SUCCESS) + { + DBG1(DBG_IKE, "pair with id '%d' not found, can't retransmit connectivity check", + data->mid); + goto retransmit_end; + } + + if (pair->state != CHECK_IN_PROGRESS) + { + DBG2(DBG_IKE, "pair with id '%d' is in wrong state [%d], don't retransmit the connectivity check", + data->mid, pair->state); + goto retransmit_end; + } + + if (++pair->retransmitted >= P2P_MAX_RETRANS) + { + DBG2(DBG_IKE, "pair with id '%d' failed after %d tries", + data->mid, pair->retransmitted); + pair->state = CHECK_FAILED; + goto retransmit_end; + } + + charon->sender->send(charon->sender, pair->packet->clone(pair->packet)); + + queue_retransmission(this, checklist->session_id, pair->id); + +retransmit_end: + update_checklist_state(checklist); + + switch(checklist->state) + { + case CHECK_SUCCEEDED: + case CHECK_FAILED: + finish_checks(this, checklist); + break; + } + + pthread_mutex_unlock(&(this->mutex)); + + // we reschedule it manually + return JOB_REQUEUE_NONE; +} + +/** + * Queues a retransmission job + */ +static void queue_retransmission(private_connect_manager_t *this, chunk_t session_id, u_int32_t mid) +{ + retransmit_data_t *data = retransmit_data_create(this, chunk_clone(session_id), mid); + job_t *job = (job_t*)callback_job_create((callback_job_cb_t)retransmit, data, (callback_job_cleanup_t)retransmit_data_destroy, NULL); + charon->scheduler->schedule_job(charon->scheduler, (job_t*)job, P2P_RTO_MIN); +} + +/** + * Sends a check + */ +static void send_check(private_connect_manager_t *this, check_list_t *checklist, + check_t *check, endpoint_pair_t *pair, bool request) +{ + message_t *message = message_create(); + message->set_message_id(message, check->mid); + message->set_exchange_type(message, INFORMATIONAL); + message->set_request(message, request); + message->set_destination(message, check->dst->clone(check->dst)); + message->set_source(message, check->src->clone(check->src)); + + message->set_ike_sa_id(message, ike_sa_id_create(0, 0, request)); + + message->add_notify(message, FALSE, P2P_SESSIONID, check->session_id); + + notify_payload_t *endpoint = check->endpoint->build_notify(check->endpoint); + check->endpoint_raw = chunk_clone(endpoint->get_notification_data(endpoint)); + message->add_payload(message, (payload_t*)endpoint); + + check->cookie = build_signature(this, checklist, check, TRUE); + message->add_notify(message, FALSE, COOKIE, check->cookie); + + packet_t *packet; + if (message->generate(message, NULL, NULL, &packet) == SUCCESS) + { + charon->sender->send(charon->sender, packet->clone(packet)); + + if (request) + { + DESTROY_IF(pair->packet); + pair->packet = packet; + queue_retransmission(this, checklist->session_id, pair->id); + } + else + { + packet->destroy(packet); + } + } +} + +/** + * Queues a triggered check + */ +static void queue_triggered_check(check_list_t *checklist, endpoint_pair_t *pair) +{ + pair->state = CHECK_WAITING; + checklist->triggered->insert_last(checklist->triggered, pair); +} + +/** + * This function is triggered for each checklist at a specific interval + */ +static job_requeue_t sender(sender_data_t *data) +{ + private_connect_manager_t *this = data->connect_manager; + + pthread_mutex_lock(&(this->mutex)); + + check_list_t *checklist; + if (get_checklist_by_id(this, data->session_id, &checklist) != SUCCESS) + { + DBG1(DBG_IKE, "checklist with id '%B' not found, can't send connectivity check", + &data->session_id); + pthread_mutex_unlock(&(this->mutex)); + return JOB_REQUEUE_NONE; + } + + endpoint_pair_t *pair; + if (get_triggered_pair(checklist, &pair) != SUCCESS) + { + DBG1(DBG_IKE, "no triggered check queued, sending an ordinary check"); + + iterator_t *iterator; + bool found_one = FALSE; + + iterator = checklist->pairs->create_iterator(checklist->pairs, TRUE); + while (iterator->iterate(iterator, (void**)&pair)) + { + if (pair->state == CHECK_WAITING) + { + found_one = TRUE; + break; + } + } + iterator->destroy(iterator); + + if (!found_one) + { + pthread_mutex_unlock(&(this->mutex)); + DBG1(DBG_IKE, "no pairs in waiting state, aborting"); + return JOB_REQUEUE_NONE; + } + } + else + { + DBG1(DBG_IKE, "triggered check found"); + } + + check_t *check = check_create(); + check->mid = pair->id; + check->src = pair->local->clone(pair->local); + check->dst = pair->remote->clone(pair->remote); + check->session_id = chunk_clone(checklist->session_id); + check->endpoint = endpoint_notify_create(); + + pair->state = CHECK_IN_PROGRESS; + + send_check(this, checklist, check, pair, TRUE); + + check_destroy(check); + + // schedule this job again + u_int32_t N = this->checklists->get_count(this->checklists); + schedule_checks(this, checklist, P2P_INTERVAL * N); + + pthread_mutex_unlock(&(this->mutex)); + + // we reschedule it manually + return JOB_REQUEUE_NONE; +} + +/** + * Schedules checks for a checklist (time in ms) + */ +static void schedule_checks(private_connect_manager_t *this, check_list_t *checklist, u_int32_t time) +{ + chunk_t session_id = chunk_clone(checklist->session_id); + sender_data_t *data = sender_data_create(this, session_id); + job_t *job = (job_t*)callback_job_create((callback_job_cb_t)sender, data, (callback_job_cleanup_t)sender_data_destroy, NULL); + charon->scheduler->schedule_job(charon->scheduler, job, time); +} + +/** + * Initiates waiting mediated connections + */ +static job_requeue_t initiate_mediated(initiate_data_t *data) +{ + check_list_t *checklist = data->checklist; + initiated_t *initiated = data->initiated; + + endpoint_pair_t *pair; + if (get_best_valid_pair(checklist, &pair) == SUCCESS) + { + waiting_sa_t *waiting_sa; + iterator_t *iterator = initiated->mediated->create_iterator(initiated->mediated, TRUE); + while (iterator->iterate(iterator, (void**)&waiting_sa)) + { + ike_sa_t *sa = charon->ike_sa_manager->checkout(charon->ike_sa_manager, waiting_sa->ike_sa_id); + if (sa->initiate_mediated(sa, pair->local, pair->remote, waiting_sa->childs) != SUCCESS) + { + SIG(IKE_UP_FAILED, "establishing the mediated connection failed"); + charon->ike_sa_manager->checkin_and_destroy(charon->ike_sa_manager, sa); + } + charon->ike_sa_manager->checkin(charon->ike_sa_manager, sa); + } + iterator->destroy(iterator); + } + else + { + // this should (can?) not happen + } +} + +/** + * Finishes checks for a checklist + */ +static void finish_checks(private_connect_manager_t *this, check_list_t *checklist) +{ + if (checklist->is_initiator) + { + initiated_t *initiated; + if (get_initiated_by_ids(this, checklist->initiator.id, + checklist->responder.id, &initiated) == SUCCESS) + { + remove_checklist(this, checklist); + remove_initiated(this, initiated); + + initiate_data_t *data = initiate_data_create(checklist, initiated); + job_t *job = (job_t*)callback_job_create((callback_job_cb_t)initiate_mediated, data, (callback_job_cleanup_t)initiate_data_destroy, NULL); + charon->processor->queue_job(charon->processor, job); + return; + } + else + { + DBG1(DBG_IKE, "there is no mediated connection waiting between '%D' " + "and '%D'", checklist->initiator.id, checklist->responder.id); + } + } + + //remove_checklist(this, checklist); + //check_list_destroy(checklist); + // FIXME: we should do this ^^^ after a specific timeout on the responder side +} + +/** + * Process the response to one of our requests + */ +static void process_response(private_connect_manager_t *this, check_t *check, + check_list_t *checklist) +{ + endpoint_pair_t *pair; + if (get_pair_by_id(checklist, check->mid, &pair) == SUCCESS) + { + if (pair->local->equals(pair->local, check->dst) && + pair->remote->equals(pair->remote, check->src)) + { + DBG1(DBG_IKE, "endpoint pair '%d' is valid: '%#H' - '%#H'", pair->id, + pair->local, pair->remote); + pair->state = CHECK_SUCCEEDED; + } + + linked_list_t *local_endpoints = checklist->is_initiator ? + checklist->initiator.endpoints : checklist->responder.endpoints; + + endpoint_notify_t *local_endpoint; + if (endpoints_contain(local_endpoints, + check->endpoint->get_host(check->endpoint), &local_endpoint) != SUCCESS) + { + local_endpoint = endpoint_notify_create_from_host(PEER_REFLEXIVE, + check->endpoint->get_host(check->endpoint), pair->local); + local_endpoint->set_priority(local_endpoint, check->endpoint->get_priority(check->endpoint)); + local_endpoints->insert_last(local_endpoints, local_endpoint); + } + + update_checklist_state(checklist); + + switch(checklist->state) + { + case CHECK_SUCCEEDED: + case CHECK_FAILED: + finish_checks(this, checklist); + break; + } + } + else + { + DBG1(DBG_IKE, "pair with id '%d' not found", check->mid); + } +} + +static void process_request(private_connect_manager_t *this, check_t *check, + check_list_t *checklist) +{ + linked_list_t *remote_endpoints = checklist->is_initiator ? + checklist->responder.endpoints : checklist->initiator.endpoints; + + endpoint_notify_t *peer_reflexive, *remote_endpoint; + peer_reflexive = endpoint_notify_create_from_host(PEER_REFLEXIVE, check->src, NULL); + peer_reflexive->set_priority(peer_reflexive, check->endpoint->get_priority(check->endpoint)); + + if (endpoints_contain(remote_endpoints, check->src, &remote_endpoint) != SUCCESS) + { + remote_endpoint = peer_reflexive->clone(peer_reflexive); + remote_endpoints->insert_last(remote_endpoints, remote_endpoint); + } + + endpoint_pair_t *pair; + if (get_pair_by_hosts(checklist->pairs, check->dst, check->src, &pair) == SUCCESS) + { + switch(pair->state) + { + case CHECK_IN_PROGRESS: + pair->retransmitted = P2P_MAX_RETRANS; // prevent retransmissions + // FIXME: we should wait to the next rto to send the triggered check + // fall-through + case CHECK_WAITING: + case CHECK_FAILED: + queue_triggered_check(checklist, pair); + break; + case CHECK_SUCCEEDED: + default: + // do nothing + break; + } + } + else + { + endpoint_notify_t *local_endpoint = endpoint_notify_create_from_host(HOST, check->dst, NULL); + + endpoint_notify_t *initiator = checklist->is_initiator ? local_endpoint : remote_endpoint; + endpoint_notify_t *responder = checklist->is_initiator ? remote_endpoint : local_endpoint; + + pair = endpoint_pair_create(initiator, responder, checklist->is_initiator); + pair->id = checklist->pairs->get_count(checklist->pairs) + 1; + + insert_pair_by_priority(checklist->pairs, pair); + + queue_triggered_check(checklist, pair); + + local_endpoint->destroy(local_endpoint); + } + + + check_t *response = check_create(); + + response->mid = check->mid; + response->src = check->dst->clone(check->dst); + response->dst = check->src->clone(check->src); + response->session_id = chunk_clone(check->session_id); + response->endpoint = peer_reflexive; + + send_check(this, checklist, response, pair, FALSE); + + check_destroy(response); +} + +/** + * Implementation of connect_manager_t.process_check. + */ +static void process_check(private_connect_manager_t *this, message_t *message) +{ + if (message->parse_body(message, NULL, NULL) != SUCCESS) + { + DBG1(DBG_IKE, "%N %s with message ID %d processing failed", + exchange_type_names, message->get_exchange_type(message), + message->get_request(message) ? "request" : "response", + message->get_message_id(message)); + return; + } + + check_t *check = check_create(); + check->mid = message->get_message_id(message); + check->src = message->get_source(message); + check->dst = message->get_destination(message); + + if (process_payloads(message, check) != SUCCESS) + { + DBG1(DBG_IKE, "invalid connectivity check %s received", + message->get_request(message) ? "request" : "response"); + check_destroy(check); + return; + } + + pthread_mutex_lock(&(this->mutex)); + + check_list_t *checklist; + if (get_checklist_by_id(this, check->session_id, &checklist) != SUCCESS) + { + DBG1(DBG_IKE, "checklist with id '%B' not found", + &check->session_id); + check_destroy(check); + pthread_mutex_unlock(&(this->mutex)); + return; + } + + chunk_t sig = build_signature(this, checklist, check, FALSE); + if (!chunk_equals(sig, check->cookie)) + { + DBG1(DBG_IKE, "connectivity check verification failed"); + check_destroy(check); + chunk_free(&sig); + pthread_mutex_unlock(&(this->mutex)); + return; + } + chunk_free(&sig); + + if (message->get_request(message)) + { + process_request(this, check, checklist); + } + else + { + process_response(this, check, checklist); + } + + pthread_mutex_unlock(&(this->mutex)); + + check_destroy(check); +} + +// ----------------------------------------------------------------------------- + +/** + * Implementation of connect_manager_t.check_and_register. + */ +static bool check_and_register(private_connect_manager_t *this, + identification_t *id, identification_t *peer_id, + ike_sa_id_t *mediated_sa, child_cfg_t *child) +{ + initiated_t *initiated; + bool already_there = TRUE; + + pthread_mutex_lock(&(this->mutex)); + + if (get_initiated_by_ids(this, id, peer_id, &initiated) != SUCCESS) + { + DBG2(DBG_IKE, "registered waiting mediated connection with '%D'", peer_id); + initiated = initiated_create(id, peer_id); + this->initiated->insert_last(this->initiated, initiated); + already_there = FALSE; + } + + waiting_sa_t *waiting_sa; + if (get_waiting_sa(initiated, mediated_sa, &waiting_sa) != SUCCESS) + { + waiting_sa = waiting_sa_create(mediated_sa); + initiated->mediated->insert_last(initiated->mediated, waiting_sa); + } + + child->get_ref(child); + waiting_sa->childs->insert_last(waiting_sa->childs, child); + + pthread_mutex_unlock(&(this->mutex)); + + return already_there; +} + +/** + * Implementation of connect_manager_t.check_and_initiate. + */ +static void check_and_initiate(private_connect_manager_t *this, ike_sa_id_t *mediation_sa, + identification_t *id, identification_t *peer_id) +{ + initiated_t *initiated; + + pthread_mutex_lock(&(this->mutex)); + + if (get_initiated_by_ids(this, id, peer_id, &initiated) != SUCCESS) + { + DBG2(DBG_IKE, "no waiting mediated connections with '%D'", peer_id); + pthread_mutex_unlock(&(this->mutex)); + return; + } + + waiting_sa_t *waiting_sa; + iterator_t *iterator = initiated->mediated->create_iterator(initiated->mediated, TRUE); + while (iterator->iterate(iterator, (void**)&waiting_sa)) + { + job_t *job = (job_t*)reinitiate_mediation_job_create(mediation_sa, + waiting_sa->ike_sa_id); + charon->processor->queue_job(charon->processor, job); + } + + pthread_mutex_unlock(&(this->mutex)); +} + +/** + * Implementation of connect_manager_t.set_initiator_data. + */ +static status_t set_initiator_data(private_connect_manager_t *this, + identification_t *initiator, identification_t *responder, + chunk_t session_id, chunk_t key, linked_list_t *endpoints, bool is_initiator) +{ + check_list_t *checklist; + + pthread_mutex_lock(&(this->mutex)); + + if (get_checklist_by_id(this, session_id, NULL) == SUCCESS) + { + DBG1(DBG_IKE, "checklist with id '%B' already exists, aborting", + &session_id); + pthread_mutex_unlock(&(this->mutex)); + return FAILED; + } + + checklist = check_list_create(initiator, responder, session_id, key, endpoints, is_initiator); + this->checklists->insert_last(this->checklists, checklist); + + pthread_mutex_unlock(&(this->mutex)); + + return SUCCESS; +} + +/** + * Implementation of connect_manager_t.set_responder_data. + */ +static status_t set_responder_data(private_connect_manager_t *this, + chunk_t session_id, chunk_t key, linked_list_t *endpoints) +{ + check_list_t *checklist; + + pthread_mutex_lock(&(this->mutex)); + + if (get_checklist_by_id(this, session_id, &checklist) != SUCCESS) + { + DBG1(DBG_IKE, "checklist with id '%B' not found", + &session_id); + pthread_mutex_unlock(&(this->mutex)); + return NOT_FOUND; + } + + checklist->responder.key = chunk_clone(key); + checklist->responder.endpoints = endpoints->clone_offset(endpoints, offsetof(endpoint_notify_t, clone)); + checklist->state = CHECK_WAITING; + + build_pairs(checklist); + + schedule_checks(this, checklist, 0); // send the first check immediately + + pthread_mutex_unlock(&(this->mutex)); + + return SUCCESS; +} + +/** + * Implementation of connect_manager_t.destroy. + */ +static void destroy(private_connect_manager_t *this) +{ + pthread_mutex_lock(&(this->mutex)); + + this->hasher->destroy(this->hasher); + this->checklists->destroy_function(this->checklists, (void*)check_list_destroy); + this->initiated->destroy_function(this->initiated, (void*)initiated_destroy); + + pthread_mutex_unlock(&(this->mutex)); + pthread_mutex_destroy(&(this->mutex)); + free(this); +} + +/* + * Described in header. + */ +connect_manager_t *connect_manager_create() +{ + private_connect_manager_t *this = malloc_thing(private_connect_manager_t); + + this->public.destroy = (void(*)(connect_manager_t*))destroy; + this->public.check_and_register = (bool(*)(connect_manager_t*,identification_t*,identification_t*,ike_sa_id_t*,child_cfg_t*))check_and_register; + this->public.check_and_initiate = (void(*)(connect_manager_t*,ike_sa_id_t*,identification_t*,identification_t*))check_and_initiate; + this->public.set_initiator_data = (status_t(*)(connect_manager_t*,identification_t*,identification_t*,chunk_t,chunk_t,linked_list_t*,bool))set_initiator_data; + this->public.set_responder_data = (status_t(*)(connect_manager_t*,chunk_t,chunk_t,linked_list_t*))set_responder_data; + this->public.process_check = (void(*)(connect_manager_t*,message_t*))process_check; + + this->hasher = hasher_create(HASH_SHA1); + this->checklists = linked_list_create(); + this->initiated = linked_list_create(); + + pthread_mutex_init(&(this->mutex), NULL); + + return (connect_manager_t*)this; +} diff --git a/src/charon/sa/connect_manager.h b/src/charon/sa/connect_manager.h new file mode 100644 index 000000000..2f3e9109b --- /dev/null +++ b/src/charon/sa/connect_manager.h @@ -0,0 +1,131 @@ +/** + * @file connect_manager.h + * + * @brief Interface of connect_manager_t. + * + */ + +/* + * Copyright (C) 2007 Tobias Brunner + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#ifndef CONNECT_MANAGER_H_ +#define CONNECT_MANAGER_H_ + +typedef struct connect_manager_t connect_manager_t; + +#include +#include +#include +#include + +/** + * @brief The connection manager is responsible for establishing a direct + * connection with another peer. + * + * @b Constructors: + * - connect_manager_create() + * + * @ingroup sa + */ +struct connect_manager_t { + + /** + * @brief Checks if a there is already a mediated connection registered + * between two peers. + * + * @param this the manager object + * @param id my id + * @param peer_id the other peer's id + * @param mediated_sa the IKE_SA ID of the mediated connection + * @param child the CHILD_SA config of the mediated connection + * @returns + * - TRUE, if there was already a mediated connection registered + * - FALSE, otherwise + */ + bool (*check_and_register) (connect_manager_t *this, + identification_t *id, identification_t *peer_id, + ike_sa_id_t *mediated_sa, child_cfg_t *child); + + /** + * @brief Checks if there are waiting connections with a specific peer. + * If so, reinitiate them. + * + * @param this the manager object + * @param id my id + * @param peer_id the other peer's id + */ + void (*check_and_initiate) (connect_manager_t *this, ike_sa_id_t *mediation_sa, + identification_t *id, identification_t *peer_id); + + /** + * @brief Creates a checklist and sets the initiator's data. + * + * @param this the manager object + * @param initiator ID of the initiator + * @param responder ID of the responder + * @param session_id the session ID provided by the initiator + * @param key the initiator's key + * @param endpoints the initiator's endpoints + * @param is_initiator TRUE, if the caller of this method is the initiator + * FALSE, otherwise + * @returns + * SUCCESS + */ + status_t (*set_initiator_data) (connect_manager_t *this, + identification_t *initiator, identification_t *responder, + chunk_t session_id, chunk_t key, linked_list_t *endpoints, bool is_initiator); + + /** + * @brief Updates a checklist and sets the responder's data. The checklist's + * state is advanced to WAITING which means that checks will be sent. + * + * @param this the manager object + * @param session_id the session ID + * @param chunk_t the responder's key + * @param endpoints the responder's endpoints + * @returns + * - NOT_FOUND, if the checklist has not been found + * - SUCCESS, otherwise + */ + status_t (*set_responder_data) (connect_manager_t *this, + chunk_t session_id, chunk_t key, linked_list_t *endpoints); + + + /** + * @brief Processes a connectivity check + * + * @param this the manager object + * @param message the received message + */ + void (*process_check) (connect_manager_t *this, message_t *message); + + /** + * @brief Destroys the manager with all data. + * + * @param this the manager object + */ + void (*destroy) (connect_manager_t *this); +}; + +/** + * @brief Create a manager. + * + * @returns connect_manager_t object + * + * @ingroup sa + */ +connect_manager_t *connect_manager_create(void); + +#endif /*CONNECT_MANAGER_H_*/ diff --git a/src/charon/sa/ike_sa.c b/src/charon/sa/ike_sa.c index 0a996329d..9d7a17e89 100644 --- a/src/charon/sa/ike_sa.c +++ b/src/charon/sa/ike_sa.c @@ -6,7 +6,8 @@ */ /* - * Copyright (C) 2006 Tobias Brunner, Daniel Roethlisberger + * Copyright (C) 2006-2007 Tobias Brunner + * Copyright (C) 2006 Daniel Roethlisberger * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter * Hochschule fuer Technik Rapperswil @@ -65,6 +66,9 @@ #include #include +#ifdef P2P +#include +#endif #ifndef RESOLV_CONF #define RESOLV_CONF "/etc/resolv.conf" @@ -130,6 +134,13 @@ struct private_ike_sa_t { */ host_t *other_host; +#ifdef P2P + /** + * Server reflexive host + */ + host_t *server_reflexive_host; +#endif /* P2P */ + /** * Identification used for us */ @@ -495,6 +506,10 @@ static void set_condition(private_ike_sa_t *this, ike_condition_t condition, DBG1(DBG_IKE, "remote host is behind NAT"); this->conditions |= COND_NAT_ANY; break; + case COND_NAT_FAKE: + DBG1(DBG_IKE, "faking NAT situation to enforce UDP encapsulation"); + this->conditions |= COND_NAT_ANY; + break; default: break; } @@ -508,10 +523,12 @@ static void set_condition(private_ike_sa_t *this, ike_condition_t condition, DBG1(DBG_IKE, "new route to %H found", this->other_host); break; case COND_NAT_HERE: + case COND_NAT_FAKE: case COND_NAT_THERE: set_condition(this, COND_NAT_ANY, has_condition(this, COND_NAT_HERE) || - has_condition(this, COND_NAT_THERE)); + has_condition(this, COND_NAT_THERE) || + has_condition(this, COND_NAT_FAKE)); break; default: break; @@ -581,7 +598,8 @@ static ike_sa_state_t get_state(private_ike_sa_t *this) */ static void set_state(private_ike_sa_t *this, ike_sa_state_t state) { - DBG1(DBG_IKE, "IKE_SA state change: %N => %N", + DBG1(DBG_IKE, "IKE_SA '%s' state change: %N => %N", + get_name(this), ike_sa_state_names, this->state, ike_sa_state_names, state); @@ -663,14 +681,14 @@ static void set_virtual_ip(private_ike_sa_t *this, bool local, host_t *ip) { if (local) { - DBG1(DBG_IKE, "installing new virtual IP %H", ip); if (this->my_virtual_ip) - { + { DBG1(DBG_IKE, "removing old virtual IP %H", this->my_virtual_ip); charon->kernel_interface->del_ip(charon->kernel_interface, this->my_virtual_ip); this->my_virtual_ip->destroy(this->my_virtual_ip); } + DBG1(DBG_IKE, "installing new virtual IP %H", ip); if (charon->kernel_interface->add_ip(charon->kernel_interface, ip, this->my_host) == SUCCESS) { @@ -812,8 +830,6 @@ static status_t generate_message(private_ike_sa_t *this, message_t *message, { this->time.outbound = time(NULL); message->set_ike_sa_id(message, this->ike_sa_id); - message->set_destination(message, this->other_host->clone(this->other_host)); - message->set_source(message, this->my_host->clone(this->my_host)); return message->generate(message, this->crypter_out, this->signer_out, packet); } @@ -850,102 +866,91 @@ static void send_notify_response(private_ike_sa_t *this, message_t *request, response->destroy(response); } +#ifdef P2P /** - * Implementation of ike_sa_t.process_message. + * Implementation of ike_sa_t.get_server_reflexive_host. */ -static status_t process_message(private_ike_sa_t *this, message_t *message) +static host_t *get_server_reflexive_host(private_ike_sa_t *this) { - status_t status; - bool is_request; - - is_request = message->get_request(message); + return this->server_reflexive_host; +} + +/** + * Implementation of ike_sa_t.set_server_reflexive_host. + */ +static void set_server_reflexive_host(private_ike_sa_t *this, host_t *host) +{ + DESTROY_IF(this->server_reflexive_host); + this->server_reflexive_host = host; +} + +/** + * Implementation of ike_sa_t.respond + */ +static status_t respond(private_ike_sa_t *this, identification_t *peer_id, + chunk_t session_id) +{ + ike_p2p_t *task = ike_p2p_create(&this->public, TRUE); + task->respond(task, peer_id, session_id); + this->task_manager->queue_task(this->task_manager, (task_t*)task); + return this->task_manager->initiate(this->task_manager); +} + +/** + * Implementation of ike_sa_t.callback + */ +static status_t callback(private_ike_sa_t *this, identification_t *peer_id) +{ + ike_p2p_t *task = ike_p2p_create(&this->public, TRUE); + task->callback(task, peer_id); + this->task_manager->queue_task(this->task_manager, (task_t*)task); + return this->task_manager->initiate(this->task_manager); +} + +/** + * Implementation of ike_sa_t.relay + */ +static status_t relay(private_ike_sa_t *this, identification_t *requester, + chunk_t session_id, chunk_t session_key, linked_list_t *endpoints, bool response) +{ + ike_p2p_t *task = ike_p2p_create(&this->public, TRUE); + task->relay(task, requester, session_id, session_key, endpoints, response); + this->task_manager->queue_task(this->task_manager, (task_t*)task); + return this->task_manager->initiate(this->task_manager); +} + +/** + * Implementation of ike_sa_t.initiate_mediation + */ +static status_t initiate_mediation(private_ike_sa_t *this, peer_cfg_t *mediated_cfg) +{ + ike_p2p_t *task = ike_p2p_create(&this->public, TRUE); + task->connect(task, mediated_cfg->get_peer_id(mediated_cfg)); + this->task_manager->queue_task(this->task_manager, (task_t*)task); + return this->task_manager->initiate(this->task_manager); +} + +/** + * Implementation of ike_sa_t.initiate_mediated + */ +static status_t initiate_mediated(private_ike_sa_t *this, host_t *me, host_t *other, + linked_list_t *childs) +{ + this->my_host = me->clone(me); + this->other_host = other->clone(other); - status = message->parse_body(message, this->crypter_in, this->signer_in); - if (status != SUCCESS) - { - - if (is_request) - { - switch (status) - { - case NOT_SUPPORTED: - DBG1(DBG_IKE, "ciritcal unknown payloads found"); - if (is_request) - { - send_notify_response(this, message, UNSUPPORTED_CRITICAL_PAYLOAD); - } - break; - case PARSE_ERROR: - DBG1(DBG_IKE, "message parsing failed"); - if (is_request) - { - send_notify_response(this, message, INVALID_SYNTAX); - } - break; - case VERIFY_ERROR: - DBG1(DBG_IKE, "message verification failed"); - if (is_request) - { - send_notify_response(this, message, INVALID_SYNTAX); - } - break; - case FAILED: - DBG1(DBG_IKE, "integrity check failed"); - /* ignored */ - break; - case INVALID_STATE: - DBG1(DBG_IKE, "found encrypted message, but no keys available"); - if (is_request) - { - send_notify_response(this, message, INVALID_SYNTAX); - } - default: - break; - } - } - DBG1(DBG_IKE, "%N %s with message ID %d processing failed", - exchange_type_names, message->get_exchange_type(message), - message->get_request(message) ? "request" : "response", - message->get_message_id(message)); - return status; - } - else + task_t *task; + child_cfg_t *child_cfg; + iterator_t *iterator = childs->create_iterator(childs, TRUE); + while (iterator->iterate(iterator, (void**)&child_cfg)) { - host_t *me, *other; - - me = message->get_destination(message); - other = message->get_source(message); - - /* if this IKE_SA is virgin, we check for a config */ - if (this->ike_cfg == NULL) - { - job_t *job; - this->ike_cfg = charon->backends->get_ike_cfg(charon->backends, - me, other); - if (this->ike_cfg == NULL) - { - /* no config found for these hosts, destroy */ - DBG1(DBG_IKE, "no IKE config found for %H...%H, sending %N", - me, other, notify_type_names, NO_PROPOSAL_CHOSEN); - send_notify_response(this, message, NO_PROPOSAL_CHOSEN); - return DESTROY_ME; - } - /* add a timeout if peer does not establish it completely */ - job = (job_t*)delete_ike_sa_job_create(this->ike_sa_id, FALSE); - charon->scheduler->schedule_job(charon->scheduler, job, - HALF_OPEN_IKE_SA_TIMEOUT); - } - - /* check if message is trustworthy, and update host information */ - if (this->state == IKE_CREATED || this->state == IKE_CONNECTING || - message->get_exchange_type(message) != IKE_SA_INIT) - { - update_hosts(this, me, other); - this->time.inbound = time(NULL); - } - return this->task_manager->process_message(this->task_manager, message); + task = (task_t*)child_create_create(&this->public, child_cfg); + this->task_manager->queue_task(this->task_manager, task); } + iterator->destroy(iterator); + return this->task_manager->initiate(this->task_manager); } +#endif /* P2P */ /** * Implementation of ike_sa_t.initiate. @@ -956,8 +961,11 @@ static status_t initiate(private_ike_sa_t *this, child_cfg_t *child_cfg) if (this->state == IKE_CREATED) { - - if (this->other_host->is_anyaddr(this->other_host)) + if (this->other_host->is_anyaddr(this->other_host) +#ifdef P2P + && !this->peer_cfg->get_mediated_by(this->peer_cfg) +#endif /* P2P */ + ) { child_cfg->destroy(child_cfg); SIG(IKE_UP_START, "initiating IKE_SA"); @@ -975,13 +983,41 @@ static status_t initiate(private_ike_sa_t *this, child_cfg_t *child_cfg) this->task_manager->queue_task(this->task_manager, task); task = (task_t*)ike_config_create(&this->public, TRUE); this->task_manager->queue_task(this->task_manager, task); - task = (task_t*)ike_mobike_create(&this->public, TRUE); + if (this->peer_cfg->use_mobike(this->peer_cfg)) + { + task = (task_t*)ike_mobike_create(&this->public, TRUE); + this->task_manager->queue_task(this->task_manager, task); + } +#ifdef P2P + task = (task_t*)ike_p2p_create(&this->public, TRUE); + this->task_manager->queue_task(this->task_manager, task); +#endif /* P2P */ + } + +#ifdef P2P + if (this->peer_cfg->get_mediated_by(this->peer_cfg)) + { + // mediated connection, initiate mediation process + job_t *job = (job_t*)initiate_mediation_job_create(this->ike_sa_id, child_cfg); + child_cfg->destroy(child_cfg); + charon->processor->queue_job(charon->processor, job); + return SUCCESS; + } + else if (this->peer_cfg->is_mediation(this->peer_cfg)) + { + if (this->state == IKE_ESTABLISHED) + {// FIXME: we should try to find a better solution to this + SIG(CHILD_UP_SUCCESS, "mediation connection is already up and running"); + } + } + else +#endif /* P2P */ + { + // normal IKE_SA with CHILD_SA + task = (task_t*)child_create_create(&this->public, child_cfg); + child_cfg->destroy(child_cfg); this->task_manager->queue_task(this->task_manager, task); } - - task = (task_t*)child_create_create(&this->public, child_cfg); - child_cfg->destroy(child_cfg); - this->task_manager->queue_task(this->task_manager, task); return this->task_manager->initiate(this->task_manager); } @@ -990,7 +1026,7 @@ static status_t initiate(private_ike_sa_t *this, child_cfg_t *child_cfg) * Implementation of ike_sa_t.acquire. */ static status_t acquire(private_ike_sa_t *this, u_int32_t reqid) -{ +{// FIXME: P2P-NAT-T child_cfg_t *child_cfg; iterator_t *iterator; child_sa_t *current, *child_sa = NULL; @@ -1037,8 +1073,11 @@ static status_t acquire(private_ike_sa_t *this, u_int32_t reqid) this->task_manager->queue_task(this->task_manager, task); task = (task_t*)ike_config_create(&this->public, TRUE); this->task_manager->queue_task(this->task_manager, task); - task = (task_t*)ike_mobike_create(&this->public, TRUE); - this->task_manager->queue_task(this->task_manager, task); + if (this->peer_cfg->use_mobike(this->peer_cfg)) + { + task = (task_t*)ike_mobike_create(&this->public, TRUE); + this->task_manager->queue_task(this->task_manager, task); + } } child_cfg = child_sa->get_config(child_sa); @@ -1162,12 +1201,156 @@ static status_t unroute(private_ike_sa_t *this, u_int32_t reqid) } return SUCCESS; } +/** + * Implementation of ike_sa_t.process_message. + */ +static status_t process_message(private_ike_sa_t *this, message_t *message) +{ + status_t status; + bool is_request; + + is_request = message->get_request(message); + + status = message->parse_body(message, this->crypter_in, this->signer_in); + if (status != SUCCESS) + { + + if (is_request) + { + switch (status) + { + case NOT_SUPPORTED: + DBG1(DBG_IKE, "ciritcal unknown payloads found"); + if (is_request) + { + send_notify_response(this, message, UNSUPPORTED_CRITICAL_PAYLOAD); + } + break; + case PARSE_ERROR: + DBG1(DBG_IKE, "message parsing failed"); + if (is_request) + { + send_notify_response(this, message, INVALID_SYNTAX); + } + break; + case VERIFY_ERROR: + DBG1(DBG_IKE, "message verification failed"); + if (is_request) + { + send_notify_response(this, message, INVALID_SYNTAX); + } + break; + case FAILED: + DBG1(DBG_IKE, "integrity check failed"); + /* ignored */ + break; + case INVALID_STATE: + DBG1(DBG_IKE, "found encrypted message, but no keys available"); + if (is_request) + { + send_notify_response(this, message, INVALID_SYNTAX); + } + default: + break; + } + } + DBG1(DBG_IKE, "%N %s with message ID %d processing failed", + exchange_type_names, message->get_exchange_type(message), + message->get_request(message) ? "request" : "response", + message->get_message_id(message)); + return status; + } + else + { + host_t *me, *other; + private_ike_sa_t *new; + iterator_t *iterator; + child_sa_t *child; + bool has_routed = FALSE; + + me = message->get_destination(message); + other = message->get_source(message); + + /* if this IKE_SA is virgin, we check for a config */ + if (this->ike_cfg == NULL) + { + job_t *job; + this->ike_cfg = charon->backends->get_ike_cfg(charon->backends, + me, other); + if (this->ike_cfg == NULL) + { + /* no config found for these hosts, destroy */ + DBG1(DBG_IKE, "no IKE config found for %H...%H, sending %N", + me, other, notify_type_names, NO_PROPOSAL_CHOSEN); + send_notify_response(this, message, NO_PROPOSAL_CHOSEN); + return DESTROY_ME; + } + /* add a timeout if peer does not establish it completely */ + job = (job_t*)delete_ike_sa_job_create(this->ike_sa_id, FALSE); + charon->scheduler->schedule_job(charon->scheduler, job, + HALF_OPEN_IKE_SA_TIMEOUT); + } + + /* check if message is trustworthy, and update host information */ + if (this->state == IKE_CREATED || this->state == IKE_CONNECTING || + message->get_exchange_type(message) != IKE_SA_INIT) + { + update_hosts(this, me, other); + this->time.inbound = time(NULL); + } + status = this->task_manager->process_message(this->task_manager, message); + if (status != DESTROY_ME) + { + return status; + } + /* if IKE_SA gets closed for any reasons, reroute routed children */ + iterator = this->child_sas->create_iterator(this->child_sas, TRUE); + while (iterator->iterate(iterator, (void**)&child)) + { + if (child->get_state(child) == CHILD_ROUTED) + { + has_routed = TRUE; + break; + } + } + iterator->destroy(iterator); + if (!has_routed) + { + return status; + } + /* move routed children to a new IKE_SA, apply connection info */ + new = (private_ike_sa_t*)charon->ike_sa_manager->checkout_new( + charon->ike_sa_manager, TRUE); + set_peer_cfg(new, this->peer_cfg); + new->other_host->destroy(new->other_host); + new->other_host = this->other_host->clone(this->other_host); + if (!has_condition(this, COND_NAT_THERE)) + { + new->other_host->set_port(new->other_host, IKEV2_UDP_PORT); + } + if (this->my_virtual_ip) + { + set_virtual_ip(new, TRUE, this->my_virtual_ip); + } + iterator = this->child_sas->create_iterator(this->child_sas, TRUE); + while (iterator->iterate(iterator, (void**)&child)) + { + if (child->get_state(child) == CHILD_ROUTED) + { + route(new, child->get_config(child)); + } + } + iterator->destroy(iterator); + charon->ike_sa_manager->checkin(charon->ike_sa_manager, &new->public); + return status; + } +} /** * Implementation of ike_sa_t.retransmit. */ static status_t retransmit(private_ike_sa_t *this, u_int32_t message_id) -{ +{// FIXME: P2P-NAT-T this->time.outbound = time(NULL); if (this->task_manager->retransmit(this->task_manager, message_id) != SUCCESS) { @@ -1283,9 +1466,12 @@ static status_t retransmit(private_ike_sa_t *this, u_int32_t message_id) { task = (task_t*)child_create_create(&new->public, child_cfg); new->task_manager->queue_task(new->task_manager, task); + } + if (this->peer_cfg->use_mobike(this->peer_cfg)) + { + task = (task_t*)ike_mobike_create(&new->public, TRUE); + new->task_manager->queue_task(new->task_manager, task); } - task = (task_t*)ike_mobike_create(&new->public, TRUE); - new->task_manager->queue_task(new->task_manager, task); new->task_manager->initiate(new->task_manager); } charon->ike_sa_manager->checkin(charon->ike_sa_manager, &new->public); @@ -1684,9 +1870,12 @@ static status_t delete_(private_ike_sa_t *this) ike_delete = ike_delete_create(&this->public, TRUE); this->task_manager->queue_task(this->task_manager, &ike_delete->task); return this->task_manager->initiate(this->task_manager); + case IKE_CREATED: + SIG(IKE_DOWN_SUCCESS, "deleting unestablished IKE_SA"); + break; default: - DBG1(DBG_IKE, "destroying IKE_SA in state %N without notification", - ike_sa_state_names, this->state); + SIG(IKE_DOWN_SUCCESS, "destroying IKE_SA in state %N " + "without notification", ike_sa_state_names, this->state); break; } return DESTROY_ME; @@ -1743,30 +1932,19 @@ static status_t roam(private_ike_sa_t *this, bool address) other = this->other_host; me = charon->kernel_interface->get_source_addr(charon->kernel_interface, other); - - /* TODO: find a better path using additional addresses of peer */ - - if (!me) - { - /* no route found to host, set to stale, wait for a new route */ - set_condition(this, COND_STALE, TRUE); - return FAILED; - } set_condition(this, COND_STALE, FALSE); - if (me->ip_equals(me, this->my_host) && - other->ip_equals(other, this->other_host)) + if (me) { - DBG2(DBG_IKE, "%H still reached through %H, no update needed", - this->other_host, me); + if (me->ip_equals(me, this->my_host) && + other->ip_equals(other, this->other_host)) + { + DBG2(DBG_IKE, "keeping connection path %H - %H", this->other_host, me); + me->destroy(me); + return SUCCESS; + } me->destroy(me); - return SUCCESS; } - me->set_port(me, this->my_host->get_port(this->my_host)); - other = other->clone(other); - other->set_port(other, this->other_host->get_port(this->other_host)); - set_my_host(this, me); - set_other_host(this, other); /* update addresses with mobike, if supported ... */ if (supports_extension(this, EXT_MOBIKE)) @@ -1995,6 +2173,15 @@ static void destroy(private_ike_sa_t *this) offsetof(host_t, destroy)); this->additional_addresses->destroy_offset(this->additional_addresses, offsetof(host_t, destroy)); +#ifdef P2P + if (this->peer_cfg && this->peer_cfg->is_mediation(this->peer_cfg) && + !this->ike_sa_id->is_initiator(this->ike_sa_id)) + { + // mediation server + charon->mediation_manager->remove(charon->mediation_manager, this->ike_sa_id); + } + DESTROY_IF(this->server_reflexive_host); +#endif /* P2P */ DESTROY_IF(this->my_host); DESTROY_IF(this->other_host); @@ -2077,6 +2264,15 @@ ike_sa_t * ike_sa_create(ike_sa_id_t *ike_sa_id) this->public.set_virtual_ip = (void (*)(ike_sa_t*,bool,host_t*))set_virtual_ip; this->public.get_virtual_ip = (host_t* (*)(ike_sa_t*,bool))get_virtual_ip; this->public.add_dns_server = (void (*)(ike_sa_t*,host_t*))add_dns_server; +#ifdef P2P + this->public.get_server_reflexive_host = (host_t* (*)(ike_sa_t*)) get_server_reflexive_host; + this->public.set_server_reflexive_host = (void (*)(ike_sa_t*,host_t*)) set_server_reflexive_host; + this->public.initiate_mediation = (status_t (*)(ike_sa_t*,peer_cfg_t*)) initiate_mediation; + this->public.initiate_mediated = (status_t (*)(ike_sa_t*,host_t*,host_t*,linked_list_t*)) initiate_mediated; + this->public.relay = (status_t (*)(ike_sa_t*,identification_t*,chunk_t,chunk_t,linked_list_t*,bool)) relay; + this->public.callback = (status_t (*)(ike_sa_t*,identification_t*)) callback; + this->public.respond = (status_t (*)(ike_sa_t*,identification_t*,chunk_t)) respond; +#endif /* P2P */ /* initialize private fields */ this->ike_sa_id = ike_sa_id->clone(ike_sa_id); @@ -2111,6 +2307,9 @@ ike_sa_t * ike_sa_create(ike_sa_id_t *ike_sa_id) this->additional_addresses = linked_list_create(); this->pending_updates = 0; this->keyingtry = 0; +#ifdef P2P + this->server_reflexive_host = NULL; +#endif /* P2P */ return &this->public; } diff --git a/src/charon/sa/ike_sa.h b/src/charon/sa/ike_sa.h index ba189577c..99f09e98a 100644 --- a/src/charon/sa/ike_sa.h +++ b/src/charon/sa/ike_sa.h @@ -6,7 +6,8 @@ */ /* - * Copyright (C) 2006 Tobias Brunner, Daniel Roethlisberger + * Copyright (C) 2006-2007 Tobias Brunner + * Copyright (C) 2006 Daniel Roethlisberger * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter * Hochschule fuer Technik Rapperswil @@ -94,7 +95,7 @@ enum ike_extension_t { enum ike_condition_t { /** - * Connection is natted somewhere + * Connection is natted (or faked) somewhere */ COND_NAT_ANY = (1<<0), @@ -107,11 +108,16 @@ enum ike_condition_t { * other is behind NAT */ COND_NAT_THERE = (1<<2), + + /** + * Faking NAT to enforce UDP encapsulation + */ + COND_NAT_FAKE = (1<<3), /** * peer is currently not reachable (due missing route, ...) */ - COND_STALE = (1<<3), + COND_STALE = (1<<4), }; /** @@ -447,6 +453,96 @@ struct ike_sa_t { * @param updates number of pending updates */ void (*set_pending_updates)(ike_sa_t *this, u_int32_t updates); + +#ifdef P2P + /** + * @brief Get the server reflexive host. + * + * @param this calling object + * @return server reflexive host + */ + host_t* (*get_server_reflexive_host) (ike_sa_t *this); + + /** + * @brief Set the server reflexive host. + * + * @param this calling object + * @param host server reflexive host + */ + void (*set_server_reflexive_host) (ike_sa_t *this, host_t *host); + + /** + * @brief Initiate the mediation of a mediated connection (i.e. initiate a + * P2P_CONNECT exchange). + * + * @param this calling object + * @param mediated_cfg peer_cfg of the mediated connection + * @return + * - SUCCESS if initialization started + * - DESTROY_ME if initialization failed + */ + status_t (*initiate_mediation) (ike_sa_t *this, peer_cfg_t *mediated_cfg); + + /** + * @brief Initiate the mediated connection + * + * @param this calling object + * @param me local endpoint (gets cloned) + * @param other remote endpoint (gets cloned) + * @param childs linked list of child_cfg_t of CHILD_SAs (gets cloned) + * @return + * - SUCCESS if initialization started + * - DESTROY_ME if initialization failed + */ + status_t (*initiate_mediated) (ike_sa_t *this, host_t *me, host_t *other, + linked_list_t *childs); + + /** + * @brief Relay data from one peer to another (i.e. initiate a + * P2P_CONNECT exchange). + * + * Data is cloned. + * + * @param this calling object + * @param requester ID of the requesting peer + * @param session_id data of the P2P_SESSIONID payload + * @param session_key data of the P2P_SESSIONKEY payload + * @param endpoints endpoints + * @param response TRUE if this is a response + * @return + * - SUCCESS if relay started + * - DESTROY_ME if relay failed + */ + status_t (*relay) (ike_sa_t *this, identification_t *requester, chunk_t session_id, + chunk_t session_key, linked_list_t *endpoints, bool response); + + /** + * @brief Send a callback to a peer. + * + * Data is cloned. + * + * @param this calling object + * @param peer_id ID of the other peer + * @return + * - SUCCESS if response started + * - DESTROY_ME if response failed + */ + status_t (*callback) (ike_sa_t *this, identification_t *peer_id); + + /** + * @brief Respond to a P2P_CONNECT request. + * + * Data is cloned. + * + * @param this calling object + * @param peer_id ID of the other peer + * @param session_id the session ID supplied by the initiator + * @return + * - SUCCESS if response started + * - DESTROY_ME if response failed + */ + status_t (*respond) (ike_sa_t *this, identification_t *peer_id, chunk_t session_id); +#endif /* P2P */ /** * @brief Initiate a new connection. diff --git a/src/charon/sa/ike_sa_manager.c b/src/charon/sa/ike_sa_manager.c index 56b865891..5014ea0e2 100644 --- a/src/charon/sa/ike_sa_manager.c +++ b/src/charon/sa/ike_sa_manager.c @@ -368,7 +368,7 @@ static ike_sa_t *checkout_new(private_ike_sa_manager_t* this, bool initiator) } /** - * Implementation of of ike_sa_manager.checkout_by_id. + * Implementation of of ike_sa_manager.checkout_by_message. */ static ike_sa_t* checkout_by_message(private_ike_sa_manager_t* this, message_t *message) @@ -483,7 +483,7 @@ static ike_sa_t* checkout_by_message(private_ike_sa_manager_t* this, } /** - * Implementation of of ike_sa_manager.checkout_by_id. + * Implementation of of ike_sa_manager.checkout_by_peer. */ static ike_sa_t* checkout_by_peer(private_ike_sa_manager_t *this, host_t *my_host, host_t *other_host, @@ -542,6 +542,7 @@ static ike_sa_t* checkout_by_peer(private_ike_sa_manager_t *this, my_host, my_id, other_host, other_id); entry->checked_out = TRUE; ike_sa = entry->ike_sa; + break; } } iterator->destroy(iterator); diff --git a/src/charon/sa/mediation_manager.c b/src/charon/sa/mediation_manager.c new file mode 100644 index 000000000..fca53a940 --- /dev/null +++ b/src/charon/sa/mediation_manager.c @@ -0,0 +1,343 @@ +/** + * @file mediation_manager.c + * + * @brief Implementation of mediation_manager_t. + * + */ + +/* + * Copyright (C) 2007 Tobias Brunner + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "mediation_manager.h" + +#include +#include +#include +#include + + +typedef struct peer_t peer_t; + +/** + * An entry in the linked list. + */ +struct peer_t { + /** id of the peer */ + identification_t *id; + + /** sa id of the peer, NULL if offline */ + ike_sa_id_t *ike_sa_id; + + /** list of peer ids that reuested this peer */ + linked_list_t *requested_by; +}; + +/** + * Implementation of peer_t.destroy. + */ +static void peer_destroy(peer_t *this) +{ + DESTROY_IF(this->id); + DESTROY_IF(this->ike_sa_id); + this->requested_by->destroy_offset(this->requested_by, offsetof(identification_t, destroy)); + free(this); +} + +/** + * Creates a new entry for the list. + */ +static peer_t *peer_create(identification_t *id, ike_sa_id_t* ike_sa_id) +{ + peer_t *this = malloc_thing(peer_t); + + /* clone everything */ + this->id = id->clone(id); + this->ike_sa_id = ike_sa_id ? ike_sa_id->clone(ike_sa_id) : NULL; + this->requested_by = linked_list_create(); + + return this; +} + + +typedef struct private_mediation_manager_t private_mediation_manager_t; + +/** + * Additional private members of mediation_manager_t. + */ +struct private_mediation_manager_t { + /** + * Public interface of mediation_manager_t. + */ + mediation_manager_t public; + + /** + * Lock for exclusivly accessing the manager. + */ + pthread_mutex_t mutex; + + /** + * Linked list with state entries. + */ + linked_list_t *peers; +}; + +/** + * Registers a peer's ID at another peer, if it is not yet registered + */ +static void register_peer(peer_t *peer, identification_t *peer_id) +{ + iterator_t *iterator; + identification_t *current; + + iterator = peer->requested_by->create_iterator(peer->requested_by, TRUE); + while (iterator->iterate(iterator, (void**)¤t)) + { + if (peer_id->equals(peer_id, current)) + { + iterator->destroy(iterator); + return; + } + } + iterator->destroy(iterator); + + peer->requested_by->insert_last(peer->requested_by, peer_id->clone(peer_id)); +} + +/** + * Get a peer_t object by a peer's id + */ +static status_t get_peer_by_id(private_mediation_manager_t *this, + identification_t *id, peer_t **peer) +{ + iterator_t *iterator; + peer_t *current; + status_t status = NOT_FOUND; + + iterator = this->peers->create_iterator(this->peers, TRUE); + while (iterator->iterate(iterator, (void**)¤t)) + { + if (id->equals(id, current->id)) + { + if (peer) + { + *peer = current; + } + status = SUCCESS; + break; + } + } + iterator->destroy(iterator); + + return status; +} + +/** + * Check if a given peer is registered at other peers. If so, remove it there + * and then remove peers completely that are not online and have no registered + * peers. + */ +static void unregister_peer(private_mediation_manager_t *this, identification_t *peer_id) +{ + iterator_t *iterator, *iterator_r; + peer_t *peer; + identification_t *registered; + + iterator = this->peers->create_iterator(this->peers, TRUE); + while (iterator->iterate(iterator, (void**)&peer)) + { + iterator_r = peer->requested_by->create_iterator(peer->requested_by, TRUE); + while (iterator_r->iterate(iterator_r, (void**)®istered)) + { + if (peer_id->equals(peer_id, registered)) + { + iterator_r->remove(iterator_r); + registered->destroy(registered); + break; + } + } + iterator_r->destroy(iterator_r); + + if (!peer->ike_sa_id && !peer->requested_by->get_count(peer->requested_by)) + { + iterator->remove(iterator); + peer_destroy(peer); + break; + } + } + iterator->destroy(iterator); +} + +/** + * Implementation of mediation_manager_t.remove + */ +static void remove_sa(private_mediation_manager_t *this, ike_sa_id_t *ike_sa_id) +{ + iterator_t *iterator; + peer_t *peer; + + pthread_mutex_lock(&(this->mutex)); + + iterator = this->peers->create_iterator(this->peers, TRUE); + while (iterator->iterate(iterator, (void**)&peer)) + { + if (ike_sa_id->equals(ike_sa_id, peer->ike_sa_id)) + { + iterator->remove(iterator); + + unregister_peer(this, peer->id); + + peer_destroy(peer); + break; + } + } + iterator->destroy(iterator); + + pthread_mutex_unlock(&(this->mutex)); +} + +/** + * Implementation of mediation_manager_t.update_sa_id + */ +static void update_sa_id(private_mediation_manager_t *this, identification_t *peer_id, ike_sa_id_t *ike_sa_id) +{ + iterator_t *iterator; + peer_t *peer; + bool found = FALSE; + + pthread_mutex_lock(&(this->mutex)); + + iterator = this->peers->create_iterator(this->peers, TRUE); + while (iterator->iterate(iterator, (void**)&peer)) + { + if (peer_id->equals(peer_id, peer->id)) + { + DESTROY_IF(peer->ike_sa_id); + found = TRUE; + break; + } + } + iterator->destroy(iterator); + + if (!found) + { + DBG2(DBG_IKE, "adding peer '%D'", peer_id); + peer = peer_create(peer_id, NULL); + this->peers->insert_last(this->peers, peer); + } + + DBG2(DBG_IKE, "changing registered IKE_SA ID of peer '%D'", peer_id); + peer->ike_sa_id = ike_sa_id ? ike_sa_id->clone(ike_sa_id) : NULL; + + // send callbacks to registered peers + identification_t *requester; + while(peer->requested_by->remove_last(peer->requested_by, (void**)&requester) == SUCCESS) + { + job_t *job = (job_t*)mediation_callback_job_create(requester, peer_id); + charon->processor->queue_job(charon->processor, job); + } + + pthread_mutex_unlock(&(this->mutex)); +} + +/** + * Implementation of mediation_manager_t.check. + */ +static ike_sa_id_t *check(private_mediation_manager_t *this, + identification_t *peer_id) +{ + peer_t *peer; + ike_sa_id_t *ike_sa_id; + + pthread_mutex_lock(&(this->mutex)); + + if (get_peer_by_id(this, peer_id, &peer) != SUCCESS) + { + pthread_mutex_unlock(&(this->mutex)); + return NULL; + } + + ike_sa_id = peer->ike_sa_id; + + pthread_mutex_unlock(&(this->mutex)); + + return ike_sa_id; +} + +/** + * Implementation of mediation_manager_t.check_and_register. + */ +static ike_sa_id_t *check_and_register(private_mediation_manager_t *this, + identification_t *peer_id, identification_t *requester) +{ + peer_t *peer; + ike_sa_id_t *ike_sa_id; + + pthread_mutex_lock(&(this->mutex)); + + if (get_peer_by_id(this, peer_id, &peer) != SUCCESS) + { + DBG2(DBG_IKE, "adding peer %D", peer_id); + peer = peer_create(peer_id, NULL); + this->peers->insert_last(this->peers, peer); + } + + if (!peer->ike_sa_id) + { + // the peer is not online + DBG2(DBG_IKE, "requested peer '%D' is offline, registering peer '%D'", peer_id, requester); + register_peer(peer, requester); + pthread_mutex_unlock(&(this->mutex)); + return NULL; + } + + ike_sa_id = peer->ike_sa_id; + + pthread_mutex_unlock(&(this->mutex)); + + return ike_sa_id; +} + +/** + * Implementation of mediation_manager_t.destroy. + */ +static void destroy(private_mediation_manager_t *this) +{ + pthread_mutex_lock(&(this->mutex)); + + this->peers->destroy_function(this->peers, (void*)peer_destroy); + + pthread_mutex_unlock(&(this->mutex)); + pthread_mutex_destroy(&(this->mutex)); + free(this); +} + +/* + * Described in header. + */ +mediation_manager_t *mediation_manager_create() +{ + private_mediation_manager_t *this = malloc_thing(private_mediation_manager_t); + + this->public.destroy = (void(*)(mediation_manager_t*))destroy; + this->public.remove = (void(*)(mediation_manager_t*,ike_sa_id_t*))remove_sa; + this->public.update_sa_id = (void(*)(mediation_manager_t*,identification_t*,ike_sa_id_t*))update_sa_id; + this->public.check = (ike_sa_id_t*(*)(mediation_manager_t*,identification_t*))check; + this->public.check_and_register = (ike_sa_id_t*(*)(mediation_manager_t*,identification_t*,identification_t*))check_and_register; + + this->peers = linked_list_create(); + pthread_mutex_init(&(this->mutex), NULL); + + return (mediation_manager_t*)this; +} diff --git a/src/charon/sa/mediation_manager.h b/src/charon/sa/mediation_manager.h new file mode 100644 index 000000000..74acc4d41 --- /dev/null +++ b/src/charon/sa/mediation_manager.h @@ -0,0 +1,104 @@ +/** + * @file mediation_manager.h + * + * @brief Interface of mediation_manager_t. + * + */ + +/* + * Copyright (C) 2007 Tobias Brunner + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#ifndef MEDIATION_MANAGER_H_ +#define MEDIATION_MANAGER_H_ + +typedef struct mediation_manager_t mediation_manager_t; + +#include +#include + +/** + * @brief The mediation manager is responsible for managing currently online + * peers and registered requests for offline peers on the mediation server. + * + * @b Constructors: + * - mediation_manager_create() + * + * @ingroup sa + */ +struct mediation_manager_t { + + /** + * @brief Remove the IKE_SA of a peer. + * + * @param this the manager object + * @param ike_sa_id the IKE_SA ID of the peer's SA + */ + void (*remove) (mediation_manager_t* this, ike_sa_id_t *ike_sa_id); + + /** + * @brief Update the ike_sa_id that is assigned to a peer's ID. If the peer + * is new, it gets a new record assigned. + * + * @param this the manager object + * @param peer_id the peer's ID + * @param ike_sa_id the IKE_SA ID of the peer's SA + */ + void (*update_sa_id) (mediation_manager_t* this, identification_t *peer_id, + ike_sa_id_t *ike_sa_id); + + /** + * @brief Checks if a specific peer is online. + * + * @param this the manager object + * @param peer_id the peer's ID + * @returns + * - IKE_SA ID of the peer's SA. + * - NULL, if the peer is not online. + */ + ike_sa_id_t* (*check) (mediation_manager_t* this, + identification_t *peer_id); + + /** + * @brief Checks if a specific peer is online and registers the requesting + * peer if it is not. + * + * @param this the manager object + * @param peer_id the peer's ID + * @param requester the requesters ID + * @returns + * - IKE_SA ID of the peer's SA. + * - NULL, if the peer is not online. + */ + ike_sa_id_t* (*check_and_register) (mediation_manager_t* this, + identification_t *peer_id, identification_t *requester); + + /** + * @brief Destroys the manager with all data. + * + * @param this the manager object + */ + void (*destroy) (mediation_manager_t *this); +}; + +/** + * @brief Create a manager. + * + * @returns mediation_manager_t object + * + * @ingroup sa + */ +mediation_manager_t *mediation_manager_create(void); + +#endif /*MEDIATION_MANAGER_H_*/ diff --git a/src/charon/sa/task_manager.c b/src/charon/sa/task_manager.c index 55592f437..f4484774e 100644 --- a/src/charon/sa/task_manager.c +++ b/src/charon/sa/task_manager.c @@ -6,6 +6,7 @@ */ /* + * Copyright (C) 2007 Tobias Brunner * Copyright (C) 2007 Martin Willi * Hochschule fuer Technik Rapperswil * @@ -40,6 +41,10 @@ #include #include +#ifdef P2P +#include +#endif + typedef struct exchange_t exchange_t; /** @@ -217,28 +222,73 @@ static status_t retransmit(private_task_manager_t *this, u_int32_t message_id) { u_int32_t timeout; job_t *job; + iterator_t *iterator; + packet_t *packet; + task_t *task; + ike_mobike_t *mobike = NULL; + + /* check if we are retransmitting a MOBIKE routability check */ + iterator = this->active_tasks->create_iterator(this->active_tasks, TRUE); + while (iterator->iterate(iterator, (void*)&task)) + { + if (task->get_type(task) == IKE_MOBIKE) + { + mobike = (ike_mobike_t*)task; + if (!mobike->is_probing(mobike)) + { + mobike = NULL; + } + break; + } + } + iterator->destroy(iterator); - if (this->initiating.retransmitted <= RETRANSMIT_TRIES) + if (mobike == NULL) { - timeout = (u_int32_t)(RETRANSMIT_TIMEOUT * - pow(RETRANSMIT_BASE, this->initiating.retransmitted)); + if (this->initiating.retransmitted <= RETRANSMIT_TRIES) + { + timeout = (u_int32_t)(RETRANSMIT_TIMEOUT * + pow(RETRANSMIT_BASE, this->initiating.retransmitted)); + } + else + { + DBG1(DBG_IKE, "giving up after %d retransmits", + this->initiating.retransmitted - 1); + return DESTROY_ME; + } + + if (this->initiating.retransmitted) + { + DBG1(DBG_IKE, "retransmit %d of request with message ID %d", + this->initiating.retransmitted, message_id); + } + packet = this->initiating.packet->clone(this->initiating.packet); } else - { - DBG1(DBG_IKE, "giving up after %d retransmits", - this->initiating.retransmitted - 1); - return DESTROY_ME; + { /* for routeability checks, we use a more aggressive behavior */ + if (this->initiating.retransmitted <= ROUTEABILITY_CHECK_TRIES) + { + timeout = ROUTEABILITY_CHECK_INTERVAL; + } + else + { + DBG1(DBG_IKE, "giving up after %d path probings", + this->initiating.retransmitted - 1); + return DESTROY_ME; + } + + if (this->initiating.retransmitted) + { + DBG1(DBG_IKE, "path probing attempt %d", + this->initiating.retransmitted); + } + packet = this->initiating.packet->clone(this->initiating.packet); + mobike->transmit(mobike, packet); } - if (this->initiating.retransmitted) - { - DBG1(DBG_IKE, "retransmit %d of request with message ID %d", - this->initiating.retransmitted, message_id); - } - this->initiating.retransmitted++; + charon->sender->send(charon->sender, packet); - charon->sender->send(charon->sender, - this->initiating.packet->clone(this->initiating.packet)); + this->initiating.retransmitted++; job = (job_t*)retransmit_job_create(this->initiating.mid, this->ike_sa->get_id(this->ike_sa)); charon->scheduler->schedule_job(charon->scheduler, job, timeout); @@ -255,6 +305,7 @@ static status_t build_request(private_task_manager_t *this) iterator_t *iterator; task_t *task; message_t *message; + host_t *me, *other; status_t status; exchange_type_t exchange = 0; @@ -277,6 +328,13 @@ static status_t build_request(private_task_manager_t *this) exchange = IKE_SA_INIT; activate_task(this, IKE_NATD); activate_task(this, IKE_CERT); +#ifdef P2P + /* this task has to be activated before the IKE_AUTHENTICATE + * task, because that task pregenerates the packet after + * which no payloads can be added to the message anymore. + */ + activate_task(this, IKE_P2P); +#endif /* P2P */ activate_task(this, IKE_AUTHENTICATE); activate_task(this, IKE_CONFIG); activate_task(this, CHILD_CREATE); @@ -324,6 +382,13 @@ static status_t build_request(private_task_manager_t *this) exchange = INFORMATIONAL; break; } +#ifdef P2P + if (activate_task(this, IKE_P2P)) + { + exchange = P2P_CONNECT; + break; + } +#endif /* P2P */ case IKE_REKEYING: if (activate_task(this, IKE_DELETE)) { @@ -372,8 +437,13 @@ static status_t build_request(private_task_manager_t *this) return SUCCESS; } + me = this->ike_sa->get_my_host(this->ike_sa); + other = this->ike_sa->get_other_host(this->ike_sa); + message = message_create(); message->set_message_id(message, this->initiating.mid); + message->set_source(message, me->clone(me)); + message->set_destination(message, other->clone(other)); message->set_exchange_type(message, exchange); this->initiating.type = exchange; this->initiating.retransmitted = 0; @@ -412,7 +482,7 @@ static status_t build_request(private_task_manager_t *this) * close the SA */ flush(this); return DESTROY_ME; - } + } return retransmit(this, this->initiating.mid); } @@ -523,17 +593,23 @@ static void handle_collisions(private_task_manager_t *this, task_t *task) /** * build a response depending on the "passive" task list */ -static status_t build_response(private_task_manager_t *this, - exchange_type_t exchange) +static status_t build_response(private_task_manager_t *this, message_t *request) { iterator_t *iterator; task_t *task; message_t *message; + host_t *me, *other; bool delete = FALSE; status_t status; + me = request->get_destination(request); + other = request->get_source(request); + message = message_create(); - message->set_exchange_type(message, exchange); + message->set_exchange_type(message, request->get_exchange_type(request)); + /* send response along the path the request came in */ + message->set_source(message, me->clone(me)); + message->set_destination(message, other->clone(other)); message->set_message_id(message, this->responding.mid); message->set_request(message, FALSE); @@ -563,7 +639,7 @@ static status_t build_response(private_task_manager_t *this, iterator->destroy(iterator); /* remove resonder SPI if IKE_SA_INIT failed */ - if (delete && exchange == IKE_SA_INIT) + if (delete && request->get_exchange_type(request) == IKE_SA_INIT) { ike_sa_id_t *id = this->ike_sa->get_id(this->ike_sa); id->set_responder_spi(id, 0); @@ -596,15 +672,12 @@ static status_t process_request(private_task_manager_t *this, { iterator_t *iterator; task_t *task = NULL; - exchange_type_t exchange; payload_t *payload; notify_payload_t *notify; delete_payload_t *delete; - exchange = message->get_exchange_type(message); - /* create tasks depending on request type */ - switch (exchange) + switch (message->get_exchange_type(message)) { case IKE_SA_INIT: { @@ -614,6 +687,10 @@ static status_t process_request(private_task_manager_t *this, this->passive_tasks->insert_last(this->passive_tasks, task); task = (task_t*)ike_cert_create(this->ike_sa, FALSE); this->passive_tasks->insert_last(this->passive_tasks, task); +#ifdef P2P + task = (task_t*)ike_p2p_create(this->ike_sa, FALSE); + this->passive_tasks->insert_last(this->passive_tasks, task); +#endif /* P2P */ task = (task_t*)ike_auth_create(this->ike_sa, FALSE); this->passive_tasks->insert_last(this->passive_tasks, task); task = (task_t*)ike_config_create(this->ike_sa, FALSE); @@ -625,7 +702,7 @@ static status_t process_request(private_task_manager_t *this, break; } case CREATE_CHILD_SA: - { + {//FIXME: we should prevent this on mediation connections bool notify_found = FALSE, ts_found = FALSE; iterator = message->get_payload_iterator(message); while (iterator->iterate(iterator, (void**)&payload)) @@ -733,6 +810,13 @@ static status_t process_request(private_task_manager_t *this, this->passive_tasks->insert_last(this->passive_tasks, task); break; } +#ifdef P2P + case P2P_CONNECT: + { + task = (task_t*)ike_p2p_create(this->ike_sa, FALSE); + this->passive_tasks->insert_last(this->passive_tasks, task); + } +#endif /* P2P */ default: break; } @@ -760,7 +844,7 @@ static status_t process_request(private_task_manager_t *this, } iterator->destroy(iterator); - return build_response(this, exchange); + return build_response(this, message); } /** @@ -783,14 +867,21 @@ static status_t process_message(private_task_manager_t *this, message_t *msg) } else if ((mid == this->responding.mid - 1) && this->responding.packet) { + packet_t *clone; + host_t *me, *other; + DBG1(DBG_IKE, "received retransmit of request with ID %d, " "retransmitting response", mid); - charon->sender->send(charon->sender, - this->responding.packet->clone(this->responding.packet)); + clone = this->responding.packet->clone(this->responding.packet); + me = msg->get_destination(msg); + other = msg->get_source(msg); + clone->set_source(clone, me->clone(me)); + clone->set_destination(clone, other->clone(other)); + charon->sender->send(charon->sender, clone); } else { - DBG1(DBG_IKE, "received message ID %d, excepted %d. Ignored", + DBG1(DBG_IKE, "received message ID %d, expected %d. Ignored", mid, this->responding.mid); } } @@ -806,7 +897,7 @@ static status_t process_message(private_task_manager_t *this, message_t *msg) } else { - DBG1(DBG_IKE, "received message ID %d, excepted %d. Ignored", + DBG1(DBG_IKE, "received message ID %d, expected %d. Ignored", mid, this->initiating.mid); return SUCCESS; } @@ -819,6 +910,23 @@ static status_t process_message(private_task_manager_t *this, message_t *msg) */ static void queue_task(private_task_manager_t *this, task_t *task) { + if (task->get_type(task) == IKE_MOBIKE) + { /* there is no need to queue more than one mobike task */ + iterator_t *iterator; + task_t *current; + + iterator = this->queued_tasks->create_iterator(this->queued_tasks, TRUE); + while (iterator->iterate(iterator, (void**)¤t)) + { + if (current->get_type(current) == IKE_MOBIKE) + { + iterator->destroy(iterator); + task->destroy(task); + return; + } + } + iterator->destroy(iterator); + } DBG2(DBG_IKE, "queueing %N task", task_type_names, task->get_type(task)); this->queued_tasks->insert_last(this->queued_tasks, task); } diff --git a/src/charon/sa/task_manager.h b/src/charon/sa/task_manager.h index fb34aab6a..38c63c1a9 100644 --- a/src/charon/sa/task_manager.h +++ b/src/charon/sa/task_manager.h @@ -51,6 +51,20 @@ typedef struct task_manager_t task_manager_t; */ #define RETRANSMIT_TRIES 5 +/** + * Interval for mobike routability checks in ms. + * + * @ingroup sa + */ +#define ROUTEABILITY_CHECK_INTERVAL 2500 + +/** + * Number of routability checks before giving up + * + * @ingroup sa + */ +#define ROUTEABILITY_CHECK_TRIES 10 + /** * @brief The task manager, juggles task and handles message exchanges. diff --git a/src/charon/sa/tasks/child_create.c b/src/charon/sa/tasks/child_create.c index 42f34a94b..3947a84d1 100644 --- a/src/charon/sa/tasks/child_create.c +++ b/src/charon/sa/tasks/child_create.c @@ -722,7 +722,8 @@ static status_t build_r(private_child_create_t *this, message_t *message) build_payloads(this, message); - SIG(CHILD_UP_SUCCESS, "established CHILD_SA successfully"); + SIG(CHILD_UP_SUCCESS, "CHILD_SA '%s' established successfully", + this->child_sa->get_name(this->child_sa)); return SUCCESS; } @@ -807,7 +808,8 @@ static status_t process_i(private_child_create_t *this, message_t *message) if (select_and_install(this, no_dh) == SUCCESS) { - SIG(CHILD_UP_SUCCESS, "established CHILD_SA successfully"); + SIG(CHILD_UP_SUCCESS, "CHILD_SA '%s' established successfully", + this->child_sa->get_name(this->child_sa)); } return SUCCESS; } diff --git a/src/charon/sa/tasks/ike_auth.c b/src/charon/sa/tasks/ike_auth.c index c1c0cd5a2..a3cd6a2bc 100644 --- a/src/charon/sa/tasks/ike_auth.c +++ b/src/charon/sa/tasks/ike_auth.c @@ -157,13 +157,13 @@ static status_t build_id(private_ike_auth_t *this, message_t *message) this->ike_sa->set_my_id(this->ike_sa, me->clone(me)); } - id = id_payload_create_from_identification(this->initiator, me); + id = id_payload_create_from_identification(this->initiator ? ID_INITIATOR : ID_RESPONDER, me); message->add_payload(message, (payload_t*)id); /* as initiator, include other ID if it does not contain wildcards */ if (this->initiator && !other->contains_wildcards(other)) { - id = id_payload_create_from_identification(FALSE, other); + id = id_payload_create_from_identification(ID_RESPONDER, other); message->add_payload(message, (payload_t*)id); } return SUCCESS; @@ -320,7 +320,8 @@ static status_t build_auth_eap(private_ike_auth_t *this, message_t *message) if (!this->initiator) { this->ike_sa->set_state(this->ike_sa, IKE_ESTABLISHED); - SIG(IKE_UP_SUCCESS, "IKE_SA established between %D[%H]...[%H]%D", + SIG(IKE_UP_SUCCESS, "IKE_SA '%s' established between %D[%H]...[%H]%D", + this->ike_sa->get_name(this->ike_sa), this->ike_sa->get_my_id(this->ike_sa), this->ike_sa->get_my_host(this->ike_sa), this->ike_sa->get_other_host(this->ike_sa), @@ -365,7 +366,8 @@ static status_t process_auth_eap(private_ike_auth_t *this, message_t *message) if (this->initiator) { this->ike_sa->set_state(this->ike_sa, IKE_ESTABLISHED); - SIG(IKE_UP_SUCCESS, "IKE_SA established between %D[%H]...[%H]%D", + SIG(IKE_UP_SUCCESS, "IKE_SA '%s' established between %D[%H]...[%H]%D", + this->ike_sa->get_name(this->ike_sa), this->ike_sa->get_my_id(this->ike_sa), this->ike_sa->get_my_host(this->ike_sa), this->ike_sa->get_other_host(this->ike_sa), @@ -573,7 +575,8 @@ static status_t build_r(private_ike_auth_t *this, message_t *message) if (this->peer_authenticated) { this->ike_sa->set_state(this->ike_sa, IKE_ESTABLISHED); - SIG(IKE_UP_SUCCESS, "IKE_SA established between %D[%H]...[%H]%D", + SIG(IKE_UP_SUCCESS, "IKE_SA '%s' established between %D[%H]...[%H]%D", + this->ike_sa->get_name(this->ike_sa), this->ike_sa->get_my_id(this->ike_sa), this->ike_sa->get_my_host(this->ike_sa), this->ike_sa->get_other_host(this->ike_sa), @@ -675,7 +678,8 @@ static status_t process_i(private_ike_auth_t *this, message_t *message) } this->ike_sa->set_state(this->ike_sa, IKE_ESTABLISHED); - SIG(IKE_UP_SUCCESS, "IKE_SA established between %D[%H]...[%H]%D", + SIG(IKE_UP_SUCCESS, "IKE_SA '%s' established between %D[%H]...[%H]%D", + this->ike_sa->get_name(this->ike_sa), this->ike_sa->get_my_id(this->ike_sa), this->ike_sa->get_my_host(this->ike_sa), this->ike_sa->get_other_host(this->ike_sa), diff --git a/src/charon/sa/tasks/ike_init.c b/src/charon/sa/tasks/ike_init.c index f78b5dd66..42b47a82f 100644 --- a/src/charon/sa/tasks/ike_init.c +++ b/src/charon/sa/tasks/ike_init.c @@ -149,10 +149,18 @@ static void build_payloads(private_ike_init_t *this, message_t *message) nonce_payload = nonce_payload_create(); nonce_payload->set_nonce(nonce_payload, this->my_nonce); - message->add_payload(message, (payload_t*)nonce_payload); - ke_payload = ke_payload_create_from_diffie_hellman(this->dh); - message->add_payload(message, (payload_t*)ke_payload); + + if (this->old_sa) + { /* payload order differs if we are rekeying */ + message->add_payload(message, (payload_t*)nonce_payload); + message->add_payload(message, (payload_t*)ke_payload); + } + else + { + message->add_payload(message, (payload_t*)ke_payload); + message->add_payload(message, (payload_t*)nonce_payload); + } } /** @@ -218,7 +226,8 @@ static status_t build_i(private_ike_init_t *this, message_t *message) status_t status; this->config = this->ike_sa->get_ike_cfg(this->ike_sa); - SIG(IKE_UP_START, "initiating IKE_SA to %H", + SIG(IKE_UP_START, "initiating IKE_SA '%s' to %H", + this->ike_sa->get_name(this->ike_sa), this->config->get_other_host(this->config)); this->ike_sa->set_state(this->ike_sa, IKE_CONNECTING); diff --git a/src/charon/sa/tasks/ike_mobike.c b/src/charon/sa/tasks/ike_mobike.c index 8d4dce36c..d1fc8c695 100644 --- a/src/charon/sa/tasks/ike_mobike.c +++ b/src/charon/sa/tasks/ike_mobike.c @@ -64,7 +64,12 @@ struct private_ike_mobike_t { /** * use task to update addresses */ - bool roam; + bool update; + + /** + * do routability check + */ + bool check; /** * include address list update @@ -140,7 +145,7 @@ static void process_payloads(private_ike_mobike_t *this, message_t *message) } case UPDATE_SA_ADDRESSES: { - this->roam = TRUE; + this->update = TRUE; break; } case NO_ADDITIONAL_ADDRESSES: @@ -224,6 +229,58 @@ static void update_children(private_ike_mobike_t *this) iterator->destroy(iterator); } +/** + * Implementation of ike_mobike_t.transmit + */ +static void transmit(private_ike_mobike_t *this, packet_t *packet) +{ + host_t *me, *other, *me_old, *other_old; + iterator_t *iterator; + packet_t *copy; + + if (!this->check) + { + return; + } + + me_old = this->ike_sa->get_my_host(this->ike_sa); + other_old = this->ike_sa->get_other_host(this->ike_sa); + + me = charon->kernel_interface->get_source_addr( + charon->kernel_interface, other_old); + if (me) + { + me->set_port(me, me->ip_equals(me, me_old) ? + me_old->get_port(me_old) : IKEV2_NATT_PORT); + packet->set_source(packet, me); + } + + iterator = this->ike_sa->create_additional_address_iterator(this->ike_sa); + while (iterator->iterate(iterator, (void**)&other)) + { + me = charon->kernel_interface->get_source_addr( + charon->kernel_interface, other); + if (me) + { + /* reuse port for an active address, 4500 otherwise */ + me->set_port(me, me->ip_equals(me, me_old) ? + me_old->get_port(me_old) : IKEV2_NATT_PORT); + other = other->clone(other); + other->set_port(other, other->ip_equals(other, other_old) ? + other_old->get_port(other_old) : IKEV2_NATT_PORT); + DBG1(DBG_IKE, "checking path %#H - %#H", me, other); + copy = packet->clone(packet); + copy->set_source(copy, me); + copy->set_destination(copy, other); + charon->sender->send(charon->sender, copy); + } + } + iterator->destroy(iterator); + me = packet->get_source(packet); + other = packet->get_destination(packet); + DBG1(DBG_IKE, "checking path %#H - %#H", me, other); +} + /** * Implementation of task_t.process for initiator */ @@ -235,22 +292,22 @@ static status_t build_i(private_ike_mobike_t *this, message_t *message) message->add_notify(message, FALSE, MOBIKE_SUPPORTED, chunk_empty); build_address_list(this, message); } - else + else if (message->get_exchange_type(message) == INFORMATIONAL) { - if (this->roam) + if (this->update) { message->add_notify(message, FALSE, UPDATE_SA_ADDRESSES, chunk_empty); + update_children(this); } if (this->address) { build_address_list(this, message); } - - this->natd = ike_natd_create(this->ike_sa, this->initiator); - this->natd->task.build(&this->natd->task, message); - update_children(this); + if (this->natd) + { + this->natd->task.build(&this->natd->task, message); + } } - return NEED_MORE; } @@ -267,7 +324,7 @@ static status_t process_r(private_ike_mobike_t *this, message_t *message) else if (message->get_exchange_type(message) == INFORMATIONAL) { process_payloads(this, message); - if (this->roam) + if (this->update) { host_t *me, *other; @@ -306,7 +363,7 @@ static status_t build_r(private_ike_mobike_t *this, message_t *message) { this->natd->task.build(&this->natd->task, message); } - if (this->roam) + if (this->update) { update_children(this); } @@ -324,7 +381,6 @@ static status_t process_i(private_ike_mobike_t *this, message_t *message) message->get_payload(message, SECURITY_ASSOCIATION)) { process_payloads(this, message); - return SUCCESS; } else if (message->get_exchange_type(message) == INFORMATIONAL) @@ -341,11 +397,40 @@ static status_t process_i(private_ike_mobike_t *this, message_t *message) { this->natd->task.process(&this->natd->task, message); } - if (this->roam) + if (this->update) { /* update again, as NAT state may have changed */ update_children(this); } + if (this->check) + { + host_t *me_new, *me_old, *other_new, *other_old; + + me_new = message->get_destination(message); + other_new = message->get_source(message); + me_old = this->ike_sa->get_my_host(this->ike_sa); + other_old = this->ike_sa->get_other_host(this->ike_sa); + + if (!me_new->equals(me_new, me_old)) + { + this->update = TRUE; + this->ike_sa->set_my_host(this->ike_sa, me_new->clone(me_new)); + } + if (!other_new->equals(other_new, other_old)) + { + this->update = TRUE; + this->ike_sa->set_other_host(this->ike_sa, other_new->clone(other_new)); + } + if (this->update) + { + /* start the update with the same task */ + this->check = FALSE; + this->address = FALSE; + this->natd = ike_natd_create(this->ike_sa, this->initiator); + this->ike_sa->set_pending_updates(this->ike_sa, 1); + return NEED_MORE; + } + } return SUCCESS; } return NEED_MORE; @@ -356,12 +441,20 @@ static status_t process_i(private_ike_mobike_t *this, message_t *message) */ static void roam(private_ike_mobike_t *this, bool address) { - this->roam = TRUE; + this->check = TRUE; this->address = address; this->ike_sa->set_pending_updates(this->ike_sa, this->ike_sa->get_pending_updates(this->ike_sa) + 1); } +/** + * Implementation of ike_mobike_t.is_probing. + */ +static bool is_probing(private_ike_mobike_t *this) +{ + return this->check; +} + /** * Implementation of task_t.get_type */ @@ -404,6 +497,8 @@ ike_mobike_t *ike_mobike_create(ike_sa_t *ike_sa, bool initiator) private_ike_mobike_t *this = malloc_thing(private_ike_mobike_t); this->public.roam = (void(*)(ike_mobike_t*,bool))roam; + this->public.transmit = (void(*)(ike_mobike_t*,packet_t*))transmit; + this->public.is_probing = (bool(*)(ike_mobike_t*))is_probing; this->public.task.get_type = (task_type_t(*)(task_t*))get_type; this->public.task.migrate = (void(*)(task_t*,ike_sa_t*))migrate; this->public.task.destroy = (void(*)(task_t*))destroy; @@ -421,7 +516,8 @@ ike_mobike_t *ike_mobike_create(ike_sa_t *ike_sa, bool initiator) this->ike_sa = ike_sa; this->initiator = initiator; - this->roam = FALSE; + this->update = FALSE; + this->check = FALSE; this->address = TRUE; this->cookie2 = chunk_empty; this->natd = NULL; diff --git a/src/charon/sa/tasks/ike_mobike.h b/src/charon/sa/tasks/ike_mobike.h index db493c459..bb5150723 100644 --- a/src/charon/sa/tasks/ike_mobike.h +++ b/src/charon/sa/tasks/ike_mobike.h @@ -28,6 +28,7 @@ typedef struct ike_mobike_t ike_mobike_t; #include #include #include +#include /** * @brief Task of type ike_mobike, detects and handles MOBIKE extension. @@ -58,6 +59,26 @@ struct ike_mobike_t { * @param address TRUE to include address list update */ void (*roam)(ike_mobike_t *this, bool address); + + /** + * @brief Transmision hook, called by task manager. + * + * The task manager calls this hook whenever it transmits a packet. It + * allows the mobike task to send the packet on multiple paths to do path + * probing. + * + * @param this calling object + * @param packet the packet to transmit + */ + void (*transmit)(ike_mobike_t *this, packet_t *packet); + + /** + * @brief Check if this task is probing for routability. + * + * @param this calling object + * @return TRUE if task is probing + */ + bool (*is_probing)(ike_mobike_t *this); }; /** diff --git a/src/charon/sa/tasks/ike_natd.c b/src/charon/sa/tasks/ike_natd.c index 84a28d024..4c64ff8ba 100644 --- a/src/charon/sa/tasks/ike_natd.c +++ b/src/charon/sa/tasks/ike_natd.c @@ -26,6 +26,7 @@ #include #include +#include #include #include @@ -90,7 +91,7 @@ static chunk_t generate_natd_hash(private_ike_natd_t *this, u_int64_t spi_i, spi_r; u_int16_t port; - /* prepare all requred chunks */ + /* prepare all required chunks */ spi_i = ike_sa_id->get_initiator_spi(ike_sa_id); spi_r = ike_sa_id->get_responder_spi(ike_sa_id); spi_i_chunk.ptr = (void*)&spi_i; @@ -112,6 +113,25 @@ static chunk_t generate_natd_hash(private_ike_natd_t *this, return natd_hash; } +/** + * build a faked NATD payload to enforce UDP encap + */ +static chunk_t generate_natd_hash_faked(private_ike_natd_t *this) +{ + randomizer_t *randomizer; + chunk_t chunk; + + randomizer = randomizer_create(); + if (randomizer->allocate_pseudo_random_bytes(randomizer, HASH_SIZE_SHA1, + &chunk) != SUCCESS) + { + DBG1(DBG_IKE, "unable to get random bytes for NATD fake"); + chunk = chunk_empty; + } + randomizer->destroy(randomizer); + return chunk; +} + /** * Build a NAT detection notify payload. */ @@ -120,12 +140,21 @@ static notify_payload_t *build_natd_payload(private_ike_natd_t *this, { chunk_t hash; notify_payload_t *notify; - ike_sa_id_t *ike_sa_id; + ike_sa_id_t *ike_sa_id; + ike_cfg_t *config; ike_sa_id = this->ike_sa->get_id(this->ike_sa); + config = this->ike_sa->get_ike_cfg(this->ike_sa); + if (config->force_encap(config) && type == NAT_DETECTION_SOURCE_IP) + { + hash = generate_natd_hash_faked(this); + } + else + { + hash = generate_natd_hash(this, ike_sa_id, host); + } notify = notify_payload_create(); notify->set_notify_type(notify, type); - hash = generate_natd_hash(this, ike_sa_id, host); notify->set_notification_data(notify, hash); chunk_free(&hash); @@ -143,11 +172,12 @@ static void process_payloads(private_ike_natd_t *this, message_t *message) chunk_t hash, src_hash, dst_hash; ike_sa_id_t *ike_sa_id; host_t *me, *other; + ike_cfg_t *config; /* Precompute NAT-D hashes for incoming NAT notify comparison */ ike_sa_id = message->get_ike_sa_id(message); - me = this->ike_sa->get_my_host(this->ike_sa); - other = this->ike_sa->get_other_host(this->ike_sa); + me = message->get_destination(message); + other = message->get_source(message); dst_hash = generate_natd_hash(this, ike_sa_id, me); src_hash = generate_natd_hash(this, ike_sa_id, other); @@ -208,7 +238,13 @@ static void process_payloads(private_ike_natd_t *this, message_t *message) this->ike_sa->set_condition(this->ike_sa, COND_NAT_HERE, !this->dst_matched); this->ike_sa->set_condition(this->ike_sa, COND_NAT_THERE, - !this->src_matched); + !this->src_matched); + config = this->ike_sa->get_ike_cfg(this->ike_sa); + if (this->dst_matched && this->src_matched && + config->force_encap(config)) + { + this->ike_sa->set_condition(this->ike_sa, COND_NAT_FAKE, TRUE); + } } } @@ -218,18 +254,46 @@ static void process_payloads(private_ike_natd_t *this, message_t *message) static status_t process_i(private_ike_natd_t *this, message_t *message) { process_payloads(this, message); - - /* if peer supports NAT-T, we switch to port 4500 even - * if no NAT is detected. MOBIKE requires this. */ - if (message->get_exchange_type(message) == IKE_SA_INIT && - this->ike_sa->supports_extension(this->ike_sa, EXT_NATT)) - { - host_t *me, *other; - me = this->ike_sa->get_my_host(this->ike_sa); - me->set_port(me, IKEV2_NATT_PORT); - other = this->ike_sa->get_other_host(this->ike_sa); - other->set_port(other, IKEV2_NATT_PORT); + if (message->get_exchange_type(message) == IKE_SA_INIT) + { + peer_cfg_t *peer_cfg = this->ike_sa->get_peer_cfg(this->ike_sa); + +#ifdef P2P + /* if we are on a mediated connection we have already switched to + * port 4500 and the correct destination port is already configured, + * therefore we must not switch again */ + if (peer_cfg->get_mediated_by(peer_cfg)) + { + return SUCCESS; + } +#endif /* P2P */ + + if (this->ike_sa->has_condition(this->ike_sa, COND_NAT_ANY) || +#ifdef P2P + /* if we are on a mediation connection we swith to port 4500 even + * if no NAT is detected. */ + peer_cfg->is_mediation(peer_cfg) || +#endif /* P2P */ + /* if peer supports NAT-T, we switch to port 4500 even + * if no NAT is detected. MOBIKE requires this. */ + (peer_cfg->use_mobike(peer_cfg) && + this->ike_sa->supports_extension(this->ike_sa, EXT_NATT))) + { + host_t *me, *other; + + /* do not switch if we have a custom port from mobike/NAT */ + me = this->ike_sa->get_my_host(this->ike_sa); + if (me->get_port(me) == IKEV2_UDP_PORT) + { + me->set_port(me, IKEV2_NATT_PORT); + } + other = this->ike_sa->get_other_host(this->ike_sa); + if (other->get_port(other) == IKEV2_UDP_PORT) + { + other->set_port(other, IKEV2_NATT_PORT); + } + } } return SUCCESS; @@ -245,7 +309,7 @@ static status_t build_i(private_ike_natd_t *this, message_t *message) host_t *host; /* destination is always set */ - host = this->ike_sa->get_other_host(this->ike_sa); + host = message->get_destination(message); notify = build_natd_payload(this, NAT_DETECTION_DESTINATION_IP, host); message->add_payload(message, (payload_t*)notify); @@ -254,7 +318,7 @@ static status_t build_i(private_ike_natd_t *this, message_t *message) * 2. We do a routing lookup in the kernel interface * 3. Include all possbile addresses */ - host = this->ike_sa->get_my_host(this->ike_sa); + host = message->get_source(message); if (!host->is_anyaddr(host)) { /* 1. */ notify = build_natd_payload(this, NAT_DETECTION_SOURCE_IP, host); @@ -305,11 +369,11 @@ static status_t build_r(private_ike_natd_t *this, message_t *message) if (this->src_seen && this->dst_seen) { /* initiator seems to support NAT detection, add response */ - me = this->ike_sa->get_my_host(this->ike_sa); + me = message->get_source(message); notify = build_natd_payload(this, NAT_DETECTION_SOURCE_IP, me); message->add_payload(message, (payload_t*)notify); - other = this->ike_sa->get_other_host(this->ike_sa); + other = message->get_destination(message); notify = build_natd_payload(this, NAT_DETECTION_DESTINATION_IP, other); message->add_payload(message, (payload_t*)notify); } diff --git a/src/charon/sa/tasks/ike_p2p.c b/src/charon/sa/tasks/ike_p2p.c new file mode 100644 index 000000000..de5a2e30e --- /dev/null +++ b/src/charon/sa/tasks/ike_p2p.c @@ -0,0 +1,851 @@ +/** + * @file ike_p2p.c + * + * @brief Implementation of the ike_p2p task. + * + */ + +/* + * Copyright (C) 2007 Tobias Brunner + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "ike_p2p.h" + +#include + +#include +#include +#include +#include +#include +#include + +#define P2P_SESSIONID_LEN 8 +#define P2P_SESSIONKEY_LEN 16 + +// FIXME: proposed values +#define P2P_SESSIONID_MIN_LEN 4 +#define P2P_SESSIONID_MAX_LEN 16 +#define P2P_SESSIONKEY_MIN_LEN 8 +#define P2P_SESSIONKEY_MAX_LEN 64 + + +typedef struct private_ike_p2p_t private_ike_p2p_t; + +/** + * Private members of a ike_p2p_t task. + */ +struct private_ike_p2p_t { + + /** + * Public methods and task_t interface. + */ + ike_p2p_t public; + + /** + * Assigned IKE_SA. + */ + ike_sa_t *ike_sa; + + /** + * Are we the initiator? + */ + bool initiator; + + /** + * Is this a mediation connection? + */ + bool mediation; + + /** + * Is this the response from another peer? + */ + bool response; + + /** + * Gathered endpoints + */ + linked_list_t *local_endpoints; + + /** + * Parsed endpoints + */ + linked_list_t *remote_endpoints; + + /** + * Did the peer request a callback? + */ + bool callback; + + /** + * Did the connect fail? + */ + bool failed; + + /** + * Was there anything wrong with the payloads? + */ + bool invalid_syntax; + + /** + * The requested peer + */ + identification_t *peer_id; + /** + * Received ID used for connectivity checks + */ + chunk_t session_id; + + /** + * Received key used for connectivity checks + */ + chunk_t session_key; + + /** + * Peer config of the mediated connection + */ + peer_cfg_t *mediated_cfg; + +}; + +// ----------------------------------------------------------------------------- + +/** + * Adds a list of endpoints as notifies to a given message + */ +static void add_endpoints_to_message(message_t *message, linked_list_t *endpoints) +{ + iterator_t *iterator; + endpoint_notify_t *endpoint; + + iterator = endpoints->create_iterator(endpoints, TRUE); + while (iterator->iterate(iterator, (void**)&endpoint)) + { + message->add_payload(message, (payload_t*)endpoint->build_notify(endpoint)); + } + iterator->destroy(iterator); +} + +/** + * Gathers endpoints and adds them to the current message + */ +static void gather_and_add_endpoints(private_ike_p2p_t *this, message_t *message) +{ + iterator_t *iterator; + host_t *addr, *host; + u_int16_t port; + + // get the port that is used to communicate with the ms + host = this->ike_sa->get_my_host(this->ike_sa); + port = host->get_port(host); + + iterator = charon->kernel_interface->create_address_iterator( + charon->kernel_interface); + while (iterator->iterate(iterator, (void**)&addr)) + { + host = addr->clone(addr); + host->set_port(host, port); + + this->local_endpoints->insert_last(this->local_endpoints, + endpoint_notify_create_from_host(HOST, host, NULL)); + + host->destroy(host); + } + iterator->destroy(iterator); + + host = this->ike_sa->get_server_reflexive_host(this->ike_sa); + if (host) + { + this->local_endpoints->insert_last(this->local_endpoints, + endpoint_notify_create_from_host(SERVER_REFLEXIVE, host, + this->ike_sa->get_my_host(this->ike_sa))); + } + + add_endpoints_to_message(message, this->local_endpoints); +} + +/** + * read notifys from message and evaluate them + */ +static void process_payloads(private_ike_p2p_t *this, message_t *message) +{ + iterator_t *iterator; + payload_t *payload; + + iterator = message->get_payload_iterator(message); + while (iterator->iterate(iterator, (void**)&payload)) + { + if (payload->get_type(payload) != NOTIFY) + { + continue; + } + + notify_payload_t *notify = (notify_payload_t*)payload; + + switch (notify->get_notify_type(notify)) + { + case P2P_CONNECT_FAILED: + { + DBG2(DBG_IKE, "received P2P_CONNECT_FAILED notify"); + this->failed = TRUE; + break; + } + case P2P_MEDIATION: + { + DBG2(DBG_IKE, "received P2P_MEDIATION notify"); + this->mediation = TRUE; + break; + } + case P2P_ENDPOINT: + { + endpoint_notify_t *endpoint = endpoint_notify_create_from_payload(notify); + if (!endpoint) + { + DBG1(DBG_IKE, "received invalid P2P_ENDPOINT notify"); + break; + } + DBG2(DBG_IKE, "received P2P_ENDPOINT notify"); + + this->remote_endpoints->insert_last(this->remote_endpoints, endpoint); + break; + } + case P2P_CALLBACK: + { + DBG2(DBG_IKE, "received P2P_CALLBACK notify"); + this->callback = TRUE; + break; + } + case P2P_SESSIONID: + { + chunk_free(&this->session_id); + this->session_id = chunk_clone(notify->get_notification_data(notify)); + DBG3(DBG_IKE, "received p2p_sessionid %B", &this->session_id); + break; + } + case P2P_SESSIONKEY: + { + chunk_free(&this->session_key); + this->session_key = chunk_clone(notify->get_notification_data(notify)); + DBG4(DBG_IKE, "received p2p_sessionkey %B", &this->session_key); + break; + } + case P2P_RESPONSE: + { + DBG2(DBG_IKE, "received P2P_RESPONSE notify"); + this->response = TRUE; + break; + } + default: + break; + } + } + iterator->destroy(iterator); +} + +// ----------------------------------------------------------------------------- + +/** + * Implementation of task_t.process for initiator + */ +static status_t build_i(private_ike_p2p_t *this, message_t *message) +{ + switch(message->get_exchange_type(message)) + { + case IKE_SA_INIT: + { + peer_cfg_t *peer_cfg = this->ike_sa->get_peer_cfg(this->ike_sa); + if (peer_cfg->is_mediation(peer_cfg)) + { + DBG2(DBG_IKE, "adding P2P_MEDIATION"); + message->add_notify(message, FALSE, P2P_MEDIATION, chunk_empty); + } + else + { + return SUCCESS; + } + break; + } + case IKE_AUTH: + { + if (this->ike_sa->has_condition(this->ike_sa, COND_NAT_HERE)) + { + endpoint_notify_t *endpoint = endpoint_notify_create_from_host(SERVER_REFLEXIVE, NULL, NULL); + message->add_payload(message, (payload_t*)endpoint->build_notify(endpoint)); + endpoint->destroy(endpoint); + } + break; + } + case P2P_CONNECT: + { + id_payload_t *id_payload; + randomizer_t *rand = randomizer_create(); + + id_payload = id_payload_create_from_identification(ID_PEER, this->peer_id); + message->add_payload(message, (payload_t*)id_payload); + + if (!this->response) + { + // only the initiator creates a session ID. the responder returns + // the session ID that it received from the initiator + if (rand->allocate_pseudo_random_bytes(rand, + P2P_SESSIONID_LEN, &this->session_id) != SUCCESS) + { + DBG1(DBG_IKE, "unable to generate session ID for P2P_CONNECT"); + rand->destroy(rand); + return FAILED; + } + } + + if (rand->allocate_pseudo_random_bytes(rand, + P2P_SESSIONKEY_LEN, &this->session_key) != SUCCESS) + { + DBG1(DBG_IKE, "unable to generate session key for P2P_CONNECT"); + rand->destroy(rand); + return FAILED; + } + + rand->destroy(rand); + + message->add_notify(message, FALSE, P2P_SESSIONID, this->session_id); + message->add_notify(message, FALSE, P2P_SESSIONKEY, this->session_key); + + if (this->response) + { + message->add_notify(message, FALSE, P2P_RESPONSE, chunk_empty); + } + else + { + // FIXME: should we make that configurable + message->add_notify(message, FALSE, P2P_CALLBACK, chunk_empty); + } + + gather_and_add_endpoints(this, message); + + break; + } + } + + return NEED_MORE; +} + +/** + * Implementation of task_t.process for responder + */ +static status_t process_r(private_ike_p2p_t *this, message_t *message) +{ + switch(message->get_exchange_type(message)) + { + case P2P_CONNECT: + { + id_payload_t *id_payload; + id_payload = (id_payload_t*)message->get_payload(message, ID_PEER); + if (!id_payload) + { + DBG1(DBG_IKE, "received P2P_CONNECT without ID_PEER payload, aborting"); + break; + } + this->peer_id = id_payload->get_identification(id_payload); + + process_payloads(this, message); + + if (this->callback) + { + DBG1(DBG_IKE, "received P2P_CALLBACK for '%D'", this->peer_id); + break; + } + + if (!this->session_id.ptr) + { + DBG1(DBG_IKE, "received P2P_CONNECT without P2P_SESSIONID notify, aborting"); + this->invalid_syntax = TRUE; + break; + } + + if (!this->session_key.ptr) + { + DBG1(DBG_IKE, "received P2P_CONNECT without P2P_SESSIONKEY notify, aborting"); + this->invalid_syntax = TRUE; + break; + } + + if (!this->remote_endpoints->get_count(this->remote_endpoints)) + { + DBG1(DBG_IKE, "received P2P_CONNECT without any P2P_ENDPOINT payloads, aborting"); + this->invalid_syntax = TRUE; + break; + } + + DBG1(DBG_IKE, "received P2P_CONNECT"); + + break; + } + } + + return NEED_MORE; +} + +/** + * Implementation of task_t.build for responder + */ +static status_t build_r(private_ike_p2p_t *this, message_t *message) +{ + switch(message->get_exchange_type(message)) + { + case P2P_CONNECT: + { + if (this->invalid_syntax) + { + message->add_notify(message, TRUE, INVALID_SYNTAX, chunk_empty); + break; + } + + if (this->callback) + { + charon->connect_manager->check_and_initiate(charon->connect_manager, + this->ike_sa->get_id(this->ike_sa), + this->ike_sa->get_my_id(this->ike_sa), this->peer_id); + return SUCCESS; + } + + if (this->response) + { + // FIXME: handle result of set_responder_data + // as initiator, upon receiving a response from another peer, + // update the checklist and start sending checks + charon->connect_manager->set_responder_data(charon->connect_manager, + this->session_id, this->session_key, this->remote_endpoints); + } + else + { + // FIXME: handle result of set_initiator_data + // as responder, create a checklist with the initiator's data + charon->connect_manager->set_initiator_data(charon->connect_manager, + this->peer_id, this->ike_sa->get_my_id(this->ike_sa), + this->session_id, this->session_key, this->remote_endpoints, + FALSE); + if (this->ike_sa->respond(this->ike_sa, this->peer_id, + this->session_id) != SUCCESS) + { + return FAILED; + } + } + + break; + } + } + return SUCCESS; +} + +/** + * Implementation of task_t.process for initiator + */ +static status_t process_i(private_ike_p2p_t *this, message_t *message) +{ + switch(message->get_exchange_type(message)) + { + case IKE_SA_INIT: + { + process_payloads(this, message); + + if (!this->mediation) + { + DBG1(DBG_IKE, "server did not return a P2P_MEDIATION, aborting"); + return FAILED; + } + + return NEED_MORE; + } + case IKE_AUTH: + { + process_payloads(this, message); + + //FIXME: we should update the server reflexive endpoint somehow, if mobike notices a change + + endpoint_notify_t *reflexive; + if (this->remote_endpoints->get_first(this->remote_endpoints, (void**)&reflexive) == SUCCESS && + reflexive->get_type(reflexive) == SERVER_REFLEXIVE) + {//FIXME: should we accept this endpoint even if we did not send a request? + host_t *endpoint = reflexive->get_host(reflexive); + DBG2(DBG_IKE, "received server reflexive endpoint %#H", endpoint); + + this->ike_sa->set_server_reflexive_host(this->ike_sa, endpoint->clone(endpoint)); + } + + // FIXME: what if it failed? e.g. AUTH failure + SIG(CHILD_UP_SUCCESS, "established mediation connection without CHILD_SA successfully"); + + break; + } + case P2P_CONNECT: + { + process_payloads(this, message); + + if (this->failed) + { + DBG1(DBG_IKE, "peer '%D' is not online", this->peer_id); + // FIXME: notify the mediated connection (job?) + // FIXME: probably delete the created checklist, at least as responder + } + else + { + if (this->response) + { + // FIXME: handle result of set_responder_data + // as responder, we update the checklist and start sending checks + charon->connect_manager->set_responder_data(charon->connect_manager, + this->session_id, this->session_key, this->local_endpoints); + } + else + { + // FIXME: handle result of set_initiator_data + // as initiator, we create a checklist and set the initiator's data + charon->connect_manager->set_initiator_data(charon->connect_manager, + this->ike_sa->get_my_id(this->ike_sa), this->peer_id, + this->session_id, this->session_key, this->local_endpoints, + TRUE); + } + } + break; + } + } + return SUCCESS; +} + +// ----------------------------------------------------------------------------- + +/** + * Implementation of task_t.process for initiator (mediation server) + */ +static status_t build_i_ms(private_ike_p2p_t *this, message_t *message) +{ + switch(message->get_exchange_type(message)) + { + case P2P_CONNECT: + { + id_payload_t *id_payload = id_payload_create_from_identification(ID_PEER, this->peer_id); + message->add_payload(message, (payload_t*)id_payload); + + if (this->callback) + { + message->add_notify(message, FALSE, P2P_CALLBACK, chunk_empty); + } + else + { + notify_payload_t *notify; + + if (this->response) + { + message->add_notify(message, FALSE, P2P_RESPONSE, chunk_empty); + } + + message->add_notify(message, FALSE, P2P_SESSIONID, this->session_id); + message->add_notify(message, FALSE, P2P_SESSIONKEY, this->session_key); + + add_endpoints_to_message(message, this->remote_endpoints); + } + + break; + } + } + + return NEED_MORE; +} + +/** + * Implementation of task_t.process for responder (mediation server) + */ +static status_t process_r_ms(private_ike_p2p_t *this, message_t *message) +{ + switch(message->get_exchange_type(message)) + { + case IKE_SA_INIT: + { + process_payloads(this, message); + return this->mediation ? NEED_MORE : SUCCESS; + } + case IKE_AUTH: + { + process_payloads(this, message); + break; + } + case P2P_CONNECT: + { + id_payload_t *id_payload; + id_payload = (id_payload_t*)message->get_payload(message, ID_PEER); + if (!id_payload) + { + DBG1(DBG_IKE, "received P2P_CONNECT without ID_PEER payload, aborting"); + this->invalid_syntax = TRUE; + break; + } + + this->peer_id = id_payload->get_identification(id_payload); + + process_payloads(this, message); + + if (!this->session_id.ptr) + { + DBG1(DBG_IKE, "received P2P_CONNECT without P2P_SESSIONID notify, aborting"); + this->invalid_syntax = TRUE; + break; + } + + if (!this->session_key.ptr) + { + DBG1(DBG_IKE, "received P2P_CONNECT without P2P_SESSIONKEY notify, aborting"); + this->invalid_syntax = TRUE; + break; + } + + if (!this->remote_endpoints->get_count(this->remote_endpoints)) + { + DBG1(DBG_IKE, "received P2P_CONNECT without any P2P_ENDPOINT payloads, aborting"); + this->invalid_syntax = TRUE; + break; + } + + break; + } + } + + return NEED_MORE; +} + +/** + * Implementation of task_t.build for responder (mediation server) + */ +static status_t build_r_ms(private_ike_p2p_t *this, message_t *message) +{ + switch(message->get_exchange_type(message)) + { + case IKE_SA_INIT: + { + message->add_notify(message, FALSE, P2P_MEDIATION, chunk_empty); + return NEED_MORE; + } + case IKE_AUTH: + { + endpoint_notify_t *endpoint; + if (this->remote_endpoints->get_first(this->remote_endpoints, (void**)&endpoint) == SUCCESS && + endpoint->get_type(endpoint) == SERVER_REFLEXIVE) + { + host_t *host = this->ike_sa->get_other_host(this->ike_sa); + + DBG2(DBG_IKE, "received request for a server reflexive endpoint " + "sending: %#H", host); + + endpoint = endpoint_notify_create_from_host(SERVER_REFLEXIVE, host, NULL); + message->add_payload(message, (payload_t*)endpoint->build_notify(endpoint)); + } + + charon->mediation_manager->update_sa_id(charon->mediation_manager, + this->ike_sa->get_other_id(this->ike_sa), + this->ike_sa->get_id(this->ike_sa)); + + SIG(CHILD_UP_SUCCESS, "established mediation connection without CHILD_SA successfully"); + + break; + } + case P2P_CONNECT: + { + if (this->invalid_syntax) + { + message->add_notify(message, TRUE, INVALID_SYNTAX, chunk_empty); + break; + } + + ike_sa_id_t *peer_sa; + if (this->callback) + { + peer_sa = charon->mediation_manager->check_and_register(charon->mediation_manager, + this->peer_id, this->ike_sa->get_other_id(this->ike_sa)); + } + else + { + peer_sa = charon->mediation_manager->check(charon->mediation_manager, + this->peer_id); + } + + if (!peer_sa) + { + // the peer is not online + message->add_notify(message, TRUE, P2P_CONNECT_FAILED, chunk_empty); + break; + } + + job_t *job = (job_t*)mediation_job_create(this->peer_id, + this->ike_sa->get_other_id(this->ike_sa), this->session_id, + this->session_key, this->remote_endpoints, this->response); + charon->processor->queue_job(charon->processor, job); + + break; + } + } + return SUCCESS; +} + +/** + * Implementation of task_t.process for initiator (mediation server) + */ +static status_t process_i_ms(private_ike_p2p_t *this, message_t *message) +{ + switch(message->get_exchange_type(message)) + { + case P2P_CONNECT: + { + break; + } + } + return SUCCESS; +} + +// ----------------------------------------------------------------------------- + +/** + * Implementation of ike_p2p.connect + */ +static void p2p_connect(private_ike_p2p_t *this, identification_t *peer_id) +{ + this->peer_id = peer_id->clone(peer_id); +} + +/** + * Implementation of ike_p2p.respond + */ +static void p2p_respond(private_ike_p2p_t *this, identification_t *peer_id, + chunk_t session_id) +{ + this->peer_id = peer_id->clone(peer_id); + this->session_id = chunk_clone(session_id); + this->response = TRUE; +} + +/** + * Implementation of ike_p2p.callback + */ +static void p2p_callback(private_ike_p2p_t *this, identification_t *peer_id) +{ + this->peer_id = peer_id->clone(peer_id); + this->callback = TRUE; +} + +/** + * Implementation of ike_p2p.relay + */ +static void relay(private_ike_p2p_t *this, identification_t *requester, chunk_t session_id, + chunk_t session_key, linked_list_t *endpoints, bool response) +{ + this->peer_id = requester->clone(requester); + this->session_id = chunk_clone(session_id); + this->session_key = chunk_clone(session_key); + this->remote_endpoints = endpoints->clone_offset(endpoints, offsetof(endpoint_notify_t, clone)); + this->response = response; +} + +/** + * Implementation of task_t.get_type + */ +static task_type_t get_type(private_ike_p2p_t *this) +{ + return IKE_P2P; +} + +/** + * Implementation of task_t.migrate + */ +static void migrate(private_ike_p2p_t *this, ike_sa_t *ike_sa) +{ + this->ike_sa = ike_sa; +} + +/** + * Implementation of task_t.destroy + */ +static void destroy(private_ike_p2p_t *this) +{ + DESTROY_IF(this->peer_id); + + chunk_free(&this->session_id); + chunk_free(&this->session_key); + + this->local_endpoints->destroy_offset(this->local_endpoints, offsetof(endpoint_notify_t, destroy)); + this->remote_endpoints->destroy_offset(this->remote_endpoints, offsetof(endpoint_notify_t, destroy)); + + DESTROY_IF(this->mediated_cfg); + free(this); +} + +/* + * Described in header. + */ +ike_p2p_t *ike_p2p_create(ike_sa_t *ike_sa, bool initiator) +{ + private_ike_p2p_t *this = malloc_thing(private_ike_p2p_t); + + this->public.task.get_type = (task_type_t(*)(task_t*))get_type; + this->public.task.migrate = (void(*)(task_t*,ike_sa_t*))migrate; + this->public.task.destroy = (void(*)(task_t*))destroy; + + ike_sa_id_t *id = ike_sa->get_id(ike_sa); + if (id->is_initiator(id)) + { + if (initiator) + { + this->public.task.build = (status_t(*)(task_t*,message_t*))build_i; + this->public.task.process = (status_t(*)(task_t*,message_t*))process_i; + } + else + { + this->public.task.build = (status_t(*)(task_t*,message_t*))build_r; + this->public.task.process = (status_t(*)(task_t*,message_t*))process_r; + } + } + else + { + // mediation server + if (initiator) + { + this->public.task.build = (status_t(*)(task_t*,message_t*))build_i_ms; + this->public.task.process = (status_t(*)(task_t*,message_t*))process_i_ms; + } + else + { + this->public.task.build = (status_t(*)(task_t*,message_t*))build_r_ms; + this->public.task.process = (status_t(*)(task_t*,message_t*))process_r_ms; + } + } + + this->public.connect = (void(*)(ike_p2p_t*,identification_t*))p2p_connect; + this->public.respond = (void(*)(ike_p2p_t*,identification_t*,chunk_t))p2p_respond; + this->public.callback = (void(*)(ike_p2p_t*,identification_t*))p2p_callback; + this->public.relay = (void(*)(ike_p2p_t*,identification_t*,chunk_t,chunk_t,linked_list_t*,bool))relay; + + this->ike_sa = ike_sa; + this->initiator = initiator; + + this->peer_id = NULL; + this->session_id = chunk_empty; + this->session_key = chunk_empty; + this->local_endpoints = linked_list_create(); + this->remote_endpoints = linked_list_create(); + this->mediation = FALSE; + this->response = FALSE; + this->callback = FALSE; + this->failed = FALSE; + this->invalid_syntax = FALSE; + + this->mediated_cfg = NULL; + + return &this->public; +} diff --git a/src/charon/sa/tasks/ike_p2p.h b/src/charon/sa/tasks/ike_p2p.h new file mode 100644 index 000000000..327ac49d8 --- /dev/null +++ b/src/charon/sa/tasks/ike_p2p.h @@ -0,0 +1,110 @@ +/** + * @file ike_p2p.h + * + * @brief Interface ike_p2p_t. + * + */ + +/* + * Copyright (C) 2007 Tobias Brunner + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#ifndef IKE_P2P_H_ +#define IKE_P2P_H_ + +typedef struct ike_p2p_t ike_p2p_t; + +#include +#include +#include + +/** + * @brief Task of type IKE_P2P, detects and handles P2P-NAT-T extensions. + * + * This tasks handles the P2P_MEDIATION notify exchange to setup a mediation + * connection, allows to initiate mediated connections using P2P_CONNECT + * exchanges and to request reflexive addresses from the mediation server using + * P2P_ENDPOINT notifies. + * + * @note This task has to be activated before the IKE_AUTH task, because that + * task generates the IKE_SA_INIT message so that no more payloads can be added + * to it afterwards. + * + * @b Constructors: + * - ike_p2p_create() + * + * @ingroup tasks + */ +struct ike_p2p_t { + + /** + * Implements the task_t interface + */ + task_t task; + + /** + * @brief Initiates a connection with another peer (i.e. sends a P2P_CONNECT + * to the mediation server) + * + * @param this object + * @param peer_id ID of the other peer (gets cloned) + */ + void (*connect)(ike_p2p_t *this, identification_t *peer_id); + + /** + * @brief Responds to a P2P_CONNECT from another peer (i.e. sends a P2P_CONNECT + * to the mediation server) + * + * @param this object + * @param peer_id ID of the other peer (gets cloned) + * @param session_id the session ID as provided by the initiator (gets cloned) + */ + void (*respond)(ike_p2p_t *this, identification_t *peer_id, chunk_t session_id); + + /** + * @brief Sends a P2P_CALLBACK to a peer that previously requested another peer. + * + * @param this object + * @param peer_id ID of the other peer (gets cloned) + */ + void (*callback)(ike_p2p_t *this, identification_t *peer_id); + + /** + * @brief Relays data to another peer (i.e. sends a P2P_CONNECT to the peer) + * + * Data gets cloned. + * + * @param this object + * @param requester ID of the requesting peer + * @param session_id content of the P2P_SESSIONID notify + * @param session_key content of the P2P_SESSIONKEY notify + * @param endpoints endpoints + * @param response TRUE if this is a response + */ + void (*relay)(ike_p2p_t *this, identification_t *requester, chunk_t session_id, + chunk_t session_key, linked_list_t *endpoints, bool response); + +}; + +/** + * @brief Create a new ike_p2p task. + * + * @param ike_sa IKE_SA this task works for + * @param initiator TRUE if taks is initiated by us + * @return ike_p2p task to handle by the task_manager + */ +ike_p2p_t *ike_p2p_create(ike_sa_t *ike_sa, bool initiator); + + +#endif /*IKE_P2P_H_*/ diff --git a/src/charon/sa/tasks/task.c b/src/charon/sa/tasks/task.c index 713403d47..e9d0c4da1 100644 --- a/src/charon/sa/tasks/task.c +++ b/src/charon/sa/tasks/task.c @@ -6,6 +6,7 @@ */ /* + * Copyright (C) 2007 Tobias Brunner * Copyright (C) 2007 Martin Willi * Hochschule fuer Technik Rapperswil * @@ -33,6 +34,9 @@ ENUM(task_type_names, IKE_INIT, CHILD_REKEY, "IKE_REAUTH", "IKE_DELETE", "IKE_DPD", +#ifdef P2P + "IKE_P2P", +#endif /* P2P */ "CHILD_CREATE", "CHILD_DELETE", "CHILD_REKEY", diff --git a/src/charon/sa/tasks/task.h b/src/charon/sa/tasks/task.h index ff60ea816..dd2bb8a83 100644 --- a/src/charon/sa/tasks/task.h +++ b/src/charon/sa/tasks/task.h @@ -6,6 +6,7 @@ */ /* + * Copyright (C) 2007 Tobias Brunner * Copyright (C) 2006 Martin Willi * Hochschule fuer Technik Rapperswil * @@ -56,6 +57,10 @@ enum task_type_t { IKE_DELETE, /** liveness check */ IKE_DPD, +#ifdef P2P + /** handle P2P-NAT-T stuff */ + IKE_P2P, +#endif /* P2P */ /** establish a CHILD_SA within an IKE_SA */ CHILD_CREATE, /** delete an established CHILD_SA */ diff --git a/src/dumm/Makefile.am b/src/dumm/Makefile.am new file mode 100644 index 000000000..3356e7a57 --- /dev/null +++ b/src/dumm/Makefile.am @@ -0,0 +1,12 @@ +lib_LTLIBRARIES = libdumm.la +ipsec_PROGRAMS = dumm + +libdumm_la_SOURCES = dumm.c dumm.h guest.c guest.h iface.c iface.h bridge.c bridge.h mconsole.c mconsole.h cowfs.h cowfs.c +dumm_SOURCES = main.c + +libdumm_la_LIBADD = $(top_builddir)/src/libstrongswan/libstrongswan.la -lpthread -lbridge -lfuse -lutil ${xml_LIBS} +dumm_LDADD = -ldumm -lreadline + +INCLUDES = -I$(top_srcdir)/src/libstrongswan ${xml_CFLAGS} + +AM_CFLAGS = -D_FILE_OFFSET_BITS=64 diff --git a/src/dumm/Makefile.in b/src/dumm/Makefile.in new file mode 100644 index 000000000..94ad6003a --- /dev/null +++ b/src/dumm/Makefile.in @@ -0,0 +1,538 @@ +# Makefile.in generated by automake 1.10 from Makefile.am. +# @configure_input@ + +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +@SET_MAKE@ + + +VPATH = @srcdir@ +pkgdatadir = $(datadir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ +ipsec_PROGRAMS = dumm$(EXEEXT) +subdir = src/dumm +DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/configure.in +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(install_sh) -d +CONFIG_CLEAN_FILES = +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; +am__installdirs = "$(DESTDIR)$(libdir)" "$(DESTDIR)$(ipsecdir)" +libLTLIBRARIES_INSTALL = $(INSTALL) +LTLIBRARIES = $(lib_LTLIBRARIES) +am__DEPENDENCIES_1 = +libdumm_la_DEPENDENCIES = \ + $(top_builddir)/src/libstrongswan/libstrongswan.la \ + $(am__DEPENDENCIES_1) +am_libdumm_la_OBJECTS = dumm.lo guest.lo iface.lo bridge.lo \ + mconsole.lo cowfs.lo +libdumm_la_OBJECTS = $(am_libdumm_la_OBJECTS) +ipsecPROGRAMS_INSTALL = $(INSTALL_PROGRAM) +PROGRAMS = $(ipsec_PROGRAMS) +am_dumm_OBJECTS = main.$(OBJEXT) +dumm_OBJECTS = $(am_dumm_OBJECTS) +dumm_DEPENDENCIES = +DEFAULT_INCLUDES = -I.@am__isrc@ +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ + $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ + $(LDFLAGS) -o $@ +SOURCES = $(libdumm_la_SOURCES) $(dumm_SOURCES) +DIST_SOURCES = $(libdumm_la_SOURCES) $(dumm_SOURCES) +ETAGS = etags +CTAGS = ctags +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMTAR = @AMTAR@ +AR = @AR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CXX = @CXX@ +CXXCPP = @CXXCPP@ +CXXDEPMODE = @CXXDEPMODE@ +CXXFLAGS = @CXXFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ +DEPDIR = @DEPDIR@ +ECHO = @ECHO@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ +F77 = @F77@ +FFLAGS = @FFLAGS@ +GPERF = @GPERF@ +GREP = @GREP@ +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@ +IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@ +LDFLAGS = @LDFLAGS@ +LEX = @LEX@ +LEXLIB = @LEXLIB@ +LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LIBTOOL = @LIBTOOL@ +LINUX_HEADERS = @LINUX_HEADERS@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAKEINFO = @MAKEINFO@ +MKDIR_P = @MKDIR_P@ +OBJEXT = @OBJEXT@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +PERL = @PERL@ +PKG_CONFIG = @PKG_CONFIG@ +RANLIB = @RANLIB@ +SED = @SED@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +STRIP = @STRIP@ +VERSION = @VERSION@ +YACC = @YACC@ +YFLAGS = @YFLAGS@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_CXX = @ac_ct_CXX@ +ac_ct_F77 = @ac_ct_F77@ +am__include = @am__include@ +am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +backenddir = @backenddir@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +builddir = @builddir@ +confdir = @confdir@ +datadir = @datadir@ +datarootdir = @datarootdir@ +dbus_CFLAGS = @dbus_CFLAGS@ +dbus_LIBS = @dbus_LIBS@ +docdir = @docdir@ +dvidir = @dvidir@ +eapdir = @eapdir@ +exec_prefix = @exec_prefix@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = @htmldir@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +interfacedir = @interfacedir@ +ipsecdir = @ipsecdir@ +ipsecgid = @ipsecgid@ +ipsecuid = @ipsecuid@ +libdir = @libdir@ +libexecdir = @libexecdir@ +linuxdir = @linuxdir@ +localedir = @localedir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +pdfdir = @pdfdir@ +piddir = @piddir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +psdir = @psdir@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +srcdir = @srcdir@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ +xml_CFLAGS = @xml_CFLAGS@ +xml_LIBS = @xml_LIBS@ +lib_LTLIBRARIES = libdumm.la +libdumm_la_SOURCES = dumm.c dumm.h guest.c guest.h iface.c iface.h bridge.c bridge.h mconsole.c mconsole.h cowfs.h cowfs.c +dumm_SOURCES = main.c +libdumm_la_LIBADD = $(top_builddir)/src/libstrongswan/libstrongswan.la -lpthread -lbridge -lfuse -lutil ${xml_LIBS} +dumm_LDADD = -ldumm -lreadline +INCLUDES = -I$(top_srcdir)/src/libstrongswan ${xml_CFLAGS} +AM_CFLAGS = -D_FILE_OFFSET_BITS=64 +all: all-am + +.SUFFIXES: +.SUFFIXES: .c .lo .o .obj +$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ + && exit 0; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/dumm/Makefile'; \ + cd $(top_srcdir) && \ + $(AUTOMAKE) --gnu src/dumm/Makefile +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +install-libLTLIBRARIES: $(lib_LTLIBRARIES) + @$(NORMAL_INSTALL) + test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)" + @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ + echo " $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \ + $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(libdir)/$$f"; \ + else :; fi; \ + done + +uninstall-libLTLIBRARIES: + @$(NORMAL_UNINSTALL) + @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ + echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \ + $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \ + done + +clean-libLTLIBRARIES: + -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES) + @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done +libdumm.la: $(libdumm_la_OBJECTS) $(libdumm_la_DEPENDENCIES) + $(LINK) -rpath $(libdir) $(libdumm_la_OBJECTS) $(libdumm_la_LIBADD) $(LIBS) +install-ipsecPROGRAMS: $(ipsec_PROGRAMS) + @$(NORMAL_INSTALL) + test -z "$(ipsecdir)" || $(MKDIR_P) "$(DESTDIR)$(ipsecdir)" + @list='$(ipsec_PROGRAMS)'; for p in $$list; do \ + p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ + if test -f $$p \ + || test -f $$p1 \ + ; then \ + f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ + echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(ipsecPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(ipsecdir)/$$f'"; \ + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(ipsecPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(ipsecdir)/$$f" || exit 1; \ + else :; fi; \ + done + +uninstall-ipsecPROGRAMS: + @$(NORMAL_UNINSTALL) + @list='$(ipsec_PROGRAMS)'; for p in $$list; do \ + f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ + echo " rm -f '$(DESTDIR)$(ipsecdir)/$$f'"; \ + rm -f "$(DESTDIR)$(ipsecdir)/$$f"; \ + done + +clean-ipsecPROGRAMS: + @list='$(ipsec_PROGRAMS)'; for p in $$list; do \ + f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f $$p $$f"; \ + rm -f $$p $$f ; \ + done +dumm$(EXEEXT): $(dumm_OBJECTS) $(dumm_DEPENDENCIES) + @rm -f dumm$(EXEEXT) + $(LINK) $(dumm_OBJECTS) $(dumm_LDADD) $(LIBS) + +mostlyclean-compile: + -rm -f *.$(OBJEXT) + +distclean-compile: + -rm -f *.tab.c + +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bridge.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/cowfs.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dumm.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/guest.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/iface.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/main.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mconsole.Plo@am__quote@ + +.c.o: +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< + +.c.obj: +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` + +.c.lo: +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs + +ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + mkid -fID $$unique +tags: TAGS + +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$tags $$unique; \ + fi +ctags: CTAGS +CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique + +GTAGS: + here=`$(am__cd) $(top_builddir) && pwd` \ + && cd $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) $$here + +distclean-tags: + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags + +distdir: $(DISTFILES) + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + fi; \ + cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + else \ + test -f $(distdir)/$$file \ + || cp -p $$d/$$file $(distdir)/$$file \ + || exit 1; \ + fi; \ + done +check-am: all-am +check: check-am +all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) +installdirs: + for dir in "$(DESTDIR)$(libdir)" "$(DESTDIR)$(ipsecdir)"; do \ + test -z "$$dir" || $(MKDIR_P) "$$dir"; \ + done +install: install-am +install-exec: install-exec-am +install-data: install-data-am +uninstall: uninstall-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-am +install-strip: + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + `test -z '$(STRIP)' || \ + echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install +mostlyclean-generic: + +clean-generic: + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." +clean: clean-am + +clean-am: clean-generic clean-ipsecPROGRAMS clean-libLTLIBRARIES \ + clean-libtool mostlyclean-am + +distclean: distclean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +distclean-am: clean-am distclean-compile distclean-generic \ + distclean-tags + +dvi: dvi-am + +dvi-am: + +html: html-am + +info: info-am + +info-am: + +install-data-am: install-ipsecPROGRAMS + +install-dvi: install-dvi-am + +install-exec-am: install-libLTLIBRARIES + +install-html: install-html-am + +install-info: install-info-am + +install-man: + +install-pdf: install-pdf-am + +install-ps: install-ps-am + +installcheck-am: + +maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-am + +mostlyclean-am: mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool + +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + +uninstall-am: uninstall-ipsecPROGRAMS uninstall-libLTLIBRARIES + +.MAKE: install-am install-strip + +.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ + clean-ipsecPROGRAMS clean-libLTLIBRARIES clean-libtool ctags \ + distclean distclean-compile distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-ipsecPROGRAMS install-libLTLIBRARIES \ + install-man install-pdf install-pdf-am install-ps \ + install-ps-am install-strip installcheck installcheck-am \ + installdirs maintainer-clean maintainer-clean-generic \ + mostlyclean mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool pdf pdf-am ps ps-am tags uninstall \ + uninstall-am uninstall-ipsecPROGRAMS uninstall-libLTLIBRARIES + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/src/dumm/bridge.c b/src/dumm/bridge.c new file mode 100644 index 000000000..c6068e60c --- /dev/null +++ b/src/dumm/bridge.c @@ -0,0 +1,171 @@ +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include +#include + +#include +#include + +#include "bridge.h" + +typedef struct private_bridge_t private_bridge_t; + +struct private_bridge_t { + /** public interface */ + bridge_t public; + /** device name */ + char *name; + /** list of attached interfaces */ + linked_list_t *ifaces; +}; + +/** + * Implementation of bridge_t.get_name. + */ +static char* get_name(private_bridge_t *this) +{ + return this->name; +} + +/** + * Implementation of bridge_t.create_iface_iterator. + */ +static iterator_t* create_iface_iterator(private_bridge_t *this) +{ + return this->ifaces->create_iterator(this->ifaces, TRUE); +} + +/** + * Implementation of bridge_t.disconnect_iface. + */ +static bool disconnect_iface(private_bridge_t *this, iface_t *iface) +{ + iterator_t *iterator; + iface_t *current; + bool good = FALSE; + + iterator = this->ifaces->create_iterator(this->ifaces, TRUE); + while (iterator->iterate(iterator, (void**)¤t)) + { + if (current == iface) + { + if (br_del_interface(this->name, iface->get_hostif(iface)) != 0) + { + DBG1("removing iface '%s' from bridge '%s' in kernel failed: %m", + iface->get_hostif(iface), this->name); + } + else + { + iface->set_bridge(iface, NULL); + good = TRUE; + } + break; + } + } + if (iface != current) + { + DBG1("iface '%s' not found on bridge '%s'", iface->get_hostif(iface), + this->name); + } + iterator->destroy(iterator); + return good; +} + +/** + * Implementation of bridge_t.connect_iface. + */ +static bool connect_iface(private_bridge_t *this, iface_t *iface) +{ + if (br_add_interface(this->name, iface->get_hostif(iface)) != 0) + { + DBG1("adding iface '%s' to bridge '%s' failed: %m", + iface->get_hostif(iface), this->name); + return FALSE; + } + iface->set_bridge(iface, &this->public); + this->ifaces->insert_last(this->ifaces, iface); + return TRUE; +} + +/** + * instance counter to (de-)initialize libbridge + */ +static int instances = 0; + +/** + * unregister an interface from bridge + */ +static void unregister(iface_t *iface) +{ + iface->set_bridge(iface, NULL); +} + +/** + * Implementation of bridge_t.destroy. + */ +static void destroy(private_bridge_t *this) +{ + this->ifaces->invoke_function(this->ifaces, (void(*)(void*))unregister); + this->ifaces->destroy(this->ifaces); + if (br_del_bridge(this->name) != 0) + { + DBG1("deleting bridge '%s' from kernel failed: %m", this->name); + } + free(this->name); + free(this); + if (--instances == 0) + { + br_shutdown(); + } +} + +/** + * create the bridge instance + */ +bridge_t *bridge_create(char *name) +{ + private_bridge_t *this; + + if (instances == 0) + { + if (br_init() != 0) + { + DBG1("libbridge initialization failed: %m"); + return NULL; + } + } + + this = malloc_thing(private_bridge_t); + this->public.get_name = (char*(*)(bridge_t*))get_name; + this->public.create_iface_iterator = (iterator_t*(*)(bridge_t*))create_iface_iterator; + this->public.disconnect_iface = (bool(*)(bridge_t*, iface_t *iface))disconnect_iface; + this->public.connect_iface = (bool(*)(bridge_t*, iface_t *iface))connect_iface; + this->public.destroy = (void*)destroy; + + if (br_add_bridge(name) != 0) + { + DBG1("creating bridge '%s' failed: %m", name); + free(this); + return NULL; + } + + this->name = strdup(name); + this->ifaces = linked_list_create(); + + instances++; + return &this->public; +} + diff --git a/src/dumm/bridge.h b/src/dumm/bridge.h new file mode 100644 index 000000000..6d28ed376 --- /dev/null +++ b/src/dumm/bridge.h @@ -0,0 +1,76 @@ +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#ifndef BRIDGE_H +#define BRIDGE_H + +#include +#include + +typedef struct bridge_t bridge_t; + +#include "iface.h" + +/** + * @brief Interface in a guest, connected to a tap device on the host. + */ +struct bridge_t { + + /** + * @brief Get the name of the bridge. + * + * @return name of the bridge + */ + char* (*get_name)(bridge_t *this); + + /** + * @brief Add an interface to a bridge. + * + * @param iface interface to add + * @return TRUE if interface added + */ + bool (*connect_iface)(bridge_t *this, iface_t *iface); + + /** + * @brief Remove an interface from a bridge. + * + * @param iface interface to remove + * @return TRUE if interface removed + */ + bool (*disconnect_iface)(bridge_t *this, iface_t *iface); + + /** + * @brief Create an iterator over all interfaces. + * + * @return iterator over iface_t's + */ + iterator_t* (*create_iface_iterator)(bridge_t *this); + + /** + * @brief Destroy a bridge + */ + void (*destroy) (bridge_t *this); +}; + +/** + * @brief Create a new bridge. + * + * @param name name of the bridge to create + * @return bridge, NULL if failed + */ +bridge_t *bridge_create(char *name); + +#endif /* BRIDGE_H */ + diff --git a/src/dumm/cowfs.c b/src/dumm/cowfs.c new file mode 100644 index 000000000..4c16c7c5d --- /dev/null +++ b/src/dumm/cowfs.c @@ -0,0 +1,913 @@ +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * Copyright (C) 2001-2007 Miklos Szeredi + * + * Based on example shipped with FUSE. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + + +#define FUSE_USE_VERSION 26 +#define _GNU_SOURCE + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "cowfs.h" + +#include +#include + +/** define _XOPEN_SOURCE 500 fails when using libstrongswan, define popen */ +extern ssize_t pread(int fd, void *buf, size_t count, off_t offset); +extern ssize_t pwrite(int fd, const void *buf, size_t count, off_t offset); + +typedef struct private_cowfs_t private_cowfs_t; + +struct private_cowfs_t { + /** public cowfs interface */ + cowfs_t public; + /** fuse channel to mountpoint */ + struct fuse_chan *chan; + /** fuse handle */ + struct fuse *fuse; + /** mountpoint of cowfs FUSE */ + char *mount; + /** master filesystem path */ + char *master; + /** host filesystem path */ + char *host; + /** overlay filesystem path */ + char *over; + /** fd of read only master filesystem */ + int master_fd; + /** copy on write overlay to master */ + int host_fd; + /** optional COW overlay */ + int over_fd; + /** thread processing FUSE */ + pthread_t thread; +}; + +/** + * get this pointer stored in fuse context + */ +static private_cowfs_t *get_this() +{ + return (fuse_get_context())->private_data; +} + +/** + * make a path relative + */ +static void rel(const char **path) +{ + if (**path == '/') + { + (*path)++; + } + if (**path == '\0') + { + *path = "."; + } +} + +/** + * get the highest overlay in which path exists + */ +static int get_rd(const char *path) +{ + private_cowfs_t *this = get_this(); + + if (this->over_fd > 0 && faccessat(this->over_fd, path, F_OK, 0) == 0) + { + return this->over_fd; + } + if (faccessat(this->host_fd, path, F_OK, 0) == 0) + { + return this->host_fd; + } + return this->master_fd; +} + +/** + * get the highest overlay available, to write something + */ +static int get_wr(const char *path) +{ + private_cowfs_t *this = get_this(); + if (this->over_fd > 0) + { + return this->over_fd; + } + return this->host_fd; +} + +/** + * create full "path" at "wr" the same way they exist at "rd" + */ +static bool clone_path(int rd, int wr, const char *path) +{ + char *pos, *full; + struct stat st; + full = strdupa(path); + pos = full; + + while ((pos = strchr(pos, '/'))) + { + *pos = '\0'; + if (fstatat(wr, full, &st, 0) < 0) + { + /* TODO: handle symlinks!? */ + if (fstatat(rd, full, &st, 0) < 0) + { + return FALSE; + } + if (mkdirat(wr, full, st.st_mode) < 0) + { + return FALSE; + } + } + *pos = '/'; + pos++; + } + return TRUE; +} + +/** + * copy a (special) file from a readonly to a read-write overlay + */ +static int copy(const char *path) +{ + char *buf[4096]; + int len; + int rd, wr; + int from, to; + struct stat st; + + rd = get_rd(path); + wr = get_wr(path); + + if (rd == wr) + { + /* already writeable */ + return wr; + } + if (fstatat(rd, path, &st, 0) < 0) + { + return -1; + } + if (!clone_path(rd, wr, path)) + { + return -1; + } + if (mknodat(wr, path, st.st_mode, st.st_rdev) < 0) + { + return -1; + } + /* copy if no special file */ + if (st.st_size) + { + from = openat(rd, path, O_RDONLY, st.st_mode); + if (from < 0) + { + return -1; + } + to = openat(wr, path, O_WRONLY , st.st_mode); + if (to < 0) + { + close(from); + return -1; + } + while ((len = read(from, buf, sizeof(buf))) > 0) + { + if (write(to, buf, len) < len) + { + /* TODO: only on len < 0 ? */ + close(from); + close(to); + return -1; + } + } + close(from); + close(to); + if (len < 0) + { + return -1; + } + } + return wr; +} + +/** + * FUSE getattr method + */ +static int cowfs_getattr(const char *path, struct stat *stbuf) +{ + rel(&path); + + if (fstatat(get_rd(path), path, stbuf, AT_SYMLINK_NOFOLLOW) < 0) + { + return -errno; + } + return 0; +} + +/** + * FUSE access method + */ +static int cowfs_access(const char *path, int mask) +{ + rel(&path); + + if (faccessat(get_rd(path), path, mask, 0) < 0) + { + return -errno; + } + return 0; +} + +/** + * FUSE readlink method + */ +static int cowfs_readlink(const char *path, char *buf, size_t size) +{ + int res; + + rel(&path); + + res = readlinkat(get_rd(path), path, buf, size - 1); + if (res < 0) + { + return -errno; + } + buf[res] = '\0'; + return 0; +} + +/** + * get a directory stream of two concatenated paths + */ +static DIR* get_dir(char *dir, const char *subdir) +{ + char *full; + + if (dir == NULL) + { + return NULL; + } + + full = alloca(strlen(dir) + strlen(subdir) + 1); + strcpy(full, dir); + strcat(full, subdir); + + return opendir(full); +} + +/** + * check if a directory stream contains a directory + */ +static bool contains_dir(DIR *d, char *dirname) +{ + if (d) + { + struct dirent *ent; + + rewinddir(d); + while ((ent = readdir(d))) + { + if (streq(ent->d_name, dirname)) + { + return TRUE; + } + } + } + return FALSE; +} + +/** + * FUSE readdir method + */ +static int cowfs_readdir(const char *path, void *buf, fuse_fill_dir_t filler, + off_t offset, struct fuse_file_info *fi) +{ + private_cowfs_t *this = get_this(); + DIR *d1, *d2, *d3; + struct stat st; + struct dirent *ent; + + memset(&st, 0, sizeof(st)); + + d1 = get_dir(this->master, path); + d2 = get_dir(this->host, path); + d3 = get_dir(this->over, path); + + if (d1) + { + while ((ent = readdir(d1))) + { + if (!contains_dir(d2, ent->d_name) && + !contains_dir(d3, ent->d_name)) + { + st.st_ino = ent->d_ino; + st.st_mode = ent->d_type << 12; + filler(buf, ent->d_name, &st, 0); + } + } + closedir(d1); + } + if (d2) + { + rewinddir(d2); + while ((ent = readdir(d2))) + { + if (!contains_dir(d3, ent->d_name)) + { + st.st_ino = ent->d_ino; + st.st_mode = ent->d_type << 12; + filler(buf, ent->d_name, &st, 0); + } + } + closedir(d2); + } + if (d3) + { + rewinddir(d3); + while ((ent = readdir(d3))) + { + st.st_ino = ent->d_ino; + st.st_mode = ent->d_type << 12; + filler(buf, ent->d_name, &st, 0); + } + closedir(d3); + } + return 0; +} + +/** + * FUSE mknod method + */ +static int cowfs_mknod(const char *path, mode_t mode, dev_t rdev) +{ + int fd; + rel(&path); + + fd = get_wr(path); + if (!clone_path(get_rd(path), fd, path)) + { + return -errno; + } + + if (mknodat(fd, path, mode, rdev) < 0) + { + return -errno; + } + return 0; +} + +/** + * FUSE mkdir method + */ +static int cowfs_mkdir(const char *path, mode_t mode) +{ + int fd; + rel(&path); + + fd = get_wr(path); + if (!clone_path(get_rd(path), fd, path)) + { + return -errno; + } + if (mkdirat(fd, path, mode) < 0) + { + return -errno; + } + return 0; +} + +/** + * FUSE unlink method + */ +static int cowfs_unlink(const char *path) +{ + rel(&path); + + /* TODO: whiteout master */ + if (unlinkat(get_wr(path), path, 0) < 0) + { + return -errno; + } + return 0; +} + +/** + * FUSE rmdir method + */ +static int cowfs_rmdir(const char *path) +{ + rel(&path); + + /* TODO: whiteout master */ + if (unlinkat(get_wr(path), path, AT_REMOVEDIR) < 0) + { + return -errno; + } + return 0; +} + +/** + * FUSE symlink method + */ +static int cowfs_symlink(const char *from, const char *to) +{ + int fd; + const char *fromrel = from; + + rel(&to); + rel(&fromrel); + + fd = get_wr(to); + if (!clone_path(get_rd(fromrel), fd, fromrel)) + { + return -errno; + } + if (symlinkat(from, fd, to) < 0) + { + return -errno; + } + return 0; +} + +/** + * FUSE rename method + */ +static int cowfs_rename(const char *from, const char *to) +{ + int fd; + private_cowfs_t *this = get_this(); + + rel(&from); + rel(&to); + + fd = get_rd(from); + if (fd == this->master_fd) + { + fd = copy(from); + if (fd < 0) + { + return -errno; + } + } + + if (renameat(fd, from, get_wr(to), to) < 0) + { + return -errno; + } + return 0; +} + +/** + * FUSE link method + */ +static int cowfs_link(const char *from, const char *to) +{ + int rd, wr; + + rel(&from); + rel(&to); + + rd = get_rd(from); + wr = get_wr(to); + + if (!clone_path(rd, wr, to)) + { + DBG1("cloning path '%s' failed", to); + return -errno; + } + if (linkat(rd, from, wr, to, 0) < 0) + { + DBG1("linking '%s' to '%s' failed", from, to); + return -errno; + } + return 0; +} + +/** + * FUSE chmod method + */ +static int cowfs_chmod(const char *path, mode_t mode) +{ + int fd; + struct stat st; + private_cowfs_t *this = get_this(); + + rel(&path); + fd = get_rd(path); + if (fd == this->master_fd) + { + if (fstatat(fd, path, &st, 0) < 0) + { + return -errno; + } + if (st.st_mode == mode) + { + return 0; + } + fd = copy(path); + if (fd < 0) + { + return -errno; + } + } + if (fchmodat(fd, path, mode, 0) < 0) + { + return -errno; + } + return 0; +} + +/** + * FUSE chown method + */ +static int cowfs_chown(const char *path, uid_t uid, gid_t gid) +{ + int fd; + struct stat st; + private_cowfs_t *this = get_this(); + + rel(&path); + fd = get_rd(path); + if (fd == this->master_fd) + { + if (fstatat(fd, path, &st, 0) < 0) + { + return -errno; + } + if (st.st_uid == uid && st.st_gid == gid) + { + return 0; + } + fd = copy(path); + if (fd < 0) + { + return -errno; + } + } + if (fchownat(fd, path, uid, gid, AT_SYMLINK_NOFOLLOW) < 0) + { + return -errno; + } + return 0; +} + +/** + * FUSE truncate method + */ +static int cowfs_truncate(const char *path, off_t size) +{ + int fd; + struct stat st; + + private_cowfs_t *this = get_this(); + + rel(&path); + fd = get_rd(path); + if (fd == this->master_fd) + { + if (fstatat(fd, path, &st, 0) < 0) + { + return -errno; + } + if (st.st_size == size) + { + return 0; + } + fd = copy(path); + if (fd < 0) + { + return -errno; + } + } + fd = openat(fd, path, O_WRONLY); + if (fd < 0) + { + return -errno; + } + if (ftruncate(fd, size) < 0) + { + close(fd); + return -errno; + } + close(fd); + return 0; +} + +/** + * FUSE utimens method + */ +static int cowfs_utimens(const char *path, const struct timespec ts[2]) +{ + struct timeval tv[2]; + int fd; + private_cowfs_t *this = get_this(); + + rel(&path); + fd = get_rd(path); + if (fd == this->master_fd) + { + fd = copy(path); + if (fd < 0) + { + return -errno; + } + } + + tv[0].tv_sec = ts[0].tv_sec; + tv[0].tv_usec = ts[0].tv_nsec / 1000; + tv[1].tv_sec = ts[1].tv_sec; + tv[1].tv_usec = ts[1].tv_nsec / 1000; + + if (futimesat(fd, path, tv) < 0) + { + return -errno; + } + return 0; +} + +/** + * FUSE open method + */ +static int cowfs_open(const char *path, struct fuse_file_info *fi) +{ + int fd; + + rel(&path); + fd = get_rd(path); + + fd = openat(fd, path, fi->flags); + if (fd < 0) + { + return -errno; + } + close(fd); + return 0; +} + +/** + * FUSE read method + */ +static int cowfs_read(const char *path, char *buf, size_t size, off_t offset, + struct fuse_file_info *fi) +{ + int file, fd, res; + + rel(&path); + + fd = get_rd(path); + + file = openat(fd, path, O_RDONLY); + if (file < 0) + { + return -errno; + } + + res = pread(file, buf, size, offset); + if (res < 0) + { + res = -errno; + } + close(file); + return res; +} + +/** + * FUSE write method + */ +static int cowfs_write(const char *path, const char *buf, size_t size, + off_t offset, struct fuse_file_info *fi) +{ + private_cowfs_t *this = get_this(); + int file, fd, res; + + rel(&path); + + fd = get_rd(path); + if (fd == this->master_fd) + { + fd = copy(path); + if (fd < 0) + { + return -errno; + } + } + file = openat(fd, path, O_WRONLY); + if (file < 0) + { + return -errno; + } + res = pwrite(file, buf, size, offset); + if (res < 0) + { + res = -errno; + } + close(file); + return res; +} + +/** + * FUSE statfs method + */ +static int cowfs_statfs(const char *path, struct statvfs *stbuf) +{ + private_cowfs_t *this = get_this(); + int fd; + + fd = this->host_fd; + if (this->over_fd > 0) + { + fd = this->over_fd; + } + + if (fstatvfs(fd, stbuf) < 0) + { + return -errno; + } + + return 0; +} + +/** + * FUSE init method + */ +static void *cowfs_init(struct fuse_conn_info *conn) +{ + struct fuse_context *ctx; + + ctx = fuse_get_context(); + + return ctx->private_data; +} + +/** + * FUSE method vectors + */ +static struct fuse_operations cowfs_operations = { + .getattr = cowfs_getattr, + .access = cowfs_access, + .readlink = cowfs_readlink, + .readdir = cowfs_readdir, + .mknod = cowfs_mknod, + .mkdir = cowfs_mkdir, + .symlink = cowfs_symlink, + .unlink = cowfs_unlink, + .rmdir = cowfs_rmdir, + .rename = cowfs_rename, + .link = cowfs_link, + .chmod = cowfs_chmod, + .chown = cowfs_chown, + .truncate = cowfs_truncate, + .utimens = cowfs_utimens, + .open = cowfs_open, + .read = cowfs_read, + .write = cowfs_write, + .statfs = cowfs_statfs, + .init = cowfs_init, +}; + +/** + * Implementation of cowfs_t.set_overlay. + */ +static bool set_overlay(private_cowfs_t *this, char *path) +{ + if (this->over) + { + free(this->over); + this->over = NULL; + } + if (this->over_fd > 0) + { + close(this->over_fd); + this->over_fd = -1; + } + if (path) + { + this->over_fd = open(path, O_RDONLY | O_DIRECTORY); + if (this->over_fd < 0) + { + DBG1("failed to open overlay directory '%s': %m", path); + return FALSE; + } + this->over = strdup(path); + } + return TRUE; +} + +/** + * stop, umount and destroy a cowfs FUSE filesystem + */ +static void destroy(private_cowfs_t *this) +{ + fuse_exit(this->fuse); + fuse_unmount(this->mount, this->chan); + pthread_join(this->thread, NULL); + fuse_destroy(this->fuse); + free(this->mount); + free(this->master); + free(this->host); + free(this->over); + close(this->master_fd); + close(this->host_fd); + if (this->over_fd > 0) + { + close(this->over_fd); + } + free(this); +} + +/** + * creates a new cowfs fuse instance + */ +cowfs_t *cowfs_create(char *master, char *host, char *mount) +{ + struct fuse_args args = {0, NULL, 0}; + private_cowfs_t *this = malloc_thing(private_cowfs_t); + + this->public.set_overlay = (bool(*)(cowfs_t*, char *path))set_overlay; + this->public.destroy = (void(*)(cowfs_t*))destroy; + + this->master_fd = open(master, O_RDONLY | O_DIRECTORY); + if (this->master_fd < 0) + { + DBG1("failed to open master filesystem '%s'", master); + free(this); + } + this->host_fd = open(host, O_RDONLY | O_DIRECTORY); + if (this->master_fd < 0) + { + DBG1("failed to open host filesystem '%s'", host); + close(this->master_fd); + free(this); + } + this->over_fd = -1; + + this->chan = fuse_mount(mount, &args); + if (this->chan == NULL) + { + DBG1("mounting cowfs FUSE on '%s' failed", mount); + close(this->master_fd); + close(this->host_fd); + free(this); + return NULL; + } + + this->fuse = fuse_new(this->chan, &args, &cowfs_operations, + sizeof(cowfs_operations), this); + if (this->fuse == NULL) + { + DBG1("creating cowfs FUSE handle failed"); + close(this->master_fd); + close(this->host_fd); + fuse_unmount(mount, this->chan); + free(this); + return NULL; + } + + this->mount = strdup(mount); + this->master = strdup(master); + this->host = strdup(host); + this->over = NULL; + + if (pthread_create(&this->thread, NULL, (void*)fuse_loop, this->fuse) != 0) + { + DBG1("creating thread to handle FUSE failed"); + fuse_unmount(mount, this->chan); + free(this->mount); + free(this->master); + free(this->host); + close(this->master_fd); + close(this->host_fd); + free(this); + return NULL; + } + + return &this->public; +} + diff --git a/src/dumm/cowfs.h b/src/dumm/cowfs.h new file mode 100644 index 000000000..419197dd6 --- /dev/null +++ b/src/dumm/cowfs.h @@ -0,0 +1,54 @@ +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#ifndef COWFS_H +#define COWFS_H + +#include + +typedef struct cowfs_t cowfs_t; + +/** + * @brief cowfs - Copy on write FUSE filesystem. + * + */ +struct cowfs_t { + + /** + * @brief Set an additional copy on write overlay. + * + * @param path path of the overlay + * @return FALSE if failed + */ + bool (*set_overlay)(cowfs_t *this, char *path); + + /** + * @brief Stop, umount and destroy a cowfs FUSE filesystem. + */ + void (*destroy) (cowfs_t *this); +}; + +/** + * @brief Mount a cowfs FUSE filesystem. + * + * @param master read only master file system directory + * @param host copy on write host directory + * @param mount mountpoint where union is mounted + * @return instance, or NULL if FUSE initalization failed + */ +cowfs_t *cowfs_create(char *master, char *host, char *mount); + +#endif /* COWFS_H */ + diff --git a/src/dumm/dumm.c b/src/dumm/dumm.c new file mode 100644 index 000000000..b9a2814e6 --- /dev/null +++ b/src/dumm/dumm.c @@ -0,0 +1,391 @@ +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#define _GNU_SOURCE + +#include +#include +#include +#include +#include +#include + +#include + +#include "dumm.h" + +#define PERME (S_IRWXU | S_IRWXG) +#define GUEST_DIR "guests" +#define TEMPLATE_DIR "templates" +#define TEMPLATE_DIR_DIR "diff" + +/** + * instances of dumm, used to deliver signals + */ +static linked_list_t *instances = NULL; + +typedef struct private_dumm_t private_dumm_t; + +struct private_dumm_t { + /** public dumm interface */ + dumm_t public; + /** working dir */ + char *dir; + /** directory of guests */ + char *guest_dir; + /** directory of templates */ + char *template_dir; + /** directory of loaded template */ + char *template; + /** list of managed guests */ + linked_list_t *guests; + /** list of managed bridges */ + linked_list_t *bridges; + /** do not catch signals if we are destroying */ + bool destroying; +}; + +/** + * Implementation of dumm_t.create_guest. + */ +static guest_t* create_guest(private_dumm_t *this, char *name, char *kernel, + char *master, int mem) +{ + guest_t *guest; + + guest = guest_create(this->guest_dir, name, kernel, master, mem); + if (guest) + { + this->guests->insert_last(this->guests, guest); + } + return guest; +} + +/** + * Implementation of dumm_t.create_guest_iterator. + */ +static iterator_t* create_guest_iterator(private_dumm_t *this) +{ + return this->guests->create_iterator(this->guests, TRUE); +} + +/** + * Implementation of dumm_t.create_bridge. + */ +static bridge_t* create_bridge(private_dumm_t *this, char *name) +{ + bridge_t *bridge; + + bridge = bridge_create(name); + if (bridge) + { + this->bridges->insert_last(this->bridges, bridge); + } + return bridge; +} + +/** + * Implementation of dumm_t.create_bridge_iterator. + */ +static iterator_t* create_bridge_iterator(private_dumm_t *this) +{ + return this->bridges->create_iterator(this->bridges, TRUE); +} + +/** + * disable the currently enabled template + */ +static void clear_template(private_dumm_t *this) +{ + iterator_t *iterator, *ifaces; + guest_t *guest; + iface_t *iface; + + free(this->template); + this->template = NULL; + + iterator = this->guests->create_iterator(this->guests, TRUE); + while (iterator->iterate(iterator, (void**)&guest)) + { + guest->load_template(guest, NULL); + ifaces = guest->create_iface_iterator(guest); + while (ifaces->iterate(ifaces, (void**)&iface)) + { + ifaces->remove(ifaces); + iface->destroy(iface); + } + ifaces->destroy(ifaces); + } + iterator->destroy(iterator); +} + +/** + * Implementation of dumm_t.load_template. + */ +static bool load_template(private_dumm_t *this, char *name) +{ + iterator_t *iterator; + guest_t *guest; + char dir[PATH_MAX]; + size_t len; + + clear_template(this); + + if (name == NULL) + { + return TRUE; + } + + free(this->template); + asprintf(&this->template, "%s/%s", this->template_dir, name); + len = snprintf(dir, sizeof(dir), "%s/%s", this->template, TEMPLATE_DIR_DIR); + if (len < 0 || len >= sizeof(dir)) + { + return FALSE; + } + + if (access(this->template, F_OK) != 0) + { /* does not exist, create template */ + if (mkdir(this->template, PERME) != 0) + { + DBG1("creating template directory '%s' failed: %m", this->template); + return FALSE; + } + if (mkdir(dir, PERME) != 0) + { + DBG1("creating template overlay directory '%s' failed: %m", dir); + return FALSE; + } + } + iterator = this->guests->create_iterator(this->guests, TRUE); + while (iterator->iterate(iterator, (void**)&guest)) + { + if (!guest->load_template(guest, dir)) + { + iterator->destroy(iterator); + clear_template(this); + return FALSE; + } + } + iterator->destroy(iterator); + return TRUE; +} + +/** + * signal handler + */ +void signal_handler(int sig, siginfo_t *info, void *ucontext) +{ + if (sig == SIGCHLD) + { + switch (info->si_code) + { + case CLD_EXITED: + case CLD_KILLED: + case CLD_DUMPED: + { + private_dumm_t *this; + guest_t *guest; + iterator_t *iterator, *guests; + + iterator = instances->create_iterator(instances, TRUE); + while (iterator->iterate(iterator, (void**)&this)) + { + if (this->destroying) + { + continue; + } + guests = this->guests->create_iterator(this->guests, TRUE); + while (guests->iterate(guests, (void**)&guest)) + { + if (guest->get_pid(guest) == info->si_pid) + { + guest->sigchild(guest); + break; + } + } + guests->destroy(guests); + } + iterator->destroy(iterator); + break; + } + default: + break; + } + + } + /* SIGHUP is currently just ignored */ +} + +/** + * add a dumm instance + */ +static void add_instance(private_dumm_t *this) +{ + if (instances == NULL) + { + struct sigaction action; + + instances = linked_list_create(); + + memset(&action, 0, sizeof(action)); + action.sa_sigaction = signal_handler; + action.sa_flags = SA_SIGINFO; + + if (sigaction(SIGCHLD, &action, NULL) != 0 || + sigaction(SIGHUP, &action, NULL) != 0) + { + DBG1("installing signal handler failed!"); + } + } + instances->insert_last(instances, this); +} + +/** + * remove a dumm instance + */ +static void remove_instance(private_dumm_t *this) +{ + iterator_t *iterator; + private_dumm_t *current; + + iterator = instances->create_iterator(instances, TRUE); + while (iterator->iterate(iterator, (void**)¤t)) + { + if (current == this) + { + iterator->remove(iterator); + break; + } + } + iterator->destroy(iterator); + if (instances->get_count(instances) == 0) + { + instances->destroy(instances); + instances = NULL; + } +} + +/** + * Implementation of dumm_t.destroy + */ +static void destroy(private_dumm_t *this) +{ + iterator_t *iterator; + guest_t *guest; + + this->bridges->destroy_offset(this->bridges, offsetof(bridge_t, destroy)); + + iterator = this->guests->create_iterator(this->guests, TRUE); + while (iterator->iterate(iterator, (void**)&guest)) + { + guest->stop(guest); + } + iterator->destroy(iterator); + + this->destroying = TRUE; + this->guests->destroy_offset(this->guests, offsetof(guest_t, destroy)); + free(this->guest_dir); + free(this->template_dir); + free(this->template); + free(this->dir); + remove_instance(this); + free(this); +} + +/** + * load all guests in our working dir + */ +static void load_guests(private_dumm_t *this) +{ + DIR *dir; + struct dirent *ent; + guest_t *guest; + + dir = opendir(this->guest_dir); + if (dir == NULL) + { + return; + } + + while ((ent = readdir(dir))) + { + if (streq(ent->d_name, ".") || streq(ent->d_name, "..")) + { + continue; + } + guest = guest_load(this->guest_dir, ent->d_name); + if (guest) + { + DBG1("loaded guest '%s'", ent->d_name); + this->guests->insert_last(this->guests, guest); + } + else + { + DBG1("loading guest in directory '%s' failed, skipped", ent->d_name); + } + } + closedir(dir); +} + +/** + * create a dumm instance + */ +dumm_t *dumm_create(char *dir) +{ + char cwd[PATH_MAX]; + private_dumm_t *this = malloc_thing(private_dumm_t); + + this->public.create_guest = (guest_t*(*)(dumm_t*,char*,char*,char*,int))create_guest; + this->public.create_guest_iterator = (iterator_t*(*)(dumm_t*))create_guest_iterator; + this->public.create_bridge = (bridge_t*(*)(dumm_t*, char *name))create_bridge; + this->public.create_bridge_iterator = (iterator_t*(*)(dumm_t*))create_bridge_iterator; + this->public.load_template = (bool(*)(dumm_t*, char *name))load_template; + this->public.destroy = (void(*)(dumm_t*))destroy; + + this->destroying = FALSE; + if (*dir == '/' || getcwd(cwd, sizeof(cwd)) == 0) + { + this->dir = strdup(dir); + } + else + { + asprintf(&this->dir, "%s/%s", cwd, dir); + } + this->template = NULL; + asprintf(&this->guest_dir, "%s/%s", this->dir, GUEST_DIR); + asprintf(&this->template_dir, "%s/%s", this->dir, TEMPLATE_DIR); + this->guests = linked_list_create(); + this->bridges = linked_list_create(); + + add_instance(this); + + if (mkdir(this->guest_dir, PERME) < 0 && errno != EEXIST) + { + DBG1("creating guest directory '%s' failed: %m", this->guest_dir); + destroy(this); + return NULL; + } + if (mkdir(this->template_dir, PERME) < 0 && errno != EEXIST) + { + DBG1("creating template directory '%s' failed: %m", this->template_dir); + destroy(this); + return NULL; + } + + load_guests(this); + return &this->public; +} + diff --git a/src/dumm/dumm.h b/src/dumm/dumm.h new file mode 100644 index 000000000..5414f9993 --- /dev/null +++ b/src/dumm/dumm.h @@ -0,0 +1,95 @@ +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#ifndef DUMM_H +#define DUMM_H + +#include + +#include +#include + +#include "guest.h" +#include "bridge.h" + +typedef struct dumm_t dumm_t; + +/** + * @brief dumm - Dynamic Uml Mesh Modeler + * + * Controls a group of UML guests and their networks. + * Dumm catches SIGCHD and SIGHUP to trace UML child processes and the FUSE + * filesystem. Do not overwrite these signal handlers! + */ +struct dumm_t { + + /** + * @brief Starts a new UML guest + * + * @param name name of the guest + * @param kernel UML kernel to use for guest + * @param master mounted read only master filesystem + * @param mem amount of memory for guest, in MB + * @return guest if started, NULL if failed + */ + guest_t* (*create_guest) (dumm_t *this, char *name, char *kernel, + char *master, int mem); + + /** + * @brief Create an iterator over all guests. + * + * @return iteraotor over guest_t's + */ + iterator_t* (*create_guest_iterator) (dumm_t *this); + + /** + * @brief Create a new bridge. + * + * @param name name of the bridge to create + * @return created bridge + */ + bridge_t* (*create_bridge)(dumm_t *this, char *name); + + /** + * @brief Create an iterator over all bridges. + * + * @return iterator over bridge_t's + */ + iterator_t* (*create_bridge_iterator)(dumm_t *this); + + /** + * @brief Loads a template, create a new one if it does not exist. + * + * @param name name of the template, NULL to close + * @return FALSE if load/create failed + */ + bool (*load_template)(dumm_t *this, char *name); + + /** + * @brief stop all guests and destroy the modeler + */ + void (*destroy) (dumm_t *this); +}; + +/** + * @brief Create a group of UML hosts and networks. + * + * @param dir directory to create guests/load from + * @return created UML group, or NULL if failed. + */ +dumm_t *dumm_create(char *dir); + +#endif /* DUMM_H */ + diff --git a/src/dumm/guest.c b/src/dumm/guest.c new file mode 100644 index 000000000..bbb59f431 --- /dev/null +++ b/src/dumm/guest.c @@ -0,0 +1,567 @@ +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#define _GNU_SOURCE + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include +#include + +#include "dumm.h" +#include "guest.h" +#include "mconsole.h" +#include "cowfs.h" + +#define PERME (S_IRWXU | S_IRWXG) +#define PERM (S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP) + +#define MASTER_DIR "master" +#define DIFF_DIR "diff" +#define UNION_DIR "union" +#define MEMORY_FILE "mem" +#define KERNEL_FILE "linux" +#define LOG_FILE "boot.log" +#define NOTIFY_FILE "notify" +#define PTYS 0 + +typedef struct private_guest_t private_guest_t; + +struct private_guest_t { + /** implemented public interface */ + guest_t public; + /** name of the guest */ + char *name; + /** directory of guest */ + int dir; + /** directory name of guest */ + char *dirname; + /** amount of memory for guest, in MB */ + int mem; + /** pid of guest child process */ + int pid; + /** state of guest */ + guest_state_t state; + /** log file for console 0 */ + int bootlog; + /** FUSE cowfs instance */ + cowfs_t *cowfs; + /** mconsole to control running UML */ + mconsole_t *mconsole; + /** list of interfaces attached to the guest */ + linked_list_t *ifaces; +}; + +ENUM(guest_state_names, GUEST_STOPPED, GUEST_STOPPING, + "STOPPED", + "STARTING", + "RUNNING", + "PAUSED", + "STOPPING", +); + +/** + * Implementation of guest_t.get_name. + */ +static char* get_name(private_guest_t *this) +{ + return this->name; +} + +/** + * Implementation of guest_t.create_iface. + */ +static iface_t* create_iface(private_guest_t *this, char *name) +{ + iterator_t *iterator; + iface_t *iface; + + if (this->state != GUEST_RUNNING) + { + DBG1("guest '%s' not running, unable to add interface", this->name); + return NULL; + } + + iterator = this->ifaces->create_iterator(this->ifaces, TRUE); + while (iterator->iterate(iterator, (void**)&iface)) + { + if (streq(name, iface->get_guestif(iface))) + { + DBG1("guest '%s' already has an interface '%s'", this->name, name); + iterator->destroy(iterator); + return NULL; + } + } + iterator->destroy(iterator); + + iface = iface_create(this->name, name, this->mconsole); + if (iface) + { + this->ifaces->insert_last(this->ifaces, iface); + } + return iface; +} + +/** + * Implementation of guest_t.create_iface_iterator. + */ +static iterator_t* create_iface_iterator(private_guest_t *this) +{ + return this->ifaces->create_iterator(this->ifaces, TRUE); +} + +/** + * Implementation of guest_t.get_state. + */ +static guest_state_t get_state(private_guest_t *this) +{ + return this->state; +} + +/** + * Implementation of guest_t.get_pid. + */ +static pid_t get_pid(private_guest_t *this) +{ + return this->pid; +} + +/** + * write format string to a buffer, and advance buffer position + */ +static char* write_arg(char **pos, size_t *left, char *format, ...) +{ + size_t len; + char *res = NULL; + va_list args; + + va_start(args, format); + len = vsnprintf(*pos, *left, format, args); + va_end(args); + if (len < *left) + { + res = *pos; + len++; + *pos += len + 1; + *left -= len + 1; + } + return res; +} + +/** + * Implementation of get_t.close_console. + */ +static char* get_console(private_guest_t *this, int console) +{ + if (this->state == GUEST_RUNNING) + { + return this->mconsole->get_console_pts(this->mconsole, console); + } + return NULL; +} + +/** + * Implementation of guest_t.stop. + */ +static void stop(private_guest_t *this) +{ + if (this->state != GUEST_STOPPED) + { + this->state = GUEST_STOPPING; + this->ifaces->destroy_offset(this->ifaces, offsetof(iface_t, destroy)); + this->ifaces = linked_list_create(); + kill(this->pid, SIGINT); + waitpid(this->pid, NULL, 0); + this->state = GUEST_STOPPED; + } +} + +/** + * Implementation of guest_t.start. + */ +static bool start(private_guest_t *this) +{ + char buf[2048]; + char *notify; + char *pos = buf; + char *args[16]; + int i = 0; + size_t left = sizeof(buf); + + if (this->state != GUEST_STOPPED) + { + DBG1("unable to start guest in state %N", guest_state_names, this->state); + return FALSE; + } + this->state = GUEST_STARTING; + + notify = write_arg(&pos, &left, "%s/%s", this->dirname, NOTIFY_FILE); + + args[i++] = write_arg(&pos, &left, "%s/%s", this->dirname, KERNEL_FILE); + args[i++] = write_arg(&pos, &left, "root=/dev/root"); + args[i++] = write_arg(&pos, &left, "rootfstype=hostfs"); + args[i++] = write_arg(&pos, &left, "rootflags=%s/%s", this->dirname, UNION_DIR); + args[i++] = write_arg(&pos, &left, "uml_dir=%s", this->dirname); + args[i++] = write_arg(&pos, &left, "umid=%s", this->name); + args[i++] = write_arg(&pos, &left, "mem=%dM", this->mem); + args[i++] = write_arg(&pos, &left, "mconsole=notify:%s", notify); + args[i++] = write_arg(&pos, &left, "con=pts"); + args[i++] = write_arg(&pos, &left, "con0=none,fd:%d", this->bootlog); + args[i++] = NULL; + + this->pid = fork(); + switch (this->pid) + { + case 0: /* child, */ + dup2(open("/dev/null", 0), 0); + dup2(this->bootlog, 1); + dup2(this->bootlog, 2); + execvp(args[0], args); + DBG1("starting UML kernel '%s' failed: %m", args[0]); + exit(1); + case -1: + this->state = GUEST_STOPPED; + return FALSE; + default: + break; + } + /* open mconsole */ + this->mconsole = mconsole_create(notify); + if (this->mconsole == NULL) + { + DBG1("opening mconsole at '%s' failed, stopping guest", buf); + stop(this); + return FALSE; + } + + this->state = GUEST_RUNNING; + return TRUE; +} + +/** + * Implementation of guest_t.load_template. + */ +static bool load_template(private_guest_t *this, char *path) +{ + char dir[PATH_MAX]; + size_t len; + + if (path == NULL) + { + return this->cowfs->set_overlay(this->cowfs, NULL); + } + + len = snprintf(dir, sizeof(dir), "%s/%s", path, this->name); + if (len < 0 || len >= sizeof(dir)) + { + return FALSE; + } + if (access(dir, F_OK) != 0) + { + if (mkdir(dir, PERME) != 0) + { + DBG1("creating overlay for guest '%s' failed: %m", this->name); + return FALSE; + } + } + return this->cowfs->set_overlay(this->cowfs, dir); +} + +/** + * Implementation of guest_t.sigchild. + */ +static void sigchild(private_guest_t *this) +{ + if (this->state != GUEST_STOPPING) + { /* collect zombie if uml crashed */ + waitpid(this->pid, NULL, WNOHANG); + } + DESTROY_IF(this->mconsole); + this->mconsole = NULL; + this->state = GUEST_STOPPED; +} + +/** + * umount the union filesystem + */ +static bool umount_unionfs(private_guest_t *this) +{ + if (this->cowfs) + { + this->cowfs->destroy(this->cowfs); + this->cowfs = NULL; + return TRUE; + } + return FALSE; +} + +/** + * mount the union filesystem + */ +static bool mount_unionfs(private_guest_t *this) +{ + char master[PATH_MAX]; + char diff[PATH_MAX]; + char mount[PATH_MAX]; + + if (this->cowfs == NULL) + { + snprintf(master, sizeof(master), "%s/%s", this->dirname, MASTER_DIR); + snprintf(diff, sizeof(diff), "%s/%s", this->dirname, DIFF_DIR); + snprintf(mount, sizeof(mount), "%s/%s", this->dirname, UNION_DIR); + + this->cowfs = cowfs_create(master, diff, mount); + if (this->cowfs) + { + return TRUE; + } + } + return FALSE; +} + +/** + * open logfile for boot messages + */ +static int open_bootlog(private_guest_t *this) +{ + int fd; + + fd = openat(this->dir, LOG_FILE, O_WRONLY | O_CREAT, PERM); + if (fd == -1) + { + DBG1("opening bootlog failed, using stdout"); + return 1; + } + return fd; +} + +/** + * load memory configuration from file + */ +int loadmem(private_guest_t *this) +{ + FILE *file; + int mem = 0; + + file = fdopen(openat(this->dir, MEMORY_FILE, O_RDONLY, PERM), "r"); + if (file) + { + if (fscanf(file, "%d", &mem) <= 0) + { + mem = 0; + } + fclose(file); + } + return mem; +} + +/** + * save memory configuration to file + */ +bool savemem(private_guest_t *this, int mem) +{ + FILE *file; + bool retval = FALSE; + + file = fdopen(openat(this->dir, MEMORY_FILE, O_RDWR | O_CREAT | O_TRUNC, + PERM), "w"); + if (file) + { + if (fprintf(file, "%d", mem) > 0) + { + retval = TRUE; + } + fclose(file); + } + return retval; +} + +/** + * Implementation of guest_t.destroy. + */ +static void destroy(private_guest_t *this) +{ + stop(this); + umount_unionfs(this); + if (this->bootlog > 1) + { + close(this->bootlog); + } + if (this->dir > 0) + { + close(this->dir); + } + free(this->dirname); + free(this->name); + free(this); +} + +/** + * generic guest constructor + */ +static private_guest_t *guest_create_generic(char *parent, char *name, + bool create) +{ + char cwd[PATH_MAX]; + private_guest_t *this = malloc_thing(private_guest_t); + + this->public.get_name = (void*)get_name; + this->public.get_pid = (pid_t(*)(guest_t*))get_pid; + this->public.get_state = (guest_state_t(*)(guest_t*))get_state; + this->public.create_iface = (iface_t*(*)(guest_t*,char*))create_iface; + this->public.create_iface_iterator = (iterator_t*(*)(guest_t*))create_iface_iterator; + this->public.start = (void*)start; + this->public.stop = (void*)stop; + this->public.get_console = (char*(*)(guest_t*,int))get_console; + this->public.load_template = (bool(*)(guest_t*, char *path))load_template; + this->public.sigchild = (void(*)(guest_t*))sigchild; + this->public.destroy = (void*)destroy; + + if (*parent == '/' || getcwd(cwd, sizeof(cwd)) == NULL) + { + asprintf(&this->dirname, "%s/%s", parent, name); + } + else + { + asprintf(&this->dirname, "%s/%s/%s", cwd, parent, name); + } + if (create) + { + mkdir(this->dirname, PERME); + } + this->dir = open(this->dirname, O_DIRECTORY, PERME); + if (this->dir < 0) + { + DBG1("opening guest directory '%s' failed: %m", this->dirname); + free(this->dirname); + free(this); + return NULL; + } + + this->pid = 0; + this->state = GUEST_STOPPED; + this->mconsole = NULL; + this->ifaces = linked_list_create(); + this->mem = 0; + this->bootlog = open_bootlog(this); + this->name = strdup(name); + this->cowfs = NULL; + + return this; +} + +/** + * create a symlink to old called new in our working dir + */ +static bool make_symlink(private_guest_t *this, char *old, char *new) +{ + char cwd[PATH_MAX]; + char buf[PATH_MAX]; + + if (*old == '/' || getcwd(cwd, sizeof(cwd)) == NULL) + { + snprintf(buf, sizeof(buf), "%s", old); + } + else + { + snprintf(buf, sizeof(buf), "%s/%s", cwd, old); + } + return symlinkat(buf, this->dir, new) == 0; +} + + +/** + * create the guest instance, including required dirs and mounts + */ +guest_t *guest_create(char *parent, char *name, char *kernel, + char *master, int mem) +{ + private_guest_t *this = guest_create_generic(parent, name, TRUE); + + if (this == NULL) + { + return NULL; + } + + if (!make_symlink(this, master, MASTER_DIR) || + !make_symlink(this, kernel, KERNEL_FILE)) + { + DBG1("creating master/kernel symlink failed: %m"); + destroy(this); + return NULL; + } + + if (mkdirat(this->dir, UNION_DIR, PERME) != 0 || + mkdirat(this->dir, DIFF_DIR, PERME) != 0) + { + DBG1("unable to create directories for '%s': %m", name); + destroy(this); + return NULL; + } + + this->mem = mem; + if (!savemem(this, mem)) + { + destroy(this); + return NULL; + } + + if (!mount_unionfs(this)) + { + destroy(this); + return NULL; + } + + return &this->public; +} + +/** + * load an already created guest + */ +guest_t *guest_load(char *parent, char *name) +{ + private_guest_t *this = guest_create_generic(parent, name, FALSE); + + if (this == NULL) + { + return NULL; + } + + this->mem = loadmem(this); + if (this->mem == 0) + { + DBG1("unable to open memory configuration file: %m", name); + destroy(this); + return NULL; + } + + if (!mount_unionfs(this)) + { + destroy(this); + return NULL; + } + + return &this->public; +} + diff --git a/src/dumm/guest.h b/src/dumm/guest.h new file mode 100644 index 000000000..10b37aaa7 --- /dev/null +++ b/src/dumm/guest.h @@ -0,0 +1,155 @@ +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#ifndef GUEST_H +#define GUEST_H + +#include +#include + +#include "iface.h" + +typedef enum guest_state_t guest_state_t; + +/** + * @brief State of a guest (started, stopped, ...) + */ +enum guest_state_t { + /** guest kernel not running at all */ + GUEST_STOPPED, + /** kernel started, but not yet available */ + GUEST_STARTING, + /** guest is up and running */ + GUEST_RUNNING, + /** guest has been paused */ + GUEST_PAUSED, + /** guest is stopping (shutting down) */ + GUEST_STOPPING, +}; + +/** + * string mappings for guest_state_t + */ +extern enum_name_t *guest_state_names; + +typedef struct guest_t guest_t; + +/** + * @brief A guest is a UML instance running on the host. + **/ +struct guest_t { + + /** + * @brief Get the name of this guest. + * + * @return name of the guest + */ + char* (*get_name) (guest_t *this); + + /** + * @brief Get the process ID of the guest child process. + * + * @return name of the guest + */ + pid_t (*get_pid) (guest_t *this); + + /** + * @brief Get the state of the guest (stopped, started, etc.). + * + * @return guests state + */ + guest_state_t (*get_state)(guest_t *this); + + /** + * @brief Start the guest. + * + * @return TRUE if guest successfully started + */ + bool (*start) (guest_t *this); + + /** + * @brief Kill the guest. + * + * @return TRUE if guest was running and killed + */ + bool (*stop) (guest_t *this); + + /** + * @brief Get a console pts device. + * + * Every guest has 5 consoles, numbered from 1 to 5. These are associated + * to a unique pts device on the host. + * + * @param console console number to get (1-5) + * @return pts device file name, NULL if failed + */ + char* (*get_console) (guest_t *this, int console); + + /** + * @brief Create a new interface in the current scenario. + * + * @param name name of the interface in the guest + * @return created interface, or NULL if failed + */ + iface_t* (*create_iface)(guest_t *this, char *name); + + /** + * @brief Create an iterator over all guest interfaces. + * + * @return iterator over iface_t's + */ + iterator_t* (*create_iface_iterator)(guest_t *this); + + /** + * @brief Set the template COWFS overlay to use. + * + * @param parent parent directory where template diff should point to + * @return FALSE if failed + */ + bool (*load_template)(guest_t *this, char *parent); + + /** + * @brief Called whenever a SIGCHILD for the guests PID is received. + */ + void (*sigchild)(guest_t *this); + + /** + * @brief Close and destroy a guest with all interfaces + */ + void (*destroy) (guest_t *this); +}; + +/** + * @brief Create a new, unstarted guest. + * + * @param parent parent directory to create the guest in + * @param name name of the guest to create + * @param kernel kernel this guest uses + * @param master read-only master filesystem for guest + * @param mem amount of memory to give the guest + */ +guest_t *guest_create(char *parent, char *name, char *kernel, + char *master, int mem); + +/** + * @brief Load a guest created with guest_create(). + * + * @param parent parent directory to look for a guest + * @param name name of the guest directory + */ +guest_t *guest_load(char *parent, char *name); + +#endif /* GUEST_H */ + diff --git a/src/dumm/iface.c b/src/dumm/iface.c new file mode 100644 index 000000000..3c1bfc470 --- /dev/null +++ b/src/dumm/iface.c @@ -0,0 +1,179 @@ +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * Copyright (C) 2002 Jeff Dike + * + * Based on the "tunctl" utility from Jeff Dike. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include +#include +#include +#include +#include +#include +#include + +#include + +#include "iface.h" + +typedef struct private_iface_t private_iface_t; + +struct private_iface_t { + /** public interface */ + iface_t public; + /** device name in guest (eth0) */ + char *guestif; + /** device name at host (tap0) */ + char *hostif; + /** bridge this interface is attached to */ + bridge_t *bridge; + /** mconsole for guest */ + mconsole_t *mconsole; +}; + +/** + * Implementation of iface_t.get_guestif. + */ +static char* get_guestif(private_iface_t *this) +{ + return this->guestif; +} + +/** + * Implementation of iface_t.get_hostif. + */ +static char* get_hostif(private_iface_t *this) +{ + return this->hostif; +} + +/** + * Implementation of iface_t.set_bridge. + */ +static void set_bridge(private_iface_t *this, bridge_t *bridge) +{ + this->bridge = bridge; +} + +/** + * destroy the tap device + */ +static bool destroy_tap(private_iface_t *this) +{ + struct ifreq ifr; + int tap; + + memset(&ifr, 0, sizeof(ifr)); + ifr.ifr_flags = IFF_TAP | IFF_NO_PI; + strncpy(ifr.ifr_name, this->hostif, sizeof(ifr.ifr_name) - 1); + + tap = open(TAP_DEVICE, O_RDWR); + if (tap < 0) + { + DBG1("unable to open tap device %s: %m", TAP_DEVICE); + return FALSE; + } + if (ioctl(tap, TUNSETIFF, &ifr) < 0 || + ioctl(tap, TUNSETPERSIST, 0) < 0) + { + DBG1("removing %s failed: %m", this->hostif); + close(tap); + return FALSE; + } + close(tap); + return TRUE; +} + +/** + * create the tap device + */ +static char* create_tap(private_iface_t *this, char *guest) +{ + struct ifreq ifr; + int tap; + + memset(&ifr, 0, sizeof(ifr)); + ifr.ifr_flags = IFF_TAP | IFF_NO_PI; + snprintf(ifr.ifr_name, sizeof(ifr.ifr_name), "%s-%s", guest, this->guestif); + + tap = open(TAP_DEVICE, O_RDWR); + if (tap < 0) + { + DBG1("unable to open tap device %s: %m", TAP_DEVICE); + return NULL; + } + if (ioctl(tap, TUNSETIFF, &ifr) < 0 || + ioctl(tap, TUNSETPERSIST, 1) < 0 || + ioctl(tap, TUNSETOWNER, 0)) + { + DBG1("creating new tap device failed: %m"); + close(tap); + return NULL; + } + close(tap); + return strdup(ifr.ifr_name); +} + +/** + * Implementation of iface_t.destroy. + */ +static void destroy(private_iface_t *this) +{ + if (this->bridge) + { + this->bridge->disconnect_iface(this->bridge, &this->public); + } + this->mconsole->del_iface(this->mconsole, this->guestif); + destroy_tap(this); + free(this->guestif); + free(this->hostif); + free(this); +} + +/** + * create the iface instance + */ +iface_t *iface_create(char *guest, char *guestif, mconsole_t *mconsole) +{ + private_iface_t *this = malloc_thing(private_iface_t); + + this->public.get_hostif = (char*(*)(iface_t*))get_hostif; + this->public.get_guestif = (char*(*)(iface_t*))get_guestif; + this->public.set_bridge = (void(*)(iface_t*, bridge_t*))set_bridge; + this->public.destroy = (void*)destroy; + + this->mconsole = mconsole; + this->guestif = strdup(guestif); + this->hostif = create_tap(this, guest); + this->bridge = NULL; + if (this->hostif == NULL) + { + destroy_tap(this); + free(this->guestif); + free(this); + return NULL; + } + if (!this->mconsole->add_iface(this->mconsole, this->guestif, this->hostif)) + { + DBG1("creating interface '%s' in guest failed", this->guestif); + destroy_tap(this); + free(this->guestif); + free(this->hostif); + free(this); + return NULL; + } + return &this->public; +} + diff --git a/src/dumm/iface.h b/src/dumm/iface.h new file mode 100644 index 000000000..59de99f22 --- /dev/null +++ b/src/dumm/iface.h @@ -0,0 +1,79 @@ +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#ifndef IFACE_H +#define IFACE_H + +#include +#include + +#define TAP_DEVICE "/dev/net/tun" + +typedef struct iface_t iface_t; + +#include "mconsole.h" +#include "bridge.h" + +/** + * @brief Interface in a guest, connected to a tap device on the host. + */ +struct iface_t { + + /** + * @brief Get the interface name in the guest (e.g. eth0). + * + * @return guest interface name + */ + char* (*get_guestif)(iface_t *this); + + /** + * @brief Get the interface name at the host (e.g. tap0). + * + * @return host interface (tap device) name + */ + char* (*get_hostif)(iface_t *this); + + /** + * @brief Set the bridge this interface is attached to. + * + * @param bridge assigned bridge, or NULL for none + */ + void (*set_bridge)(iface_t *this, bridge_t *bridge); + + /* + bool (*up) (iface_t *this); + bool (*down) (iface_t *this); + bool (*add_addr) (iface_t *this, host_t *addr); + iterator_t* (*create_addr_iterator) (iface_t *this); + */ + + /** + * @brief Destroy an interface + */ + void (*destroy) (iface_t *this); +}; + +/** + * @brief Create a new interface for a guest + * + * @param guest name of the guest for this interface + * @param guestif name of the interface in the guest + * @param mconsole mconsole of guest + * @return interface descriptor, or NULL if failed + */ +iface_t *iface_create(char *guest, char *guestif, mconsole_t *mconsole); + +#endif /* IFACE_H */ + diff --git a/src/dumm/main.c b/src/dumm/main.c new file mode 100644 index 000000000..d6e142e24 --- /dev/null +++ b/src/dumm/main.c @@ -0,0 +1,632 @@ +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#define _GNU_SOURCE + +#include +#include +#include +#include +#include +#include +#include +#include + +#include "dumm.h" + +/** + * global set of UMLs guests + */ +dumm_t *dumm; + +/** + * show usage information (program arguments) + */ +static void usage() +{ + printf("Usage:\n"); + printf(" --dir|-d set working dir to \n"); + printf(" --help|-h show this help\n"); +} + +/** + * readline() wrapper + */ +static char* get_line(char *format, ...) +{ + char *line = NULL; + char *prompt = ""; + va_list args; + + va_start(args, format); + vasprintf(&prompt, format, args); + va_end(args); + + while (TRUE) + { + line = readline(prompt); + if (line == NULL) + { + printf("quit\n"); + dumm->destroy(dumm); + clear_history(); + exit(0); + } + if (*line == '\0') + { + free(line); + continue; + } + add_history(line); + break; + } + free(prompt); + return line; +} + +/** + * get a guest by name + */ +static guest_t* get_guest(char *name) +{ + iterator_t *iterator; + guest_t *guest = NULL; + + iterator = dumm->create_guest_iterator(dumm); + while (iterator->iterate(iterator, (void**)&guest)) + { + if (streq(guest->get_name(guest), name)) + { + break; + } + guest = NULL; + } + iterator->destroy(iterator); + return guest; +} + +/** + * get a bridge by name + */ +static bridge_t* get_bridge(char *name) +{ + iterator_t *iterator; + bridge_t *bridge = NULL; + + iterator = dumm->create_bridge_iterator(dumm); + while (iterator->iterate(iterator, (void**)&bridge)) + { + if (streq(bridge->get_name(bridge), name)) + { + break; + } + bridge = NULL; + } + iterator->destroy(iterator); + return bridge; +} + +/** + * get an interface by guest name + */ +static iface_t* get_iface(char *name, char *ifname) +{ + iterator_t *guests, *ifaces; + guest_t *guest; + iface_t *iface; + + guests = dumm->create_guest_iterator(dumm); + while (guests->iterate(guests, (void**)&guest)) + { + if (streq(guest->get_name(guest), name)) + { + iface = NULL; + ifaces = guest->create_iface_iterator(guest); + while (ifaces->iterate(ifaces, (void**)&iface)) + { + if (streq(iface->get_guestif(iface), ifname)) + { + break; + } + iface = NULL; + } + ifaces->destroy(ifaces); + if (iface) + { + break; + } + } + } + guests->destroy(guests); + return iface; +} + +static void guest_addif_menu(guest_t *guest) +{ + char *name; + + name = get_line("interface name: "); + + if (!guest->create_iface(guest, name)) + { + printf("creating interface failed\n"); + } + free(name); +} + +static void guest_delif_menu(guest_t *guest) +{ + char *name; + iface_t *iface; + iterator_t *iterator; + bool found = FALSE; + + name = get_line("interface name: "); + + iterator = guest->create_iface_iterator(guest); + while (iterator->iterate(iterator, (void**)&iface)) + { + if (streq(iface->get_guestif(iface), name)) + { + iterator->remove(iterator); + iface->destroy(iface); + found = TRUE; + break; + } + } + iterator->destroy(iterator); + + if (!found) + { + printf("interface '%s' not found\n"); + } + free(name); +} + +static void guest_console(guest_t *guest) +{ + int con; + + for (con = 1; con <= 6; con++) + { + char *pts = guest->get_console(guest, con); + if (pts) + { + printf("%d: %s\n", con, pts); + free(pts); + } + } +} + +static void guest_menu(guest_t *guest) +{ + while (TRUE) + { + char *line = get_line("guest/%s# ", guest->get_name(guest)); + + if (streq(line, "back")) + { + free(line); + break; + } + else if (streq(line, "start")) + { + if (guest->start(guest)) + { + printf("guest '%s' is running\n", guest->get_name(guest)); + } + else + { + printf("failed to start guest '%s'\n", guest->get_name(guest)); + } + } + else if (streq(line, "stop")) + { + printf("stopping guest '%s'...\n", guest->get_name(guest)); + guest->stop(guest); + printf("guest '%s' is down\n", guest->get_name(guest)); + } + else if (streq(line, "addif")) + { + guest_addif_menu(guest); + } + else if (streq(line, "delif")) + { + guest_delif_menu(guest); + } + else if (streq(line, "console")) + { + guest_console(guest); + } + else + { + printf("back|start|stop|addif|delif|console\n"); + } + free(line); + } +} + +static void guest_create_menu() +{ + char *name, *kernel, *master, *mem; + guest_t *guest; + + name = get_line("guest name: "); + kernel = get_line("kernel image: "); + master = get_line("master filesystem: "); + mem = get_line("amount of memory in MB: "); + + guest = dumm->create_guest(dumm, name, kernel, master, atoi(mem)); + if (guest) + { + printf("guest '%s' created\n", guest->get_name(guest)); + guest_menu(guest); + } + else + { + printf("failed to create guest '%s'\n", name); + } + free(name); + free(kernel); + free(master); + free(mem); +} + +static void guest_list_menu() +{ + while (TRUE) + { + iterator_t *iterator; + guest_t *guest; + char *line = get_line("guest# "); + + if (streq(line, "back")) + { + free(line); + break; + } + else if (streq(line, "list")) + { + iterator = dumm->create_guest_iterator(dumm); + while (iterator->iterate(iterator, (void**)&guest)) + { + printf("%s\n", guest->get_name(guest)); + } + iterator->destroy(iterator); + } + else if (streq(line, "create")) + { + guest_create_menu(); + } + else + { + guest = get_guest(line); + if (guest) + { + guest_menu(guest); + } + else + { + printf("back|list|create|\n"); + } + } + free(line); + } +} + +static void bridge_addif_menu(bridge_t *bridge) +{ + char *name, *ifname; + iface_t *iface; + + name = get_line("guest name: "); + ifname = get_line("interface name: "); + + iface = get_iface(name, ifname); + if (!iface) + { + printf("guest '%s' has no interface named '%s'\n", name, ifname); + } + else if (!bridge->connect_iface(bridge, iface)) + { + printf("failed to add interface '%s' to bridge '%s'\n", ifname, + bridge->get_name(bridge)); + } + free(name); + free(ifname); +} + +static void bridge_delif_menu(bridge_t *bridge) +{ + char *name, *ifname; + iface_t *iface; + + name = get_line("guest name: "); + ifname = get_line("interface name: "); + + iface = get_iface(name, ifname); + if (!iface) + { + printf("guest '%s' has no interface named '%s'\n", name, ifname); + } + else if (!bridge->disconnect_iface(bridge, iface)) + { + printf("failed to remove interface '%s' from bridge '%s'\n", ifname, + bridge->get_name(bridge)); + } + free(name); + free(ifname); +} + +static void bridge_menu(bridge_t *bridge) +{ + while (TRUE) + { + char *line = get_line("bridge/%s# ", bridge->get_name(bridge)); + + if (streq(line, "back")) + { + free(line); + break; + } + else if (streq(line, "list")) + { + iterator_t *iterator; + iface_t *iface; + + iterator = bridge->create_iface_iterator(bridge); + while (iterator->iterate(iterator, (void**)&iface)) + { + printf("%s (%s)\n", iface->get_guestif(iface), iface->get_hostif(iface)); + } + iterator->destroy(iterator); + } + else if (streq(line, "addif")) + { + bridge_addif_menu(bridge); + } + else if (streq(line, "delif")) + { + bridge_delif_menu(bridge); + } + else + { + printf("back|list|addif|delif\n"); + } + free(line); + } +} + +static void bridge_create_menu() +{ + char *name; + bridge_t *bridge; + + name = get_line("bridge name: "); + + bridge = dumm->create_bridge(dumm, name); + if (bridge) + { + printf("bridge '%s' created\n", bridge->get_name(bridge)); + bridge_menu(bridge); + } + else + { + printf("failed to create bridge '%s'\n", name); + } + free(name); +} + +static void bridge_list_menu() +{ + while (TRUE) + { + iterator_t *iterator; + bridge_t *bridge; + char *line = get_line("bridge# "); + + if (streq(line, "back")) + { + free(line); + break; + } + else if (streq(line, "list")) + { + iterator = dumm->create_bridge_iterator(dumm); + while (iterator->iterate(iterator, (void**)&bridge)) + { + printf("%s\n", bridge->get_name(bridge)); + } + iterator->destroy(iterator); + } + else if (streq(line, "create")) + { + bridge_create_menu(); + } + else + { + bridge = get_bridge(line); + if (bridge) + { + bridge_menu(bridge); + } + else + { + printf("back|list|create|\n"); + } + } + free(line); + } +} + +static void template_menu() +{ + char *name; + + name = get_line("template name (or 'none'): "); + + dumm->load_template(dumm, streq(name, "none") ? NULL : name); + + free(name); +} + +typedef bool (*uml_test_t)(dumm_t *dumm); + +static void test_menu() +{ + char *name; + void *handle; + struct dirent *ent; + DIR *dir; + uml_test_t test; + + name = get_line("test name: "); + + dir = opendir("tests"); + if (dir) + { + while ((ent = readdir(dir))) + { + char buf[PATH_MAX]; + size_t len; + + len = strlen(ent->d_name); + if (strlen(ent->d_name) < 4 || !streq(ent->d_name + len - 3, ".so")) + { + continue; + } + + snprintf(buf, sizeof(buf), "%s/%s", "tests", ent->d_name); + handle = dlopen(buf, RTLD_LAZY); + if (!handle) + { + printf("failed to open test %s\n", ent->d_name); + continue; + } + test = dlsym(handle, "test"); + if (test && dumm->load_template(dumm, ent->d_name)) + { + printf("running test %s: ", ent->d_name); + if (test(dumm)) + { + printf("success\n"); + } + else + { + printf("failed\n"); + } + } + else + { + printf("failed to open test %s\n", ent->d_name); + } + dlclose(handle); + } + } + free(name); +} + +/** + * Signal handler + */ +void signal_action(int sig, siginfo_t *info, void *ucontext) +{ + dumm->destroy(dumm); + clear_history(); + exit(0); +} + +/** + * main routine, parses args and reads from console + */ +int main(int argc, char *argv[]) +{ + struct sigaction action; + char *dir = "."; + + while (TRUE) + { + struct option options[] = { + {"dir", 1, 0, 0}, + {"help", 0, 0, 0}, + {0, 0, 0, 0} + }; + + switch (getopt_long(argc, argv, "d:h", options, NULL)) + { + case -1: + break; + case 'd': + dir = optarg; + continue; + case 'h': + usage(); + return 0; + default: + usage(); + return 1; + } + break; + } + + memset(&action, 0, sizeof(action)); + action.sa_sigaction = signal_action; + action.sa_flags = SA_SIGINFO; + if (sigaction(SIGINT, &action, NULL) != 0 || + sigaction(SIGQUIT, &action, NULL) != 0 || + sigaction(SIGTERM, &action, NULL) != 0) + { + printf("signal handler setup failed: %m.\n"); + return 1; + } + + dumm = dumm_create(dir); + while (TRUE) + { + char *line = get_line("# "); + + if (streq(line, "quit")) + { + free(line); + break; + } + else if (streq(line, "guest")) + { + guest_list_menu(); + } + else if (streq(line, "bridge")) + { + bridge_list_menu(); + } + else if (streq(line, "template")) + { + template_menu(); + } + else if (streq(line, "test")) + { + test_menu(); + } + else + { + printf("quit|guest|bridge|template|test\n"); + } + free(line); + } + dumm->load_template(dumm, NULL); + dumm->destroy(dumm); + clear_history(); + return 0; +} + diff --git a/src/dumm/mconsole.c b/src/dumm/mconsole.c new file mode 100644 index 000000000..25cb84621 --- /dev/null +++ b/src/dumm/mconsole.c @@ -0,0 +1,349 @@ +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * Copyright (C) 2001-2004 Jeff Dike + * + * Based on the "uml_mconsole" utility from Jeff Dike. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#define _GNU_SOURCE + +#include +#include +#include +#include +#include +#include + +#include + +#include "mconsole.h" + +#define MCONSOLE_MAGIC 0xcafebabe +#define MCONSOLE_VERSION 2 +#define MCONSOLE_MAX_DATA 512 + +typedef struct private_mconsole_t private_mconsole_t; + +struct private_mconsole_t { + /** public interface */ + mconsole_t public; + /** mconsole socket */ + int console; + /** notify socket */ + int notify; + /** address of uml socket */ + struct sockaddr_un uml; +}; + +/** + * mconsole message format from "arch/um/include/mconsole.h" + */ +typedef struct mconsole_request mconsole_request; +/** mconsole request message */ +struct mconsole_request { + u_int32_t magic; + u_int32_t version; + u_int32_t len; + char data[MCONSOLE_MAX_DATA]; +}; + + +typedef struct mconsole_reply mconsole_reply; +/** mconsole reply message */ +struct mconsole_reply { + u_int32_t err; + u_int32_t more; + u_int32_t len; + char data[MCONSOLE_MAX_DATA]; +}; + +typedef struct mconsole_notify mconsole_notify; +/** mconsole notify message */ +struct mconsole_notify { + u_int32_t magic; + u_int32_t version; + enum { + MCONSOLE_SOCKET, + MCONSOLE_PANIC, + MCONSOLE_HANG, + MCONSOLE_USER_NOTIFY, + } type; + u_int32_t len; + char data[MCONSOLE_MAX_DATA]; +}; + +/** + * send a request to UML using mconsole + */ +static int request(private_mconsole_t *this, char *command, + char buf[], size_t *size) +{ + mconsole_request request; + mconsole_reply reply; + int len, total = 0; + + memset(&request, 0, sizeof(request)); + request.magic = MCONSOLE_MAGIC; + request.version = MCONSOLE_VERSION; + request.len = min(strlen(command), sizeof(reply.data) - 1); + strncpy(request.data, command, request.len); + *buf = '\0'; + (*size)--; + + if (sendto(this->console, &request, sizeof(request), 0, + (struct sockaddr*)&this->uml, sizeof(this->uml)) < 0) + { + snprintf(buf, *size, "sending mconsole command to UML failed: %m"); + return -1; + } + do + { + len = recv(this->console, &reply, sizeof(reply), 0); + if (len < 0) + { + snprintf(buf, *size, "receiving from mconsole failed: %m"); + return -1; + } + if (len > 0) + { + strncat(buf, reply.data, min(reply.len, *size - total)); + total += reply.len; + } + } + while (reply.more); + + *size = total; + return reply.err; +} + +/** + * Implementation of mconsole_t.add_iface. + */ +static bool add_iface(private_mconsole_t *this, char *guest, char *host) +{ + char buf[128]; + int len; + + len = snprintf(buf, sizeof(buf), "config %s=tuntap,%s", guest, host); + if (len < 0 || len >= sizeof(buf)) + { + return FALSE; + } + len = sizeof(buf); + if (request(this, buf, buf, &len) != 0) + { + DBG1("adding interface failed: %.*s", len, buf); + return FALSE; + } + return TRUE; +} + +/** + * Implementation of mconsole_t.del_iface. + */ +static bool del_iface(private_mconsole_t *this, char *guest) +{ + char buf[128]; + int len; + + len = snprintf(buf, sizeof(buf), "remove %s", guest); + if (len < 0 || len >= sizeof(buf)) + { + return FALSE; + } + if (request(this, buf, buf, &len) != 0) + { + DBG1("removing interface failed: %.*s", len, buf); + return FALSE; + } + return TRUE; +} + +/** + * Implementation of mconsole_t.get_console_pts. + */ +static char* get_console_pts(private_mconsole_t *this, int con) +{ + char buf[128]; + char *pos; + int len; + + len = snprintf(buf, sizeof(buf), "config con%d", con); + if (len < 0 || len >= sizeof(buf)) + { + return NULL; + } + len = sizeof(buf); + if (request(this, buf, buf, &len) != 0) + { + DBG1("getting console pts failed: %.*s", len, buf); + return NULL; + } + pos = memchr(buf, ':', len); + if (pos == NULL) + { + return NULL; + } + pos++; + return strndup(pos, len - (pos - buf)); +} + +/** + * Poll until guest is ready + */ +static bool wait_bootup(private_mconsole_t *this) +{ + char *cmd, buf[128]; + int len, res; + + cmd = "config con0"; + while (TRUE) + { + len = sizeof(buf); + res = request(this, cmd, buf, &len); + if (res < 0) + { + return FALSE; + } + if (res == 0) + { + return TRUE; + } + usleep(50000); + } +} + +/** + * Implementation of mconsole_t.destroy. + */ +static void destroy(private_mconsole_t *this) +{ + close(this->console); + close(this->notify); + free(this); +} + +/** + * setup the mconsole notify connection and wait for its readyness + */ +static bool wait_for_notify(private_mconsole_t *this, char *nsock) +{ + struct sockaddr_un addr; + mconsole_notify notify; + int len; + + this->notify = socket(AF_UNIX, SOCK_DGRAM, 0); + if (this->notify < 0) + { + DBG1("opening mconsole notify socket failed: %m"); + return FALSE; + } + memset(&addr, 0, sizeof(addr)); + addr.sun_family = AF_UNIX; + strncpy(addr.sun_path, nsock, sizeof(addr)); + if (bind(this->notify, (struct sockaddr*)&addr, sizeof(addr)) < 0) + { + DBG1("binding mconsole notify socket to '%s' failed: %m", nsock); + close(this->notify); + return FALSE; + } + do + { + len = recvfrom(this->notify, ¬ify, sizeof(notify), 0, NULL, 0); + } while (len < 0 && errno == EINTR); + if (len < 0 || len >= sizeof(notify)) + { + DBG1("reading from mconsole notify socket failed: %m"); + close(this->notify); + unlink(nsock); + return FALSE; + } + if (notify.magic != MCONSOLE_MAGIC || + notify.version != MCONSOLE_VERSION || + notify.type != MCONSOLE_SOCKET) + { + DBG1("received unexpected message from mconsole notify socket: %b", + ¬ify, sizeof(notify)); + close(this->notify); + unlink(nsock); + return FALSE; + } + memset(&this->uml, 0, sizeof(this->uml)); + this->uml.sun_family = AF_UNIX; + strncpy(this->uml.sun_path, (char*)¬ify.data, sizeof(this->uml.sun_path)); + return TRUE; +} + +/** + * setup the mconsole console connection + */ +static bool setup_console(private_mconsole_t *this) +{ + struct sockaddr_un addr; + + this->console = socket(AF_UNIX, SOCK_DGRAM, 0); + if (this->console < 0) + { + DBG1("opening mconsole socket failed: %m"); + return FALSE; + } + memset(&addr, 0, sizeof(addr)); + addr.sun_family = AF_UNIX; + snprintf(&addr.sun_path[1], sizeof(addr.sun_path), "%5d-%d", + getpid(), this->console); + if (bind(this->console, (struct sockaddr*)&addr, sizeof(addr)) < 0) + { + DBG1("binding mconsole socket to '%s' failed: %m", &addr.sun_path[1]); + close(this->console); + return FALSE; + } + return TRUE; +} + +/** + * create the mconsole instance + */ +mconsole_t *mconsole_create(char *notify) +{ + private_mconsole_t *this = malloc_thing(private_mconsole_t); + + this->public.add_iface = (bool(*)(mconsole_t*, char *guest, char *host))add_iface; + this->public.del_iface = (bool(*)(mconsole_t*, char *guest))del_iface; + this->public.get_console_pts = (char*(*)(mconsole_t*, int con))get_console_pts; + this->public.destroy = (void*)destroy; + + if (!wait_for_notify(this, notify)) + { + free(this); + return NULL; + } + + if (!setup_console(this)) + { + close(this->notify); + unlink(notify); + free(this); + return NULL; + } + unlink(notify); + + if (!wait_bootup(this)) + { + destroy(this); + return NULL; + } + + return &this->public; +} + diff --git a/src/dumm/mconsole.h b/src/dumm/mconsole.h new file mode 100644 index 000000000..53aaa1b8b --- /dev/null +++ b/src/dumm/mconsole.h @@ -0,0 +1,71 @@ +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#ifndef MCONSOLE_H +#define MCONSOLE_H + +#include + +typedef struct mconsole_t mconsole_t; + +/** + * @brief UML mconsole, change running UML configuration using mconsole. + */ +struct mconsole_t { + + /** + * @brief Create a guest interface and connect it to tap host interface. + * + * @param guest name of the interface to create in the guest + * @param host name of the tap device to connect guest to + * @return TRUE if interface created + */ + bool (*add_iface)(mconsole_t *this, char *guest, char *host); + + /** + * @brief Delete a guest interface. + * + * @param guest name of the interface to delete on the guest + * @return TRUE if interface deleted + */ + bool (*del_iface)(mconsole_t *this, char *guest); + + /** + * @brief Get the pts device file assigned to a console. + * + * @param con console number in guest + * @return allocated device string + */ + char* (*get_console_pts)(mconsole_t *this, int con); + + /** + * @brief Destroy the mconsole instance + */ + void (*destroy) (mconsole_t *this); +}; + +/** + * @brief Create a new mconsole connection to a guest. + * + * Waits for a notification from the guest through the notify socket and tries + * to connect to the mconsole socket supplied in the received notification. + * + * @param notify unix notify socket path + * @return mconsole instance, or NULL if failed + */ +mconsole_t *mconsole_create(char *notify); + +#endif /* MCONSOLE_H */ + diff --git a/src/include/Makefile.in b/src/include/Makefile.in index 7fb9ccb22..656073f87 100644 --- a/src/include/Makefile.in +++ b/src/include/Makefile.in @@ -1,8 +1,8 @@ -# Makefile.in generated by automake 1.9.6 from Makefile.am. +# Makefile.in generated by automake 1.10 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -13,15 +13,11 @@ # PARTICULAR PURPOSE. @SET_MAKE@ -srcdir = @srcdir@ -top_srcdir = @top_srcdir@ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ -top_builddir = ../.. am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -INSTALL = @INSTALL@ install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c @@ -47,16 +43,12 @@ SOURCES = DIST_SOURCES = DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) ACLOCAL = @ACLOCAL@ -AMDEP_FALSE = @AMDEP_FALSE@ -AMDEP_TRUE = @AMDEP_TRUE@ AMTAR = @AMTAR@ AR = @AR@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ -BUILD_EAP_SIM_FALSE = @BUILD_EAP_SIM_FALSE@ -BUILD_EAP_SIM_TRUE = @BUILD_EAP_SIM_TRUE@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ @@ -79,10 +71,13 @@ F77 = @F77@ FFLAGS = @FFLAGS@ GPERF = @GPERF@ GREP = @GREP@ +INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@ +IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ @@ -94,6 +89,7 @@ LINUX_HEADERS = @LINUX_HEADERS@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ +MKDIR_P = @MKDIR_P@ OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ @@ -109,34 +105,16 @@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ STRIP = @STRIP@ -USE_CISCO_QUIRKS_FALSE = @USE_CISCO_QUIRKS_FALSE@ -USE_CISCO_QUIRKS_TRUE = @USE_CISCO_QUIRKS_TRUE@ -USE_LEAK_DETECTIVE_FALSE = @USE_LEAK_DETECTIVE_FALSE@ -USE_LEAK_DETECTIVE_TRUE = @USE_LEAK_DETECTIVE_TRUE@ -USE_LIBCURL_FALSE = @USE_LIBCURL_FALSE@ -USE_LIBCURL_TRUE = @USE_LIBCURL_TRUE@ -USE_LIBDBUS_FALSE = @USE_LIBDBUS_FALSE@ -USE_LIBDBUS_TRUE = @USE_LIBDBUS_TRUE@ -USE_LIBLDAP_FALSE = @USE_LIBLDAP_FALSE@ -USE_LIBLDAP_TRUE = @USE_LIBLDAP_TRUE@ -USE_LIBXML_FALSE = @USE_LIBXML_FALSE@ -USE_LIBXML_TRUE = @USE_LIBXML_TRUE@ -USE_NAT_TRANSPORT_FALSE = @USE_NAT_TRANSPORT_FALSE@ -USE_NAT_TRANSPORT_TRUE = @USE_NAT_TRANSPORT_TRUE@ -USE_SMARTCARD_FALSE = @USE_SMARTCARD_FALSE@ -USE_SMARTCARD_TRUE = @USE_SMARTCARD_TRUE@ -USE_VENDORID_FALSE = @USE_VENDORID_FALSE@ -USE_VENDORID_TRUE = @USE_VENDORID_TRUE@ VERSION = @VERSION@ YACC = @YACC@ YFLAGS = @YFLAGS@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ ac_ct_CC = @ac_ct_CC@ ac_ct_CXX = @ac_ct_CXX@ ac_ct_F77 = @ac_ct_F77@ -am__fastdepCC_FALSE = @am__fastdepCC_FALSE@ -am__fastdepCC_TRUE = @am__fastdepCC_TRUE@ -am__fastdepCXX_FALSE = @am__fastdepCXX_FALSE@ -am__fastdepCXX_TRUE = @am__fastdepCXX_TRUE@ am__include = @am__include@ am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ @@ -149,6 +127,7 @@ build_alias = @build_alias@ build_cpu = @build_cpu@ build_os = @build_os@ build_vendor = @build_vendor@ +builddir = @builddir@ confdir = @confdir@ datadir = @datadir@ datarootdir = @datarootdir@ @@ -186,8 +165,11 @@ program_transform_name = @program_transform_name@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ +srcdir = @srcdir@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ xml_CFLAGS = @xml_CFLAGS@ xml_LIBS = @xml_LIBS@ EXTRA_DIST = linux/ipsec.h linux/netlink.h linux/rtnetlink.h \ @@ -231,10 +213,6 @@ mostlyclean-libtool: clean-libtool: -rm -rf .libs _libs - -distclean-libtool: - -rm -f libtool -uninstall-info-am: tags: TAGS TAGS: @@ -243,23 +221,21 @@ CTAGS: distdir: $(DISTFILES) - $(mkdir_p) $(distdir)/linux - @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \ - list='$(DISTFILES)'; for file in $$list; do \ - case $$file in \ - $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \ - $(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \ - esac; \ + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test "$$dir" != "$$file" && test "$$dir" != "."; then \ - dir="/$$dir"; \ - $(mkdir_p) "$(distdir)$$dir"; \ - else \ - dir=''; \ - fi; \ if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ fi; \ @@ -304,7 +280,7 @@ clean-am: clean-generic clean-libtool mostlyclean-am distclean: distclean-am -rm -f Makefile -distclean-am: clean-am distclean-generic distclean-libtool +distclean-am: clean-am distclean-generic dvi: dvi-am @@ -318,12 +294,20 @@ info-am: install-data-am: +install-dvi: install-dvi-am + install-exec-am: +install-html: install-html-am + install-info: install-info-am install-man: +install-pdf: install-pdf-am + +install-ps: install-ps-am + installcheck-am: maintainer-clean: maintainer-clean-am @@ -342,17 +326,20 @@ ps: ps-am ps-am: -uninstall-am: uninstall-info-am +uninstall-am: + +.MAKE: install-am install-strip .PHONY: all all-am check check-am clean clean-generic clean-libtool \ distclean distclean-generic distclean-libtool distdir dvi \ dvi-am html html-am info info-am install install-am \ - install-data install-data-am install-exec install-exec-am \ - install-info install-info-am install-man install-strip \ + install-data install-data-am install-dvi install-dvi-am \ + install-exec install-exec-am install-html install-html-am \ + install-info install-info-am install-man install-pdf \ + install-pdf-am install-ps install-ps-am install-strip \ installcheck installcheck-am installdirs maintainer-clean \ maintainer-clean-generic mostlyclean mostlyclean-generic \ - mostlyclean-libtool pdf pdf-am ps ps-am uninstall uninstall-am \ - uninstall-info-am + mostlyclean-libtool pdf pdf-am ps ps-am uninstall uninstall-am # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. diff --git a/src/ipsec/Makefile.in b/src/ipsec/Makefile.in index decd32b88..a784572d6 100644 --- a/src/ipsec/Makefile.in +++ b/src/ipsec/Makefile.in @@ -1,8 +1,8 @@ -# Makefile.in generated by automake 1.9.6 from Makefile.am. +# Makefile.in generated by automake 1.10 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,15 +14,11 @@ @SET_MAKE@ -srcdir = @srcdir@ -top_srcdir = @top_srcdir@ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ -top_builddir = ../.. am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -INSTALL = @INSTALL@ install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c @@ -55,16 +51,12 @@ NROFF = nroff MANS = $(dist_man8_MANS) DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) ACLOCAL = @ACLOCAL@ -AMDEP_FALSE = @AMDEP_FALSE@ -AMDEP_TRUE = @AMDEP_TRUE@ AMTAR = @AMTAR@ AR = @AR@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ -BUILD_EAP_SIM_FALSE = @BUILD_EAP_SIM_FALSE@ -BUILD_EAP_SIM_TRUE = @BUILD_EAP_SIM_TRUE@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ @@ -87,10 +79,13 @@ F77 = @F77@ FFLAGS = @FFLAGS@ GPERF = @GPERF@ GREP = @GREP@ +INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@ +IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ @@ -102,6 +97,7 @@ LINUX_HEADERS = @LINUX_HEADERS@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ +MKDIR_P = @MKDIR_P@ OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ @@ -117,34 +113,16 @@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ STRIP = @STRIP@ -USE_CISCO_QUIRKS_FALSE = @USE_CISCO_QUIRKS_FALSE@ -USE_CISCO_QUIRKS_TRUE = @USE_CISCO_QUIRKS_TRUE@ -USE_LEAK_DETECTIVE_FALSE = @USE_LEAK_DETECTIVE_FALSE@ -USE_LEAK_DETECTIVE_TRUE = @USE_LEAK_DETECTIVE_TRUE@ -USE_LIBCURL_FALSE = @USE_LIBCURL_FALSE@ -USE_LIBCURL_TRUE = @USE_LIBCURL_TRUE@ -USE_LIBDBUS_FALSE = @USE_LIBDBUS_FALSE@ -USE_LIBDBUS_TRUE = @USE_LIBDBUS_TRUE@ -USE_LIBLDAP_FALSE = @USE_LIBLDAP_FALSE@ -USE_LIBLDAP_TRUE = @USE_LIBLDAP_TRUE@ -USE_LIBXML_FALSE = @USE_LIBXML_FALSE@ -USE_LIBXML_TRUE = @USE_LIBXML_TRUE@ -USE_NAT_TRANSPORT_FALSE = @USE_NAT_TRANSPORT_FALSE@ -USE_NAT_TRANSPORT_TRUE = @USE_NAT_TRANSPORT_TRUE@ -USE_SMARTCARD_FALSE = @USE_SMARTCARD_FALSE@ -USE_SMARTCARD_TRUE = @USE_SMARTCARD_TRUE@ -USE_VENDORID_FALSE = @USE_VENDORID_FALSE@ -USE_VENDORID_TRUE = @USE_VENDORID_TRUE@ VERSION = @VERSION@ YACC = @YACC@ YFLAGS = @YFLAGS@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ ac_ct_CC = @ac_ct_CC@ ac_ct_CXX = @ac_ct_CXX@ ac_ct_F77 = @ac_ct_F77@ -am__fastdepCC_FALSE = @am__fastdepCC_FALSE@ -am__fastdepCC_TRUE = @am__fastdepCC_TRUE@ -am__fastdepCXX_FALSE = @am__fastdepCXX_FALSE@ -am__fastdepCXX_TRUE = @am__fastdepCXX_TRUE@ am__include = @am__include@ am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ @@ -157,6 +135,7 @@ build_alias = @build_alias@ build_cpu = @build_cpu@ build_os = @build_os@ build_vendor = @build_vendor@ +builddir = @builddir@ confdir = @confdir@ datadir = @datadir@ datarootdir = @datarootdir@ @@ -194,8 +173,11 @@ program_transform_name = @program_transform_name@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ +srcdir = @srcdir@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ xml_CFLAGS = @xml_CFLAGS@ xml_LIBS = @xml_LIBS@ sbin_SCRIPTS = ipsec @@ -236,7 +218,7 @@ $(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh install-sbinSCRIPTS: $(sbin_SCRIPTS) @$(NORMAL_INSTALL) - test -z "$(sbindir)" || $(mkdir_p) "$(DESTDIR)$(sbindir)" + test -z "$(sbindir)" || $(MKDIR_P) "$(DESTDIR)$(sbindir)" @list='$(sbin_SCRIPTS)'; for p in $$list; do \ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ if test -f $$d$$p; then \ @@ -259,13 +241,9 @@ mostlyclean-libtool: clean-libtool: -rm -rf .libs _libs - -distclean-libtool: - -rm -f libtool -uninstall-info-am: install-man8: $(man8_MANS) $(man_MANS) @$(NORMAL_INSTALL) - test -z "$(man8dir)" || $(mkdir_p) "$(DESTDIR)$(man8dir)" + test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)" @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ for i in $$l2; do \ @@ -316,22 +294,21 @@ CTAGS: distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \ - list='$(DISTFILES)'; for file in $$list; do \ - case $$file in \ - $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \ - $(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \ - esac; \ + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test "$$dir" != "$$file" && test "$$dir" != "."; then \ - dir="/$$dir"; \ - $(mkdir_p) "$(distdir)$$dir"; \ - else \ - dir=''; \ - fi; \ if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ fi; \ @@ -347,7 +324,7 @@ check: check-am all-am: Makefile $(SCRIPTS) $(MANS) installdirs: for dir in "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(man8dir)"; do \ - test -z "$$dir" || $(mkdir_p) "$$dir"; \ + test -z "$$dir" || $(MKDIR_P) "$$dir"; \ done install: install-am install-exec: install-exec-am @@ -380,7 +357,7 @@ clean-am: clean-generic clean-libtool mostlyclean-am distclean: distclean-am -rm -f Makefile -distclean-am: clean-am distclean-generic distclean-libtool +distclean-am: clean-am distclean-generic dvi: dvi-am @@ -394,12 +371,20 @@ info-am: install-data-am: install-man +install-dvi: install-dvi-am + install-exec-am: install-sbinSCRIPTS +install-html: install-html-am + install-info: install-info-am install-man: install-man8 +install-pdf: install-pdf-am + +install-ps: install-ps-am + installcheck-am: maintainer-clean: maintainer-clean-am @@ -418,20 +403,24 @@ ps: ps-am ps-am: -uninstall-am: uninstall-info-am uninstall-man uninstall-sbinSCRIPTS +uninstall-am: uninstall-man uninstall-sbinSCRIPTS uninstall-man: uninstall-man8 +.MAKE: install-am install-strip + .PHONY: all all-am check check-am clean clean-generic clean-libtool \ distclean distclean-generic distclean-libtool distdir dvi \ dvi-am html html-am info info-am install install-am \ - install-data install-data-am install-exec install-exec-am \ + install-data install-data-am install-dvi install-dvi-am \ + install-exec install-exec-am install-html install-html-am \ install-info install-info-am install-man install-man8 \ + install-pdf install-pdf-am install-ps install-ps-am \ install-sbinSCRIPTS install-strip installcheck installcheck-am \ installdirs maintainer-clean maintainer-clean-generic \ mostlyclean mostlyclean-generic mostlyclean-libtool pdf pdf-am \ - ps ps-am uninstall uninstall-am uninstall-info-am \ - uninstall-man uninstall-man8 uninstall-sbinSCRIPTS + ps ps-am uninstall uninstall-am uninstall-man uninstall-man8 \ + uninstall-sbinSCRIPTS ipsec : ipsec.in diff --git a/src/ipsec/ipsec.8 b/src/ipsec/ipsec.8 index b37ac2c3a..5c0835fe4 100644 --- a/src/ipsec/ipsec.8 +++ b/src/ipsec/ipsec.8 @@ -1,5 +1,5 @@ .TH IPSEC 8 "9 February 2006" -.\" RCSID $Id: ipsec.8,v 1.3 2006/02/09 19:47:38 as Exp $ +.\" RCSID $Id: ipsec.8 3268 2007-10-08 19:59:18Z andreas $ .SH NAME ipsec \- invoke IPsec utilities .SH SYNOPSIS diff --git a/src/ipsec/ipsec.in b/src/ipsec/ipsec.in index e4cedd09a..5b35c87a5 100755 --- a/src/ipsec/ipsec.in +++ b/src/ipsec/ipsec.in @@ -14,7 +14,7 @@ # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License # for more details. # -# RCSID $Id: ipsec.in,v 1.13 2006/03/09 20:09:33 as Exp $ +# RCSID $Id: ipsec.in 3268 2007-10-08 19:59:18Z andreas $ # name and version of the ipsec implementation IPSEC_NAME="@IPSEC_NAME@" @@ -64,15 +64,14 @@ case "$1" in echo " rereadacerts|rereadcrls|rereadall" echo " purgeocsp" echo " scencrypt|scdecrypt [--inbase ] [--outbase ] [--keyid ]" - echo " barf" - echo " openac" + echo " openac" echo " pluto" echo " scepclient" echo " secrets" echo " starter" echo " version" echo " whack" - echo " stoke" + echo " stroke" echo echo "Some of these functions have their own manual pages, e.g. ipsec_scepclient(8)." exit 0 @@ -110,8 +109,7 @@ down) fi exit 0 ;; -listalgs|listpubkeys|\listcards|\ -rereadsecrets|rereadgroups) +listalgs|listpubkeys|\listcards|\rereadgroups) op="$1" shift if test -e $IPSEC_PLUTO_PID @@ -123,8 +121,8 @@ rereadsecrets|rereadgroups) listcerts|listcacerts|listaacerts|\ listacerts|listgroups|listocspcerts|\ listcainfos|listcrls|listocsp|listall|\ -rereadcacerts|rereadaacerts|rereadacerts|\ -rereadocspcerts|rereadcrls|\ +rereadsecrets|rereadcacerts|rereadaacerts|\ +rereadacerts|rereadocspcerts|rereadcrls|\ rereadall|purgeocsp) op="$1" shift diff --git a/src/libcrypto/Makefile.in b/src/libcrypto/Makefile.in index f46022521..4d0cca10e 100644 --- a/src/libcrypto/Makefile.in +++ b/src/libcrypto/Makefile.in @@ -1,8 +1,8 @@ -# Makefile.in generated by automake 1.9.6 from Makefile.am. +# Makefile.in generated by automake 1.10 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,15 +14,11 @@ @SET_MAKE@ -srcdir = @srcdir@ -top_srcdir = @top_srcdir@ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ -top_builddir = ../.. am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -INSTALL = @INSTALL@ install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c @@ -56,33 +52,30 @@ am_libcrypto_a_OBJECTS = aes_xcbc_mac.$(OBJEXT) aes_cbc.$(OBJEXT) \ fcrypt.$(OBJEXT) destest.$(OBJEXT) cbc_enc.$(OBJEXT) \ ecb_enc.$(OBJEXT) libcrypto_a_OBJECTS = $(am_libcrypto_a_OBJECTS) -DEFAULT_INCLUDES = -I. -I$(srcdir) +DEFAULT_INCLUDES = -I.@am__isrc@ depcomp = $(SHELL) $(top_srcdir)/depcomp am__depfiles_maybe = depfiles COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) \ - $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \ - $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ + $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ - $(AM_LDFLAGS) $(LDFLAGS) -o $@ +LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ + $(LDFLAGS) -o $@ SOURCES = $(libcrypto_a_SOURCES) DIST_SOURCES = $(libcrypto_a_SOURCES) ETAGS = etags CTAGS = ctags DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) ACLOCAL = @ACLOCAL@ -AMDEP_FALSE = @AMDEP_FALSE@ -AMDEP_TRUE = @AMDEP_TRUE@ AMTAR = @AMTAR@ AR = @AR@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ -BUILD_EAP_SIM_FALSE = @BUILD_EAP_SIM_FALSE@ -BUILD_EAP_SIM_TRUE = @BUILD_EAP_SIM_TRUE@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ @@ -105,10 +98,13 @@ F77 = @F77@ FFLAGS = @FFLAGS@ GPERF = @GPERF@ GREP = @GREP@ +INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@ +IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ @@ -120,6 +116,7 @@ LINUX_HEADERS = @LINUX_HEADERS@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ +MKDIR_P = @MKDIR_P@ OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ @@ -135,34 +132,16 @@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ STRIP = @STRIP@ -USE_CISCO_QUIRKS_FALSE = @USE_CISCO_QUIRKS_FALSE@ -USE_CISCO_QUIRKS_TRUE = @USE_CISCO_QUIRKS_TRUE@ -USE_LEAK_DETECTIVE_FALSE = @USE_LEAK_DETECTIVE_FALSE@ -USE_LEAK_DETECTIVE_TRUE = @USE_LEAK_DETECTIVE_TRUE@ -USE_LIBCURL_FALSE = @USE_LIBCURL_FALSE@ -USE_LIBCURL_TRUE = @USE_LIBCURL_TRUE@ -USE_LIBDBUS_FALSE = @USE_LIBDBUS_FALSE@ -USE_LIBDBUS_TRUE = @USE_LIBDBUS_TRUE@ -USE_LIBLDAP_FALSE = @USE_LIBLDAP_FALSE@ -USE_LIBLDAP_TRUE = @USE_LIBLDAP_TRUE@ -USE_LIBXML_FALSE = @USE_LIBXML_FALSE@ -USE_LIBXML_TRUE = @USE_LIBXML_TRUE@ -USE_NAT_TRANSPORT_FALSE = @USE_NAT_TRANSPORT_FALSE@ -USE_NAT_TRANSPORT_TRUE = @USE_NAT_TRANSPORT_TRUE@ -USE_SMARTCARD_FALSE = @USE_SMARTCARD_FALSE@ -USE_SMARTCARD_TRUE = @USE_SMARTCARD_TRUE@ -USE_VENDORID_FALSE = @USE_VENDORID_FALSE@ -USE_VENDORID_TRUE = @USE_VENDORID_TRUE@ VERSION = @VERSION@ YACC = @YACC@ YFLAGS = @YFLAGS@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ ac_ct_CC = @ac_ct_CC@ ac_ct_CXX = @ac_ct_CXX@ ac_ct_F77 = @ac_ct_F77@ -am__fastdepCC_FALSE = @am__fastdepCC_FALSE@ -am__fastdepCC_TRUE = @am__fastdepCC_TRUE@ -am__fastdepCXX_FALSE = @am__fastdepCXX_FALSE@ -am__fastdepCXX_TRUE = @am__fastdepCXX_TRUE@ am__include = @am__include@ am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ @@ -175,6 +154,7 @@ build_alias = @build_alias@ build_cpu = @build_cpu@ build_os = @build_os@ build_vendor = @build_vendor@ +builddir = @builddir@ confdir = @confdir@ datadir = @datadir@ datarootdir = @datarootdir@ @@ -212,8 +192,11 @@ program_transform_name = @program_transform_name@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ +srcdir = @srcdir@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ xml_CFLAGS = @xml_CFLAGS@ xml_LIBS = @xml_LIBS@ noinst_LIBRARIES = libcrypto.a @@ -294,274 +277,274 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/twofish_cbc.Po@am__quote@ .c.o: -@am__fastdepCC_TRUE@ if $(COMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ $<; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Po"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(COMPILE) -c $< .c.obj: -@am__fastdepCC_TRUE@ if $(COMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ `$(CYGPATH_W) '$<'`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Po"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` .c.lo: -@am__fastdepCC_TRUE@ if $(LTCOMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ $<; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Plo"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< aes_xcbc_mac.o: libaes/aes_xcbc_mac.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT aes_xcbc_mac.o -MD -MP -MF "$(DEPDIR)/aes_xcbc_mac.Tpo" -c -o aes_xcbc_mac.o `test -f 'libaes/aes_xcbc_mac.c' || echo '$(srcdir)/'`libaes/aes_xcbc_mac.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/aes_xcbc_mac.Tpo" "$(DEPDIR)/aes_xcbc_mac.Po"; else rm -f "$(DEPDIR)/aes_xcbc_mac.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT aes_xcbc_mac.o -MD -MP -MF $(DEPDIR)/aes_xcbc_mac.Tpo -c -o aes_xcbc_mac.o `test -f 'libaes/aes_xcbc_mac.c' || echo '$(srcdir)/'`libaes/aes_xcbc_mac.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/aes_xcbc_mac.Tpo $(DEPDIR)/aes_xcbc_mac.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libaes/aes_xcbc_mac.c' object='aes_xcbc_mac.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o aes_xcbc_mac.o `test -f 'libaes/aes_xcbc_mac.c' || echo '$(srcdir)/'`libaes/aes_xcbc_mac.c aes_xcbc_mac.obj: libaes/aes_xcbc_mac.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT aes_xcbc_mac.obj -MD -MP -MF "$(DEPDIR)/aes_xcbc_mac.Tpo" -c -o aes_xcbc_mac.obj `if test -f 'libaes/aes_xcbc_mac.c'; then $(CYGPATH_W) 'libaes/aes_xcbc_mac.c'; else $(CYGPATH_W) '$(srcdir)/libaes/aes_xcbc_mac.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/aes_xcbc_mac.Tpo" "$(DEPDIR)/aes_xcbc_mac.Po"; else rm -f "$(DEPDIR)/aes_xcbc_mac.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT aes_xcbc_mac.obj -MD -MP -MF $(DEPDIR)/aes_xcbc_mac.Tpo -c -o aes_xcbc_mac.obj `if test -f 'libaes/aes_xcbc_mac.c'; then $(CYGPATH_W) 'libaes/aes_xcbc_mac.c'; else $(CYGPATH_W) '$(srcdir)/libaes/aes_xcbc_mac.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/aes_xcbc_mac.Tpo $(DEPDIR)/aes_xcbc_mac.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libaes/aes_xcbc_mac.c' object='aes_xcbc_mac.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o aes_xcbc_mac.obj `if test -f 'libaes/aes_xcbc_mac.c'; then $(CYGPATH_W) 'libaes/aes_xcbc_mac.c'; else $(CYGPATH_W) '$(srcdir)/libaes/aes_xcbc_mac.c'; fi` aes_cbc.o: libaes/aes_cbc.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT aes_cbc.o -MD -MP -MF "$(DEPDIR)/aes_cbc.Tpo" -c -o aes_cbc.o `test -f 'libaes/aes_cbc.c' || echo '$(srcdir)/'`libaes/aes_cbc.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/aes_cbc.Tpo" "$(DEPDIR)/aes_cbc.Po"; else rm -f "$(DEPDIR)/aes_cbc.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT aes_cbc.o -MD -MP -MF $(DEPDIR)/aes_cbc.Tpo -c -o aes_cbc.o `test -f 'libaes/aes_cbc.c' || echo '$(srcdir)/'`libaes/aes_cbc.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/aes_cbc.Tpo $(DEPDIR)/aes_cbc.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libaes/aes_cbc.c' object='aes_cbc.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o aes_cbc.o `test -f 'libaes/aes_cbc.c' || echo '$(srcdir)/'`libaes/aes_cbc.c aes_cbc.obj: libaes/aes_cbc.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT aes_cbc.obj -MD -MP -MF "$(DEPDIR)/aes_cbc.Tpo" -c -o aes_cbc.obj `if test -f 'libaes/aes_cbc.c'; then $(CYGPATH_W) 'libaes/aes_cbc.c'; else $(CYGPATH_W) '$(srcdir)/libaes/aes_cbc.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/aes_cbc.Tpo" "$(DEPDIR)/aes_cbc.Po"; else rm -f "$(DEPDIR)/aes_cbc.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT aes_cbc.obj -MD -MP -MF $(DEPDIR)/aes_cbc.Tpo -c -o aes_cbc.obj `if test -f 'libaes/aes_cbc.c'; then $(CYGPATH_W) 'libaes/aes_cbc.c'; else $(CYGPATH_W) '$(srcdir)/libaes/aes_cbc.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/aes_cbc.Tpo $(DEPDIR)/aes_cbc.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libaes/aes_cbc.c' object='aes_cbc.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o aes_cbc.obj `if test -f 'libaes/aes_cbc.c'; then $(CYGPATH_W) 'libaes/aes_cbc.c'; else $(CYGPATH_W) '$(srcdir)/libaes/aes_cbc.c'; fi` aes.o: libaes/aes.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT aes.o -MD -MP -MF "$(DEPDIR)/aes.Tpo" -c -o aes.o `test -f 'libaes/aes.c' || echo '$(srcdir)/'`libaes/aes.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/aes.Tpo" "$(DEPDIR)/aes.Po"; else rm -f "$(DEPDIR)/aes.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT aes.o -MD -MP -MF $(DEPDIR)/aes.Tpo -c -o aes.o `test -f 'libaes/aes.c' || echo '$(srcdir)/'`libaes/aes.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/aes.Tpo $(DEPDIR)/aes.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libaes/aes.c' object='aes.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o aes.o `test -f 'libaes/aes.c' || echo '$(srcdir)/'`libaes/aes.c aes.obj: libaes/aes.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT aes.obj -MD -MP -MF "$(DEPDIR)/aes.Tpo" -c -o aes.obj `if test -f 'libaes/aes.c'; then $(CYGPATH_W) 'libaes/aes.c'; else $(CYGPATH_W) '$(srcdir)/libaes/aes.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/aes.Tpo" "$(DEPDIR)/aes.Po"; else rm -f "$(DEPDIR)/aes.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT aes.obj -MD -MP -MF $(DEPDIR)/aes.Tpo -c -o aes.obj `if test -f 'libaes/aes.c'; then $(CYGPATH_W) 'libaes/aes.c'; else $(CYGPATH_W) '$(srcdir)/libaes/aes.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/aes.Tpo $(DEPDIR)/aes.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libaes/aes.c' object='aes.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o aes.obj `if test -f 'libaes/aes.c'; then $(CYGPATH_W) 'libaes/aes.c'; else $(CYGPATH_W) '$(srcdir)/libaes/aes.c'; fi` bf_skey.o: libblowfish/bf_skey.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT bf_skey.o -MD -MP -MF "$(DEPDIR)/bf_skey.Tpo" -c -o bf_skey.o `test -f 'libblowfish/bf_skey.c' || echo '$(srcdir)/'`libblowfish/bf_skey.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/bf_skey.Tpo" "$(DEPDIR)/bf_skey.Po"; else rm -f "$(DEPDIR)/bf_skey.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT bf_skey.o -MD -MP -MF $(DEPDIR)/bf_skey.Tpo -c -o bf_skey.o `test -f 'libblowfish/bf_skey.c' || echo '$(srcdir)/'`libblowfish/bf_skey.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/bf_skey.Tpo $(DEPDIR)/bf_skey.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libblowfish/bf_skey.c' object='bf_skey.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o bf_skey.o `test -f 'libblowfish/bf_skey.c' || echo '$(srcdir)/'`libblowfish/bf_skey.c bf_skey.obj: libblowfish/bf_skey.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT bf_skey.obj -MD -MP -MF "$(DEPDIR)/bf_skey.Tpo" -c -o bf_skey.obj `if test -f 'libblowfish/bf_skey.c'; then $(CYGPATH_W) 'libblowfish/bf_skey.c'; else $(CYGPATH_W) '$(srcdir)/libblowfish/bf_skey.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/bf_skey.Tpo" "$(DEPDIR)/bf_skey.Po"; else rm -f "$(DEPDIR)/bf_skey.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT bf_skey.obj -MD -MP -MF $(DEPDIR)/bf_skey.Tpo -c -o bf_skey.obj `if test -f 'libblowfish/bf_skey.c'; then $(CYGPATH_W) 'libblowfish/bf_skey.c'; else $(CYGPATH_W) '$(srcdir)/libblowfish/bf_skey.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/bf_skey.Tpo $(DEPDIR)/bf_skey.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libblowfish/bf_skey.c' object='bf_skey.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o bf_skey.obj `if test -f 'libblowfish/bf_skey.c'; then $(CYGPATH_W) 'libblowfish/bf_skey.c'; else $(CYGPATH_W) '$(srcdir)/libblowfish/bf_skey.c'; fi` bf_enc.o: libblowfish/bf_enc.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT bf_enc.o -MD -MP -MF "$(DEPDIR)/bf_enc.Tpo" -c -o bf_enc.o `test -f 'libblowfish/bf_enc.c' || echo '$(srcdir)/'`libblowfish/bf_enc.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/bf_enc.Tpo" "$(DEPDIR)/bf_enc.Po"; else rm -f "$(DEPDIR)/bf_enc.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT bf_enc.o -MD -MP -MF $(DEPDIR)/bf_enc.Tpo -c -o bf_enc.o `test -f 'libblowfish/bf_enc.c' || echo '$(srcdir)/'`libblowfish/bf_enc.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/bf_enc.Tpo $(DEPDIR)/bf_enc.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libblowfish/bf_enc.c' object='bf_enc.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o bf_enc.o `test -f 'libblowfish/bf_enc.c' || echo '$(srcdir)/'`libblowfish/bf_enc.c bf_enc.obj: libblowfish/bf_enc.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT bf_enc.obj -MD -MP -MF "$(DEPDIR)/bf_enc.Tpo" -c -o bf_enc.obj `if test -f 'libblowfish/bf_enc.c'; then $(CYGPATH_W) 'libblowfish/bf_enc.c'; else $(CYGPATH_W) '$(srcdir)/libblowfish/bf_enc.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/bf_enc.Tpo" "$(DEPDIR)/bf_enc.Po"; else rm -f "$(DEPDIR)/bf_enc.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT bf_enc.obj -MD -MP -MF $(DEPDIR)/bf_enc.Tpo -c -o bf_enc.obj `if test -f 'libblowfish/bf_enc.c'; then $(CYGPATH_W) 'libblowfish/bf_enc.c'; else $(CYGPATH_W) '$(srcdir)/libblowfish/bf_enc.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/bf_enc.Tpo $(DEPDIR)/bf_enc.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libblowfish/bf_enc.c' object='bf_enc.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o bf_enc.obj `if test -f 'libblowfish/bf_enc.c'; then $(CYGPATH_W) 'libblowfish/bf_enc.c'; else $(CYGPATH_W) '$(srcdir)/libblowfish/bf_enc.c'; fi` hmac_sha2.o: libsha2/hmac_sha2.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT hmac_sha2.o -MD -MP -MF "$(DEPDIR)/hmac_sha2.Tpo" -c -o hmac_sha2.o `test -f 'libsha2/hmac_sha2.c' || echo '$(srcdir)/'`libsha2/hmac_sha2.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/hmac_sha2.Tpo" "$(DEPDIR)/hmac_sha2.Po"; else rm -f "$(DEPDIR)/hmac_sha2.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT hmac_sha2.o -MD -MP -MF $(DEPDIR)/hmac_sha2.Tpo -c -o hmac_sha2.o `test -f 'libsha2/hmac_sha2.c' || echo '$(srcdir)/'`libsha2/hmac_sha2.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/hmac_sha2.Tpo $(DEPDIR)/hmac_sha2.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libsha2/hmac_sha2.c' object='hmac_sha2.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o hmac_sha2.o `test -f 'libsha2/hmac_sha2.c' || echo '$(srcdir)/'`libsha2/hmac_sha2.c hmac_sha2.obj: libsha2/hmac_sha2.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT hmac_sha2.obj -MD -MP -MF "$(DEPDIR)/hmac_sha2.Tpo" -c -o hmac_sha2.obj `if test -f 'libsha2/hmac_sha2.c'; then $(CYGPATH_W) 'libsha2/hmac_sha2.c'; else $(CYGPATH_W) '$(srcdir)/libsha2/hmac_sha2.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/hmac_sha2.Tpo" "$(DEPDIR)/hmac_sha2.Po"; else rm -f "$(DEPDIR)/hmac_sha2.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT hmac_sha2.obj -MD -MP -MF $(DEPDIR)/hmac_sha2.Tpo -c -o hmac_sha2.obj `if test -f 'libsha2/hmac_sha2.c'; then $(CYGPATH_W) 'libsha2/hmac_sha2.c'; else $(CYGPATH_W) '$(srcdir)/libsha2/hmac_sha2.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/hmac_sha2.Tpo $(DEPDIR)/hmac_sha2.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libsha2/hmac_sha2.c' object='hmac_sha2.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o hmac_sha2.obj `if test -f 'libsha2/hmac_sha2.c'; then $(CYGPATH_W) 'libsha2/hmac_sha2.c'; else $(CYGPATH_W) '$(srcdir)/libsha2/hmac_sha2.c'; fi` sha2.o: libsha2/sha2.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT sha2.o -MD -MP -MF "$(DEPDIR)/sha2.Tpo" -c -o sha2.o `test -f 'libsha2/sha2.c' || echo '$(srcdir)/'`libsha2/sha2.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/sha2.Tpo" "$(DEPDIR)/sha2.Po"; else rm -f "$(DEPDIR)/sha2.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT sha2.o -MD -MP -MF $(DEPDIR)/sha2.Tpo -c -o sha2.o `test -f 'libsha2/sha2.c' || echo '$(srcdir)/'`libsha2/sha2.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/sha2.Tpo $(DEPDIR)/sha2.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libsha2/sha2.c' object='sha2.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o sha2.o `test -f 'libsha2/sha2.c' || echo '$(srcdir)/'`libsha2/sha2.c sha2.obj: libsha2/sha2.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT sha2.obj -MD -MP -MF "$(DEPDIR)/sha2.Tpo" -c -o sha2.obj `if test -f 'libsha2/sha2.c'; then $(CYGPATH_W) 'libsha2/sha2.c'; else $(CYGPATH_W) '$(srcdir)/libsha2/sha2.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/sha2.Tpo" "$(DEPDIR)/sha2.Po"; else rm -f "$(DEPDIR)/sha2.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT sha2.obj -MD -MP -MF $(DEPDIR)/sha2.Tpo -c -o sha2.obj `if test -f 'libsha2/sha2.c'; then $(CYGPATH_W) 'libsha2/sha2.c'; else $(CYGPATH_W) '$(srcdir)/libsha2/sha2.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/sha2.Tpo $(DEPDIR)/sha2.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libsha2/sha2.c' object='sha2.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o sha2.obj `if test -f 'libsha2/sha2.c'; then $(CYGPATH_W) 'libsha2/sha2.c'; else $(CYGPATH_W) '$(srcdir)/libsha2/sha2.c'; fi` serpent_cbc.o: libserpent/serpent_cbc.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT serpent_cbc.o -MD -MP -MF "$(DEPDIR)/serpent_cbc.Tpo" -c -o serpent_cbc.o `test -f 'libserpent/serpent_cbc.c' || echo '$(srcdir)/'`libserpent/serpent_cbc.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/serpent_cbc.Tpo" "$(DEPDIR)/serpent_cbc.Po"; else rm -f "$(DEPDIR)/serpent_cbc.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT serpent_cbc.o -MD -MP -MF $(DEPDIR)/serpent_cbc.Tpo -c -o serpent_cbc.o `test -f 'libserpent/serpent_cbc.c' || echo '$(srcdir)/'`libserpent/serpent_cbc.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/serpent_cbc.Tpo $(DEPDIR)/serpent_cbc.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libserpent/serpent_cbc.c' object='serpent_cbc.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o serpent_cbc.o `test -f 'libserpent/serpent_cbc.c' || echo '$(srcdir)/'`libserpent/serpent_cbc.c serpent_cbc.obj: libserpent/serpent_cbc.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT serpent_cbc.obj -MD -MP -MF "$(DEPDIR)/serpent_cbc.Tpo" -c -o serpent_cbc.obj `if test -f 'libserpent/serpent_cbc.c'; then $(CYGPATH_W) 'libserpent/serpent_cbc.c'; else $(CYGPATH_W) '$(srcdir)/libserpent/serpent_cbc.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/serpent_cbc.Tpo" "$(DEPDIR)/serpent_cbc.Po"; else rm -f "$(DEPDIR)/serpent_cbc.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT serpent_cbc.obj -MD -MP -MF $(DEPDIR)/serpent_cbc.Tpo -c -o serpent_cbc.obj `if test -f 'libserpent/serpent_cbc.c'; then $(CYGPATH_W) 'libserpent/serpent_cbc.c'; else $(CYGPATH_W) '$(srcdir)/libserpent/serpent_cbc.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/serpent_cbc.Tpo $(DEPDIR)/serpent_cbc.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libserpent/serpent_cbc.c' object='serpent_cbc.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o serpent_cbc.obj `if test -f 'libserpent/serpent_cbc.c'; then $(CYGPATH_W) 'libserpent/serpent_cbc.c'; else $(CYGPATH_W) '$(srcdir)/libserpent/serpent_cbc.c'; fi` serpent.o: libserpent/serpent.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT serpent.o -MD -MP -MF "$(DEPDIR)/serpent.Tpo" -c -o serpent.o `test -f 'libserpent/serpent.c' || echo '$(srcdir)/'`libserpent/serpent.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/serpent.Tpo" "$(DEPDIR)/serpent.Po"; else rm -f "$(DEPDIR)/serpent.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT serpent.o -MD -MP -MF $(DEPDIR)/serpent.Tpo -c -o serpent.o `test -f 'libserpent/serpent.c' || echo '$(srcdir)/'`libserpent/serpent.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/serpent.Tpo $(DEPDIR)/serpent.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libserpent/serpent.c' object='serpent.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o serpent.o `test -f 'libserpent/serpent.c' || echo '$(srcdir)/'`libserpent/serpent.c serpent.obj: libserpent/serpent.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT serpent.obj -MD -MP -MF "$(DEPDIR)/serpent.Tpo" -c -o serpent.obj `if test -f 'libserpent/serpent.c'; then $(CYGPATH_W) 'libserpent/serpent.c'; else $(CYGPATH_W) '$(srcdir)/libserpent/serpent.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/serpent.Tpo" "$(DEPDIR)/serpent.Po"; else rm -f "$(DEPDIR)/serpent.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT serpent.obj -MD -MP -MF $(DEPDIR)/serpent.Tpo -c -o serpent.obj `if test -f 'libserpent/serpent.c'; then $(CYGPATH_W) 'libserpent/serpent.c'; else $(CYGPATH_W) '$(srcdir)/libserpent/serpent.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/serpent.Tpo $(DEPDIR)/serpent.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libserpent/serpent.c' object='serpent.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o serpent.obj `if test -f 'libserpent/serpent.c'; then $(CYGPATH_W) 'libserpent/serpent.c'; else $(CYGPATH_W) '$(srcdir)/libserpent/serpent.c'; fi` twofish_cbc.o: libtwofish/twofish_cbc.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT twofish_cbc.o -MD -MP -MF "$(DEPDIR)/twofish_cbc.Tpo" -c -o twofish_cbc.o `test -f 'libtwofish/twofish_cbc.c' || echo '$(srcdir)/'`libtwofish/twofish_cbc.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/twofish_cbc.Tpo" "$(DEPDIR)/twofish_cbc.Po"; else rm -f "$(DEPDIR)/twofish_cbc.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT twofish_cbc.o -MD -MP -MF $(DEPDIR)/twofish_cbc.Tpo -c -o twofish_cbc.o `test -f 'libtwofish/twofish_cbc.c' || echo '$(srcdir)/'`libtwofish/twofish_cbc.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/twofish_cbc.Tpo $(DEPDIR)/twofish_cbc.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtwofish/twofish_cbc.c' object='twofish_cbc.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o twofish_cbc.o `test -f 'libtwofish/twofish_cbc.c' || echo '$(srcdir)/'`libtwofish/twofish_cbc.c twofish_cbc.obj: libtwofish/twofish_cbc.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT twofish_cbc.obj -MD -MP -MF "$(DEPDIR)/twofish_cbc.Tpo" -c -o twofish_cbc.obj `if test -f 'libtwofish/twofish_cbc.c'; then $(CYGPATH_W) 'libtwofish/twofish_cbc.c'; else $(CYGPATH_W) '$(srcdir)/libtwofish/twofish_cbc.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/twofish_cbc.Tpo" "$(DEPDIR)/twofish_cbc.Po"; else rm -f "$(DEPDIR)/twofish_cbc.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT twofish_cbc.obj -MD -MP -MF $(DEPDIR)/twofish_cbc.Tpo -c -o twofish_cbc.obj `if test -f 'libtwofish/twofish_cbc.c'; then $(CYGPATH_W) 'libtwofish/twofish_cbc.c'; else $(CYGPATH_W) '$(srcdir)/libtwofish/twofish_cbc.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/twofish_cbc.Tpo $(DEPDIR)/twofish_cbc.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtwofish/twofish_cbc.c' object='twofish_cbc.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o twofish_cbc.obj `if test -f 'libtwofish/twofish_cbc.c'; then $(CYGPATH_W) 'libtwofish/twofish_cbc.c'; else $(CYGPATH_W) '$(srcdir)/libtwofish/twofish_cbc.c'; fi` twofish.o: libtwofish/twofish.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT twofish.o -MD -MP -MF "$(DEPDIR)/twofish.Tpo" -c -o twofish.o `test -f 'libtwofish/twofish.c' || echo '$(srcdir)/'`libtwofish/twofish.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/twofish.Tpo" "$(DEPDIR)/twofish.Po"; else rm -f "$(DEPDIR)/twofish.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT twofish.o -MD -MP -MF $(DEPDIR)/twofish.Tpo -c -o twofish.o `test -f 'libtwofish/twofish.c' || echo '$(srcdir)/'`libtwofish/twofish.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/twofish.Tpo $(DEPDIR)/twofish.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtwofish/twofish.c' object='twofish.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o twofish.o `test -f 'libtwofish/twofish.c' || echo '$(srcdir)/'`libtwofish/twofish.c twofish.obj: libtwofish/twofish.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT twofish.obj -MD -MP -MF "$(DEPDIR)/twofish.Tpo" -c -o twofish.obj `if test -f 'libtwofish/twofish.c'; then $(CYGPATH_W) 'libtwofish/twofish.c'; else $(CYGPATH_W) '$(srcdir)/libtwofish/twofish.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/twofish.Tpo" "$(DEPDIR)/twofish.Po"; else rm -f "$(DEPDIR)/twofish.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT twofish.obj -MD -MP -MF $(DEPDIR)/twofish.Tpo -c -o twofish.obj `if test -f 'libtwofish/twofish.c'; then $(CYGPATH_W) 'libtwofish/twofish.c'; else $(CYGPATH_W) '$(srcdir)/libtwofish/twofish.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/twofish.Tpo $(DEPDIR)/twofish.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtwofish/twofish.c' object='twofish.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o twofish.obj `if test -f 'libtwofish/twofish.c'; then $(CYGPATH_W) 'libtwofish/twofish.c'; else $(CYGPATH_W) '$(srcdir)/libtwofish/twofish.c'; fi` des_enc.o: libdes/des_enc.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT des_enc.o -MD -MP -MF "$(DEPDIR)/des_enc.Tpo" -c -o des_enc.o `test -f 'libdes/des_enc.c' || echo '$(srcdir)/'`libdes/des_enc.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/des_enc.Tpo" "$(DEPDIR)/des_enc.Po"; else rm -f "$(DEPDIR)/des_enc.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT des_enc.o -MD -MP -MF $(DEPDIR)/des_enc.Tpo -c -o des_enc.o `test -f 'libdes/des_enc.c' || echo '$(srcdir)/'`libdes/des_enc.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/des_enc.Tpo $(DEPDIR)/des_enc.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libdes/des_enc.c' object='des_enc.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o des_enc.o `test -f 'libdes/des_enc.c' || echo '$(srcdir)/'`libdes/des_enc.c des_enc.obj: libdes/des_enc.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT des_enc.obj -MD -MP -MF "$(DEPDIR)/des_enc.Tpo" -c -o des_enc.obj `if test -f 'libdes/des_enc.c'; then $(CYGPATH_W) 'libdes/des_enc.c'; else $(CYGPATH_W) '$(srcdir)/libdes/des_enc.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/des_enc.Tpo" "$(DEPDIR)/des_enc.Po"; else rm -f "$(DEPDIR)/des_enc.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT des_enc.obj -MD -MP -MF $(DEPDIR)/des_enc.Tpo -c -o des_enc.obj `if test -f 'libdes/des_enc.c'; then $(CYGPATH_W) 'libdes/des_enc.c'; else $(CYGPATH_W) '$(srcdir)/libdes/des_enc.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/des_enc.Tpo $(DEPDIR)/des_enc.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libdes/des_enc.c' object='des_enc.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o des_enc.obj `if test -f 'libdes/des_enc.c'; then $(CYGPATH_W) 'libdes/des_enc.c'; else $(CYGPATH_W) '$(srcdir)/libdes/des_enc.c'; fi` set_key.o: libdes/set_key.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT set_key.o -MD -MP -MF "$(DEPDIR)/set_key.Tpo" -c -o set_key.o `test -f 'libdes/set_key.c' || echo '$(srcdir)/'`libdes/set_key.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/set_key.Tpo" "$(DEPDIR)/set_key.Po"; else rm -f "$(DEPDIR)/set_key.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT set_key.o -MD -MP -MF $(DEPDIR)/set_key.Tpo -c -o set_key.o `test -f 'libdes/set_key.c' || echo '$(srcdir)/'`libdes/set_key.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/set_key.Tpo $(DEPDIR)/set_key.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libdes/set_key.c' object='set_key.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o set_key.o `test -f 'libdes/set_key.c' || echo '$(srcdir)/'`libdes/set_key.c set_key.obj: libdes/set_key.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT set_key.obj -MD -MP -MF "$(DEPDIR)/set_key.Tpo" -c -o set_key.obj `if test -f 'libdes/set_key.c'; then $(CYGPATH_W) 'libdes/set_key.c'; else $(CYGPATH_W) '$(srcdir)/libdes/set_key.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/set_key.Tpo" "$(DEPDIR)/set_key.Po"; else rm -f "$(DEPDIR)/set_key.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT set_key.obj -MD -MP -MF $(DEPDIR)/set_key.Tpo -c -o set_key.obj `if test -f 'libdes/set_key.c'; then $(CYGPATH_W) 'libdes/set_key.c'; else $(CYGPATH_W) '$(srcdir)/libdes/set_key.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/set_key.Tpo $(DEPDIR)/set_key.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libdes/set_key.c' object='set_key.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o set_key.obj `if test -f 'libdes/set_key.c'; then $(CYGPATH_W) 'libdes/set_key.c'; else $(CYGPATH_W) '$(srcdir)/libdes/set_key.c'; fi` fcrypt_b.o: libdes/fcrypt_b.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT fcrypt_b.o -MD -MP -MF "$(DEPDIR)/fcrypt_b.Tpo" -c -o fcrypt_b.o `test -f 'libdes/fcrypt_b.c' || echo '$(srcdir)/'`libdes/fcrypt_b.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/fcrypt_b.Tpo" "$(DEPDIR)/fcrypt_b.Po"; else rm -f "$(DEPDIR)/fcrypt_b.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT fcrypt_b.o -MD -MP -MF $(DEPDIR)/fcrypt_b.Tpo -c -o fcrypt_b.o `test -f 'libdes/fcrypt_b.c' || echo '$(srcdir)/'`libdes/fcrypt_b.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/fcrypt_b.Tpo $(DEPDIR)/fcrypt_b.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libdes/fcrypt_b.c' object='fcrypt_b.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o fcrypt_b.o `test -f 'libdes/fcrypt_b.c' || echo '$(srcdir)/'`libdes/fcrypt_b.c fcrypt_b.obj: libdes/fcrypt_b.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT fcrypt_b.obj -MD -MP -MF "$(DEPDIR)/fcrypt_b.Tpo" -c -o fcrypt_b.obj `if test -f 'libdes/fcrypt_b.c'; then $(CYGPATH_W) 'libdes/fcrypt_b.c'; else $(CYGPATH_W) '$(srcdir)/libdes/fcrypt_b.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/fcrypt_b.Tpo" "$(DEPDIR)/fcrypt_b.Po"; else rm -f "$(DEPDIR)/fcrypt_b.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT fcrypt_b.obj -MD -MP -MF $(DEPDIR)/fcrypt_b.Tpo -c -o fcrypt_b.obj `if test -f 'libdes/fcrypt_b.c'; then $(CYGPATH_W) 'libdes/fcrypt_b.c'; else $(CYGPATH_W) '$(srcdir)/libdes/fcrypt_b.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/fcrypt_b.Tpo $(DEPDIR)/fcrypt_b.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libdes/fcrypt_b.c' object='fcrypt_b.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o fcrypt_b.obj `if test -f 'libdes/fcrypt_b.c'; then $(CYGPATH_W) 'libdes/fcrypt_b.c'; else $(CYGPATH_W) '$(srcdir)/libdes/fcrypt_b.c'; fi` fcrypt.o: libdes/fcrypt.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT fcrypt.o -MD -MP -MF "$(DEPDIR)/fcrypt.Tpo" -c -o fcrypt.o `test -f 'libdes/fcrypt.c' || echo '$(srcdir)/'`libdes/fcrypt.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/fcrypt.Tpo" "$(DEPDIR)/fcrypt.Po"; else rm -f "$(DEPDIR)/fcrypt.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT fcrypt.o -MD -MP -MF $(DEPDIR)/fcrypt.Tpo -c -o fcrypt.o `test -f 'libdes/fcrypt.c' || echo '$(srcdir)/'`libdes/fcrypt.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/fcrypt.Tpo $(DEPDIR)/fcrypt.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libdes/fcrypt.c' object='fcrypt.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o fcrypt.o `test -f 'libdes/fcrypt.c' || echo '$(srcdir)/'`libdes/fcrypt.c fcrypt.obj: libdes/fcrypt.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT fcrypt.obj -MD -MP -MF "$(DEPDIR)/fcrypt.Tpo" -c -o fcrypt.obj `if test -f 'libdes/fcrypt.c'; then $(CYGPATH_W) 'libdes/fcrypt.c'; else $(CYGPATH_W) '$(srcdir)/libdes/fcrypt.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/fcrypt.Tpo" "$(DEPDIR)/fcrypt.Po"; else rm -f "$(DEPDIR)/fcrypt.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT fcrypt.obj -MD -MP -MF $(DEPDIR)/fcrypt.Tpo -c -o fcrypt.obj `if test -f 'libdes/fcrypt.c'; then $(CYGPATH_W) 'libdes/fcrypt.c'; else $(CYGPATH_W) '$(srcdir)/libdes/fcrypt.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/fcrypt.Tpo $(DEPDIR)/fcrypt.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libdes/fcrypt.c' object='fcrypt.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o fcrypt.obj `if test -f 'libdes/fcrypt.c'; then $(CYGPATH_W) 'libdes/fcrypt.c'; else $(CYGPATH_W) '$(srcdir)/libdes/fcrypt.c'; fi` destest.o: libdes/destest.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT destest.o -MD -MP -MF "$(DEPDIR)/destest.Tpo" -c -o destest.o `test -f 'libdes/destest.c' || echo '$(srcdir)/'`libdes/destest.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/destest.Tpo" "$(DEPDIR)/destest.Po"; else rm -f "$(DEPDIR)/destest.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT destest.o -MD -MP -MF $(DEPDIR)/destest.Tpo -c -o destest.o `test -f 'libdes/destest.c' || echo '$(srcdir)/'`libdes/destest.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/destest.Tpo $(DEPDIR)/destest.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libdes/destest.c' object='destest.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o destest.o `test -f 'libdes/destest.c' || echo '$(srcdir)/'`libdes/destest.c destest.obj: libdes/destest.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT destest.obj -MD -MP -MF "$(DEPDIR)/destest.Tpo" -c -o destest.obj `if test -f 'libdes/destest.c'; then $(CYGPATH_W) 'libdes/destest.c'; else $(CYGPATH_W) '$(srcdir)/libdes/destest.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/destest.Tpo" "$(DEPDIR)/destest.Po"; else rm -f "$(DEPDIR)/destest.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT destest.obj -MD -MP -MF $(DEPDIR)/destest.Tpo -c -o destest.obj `if test -f 'libdes/destest.c'; then $(CYGPATH_W) 'libdes/destest.c'; else $(CYGPATH_W) '$(srcdir)/libdes/destest.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/destest.Tpo $(DEPDIR)/destest.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libdes/destest.c' object='destest.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o destest.obj `if test -f 'libdes/destest.c'; then $(CYGPATH_W) 'libdes/destest.c'; else $(CYGPATH_W) '$(srcdir)/libdes/destest.c'; fi` cbc_enc.o: libdes/cbc_enc.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT cbc_enc.o -MD -MP -MF "$(DEPDIR)/cbc_enc.Tpo" -c -o cbc_enc.o `test -f 'libdes/cbc_enc.c' || echo '$(srcdir)/'`libdes/cbc_enc.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/cbc_enc.Tpo" "$(DEPDIR)/cbc_enc.Po"; else rm -f "$(DEPDIR)/cbc_enc.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT cbc_enc.o -MD -MP -MF $(DEPDIR)/cbc_enc.Tpo -c -o cbc_enc.o `test -f 'libdes/cbc_enc.c' || echo '$(srcdir)/'`libdes/cbc_enc.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/cbc_enc.Tpo $(DEPDIR)/cbc_enc.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libdes/cbc_enc.c' object='cbc_enc.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o cbc_enc.o `test -f 'libdes/cbc_enc.c' || echo '$(srcdir)/'`libdes/cbc_enc.c cbc_enc.obj: libdes/cbc_enc.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT cbc_enc.obj -MD -MP -MF "$(DEPDIR)/cbc_enc.Tpo" -c -o cbc_enc.obj `if test -f 'libdes/cbc_enc.c'; then $(CYGPATH_W) 'libdes/cbc_enc.c'; else $(CYGPATH_W) '$(srcdir)/libdes/cbc_enc.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/cbc_enc.Tpo" "$(DEPDIR)/cbc_enc.Po"; else rm -f "$(DEPDIR)/cbc_enc.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT cbc_enc.obj -MD -MP -MF $(DEPDIR)/cbc_enc.Tpo -c -o cbc_enc.obj `if test -f 'libdes/cbc_enc.c'; then $(CYGPATH_W) 'libdes/cbc_enc.c'; else $(CYGPATH_W) '$(srcdir)/libdes/cbc_enc.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/cbc_enc.Tpo $(DEPDIR)/cbc_enc.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libdes/cbc_enc.c' object='cbc_enc.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o cbc_enc.obj `if test -f 'libdes/cbc_enc.c'; then $(CYGPATH_W) 'libdes/cbc_enc.c'; else $(CYGPATH_W) '$(srcdir)/libdes/cbc_enc.c'; fi` ecb_enc.o: libdes/ecb_enc.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ecb_enc.o -MD -MP -MF "$(DEPDIR)/ecb_enc.Tpo" -c -o ecb_enc.o `test -f 'libdes/ecb_enc.c' || echo '$(srcdir)/'`libdes/ecb_enc.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ecb_enc.Tpo" "$(DEPDIR)/ecb_enc.Po"; else rm -f "$(DEPDIR)/ecb_enc.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ecb_enc.o -MD -MP -MF $(DEPDIR)/ecb_enc.Tpo -c -o ecb_enc.o `test -f 'libdes/ecb_enc.c' || echo '$(srcdir)/'`libdes/ecb_enc.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ecb_enc.Tpo $(DEPDIR)/ecb_enc.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libdes/ecb_enc.c' object='ecb_enc.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ecb_enc.o `test -f 'libdes/ecb_enc.c' || echo '$(srcdir)/'`libdes/ecb_enc.c ecb_enc.obj: libdes/ecb_enc.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ecb_enc.obj -MD -MP -MF "$(DEPDIR)/ecb_enc.Tpo" -c -o ecb_enc.obj `if test -f 'libdes/ecb_enc.c'; then $(CYGPATH_W) 'libdes/ecb_enc.c'; else $(CYGPATH_W) '$(srcdir)/libdes/ecb_enc.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ecb_enc.Tpo" "$(DEPDIR)/ecb_enc.Po"; else rm -f "$(DEPDIR)/ecb_enc.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ecb_enc.obj -MD -MP -MF $(DEPDIR)/ecb_enc.Tpo -c -o ecb_enc.obj `if test -f 'libdes/ecb_enc.c'; then $(CYGPATH_W) 'libdes/ecb_enc.c'; else $(CYGPATH_W) '$(srcdir)/libdes/ecb_enc.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ecb_enc.Tpo $(DEPDIR)/ecb_enc.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libdes/ecb_enc.c' object='ecb_enc.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ecb_enc.obj `if test -f 'libdes/ecb_enc.c'; then $(CYGPATH_W) 'libdes/ecb_enc.c'; else $(CYGPATH_W) '$(srcdir)/libdes/ecb_enc.c'; fi` @@ -572,10 +555,6 @@ mostlyclean-libtool: clean-libtool: -rm -rf .libs _libs -distclean-libtool: - -rm -f libtool -uninstall-info-am: - ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ @@ -625,22 +604,21 @@ distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \ - list='$(DISTFILES)'; for file in $$list; do \ - case $$file in \ - $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \ - $(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \ - esac; \ + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test "$$dir" != "$$file" && test "$$dir" != "."; then \ - dir="/$$dir"; \ - $(mkdir_p) "$(distdir)$$dir"; \ - else \ - dir=''; \ - fi; \ if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ fi; \ @@ -688,7 +666,7 @@ distclean: distclean-am -rm -rf ./$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ - distclean-libtool distclean-tags + distclean-tags dvi: dvi-am @@ -702,12 +680,20 @@ info-am: install-data-am: +install-dvi: install-dvi-am + install-exec-am: +install-html: install-html-am + install-info: install-info-am install-man: +install-pdf: install-pdf-am + +install-ps: install-ps-am + installcheck-am: maintainer-clean: maintainer-clean-am @@ -728,19 +714,22 @@ ps: ps-am ps-am: -uninstall-am: uninstall-info-am +uninstall-am: + +.MAKE: install-am install-strip .PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ clean-libtool clean-noinstLIBRARIES ctags distclean \ distclean-compile distclean-generic distclean-libtool \ distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-exec \ - install-exec-am install-info install-info-am install-man \ + install install-am install-data install-data-am install-dvi \ + install-dvi-am install-exec install-exec-am install-html \ + install-html-am install-info install-info-am install-man \ + install-pdf install-pdf-am install-ps install-ps-am \ install-strip installcheck installcheck-am installdirs \ maintainer-clean maintainer-clean-generic mostlyclean \ mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ - pdf pdf-am ps ps-am tags uninstall uninstall-am \ - uninstall-info-am + pdf pdf-am ps ps-am tags uninstall uninstall-am # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. diff --git a/src/libfreeswan/Makefile.in b/src/libfreeswan/Makefile.in index 9cb648d9d..04ae60340 100644 --- a/src/libfreeswan/Makefile.in +++ b/src/libfreeswan/Makefile.in @@ -1,8 +1,8 @@ -# Makefile.in generated by automake 1.9.6 from Makefile.am. +# Makefile.in generated by automake 1.10 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,15 +14,11 @@ @SET_MAKE@ -srcdir = @srcdir@ -top_srcdir = @top_srcdir@ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ -top_builddir = ../.. am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -INSTALL = @INSTALL@ install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c @@ -65,17 +61,18 @@ am_libfreeswan_a_OBJECTS = addrtoa.$(OBJEXT) addrtot.$(OBJEXT) \ ttosa.$(OBJEXT) ttosubnet.$(OBJEXT) ttoul.$(OBJEXT) \ ultoa.$(OBJEXT) ultot.$(OBJEXT) version.$(OBJEXT) libfreeswan_a_OBJECTS = $(am_libfreeswan_a_OBJECTS) -DEFAULT_INCLUDES = -I. -I$(srcdir) +DEFAULT_INCLUDES = -I.@am__isrc@ depcomp = $(SHELL) $(top_srcdir)/depcomp am__depfiles_maybe = depfiles COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) \ - $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \ - $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ + $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ - $(AM_LDFLAGS) $(LDFLAGS) -o $@ +LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ + $(LDFLAGS) -o $@ SOURCES = $(libfreeswan_a_SOURCES) DIST_SOURCES = $(libfreeswan_a_SOURCES) man3dir = $(mandir)/man3 @@ -86,16 +83,12 @@ ETAGS = etags CTAGS = ctags DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) ACLOCAL = @ACLOCAL@ -AMDEP_FALSE = @AMDEP_FALSE@ -AMDEP_TRUE = @AMDEP_TRUE@ AMTAR = @AMTAR@ AR = @AR@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ -BUILD_EAP_SIM_FALSE = @BUILD_EAP_SIM_FALSE@ -BUILD_EAP_SIM_TRUE = @BUILD_EAP_SIM_TRUE@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ @@ -118,10 +111,13 @@ F77 = @F77@ FFLAGS = @FFLAGS@ GPERF = @GPERF@ GREP = @GREP@ +INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@ +IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ @@ -133,6 +129,7 @@ LINUX_HEADERS = @LINUX_HEADERS@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ +MKDIR_P = @MKDIR_P@ OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ @@ -148,34 +145,16 @@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ STRIP = @STRIP@ -USE_CISCO_QUIRKS_FALSE = @USE_CISCO_QUIRKS_FALSE@ -USE_CISCO_QUIRKS_TRUE = @USE_CISCO_QUIRKS_TRUE@ -USE_LEAK_DETECTIVE_FALSE = @USE_LEAK_DETECTIVE_FALSE@ -USE_LEAK_DETECTIVE_TRUE = @USE_LEAK_DETECTIVE_TRUE@ -USE_LIBCURL_FALSE = @USE_LIBCURL_FALSE@ -USE_LIBCURL_TRUE = @USE_LIBCURL_TRUE@ -USE_LIBDBUS_FALSE = @USE_LIBDBUS_FALSE@ -USE_LIBDBUS_TRUE = @USE_LIBDBUS_TRUE@ -USE_LIBLDAP_FALSE = @USE_LIBLDAP_FALSE@ -USE_LIBLDAP_TRUE = @USE_LIBLDAP_TRUE@ -USE_LIBXML_FALSE = @USE_LIBXML_FALSE@ -USE_LIBXML_TRUE = @USE_LIBXML_TRUE@ -USE_NAT_TRANSPORT_FALSE = @USE_NAT_TRANSPORT_FALSE@ -USE_NAT_TRANSPORT_TRUE = @USE_NAT_TRANSPORT_TRUE@ -USE_SMARTCARD_FALSE = @USE_SMARTCARD_FALSE@ -USE_SMARTCARD_TRUE = @USE_SMARTCARD_TRUE@ -USE_VENDORID_FALSE = @USE_VENDORID_FALSE@ -USE_VENDORID_TRUE = @USE_VENDORID_TRUE@ VERSION = @VERSION@ YACC = @YACC@ YFLAGS = @YFLAGS@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ ac_ct_CC = @ac_ct_CC@ ac_ct_CXX = @ac_ct_CXX@ ac_ct_F77 = @ac_ct_F77@ -am__fastdepCC_FALSE = @am__fastdepCC_FALSE@ -am__fastdepCC_TRUE = @am__fastdepCC_TRUE@ -am__fastdepCXX_FALSE = @am__fastdepCXX_FALSE@ -am__fastdepCXX_TRUE = @am__fastdepCXX_TRUE@ am__include = @am__include@ am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ @@ -188,6 +167,7 @@ build_alias = @build_alias@ build_cpu = @build_cpu@ build_os = @build_os@ build_vendor = @build_vendor@ +builddir = @builddir@ confdir = @confdir@ datadir = @datadir@ datarootdir = @datarootdir@ @@ -225,8 +205,11 @@ program_transform_name = @program_transform_name@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ +srcdir = @srcdir@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ xml_CFLAGS = @xml_CFLAGS@ xml_LIBS = @xml_LIBS@ noinst_LIBRARIES = libfreeswan.a @@ -339,22 +322,22 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/version.Po@am__quote@ .c.o: -@am__fastdepCC_TRUE@ if $(COMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ $<; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Po"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(COMPILE) -c $< .c.obj: -@am__fastdepCC_TRUE@ if $(COMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ `$(CYGPATH_W) '$<'`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Po"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` .c.lo: -@am__fastdepCC_TRUE@ if $(LTCOMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ $<; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Plo"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< @@ -364,13 +347,9 @@ mostlyclean-libtool: clean-libtool: -rm -rf .libs _libs - -distclean-libtool: - -rm -f libtool -uninstall-info-am: install-man3: $(man3_MANS) $(man_MANS) @$(NORMAL_INSTALL) - test -z "$(man3dir)" || $(mkdir_p) "$(DESTDIR)$(man3dir)" + test -z "$(man3dir)" || $(MKDIR_P) "$(DESTDIR)$(man3dir)" @list='$(man3_MANS) $(dist_man3_MANS) $(nodist_man3_MANS)'; \ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ for i in $$l2; do \ @@ -463,22 +442,21 @@ distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \ - list='$(DISTFILES)'; for file in $$list; do \ - case $$file in \ - $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \ - $(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \ - esac; \ + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test "$$dir" != "$$file" && test "$$dir" != "."; then \ - dir="/$$dir"; \ - $(mkdir_p) "$(distdir)$$dir"; \ - else \ - dir=''; \ - fi; \ if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ fi; \ @@ -494,7 +472,7 @@ check: check-am all-am: Makefile $(LIBRARIES) $(MANS) installdirs: for dir in "$(DESTDIR)$(man3dir)"; do \ - test -z "$$dir" || $(mkdir_p) "$$dir"; \ + test -z "$$dir" || $(MKDIR_P) "$$dir"; \ done install: install-am install-exec: install-exec-am @@ -529,7 +507,7 @@ distclean: distclean-am -rm -rf ./$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ - distclean-libtool distclean-tags + distclean-tags dvi: dvi-am @@ -543,12 +521,20 @@ info-am: install-data-am: install-man +install-dvi: install-dvi-am + install-exec-am: +install-html: install-html-am + install-info: install-info-am install-man: install-man3 +install-pdf: install-pdf-am + +install-ps: install-ps-am + installcheck-am: maintainer-clean: maintainer-clean-am @@ -569,21 +555,25 @@ ps: ps-am ps-am: -uninstall-am: uninstall-info-am uninstall-man +uninstall-am: uninstall-man uninstall-man: uninstall-man3 +.MAKE: install-am install-strip + .PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ clean-libtool clean-noinstLIBRARIES ctags distclean \ distclean-compile distclean-generic distclean-libtool \ distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-exec \ - install-exec-am install-info install-info-am install-man \ - install-man3 install-strip installcheck installcheck-am \ + install install-am install-data install-data-am install-dvi \ + install-dvi-am install-exec install-exec-am install-html \ + install-html-am install-info install-info-am install-man \ + install-man3 install-pdf install-pdf-am install-ps \ + install-ps-am install-strip installcheck installcheck-am \ installdirs maintainer-clean maintainer-clean-generic \ mostlyclean mostlyclean-compile mostlyclean-generic \ mostlyclean-libtool pdf pdf-am ps ps-am tags uninstall \ - uninstall-am uninstall-info-am uninstall-man uninstall-man3 + uninstall-am uninstall-man uninstall-man3 # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. diff --git a/src/libfreeswan/addrtoa.c b/src/libfreeswan/addrtoa.c index b1cc038ed..bb5d239ab 100644 --- a/src/libfreeswan/addrtoa.c +++ b/src/libfreeswan/addrtoa.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public * License for more details. * - * RCSID $Id: addrtoa.c,v 1.1 2004/03/15 20:35:25 as Exp $ + * RCSID $Id: addrtoa.c 3265 2007-10-08 19:52:55Z andreas $ */ #include "internal.h" #include "freeswan.h" diff --git a/src/libfreeswan/addrtot.c b/src/libfreeswan/addrtot.c index f229789f0..700553b40 100644 --- a/src/libfreeswan/addrtot.c +++ b/src/libfreeswan/addrtot.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public * License for more details. * - * RCSID $Id: addrtot.c,v 1.1 2004/03/15 20:35:25 as Exp $ + * RCSID $Id: addrtot.c 3265 2007-10-08 19:52:55Z andreas $ */ #include "internal.h" #include "freeswan.h" diff --git a/src/libfreeswan/addrtypeof.c b/src/libfreeswan/addrtypeof.c index e63509911..8d68be12b 100644 --- a/src/libfreeswan/addrtypeof.c +++ b/src/libfreeswan/addrtypeof.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public * License for more details. * - * RCSID $Id: addrtypeof.c,v 1.1 2004/03/15 20:35:25 as Exp $ + * RCSID $Id: addrtypeof.c 3265 2007-10-08 19:52:55Z andreas $ */ #include "internal.h" #include "freeswan.h" diff --git a/src/libfreeswan/anyaddr.3 b/src/libfreeswan/anyaddr.3 index 4594a9ff9..556627f7d 100644 --- a/src/libfreeswan/anyaddr.3 +++ b/src/libfreeswan/anyaddr.3 @@ -1,5 +1,5 @@ .TH IPSEC_ANYADDR 3 "8 Sept 2000" -.\" RCSID $Id: anyaddr.3,v 1.1 2004/03/15 20:35:25 as Exp $ +.\" RCSID $Id: anyaddr.3 3265 2007-10-08 19:52:55Z andreas $ .SH NAME ipsec anyaddr \- get "any" address .br diff --git a/src/libfreeswan/anyaddr.c b/src/libfreeswan/anyaddr.c index 08aae6334..12100f07e 100644 --- a/src/libfreeswan/anyaddr.c +++ b/src/libfreeswan/anyaddr.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public * License for more details. * - * RCSID $Id: anyaddr.c,v 1.1 2004/03/15 20:35:25 as Exp $ + * RCSID $Id: anyaddr.c 3265 2007-10-08 19:52:55Z andreas $ */ #include "internal.h" #include "freeswan.h" diff --git a/src/libfreeswan/atoaddr.3 b/src/libfreeswan/atoaddr.3 index a7dc8dca3..617609325 100644 --- a/src/libfreeswan/atoaddr.3 +++ b/src/libfreeswan/atoaddr.3 @@ -1,5 +1,5 @@ .TH IPSEC_ATOADDR 3 "11 June 2001" -.\" RCSID $Id: atoaddr.3,v 1.1 2004/03/15 20:35:25 as Exp $ +.\" RCSID $Id: atoaddr.3 3265 2007-10-08 19:52:55Z andreas $ .SH NAME ipsec atoaddr, addrtoa \- convert Internet addresses to and from ASCII .br diff --git a/src/libfreeswan/atoaddr.c b/src/libfreeswan/atoaddr.c index 0c787b10d..1af90cd63 100644 --- a/src/libfreeswan/atoaddr.c +++ b/src/libfreeswan/atoaddr.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public * License for more details. * - * RCSID $Id: atoaddr.c,v 1.1 2004/03/15 20:35:25 as Exp $ + * RCSID $Id: atoaddr.c 3265 2007-10-08 19:52:55Z andreas $ */ #include "internal.h" #include "freeswan.h" diff --git a/src/libfreeswan/atoasr.3 b/src/libfreeswan/atoasr.3 index 1bd805db1..8be2fa274 100644 --- a/src/libfreeswan/atoasr.3 +++ b/src/libfreeswan/atoasr.3 @@ -1,5 +1,5 @@ .TH IPSEC_ATOASR 3 "11 June 2001" -.\" RCSID $Id: atoasr.3,v 1.1 2004/03/15 20:35:25 as Exp $ +.\" RCSID $Id: atoasr.3 3265 2007-10-08 19:52:55Z andreas $ .SH NAME ipsec atoasr \- convert ASCII to Internet address, subnet, or range .br diff --git a/src/libfreeswan/atoasr.c b/src/libfreeswan/atoasr.c index a68409bfb..03b7c5b7f 100644 --- a/src/libfreeswan/atoasr.c +++ b/src/libfreeswan/atoasr.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public * License for more details. * - * RCSID $Id: atoasr.c,v 1.1 2004/03/15 20:35:25 as Exp $ + * RCSID $Id: atoasr.c 3265 2007-10-08 19:52:55Z andreas $ */ #include "internal.h" #include "freeswan.h" diff --git a/src/libfreeswan/atosa.3 b/src/libfreeswan/atosa.3 index 116483a73..cd2205bfe 100644 --- a/src/libfreeswan/atosa.3 +++ b/src/libfreeswan/atosa.3 @@ -1,5 +1,5 @@ .TH IPSEC_ATOSA 3 "11 June 2001" -.\" RCSID $Id: atosa.3,v 1.1 2004/03/15 20:35:26 as Exp $ +.\" RCSID $Id: atosa.3 3265 2007-10-08 19:52:55Z andreas $ .SH NAME ipsec atosa, satoa \- convert IPsec Security Association IDs to and from ASCII .SH SYNOPSIS diff --git a/src/libfreeswan/atosa.c b/src/libfreeswan/atosa.c index cc3b055d0..f49931716 100644 --- a/src/libfreeswan/atosa.c +++ b/src/libfreeswan/atosa.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public * License for more details. * - * RCSID $Id: atosa.c,v 1.1 2004/03/15 20:35:26 as Exp $ + * RCSID $Id: atosa.c 3265 2007-10-08 19:52:55Z andreas $ */ #include "internal.h" #include "freeswan.h" diff --git a/src/libfreeswan/atosubnet.c b/src/libfreeswan/atosubnet.c index 9300c2895..3411e9e05 100644 --- a/src/libfreeswan/atosubnet.c +++ b/src/libfreeswan/atosubnet.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public * License for more details. * - * RCSID $Id: atosubnet.c,v 1.1 2004/03/15 20:35:26 as Exp $ + * RCSID $Id: atosubnet.c 3265 2007-10-08 19:52:55Z andreas $ */ #include "internal.h" #include "freeswan.h" diff --git a/src/libfreeswan/atoul.3 b/src/libfreeswan/atoul.3 index a606fa4a9..2d710cbc9 100644 --- a/src/libfreeswan/atoul.3 +++ b/src/libfreeswan/atoul.3 @@ -1,5 +1,5 @@ .TH IPSEC_ATOUL 3 "11 June 2001" -.\" RCSID $Id: atoul.3,v 1.1 2004/03/15 20:35:26 as Exp $ +.\" RCSID $Id: atoul.3 3265 2007-10-08 19:52:55Z andreas $ .SH NAME ipsec atoul, ultoa \- convert unsigned-long numbers to and from ASCII .SH SYNOPSIS diff --git a/src/libfreeswan/atoul.c b/src/libfreeswan/atoul.c index e32a8cdab..a3bf07a60 100644 --- a/src/libfreeswan/atoul.c +++ b/src/libfreeswan/atoul.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public * License for more details. * - * RCSID $Id: atoul.c,v 1.1 2004/03/15 20:35:26 as Exp $ + * RCSID $Id: atoul.c 3265 2007-10-08 19:52:55Z andreas $ */ #include "internal.h" #include "freeswan.h" diff --git a/src/libfreeswan/copyright.c b/src/libfreeswan/copyright.c index 8796751fe..2e0f8543e 100644 --- a/src/libfreeswan/copyright.c +++ b/src/libfreeswan/copyright.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public * License for more details. * - * RCSID $Id: copyright.c,v 1.6 2005/11/02 21:51:13 as Exp $ + * RCSID $Id: copyright.c 3265 2007-10-08 19:52:55Z andreas $ */ #include "internal.h" #include "freeswan.h" @@ -31,8 +31,9 @@ static const char *co[] = { " Mario Strasser, Lukas Suter, Roger Wegmann, Simon Zwahlen,", " Zuercher Hochschule Winterthur (Switzerland).", "", - " Tobias Brunner, Fabian Hartmann, Noah Heusser, Jan Hutter,", - " Daniel Röthlisberger, Martin Willi, Andreas Steffen,", + " Tobias Brunner, Andreas Eigenmann, Fabian Hartmann, Noah Heusser,", + " Jan Hutter, Daniel Roethlisberger, Joel Stillhart, Martin Willi,", + " Daniel Wydler, Andreas Steffen,", " Hochschule fuer Technik Rapperswil (Switzerland).", "", "This program is free software; you can redistribute it and/or modify it", diff --git a/src/libfreeswan/datatot.c b/src/libfreeswan/datatot.c index fbeb35fa9..cefe09ef0 100644 --- a/src/libfreeswan/datatot.c +++ b/src/libfreeswan/datatot.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public * License for more details. * - * RCSID $Id: datatot.c,v 1.1 2004/03/15 20:35:26 as Exp $ + * RCSID $Id: datatot.c 3265 2007-10-08 19:52:55Z andreas $ */ #include "internal.h" #include "freeswan.h" diff --git a/src/libfreeswan/freeswan.h b/src/libfreeswan/freeswan.h index b1bca870d..59e6f0d9b 100644 --- a/src/libfreeswan/freeswan.h +++ b/src/libfreeswan/freeswan.h @@ -14,7 +14,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public * License for more details. * - * RCSID $Id: freeswan.h,v 1.2 2004/03/22 21:53:17 as Exp $ + * RCSID $Id: freeswan.h 3265 2007-10-08 19:52:55Z andreas $ */ #define _FREESWAN_H /* seen it, no need to see it again */ diff --git a/src/libfreeswan/goodmask.3 b/src/libfreeswan/goodmask.3 index 4a573e51e..eeff2f25d 100644 --- a/src/libfreeswan/goodmask.3 +++ b/src/libfreeswan/goodmask.3 @@ -1,5 +1,5 @@ .TH IPSEC_GOODMASK 3 "11 June 2001" -.\" RCSID $Id: goodmask.3,v 1.1 2004/03/15 20:35:26 as Exp $ +.\" RCSID $Id: goodmask.3 3265 2007-10-08 19:52:55Z andreas $ .SH NAME ipsec goodmask \- is this Internet subnet mask a valid one? .br diff --git a/src/libfreeswan/goodmask.c b/src/libfreeswan/goodmask.c index fe7a42335..318a2879f 100644 --- a/src/libfreeswan/goodmask.c +++ b/src/libfreeswan/goodmask.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public * License for more details. * - * RCSID $Id: goodmask.c,v 1.1 2004/03/15 20:35:26 as Exp $ + * RCSID $Id: goodmask.c 3265 2007-10-08 19:52:55Z andreas $ */ #include "internal.h" #include "freeswan.h" diff --git a/src/libfreeswan/initaddr.3 b/src/libfreeswan/initaddr.3 index b963f21cc..bcbd3f88b 100644 --- a/src/libfreeswan/initaddr.3 +++ b/src/libfreeswan/initaddr.3 @@ -1,5 +1,5 @@ .TH IPSEC_INITADDR 3 "11 Sept 2000" -.\" RCSID $Id: initaddr.3,v 1.1 2004/03/15 20:35:26 as Exp $ +.\" RCSID $Id: initaddr.3 3265 2007-10-08 19:52:55Z andreas $ .SH NAME ipsec initaddr \- initialize an ip_address .br diff --git a/src/libfreeswan/initaddr.c b/src/libfreeswan/initaddr.c index c215f6bdf..99870ded2 100644 --- a/src/libfreeswan/initaddr.c +++ b/src/libfreeswan/initaddr.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public * License for more details. * - * RCSID $Id: initaddr.c,v 1.1 2004/03/15 20:35:26 as Exp $ + * RCSID $Id: initaddr.c 3265 2007-10-08 19:52:55Z andreas $ */ #include "internal.h" #include "freeswan.h" diff --git a/src/libfreeswan/initsaid.c b/src/libfreeswan/initsaid.c index 4790f6981..43156e96e 100644 --- a/src/libfreeswan/initsaid.c +++ b/src/libfreeswan/initsaid.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public * License for more details. * - * RCSID $Id: initsaid.c,v 1.1 2004/03/15 20:35:26 as Exp $ + * RCSID $Id: initsaid.c 3265 2007-10-08 19:52:55Z andreas $ */ #include "internal.h" #include "freeswan.h" diff --git a/src/libfreeswan/initsubnet.3 b/src/libfreeswan/initsubnet.3 index 670f71778..aaf2a64d5 100644 --- a/src/libfreeswan/initsubnet.3 +++ b/src/libfreeswan/initsubnet.3 @@ -1,5 +1,5 @@ .TH IPSEC_INITSUBNET 3 "12 March 2002" -.\" RCSID $Id: initsubnet.3,v 1.1 2004/03/15 20:35:26 as Exp $ +.\" RCSID $Id: initsubnet.3 3265 2007-10-08 19:52:55Z andreas $ .SH NAME ipsec initsubnet \- initialize an ip_subnet .br diff --git a/src/libfreeswan/initsubnet.c b/src/libfreeswan/initsubnet.c index 75ca72f36..f2d8b4dc8 100644 --- a/src/libfreeswan/initsubnet.c +++ b/src/libfreeswan/initsubnet.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public * License for more details. * - * RCSID $Id: initsubnet.c,v 1.1 2004/03/15 20:35:26 as Exp $ + * RCSID $Id: initsubnet.c 3265 2007-10-08 19:52:55Z andreas $ */ #include "internal.h" #include "freeswan.h" diff --git a/src/libfreeswan/internal.h b/src/libfreeswan/internal.h index 16ad78da0..921e47835 100644 --- a/src/libfreeswan/internal.h +++ b/src/libfreeswan/internal.h @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public * License for more details. * - * RCSID $Id: internal.h,v 1.1 2004/03/15 20:35:26 as Exp $ + * RCSID $Id: internal.h 3265 2007-10-08 19:52:55Z andreas $ */ #ifndef ABITS diff --git a/src/libfreeswan/ipcomp.h b/src/libfreeswan/ipcomp.h index ed8095517..57f8cc7cc 100644 --- a/src/libfreeswan/ipcomp.h +++ b/src/libfreeswan/ipcomp.h @@ -13,7 +13,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - RCSID $Id: ipcomp.h,v 1.1 2004/03/15 20:35:25 as Exp $ + RCSID $Id: ipcomp.h 3265 2007-10-08 19:52:55Z andreas $ */ diff --git a/src/libfreeswan/ipsec_ah.h b/src/libfreeswan/ipsec_ah.h index 7a250248e..aa34ce798 100644 --- a/src/libfreeswan/ipsec_ah.h +++ b/src/libfreeswan/ipsec_ah.h @@ -13,7 +13,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: ipsec_ah.h,v 1.2 2004/03/22 21:53:18 as Exp $ + * RCSID $Id: ipsec_ah.h 3265 2007-10-08 19:52:55Z andreas $ */ #include "ipsec_md5h.h" diff --git a/src/libfreeswan/ipsec_alg.h b/src/libfreeswan/ipsec_alg.h index a393784b1..6b85be645 100644 --- a/src/libfreeswan/ipsec_alg.h +++ b/src/libfreeswan/ipsec_alg.h @@ -3,7 +3,7 @@ * * Author: JuanJo Ciarlante * - * $Id: ipsec_alg.h,v 1.2 2004/03/22 21:53:18 as Exp $ + * $Id: ipsec_alg.h 3265 2007-10-08 19:52:55Z andreas $ * */ /* diff --git a/src/libfreeswan/ipsec_encap.h b/src/libfreeswan/ipsec_encap.h index f95259466..4f8d2e9a0 100644 --- a/src/libfreeswan/ipsec_encap.h +++ b/src/libfreeswan/ipsec_encap.h @@ -13,7 +13,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: ipsec_encap.h,v 1.1 2004/03/15 20:35:25 as Exp $ + * RCSID $Id: ipsec_encap.h 3265 2007-10-08 19:52:55Z andreas $ */ #ifndef _IPSEC_ENCAP_H_ diff --git a/src/libfreeswan/ipsec_eroute.h b/src/libfreeswan/ipsec_eroute.h index 9bba4bfb4..60af0f09b 100644 --- a/src/libfreeswan/ipsec_eroute.h +++ b/src/libfreeswan/ipsec_eroute.h @@ -15,7 +15,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: ipsec_eroute.h,v 1.1 2004/03/15 20:35:25 as Exp $ + * RCSID $Id: ipsec_eroute.h 3265 2007-10-08 19:52:55Z andreas $ * * derived from ipsec_encap.h 1.15 on 2001/9/18 by mcr. * diff --git a/src/libfreeswan/ipsec_errs.h b/src/libfreeswan/ipsec_errs.h index 39cfece2b..da7646870 100644 --- a/src/libfreeswan/ipsec_errs.h +++ b/src/libfreeswan/ipsec_errs.h @@ -14,7 +14,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: ipsec_errs.h,v 1.1 2004/03/15 20:35:25 as Exp $ + * RCSID $Id: ipsec_errs.h 3265 2007-10-08 19:52:55Z andreas $ * */ diff --git a/src/libfreeswan/ipsec_esp.h b/src/libfreeswan/ipsec_esp.h index 90ef28e9b..af1b488f2 100644 --- a/src/libfreeswan/ipsec_esp.h +++ b/src/libfreeswan/ipsec_esp.h @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: ipsec_esp.h,v 1.2 2004/03/22 21:53:18 as Exp $ + * RCSID $Id: ipsec_esp.h 3265 2007-10-08 19:52:55Z andreas $ */ #include "freeswan/ipsec_md5h.h" diff --git a/src/libfreeswan/ipsec_ipe4.h b/src/libfreeswan/ipsec_ipe4.h index 14d1eadee..bc86ae761 100644 --- a/src/libfreeswan/ipsec_ipe4.h +++ b/src/libfreeswan/ipsec_ipe4.h @@ -13,7 +13,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: ipsec_ipe4.h,v 1.1 2004/03/15 20:35:25 as Exp $ + * RCSID $Id: ipsec_ipe4.h 3265 2007-10-08 19:52:55Z andreas $ */ /* The packet header is an IP header! */ diff --git a/src/libfreeswan/ipsec_kversion.h b/src/libfreeswan/ipsec_kversion.h index 332c21bd5..4a94021a2 100644 --- a/src/libfreeswan/ipsec_kversion.h +++ b/src/libfreeswan/ipsec_kversion.h @@ -14,7 +14,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public * License for more details. * - * RCSID $Id: ipsec_kversion.h,v 1.1 2004/03/15 20:35:25 as Exp $ + * RCSID $Id: ipsec_kversion.h 3265 2007-10-08 19:52:55Z andreas $ */ #define _FREESWAN_KVERSIONS_H /* seen it, no need to see it again */ diff --git a/src/libfreeswan/ipsec_life.h b/src/libfreeswan/ipsec_life.h index 598a73665..3508e007f 100644 --- a/src/libfreeswan/ipsec_life.h +++ b/src/libfreeswan/ipsec_life.h @@ -13,7 +13,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: ipsec_life.h,v 1.1 2004/03/15 20:35:25 as Exp $ + * RCSID $Id: ipsec_life.h 3265 2007-10-08 19:52:55Z andreas $ * * This file derived from ipsec_xform.h on 2001/9/18 by mcr. * diff --git a/src/libfreeswan/ipsec_md5h.h b/src/libfreeswan/ipsec_md5h.h index a79c8256f..ea98218a6 100644 --- a/src/libfreeswan/ipsec_md5h.h +++ b/src/libfreeswan/ipsec_md5h.h @@ -1,5 +1,5 @@ /* - * RCSID $Id: ipsec_md5h.h,v 1.1 2004/03/15 20:35:25 as Exp $ + * RCSID $Id: ipsec_md5h.h 3265 2007-10-08 19:52:55Z andreas $ */ /* diff --git a/src/libfreeswan/ipsec_param.h b/src/libfreeswan/ipsec_param.h index 02b36e6a3..209244c59 100644 --- a/src/libfreeswan/ipsec_param.h +++ b/src/libfreeswan/ipsec_param.h @@ -14,7 +14,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: ipsec_param.h,v 1.2 2004/04/28 08:07:11 as Exp $ + * RCSID $Id: ipsec_param.h 3265 2007-10-08 19:52:55Z andreas $ * */ diff --git a/src/libfreeswan/ipsec_policy.h b/src/libfreeswan/ipsec_policy.h index 671919e4b..52b4d7590 100644 --- a/src/libfreeswan/ipsec_policy.h +++ b/src/libfreeswan/ipsec_policy.h @@ -13,7 +13,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public * License for more details. * - * RCSID $Id: ipsec_policy.h,v 1.4 2004/10/04 22:43:56 as Exp $ + * RCSID $Id: ipsec_policy.h 3265 2007-10-08 19:52:55Z andreas $ */ #define _IPSEC_POLICY_H /* seen it, no need to see it again */ diff --git a/src/libfreeswan/ipsec_proto.h b/src/libfreeswan/ipsec_proto.h index 55f947512..23b9cf247 100644 --- a/src/libfreeswan/ipsec_proto.h +++ b/src/libfreeswan/ipsec_proto.h @@ -14,7 +14,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: ipsec_proto.h,v 1.3 2004/06/13 19:55:14 as Exp $ + * RCSID $Id: ipsec_proto.h 3265 2007-10-08 19:52:55Z andreas $ * */ diff --git a/src/libfreeswan/ipsec_radij.h b/src/libfreeswan/ipsec_radij.h index 7776dd8e4..88e849eee 100644 --- a/src/libfreeswan/ipsec_radij.h +++ b/src/libfreeswan/ipsec_radij.h @@ -13,7 +13,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: ipsec_radij.h,v 1.3 2004/04/28 05:44:29 as Exp $ + * RCSID $Id: ipsec_radij.h 3265 2007-10-08 19:52:55Z andreas $ */ #ifndef _IPSEC_RADIJ_H diff --git a/src/libfreeswan/ipsec_rcv.h b/src/libfreeswan/ipsec_rcv.h index 063ccf462..d972a18b9 100644 --- a/src/libfreeswan/ipsec_rcv.h +++ b/src/libfreeswan/ipsec_rcv.h @@ -13,7 +13,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: ipsec_rcv.h,v 1.1 2004/03/15 20:35:25 as Exp $ + * RCSID $Id: ipsec_rcv.h 3265 2007-10-08 19:52:55Z andreas $ */ #define DB_RX_PKTRX 0x0001 diff --git a/src/libfreeswan/ipsec_sa.h b/src/libfreeswan/ipsec_sa.h index 4dd682569..9d178e11f 100644 --- a/src/libfreeswan/ipsec_sa.h +++ b/src/libfreeswan/ipsec_sa.h @@ -15,7 +15,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: ipsec_sa.h,v 1.3 2004/04/28 08:07:11 as Exp $ + * RCSID $Id: ipsec_sa.h 3265 2007-10-08 19:52:55Z andreas $ * * This file derived from ipsec_xform.h on 2001/9/18 by mcr. * diff --git a/src/libfreeswan/ipsec_sha1.h b/src/libfreeswan/ipsec_sha1.h index 1319081ad..b0f952c92 100644 --- a/src/libfreeswan/ipsec_sha1.h +++ b/src/libfreeswan/ipsec_sha1.h @@ -1,5 +1,5 @@ /* - * RCSID $Id: ipsec_sha1.h,v 1.1 2004/03/15 20:35:25 as Exp $ + * RCSID $Id: ipsec_sha1.h 3265 2007-10-08 19:52:55Z andreas $ */ /* diff --git a/src/libfreeswan/ipsec_stats.h b/src/libfreeswan/ipsec_stats.h index e4be11d29..dabd02993 100644 --- a/src/libfreeswan/ipsec_stats.h +++ b/src/libfreeswan/ipsec_stats.h @@ -14,7 +14,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: ipsec_stats.h,v 1.2 2004/03/30 19:33:52 as Exp $ + * RCSID $Id: ipsec_stats.h 3265 2007-10-08 19:52:55Z andreas $ * */ diff --git a/src/libfreeswan/ipsec_tunnel.h b/src/libfreeswan/ipsec_tunnel.h index 672755946..df52cf646 100644 --- a/src/libfreeswan/ipsec_tunnel.h +++ b/src/libfreeswan/ipsec_tunnel.h @@ -13,7 +13,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: ipsec_tunnel.h,v 1.1 2004/03/15 20:35:25 as Exp $ + * RCSID $Id: ipsec_tunnel.h 3265 2007-10-08 19:52:55Z andreas $ */ #include diff --git a/src/libfreeswan/ipsec_xform.h b/src/libfreeswan/ipsec_xform.h index 80beb7345..642a39bd5 100644 --- a/src/libfreeswan/ipsec_xform.h +++ b/src/libfreeswan/ipsec_xform.h @@ -13,7 +13,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: ipsec_xform.h,v 1.3 2004/09/29 22:26:13 as Exp $ + * RCSID $Id: ipsec_xform.h 3265 2007-10-08 19:52:55Z andreas $ */ #ifndef _IPSEC_XFORM_H_ diff --git a/src/libfreeswan/ipsec_xmit.h b/src/libfreeswan/ipsec_xmit.h index 033984886..07ed7da43 100644 --- a/src/libfreeswan/ipsec_xmit.h +++ b/src/libfreeswan/ipsec_xmit.h @@ -13,7 +13,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: ipsec_xmit.h,v 1.3 2004/06/13 19:37:07 as Exp $ + * RCSID $Id: ipsec_xmit.h 3265 2007-10-08 19:52:55Z andreas $ */ #include "freeswan/ipsec_sa.h" diff --git a/src/libfreeswan/keyblobtoid.3 b/src/libfreeswan/keyblobtoid.3 index be381531a..e33603bb0 100644 --- a/src/libfreeswan/keyblobtoid.3 +++ b/src/libfreeswan/keyblobtoid.3 @@ -1,5 +1,5 @@ .TH IPSEC_KEYBLOBTOID 3 "25 March 2002" -.\" RCSID $Id: keyblobtoid.3,v 1.1 2004/03/15 20:35:26 as Exp $ +.\" RCSID $Id: keyblobtoid.3 3265 2007-10-08 19:52:55Z andreas $ .SH NAME ipsec keyblobtoid, splitkeytoid \- generate key IDs from RSA keys .SH SYNOPSIS diff --git a/src/libfreeswan/keyblobtoid.c b/src/libfreeswan/keyblobtoid.c index 7798601cf..f8c47a55c 100644 --- a/src/libfreeswan/keyblobtoid.c +++ b/src/libfreeswan/keyblobtoid.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public * License for more details. * - * RCSID $Id: keyblobtoid.c,v 1.1 2004/03/15 20:35:26 as Exp $ + * RCSID $Id: keyblobtoid.c 3265 2007-10-08 19:52:55Z andreas $ */ #include "internal.h" #include "freeswan.h" diff --git a/src/libfreeswan/optionsfrom.3 b/src/libfreeswan/optionsfrom.3 index e270475bd..717d280f0 100644 --- a/src/libfreeswan/optionsfrom.3 +++ b/src/libfreeswan/optionsfrom.3 @@ -1,5 +1,5 @@ .TH IPSEC_OPTIONSFROM 3 "16 Oct 1998" -.\" RCSID $Id: optionsfrom.3,v 1.1 2004/03/15 20:35:26 as Exp $ +.\" RCSID $Id: optionsfrom.3 3265 2007-10-08 19:52:55Z andreas $ .SH NAME ipsec optionsfrom \- read additional ``command-line'' options from file .SH SYNOPSIS diff --git a/src/libfreeswan/optionsfrom.c b/src/libfreeswan/optionsfrom.c index d96a3124d..f4878f386 100644 --- a/src/libfreeswan/optionsfrom.c +++ b/src/libfreeswan/optionsfrom.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public * License for more details. * - * RCSID $Id: optionsfrom.c,v 1.1 2004/03/15 20:35:26 as Exp $ + * RCSID $Id: optionsfrom.c 3265 2007-10-08 19:52:55Z andreas $ */ #include "internal.h" #include "freeswan.h" diff --git a/src/libfreeswan/pfkey.h b/src/libfreeswan/pfkey.h index 01c404677..8c657ff51 100644 --- a/src/libfreeswan/pfkey.h +++ b/src/libfreeswan/pfkey.h @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: pfkey.h,v 1.2 2004/03/22 21:53:18 as Exp $ + * RCSID $Id: pfkey.h 3265 2007-10-08 19:52:55Z andreas $ */ #ifndef __NET_IPSEC_PF_KEY_H diff --git a/src/libfreeswan/pfkey_v2_build.c b/src/libfreeswan/pfkey_v2_build.c index 340c12cfe..45a8a8e71 100644 --- a/src/libfreeswan/pfkey_v2_build.c +++ b/src/libfreeswan/pfkey_v2_build.c @@ -12,14 +12,14 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: pfkey_v2_build.c,v 1.4 2005/04/07 19:43:52 as Exp $ + * RCSID $Id: pfkey_v2_build.c 3265 2007-10-08 19:52:55Z andreas $ */ /* * Template from klips/net/ipsec/ipsec/ipsec_parser.c. */ -char pfkey_v2_build_c_version[] = "$Id: pfkey_v2_build.c,v 1.4 2005/04/07 19:43:52 as Exp $"; +char pfkey_v2_build_c_version[] = "$Id: pfkey_v2_build.c 3265 2007-10-08 19:52:55Z andreas $"; /* * Some ugly stuff to allow consistent debugging code for use in the diff --git a/src/libfreeswan/pfkey_v2_debug.c b/src/libfreeswan/pfkey_v2_debug.c index 8b4be384f..35e4f75f1 100644 --- a/src/libfreeswan/pfkey_v2_debug.c +++ b/src/libfreeswan/pfkey_v2_debug.c @@ -14,7 +14,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: pfkey_v2_debug.c,v 1.2 2004/03/22 21:53:18 as Exp $ + * RCSID $Id: pfkey_v2_debug.c 3265 2007-10-08 19:52:55Z andreas $ * */ diff --git a/src/libfreeswan/pfkey_v2_ext_bits.c b/src/libfreeswan/pfkey_v2_ext_bits.c index 280438750..d6f31def4 100644 --- a/src/libfreeswan/pfkey_v2_ext_bits.c +++ b/src/libfreeswan/pfkey_v2_ext_bits.c @@ -12,14 +12,14 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: pfkey_v2_ext_bits.c,v 1.2 2004/03/22 21:53:18 as Exp $ + * RCSID $Id: pfkey_v2_ext_bits.c 3265 2007-10-08 19:52:55Z andreas $ */ /* * Template from klips/net/ipsec/ipsec/ipsec_parse.c. */ -char pfkey_v2_ext_bits_c_version[] = "$Id: pfkey_v2_ext_bits.c,v 1.2 2004/03/22 21:53:18 as Exp $"; +char pfkey_v2_ext_bits_c_version[] = "$Id: pfkey_v2_ext_bits.c 3265 2007-10-08 19:52:55Z andreas $"; /* * Some ugly stuff to allow consistent debugging code for use in the diff --git a/src/libfreeswan/pfkey_v2_parse.c b/src/libfreeswan/pfkey_v2_parse.c index c19ec1c99..e365d10b6 100644 --- a/src/libfreeswan/pfkey_v2_parse.c +++ b/src/libfreeswan/pfkey_v2_parse.c @@ -12,14 +12,14 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: pfkey_v2_parse.c,v 1.4 2004/06/13 20:35:07 as Exp $ + * RCSID $Id: pfkey_v2_parse.c 3265 2007-10-08 19:52:55Z andreas $ */ /* * Template from klips/net/ipsec/ipsec/ipsec_parser.c. */ -char pfkey_v2_parse_c_version[] = "$Id: pfkey_v2_parse.c,v 1.4 2004/06/13 20:35:07 as Exp $"; +char pfkey_v2_parse_c_version[] = "$Id: pfkey_v2_parse.c 3265 2007-10-08 19:52:55Z andreas $"; /* * Some ugly stuff to allow consistent debugging code for use in the diff --git a/src/libfreeswan/pfkeyv2.h b/src/libfreeswan/pfkeyv2.h index 07126f1b8..d763d4024 100644 --- a/src/libfreeswan/pfkeyv2.h +++ b/src/libfreeswan/pfkeyv2.h @@ -1,5 +1,5 @@ /* - * RCSID $Id: pfkeyv2.h,v 1.5 2004/10/04 22:43:56 as Exp $ + * RCSID $Id: pfkeyv2.h 3265 2007-10-08 19:52:55Z andreas $ */ /* diff --git a/src/libfreeswan/portof.3 b/src/libfreeswan/portof.3 index fac0d8bc3..ffa2c0125 100644 --- a/src/libfreeswan/portof.3 +++ b/src/libfreeswan/portof.3 @@ -1,5 +1,5 @@ .TH IPSEC_PORTOF 3 "8 Sept 2000" -.\" RCSID $Id: portof.3,v 1.1 2004/03/15 20:35:26 as Exp $ +.\" RCSID $Id: portof.3 3265 2007-10-08 19:52:55Z andreas $ .SH NAME ipsec portof \- get port field of an ip_address .br diff --git a/src/libfreeswan/portof.c b/src/libfreeswan/portof.c index d028ea034..96d32acf2 100644 --- a/src/libfreeswan/portof.c +++ b/src/libfreeswan/portof.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public * License for more details. * - * RCSID $Id: portof.c,v 1.1 2004/03/15 20:35:26 as Exp $ + * RCSID $Id: portof.c 3265 2007-10-08 19:52:55Z andreas $ */ #include "internal.h" #include "freeswan.h" diff --git a/src/libfreeswan/prng.3 b/src/libfreeswan/prng.3 index 51f19364f..9d0130c0f 100644 --- a/src/libfreeswan/prng.3 +++ b/src/libfreeswan/prng.3 @@ -1,5 +1,5 @@ .TH IPSEC_PRNG 3 "1 April 2002" -.\" RCSID $Id: prng.3,v 1.1 2004/03/15 20:35:26 as Exp $ +.\" RCSID $Id: prng.3 3265 2007-10-08 19:52:55Z andreas $ .SH NAME ipsec prng_init \- initialize IPsec pseudorandom-number generator .br diff --git a/src/libfreeswan/prng.c b/src/libfreeswan/prng.c index e31836783..cdf9eb0ed 100644 --- a/src/libfreeswan/prng.c +++ b/src/libfreeswan/prng.c @@ -13,7 +13,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public * License for more details. * - * RCSID $Id: prng.c,v 1.1 2004/03/15 20:35:26 as Exp $ + * RCSID $Id: prng.c 3265 2007-10-08 19:52:55Z andreas $ */ #include "internal.h" #include "freeswan.h" diff --git a/src/libfreeswan/radij.h b/src/libfreeswan/radij.h index 7fe30a6ea..2396020f7 100644 --- a/src/libfreeswan/radij.h +++ b/src/libfreeswan/radij.h @@ -1,5 +1,5 @@ /* - * RCSID $Id: radij.h,v 1.1 2004/03/15 20:35:25 as Exp $ + * RCSID $Id: radij.h 3265 2007-10-08 19:52:55Z andreas $ */ /* diff --git a/src/libfreeswan/rangetoa.c b/src/libfreeswan/rangetoa.c index e63b432f8..4d1eb204e 100644 --- a/src/libfreeswan/rangetoa.c +++ b/src/libfreeswan/rangetoa.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public * License for more details. * - * RCSID $Id: rangetoa.c,v 1.1 2004/03/15 20:35:26 as Exp $ + * RCSID $Id: rangetoa.c 3265 2007-10-08 19:52:55Z andreas $ */ #include "internal.h" #include "freeswan.h" diff --git a/src/libfreeswan/rangetosubnet.3 b/src/libfreeswan/rangetosubnet.3 index 7d707545e..27e765670 100644 --- a/src/libfreeswan/rangetosubnet.3 +++ b/src/libfreeswan/rangetosubnet.3 @@ -1,5 +1,5 @@ .TH IPSEC_RANGETOSUBNET 3 "8 Sept 2000" -.\" RCSID $Id: rangetosubnet.3,v 1.1 2004/03/15 20:35:26 as Exp $ +.\" RCSID $Id: rangetosubnet.3 3265 2007-10-08 19:52:55Z andreas $ .SH NAME ipsec rangetosubnet \- convert address range to subnet .SH SYNOPSIS diff --git a/src/libfreeswan/rangetosubnet.c b/src/libfreeswan/rangetosubnet.c index 048b10556..f68efa6bf 100644 --- a/src/libfreeswan/rangetosubnet.c +++ b/src/libfreeswan/rangetosubnet.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public * License for more details. * - * RCSID $Id: rangetosubnet.c,v 1.1 2004/03/15 20:35:26 as Exp $ + * RCSID $Id: rangetosubnet.c 3265 2007-10-08 19:52:55Z andreas $ */ #include "internal.h" #include "freeswan.h" diff --git a/src/libfreeswan/sameaddr.3 b/src/libfreeswan/sameaddr.3 index 71be10761..dc172029e 100644 --- a/src/libfreeswan/sameaddr.3 +++ b/src/libfreeswan/sameaddr.3 @@ -1,5 +1,5 @@ .TH IPSEC_ANYADDR 3 "28 Nov 2000" -.\" RCSID $Id: sameaddr.3,v 1.1 2004/03/15 20:35:26 as Exp $ +.\" RCSID $Id: sameaddr.3 3265 2007-10-08 19:52:55Z andreas $ .SH NAME ipsec sameaddr \- are two addresses the same? .br diff --git a/src/libfreeswan/sameaddr.c b/src/libfreeswan/sameaddr.c index efc40796e..77f458e50 100644 --- a/src/libfreeswan/sameaddr.c +++ b/src/libfreeswan/sameaddr.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public * License for more details. * - * RCSID $Id: sameaddr.c,v 1.1 2004/03/15 20:35:26 as Exp $ + * RCSID $Id: sameaddr.c 3265 2007-10-08 19:52:55Z andreas $ */ #include "internal.h" #include "freeswan.h" diff --git a/src/libfreeswan/satoa.c b/src/libfreeswan/satoa.c index 410fb8437..46ed1a483 100644 --- a/src/libfreeswan/satoa.c +++ b/src/libfreeswan/satoa.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public * License for more details. * - * RCSID $Id: satoa.c,v 1.1 2004/03/15 20:35:26 as Exp $ + * RCSID $Id: satoa.c 3265 2007-10-08 19:52:55Z andreas $ */ #include "internal.h" #include "freeswan.h" diff --git a/src/libfreeswan/satot.c b/src/libfreeswan/satot.c index 927f4ca1f..bb1e6c736 100644 --- a/src/libfreeswan/satot.c +++ b/src/libfreeswan/satot.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public * License for more details. * - * RCSID $Id: satot.c,v 1.1 2004/03/15 20:35:26 as Exp $ + * RCSID $Id: satot.c 3265 2007-10-08 19:52:55Z andreas $ */ #include "internal.h" #include "freeswan.h" diff --git a/src/libfreeswan/subnetof.3 b/src/libfreeswan/subnetof.3 index 1911e499f..9358256cf 100644 --- a/src/libfreeswan/subnetof.3 +++ b/src/libfreeswan/subnetof.3 @@ -1,5 +1,5 @@ .TH IPSEC_SUBNETOF 3 "11 June 2001" -.\" RCSID $Id: subnetof.3,v 1.1 2004/03/15 20:35:26 as Exp $ +.\" RCSID $Id: subnetof.3 3265 2007-10-08 19:52:55Z andreas $ .SH NAME ipsec subnetof \- given Internet address and subnet mask, return subnet number .br diff --git a/src/libfreeswan/subnetof.c b/src/libfreeswan/subnetof.c index 1b288c591..4cc3653f3 100644 --- a/src/libfreeswan/subnetof.c +++ b/src/libfreeswan/subnetof.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public * License for more details. * - * RCSID $Id: subnetof.c,v 1.1 2004/03/15 20:35:26 as Exp $ + * RCSID $Id: subnetof.c 3265 2007-10-08 19:52:55Z andreas $ */ #include "internal.h" #include "freeswan.h" diff --git a/src/libfreeswan/subnettoa.c b/src/libfreeswan/subnettoa.c index 36cad8b88..6fc282de1 100644 --- a/src/libfreeswan/subnettoa.c +++ b/src/libfreeswan/subnettoa.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public * License for more details. * - * RCSID $Id: subnettoa.c,v 1.1 2004/03/15 20:35:26 as Exp $ + * RCSID $Id: subnettoa.c 3265 2007-10-08 19:52:55Z andreas $ */ #include "internal.h" #include "freeswan.h" diff --git a/src/libfreeswan/subnettot.c b/src/libfreeswan/subnettot.c index 0385d25e5..7bdacc1fb 100644 --- a/src/libfreeswan/subnettot.c +++ b/src/libfreeswan/subnettot.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public * License for more details. * - * RCSID $Id: subnettot.c,v 1.1 2004/03/15 20:35:26 as Exp $ + * RCSID $Id: subnettot.c 3265 2007-10-08 19:52:55Z andreas $ */ #include "internal.h" #include "freeswan.h" diff --git a/src/libfreeswan/subnettypeof.c b/src/libfreeswan/subnettypeof.c index 6f44b2e4b..d2b09fde7 100644 --- a/src/libfreeswan/subnettypeof.c +++ b/src/libfreeswan/subnettypeof.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public * License for more details. * - * RCSID $Id: subnettypeof.c,v 1.1 2004/03/15 20:35:26 as Exp $ + * RCSID $Id: subnettypeof.c 3265 2007-10-08 19:52:55Z andreas $ */ #include "internal.h" #include "freeswan.h" diff --git a/src/libfreeswan/ttoaddr.3 b/src/libfreeswan/ttoaddr.3 index 5bf48d4b2..a1ede84b3 100644 --- a/src/libfreeswan/ttoaddr.3 +++ b/src/libfreeswan/ttoaddr.3 @@ -1,5 +1,5 @@ .TH IPSEC_TTOADDR 3 "28 Sept 2001" -.\" RCSID $Id: ttoaddr.3,v 1.1 2004/03/15 20:35:26 as Exp $ +.\" RCSID $Id: ttoaddr.3 3265 2007-10-08 19:52:55Z andreas $ .SH NAME ipsec ttoaddr, tnatoaddr, addrtot \- convert Internet addresses to and from text .br diff --git a/src/libfreeswan/ttoaddr.c b/src/libfreeswan/ttoaddr.c index efcb33e9f..f1c6810ea 100644 --- a/src/libfreeswan/ttoaddr.c +++ b/src/libfreeswan/ttoaddr.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public * License for more details. * - * RCSID $Id: ttoaddr.c,v 1.1 2004/03/15 20:35:26 as Exp $ + * RCSID $Id: ttoaddr.c 3265 2007-10-08 19:52:55Z andreas $ */ #include "internal.h" #include "freeswan.h" diff --git a/src/libfreeswan/ttodata.3 b/src/libfreeswan/ttodata.3 index 98bbe4ab3..0663407ff 100644 --- a/src/libfreeswan/ttodata.3 +++ b/src/libfreeswan/ttodata.3 @@ -1,5 +1,5 @@ .TH IPSEC_TTODATA 3 "16 August 2003" -.\" RCSID $Id: ttodata.3,v 1.2 2005/07/18 20:13:42 as Exp $ +.\" RCSID $Id: ttodata.3 3265 2007-10-08 19:52:55Z andreas $ .SH NAME ipsec ttodata, datatot \- convert binary data bytes from and to text formats .SH SYNOPSIS diff --git a/src/libfreeswan/ttodata.c b/src/libfreeswan/ttodata.c index e1bf7606a..5334ea124 100644 --- a/src/libfreeswan/ttodata.c +++ b/src/libfreeswan/ttodata.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public * License for more details. * - * RCSID $Id: ttodata.c,v 1.1 2004/03/15 20:35:26 as Exp $ + * RCSID $Id: ttodata.c 3265 2007-10-08 19:52:55Z andreas $ */ #include "internal.h" #include "freeswan.h" diff --git a/src/libfreeswan/ttoprotoport.c b/src/libfreeswan/ttoprotoport.c index 46321838c..d64cfd5ee 100644 --- a/src/libfreeswan/ttoprotoport.c +++ b/src/libfreeswan/ttoprotoport.c @@ -13,7 +13,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: ttoprotoport.c,v 1.1 2004/03/15 20:35:26 as Exp $ + * RCSID $Id: ttoprotoport.c 3265 2007-10-08 19:52:55Z andreas $ */ #include "internal.h" diff --git a/src/libfreeswan/ttosa.3 b/src/libfreeswan/ttosa.3 index bf918e108..3ae041de2 100644 --- a/src/libfreeswan/ttosa.3 +++ b/src/libfreeswan/ttosa.3 @@ -1,5 +1,5 @@ .TH IPSEC_TTOSA 3 "26 Nov 2001" -.\" RCSID $Id: ttosa.3,v 1.1 2004/03/15 20:35:26 as Exp $ +.\" RCSID $Id: ttosa.3 3265 2007-10-08 19:52:55Z andreas $ .SH NAME ipsec ttosa, satot \- convert IPsec Security Association IDs to and from text .br diff --git a/src/libfreeswan/ttosa.c b/src/libfreeswan/ttosa.c index aa2283694..4e6a29f74 100644 --- a/src/libfreeswan/ttosa.c +++ b/src/libfreeswan/ttosa.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public * License for more details. * - * RCSID $Id: ttosa.c,v 1.1 2004/03/15 20:35:26 as Exp $ + * RCSID $Id: ttosa.c 3265 2007-10-08 19:52:55Z andreas $ */ #include "internal.h" #include "freeswan.h" diff --git a/src/libfreeswan/ttosubnet.c b/src/libfreeswan/ttosubnet.c index 7f5cddb82..82e569ea1 100644 --- a/src/libfreeswan/ttosubnet.c +++ b/src/libfreeswan/ttosubnet.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public * License for more details. * - * RCSID $Id: ttosubnet.c,v 1.1 2004/03/15 20:35:26 as Exp $ + * RCSID $Id: ttosubnet.c 3265 2007-10-08 19:52:55Z andreas $ */ #include "internal.h" #include "freeswan.h" diff --git a/src/libfreeswan/ttoul.3 b/src/libfreeswan/ttoul.3 index 67d4bd34f..2bd08b4b0 100644 --- a/src/libfreeswan/ttoul.3 +++ b/src/libfreeswan/ttoul.3 @@ -1,5 +1,5 @@ .TH IPSEC_TTOUL 3 "16 Aug 2000" -.\" RCSID $Id: ttoul.3,v 1.1 2004/03/15 20:35:26 as Exp $ +.\" RCSID $Id: ttoul.3 3265 2007-10-08 19:52:55Z andreas $ .SH NAME ipsec ttoul, ultot \- convert unsigned-long numbers to and from text .SH SYNOPSIS diff --git a/src/libfreeswan/ttoul.c b/src/libfreeswan/ttoul.c index 9c6193c68..1bd73a702 100644 --- a/src/libfreeswan/ttoul.c +++ b/src/libfreeswan/ttoul.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public * License for more details. * - * RCSID $Id: ttoul.c,v 1.1 2004/03/15 20:35:26 as Exp $ + * RCSID $Id: ttoul.c 3265 2007-10-08 19:52:55Z andreas $ */ #include "internal.h" #include "freeswan.h" diff --git a/src/libfreeswan/ultoa.c b/src/libfreeswan/ultoa.c index 2c2644826..ae7c7e62b 100644 --- a/src/libfreeswan/ultoa.c +++ b/src/libfreeswan/ultoa.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public * License for more details. * - * RCSID $Id: ultoa.c,v 1.1 2004/03/15 20:35:26 as Exp $ + * RCSID $Id: ultoa.c 3265 2007-10-08 19:52:55Z andreas $ */ #include "internal.h" #include "freeswan.h" diff --git a/src/libfreeswan/ultot.c b/src/libfreeswan/ultot.c index edffa4a2d..9e1bfa36c 100644 --- a/src/libfreeswan/ultot.c +++ b/src/libfreeswan/ultot.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public * License for more details. * - * RCSID $Id: ultot.c,v 1.1 2004/03/15 20:35:26 as Exp $ + * RCSID $Id: ultot.c 3265 2007-10-08 19:52:55Z andreas $ */ #include "internal.h" #include "freeswan.h" diff --git a/src/libfreeswan/version.3 b/src/libfreeswan/version.3 index 06c5f01e3..e43ee8b61 100644 --- a/src/libfreeswan/version.3 +++ b/src/libfreeswan/version.3 @@ -1,5 +1,5 @@ .TH IPSEC_VERSION 3 "21 Nov 2001" -.\" RCSID $Id: version.3,v 1.1 2004/03/15 20:35:26 as Exp $ +.\" RCSID $Id: version.3 3265 2007-10-08 19:52:55Z andreas $ .SH NAME ipsec ipsec_version_code \- get IPsec version code .br diff --git a/src/libfreeswan/version.c b/src/libfreeswan/version.c index 3a947b1b9..ffd2f5680 100644 --- a/src/libfreeswan/version.c +++ b/src/libfreeswan/version.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public * License for more details. * - * RCSID $Id: version.in.c,v 1.2 2004/03/16 12:26:32 as Exp $ + * RCSID $Id: version.c 3265 2007-10-08 19:52:55Z andreas $ */ #ifdef __KERNEL__ diff --git a/src/libstrongswan/Makefile.am b/src/libstrongswan/Makefile.am index 292abc0a4..e8859ad4c 100644 --- a/src/libstrongswan/Makefile.am +++ b/src/libstrongswan/Makefile.am @@ -1,6 +1,14 @@ lib_LTLIBRARIES = libstrongswan.la -libstrongswan_la_SOURCES = \ +if USE_INTEGRITY_TEST + libstrongswan_la_SOURCES = \ + fips/fips_canister_start.c \ + fips/fips.c fips/fips.h +else + libstrongswan_la_SOURCES = +endif + +libstrongswan_la_SOURCES += \ credential_store.h \ library.c library.h \ chunk.c chunk.h \ @@ -16,15 +24,17 @@ crypto/ca.c crypto/ca.h \ crypto/certinfo.c crypto/certinfo.h \ crypto/crl.c crypto/crl.h \ crypto/crypters/crypter.c crypto/crypters/crypter.h \ -crypto/crypters/aes_cbc_crypter.c crypto/crypters/aes_cbc_crypter.h\ -crypto/crypters/des_crypter.c crypto/crypters/des_crypter.h\ +crypto/crypters/aes_cbc_crypter.c crypto/crypters/aes_cbc_crypter.h \ +crypto/crypters/des_crypter.c crypto/crypters/des_crypter.h \ crypto/diffie_hellman.c crypto/diffie_hellman.h \ crypto/hashers/hasher.h crypto/hashers/hasher.c \ crypto/hashers/sha1_hasher.c crypto/hashers/sha1_hasher.h \ crypto/hashers/sha2_hasher.c crypto/hashers/sha2_hasher.h \ crypto/hashers/md5_hasher.c crypto/hashers/md5_hasher.h \ crypto/hmac.c crypto/hmac.h \ +crypto/ietf_attr_list.c crypto/ietf_attr_list.h \ crypto/ocsp.c crypto/ocsp.h \ +crypto/pkcs7.c crypto/pkcs7.h \ crypto/prfs/fips_prf.c crypto/prfs/fips_prf.h \ crypto/prfs/hmac_prf.c crypto/prfs/hmac_prf.h \ crypto/prfs/prf.c crypto/prfs/prf.h \ @@ -41,14 +51,18 @@ utils/iterator.h \ utils/leak_detective.c utils/leak_detective.h \ utils/lexparser.c utils/lexparser.h \ utils/linked_list.c utils/linked_list.h \ +utils/enumerator.c utils/enumerator.h \ +utils/optionsfrom.c utils/optionsfrom.h \ utils/randomizer.c utils/randomizer.h +if USE_INTEGRITY_TEST + libstrongswan_la_SOURCES += \ + fips/fips_canister_end.c +endif + libstrongswan_la_LIBADD = -lgmp -lpthread INCLUDES = -I$(top_srcdir)/src/libstrongswan -EXTRA_DIST = asn1/oid.txt asn1/oid.pl -BUILT_SOURCES = asn1/oid.c asn1/oid.h -MAINTAINERCLEANFILES = asn1/oid.c asn1/oid.h if USE_LEAK_DETECTIVE libstrongswan_la_LIBADD += -ldl @@ -63,8 +77,26 @@ if USE_LIBLDAP libstrongswan_la_LIBADD += -lldap -llber endif +EXTRA_DIST = asn1/oid.txt asn1/oid.pl +BUILT_SOURCES = asn1/oid.c asn1/oid.h +MAINTAINERCLEANFILES = asn1/oid.c asn1/oid.h + asn1/oid.c : asn1/oid.txt asn1/oid.pl cd asn1 && $(PERL) oid.pl asn1/oid.h : asn1/oid.txt asn1/oid.pl cd asn1 && $(PERL) oid.pl + +if USE_INTEGRITY_TEST +# build fips_signer which in turn builds fips_signature.h +######################################################### +noinst_PROGRAMS = fips_signer +fips_signer_SOURCES = fips/fips_signer.c +fips_signer_LDADD = libstrongswan.la + +BUILT_SOURCES += fips_signature.h +CLEANFILES = fips_signature.h fips_signer + +fips_signature.h : fips_signer + ./fips_signer +endif diff --git a/src/libstrongswan/Makefile.in b/src/libstrongswan/Makefile.in index f1144144e..75d3dddd4 100644 --- a/src/libstrongswan/Makefile.in +++ b/src/libstrongswan/Makefile.in @@ -1,8 +1,8 @@ -# Makefile.in generated by automake 1.9.6 from Makefile.am. +# Makefile.in generated by automake 1.10 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,15 +14,12 @@ @SET_MAKE@ -srcdir = @srcdir@ -top_srcdir = @top_srcdir@ + VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ -top_builddir = ../.. am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -INSTALL = @INSTALL@ install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c @@ -39,6 +36,8 @@ host_triplet = @host@ @USE_LEAK_DETECTIVE_TRUE@am__append_1 = -ldl @USE_LIBCURL_TRUE@am__append_2 = -lcurl @USE_LIBLDAP_TRUE@am__append_3 = -lldap -llber +@USE_INTEGRITY_TEST_TRUE@noinst_PROGRAMS = fips_signer$(EXEEXT) +@USE_INTEGRITY_TEST_TRUE@am__append_4 = fips_signature.h subdir = src/libstrongswan DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 @@ -59,43 +58,106 @@ LTLIBRARIES = $(lib_LTLIBRARIES) am__DEPENDENCIES_1 = libstrongswan_la_DEPENDENCIES = $(am__DEPENDENCIES_1) \ $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) -am_libstrongswan_la_OBJECTS = library.lo chunk.lo debug.lo enum.lo \ - printf_hook.lo asn1.lo oid.lo pem.lo ttodata.lo ac.lo ca.lo \ - certinfo.lo crl.lo crypter.lo aes_cbc_crypter.lo \ - des_crypter.lo diffie_hellman.lo hasher.lo sha1_hasher.lo \ - sha2_hasher.lo md5_hasher.lo hmac.lo ocsp.lo fips_prf.lo \ - hmac_prf.lo prf.lo prf_plus.lo rsa_private_key.lo \ - rsa_public_key.lo hmac_signer.lo signer.lo x509.lo fetcher.lo \ - host.lo identification.lo leak_detective.lo lexparser.lo \ - linked_list.lo randomizer.lo +am__libstrongswan_la_SOURCES_DIST = credential_store.h library.c \ + library.h chunk.c chunk.h debug.c debug.h enum.c enum.h \ + printf_hook.c printf_hook.h asn1/asn1.c asn1/asn1.h asn1/oid.c \ + asn1/oid.h asn1/pem.c asn1/pem.h asn1/ttodata.c asn1/ttodata.h \ + crypto/ac.c crypto/ac.h crypto/ca.c crypto/ca.h \ + crypto/certinfo.c crypto/certinfo.h crypto/crl.c crypto/crl.h \ + crypto/crypters/crypter.c crypto/crypters/crypter.h \ + crypto/crypters/aes_cbc_crypter.c \ + crypto/crypters/aes_cbc_crypter.h \ + crypto/crypters/des_crypter.c crypto/crypters/des_crypter.h \ + crypto/diffie_hellman.c crypto/diffie_hellman.h \ + crypto/hashers/hasher.h crypto/hashers/hasher.c \ + crypto/hashers/sha1_hasher.c crypto/hashers/sha1_hasher.h \ + crypto/hashers/sha2_hasher.c crypto/hashers/sha2_hasher.h \ + crypto/hashers/md5_hasher.c crypto/hashers/md5_hasher.h \ + crypto/hmac.c crypto/hmac.h crypto/ietf_attr_list.c \ + crypto/ietf_attr_list.h crypto/ocsp.c crypto/ocsp.h \ + crypto/pkcs7.c crypto/pkcs7.h crypto/prfs/fips_prf.c \ + crypto/prfs/fips_prf.h crypto/prfs/hmac_prf.c \ + crypto/prfs/hmac_prf.h crypto/prfs/prf.c crypto/prfs/prf.h \ + crypto/prf_plus.h crypto/prf_plus.c \ + crypto/rsa/rsa_private_key.c crypto/rsa/rsa_private_key.h \ + crypto/rsa/rsa_public_key.h crypto/rsa/rsa_public_key.c \ + crypto/signers/hmac_signer.c crypto/signers/hmac_signer.h \ + crypto/signers/signer.c crypto/signers/signer.h crypto/x509.c \ + crypto/x509.h utils/fetcher.c utils/fetcher.h utils/host.c \ + utils/host.h utils/identification.c utils/identification.h \ + utils/iterator.h utils/leak_detective.c utils/leak_detective.h \ + utils/lexparser.c utils/lexparser.h utils/linked_list.c \ + utils/linked_list.h utils/enumerator.c utils/enumerator.h \ + utils/optionsfrom.c utils/optionsfrom.h utils/randomizer.c \ + utils/randomizer.h fips/fips_canister_start.c fips/fips.c \ + fips/fips.h fips/fips_canister_end.c +@USE_INTEGRITY_TEST_FALSE@am_libstrongswan_la_OBJECTS = library.lo \ +@USE_INTEGRITY_TEST_FALSE@ chunk.lo debug.lo enum.lo \ +@USE_INTEGRITY_TEST_FALSE@ printf_hook.lo asn1.lo oid.lo pem.lo \ +@USE_INTEGRITY_TEST_FALSE@ ttodata.lo ac.lo ca.lo certinfo.lo \ +@USE_INTEGRITY_TEST_FALSE@ crl.lo crypter.lo aes_cbc_crypter.lo \ +@USE_INTEGRITY_TEST_FALSE@ des_crypter.lo diffie_hellman.lo \ +@USE_INTEGRITY_TEST_FALSE@ hasher.lo sha1_hasher.lo \ +@USE_INTEGRITY_TEST_FALSE@ sha2_hasher.lo md5_hasher.lo hmac.lo \ +@USE_INTEGRITY_TEST_FALSE@ ietf_attr_list.lo ocsp.lo pkcs7.lo \ +@USE_INTEGRITY_TEST_FALSE@ fips_prf.lo hmac_prf.lo prf.lo \ +@USE_INTEGRITY_TEST_FALSE@ prf_plus.lo rsa_private_key.lo \ +@USE_INTEGRITY_TEST_FALSE@ rsa_public_key.lo hmac_signer.lo \ +@USE_INTEGRITY_TEST_FALSE@ signer.lo x509.lo fetcher.lo host.lo \ +@USE_INTEGRITY_TEST_FALSE@ identification.lo leak_detective.lo \ +@USE_INTEGRITY_TEST_FALSE@ lexparser.lo linked_list.lo \ +@USE_INTEGRITY_TEST_FALSE@ enumerator.lo optionsfrom.lo \ +@USE_INTEGRITY_TEST_FALSE@ randomizer.lo +@USE_INTEGRITY_TEST_TRUE@am_libstrongswan_la_OBJECTS = \ +@USE_INTEGRITY_TEST_TRUE@ fips_canister_start.lo fips.lo \ +@USE_INTEGRITY_TEST_TRUE@ library.lo chunk.lo debug.lo enum.lo \ +@USE_INTEGRITY_TEST_TRUE@ printf_hook.lo asn1.lo oid.lo pem.lo \ +@USE_INTEGRITY_TEST_TRUE@ ttodata.lo ac.lo ca.lo certinfo.lo \ +@USE_INTEGRITY_TEST_TRUE@ crl.lo crypter.lo aes_cbc_crypter.lo \ +@USE_INTEGRITY_TEST_TRUE@ des_crypter.lo diffie_hellman.lo \ +@USE_INTEGRITY_TEST_TRUE@ hasher.lo sha1_hasher.lo \ +@USE_INTEGRITY_TEST_TRUE@ sha2_hasher.lo md5_hasher.lo hmac.lo \ +@USE_INTEGRITY_TEST_TRUE@ ietf_attr_list.lo ocsp.lo pkcs7.lo \ +@USE_INTEGRITY_TEST_TRUE@ fips_prf.lo hmac_prf.lo prf.lo \ +@USE_INTEGRITY_TEST_TRUE@ prf_plus.lo rsa_private_key.lo \ +@USE_INTEGRITY_TEST_TRUE@ rsa_public_key.lo hmac_signer.lo \ +@USE_INTEGRITY_TEST_TRUE@ signer.lo x509.lo fetcher.lo host.lo \ +@USE_INTEGRITY_TEST_TRUE@ identification.lo leak_detective.lo \ +@USE_INTEGRITY_TEST_TRUE@ lexparser.lo linked_list.lo \ +@USE_INTEGRITY_TEST_TRUE@ enumerator.lo optionsfrom.lo \ +@USE_INTEGRITY_TEST_TRUE@ randomizer.lo fips_canister_end.lo libstrongswan_la_OBJECTS = $(am_libstrongswan_la_OBJECTS) -DEFAULT_INCLUDES = -I. -I$(srcdir) +PROGRAMS = $(noinst_PROGRAMS) +am__fips_signer_SOURCES_DIST = fips/fips_signer.c +@USE_INTEGRITY_TEST_TRUE@am_fips_signer_OBJECTS = \ +@USE_INTEGRITY_TEST_TRUE@ fips_signer.$(OBJEXT) +fips_signer_OBJECTS = $(am_fips_signer_OBJECTS) +@USE_INTEGRITY_TEST_TRUE@fips_signer_DEPENDENCIES = libstrongswan.la +DEFAULT_INCLUDES = -I.@am__isrc@ depcomp = $(SHELL) $(top_srcdir)/depcomp am__depfiles_maybe = depfiles COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) \ - $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \ - $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ + $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ - $(AM_LDFLAGS) $(LDFLAGS) -o $@ -SOURCES = $(libstrongswan_la_SOURCES) -DIST_SOURCES = $(libstrongswan_la_SOURCES) +LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ + $(LDFLAGS) -o $@ +SOURCES = $(libstrongswan_la_SOURCES) $(fips_signer_SOURCES) +DIST_SOURCES = $(am__libstrongswan_la_SOURCES_DIST) \ + $(am__fips_signer_SOURCES_DIST) ETAGS = etags CTAGS = ctags DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) ACLOCAL = @ACLOCAL@ -AMDEP_FALSE = @AMDEP_FALSE@ -AMDEP_TRUE = @AMDEP_TRUE@ AMTAR = @AMTAR@ AR = @AR@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ -BUILD_EAP_SIM_FALSE = @BUILD_EAP_SIM_FALSE@ -BUILD_EAP_SIM_TRUE = @BUILD_EAP_SIM_TRUE@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ @@ -118,10 +180,13 @@ F77 = @F77@ FFLAGS = @FFLAGS@ GPERF = @GPERF@ GREP = @GREP@ +INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@ +IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ @@ -133,6 +198,7 @@ LINUX_HEADERS = @LINUX_HEADERS@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ +MKDIR_P = @MKDIR_P@ OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ @@ -148,34 +214,16 @@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ STRIP = @STRIP@ -USE_CISCO_QUIRKS_FALSE = @USE_CISCO_QUIRKS_FALSE@ -USE_CISCO_QUIRKS_TRUE = @USE_CISCO_QUIRKS_TRUE@ -USE_LEAK_DETECTIVE_FALSE = @USE_LEAK_DETECTIVE_FALSE@ -USE_LEAK_DETECTIVE_TRUE = @USE_LEAK_DETECTIVE_TRUE@ -USE_LIBCURL_FALSE = @USE_LIBCURL_FALSE@ -USE_LIBCURL_TRUE = @USE_LIBCURL_TRUE@ -USE_LIBDBUS_FALSE = @USE_LIBDBUS_FALSE@ -USE_LIBDBUS_TRUE = @USE_LIBDBUS_TRUE@ -USE_LIBLDAP_FALSE = @USE_LIBLDAP_FALSE@ -USE_LIBLDAP_TRUE = @USE_LIBLDAP_TRUE@ -USE_LIBXML_FALSE = @USE_LIBXML_FALSE@ -USE_LIBXML_TRUE = @USE_LIBXML_TRUE@ -USE_NAT_TRANSPORT_FALSE = @USE_NAT_TRANSPORT_FALSE@ -USE_NAT_TRANSPORT_TRUE = @USE_NAT_TRANSPORT_TRUE@ -USE_SMARTCARD_FALSE = @USE_SMARTCARD_FALSE@ -USE_SMARTCARD_TRUE = @USE_SMARTCARD_TRUE@ -USE_VENDORID_FALSE = @USE_VENDORID_FALSE@ -USE_VENDORID_TRUE = @USE_VENDORID_TRUE@ VERSION = @VERSION@ YACC = @YACC@ YFLAGS = @YFLAGS@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ ac_ct_CC = @ac_ct_CC@ ac_ct_CXX = @ac_ct_CXX@ ac_ct_F77 = @ac_ct_F77@ -am__fastdepCC_FALSE = @am__fastdepCC_FALSE@ -am__fastdepCC_TRUE = @am__fastdepCC_TRUE@ -am__fastdepCXX_FALSE = @am__fastdepCXX_FALSE@ -am__fastdepCXX_TRUE = @am__fastdepCXX_TRUE@ am__include = @am__include@ am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ @@ -188,6 +236,7 @@ build_alias = @build_alias@ build_cpu = @build_cpu@ build_os = @build_os@ build_vendor = @build_vendor@ +builddir = @builddir@ confdir = @confdir@ datadir = @datadir@ datarootdir = @datarootdir@ @@ -225,61 +274,149 @@ program_transform_name = @program_transform_name@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ +srcdir = @srcdir@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ xml_CFLAGS = @xml_CFLAGS@ xml_LIBS = @xml_LIBS@ lib_LTLIBRARIES = libstrongswan.la -libstrongswan_la_SOURCES = \ -credential_store.h \ -library.c library.h \ -chunk.c chunk.h \ -debug.c debug.h \ -enum.c enum.h \ -printf_hook.c printf_hook.h \ -asn1/asn1.c asn1/asn1.h \ -asn1/oid.c asn1/oid.h \ -asn1/pem.c asn1/pem.h \ -asn1/ttodata.c asn1/ttodata.h \ -crypto/ac.c crypto/ac.h \ -crypto/ca.c crypto/ca.h \ -crypto/certinfo.c crypto/certinfo.h \ -crypto/crl.c crypto/crl.h \ -crypto/crypters/crypter.c crypto/crypters/crypter.h \ -crypto/crypters/aes_cbc_crypter.c crypto/crypters/aes_cbc_crypter.h\ -crypto/crypters/des_crypter.c crypto/crypters/des_crypter.h\ -crypto/diffie_hellman.c crypto/diffie_hellman.h \ -crypto/hashers/hasher.h crypto/hashers/hasher.c \ -crypto/hashers/sha1_hasher.c crypto/hashers/sha1_hasher.h \ -crypto/hashers/sha2_hasher.c crypto/hashers/sha2_hasher.h \ -crypto/hashers/md5_hasher.c crypto/hashers/md5_hasher.h \ -crypto/hmac.c crypto/hmac.h \ -crypto/ocsp.c crypto/ocsp.h \ -crypto/prfs/fips_prf.c crypto/prfs/fips_prf.h \ -crypto/prfs/hmac_prf.c crypto/prfs/hmac_prf.h \ -crypto/prfs/prf.c crypto/prfs/prf.h \ -crypto/prf_plus.h crypto/prf_plus.c \ -crypto/rsa/rsa_private_key.c crypto/rsa/rsa_private_key.h \ -crypto/rsa/rsa_public_key.h crypto/rsa/rsa_public_key.c \ -crypto/signers/hmac_signer.c crypto/signers/hmac_signer.h \ -crypto/signers/signer.c crypto/signers/signer.h \ -crypto/x509.c crypto/x509.h \ -utils/fetcher.c utils/fetcher.h \ -utils/host.c utils/host.h \ -utils/identification.c utils/identification.h \ -utils/iterator.h \ -utils/leak_detective.c utils/leak_detective.h \ -utils/lexparser.c utils/lexparser.h \ -utils/linked_list.c utils/linked_list.h \ -utils/randomizer.c utils/randomizer.h - +@USE_INTEGRITY_TEST_FALSE@libstrongswan_la_SOURCES = \ +@USE_INTEGRITY_TEST_FALSE@ credential_store.h library.c \ +@USE_INTEGRITY_TEST_FALSE@ library.h chunk.c chunk.h debug.c \ +@USE_INTEGRITY_TEST_FALSE@ debug.h enum.c enum.h printf_hook.c \ +@USE_INTEGRITY_TEST_FALSE@ printf_hook.h asn1/asn1.c \ +@USE_INTEGRITY_TEST_FALSE@ asn1/asn1.h asn1/oid.c asn1/oid.h \ +@USE_INTEGRITY_TEST_FALSE@ asn1/pem.c asn1/pem.h asn1/ttodata.c \ +@USE_INTEGRITY_TEST_FALSE@ asn1/ttodata.h crypto/ac.c \ +@USE_INTEGRITY_TEST_FALSE@ crypto/ac.h crypto/ca.c crypto/ca.h \ +@USE_INTEGRITY_TEST_FALSE@ crypto/certinfo.c crypto/certinfo.h \ +@USE_INTEGRITY_TEST_FALSE@ crypto/crl.c crypto/crl.h \ +@USE_INTEGRITY_TEST_FALSE@ crypto/crypters/crypter.c \ +@USE_INTEGRITY_TEST_FALSE@ crypto/crypters/crypter.h \ +@USE_INTEGRITY_TEST_FALSE@ crypto/crypters/aes_cbc_crypter.c \ +@USE_INTEGRITY_TEST_FALSE@ crypto/crypters/aes_cbc_crypter.h \ +@USE_INTEGRITY_TEST_FALSE@ crypto/crypters/des_crypter.c \ +@USE_INTEGRITY_TEST_FALSE@ crypto/crypters/des_crypter.h \ +@USE_INTEGRITY_TEST_FALSE@ crypto/diffie_hellman.c \ +@USE_INTEGRITY_TEST_FALSE@ crypto/diffie_hellman.h \ +@USE_INTEGRITY_TEST_FALSE@ crypto/hashers/hasher.h \ +@USE_INTEGRITY_TEST_FALSE@ crypto/hashers/hasher.c \ +@USE_INTEGRITY_TEST_FALSE@ crypto/hashers/sha1_hasher.c \ +@USE_INTEGRITY_TEST_FALSE@ crypto/hashers/sha1_hasher.h \ +@USE_INTEGRITY_TEST_FALSE@ crypto/hashers/sha2_hasher.c \ +@USE_INTEGRITY_TEST_FALSE@ crypto/hashers/sha2_hasher.h \ +@USE_INTEGRITY_TEST_FALSE@ crypto/hashers/md5_hasher.c \ +@USE_INTEGRITY_TEST_FALSE@ crypto/hashers/md5_hasher.h \ +@USE_INTEGRITY_TEST_FALSE@ crypto/hmac.c crypto/hmac.h \ +@USE_INTEGRITY_TEST_FALSE@ crypto/ietf_attr_list.c \ +@USE_INTEGRITY_TEST_FALSE@ crypto/ietf_attr_list.h \ +@USE_INTEGRITY_TEST_FALSE@ crypto/ocsp.c crypto/ocsp.h \ +@USE_INTEGRITY_TEST_FALSE@ crypto/pkcs7.c crypto/pkcs7.h \ +@USE_INTEGRITY_TEST_FALSE@ crypto/prfs/fips_prf.c \ +@USE_INTEGRITY_TEST_FALSE@ crypto/prfs/fips_prf.h \ +@USE_INTEGRITY_TEST_FALSE@ crypto/prfs/hmac_prf.c \ +@USE_INTEGRITY_TEST_FALSE@ crypto/prfs/hmac_prf.h \ +@USE_INTEGRITY_TEST_FALSE@ crypto/prfs/prf.c crypto/prfs/prf.h \ +@USE_INTEGRITY_TEST_FALSE@ crypto/prf_plus.h crypto/prf_plus.c \ +@USE_INTEGRITY_TEST_FALSE@ crypto/rsa/rsa_private_key.c \ +@USE_INTEGRITY_TEST_FALSE@ crypto/rsa/rsa_private_key.h \ +@USE_INTEGRITY_TEST_FALSE@ crypto/rsa/rsa_public_key.h \ +@USE_INTEGRITY_TEST_FALSE@ crypto/rsa/rsa_public_key.c \ +@USE_INTEGRITY_TEST_FALSE@ crypto/signers/hmac_signer.c \ +@USE_INTEGRITY_TEST_FALSE@ crypto/signers/hmac_signer.h \ +@USE_INTEGRITY_TEST_FALSE@ crypto/signers/signer.c \ +@USE_INTEGRITY_TEST_FALSE@ crypto/signers/signer.h \ +@USE_INTEGRITY_TEST_FALSE@ crypto/x509.c crypto/x509.h \ +@USE_INTEGRITY_TEST_FALSE@ utils/fetcher.c utils/fetcher.h \ +@USE_INTEGRITY_TEST_FALSE@ utils/host.c utils/host.h \ +@USE_INTEGRITY_TEST_FALSE@ utils/identification.c \ +@USE_INTEGRITY_TEST_FALSE@ utils/identification.h \ +@USE_INTEGRITY_TEST_FALSE@ utils/iterator.h \ +@USE_INTEGRITY_TEST_FALSE@ utils/leak_detective.c \ +@USE_INTEGRITY_TEST_FALSE@ utils/leak_detective.h \ +@USE_INTEGRITY_TEST_FALSE@ utils/lexparser.c utils/lexparser.h \ +@USE_INTEGRITY_TEST_FALSE@ utils/linked_list.c \ +@USE_INTEGRITY_TEST_FALSE@ utils/linked_list.h \ +@USE_INTEGRITY_TEST_FALSE@ utils/enumerator.c \ +@USE_INTEGRITY_TEST_FALSE@ utils/enumerator.h \ +@USE_INTEGRITY_TEST_FALSE@ utils/optionsfrom.c \ +@USE_INTEGRITY_TEST_FALSE@ utils/optionsfrom.h \ +@USE_INTEGRITY_TEST_FALSE@ utils/randomizer.c \ +@USE_INTEGRITY_TEST_FALSE@ utils/randomizer.h +@USE_INTEGRITY_TEST_TRUE@libstrongswan_la_SOURCES = \ +@USE_INTEGRITY_TEST_TRUE@ fips/fips_canister_start.c \ +@USE_INTEGRITY_TEST_TRUE@ fips/fips.c fips/fips.h \ +@USE_INTEGRITY_TEST_TRUE@ credential_store.h library.c \ +@USE_INTEGRITY_TEST_TRUE@ library.h chunk.c chunk.h debug.c \ +@USE_INTEGRITY_TEST_TRUE@ debug.h enum.c enum.h printf_hook.c \ +@USE_INTEGRITY_TEST_TRUE@ printf_hook.h asn1/asn1.c asn1/asn1.h \ +@USE_INTEGRITY_TEST_TRUE@ asn1/oid.c asn1/oid.h asn1/pem.c \ +@USE_INTEGRITY_TEST_TRUE@ asn1/pem.h asn1/ttodata.c \ +@USE_INTEGRITY_TEST_TRUE@ asn1/ttodata.h crypto/ac.c \ +@USE_INTEGRITY_TEST_TRUE@ crypto/ac.h crypto/ca.c crypto/ca.h \ +@USE_INTEGRITY_TEST_TRUE@ crypto/certinfo.c crypto/certinfo.h \ +@USE_INTEGRITY_TEST_TRUE@ crypto/crl.c crypto/crl.h \ +@USE_INTEGRITY_TEST_TRUE@ crypto/crypters/crypter.c \ +@USE_INTEGRITY_TEST_TRUE@ crypto/crypters/crypter.h \ +@USE_INTEGRITY_TEST_TRUE@ crypto/crypters/aes_cbc_crypter.c \ +@USE_INTEGRITY_TEST_TRUE@ crypto/crypters/aes_cbc_crypter.h \ +@USE_INTEGRITY_TEST_TRUE@ crypto/crypters/des_crypter.c \ +@USE_INTEGRITY_TEST_TRUE@ crypto/crypters/des_crypter.h \ +@USE_INTEGRITY_TEST_TRUE@ crypto/diffie_hellman.c \ +@USE_INTEGRITY_TEST_TRUE@ crypto/diffie_hellman.h \ +@USE_INTEGRITY_TEST_TRUE@ crypto/hashers/hasher.h \ +@USE_INTEGRITY_TEST_TRUE@ crypto/hashers/hasher.c \ +@USE_INTEGRITY_TEST_TRUE@ crypto/hashers/sha1_hasher.c \ +@USE_INTEGRITY_TEST_TRUE@ crypto/hashers/sha1_hasher.h \ +@USE_INTEGRITY_TEST_TRUE@ crypto/hashers/sha2_hasher.c \ +@USE_INTEGRITY_TEST_TRUE@ crypto/hashers/sha2_hasher.h \ +@USE_INTEGRITY_TEST_TRUE@ crypto/hashers/md5_hasher.c \ +@USE_INTEGRITY_TEST_TRUE@ crypto/hashers/md5_hasher.h \ +@USE_INTEGRITY_TEST_TRUE@ crypto/hmac.c crypto/hmac.h \ +@USE_INTEGRITY_TEST_TRUE@ crypto/ietf_attr_list.c \ +@USE_INTEGRITY_TEST_TRUE@ crypto/ietf_attr_list.h crypto/ocsp.c \ +@USE_INTEGRITY_TEST_TRUE@ crypto/ocsp.h crypto/pkcs7.c \ +@USE_INTEGRITY_TEST_TRUE@ crypto/pkcs7.h crypto/prfs/fips_prf.c \ +@USE_INTEGRITY_TEST_TRUE@ crypto/prfs/fips_prf.h \ +@USE_INTEGRITY_TEST_TRUE@ crypto/prfs/hmac_prf.c \ +@USE_INTEGRITY_TEST_TRUE@ crypto/prfs/hmac_prf.h \ +@USE_INTEGRITY_TEST_TRUE@ crypto/prfs/prf.c crypto/prfs/prf.h \ +@USE_INTEGRITY_TEST_TRUE@ crypto/prf_plus.h crypto/prf_plus.c \ +@USE_INTEGRITY_TEST_TRUE@ crypto/rsa/rsa_private_key.c \ +@USE_INTEGRITY_TEST_TRUE@ crypto/rsa/rsa_private_key.h \ +@USE_INTEGRITY_TEST_TRUE@ crypto/rsa/rsa_public_key.h \ +@USE_INTEGRITY_TEST_TRUE@ crypto/rsa/rsa_public_key.c \ +@USE_INTEGRITY_TEST_TRUE@ crypto/signers/hmac_signer.c \ +@USE_INTEGRITY_TEST_TRUE@ crypto/signers/hmac_signer.h \ +@USE_INTEGRITY_TEST_TRUE@ crypto/signers/signer.c \ +@USE_INTEGRITY_TEST_TRUE@ crypto/signers/signer.h crypto/x509.c \ +@USE_INTEGRITY_TEST_TRUE@ crypto/x509.h utils/fetcher.c \ +@USE_INTEGRITY_TEST_TRUE@ utils/fetcher.h utils/host.c \ +@USE_INTEGRITY_TEST_TRUE@ utils/host.h utils/identification.c \ +@USE_INTEGRITY_TEST_TRUE@ utils/identification.h \ +@USE_INTEGRITY_TEST_TRUE@ utils/iterator.h \ +@USE_INTEGRITY_TEST_TRUE@ utils/leak_detective.c \ +@USE_INTEGRITY_TEST_TRUE@ utils/leak_detective.h \ +@USE_INTEGRITY_TEST_TRUE@ utils/lexparser.c utils/lexparser.h \ +@USE_INTEGRITY_TEST_TRUE@ utils/linked_list.c \ +@USE_INTEGRITY_TEST_TRUE@ utils/linked_list.h \ +@USE_INTEGRITY_TEST_TRUE@ utils/enumerator.c utils/enumerator.h \ +@USE_INTEGRITY_TEST_TRUE@ utils/optionsfrom.c \ +@USE_INTEGRITY_TEST_TRUE@ utils/optionsfrom.h \ +@USE_INTEGRITY_TEST_TRUE@ utils/randomizer.c utils/randomizer.h \ +@USE_INTEGRITY_TEST_TRUE@ fips/fips_canister_end.c libstrongswan_la_LIBADD = -lgmp -lpthread $(am__append_1) \ $(am__append_2) $(am__append_3) INCLUDES = -I$(top_srcdir)/src/libstrongswan +@USE_LEAK_DETECTIVE_TRUE@AM_CFLAGS = -DLEAK_DETECTIVE EXTRA_DIST = asn1/oid.txt asn1/oid.pl -BUILT_SOURCES = asn1/oid.c asn1/oid.h +BUILT_SOURCES = asn1/oid.c asn1/oid.h $(am__append_4) MAINTAINERCLEANFILES = asn1/oid.c asn1/oid.h -@USE_LEAK_DETECTIVE_TRUE@AM_CFLAGS = -DLEAK_DETECTIVE +@USE_INTEGRITY_TEST_TRUE@fips_signer_SOURCES = fips/fips_signer.c +@USE_INTEGRITY_TEST_TRUE@fips_signer_LDADD = libstrongswan.la +@USE_INTEGRITY_TEST_TRUE@CLEANFILES = fips_signature.h fips_signer all: $(BUILT_SOURCES) $(MAKE) $(AM_MAKEFLAGS) all-am @@ -316,7 +453,7 @@ $(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh install-libLTLIBRARIES: $(lib_LTLIBRARIES) @$(NORMAL_INSTALL) - test -z "$(libdir)" || $(mkdir_p) "$(DESTDIR)$(libdir)" + test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)" @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ if test -f $$p; then \ f=$(am__strip_dir) \ @@ -327,7 +464,7 @@ install-libLTLIBRARIES: $(lib_LTLIBRARIES) uninstall-libLTLIBRARIES: @$(NORMAL_UNINSTALL) - @set -x; list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ p=$(am__strip_dir) \ echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \ $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \ @@ -342,7 +479,17 @@ clean-libLTLIBRARIES: rm -f "$${dir}/so_locations"; \ done libstrongswan.la: $(libstrongswan_la_OBJECTS) $(libstrongswan_la_DEPENDENCIES) - $(LINK) -rpath $(libdir) $(libstrongswan_la_LDFLAGS) $(libstrongswan_la_OBJECTS) $(libstrongswan_la_LIBADD) $(LIBS) + $(LINK) -rpath $(libdir) $(libstrongswan_la_OBJECTS) $(libstrongswan_la_LIBADD) $(LIBS) + +clean-noinstPROGRAMS: + @list='$(noinst_PROGRAMS)'; for p in $$list; do \ + f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f $$p $$f"; \ + rm -f $$p $$f ; \ + done +fips_signer$(EXEEXT): $(fips_signer_OBJECTS) $(fips_signer_DEPENDENCIES) + @rm -f fips_signer$(EXEEXT) + $(LINK) $(fips_signer_OBJECTS) $(fips_signer_LDADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) @@ -362,14 +509,20 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/des_crypter.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/diffie_hellman.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/enum.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/enumerator.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fetcher.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fips.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fips_canister_end.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fips_canister_start.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fips_prf.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fips_signer.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hasher.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hmac.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hmac_prf.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hmac_signer.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/host.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/identification.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ietf_attr_list.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/leak_detective.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/lexparser.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/library.Plo@am__quote@ @@ -377,7 +530,9 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/md5_hasher.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ocsp.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/oid.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/optionsfrom.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pem.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pkcs7.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/prf.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/prf_plus.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/printf_hook.Plo@am__quote@ @@ -391,263 +546,326 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/x509.Plo@am__quote@ .c.o: -@am__fastdepCC_TRUE@ if $(COMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ $<; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Po"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(COMPILE) -c $< .c.obj: -@am__fastdepCC_TRUE@ if $(COMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ `$(CYGPATH_W) '$<'`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Po"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` .c.lo: -@am__fastdepCC_TRUE@ if $(LTCOMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ $<; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Plo"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< asn1.lo: asn1/asn1.c -@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT asn1.lo -MD -MP -MF "$(DEPDIR)/asn1.Tpo" -c -o asn1.lo `test -f 'asn1/asn1.c' || echo '$(srcdir)/'`asn1/asn1.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/asn1.Tpo" "$(DEPDIR)/asn1.Plo"; else rm -f "$(DEPDIR)/asn1.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT asn1.lo -MD -MP -MF $(DEPDIR)/asn1.Tpo -c -o asn1.lo `test -f 'asn1/asn1.c' || echo '$(srcdir)/'`asn1/asn1.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/asn1.Tpo $(DEPDIR)/asn1.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='asn1/asn1.c' object='asn1.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o asn1.lo `test -f 'asn1/asn1.c' || echo '$(srcdir)/'`asn1/asn1.c +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o asn1.lo `test -f 'asn1/asn1.c' || echo '$(srcdir)/'`asn1/asn1.c oid.lo: asn1/oid.c -@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT oid.lo -MD -MP -MF "$(DEPDIR)/oid.Tpo" -c -o oid.lo `test -f 'asn1/oid.c' || echo '$(srcdir)/'`asn1/oid.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/oid.Tpo" "$(DEPDIR)/oid.Plo"; else rm -f "$(DEPDIR)/oid.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT oid.lo -MD -MP -MF $(DEPDIR)/oid.Tpo -c -o oid.lo `test -f 'asn1/oid.c' || echo '$(srcdir)/'`asn1/oid.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/oid.Tpo $(DEPDIR)/oid.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='asn1/oid.c' object='oid.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o oid.lo `test -f 'asn1/oid.c' || echo '$(srcdir)/'`asn1/oid.c +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o oid.lo `test -f 'asn1/oid.c' || echo '$(srcdir)/'`asn1/oid.c pem.lo: asn1/pem.c -@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT pem.lo -MD -MP -MF "$(DEPDIR)/pem.Tpo" -c -o pem.lo `test -f 'asn1/pem.c' || echo '$(srcdir)/'`asn1/pem.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/pem.Tpo" "$(DEPDIR)/pem.Plo"; else rm -f "$(DEPDIR)/pem.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT pem.lo -MD -MP -MF $(DEPDIR)/pem.Tpo -c -o pem.lo `test -f 'asn1/pem.c' || echo '$(srcdir)/'`asn1/pem.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/pem.Tpo $(DEPDIR)/pem.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='asn1/pem.c' object='pem.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o pem.lo `test -f 'asn1/pem.c' || echo '$(srcdir)/'`asn1/pem.c +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o pem.lo `test -f 'asn1/pem.c' || echo '$(srcdir)/'`asn1/pem.c ttodata.lo: asn1/ttodata.c -@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ttodata.lo -MD -MP -MF "$(DEPDIR)/ttodata.Tpo" -c -o ttodata.lo `test -f 'asn1/ttodata.c' || echo '$(srcdir)/'`asn1/ttodata.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ttodata.Tpo" "$(DEPDIR)/ttodata.Plo"; else rm -f "$(DEPDIR)/ttodata.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ttodata.lo -MD -MP -MF $(DEPDIR)/ttodata.Tpo -c -o ttodata.lo `test -f 'asn1/ttodata.c' || echo '$(srcdir)/'`asn1/ttodata.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ttodata.Tpo $(DEPDIR)/ttodata.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='asn1/ttodata.c' object='ttodata.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ttodata.lo `test -f 'asn1/ttodata.c' || echo '$(srcdir)/'`asn1/ttodata.c +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ttodata.lo `test -f 'asn1/ttodata.c' || echo '$(srcdir)/'`asn1/ttodata.c ac.lo: crypto/ac.c -@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ac.lo -MD -MP -MF "$(DEPDIR)/ac.Tpo" -c -o ac.lo `test -f 'crypto/ac.c' || echo '$(srcdir)/'`crypto/ac.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ac.Tpo" "$(DEPDIR)/ac.Plo"; else rm -f "$(DEPDIR)/ac.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ac.lo -MD -MP -MF $(DEPDIR)/ac.Tpo -c -o ac.lo `test -f 'crypto/ac.c' || echo '$(srcdir)/'`crypto/ac.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ac.Tpo $(DEPDIR)/ac.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/ac.c' object='ac.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ac.lo `test -f 'crypto/ac.c' || echo '$(srcdir)/'`crypto/ac.c +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ac.lo `test -f 'crypto/ac.c' || echo '$(srcdir)/'`crypto/ac.c ca.lo: crypto/ca.c -@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ca.lo -MD -MP -MF "$(DEPDIR)/ca.Tpo" -c -o ca.lo `test -f 'crypto/ca.c' || echo '$(srcdir)/'`crypto/ca.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ca.Tpo" "$(DEPDIR)/ca.Plo"; else rm -f "$(DEPDIR)/ca.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ca.lo -MD -MP -MF $(DEPDIR)/ca.Tpo -c -o ca.lo `test -f 'crypto/ca.c' || echo '$(srcdir)/'`crypto/ca.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ca.Tpo $(DEPDIR)/ca.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/ca.c' object='ca.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ca.lo `test -f 'crypto/ca.c' || echo '$(srcdir)/'`crypto/ca.c +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ca.lo `test -f 'crypto/ca.c' || echo '$(srcdir)/'`crypto/ca.c certinfo.lo: crypto/certinfo.c -@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT certinfo.lo -MD -MP -MF "$(DEPDIR)/certinfo.Tpo" -c -o certinfo.lo `test -f 'crypto/certinfo.c' || echo '$(srcdir)/'`crypto/certinfo.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/certinfo.Tpo" "$(DEPDIR)/certinfo.Plo"; else rm -f "$(DEPDIR)/certinfo.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT certinfo.lo -MD -MP -MF $(DEPDIR)/certinfo.Tpo -c -o certinfo.lo `test -f 'crypto/certinfo.c' || echo '$(srcdir)/'`crypto/certinfo.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/certinfo.Tpo $(DEPDIR)/certinfo.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/certinfo.c' object='certinfo.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o certinfo.lo `test -f 'crypto/certinfo.c' || echo '$(srcdir)/'`crypto/certinfo.c +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o certinfo.lo `test -f 'crypto/certinfo.c' || echo '$(srcdir)/'`crypto/certinfo.c crl.lo: crypto/crl.c -@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT crl.lo -MD -MP -MF "$(DEPDIR)/crl.Tpo" -c -o crl.lo `test -f 'crypto/crl.c' || echo '$(srcdir)/'`crypto/crl.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/crl.Tpo" "$(DEPDIR)/crl.Plo"; else rm -f "$(DEPDIR)/crl.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT crl.lo -MD -MP -MF $(DEPDIR)/crl.Tpo -c -o crl.lo `test -f 'crypto/crl.c' || echo '$(srcdir)/'`crypto/crl.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/crl.Tpo $(DEPDIR)/crl.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/crl.c' object='crl.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o crl.lo `test -f 'crypto/crl.c' || echo '$(srcdir)/'`crypto/crl.c +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o crl.lo `test -f 'crypto/crl.c' || echo '$(srcdir)/'`crypto/crl.c crypter.lo: crypto/crypters/crypter.c -@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT crypter.lo -MD -MP -MF "$(DEPDIR)/crypter.Tpo" -c -o crypter.lo `test -f 'crypto/crypters/crypter.c' || echo '$(srcdir)/'`crypto/crypters/crypter.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/crypter.Tpo" "$(DEPDIR)/crypter.Plo"; else rm -f "$(DEPDIR)/crypter.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT crypter.lo -MD -MP -MF $(DEPDIR)/crypter.Tpo -c -o crypter.lo `test -f 'crypto/crypters/crypter.c' || echo '$(srcdir)/'`crypto/crypters/crypter.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/crypter.Tpo $(DEPDIR)/crypter.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/crypters/crypter.c' object='crypter.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o crypter.lo `test -f 'crypto/crypters/crypter.c' || echo '$(srcdir)/'`crypto/crypters/crypter.c +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o crypter.lo `test -f 'crypto/crypters/crypter.c' || echo '$(srcdir)/'`crypto/crypters/crypter.c aes_cbc_crypter.lo: crypto/crypters/aes_cbc_crypter.c -@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT aes_cbc_crypter.lo -MD -MP -MF "$(DEPDIR)/aes_cbc_crypter.Tpo" -c -o aes_cbc_crypter.lo `test -f 'crypto/crypters/aes_cbc_crypter.c' || echo '$(srcdir)/'`crypto/crypters/aes_cbc_crypter.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/aes_cbc_crypter.Tpo" "$(DEPDIR)/aes_cbc_crypter.Plo"; else rm -f "$(DEPDIR)/aes_cbc_crypter.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT aes_cbc_crypter.lo -MD -MP -MF $(DEPDIR)/aes_cbc_crypter.Tpo -c -o aes_cbc_crypter.lo `test -f 'crypto/crypters/aes_cbc_crypter.c' || echo '$(srcdir)/'`crypto/crypters/aes_cbc_crypter.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/aes_cbc_crypter.Tpo $(DEPDIR)/aes_cbc_crypter.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/crypters/aes_cbc_crypter.c' object='aes_cbc_crypter.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o aes_cbc_crypter.lo `test -f 'crypto/crypters/aes_cbc_crypter.c' || echo '$(srcdir)/'`crypto/crypters/aes_cbc_crypter.c +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o aes_cbc_crypter.lo `test -f 'crypto/crypters/aes_cbc_crypter.c' || echo '$(srcdir)/'`crypto/crypters/aes_cbc_crypter.c des_crypter.lo: crypto/crypters/des_crypter.c -@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT des_crypter.lo -MD -MP -MF "$(DEPDIR)/des_crypter.Tpo" -c -o des_crypter.lo `test -f 'crypto/crypters/des_crypter.c' || echo '$(srcdir)/'`crypto/crypters/des_crypter.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/des_crypter.Tpo" "$(DEPDIR)/des_crypter.Plo"; else rm -f "$(DEPDIR)/des_crypter.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT des_crypter.lo -MD -MP -MF $(DEPDIR)/des_crypter.Tpo -c -o des_crypter.lo `test -f 'crypto/crypters/des_crypter.c' || echo '$(srcdir)/'`crypto/crypters/des_crypter.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/des_crypter.Tpo $(DEPDIR)/des_crypter.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/crypters/des_crypter.c' object='des_crypter.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o des_crypter.lo `test -f 'crypto/crypters/des_crypter.c' || echo '$(srcdir)/'`crypto/crypters/des_crypter.c +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o des_crypter.lo `test -f 'crypto/crypters/des_crypter.c' || echo '$(srcdir)/'`crypto/crypters/des_crypter.c diffie_hellman.lo: crypto/diffie_hellman.c -@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT diffie_hellman.lo -MD -MP -MF "$(DEPDIR)/diffie_hellman.Tpo" -c -o diffie_hellman.lo `test -f 'crypto/diffie_hellman.c' || echo '$(srcdir)/'`crypto/diffie_hellman.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/diffie_hellman.Tpo" "$(DEPDIR)/diffie_hellman.Plo"; else rm -f "$(DEPDIR)/diffie_hellman.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT diffie_hellman.lo -MD -MP -MF $(DEPDIR)/diffie_hellman.Tpo -c -o diffie_hellman.lo `test -f 'crypto/diffie_hellman.c' || echo '$(srcdir)/'`crypto/diffie_hellman.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/diffie_hellman.Tpo $(DEPDIR)/diffie_hellman.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/diffie_hellman.c' object='diffie_hellman.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o diffie_hellman.lo `test -f 'crypto/diffie_hellman.c' || echo '$(srcdir)/'`crypto/diffie_hellman.c +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o diffie_hellman.lo `test -f 'crypto/diffie_hellman.c' || echo '$(srcdir)/'`crypto/diffie_hellman.c hasher.lo: crypto/hashers/hasher.c -@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT hasher.lo -MD -MP -MF "$(DEPDIR)/hasher.Tpo" -c -o hasher.lo `test -f 'crypto/hashers/hasher.c' || echo '$(srcdir)/'`crypto/hashers/hasher.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/hasher.Tpo" "$(DEPDIR)/hasher.Plo"; else rm -f "$(DEPDIR)/hasher.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT hasher.lo -MD -MP -MF $(DEPDIR)/hasher.Tpo -c -o hasher.lo `test -f 'crypto/hashers/hasher.c' || echo '$(srcdir)/'`crypto/hashers/hasher.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/hasher.Tpo $(DEPDIR)/hasher.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/hashers/hasher.c' object='hasher.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o hasher.lo `test -f 'crypto/hashers/hasher.c' || echo '$(srcdir)/'`crypto/hashers/hasher.c +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o hasher.lo `test -f 'crypto/hashers/hasher.c' || echo '$(srcdir)/'`crypto/hashers/hasher.c sha1_hasher.lo: crypto/hashers/sha1_hasher.c -@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT sha1_hasher.lo -MD -MP -MF "$(DEPDIR)/sha1_hasher.Tpo" -c -o sha1_hasher.lo `test -f 'crypto/hashers/sha1_hasher.c' || echo '$(srcdir)/'`crypto/hashers/sha1_hasher.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/sha1_hasher.Tpo" "$(DEPDIR)/sha1_hasher.Plo"; else rm -f "$(DEPDIR)/sha1_hasher.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT sha1_hasher.lo -MD -MP -MF $(DEPDIR)/sha1_hasher.Tpo -c -o sha1_hasher.lo `test -f 'crypto/hashers/sha1_hasher.c' || echo '$(srcdir)/'`crypto/hashers/sha1_hasher.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/sha1_hasher.Tpo $(DEPDIR)/sha1_hasher.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/hashers/sha1_hasher.c' object='sha1_hasher.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o sha1_hasher.lo `test -f 'crypto/hashers/sha1_hasher.c' || echo '$(srcdir)/'`crypto/hashers/sha1_hasher.c +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o sha1_hasher.lo `test -f 'crypto/hashers/sha1_hasher.c' || echo '$(srcdir)/'`crypto/hashers/sha1_hasher.c sha2_hasher.lo: crypto/hashers/sha2_hasher.c -@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT sha2_hasher.lo -MD -MP -MF "$(DEPDIR)/sha2_hasher.Tpo" -c -o sha2_hasher.lo `test -f 'crypto/hashers/sha2_hasher.c' || echo '$(srcdir)/'`crypto/hashers/sha2_hasher.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/sha2_hasher.Tpo" "$(DEPDIR)/sha2_hasher.Plo"; else rm -f "$(DEPDIR)/sha2_hasher.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT sha2_hasher.lo -MD -MP -MF $(DEPDIR)/sha2_hasher.Tpo -c -o sha2_hasher.lo `test -f 'crypto/hashers/sha2_hasher.c' || echo '$(srcdir)/'`crypto/hashers/sha2_hasher.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/sha2_hasher.Tpo $(DEPDIR)/sha2_hasher.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/hashers/sha2_hasher.c' object='sha2_hasher.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o sha2_hasher.lo `test -f 'crypto/hashers/sha2_hasher.c' || echo '$(srcdir)/'`crypto/hashers/sha2_hasher.c +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o sha2_hasher.lo `test -f 'crypto/hashers/sha2_hasher.c' || echo '$(srcdir)/'`crypto/hashers/sha2_hasher.c md5_hasher.lo: crypto/hashers/md5_hasher.c -@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT md5_hasher.lo -MD -MP -MF "$(DEPDIR)/md5_hasher.Tpo" -c -o md5_hasher.lo `test -f 'crypto/hashers/md5_hasher.c' || echo '$(srcdir)/'`crypto/hashers/md5_hasher.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/md5_hasher.Tpo" "$(DEPDIR)/md5_hasher.Plo"; else rm -f "$(DEPDIR)/md5_hasher.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT md5_hasher.lo -MD -MP -MF $(DEPDIR)/md5_hasher.Tpo -c -o md5_hasher.lo `test -f 'crypto/hashers/md5_hasher.c' || echo '$(srcdir)/'`crypto/hashers/md5_hasher.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/md5_hasher.Tpo $(DEPDIR)/md5_hasher.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/hashers/md5_hasher.c' object='md5_hasher.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o md5_hasher.lo `test -f 'crypto/hashers/md5_hasher.c' || echo '$(srcdir)/'`crypto/hashers/md5_hasher.c +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o md5_hasher.lo `test -f 'crypto/hashers/md5_hasher.c' || echo '$(srcdir)/'`crypto/hashers/md5_hasher.c hmac.lo: crypto/hmac.c -@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT hmac.lo -MD -MP -MF "$(DEPDIR)/hmac.Tpo" -c -o hmac.lo `test -f 'crypto/hmac.c' || echo '$(srcdir)/'`crypto/hmac.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/hmac.Tpo" "$(DEPDIR)/hmac.Plo"; else rm -f "$(DEPDIR)/hmac.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT hmac.lo -MD -MP -MF $(DEPDIR)/hmac.Tpo -c -o hmac.lo `test -f 'crypto/hmac.c' || echo '$(srcdir)/'`crypto/hmac.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/hmac.Tpo $(DEPDIR)/hmac.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/hmac.c' object='hmac.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o hmac.lo `test -f 'crypto/hmac.c' || echo '$(srcdir)/'`crypto/hmac.c +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o hmac.lo `test -f 'crypto/hmac.c' || echo '$(srcdir)/'`crypto/hmac.c + +ietf_attr_list.lo: crypto/ietf_attr_list.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ietf_attr_list.lo -MD -MP -MF $(DEPDIR)/ietf_attr_list.Tpo -c -o ietf_attr_list.lo `test -f 'crypto/ietf_attr_list.c' || echo '$(srcdir)/'`crypto/ietf_attr_list.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ietf_attr_list.Tpo $(DEPDIR)/ietf_attr_list.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/ietf_attr_list.c' object='ietf_attr_list.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ietf_attr_list.lo `test -f 'crypto/ietf_attr_list.c' || echo '$(srcdir)/'`crypto/ietf_attr_list.c ocsp.lo: crypto/ocsp.c -@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ocsp.lo -MD -MP -MF "$(DEPDIR)/ocsp.Tpo" -c -o ocsp.lo `test -f 'crypto/ocsp.c' || echo '$(srcdir)/'`crypto/ocsp.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ocsp.Tpo" "$(DEPDIR)/ocsp.Plo"; else rm -f "$(DEPDIR)/ocsp.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ocsp.lo -MD -MP -MF $(DEPDIR)/ocsp.Tpo -c -o ocsp.lo `test -f 'crypto/ocsp.c' || echo '$(srcdir)/'`crypto/ocsp.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ocsp.Tpo $(DEPDIR)/ocsp.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/ocsp.c' object='ocsp.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ocsp.lo `test -f 'crypto/ocsp.c' || echo '$(srcdir)/'`crypto/ocsp.c +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ocsp.lo `test -f 'crypto/ocsp.c' || echo '$(srcdir)/'`crypto/ocsp.c + +pkcs7.lo: crypto/pkcs7.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT pkcs7.lo -MD -MP -MF $(DEPDIR)/pkcs7.Tpo -c -o pkcs7.lo `test -f 'crypto/pkcs7.c' || echo '$(srcdir)/'`crypto/pkcs7.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/pkcs7.Tpo $(DEPDIR)/pkcs7.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/pkcs7.c' object='pkcs7.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o pkcs7.lo `test -f 'crypto/pkcs7.c' || echo '$(srcdir)/'`crypto/pkcs7.c fips_prf.lo: crypto/prfs/fips_prf.c -@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT fips_prf.lo -MD -MP -MF "$(DEPDIR)/fips_prf.Tpo" -c -o fips_prf.lo `test -f 'crypto/prfs/fips_prf.c' || echo '$(srcdir)/'`crypto/prfs/fips_prf.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/fips_prf.Tpo" "$(DEPDIR)/fips_prf.Plo"; else rm -f "$(DEPDIR)/fips_prf.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT fips_prf.lo -MD -MP -MF $(DEPDIR)/fips_prf.Tpo -c -o fips_prf.lo `test -f 'crypto/prfs/fips_prf.c' || echo '$(srcdir)/'`crypto/prfs/fips_prf.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/fips_prf.Tpo $(DEPDIR)/fips_prf.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/prfs/fips_prf.c' object='fips_prf.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o fips_prf.lo `test -f 'crypto/prfs/fips_prf.c' || echo '$(srcdir)/'`crypto/prfs/fips_prf.c +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o fips_prf.lo `test -f 'crypto/prfs/fips_prf.c' || echo '$(srcdir)/'`crypto/prfs/fips_prf.c hmac_prf.lo: crypto/prfs/hmac_prf.c -@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT hmac_prf.lo -MD -MP -MF "$(DEPDIR)/hmac_prf.Tpo" -c -o hmac_prf.lo `test -f 'crypto/prfs/hmac_prf.c' || echo '$(srcdir)/'`crypto/prfs/hmac_prf.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/hmac_prf.Tpo" "$(DEPDIR)/hmac_prf.Plo"; else rm -f "$(DEPDIR)/hmac_prf.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT hmac_prf.lo -MD -MP -MF $(DEPDIR)/hmac_prf.Tpo -c -o hmac_prf.lo `test -f 'crypto/prfs/hmac_prf.c' || echo '$(srcdir)/'`crypto/prfs/hmac_prf.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/hmac_prf.Tpo $(DEPDIR)/hmac_prf.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/prfs/hmac_prf.c' object='hmac_prf.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o hmac_prf.lo `test -f 'crypto/prfs/hmac_prf.c' || echo '$(srcdir)/'`crypto/prfs/hmac_prf.c +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o hmac_prf.lo `test -f 'crypto/prfs/hmac_prf.c' || echo '$(srcdir)/'`crypto/prfs/hmac_prf.c prf.lo: crypto/prfs/prf.c -@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT prf.lo -MD -MP -MF "$(DEPDIR)/prf.Tpo" -c -o prf.lo `test -f 'crypto/prfs/prf.c' || echo '$(srcdir)/'`crypto/prfs/prf.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/prf.Tpo" "$(DEPDIR)/prf.Plo"; else rm -f "$(DEPDIR)/prf.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT prf.lo -MD -MP -MF $(DEPDIR)/prf.Tpo -c -o prf.lo `test -f 'crypto/prfs/prf.c' || echo '$(srcdir)/'`crypto/prfs/prf.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/prf.Tpo $(DEPDIR)/prf.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/prfs/prf.c' object='prf.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o prf.lo `test -f 'crypto/prfs/prf.c' || echo '$(srcdir)/'`crypto/prfs/prf.c +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o prf.lo `test -f 'crypto/prfs/prf.c' || echo '$(srcdir)/'`crypto/prfs/prf.c prf_plus.lo: crypto/prf_plus.c -@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT prf_plus.lo -MD -MP -MF "$(DEPDIR)/prf_plus.Tpo" -c -o prf_plus.lo `test -f 'crypto/prf_plus.c' || echo '$(srcdir)/'`crypto/prf_plus.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/prf_plus.Tpo" "$(DEPDIR)/prf_plus.Plo"; else rm -f "$(DEPDIR)/prf_plus.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT prf_plus.lo -MD -MP -MF $(DEPDIR)/prf_plus.Tpo -c -o prf_plus.lo `test -f 'crypto/prf_plus.c' || echo '$(srcdir)/'`crypto/prf_plus.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/prf_plus.Tpo $(DEPDIR)/prf_plus.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/prf_plus.c' object='prf_plus.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o prf_plus.lo `test -f 'crypto/prf_plus.c' || echo '$(srcdir)/'`crypto/prf_plus.c +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o prf_plus.lo `test -f 'crypto/prf_plus.c' || echo '$(srcdir)/'`crypto/prf_plus.c rsa_private_key.lo: crypto/rsa/rsa_private_key.c -@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT rsa_private_key.lo -MD -MP -MF "$(DEPDIR)/rsa_private_key.Tpo" -c -o rsa_private_key.lo `test -f 'crypto/rsa/rsa_private_key.c' || echo '$(srcdir)/'`crypto/rsa/rsa_private_key.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/rsa_private_key.Tpo" "$(DEPDIR)/rsa_private_key.Plo"; else rm -f "$(DEPDIR)/rsa_private_key.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT rsa_private_key.lo -MD -MP -MF $(DEPDIR)/rsa_private_key.Tpo -c -o rsa_private_key.lo `test -f 'crypto/rsa/rsa_private_key.c' || echo '$(srcdir)/'`crypto/rsa/rsa_private_key.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/rsa_private_key.Tpo $(DEPDIR)/rsa_private_key.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/rsa/rsa_private_key.c' object='rsa_private_key.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o rsa_private_key.lo `test -f 'crypto/rsa/rsa_private_key.c' || echo '$(srcdir)/'`crypto/rsa/rsa_private_key.c +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o rsa_private_key.lo `test -f 'crypto/rsa/rsa_private_key.c' || echo '$(srcdir)/'`crypto/rsa/rsa_private_key.c rsa_public_key.lo: crypto/rsa/rsa_public_key.c -@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT rsa_public_key.lo -MD -MP -MF "$(DEPDIR)/rsa_public_key.Tpo" -c -o rsa_public_key.lo `test -f 'crypto/rsa/rsa_public_key.c' || echo '$(srcdir)/'`crypto/rsa/rsa_public_key.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/rsa_public_key.Tpo" "$(DEPDIR)/rsa_public_key.Plo"; else rm -f "$(DEPDIR)/rsa_public_key.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT rsa_public_key.lo -MD -MP -MF $(DEPDIR)/rsa_public_key.Tpo -c -o rsa_public_key.lo `test -f 'crypto/rsa/rsa_public_key.c' || echo '$(srcdir)/'`crypto/rsa/rsa_public_key.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/rsa_public_key.Tpo $(DEPDIR)/rsa_public_key.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/rsa/rsa_public_key.c' object='rsa_public_key.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o rsa_public_key.lo `test -f 'crypto/rsa/rsa_public_key.c' || echo '$(srcdir)/'`crypto/rsa/rsa_public_key.c +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o rsa_public_key.lo `test -f 'crypto/rsa/rsa_public_key.c' || echo '$(srcdir)/'`crypto/rsa/rsa_public_key.c hmac_signer.lo: crypto/signers/hmac_signer.c -@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT hmac_signer.lo -MD -MP -MF "$(DEPDIR)/hmac_signer.Tpo" -c -o hmac_signer.lo `test -f 'crypto/signers/hmac_signer.c' || echo '$(srcdir)/'`crypto/signers/hmac_signer.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/hmac_signer.Tpo" "$(DEPDIR)/hmac_signer.Plo"; else rm -f "$(DEPDIR)/hmac_signer.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT hmac_signer.lo -MD -MP -MF $(DEPDIR)/hmac_signer.Tpo -c -o hmac_signer.lo `test -f 'crypto/signers/hmac_signer.c' || echo '$(srcdir)/'`crypto/signers/hmac_signer.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/hmac_signer.Tpo $(DEPDIR)/hmac_signer.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/signers/hmac_signer.c' object='hmac_signer.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o hmac_signer.lo `test -f 'crypto/signers/hmac_signer.c' || echo '$(srcdir)/'`crypto/signers/hmac_signer.c +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o hmac_signer.lo `test -f 'crypto/signers/hmac_signer.c' || echo '$(srcdir)/'`crypto/signers/hmac_signer.c signer.lo: crypto/signers/signer.c -@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT signer.lo -MD -MP -MF "$(DEPDIR)/signer.Tpo" -c -o signer.lo `test -f 'crypto/signers/signer.c' || echo '$(srcdir)/'`crypto/signers/signer.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/signer.Tpo" "$(DEPDIR)/signer.Plo"; else rm -f "$(DEPDIR)/signer.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT signer.lo -MD -MP -MF $(DEPDIR)/signer.Tpo -c -o signer.lo `test -f 'crypto/signers/signer.c' || echo '$(srcdir)/'`crypto/signers/signer.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/signer.Tpo $(DEPDIR)/signer.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/signers/signer.c' object='signer.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o signer.lo `test -f 'crypto/signers/signer.c' || echo '$(srcdir)/'`crypto/signers/signer.c +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o signer.lo `test -f 'crypto/signers/signer.c' || echo '$(srcdir)/'`crypto/signers/signer.c x509.lo: crypto/x509.c -@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT x509.lo -MD -MP -MF "$(DEPDIR)/x509.Tpo" -c -o x509.lo `test -f 'crypto/x509.c' || echo '$(srcdir)/'`crypto/x509.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/x509.Tpo" "$(DEPDIR)/x509.Plo"; else rm -f "$(DEPDIR)/x509.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT x509.lo -MD -MP -MF $(DEPDIR)/x509.Tpo -c -o x509.lo `test -f 'crypto/x509.c' || echo '$(srcdir)/'`crypto/x509.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/x509.Tpo $(DEPDIR)/x509.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/x509.c' object='x509.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o x509.lo `test -f 'crypto/x509.c' || echo '$(srcdir)/'`crypto/x509.c +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o x509.lo `test -f 'crypto/x509.c' || echo '$(srcdir)/'`crypto/x509.c fetcher.lo: utils/fetcher.c -@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT fetcher.lo -MD -MP -MF "$(DEPDIR)/fetcher.Tpo" -c -o fetcher.lo `test -f 'utils/fetcher.c' || echo '$(srcdir)/'`utils/fetcher.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/fetcher.Tpo" "$(DEPDIR)/fetcher.Plo"; else rm -f "$(DEPDIR)/fetcher.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT fetcher.lo -MD -MP -MF $(DEPDIR)/fetcher.Tpo -c -o fetcher.lo `test -f 'utils/fetcher.c' || echo '$(srcdir)/'`utils/fetcher.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/fetcher.Tpo $(DEPDIR)/fetcher.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='utils/fetcher.c' object='fetcher.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o fetcher.lo `test -f 'utils/fetcher.c' || echo '$(srcdir)/'`utils/fetcher.c +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o fetcher.lo `test -f 'utils/fetcher.c' || echo '$(srcdir)/'`utils/fetcher.c host.lo: utils/host.c -@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT host.lo -MD -MP -MF "$(DEPDIR)/host.Tpo" -c -o host.lo `test -f 'utils/host.c' || echo '$(srcdir)/'`utils/host.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/host.Tpo" "$(DEPDIR)/host.Plo"; else rm -f "$(DEPDIR)/host.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT host.lo -MD -MP -MF $(DEPDIR)/host.Tpo -c -o host.lo `test -f 'utils/host.c' || echo '$(srcdir)/'`utils/host.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/host.Tpo $(DEPDIR)/host.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='utils/host.c' object='host.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o host.lo `test -f 'utils/host.c' || echo '$(srcdir)/'`utils/host.c +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o host.lo `test -f 'utils/host.c' || echo '$(srcdir)/'`utils/host.c identification.lo: utils/identification.c -@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT identification.lo -MD -MP -MF "$(DEPDIR)/identification.Tpo" -c -o identification.lo `test -f 'utils/identification.c' || echo '$(srcdir)/'`utils/identification.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/identification.Tpo" "$(DEPDIR)/identification.Plo"; else rm -f "$(DEPDIR)/identification.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT identification.lo -MD -MP -MF $(DEPDIR)/identification.Tpo -c -o identification.lo `test -f 'utils/identification.c' || echo '$(srcdir)/'`utils/identification.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/identification.Tpo $(DEPDIR)/identification.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='utils/identification.c' object='identification.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o identification.lo `test -f 'utils/identification.c' || echo '$(srcdir)/'`utils/identification.c +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o identification.lo `test -f 'utils/identification.c' || echo '$(srcdir)/'`utils/identification.c leak_detective.lo: utils/leak_detective.c -@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT leak_detective.lo -MD -MP -MF "$(DEPDIR)/leak_detective.Tpo" -c -o leak_detective.lo `test -f 'utils/leak_detective.c' || echo '$(srcdir)/'`utils/leak_detective.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/leak_detective.Tpo" "$(DEPDIR)/leak_detective.Plo"; else rm -f "$(DEPDIR)/leak_detective.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT leak_detective.lo -MD -MP -MF $(DEPDIR)/leak_detective.Tpo -c -o leak_detective.lo `test -f 'utils/leak_detective.c' || echo '$(srcdir)/'`utils/leak_detective.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/leak_detective.Tpo $(DEPDIR)/leak_detective.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='utils/leak_detective.c' object='leak_detective.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o leak_detective.lo `test -f 'utils/leak_detective.c' || echo '$(srcdir)/'`utils/leak_detective.c +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o leak_detective.lo `test -f 'utils/leak_detective.c' || echo '$(srcdir)/'`utils/leak_detective.c lexparser.lo: utils/lexparser.c -@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT lexparser.lo -MD -MP -MF "$(DEPDIR)/lexparser.Tpo" -c -o lexparser.lo `test -f 'utils/lexparser.c' || echo '$(srcdir)/'`utils/lexparser.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/lexparser.Tpo" "$(DEPDIR)/lexparser.Plo"; else rm -f "$(DEPDIR)/lexparser.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT lexparser.lo -MD -MP -MF $(DEPDIR)/lexparser.Tpo -c -o lexparser.lo `test -f 'utils/lexparser.c' || echo '$(srcdir)/'`utils/lexparser.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/lexparser.Tpo $(DEPDIR)/lexparser.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='utils/lexparser.c' object='lexparser.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o lexparser.lo `test -f 'utils/lexparser.c' || echo '$(srcdir)/'`utils/lexparser.c +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o lexparser.lo `test -f 'utils/lexparser.c' || echo '$(srcdir)/'`utils/lexparser.c linked_list.lo: utils/linked_list.c -@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT linked_list.lo -MD -MP -MF "$(DEPDIR)/linked_list.Tpo" -c -o linked_list.lo `test -f 'utils/linked_list.c' || echo '$(srcdir)/'`utils/linked_list.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/linked_list.Tpo" "$(DEPDIR)/linked_list.Plo"; else rm -f "$(DEPDIR)/linked_list.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT linked_list.lo -MD -MP -MF $(DEPDIR)/linked_list.Tpo -c -o linked_list.lo `test -f 'utils/linked_list.c' || echo '$(srcdir)/'`utils/linked_list.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/linked_list.Tpo $(DEPDIR)/linked_list.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='utils/linked_list.c' object='linked_list.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o linked_list.lo `test -f 'utils/linked_list.c' || echo '$(srcdir)/'`utils/linked_list.c +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o linked_list.lo `test -f 'utils/linked_list.c' || echo '$(srcdir)/'`utils/linked_list.c + +enumerator.lo: utils/enumerator.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT enumerator.lo -MD -MP -MF $(DEPDIR)/enumerator.Tpo -c -o enumerator.lo `test -f 'utils/enumerator.c' || echo '$(srcdir)/'`utils/enumerator.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/enumerator.Tpo $(DEPDIR)/enumerator.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='utils/enumerator.c' object='enumerator.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o enumerator.lo `test -f 'utils/enumerator.c' || echo '$(srcdir)/'`utils/enumerator.c + +optionsfrom.lo: utils/optionsfrom.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT optionsfrom.lo -MD -MP -MF $(DEPDIR)/optionsfrom.Tpo -c -o optionsfrom.lo `test -f 'utils/optionsfrom.c' || echo '$(srcdir)/'`utils/optionsfrom.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/optionsfrom.Tpo $(DEPDIR)/optionsfrom.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='utils/optionsfrom.c' object='optionsfrom.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o optionsfrom.lo `test -f 'utils/optionsfrom.c' || echo '$(srcdir)/'`utils/optionsfrom.c randomizer.lo: utils/randomizer.c -@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT randomizer.lo -MD -MP -MF "$(DEPDIR)/randomizer.Tpo" -c -o randomizer.lo `test -f 'utils/randomizer.c' || echo '$(srcdir)/'`utils/randomizer.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/randomizer.Tpo" "$(DEPDIR)/randomizer.Plo"; else rm -f "$(DEPDIR)/randomizer.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT randomizer.lo -MD -MP -MF $(DEPDIR)/randomizer.Tpo -c -o randomizer.lo `test -f 'utils/randomizer.c' || echo '$(srcdir)/'`utils/randomizer.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/randomizer.Tpo $(DEPDIR)/randomizer.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='utils/randomizer.c' object='randomizer.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o randomizer.lo `test -f 'utils/randomizer.c' || echo '$(srcdir)/'`utils/randomizer.c +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o randomizer.lo `test -f 'utils/randomizer.c' || echo '$(srcdir)/'`utils/randomizer.c + +fips_canister_start.lo: fips/fips_canister_start.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT fips_canister_start.lo -MD -MP -MF $(DEPDIR)/fips_canister_start.Tpo -c -o fips_canister_start.lo `test -f 'fips/fips_canister_start.c' || echo '$(srcdir)/'`fips/fips_canister_start.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/fips_canister_start.Tpo $(DEPDIR)/fips_canister_start.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='fips/fips_canister_start.c' object='fips_canister_start.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o fips_canister_start.lo `test -f 'fips/fips_canister_start.c' || echo '$(srcdir)/'`fips/fips_canister_start.c + +fips.lo: fips/fips.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT fips.lo -MD -MP -MF $(DEPDIR)/fips.Tpo -c -o fips.lo `test -f 'fips/fips.c' || echo '$(srcdir)/'`fips/fips.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/fips.Tpo $(DEPDIR)/fips.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='fips/fips.c' object='fips.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o fips.lo `test -f 'fips/fips.c' || echo '$(srcdir)/'`fips/fips.c + +fips_canister_end.lo: fips/fips_canister_end.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT fips_canister_end.lo -MD -MP -MF $(DEPDIR)/fips_canister_end.Tpo -c -o fips_canister_end.lo `test -f 'fips/fips_canister_end.c' || echo '$(srcdir)/'`fips/fips_canister_end.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/fips_canister_end.Tpo $(DEPDIR)/fips_canister_end.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='fips/fips_canister_end.c' object='fips_canister_end.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o fips_canister_end.lo `test -f 'fips/fips_canister_end.c' || echo '$(srcdir)/'`fips/fips_canister_end.c + +fips_signer.o: fips/fips_signer.c +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT fips_signer.o -MD -MP -MF $(DEPDIR)/fips_signer.Tpo -c -o fips_signer.o `test -f 'fips/fips_signer.c' || echo '$(srcdir)/'`fips/fips_signer.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/fips_signer.Tpo $(DEPDIR)/fips_signer.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='fips/fips_signer.c' object='fips_signer.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o fips_signer.o `test -f 'fips/fips_signer.c' || echo '$(srcdir)/'`fips/fips_signer.c + +fips_signer.obj: fips/fips_signer.c +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT fips_signer.obj -MD -MP -MF $(DEPDIR)/fips_signer.Tpo -c -o fips_signer.obj `if test -f 'fips/fips_signer.c'; then $(CYGPATH_W) 'fips/fips_signer.c'; else $(CYGPATH_W) '$(srcdir)/fips/fips_signer.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/fips_signer.Tpo $(DEPDIR)/fips_signer.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='fips/fips_signer.c' object='fips_signer.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o fips_signer.obj `if test -f 'fips/fips_signer.c'; then $(CYGPATH_W) 'fips/fips_signer.c'; else $(CYGPATH_W) '$(srcdir)/fips/fips_signer.c'; fi` mostlyclean-libtool: -rm -f *.lo @@ -655,10 +873,6 @@ mostlyclean-libtool: clean-libtool: -rm -rf .libs _libs -distclean-libtool: - -rm -f libtool -uninstall-info-am: - ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ @@ -708,23 +922,21 @@ distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) - $(mkdir_p) $(distdir)/asn1 - @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \ - list='$(DISTFILES)'; for file in $$list; do \ - case $$file in \ - $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \ - $(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \ - esac; \ + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test "$$dir" != "$$file" && test "$$dir" != "."; then \ - dir="/$$dir"; \ - $(mkdir_p) "$(distdir)$$dir"; \ - else \ - dir=''; \ - fi; \ if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ fi; \ @@ -738,10 +950,10 @@ distdir: $(DISTFILES) check-am: all-am check: $(BUILT_SOURCES) $(MAKE) $(AM_MAKEFLAGS) check-am -all-am: Makefile $(LTLIBRARIES) +all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) installdirs: for dir in "$(DESTDIR)$(libdir)"; do \ - test -z "$$dir" || $(mkdir_p) "$$dir"; \ + test -z "$$dir" || $(MKDIR_P) "$$dir"; \ done install: $(BUILT_SOURCES) $(MAKE) $(AM_MAKEFLAGS) install-am @@ -761,6 +973,7 @@ install-strip: mostlyclean-generic: clean-generic: + -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) @@ -773,13 +986,13 @@ maintainer-clean-generic: clean: clean-am clean-am: clean-generic clean-libLTLIBRARIES clean-libtool \ - mostlyclean-am + clean-noinstPROGRAMS mostlyclean-am distclean: distclean-am -rm -rf ./$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ - distclean-libtool distclean-tags + distclean-tags dvi: dvi-am @@ -793,12 +1006,20 @@ info-am: install-data-am: +install-dvi: install-dvi-am + install-exec-am: install-libLTLIBRARIES +install-html: install-html-am + install-info: install-info-am install-man: +install-pdf: install-pdf-am + +install-ps: install-ps-am + installcheck-am: maintainer-clean: maintainer-clean-am @@ -819,20 +1040,23 @@ ps: ps-am ps-am: -uninstall-am: uninstall-info-am uninstall-libLTLIBRARIES +uninstall-am: uninstall-libLTLIBRARIES + +.MAKE: install-am install-strip .PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ - clean-libLTLIBRARIES clean-libtool ctags distclean \ - distclean-compile distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-exec \ - install-exec-am install-info install-info-am \ - install-libLTLIBRARIES install-man install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ + clean-libLTLIBRARIES clean-libtool clean-noinstPROGRAMS ctags \ + distclean distclean-compile distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-libLTLIBRARIES install-man install-pdf \ + install-pdf-am install-ps install-ps-am install-strip \ + installcheck installcheck-am installdirs maintainer-clean \ maintainer-clean-generic mostlyclean mostlyclean-compile \ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-info-am \ - uninstall-libLTLIBRARIES + tags uninstall uninstall-am uninstall-libLTLIBRARIES asn1/oid.c : asn1/oid.txt asn1/oid.pl @@ -840,6 +1064,9 @@ asn1/oid.c : asn1/oid.txt asn1/oid.pl asn1/oid.h : asn1/oid.txt asn1/oid.pl cd asn1 && $(PERL) oid.pl + +@USE_INTEGRITY_TEST_TRUE@fips_signature.h : fips_signer +@USE_INTEGRITY_TEST_TRUE@ ./fips_signer # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/src/libstrongswan/asn1/asn1.c b/src/libstrongswan/asn1/asn1.c index 2a0aa4ff6..3191c89bd 100644 --- a/src/libstrongswan/asn1/asn1.c +++ b/src/libstrongswan/asn1/asn1.c @@ -11,6 +11,8 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. + * + * RCSID $Id: asn1.c 3299 2007-10-12 19:29:00Z andreas $ */ #include @@ -33,6 +35,13 @@ const chunk_t ASN1_INTEGER_2 = chunk_from_buf(ASN1_INTEGER_2_str); /* some popular algorithmIdentifiers */ +static u_char ASN1_md2_id_str[] = { + 0x30, 0x0c, + 0x06, 0x08, + 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x02, 0x02, + 0x05,0x00, +}; + static u_char ASN1_md5_id_str[] = { 0x30, 0x0C, 0x06, 0x08, @@ -47,6 +56,27 @@ static u_char ASN1_sha1_id_str[] = { 0x05, 0x00 }; +static u_char ASN1_sha256_id_str[] = { + 0x30, 0x0d, + 0x06, 0x09, + 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, + 0x05, 0x00 +}; + +static u_char ASN1_sha384_id_str[] = { + 0x30, 0x0d, + 0x06, 0x09, + 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02, + 0x05, 0x00 +}; + +static u_char ASN1_sha512_id_str[] = { + 0x30, 0x0d, + 0x06, 0x09, + 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, + 0x05,0x00 +}; + static u_char ASN1_md5WithRSA_id_str[] = { 0x30, 0x0D, 0x06, 0x09, @@ -68,8 +98,12 @@ static u_char ASN1_rsaEncryption_id_str[] = { 0x05, 0x00 }; -const chunk_t ASN1_md5_id = chunk_from_buf(ASN1_md5_id_str); -const chunk_t ASN1_sha1_id = chunk_from_buf(ASN1_sha1_id_str); +const chunk_t ASN1_md2_id = chunk_from_buf(ASN1_md2_id_str); +const chunk_t ASN1_md5_id = chunk_from_buf(ASN1_md5_id_str); +const chunk_t ASN1_sha1_id = chunk_from_buf(ASN1_sha1_id_str); +const chunk_t ASN1_sha256_id = chunk_from_buf(ASN1_sha256_id_str); +const chunk_t ASN1_sha384_id = chunk_from_buf(ASN1_sha384_id_str); +const chunk_t ASN1_sha512_id = chunk_from_buf(ASN1_sha512_id_str); const chunk_t ASN1_rsaEncryption_id = chunk_from_buf(ASN1_rsaEncryption_id_str); const chunk_t ASN1_md5WithRSA_id = chunk_from_buf(ASN1_md5WithRSA_id_str); const chunk_t ASN1_sha1WithRSA_id = chunk_from_buf(ASN1_sha1WithRSA_id_str); @@ -278,6 +312,35 @@ time_t asn1totime(const chunk_t *utctime, asn1_t type) return mktime(&t) - timezone - tz_offset; } +/** + * Convert a date into ASN.1 UTCTIME or GENERALIZEDTIME format + */ +chunk_t timetoasn1(const time_t *time, asn1_t type) +{ + int offset; + const char *format; + char buf[BUF_LEN]; + chunk_t formatted_time; + struct tm *t = gmtime(time); + + if (type == ASN1_GENERALIZEDTIME) + { + format = "%04d%02d%02d%02d%02d%02dZ"; + offset = 1900; + } + else /* ASN1_UTCTIME */ + { + format = "%02d%02d%02d%02d%02d%02dZ"; + offset = (t->tm_year < 100)? 0 : -100; + } + snprintf(buf, BUF_LEN, format, t->tm_year + offset, + t->tm_mon + 1, t->tm_mday, t->tm_hour, t->tm_min, t->tm_sec); + formatted_time.ptr = buf; + formatted_time.len = strlen(buf); + return asn1_simple_object(type, formatted_time); +} + + /** * Initializes the internal context of the ASN.1 parser */ @@ -396,7 +459,7 @@ bool extract_object(asn1Object_t const *objects, u_int *objectID, chunk_t *objec if (blob->len < 2) { - DBG2("L%d - %s: ASN.1 object smaller than 2 octets", + DBG1("L%d - %s: ASN.1 object smaller than 2 octets", *level, obj.name); return FALSE; } @@ -405,7 +468,7 @@ bool extract_object(asn1Object_t const *objects, u_int *objectID, chunk_t *objec if (blob1->len == ASN1_INVALID_LENGTH || blob->len < blob1->len) { - DBG2("L%d - %s: length of ASN.1 object invalid or too large", + DBG1("L%d - %s: length of ASN.1 object invalid or too large", *level, obj.name); return FALSE; } @@ -698,38 +761,11 @@ chunk_t asn1_integer_from_mpz(const mpz_t value) { size_t bits = mpz_sizeinbase(value, 2); /* size in bits */ chunk_t n; + n.len = 1 + bits / 8; /* size in bytes */ n.ptr = mpz_export(NULL, NULL, 1, n.len, 1, 0, value); - - return asn1_wrap(ASN1_INTEGER, "m", n); -} -/** - * convert a date into ASN.1 UTCTIME or GENERALIZEDTIME format - */ -chunk_t timetoasn1(const time_t *time, asn1_t type) -{ - int offset; - const char *format; - char buf[32]; - chunk_t formatted_time; - struct tm *t = gmtime(time); - - if (type == ASN1_GENERALIZEDTIME) - { - format = "%04d%02d%02d%02d%02d%02dZ"; - offset = 1900; - } - else /* ASN1_UTCTIME */ - { - format = "%02d%02d%02d%02d%02d%02dZ"; - offset = (t->tm_year < 100)? 0 : -100; - } - snprintf(buf, sizeof(buf), format, t->tm_year + offset, - t->tm_mon + 1, t->tm_mday, t->tm_hour, t->tm_min, t->tm_sec); - formatted_time.ptr = buf; - formatted_time.len = strlen(buf); - return asn1_simple_object(type, formatted_time); + return asn1_wrap(ASN1_INTEGER, "m", n); } /** diff --git a/src/libstrongswan/asn1/asn1.h b/src/libstrongswan/asn1/asn1.h index 365ccb438..18742d18d 100644 --- a/src/libstrongswan/asn1/asn1.h +++ b/src/libstrongswan/asn1/asn1.h @@ -11,6 +11,8 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. + * + * RCSID $Id: asn1.h 3299 2007-10-12 19:29:00Z andreas $ */ #ifndef _ASN1_H @@ -23,7 +25,11 @@ #include -/* Defines some primitive ASN1 types */ +/** + * @brief Definition of some primitive ASN1 types + * + * @ingroup asn1 + */ typedef enum { ASN1_EOC = 0x00, ASN1_BOOLEAN = 0x01, @@ -109,8 +115,13 @@ extern const chunk_t ASN1_INTEGER_1; extern const chunk_t ASN1_INTEGER_2; /* some popular algorithmIdentifiers */ +extern const chunk_t ASN1_md2_id; extern const chunk_t ASN1_md5_id; extern const chunk_t ASN1_sha1_id; +extern const chunk_t ASN1_sha256_id; +extern const chunk_t ASN1_sha384_id; +extern const chunk_t ASN1_sha512_id; + extern const chunk_t ASN1_rsaEncryption_id; extern const chunk_t ASN1_md5WithRSA_id; extern const chunk_t ASN1_sha1WithRSA_id; @@ -120,6 +131,7 @@ extern int known_oid(chunk_t object); extern u_int asn1_length(chunk_t *blob); extern bool is_printablestring(chunk_t str); extern time_t asn1totime(const chunk_t *utctime, asn1_t type); +extern chunk_t timetoasn1(const time_t *time, asn1_t type); extern void asn1_init(asn1_ctx_t *ctx, chunk_t blob, u_int level0, bool implicit, bool private); extern bool extract_object(asn1Object_t const *objects, u_int *objectID, chunk_t *object, u_int *level, asn1_ctx_t *ctx); extern bool parse_asn1_simple_object(chunk_t *object, asn1_t type, u_int level, const char* name); diff --git a/src/libstrongswan/asn1/oid.c b/src/libstrongswan/asn1/oid.c index 6b16d5a64..28a915433 100644 --- a/src/libstrongswan/asn1/oid.c +++ b/src/libstrongswan/asn1/oid.c @@ -10,194 +10,199 @@ #include "oid.h" const oid_t oid_names[] = { - {0x02, 7, 1, "ITU-T Administration" }, /* 0 */ - { 0x82, 0, 1, "" }, /* 1 */ - { 0x06, 0, 1, "Germany ITU-T member" }, /* 2 */ - { 0x01, 0, 1, "Deutsche Telekom AG" }, /* 3 */ - { 0x0A, 0, 1, "" }, /* 4 */ - { 0x07, 0, 1, "" }, /* 5 */ - { 0x14, 0, 0, "ND" }, /* 6 */ - {0x09, 18, 1, "data" }, /* 7 */ - { 0x92, 0, 1, "" }, /* 8 */ - { 0x26, 0, 1, "" }, /* 9 */ - { 0x89, 0, 1, "" }, /* 10 */ - { 0x93, 0, 1, "" }, /* 11 */ - { 0xF2, 0, 1, "" }, /* 12 */ - { 0x2C, 0, 1, "" }, /* 13 */ - { 0x64, 0, 1, "pilot" }, /* 14 */ - { 0x01, 0, 1, "pilotAttributeType" }, /* 15 */ - { 0x01, 17, 0, "UID" }, /* 16 */ - { 0x19, 0, 0, "DC" }, /* 17 */ - {0x55, 52, 1, "X.500" }, /* 18 */ - { 0x04, 36, 1, "X.509" }, /* 19 */ - { 0x03, 21, 0, "CN" }, /* 20 */ - { 0x04, 22, 0, "S" }, /* 21 */ - { 0x05, 23, 0, "SN" }, /* 22 */ - { 0x06, 24, 0, "C" }, /* 23 */ - { 0x07, 25, 0, "L" }, /* 24 */ - { 0x08, 26, 0, "ST" }, /* 25 */ - { 0x0A, 27, 0, "O" }, /* 26 */ - { 0x0B, 28, 0, "OU" }, /* 27 */ - { 0x0C, 29, 0, "T" }, /* 28 */ - { 0x0D, 30, 0, "D" }, /* 29 */ - { 0x24, 31, 0, "userCertificate" }, /* 30 */ - { 0x29, 32, 0, "N" }, /* 31 */ - { 0x2A, 33, 0, "G" }, /* 32 */ - { 0x2B, 34, 0, "I" }, /* 33 */ - { 0x2D, 35, 0, "ID" }, /* 34 */ - { 0x48, 0, 0, "role" }, /* 35 */ - { 0x1D, 0, 1, "id-ce" }, /* 36 */ - { 0x09, 38, 0, "subjectDirectoryAttrs" }, /* 37 */ - { 0x0E, 39, 0, "subjectKeyIdentifier" }, /* 38 */ - { 0x0F, 40, 0, "keyUsage" }, /* 39 */ - { 0x10, 41, 0, "privateKeyUsagePeriod" }, /* 40 */ - { 0x11, 42, 0, "subjectAltName" }, /* 41 */ - { 0x12, 43, 0, "issuerAltName" }, /* 42 */ - { 0x13, 44, 0, "basicConstraints" }, /* 43 */ - { 0x14, 45, 0, "crlNumber" }, /* 44 */ - { 0x15, 46, 0, "reasonCode" }, /* 45 */ - { 0x1F, 47, 0, "crlDistributionPoints" }, /* 46 */ - { 0x20, 48, 0, "certificatePolicies" }, /* 47 */ - { 0x23, 49, 0, "authorityKeyIdentifier" }, /* 48 */ - { 0x25, 50, 0, "extendedKeyUsage" }, /* 49 */ - { 0x37, 51, 0, "targetInformation" }, /* 50 */ - { 0x38, 0, 0, "noRevAvail" }, /* 51 */ - {0x2A, 94, 1, "" }, /* 52 */ - { 0x86, 0, 1, "" }, /* 53 */ - { 0x48, 0, 1, "" }, /* 54 */ - { 0x86, 0, 1, "" }, /* 55 */ - { 0xF6, 61, 1, "" }, /* 56 */ - { 0x7D, 0, 1, "NortelNetworks" }, /* 57 */ - { 0x07, 0, 1, "Entrust" }, /* 58 */ - { 0x41, 0, 1, "nsn-ce" }, /* 59 */ - { 0x00, 0, 0, "entrustVersInfo" }, /* 60 */ - { 0xF7, 0, 1, "" }, /* 61 */ - { 0x0D, 0, 1, "RSADSI" }, /* 62 */ - { 0x01, 89, 1, "PKCS" }, /* 63 */ - { 0x01, 72, 1, "PKCS-1" }, /* 64 */ - { 0x01, 66, 0, "rsaEncryption" }, /* 65 */ - { 0x02, 67, 0, "md2WithRSAEncryption" }, /* 66 */ - { 0x04, 68, 0, "md5WithRSAEncryption" }, /* 67 */ - { 0x05, 69, 0, "sha-1WithRSAEncryption" }, /* 68 */ - { 0x0B, 70, 0, "sha256WithRSAEncryption"}, /* 69 */ - { 0x0C, 71, 0, "sha384WithRSAEncryption"}, /* 70 */ - { 0x0D, 0, 0, "sha512WithRSAEncryption"}, /* 71 */ - { 0x07, 79, 1, "PKCS-7" }, /* 72 */ - { 0x01, 74, 0, "data" }, /* 73 */ - { 0x02, 75, 0, "signedData" }, /* 74 */ - { 0x03, 76, 0, "envelopedData" }, /* 75 */ - { 0x04, 77, 0, "signedAndEnvelopedData" }, /* 76 */ - { 0x05, 78, 0, "digestedData" }, /* 77 */ - { 0x06, 0, 0, "encryptedData" }, /* 78 */ - { 0x09, 0, 1, "PKCS-9" }, /* 79 */ - { 0x01, 81, 0, "E" }, /* 80 */ - { 0x02, 82, 0, "unstructuredName" }, /* 81 */ - { 0x03, 83, 0, "contentType" }, /* 82 */ - { 0x04, 84, 0, "messageDigest" }, /* 83 */ - { 0x05, 85, 0, "signingTime" }, /* 84 */ - { 0x06, 86, 0, "counterSignature" }, /* 85 */ - { 0x07, 87, 0, "challengePassword" }, /* 86 */ - { 0x08, 88, 0, "unstructuredAddress" }, /* 87 */ - { 0x0E, 0, 0, "extensionRequest" }, /* 88 */ - { 0x02, 92, 1, "digestAlgorithm" }, /* 89 */ - { 0x02, 91, 0, "md2" }, /* 90 */ - { 0x05, 0, 0, "md5" }, /* 91 */ - { 0x03, 0, 1, "encryptionAlgorithm" }, /* 92 */ - { 0x07, 0, 0, "3des-ede-cbc" }, /* 93 */ - {0x2B, 155, 1, "" }, /* 94 */ - { 0x06, 142, 1, "dod" }, /* 95 */ - { 0x01, 0, 1, "internet" }, /* 96 */ - { 0x04, 111, 1, "private" }, /* 97 */ - { 0x01, 0, 1, "enterprise" }, /* 98 */ - { 0x82, 104, 1, "" }, /* 99 */ - { 0x37, 0, 1, "Microsoft" }, /* 100 */ - { 0x0A, 0, 1, "" }, /* 101 */ - { 0x03, 0, 1, "" }, /* 102 */ - { 0x03, 0, 0, "msSGC" }, /* 103 */ - { 0x89, 0, 1, "" }, /* 104 */ - { 0x31, 0, 1, "" }, /* 105 */ - { 0x01, 0, 1, "" }, /* 106 */ - { 0x01, 0, 1, "" }, /* 107 */ - { 0x02, 0, 1, "" }, /* 108 */ - { 0x02, 110, 0, "" }, /* 109 */ - { 0x4B, 0, 0, "TCGID" }, /* 110 */ - { 0x05, 0, 1, "security" }, /* 111 */ - { 0x05, 0, 1, "mechanisms" }, /* 112 */ - { 0x07, 0, 1, "id-pkix" }, /* 113 */ - { 0x01, 116, 1, "id-pe" }, /* 114 */ - { 0x01, 0, 0, "authorityInfoAccess" }, /* 115 */ - { 0x03, 126, 1, "id-kp" }, /* 116 */ - { 0x01, 118, 0, "serverAuth" }, /* 117 */ - { 0x02, 119, 0, "clientAuth" }, /* 118 */ - { 0x03, 120, 0, "codeSigning" }, /* 119 */ - { 0x04, 121, 0, "emailProtection" }, /* 120 */ - { 0x05, 122, 0, "ipsecEndSystem" }, /* 121 */ - { 0x06, 123, 0, "ipsecTunnel" }, /* 122 */ - { 0x07, 124, 0, "ipsecUser" }, /* 123 */ - { 0x08, 125, 0, "timeStamping" }, /* 124 */ - { 0x09, 0, 0, "ocspSigning" }, /* 125 */ - { 0x08, 128, 1, "id-otherNames" }, /* 126 */ - { 0x05, 0, 0, "xmppAddr" }, /* 127 */ - { 0x0A, 133, 1, "id-aca" }, /* 128 */ - { 0x01, 130, 0, "authenticationInfo" }, /* 129 */ - { 0x02, 131, 0, "accessIdentity" }, /* 130 */ - { 0x03, 132, 0, "chargingIdentity" }, /* 131 */ - { 0x04, 0, 0, "group" }, /* 132 */ - { 0x30, 0, 1, "id-ad" }, /* 133 */ - { 0x01, 0, 1, "ocsp" }, /* 134 */ - { 0x01, 136, 0, "basic" }, /* 135 */ - { 0x02, 137, 0, "nonce" }, /* 136 */ - { 0x03, 138, 0, "crl" }, /* 137 */ - { 0x04, 139, 0, "response" }, /* 138 */ - { 0x05, 140, 0, "noCheck" }, /* 139 */ - { 0x06, 141, 0, "archiveCutoff" }, /* 140 */ - { 0x07, 0, 0, "serviceLocator" }, /* 141 */ - { 0x0E, 148, 1, "oiw" }, /* 142 */ - { 0x03, 0, 1, "secsig" }, /* 143 */ - { 0x02, 0, 1, "algorithms" }, /* 144 */ - { 0x07, 146, 0, "des-cbc" }, /* 145 */ - { 0x1A, 147, 0, "sha-1" }, /* 146 */ - { 0x1D, 0, 0, "sha-1WithRSASignature" }, /* 147 */ - { 0x24, 0, 1, "TeleTrusT" }, /* 148 */ - { 0x03, 0, 1, "algorithm" }, /* 149 */ - { 0x03, 0, 1, "signatureAlgorithm" }, /* 150 */ - { 0x01, 0, 1, "rsaSignature" }, /* 151 */ - { 0x02, 153, 0, "rsaSigWithripemd160" }, /* 152 */ - { 0x03, 154, 0, "rsaSigWithripemd128" }, /* 153 */ - { 0x04, 0, 0, "rsaSigWithripemd256" }, /* 154 */ - {0x60, 0, 1, "" }, /* 155 */ - { 0x86, 0, 1, "" }, /* 156 */ - { 0x48, 0, 1, "" }, /* 157 */ - { 0x01, 0, 1, "organization" }, /* 158 */ - { 0x65, 166, 1, "gov" }, /* 159 */ - { 0x03, 0, 1, "csor" }, /* 160 */ - { 0x04, 0, 1, "nistalgorithm" }, /* 161 */ - { 0x02, 0, 1, "hashalgs" }, /* 162 */ - { 0x01, 164, 0, "id-SHA-256" }, /* 163 */ - { 0x02, 165, 0, "id-SHA-384" }, /* 164 */ - { 0x03, 0, 0, "id-SHA-512" }, /* 165 */ - { 0x86, 0, 1, "" }, /* 166 */ - { 0xf8, 0, 1, "" }, /* 167 */ - { 0x42, 180, 1, "netscape" }, /* 168 */ - { 0x01, 175, 1, "" }, /* 169 */ - { 0x01, 171, 0, "nsCertType" }, /* 170 */ - { 0x03, 172, 0, "nsRevocationUrl" }, /* 171 */ - { 0x04, 173, 0, "nsCaRevocationUrl" }, /* 172 */ - { 0x08, 174, 0, "nsCaPolicyUrl" }, /* 173 */ - { 0x0d, 0, 0, "nsComment" }, /* 174 */ - { 0x03, 178, 1, "directory" }, /* 175 */ - { 0x01, 0, 1, "" }, /* 176 */ - { 0x03, 0, 0, "employeeNumber" }, /* 177 */ - { 0x04, 0, 1, "policy" }, /* 178 */ - { 0x01, 0, 0, "nsSGC" }, /* 179 */ - { 0x45, 0, 1, "verisign" }, /* 180 */ - { 0x01, 0, 1, "pki" }, /* 181 */ - { 0x09, 0, 1, "attributes" }, /* 182 */ - { 0x02, 184, 0, "messageType" }, /* 183 */ - { 0x03, 185, 0, "pkiStatus" }, /* 184 */ - { 0x04, 186, 0, "failInfo" }, /* 185 */ - { 0x05, 187, 0, "senderNonce" }, /* 186 */ - { 0x06, 188, 0, "recipientNonce" }, /* 187 */ - { 0x07, 189, 0, "transID" }, /* 188 */ - { 0x08, 0, 0, "extensionReq" } /* 189 */ + {0x02, 7, 1, "ITU-T Administration" }, /* 0 */ + { 0x82, 0, 1, "" }, /* 1 */ + { 0x06, 0, 1, "Germany ITU-T member" }, /* 2 */ + { 0x01, 0, 1, "Deutsche Telekom AG" }, /* 3 */ + { 0x0A, 0, 1, "" }, /* 4 */ + { 0x07, 0, 1, "" }, /* 5 */ + { 0x14, 0, 0, "ND" }, /* 6 */ + {0x09, 18, 1, "data" }, /* 7 */ + { 0x92, 0, 1, "" }, /* 8 */ + { 0x26, 0, 1, "" }, /* 9 */ + { 0x89, 0, 1, "" }, /* 10 */ + { 0x93, 0, 1, "" }, /* 11 */ + { 0xF2, 0, 1, "" }, /* 12 */ + { 0x2C, 0, 1, "" }, /* 13 */ + { 0x64, 0, 1, "pilot" }, /* 14 */ + { 0x01, 0, 1, "pilotAttributeType" }, /* 15 */ + { 0x01, 17, 0, "UID" }, /* 16 */ + { 0x19, 0, 0, "DC" }, /* 17 */ + {0x55, 52, 1, "X.500" }, /* 18 */ + { 0x04, 36, 1, "X.509" }, /* 19 */ + { 0x03, 21, 0, "CN" }, /* 20 */ + { 0x04, 22, 0, "S" }, /* 21 */ + { 0x05, 23, 0, "SN" }, /* 22 */ + { 0x06, 24, 0, "C" }, /* 23 */ + { 0x07, 25, 0, "L" }, /* 24 */ + { 0x08, 26, 0, "ST" }, /* 25 */ + { 0x0A, 27, 0, "O" }, /* 26 */ + { 0x0B, 28, 0, "OU" }, /* 27 */ + { 0x0C, 29, 0, "T" }, /* 28 */ + { 0x0D, 30, 0, "D" }, /* 29 */ + { 0x24, 31, 0, "userCertificate" }, /* 30 */ + { 0x29, 32, 0, "N" }, /* 31 */ + { 0x2A, 33, 0, "G" }, /* 32 */ + { 0x2B, 34, 0, "I" }, /* 33 */ + { 0x2D, 35, 0, "ID" }, /* 34 */ + { 0x48, 0, 0, "role" }, /* 35 */ + { 0x1D, 0, 1, "id-ce" }, /* 36 */ + { 0x09, 38, 0, "subjectDirectoryAttrs" }, /* 37 */ + { 0x0E, 39, 0, "subjectKeyIdentifier" }, /* 38 */ + { 0x0F, 40, 0, "keyUsage" }, /* 39 */ + { 0x10, 41, 0, "privateKeyUsagePeriod" }, /* 40 */ + { 0x11, 42, 0, "subjectAltName" }, /* 41 */ + { 0x12, 43, 0, "issuerAltName" }, /* 42 */ + { 0x13, 44, 0, "basicConstraints" }, /* 43 */ + { 0x14, 45, 0, "crlNumber" }, /* 44 */ + { 0x15, 46, 0, "reasonCode" }, /* 45 */ + { 0x1F, 47, 0, "crlDistributionPoints" }, /* 46 */ + { 0x20, 48, 0, "certificatePolicies" }, /* 47 */ + { 0x23, 49, 0, "authorityKeyIdentifier" }, /* 48 */ + { 0x25, 50, 0, "extendedKeyUsage" }, /* 49 */ + { 0x37, 51, 0, "targetInformation" }, /* 50 */ + { 0x38, 0, 0, "noRevAvail" }, /* 51 */ + {0x2A, 94, 1, "" }, /* 52 */ + { 0x86, 0, 1, "" }, /* 53 */ + { 0x48, 0, 1, "" }, /* 54 */ + { 0x86, 0, 1, "" }, /* 55 */ + { 0xF6, 61, 1, "" }, /* 56 */ + { 0x7D, 0, 1, "NortelNetworks" }, /* 57 */ + { 0x07, 0, 1, "Entrust" }, /* 58 */ + { 0x41, 0, 1, "nsn-ce" }, /* 59 */ + { 0x00, 0, 0, "entrustVersInfo" }, /* 60 */ + { 0xF7, 0, 1, "" }, /* 61 */ + { 0x0D, 0, 1, "RSADSI" }, /* 62 */ + { 0x01, 89, 1, "PKCS" }, /* 63 */ + { 0x01, 72, 1, "PKCS-1" }, /* 64 */ + { 0x01, 66, 0, "rsaEncryption" }, /* 65 */ + { 0x02, 67, 0, "md2WithRSAEncryption" }, /* 66 */ + { 0x04, 68, 0, "md5WithRSAEncryption" }, /* 67 */ + { 0x05, 69, 0, "sha-1WithRSAEncryption" }, /* 68 */ + { 0x0B, 70, 0, "sha256WithRSAEncryption" }, /* 69 */ + { 0x0C, 71, 0, "sha384WithRSAEncryption" }, /* 70 */ + { 0x0D, 0, 0, "sha512WithRSAEncryption" }, /* 71 */ + { 0x07, 79, 1, "PKCS-7" }, /* 72 */ + { 0x01, 74, 0, "data" }, /* 73 */ + { 0x02, 75, 0, "signedData" }, /* 74 */ + { 0x03, 76, 0, "envelopedData" }, /* 75 */ + { 0x04, 77, 0, "signedAndEnvelopedData" }, /* 76 */ + { 0x05, 78, 0, "digestedData" }, /* 77 */ + { 0x06, 0, 0, "encryptedData" }, /* 78 */ + { 0x09, 0, 1, "PKCS-9" }, /* 79 */ + { 0x01, 81, 0, "E" }, /* 80 */ + { 0x02, 82, 0, "unstructuredName" }, /* 81 */ + { 0x03, 83, 0, "contentType" }, /* 82 */ + { 0x04, 84, 0, "messageDigest" }, /* 83 */ + { 0x05, 85, 0, "signingTime" }, /* 84 */ + { 0x06, 86, 0, "counterSignature" }, /* 85 */ + { 0x07, 87, 0, "challengePassword" }, /* 86 */ + { 0x08, 88, 0, "unstructuredAddress" }, /* 87 */ + { 0x0E, 0, 0, "extensionRequest" }, /* 88 */ + { 0x02, 92, 1, "digestAlgorithm" }, /* 89 */ + { 0x02, 91, 0, "md2" }, /* 90 */ + { 0x05, 0, 0, "md5" }, /* 91 */ + { 0x03, 0, 1, "encryptionAlgorithm" }, /* 92 */ + { 0x07, 0, 0, "3des-ede-cbc" }, /* 93 */ + {0x2B, 160, 1, "" }, /* 94 */ + { 0x06, 147, 1, "dod" }, /* 95 */ + { 0x01, 0, 1, "internet" }, /* 96 */ + { 0x04, 115, 1, "private" }, /* 97 */ + { 0x01, 0, 1, "enterprise" }, /* 98 */ + { 0x82, 108, 1, "" }, /* 99 */ + { 0x37, 0, 1, "Microsoft" }, /* 100 */ + { 0x0A, 105, 1, "" }, /* 101 */ + { 0x03, 0, 1, "" }, /* 102 */ + { 0x03, 104, 0, "msSGC" }, /* 103 */ + { 0x04, 0, 0, "msEncryptingFileSystem" }, /* 104 */ + { 0x14, 0, 1, "msEnrollmentInfrastructure"}, /* 105 */ + { 0x02, 0, 1, "msCertificateTypeExtension"}, /* 106 */ + { 0x02, 0, 0, "msSmartcardLogon" }, /* 107 */ + { 0x89, 0, 1, "" }, /* 108 */ + { 0x31, 0, 1, "" }, /* 109 */ + { 0x01, 0, 1, "" }, /* 110 */ + { 0x01, 0, 1, "" }, /* 111 */ + { 0x02, 0, 1, "" }, /* 112 */ + { 0x02, 114, 0, "" }, /* 113 */ + { 0x4B, 0, 0, "TCGID" }, /* 114 */ + { 0x05, 0, 1, "security" }, /* 115 */ + { 0x05, 0, 1, "mechanisms" }, /* 116 */ + { 0x07, 0, 1, "id-pkix" }, /* 117 */ + { 0x01, 120, 1, "id-pe" }, /* 118 */ + { 0x01, 0, 0, "authorityInfoAccess" }, /* 119 */ + { 0x03, 130, 1, "id-kp" }, /* 120 */ + { 0x01, 122, 0, "serverAuth" }, /* 121 */ + { 0x02, 123, 0, "clientAuth" }, /* 122 */ + { 0x03, 124, 0, "codeSigning" }, /* 123 */ + { 0x04, 125, 0, "emailProtection" }, /* 124 */ + { 0x05, 126, 0, "ipsecEndSystem" }, /* 125 */ + { 0x06, 127, 0, "ipsecTunnel" }, /* 126 */ + { 0x07, 128, 0, "ipsecUser" }, /* 127 */ + { 0x08, 129, 0, "timeStamping" }, /* 128 */ + { 0x09, 0, 0, "ocspSigning" }, /* 129 */ + { 0x08, 132, 1, "id-otherNames" }, /* 130 */ + { 0x05, 0, 0, "xmppAddr" }, /* 131 */ + { 0x0A, 137, 1, "id-aca" }, /* 132 */ + { 0x01, 134, 0, "authenticationInfo" }, /* 133 */ + { 0x02, 135, 0, "accessIdentity" }, /* 134 */ + { 0x03, 136, 0, "chargingIdentity" }, /* 135 */ + { 0x04, 0, 0, "group" }, /* 136 */ + { 0x30, 0, 1, "id-ad" }, /* 137 */ + { 0x01, 146, 1, "ocsp" }, /* 138 */ + { 0x01, 140, 0, "basic" }, /* 139 */ + { 0x02, 141, 0, "nonce" }, /* 140 */ + { 0x03, 142, 0, "crl" }, /* 141 */ + { 0x04, 143, 0, "response" }, /* 142 */ + { 0x05, 144, 0, "noCheck" }, /* 143 */ + { 0x06, 145, 0, "archiveCutoff" }, /* 144 */ + { 0x07, 0, 0, "serviceLocator" }, /* 145 */ + { 0x02, 0, 0, "caIssuers" }, /* 146 */ + { 0x0E, 153, 1, "oiw" }, /* 147 */ + { 0x03, 0, 1, "secsig" }, /* 148 */ + { 0x02, 0, 1, "algorithms" }, /* 149 */ + { 0x07, 151, 0, "des-cbc" }, /* 150 */ + { 0x1A, 152, 0, "sha-1" }, /* 151 */ + { 0x1D, 0, 0, "sha-1WithRSASignature" }, /* 152 */ + { 0x24, 0, 1, "TeleTrusT" }, /* 153 */ + { 0x03, 0, 1, "algorithm" }, /* 154 */ + { 0x03, 0, 1, "signatureAlgorithm" }, /* 155 */ + { 0x01, 0, 1, "rsaSignature" }, /* 156 */ + { 0x02, 158, 0, "rsaSigWithripemd160" }, /* 157 */ + { 0x03, 159, 0, "rsaSigWithripemd128" }, /* 158 */ + { 0x04, 0, 0, "rsaSigWithripemd256" }, /* 159 */ + {0x60, 0, 1, "" }, /* 160 */ + { 0x86, 0, 1, "" }, /* 161 */ + { 0x48, 0, 1, "" }, /* 162 */ + { 0x01, 0, 1, "organization" }, /* 163 */ + { 0x65, 171, 1, "gov" }, /* 164 */ + { 0x03, 0, 1, "csor" }, /* 165 */ + { 0x04, 0, 1, "nistalgorithm" }, /* 166 */ + { 0x02, 0, 1, "hashalgs" }, /* 167 */ + { 0x01, 169, 0, "id-SHA-256" }, /* 168 */ + { 0x02, 170, 0, "id-SHA-384" }, /* 169 */ + { 0x03, 0, 0, "id-SHA-512" }, /* 170 */ + { 0x86, 0, 1, "" }, /* 171 */ + { 0xf8, 0, 1, "" }, /* 172 */ + { 0x42, 185, 1, "netscape" }, /* 173 */ + { 0x01, 180, 1, "" }, /* 174 */ + { 0x01, 176, 0, "nsCertType" }, /* 175 */ + { 0x03, 177, 0, "nsRevocationUrl" }, /* 176 */ + { 0x04, 178, 0, "nsCaRevocationUrl" }, /* 177 */ + { 0x08, 179, 0, "nsCaPolicyUrl" }, /* 178 */ + { 0x0d, 0, 0, "nsComment" }, /* 179 */ + { 0x03, 183, 1, "directory" }, /* 180 */ + { 0x01, 0, 1, "" }, /* 181 */ + { 0x03, 0, 0, "employeeNumber" }, /* 182 */ + { 0x04, 0, 1, "policy" }, /* 183 */ + { 0x01, 0, 0, "nsSGC" }, /* 184 */ + { 0x45, 0, 1, "verisign" }, /* 185 */ + { 0x01, 0, 1, "pki" }, /* 186 */ + { 0x09, 0, 1, "attributes" }, /* 187 */ + { 0x02, 189, 0, "messageType" }, /* 188 */ + { 0x03, 190, 0, "pkiStatus" }, /* 189 */ + { 0x04, 191, 0, "failInfo" }, /* 190 */ + { 0x05, 192, 0, "senderNonce" }, /* 191 */ + { 0x06, 193, 0, "recipientNonce" }, /* 192 */ + { 0x07, 194, 0, "transID" }, /* 193 */ + { 0x08, 0, 0, "extensionReq" } /* 194 */ }; diff --git a/src/libstrongswan/asn1/oid.h b/src/libstrongswan/asn1/oid.h index a29b1f0a1..5814a3ba0 100644 --- a/src/libstrongswan/asn1/oid.h +++ b/src/libstrongswan/asn1/oid.h @@ -49,36 +49,37 @@ extern const oid_t oid_names[]; #define OID_MD2 90 #define OID_MD5 91 #define OID_3DES_EDE_CBC 93 -#define OID_AUTHORITY_INFO_ACCESS 115 -#define OID_OCSP_SIGNING 125 -#define OID_XMPP_ADDR 127 -#define OID_AUTHENTICATION_INFO 129 -#define OID_ACCESS_IDENTITY 130 -#define OID_CHARGING_IDENTITY 131 -#define OID_GROUP 132 -#define OID_OCSP 134 -#define OID_BASIC 135 -#define OID_NONCE 136 -#define OID_CRL 137 -#define OID_RESPONSE 138 -#define OID_NO_CHECK 139 -#define OID_ARCHIVE_CUTOFF 140 -#define OID_SERVICE_LOCATOR 141 -#define OID_DES_CBC 145 -#define OID_SHA1 146 -#define OID_SHA1_WITH_RSA_OIW 147 -#define OID_SHA256 163 -#define OID_SHA384 164 -#define OID_SHA512 165 -#define OID_NS_REVOCATION_URL 171 -#define OID_NS_CA_REVOCATION_URL 172 -#define OID_NS_CA_POLICY_URL 173 -#define OID_NS_COMMENT 174 -#define OID_PKI_MESSAGE_TYPE 183 -#define OID_PKI_STATUS 184 -#define OID_PKI_FAIL_INFO 185 -#define OID_PKI_SENDER_NONCE 186 -#define OID_PKI_RECIPIENT_NONCE 187 -#define OID_PKI_TRANS_ID 188 +#define OID_AUTHORITY_INFO_ACCESS 119 +#define OID_OCSP_SIGNING 129 +#define OID_XMPP_ADDR 131 +#define OID_AUTHENTICATION_INFO 133 +#define OID_ACCESS_IDENTITY 134 +#define OID_CHARGING_IDENTITY 135 +#define OID_GROUP 136 +#define OID_OCSP 138 +#define OID_BASIC 139 +#define OID_NONCE 140 +#define OID_CRL 141 +#define OID_RESPONSE 142 +#define OID_NO_CHECK 143 +#define OID_ARCHIVE_CUTOFF 144 +#define OID_SERVICE_LOCATOR 145 +#define OID_CA_ISSUERS 146 +#define OID_DES_CBC 150 +#define OID_SHA1 151 +#define OID_SHA1_WITH_RSA_OIW 152 +#define OID_SHA256 168 +#define OID_SHA384 169 +#define OID_SHA512 170 +#define OID_NS_REVOCATION_URL 176 +#define OID_NS_CA_REVOCATION_URL 177 +#define OID_NS_CA_POLICY_URL 178 +#define OID_NS_COMMENT 179 +#define OID_PKI_MESSAGE_TYPE 188 +#define OID_PKI_STATUS 189 +#define OID_PKI_FAIL_INFO 190 +#define OID_PKI_SENDER_NONCE 191 +#define OID_PKI_RECIPIENT_NONCE 192 +#define OID_PKI_TRANS_ID 193 #endif /* OID_H_ */ diff --git a/src/libstrongswan/asn1/oid.txt b/src/libstrongswan/asn1/oid.txt index bd5a26e43..6ae2dc29a 100644 --- a/src/libstrongswan/asn1/oid.txt +++ b/src/libstrongswan/asn1/oid.txt @@ -102,6 +102,10 @@ 0x0A "" 0x03 "" 0x03 "msSGC" + 0x04 "msEncryptingFileSystem" + 0x14 "msEnrollmentInfrastructure" + 0x02 "msCertificateTypeExtension" + 0x02 "msSmartcardLogon" 0x89 "" 0x31 "" 0x01 "" @@ -140,6 +144,7 @@ 0x05 "noCheck" OID_NO_CHECK 0x06 "archiveCutoff" OID_ARCHIVE_CUTOFF 0x07 "serviceLocator" OID_SERVICE_LOCATOR + 0x02 "caIssuers" OID_CA_ISSUERS 0x0E "oiw" 0x03 "secsig" 0x02 "algorithms" diff --git a/src/libstrongswan/asn1/pem.c b/src/libstrongswan/asn1/pem.c index 641805869..b752a97ab 100755 --- a/src/libstrongswan/asn1/pem.c +++ b/src/libstrongswan/asn1/pem.c @@ -10,6 +10,8 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. + * + * RCSID $Id: pem.c 3256 2007-10-07 13:42:43Z andreas $ */ #include @@ -40,7 +42,7 @@ static bool present(const char* pattern, chunk_t* ch) { u_int pattern_len = strlen(pattern); - if (ch->len >= pattern_len && strncmp(ch->ptr, pattern, pattern_len) == 0) + if (ch->len >= pattern_len && strneq(ch->ptr, pattern, pattern_len)) { ch->ptr += pattern_len; ch->len -= pattern_len; diff --git a/src/libstrongswan/asn1/ttodata.c b/src/libstrongswan/asn1/ttodata.c index 8114b12c5..125313c2a 100644 --- a/src/libstrongswan/asn1/ttodata.c +++ b/src/libstrongswan/asn1/ttodata.c @@ -62,98 +62,123 @@ const char *ttodatav(const char *src, size_t srclen, int base, char *dst, size_t int skipSpace = 0; if (srclen == 0) + { srclen = strlen(src); + } if (dstlen == 0) + { dst = buf; /* point it somewhere valid */ + } stop = dst + dstlen; - if (base == 0) { + if (base == 0) + { if (srclen < 2) + { return "input too short to be valid"; + } if (*src++ != '0') + { return "input does not begin with format prefix"; - switch (*src++) { - case 'x': - case 'X': - base = 16; + } + switch (*src++) + { + case 'x': + case 'X': + base = 16; + break; + case 's': + case 'S': + base = 64; + break; + case 't': + case 'T': + base = 256; + break; + default: + return "unknown format prefix"; + } + srclen -= 2; + } + switch (base) + { + case 16: + decode = unhex; + underscoreok = 1; + ingroup = 2; break; - case 's': - case 'S': - base = 64; + case 64: + decode = unb64; + underscoreok = 0; + ingroup = 4; + if(flags & TTODATAV_IGNORESPACE) + { + skipSpace = 1; + } break; - case 't': - case 'T': - base = 256; + case 256: + decode = untext; + ingroup = 1; + underscoreok = 0; break; default: - return "unknown format prefix"; - } - srclen -= 2; - } - switch (base) { - case 16: - decode = unhex; - underscoreok = 1; - ingroup = 2; - break; - case 64: - decode = unb64; - underscoreok = 0; - ingroup = 4; - if(flags & TTODATAV_IGNORESPACE) { - skipSpace = 1; - } - break; - - case 256: - decode = untext; - ingroup = 1; - underscoreok = 0; - break; - default: - return "unknown base"; + return "unknown base"; } /* proceed */ ndone = 0; - while (srclen > 0) { + while (srclen > 0) + { char stage[4]; /* staging area for group */ size_t sl = 0; /* Grab ingroup characters into stage, * squeezing out blanks if we are supposed to ignore them. */ - for (sl = 0; sl < ingroup; src++, srclen--) { + for (sl = 0; sl < ingroup; src++, srclen--) + { if (srclen == 0) + { return "input ends in mid-byte, perhaps truncated"; + } else if (!(skipSpace && (*src == ' ' || *src == '\t'))) + { stage[sl++] = *src; + } } nbytes = (*decode)(stage, buf, sizeof(buf)); - switch (nbytes) { - case BADCH0: - case BADCH1: - case BADCH2: - case BADCH3: - return badch(stage, nbytes, errp, errlen); - case SHORT: - return "internal buffer too short (\"can't happen\")"; - case BADPAD: - return "bad (non-zero) padding at end of base64 input"; + switch (nbytes) + { + case BADCH0: + case BADCH1: + case BADCH2: + case BADCH3: + return badch(stage, nbytes, errp, errlen); + case SHORT: + return "internal buffer too short (\"can't happen\")"; + case BADPAD: + return "bad (non-zero) padding at end of base64 input"; } if (nbytes <= 0) + { return "unknown internal error"; - for (i = 0; i < nbytes; i++) { + } + for (i = 0; i < nbytes; i++) + { if (dst < stop) + { *dst++ = buf[i]; + } ndone++; } - while (srclen >= 1 && skipSpace && (*src == ' ' || *src == '\t')){ + while (srclen >= 1 && skipSpace && (*src == ' ' || *src == '\t')) + { src++; srclen--; } - if (underscoreok && srclen > 1 && *src == '_') { + if (underscoreok && srclen > 1 && (*src == '_' || *src == ':')) + { /* srclen > 1 means not last character */ src++; srclen--; @@ -161,9 +186,13 @@ const char *ttodatav(const char *src, size_t srclen, int base, char *dst, size_t } if (ndone == 0) + { return "no data bytes specified by input"; + } if (lenp != NULL) + { *lenp = ndone; + } return NULL; } @@ -201,9 +230,7 @@ size_t atodata(const char *src, size_t srclen, char *dst, size_t dstlen) const char *err; err = ttodata(src, srclen, 0, dst, dstlen, &len); - if (err != NULL) - return 0; - return len; + return (err)? 0:len; } /** @@ -231,21 +258,31 @@ static int unhex(const char *src, char *dst, size_t dstlen) static char hex[] = "0123456789abcdef"; if (dstlen < 1) + { return SHORT; - + } + p = strchr(hex, *src); if (p == NULL) + { p = strchr(hex, tolower(*src)); + } if (p == NULL) + { return BADCH0; + } byte = (p - hex) << 4; src++; p = strchr(hex, *src); if (p == NULL) + { p = strchr(hex, tolower(*src)); + } if (p == NULL) + { return BADCH1; + } byte |= (p - hex); *dst = byte; @@ -272,16 +309,20 @@ static int unb64(const char *src, char *dst, size_t dstlen) "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; if (dstlen < 3) + { return SHORT; - + } p = strchr(base64, *src++); if (p == NULL) + { return BADCH0; + } byte1 = (p - base64) << 2; /* first six bits */ p = strchr(base64, *src++); - if (p == NULL) { + if (p == NULL) + { return BADCH1; } @@ -290,10 +331,14 @@ static int unb64(const char *src, char *dst, size_t dstlen) byte1 = (byte2 & 0xf) << 4; p = strchr(base64, *src++); - if (p == NULL) { - if (*(src-1) == '=' && *src == '=') { + if (p == NULL) + { + if (*(src-1) == '=' && *src == '=') + { if (byte1 != 0) /* bad padding */ + { return BADPAD; + } return 1; } return BADCH2; @@ -304,10 +349,14 @@ static int unb64(const char *src, char *dst, size_t dstlen) byte1 = (byte2 & 0x3) << 6; p = strchr(base64, *src++); - if (p == NULL) { - if (*(src-1) == '=') { + if (p == NULL) + { + if (*(src-1) == '=') + { if (byte1 != 0) /* bad padding */ + { return BADPAD; + } return 2; } return BADCH3; @@ -329,8 +378,9 @@ static int unb64(const char *src, char *dst, size_t dstlen) static int untext(const char *src, char *dst, size_t dstlen) { if (dstlen < 1) + { return SHORT; - + } *dst = *src; return 1; } @@ -359,13 +409,18 @@ static const char *badch(const char *src, int errcode, char *errp, size_t errlen char ch; if (errp == NULL || errlen < REQD) + { return "unknown character in input"; + } strcpy(errp, pre); ch = *(src + BADOFF(errcode)); - if (isprint(ch)) { + if (isprint(ch)) + { buf[0] = ch; buf[1] = '\0'; - } else { + } + else + { buf[0] = '\\'; buf[1] = ((ch & 0700) >> 6) + '0'; buf[2] = ((ch & 0070) >> 3) + '0'; diff --git a/src/libstrongswan/chunk.c b/src/libstrongswan/chunk.c index d70e1723f..0d7841641 100644 --- a/src/libstrongswan/chunk.c +++ b/src/libstrongswan/chunk.c @@ -28,6 +28,7 @@ #include #include +#include /** * Empty chunk. @@ -247,6 +248,35 @@ bool chunk_write(chunk_t chunk, const char *path, const char *label, mode_t mask } } +/** hex conversion digits */ +static char hexdig_upper[] = "0123456789ABCDEF"; +static char hexdig_lower[] = "0123456789abcdef"; + +/** + * Described in header. + */ +char *chunk_to_hex(chunk_t chunk, bool uppercase) +{ + int i; + char *str; + char *hexdig = hexdig_lower; + + if (uppercase) + { + hexdig = hexdig_upper; + } + + str = malloc(chunk.len * 2 + 1); + str[chunk.len * 2] = '\0'; + + for (i = 0; i < chunk.len; i ++) + { + str[i*2] = hexdig[(chunk.ptr[i] >> 4) & 0xF]; + str[i*2+1] = hexdig[(chunk.ptr[i] ) & 0xF]; + } + return str; +} + /** * Described in header. */ @@ -257,6 +287,27 @@ void chunk_free(chunk_t *chunk) chunk->len = 0; } +/** + * Described in header. + */ +void chunk_free_randomized(chunk_t *chunk) +{ + if (chunk->ptr) + { + if (chunk->len > 0) + { + randomizer_t *randomizer = randomizer_create(); + + randomizer->get_pseudo_random_bytes(randomizer, + chunk->len, chunk->ptr); + randomizer->destroy(randomizer); + }; + free(chunk->ptr); + chunk->ptr = NULL; + } + chunk->len = 0; +} + /** * Described in header. */ @@ -332,10 +383,8 @@ static int print_bytes(FILE *stream, const struct printf_info *info, while (bytes_pos < bytes_roof) { - static char hexdig[] = "0123456789ABCDEF"; - - *buffer_pos++ = hexdig[(*bytes_pos >> 4) & 0xF]; - *buffer_pos++ = hexdig[ *bytes_pos & 0xF]; + *buffer_pos++ = hexdig_upper[(*bytes_pos >> 4) & 0xF]; + *buffer_pos++ = hexdig_upper[ *bytes_pos & 0xF]; ascii_buffer[i++] = (*bytes_pos > 31 && *bytes_pos < 127) ? *bytes_pos : '.'; diff --git a/src/libstrongswan/chunk.h b/src/libstrongswan/chunk.h index a13ccfc22..9c0aabba1 100644 --- a/src/libstrongswan/chunk.h +++ b/src/libstrongswan/chunk.h @@ -83,11 +83,21 @@ void chunk_split(chunk_t chunk, const char *mode, ...); */ bool chunk_write(chunk_t chunk, const char *path, const char *label, mode_t mask, bool force); +/** + * convert a chunk to an allocated hex string + */ +char *chunk_to_hex(chunk_t chunk, bool uppercase); + /** * Free contents of a chunk */ void chunk_free(chunk_t *chunk); +/** + * Overwrite the contents of a chunk with pseudo-random bytes and free them + */ +void chunk_free_randomized(chunk_t *chunk); + /** * Initialize a chunk to point to buffer inspectable by sizeof() */ diff --git a/src/libstrongswan/credential_store.h b/src/libstrongswan/credential_store.h index dcbe43f52..62b6ad2d5 100755 --- a/src/libstrongswan/credential_store.h +++ b/src/libstrongswan/credential_store.h @@ -87,17 +87,6 @@ struct credential_store_t { */ rsa_public_key_t* (*get_rsa_public_key) (credential_store_t *this, identification_t *id); - /** - * @brief Returns the RSA private key belonging to an RSA public key - * - * The returned rsa_private_key_t must be destroyed by the caller after usage. - * - * @param this calling object - * @param pubkey public key - * @return private key, or NULL if not found - */ - rsa_private_key_t* (*get_rsa_private_key) (credential_store_t *this, rsa_public_key_t *pubkey); - /** * @brief Is there a matching RSA private key belonging to an RSA public key? * @@ -144,6 +133,20 @@ struct credential_store_t { */ ca_info_t* (*get_issuer) (credential_store_t *this, x509_t* cert); + /** + * @brief RSA private key belonging to an RSA public key + * + * + * @param this calling object + * @param pubkey public key used to find the matching private key + * @param hash_algorithm hash algorithm to be used for signature + * @param data data block to be signed + * @param signature signature to be returned + * @return status of the signature process - SUCCESS if successful + */ + status_t (*rsa_signature) (credential_store_t *this, rsa_public_key_t *pubkey, hash_algorithm_t hash_algorithm, + chunk_t data, chunk_t *signature); + /** * @brief Verify an RSA signature given the ID of the signer * @@ -154,7 +157,8 @@ struct credential_store_t { * @param issuer_p issuer of the signer's certificate (if not self-signed). * @return status of the verification - SUCCESS if successful */ - status_t (*verify_signature) (credential_store_t *this, chunk_t hash, chunk_t sig, identification_t *id, ca_info_t **issuer_p); + status_t (*verify_signature) (credential_store_t *this, chunk_t hash, chunk_t sig, identification_t *id, + ca_info_t **issuer_p); /** * @brief Verify an X.509 certificate up to trust anchor without any status checks @@ -239,6 +243,14 @@ struct credential_store_t { */ iterator_t* (*create_cainfo_iterator) (credential_store_t *this); + /** + * @brief Create an iterator over all attribute certificates. + * + * @param this calling object + * @return iterator + */ + iterator_t* (*create_acert_iterator) (credential_store_t *this); + /** * @brief Loads ca certificates from a default directory. * @@ -288,12 +300,13 @@ struct credential_store_t { /** * @brief Loads secrets in ipsec.secrets * - * Currently, all RSA private key files must be in unencrypted form - * either in DER or PEM format. + * RSA private key files can be either in DER or PEM format + * Optional encryption with a passphrase supported * * @param this calling object + * @param reload are the secrets to be reloaded */ - void (*load_secrets) (credential_store_t *this); + void (*load_secrets) (credential_store_t *this, bool reload); /** * @brief Destroys a credential_store_t object. diff --git a/src/libstrongswan/crypto/ac.c b/src/libstrongswan/crypto/ac.c index 47605e9e1..1367494f8 100644 --- a/src/libstrongswan/crypto/ac.c +++ b/src/libstrongswan/crypto/ac.c @@ -19,17 +19,28 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. + * + * RCSID $Id: ac.c 3300 2007-10-12 21:53:18Z andreas $ */ +#include +#include + #include #include #include +#include +#include +#include #include #include +#include #include "ac.h" +#define ACERT_WARNING_INTERVAL 1 /* day */ + typedef struct private_x509ac_t private_x509ac_t; /** @@ -137,92 +148,6 @@ struct private_x509ac_t { chunk_t signature; }; -/** - * definition of ietfAttribute kinds - */ -typedef enum { - IETF_ATTRIBUTE_OCTETS = 0, - IETF_ATTRIBUTE_OID = 1, - IETF_ATTRIBUTE_STRING = 2 -} ietfAttribute_t; - -/** - * access structure for an ietfAttribute - */ -typedef struct ietfAttr_t ietfAttr_t; - -struct ietfAttr_t { - /** - * IETF attribute kind - */ - ietfAttribute_t kind; - - /** - * IETF attribute valuse - */ - chunk_t value; - - /** - * Destroys the ietfAttr_t object. - * - * @param this ietfAttr_t to destroy - */ - void (*destroy) (ietfAttr_t *this); -}; - -/** - * Destroys an ietfAttr_t object - */ -static void ietfAttr_destroy(ietfAttr_t *this) -{ - free(this->value.ptr); - free(this); -} - -/** - * Creates an ietfAttr_t object. - */ -ietfAttr_t *ietfAttr_create(ietfAttribute_t kind, chunk_t value) -{ - ietfAttr_t *this = malloc_thing(ietfAttr_t); - - /* initialize */ - this->kind = kind; - this->value = chunk_clone(value); - - /* function */ - this->destroy = ietfAttr_destroy; - - return this; -} - -/** - * ASN.1 definition of ietfAttrSyntax - */ -static const asn1Object_t ietfAttrSyntaxObjects[] = -{ - { 0, "ietfAttrSyntax", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */ - { 1, "policyAuthority", ASN1_CONTEXT_C_0, ASN1_OPT | - ASN1_BODY }, /* 1 */ - { 1, "end opt", ASN1_EOC, ASN1_END }, /* 2 */ - { 1, "values", ASN1_SEQUENCE, ASN1_LOOP }, /* 3 */ - { 2, "octets", ASN1_OCTET_STRING, ASN1_OPT | - ASN1_BODY }, /* 4 */ - { 2, "end choice", ASN1_EOC, ASN1_END }, /* 5 */ - { 2, "oid", ASN1_OID, ASN1_OPT | - ASN1_BODY }, /* 6 */ - { 2, "end choice", ASN1_EOC, ASN1_END }, /* 7 */ - { 2, "string", ASN1_UTF8STRING, ASN1_OPT | - ASN1_BODY }, /* 8 */ - { 2, "end choice", ASN1_EOC, ASN1_END }, /* 9 */ - { 1, "end loop", ASN1_EOC, ASN1_END } /* 10 */ -}; - -#define IETF_ATTR_OCTETS 4 -#define IETF_ATTR_OID 6 -#define IETF_ATTR_STRING 8 -#define IETF_ATTR_ROOF 11 - /** * ASN.1 definition of roleSyntax */ @@ -356,6 +281,23 @@ static err_t is_valid(const private_x509ac_t *this, time_t *until) return NULL; } +/** + * Implements x509ac_t.is_newer + */ +static bool is_newer(const private_x509ac_t *this, const private_x509ac_t *other) +{ + return this->notBefore > other->notBefore; +} + +/** + * Implements x509ac_t.equals_holder. + */ +static bool equals_holder(const private_x509ac_t *this, const private_x509ac_t *other) +{ + return this->holderIssuer->equals(this->holderIssuer, other->holderIssuer) + && chunk_equals(this->holderSerial, other->holderSerial); +} + /** * parses a directoryName */ @@ -364,7 +306,7 @@ static bool parse_directoryName(chunk_t blob, int level, bool implicit, identifi bool has_directoryName; linked_list_t *list = linked_list_create(); - parse_generalNames(blob, level, implicit, list); + x509_parse_generalNames(blob, level, implicit, list); has_directoryName = list->get_count(list) > 0; if (has_directoryName) @@ -397,43 +339,6 @@ static bool parse_directoryName(chunk_t blob, int level, bool implicit, identifi return has_directoryName; } -/** - * parses ietfAttrSyntax - */ -static void parse_ietfAttrSyntax(chunk_t blob, int level0, linked_list_t *list) -{ - asn1_ctx_t ctx; - chunk_t object; - u_int level; - int objectID = 0; - - asn1_init(&ctx, blob, level0, FALSE, FALSE); - - while (objectID < IETF_ATTR_ROOF) - { - if (!extract_object(ietfAttrSyntaxObjects, &objectID, &object, &level, &ctx)) - { - return; - } - - switch (objectID) - { - case IETF_ATTR_OCTETS: - case IETF_ATTR_OID: - case IETF_ATTR_STRING: - { - ietfAttribute_t kind = (objectID - IETF_ATTR_OCTETS) / 2; - ietfAttr_t *attr = ietfAttr_create(kind, object); - list->insert_last(list, (void *)attr); - } - break; - default: - break; - } - objectID++; - } -} - /** * parses roleSyntax */ @@ -470,9 +375,9 @@ static bool parse_certificate(chunk_t blob, private_x509ac_t *this) bool critical; chunk_t object; u_int level; - u_int type = OID_UNKNOWN; - u_int extn_oid = OID_UNKNOWN; int objectID = 0; + int type = OID_UNKNOWN; + int extn_oid = OID_UNKNOWN; asn1_init(&ctx, blob, 0, FALSE, FALSE); while (objectID < AC_OBJ_ROOF) @@ -549,10 +454,10 @@ static bool parse_certificate(chunk_t blob, private_x509ac_t *this) DBG2(" need to parse accessIdentity"); break; case OID_CHARGING_IDENTITY: - parse_ietfAttrSyntax(object, level, this->charging); + ietfAttr_list_create_from_chunk(object, this->charging, level); break; case OID_GROUP: - parse_ietfAttrSyntax(object, level, this->groups); + ietfAttr_list_create_from_chunk(object, this->groups, level); break; case OID_ROLE: parse_roleSyntax(object, level); @@ -577,7 +482,7 @@ static bool parse_certificate(chunk_t blob, private_x509ac_t *this) DBG2(" need to parse crlDistributionPoints"); break; case OID_AUTHORITY_KEY_ID: - parse_authorityKeyIdentifier(object, level, + x509_parse_authorityKeyIdentifier(object, level, &this->authKeyID, &this->authKeySerialNumber); break; case OID_TARGET_INFORMATION: @@ -603,7 +508,72 @@ static bool parse_certificate(chunk_t blob, private_x509ac_t *this) objectID++; } this->installed = time(NULL); - return FALSE; + return TRUE; +} + +/** + * Implementation of x509ac_t.list. + */ +static void list(const private_x509ac_t *this, FILE *out, bool utc) +{ + time_t now = time(NULL); + + fprintf(out, "%#T\n", &this->installed, utc); + + if (this->entityName) + { + fprintf(out, " holder: '%D'\n", this->entityName); + } + if (this->holderIssuer) + { + fprintf(out, " hissuer: '%D'\n", this->holderIssuer); + } + if (this->holderSerial.ptr) + { + fprintf(out, " hserial: %#B\n", &this->holderSerial); + } + + /* list all group attributes on a single line */ + fprintf(out, " groups: "); + ietfAttr_list_list(this->groups, out); + fprintf(out, "\n"); + + fprintf(out, " issuer: '%D'\n", this->issuerName); + fprintf(out, " serial: %#B\n", &this->serialNumber); + + fprintf(out, " validity: not before %#T, ", &this->notBefore, utc); + if (now < this->notBefore) + { + fprintf(out, "not valid yet (valid in %V)\n", &now, &this->notBefore); + } + else + { + fprintf(out, "ok\n"); + } + + fprintf(out, " not after %#T, ", &this->notAfter, utc); + if (now > this->notAfter) + { + fprintf(out, "expired (%V ago)\n", &now, &this->notAfter); + } + else + { + fprintf(out, "ok"); + if (now > this->notAfter - ACERT_WARNING_INTERVAL * 60 * 60 * 24) + { + fprintf(out, " (expires in %V)", &now, &this->notAfter); + } + fprintf(out, " \n"); + } + + if (this->authKeyID.ptr) + { + fprintf(out, " authkey: %#B\n", &this->authKeyID); + } + if (this->authKeySerialNumber.ptr) + { + fprintf(out, " aserial: %#B\n", &this->authKeySerialNumber); + } } /** @@ -614,10 +584,8 @@ static void destroy(private_x509ac_t *this) DESTROY_IF(this->holderIssuer); DESTROY_IF(this->entityName); DESTROY_IF(this->issuerName); - this->charging->destroy_offset(this->charging, - offsetof(ietfAttr_t, destroy)); - this->groups->destroy_offset(this->groups, - offsetof(ietfAttr_t, destroy)); + ietfAttr_list_destroy(this->charging); + ietfAttr_list_destroy(this->groups); free(this->certificate.ptr); free(this); } @@ -638,6 +606,9 @@ x509ac_t *x509ac_create_from_chunk(chunk_t chunk) /* public functions */ this->public.is_valid = (err_t (*) (const x509ac_t*,time_t*))is_valid; + this->public.is_newer = (bool (*) (const x509ac_t*,const x509ac_t*))is_newer; + this->public.equals_holder = (bool (*) (const x509ac_t*,const x509ac_t*))equals_holder; + this->public.list = (void (*) (const x509ac_t*,FILE*,bool))list; this->public.destroy = (void (*) (x509ac_t*))destroy; if (!parse_certificate(chunk, this)) diff --git a/src/libstrongswan/crypto/ac.h b/src/libstrongswan/crypto/ac.h index b7fd26c94..8a4ccbd4c 100644 --- a/src/libstrongswan/crypto/ac.h +++ b/src/libstrongswan/crypto/ac.h @@ -21,11 +21,15 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. + * + * RCSID $Id: ac.h 3300 2007-10-12 21:53:18Z andreas $ */ #ifndef AC_H_ #define AC_H_ +#include + typedef struct x509ac_t x509ac_t; /** @@ -48,6 +52,32 @@ struct x509ac_t { */ err_t (*is_valid) (const x509ac_t *this, time_t *until); + /** @brief Checks if this attr cert is newer than the other attr cert + * + * @param this calling object + * @param other other attr cert object + * @return TRUE if this was issued more recently than other + */ + bool (*is_newer) (const x509ac_t *this, const x509ac_t *other); + + /** + * @brief Checks if two attribute certificates belong to the same holder + * + * @param this calling attribute certificate + * @param that other attribute certificate + * @return TRUE if same holder + */ + bool (*equals_holder) (const x509ac_t *this, const x509ac_t *other); + + /** + * @brief Log the attribute certificate info to out. + * + * @param this calling object + * @param out stream to write to + * @param utc TRUE for UTC times, FALSE for local time + */ + void (*list)(const x509ac_t *this, FILE *out, bool utc); + /** * @brief Destroys the attribute certificate. * @@ -68,14 +98,13 @@ x509ac_t *x509ac_create_from_chunk(chunk_t chunk); /** * @brief Read a x509 attribute certificate from a DER encoded file. - * + * * @param filename file containing DER encoded data - * @return created x509ac_t certificate, or NULL if invalid. - * + * @return created x509ac_t certificate, or NULL if invalid. + * * @ingroup crypto */ x509ac_t *x509ac_create_from_file(const char *filename); - #endif /* AC_H_ */ diff --git a/src/libstrongswan/crypto/crl.c b/src/libstrongswan/crypto/crl.c index b4ae37b2e..d52078ea9 100755 --- a/src/libstrongswan/crypto/crl.c +++ b/src/libstrongswan/crypto/crl.c @@ -18,6 +18,8 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. + * + * RCSID $Id: crl.c 3300 2007-10-12 21:53:18Z andreas $ */ #include @@ -290,7 +292,8 @@ bool parse_x509crl(chunk_t blob, u_int level0, private_crl_t *crl) } else if (extn_oid == OID_AUTHORITY_KEY_ID) { - parse_authorityKeyIdentifier(object, level, &crl->authKeyID, &crl->authKeySerialNumber); + x509_parse_authorityKeyIdentifier(object, level, + &crl->authKeyID, &crl->authKeySerialNumber); } else if (extn_oid == OID_CRL_NUMBER) { @@ -304,6 +307,11 @@ bool parse_x509crl(chunk_t blob, u_int level0, private_crl_t *crl) break; case CRL_OBJ_ALGORITHM: crl->algorithm = parse_algorithmIdentifier(object, level, NULL); + if (crl->algorithm != crl->sigAlg) + { + DBG1(" signature algorithms do not agree"); + return FALSE; + } break; case CRL_OBJ_SIGNATURE: crl->signature = object; @@ -374,7 +382,14 @@ static bool is_newer(const private_crl_t *this, const private_crl_t *other) */ static bool verify(const private_crl_t *this, const rsa_public_key_t *signer) { - return signer->verify_emsa_pkcs1_signature(signer, this->tbsCertList, this->signature) == SUCCESS; + hash_algorithm_t algorithm = hasher_algorithm_from_oid(this->algorithm); + + if (algorithm == HASH_UNKNOWN) + { + DBG1(" unknown signature algorithm"); + return FALSE; + } + return signer->verify_emsa_pkcs1_signature(signer, algorithm, this->tbsCertList, this->signature) == SUCCESS; } /** diff --git a/src/libstrongswan/crypto/crl.h b/src/libstrongswan/crypto/crl.h index a367c3aff..bcf031dd4 100755 --- a/src/libstrongswan/crypto/crl.h +++ b/src/libstrongswan/crypto/crl.h @@ -18,6 +18,8 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. + * + * RCSID $Id: crl.h 3300 2007-10-12 21:53:18Z andreas $ */ #ifndef CRL_H_ diff --git a/src/libstrongswan/crypto/diffie_hellman.c b/src/libstrongswan/crypto/diffie_hellman.c index e4062066c..605892e87 100644 --- a/src/libstrongswan/crypto/diffie_hellman.c +++ b/src/libstrongswan/crypto/diffie_hellman.c @@ -8,7 +8,7 @@ /* * Copyright (C) 1998-2002 D. Hugh Redelmeier. * Copyright (C) 1999, 2000, 2001 Henry Spencer. - * Copyright (C) 2005-2006 Martin Willi + * Copyright (C) 2005-2007 Martin Willi * Copyright (C) 2005 Jan Hutter * Hochschule fuer Technik Rapperswil * @@ -24,11 +24,11 @@ */ #include -#include #include "diffie_hellman.h" #include +#include ENUM_BEGIN(diffie_hellman_group_names, MODP_NONE, MODP_1024_BIT, "MODP_NONE", @@ -302,12 +302,12 @@ static u_int8_t group18_modulus[] = { 0x60,0xC9,0x80,0xDD,0x98,0xED,0xD3,0xDF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF, }; -typedef struct modulus_info_entry_t modulus_info_entry_t; +typedef struct modulus_entry_t modulus_entry_t; /** * Entry of the modulus list. */ -struct modulus_info_entry_t { +struct modulus_entry_t { /** * Group number as it is defined in file transform_substructure.h. */ @@ -321,7 +321,7 @@ struct modulus_info_entry_t { /* * Length of modulus in bytes. */ - size_t modulus_length; + size_t modulus_len; /* * Generator value. @@ -329,19 +329,18 @@ struct modulus_info_entry_t { u_int16_t generator; }; - /** * All supported modulus values. */ -static modulus_info_entry_t modulus_info_entries[] = { - {MODP_768_BIT,group1_modulus,sizeof(group1_modulus),2}, - {MODP_1024_BIT,group2_modulus,sizeof(group2_modulus),2}, - {MODP_1536_BIT,group5_modulus,sizeof(group5_modulus),2}, - {MODP_2048_BIT,group14_modulus,sizeof(group14_modulus),2}, - {MODP_3072_BIT,group15_modulus,sizeof(group15_modulus),2}, - {MODP_4096_BIT,group16_modulus,sizeof(group16_modulus),2}, - {MODP_6144_BIT,group17_modulus,sizeof(group17_modulus),2}, - {MODP_8192_BIT,group18_modulus,sizeof(group18_modulus),2}, +static modulus_entry_t modulus_entries[] = { + {MODP_768_BIT, group1_modulus, sizeof(group1_modulus), 2}, + {MODP_1024_BIT, group2_modulus, sizeof(group2_modulus), 2}, + {MODP_1536_BIT, group5_modulus, sizeof(group5_modulus), 2}, + {MODP_2048_BIT, group14_modulus, sizeof(group14_modulus), 2}, + {MODP_3072_BIT, group15_modulus, sizeof(group15_modulus), 2}, + {MODP_4096_BIT, group16_modulus, sizeof(group16_modulus), 2}, + {MODP_6144_BIT, group17_modulus, sizeof(group17_modulus), 2}, + {MODP_8192_BIT, group18_modulus, sizeof(group18_modulus), 2}, }; typedef struct private_diffie_hellman_t private_diffie_hellman_t; @@ -359,170 +358,133 @@ struct private_diffie_hellman_t { /** * Diffie Hellman group number. */ - u_int16_t dh_group_number; - - /** - * Modulus. - */ - mpz_t modulus; - - /** - * Modulus length. - */ - size_t modulus_length; + u_int16_t group; /* * Generator value. */ - u_int16_t generator; + mpz_t g; /** - * My private value . + * My private value. */ - mpz_t my_private_value; + mpz_t xa; /** * My public value. */ - mpz_t my_public_value; + mpz_t ya; /** * Other public value. */ - mpz_t other_public_value; + mpz_t yb; /** * Shared secret. */ - mpz_t shared_secret; + mpz_t zz; /** - * True if shared secret is computed and stored in my_public_value. - */ - bool shared_secret_is_computed; - - /** - * Sets the modulus for a specific diffie hellman group. - * - * @param this calling object - * @return - * SUCCESS if modulus could be found - * NOT_FOUND if modulus not supported + * Modulus. */ - status_t (*set_modulus) (private_diffie_hellman_t *this); + mpz_t p; /** - * Makes sure my public value is computed. - * - * @param this calling object + * Modulus length. */ - void (*compute_public_value) (private_diffie_hellman_t *this); + size_t p_len; /** - * Computes shared secret (other public value must be available). - * - * @param this calling object + * True if shared secret is computed and stored in my_public_value. */ - void (*compute_shared_secret) (private_diffie_hellman_t *this); + bool computed; }; /** - * Implementation of private_diffie_hellman_t.set_modulus. + * Implementation of diffie_hellman_t.set_other_public_value. */ -static status_t set_modulus(private_diffie_hellman_t *this) +static void set_other_public_value(private_diffie_hellman_t *this, chunk_t value) { - int i; - status_t status = NOT_FOUND; + mpz_t p_min_1; + + mpz_init(p_min_1); + mpz_sub_ui(p_min_1, this->p, 1); + + mpz_import(this->yb, value.len, 1, 1, 1, 0, value.ptr); - for (i = 0; i < (sizeof(modulus_info_entries) / sizeof(modulus_info_entry_t)); i++) + /* check public value: + * 1. 0 or 1 is invalid as 0^a = 0 and 1^a = 1 + * 2. a public value larger or equal the modulus is invalid */ + if (mpz_cmp_ui(this->yb, 1) > 0 || + mpz_cmp(this->yb, p_min_1) < 0) { - if (modulus_info_entries[i].group == this->dh_group_number) +#ifdef EXTENDED_DH_TEST + /* 3. test if y ^ q mod p = 1, where q = (p - 1)/2. */ + mpz_t q, one; + + mpz_init(q); + mpz_init(one); + mpz_fdiv_q_2exp(q, p_min_1, 1); + mpz_powm(one, this->yb, q, this->p); + mpz_clear(q); + if (mpz_cmp_ui(one, 1) == 0) { - chunk_t modulus_chunk; - modulus_chunk.ptr = modulus_info_entries[i].modulus; - modulus_chunk.len = modulus_info_entries[i].modulus_length; - mpz_import(this->modulus, modulus_chunk.len, 1, 1, 1, 0, modulus_chunk.ptr); - this->modulus_length = modulus_chunk.len; - this->generator = modulus_info_entries[i].generator; - status = SUCCESS; - break; + mpz_powm(this->zz, this->yb, this->xa, this->p); + this->computed = TRUE; + } + else + { + DBG1("public DH value verification failed: y ^ q mod p != 1"); } + mpz_clear(one); +#else + mpz_powm(this->zz, this->yb, this->xa, this->p); + this->computed = TRUE; +#endif } - return status; -} - -/** - * Implementation of diffie_hellman_t.set_other_public_value. - */ -static void set_other_public_value(private_diffie_hellman_t *this,chunk_t public_value) -{ - mpz_import(this->other_public_value, public_value.len, 1, 1, 1, 0, public_value.ptr); - this->compute_shared_secret(this); + else + { + DBG1("public DH value verification failed: y < 2 || y > p - 1 "); + } + mpz_clear(p_min_1); } /** * Implementation of diffie_hellman_t.get_other_public_value. */ -static status_t get_other_public_value(private_diffie_hellman_t *this,chunk_t *public_value) +static status_t get_other_public_value(private_diffie_hellman_t *this, + chunk_t *value) { - if (!this->shared_secret_is_computed) + if (!this->computed) { return FAILED; } - public_value->len = this->modulus_length; - public_value->ptr = mpz_export(NULL, NULL, 1, public_value->len, 1, 0, this->other_public_value); + value->len = this->p_len; + value->ptr = mpz_export(NULL, NULL, 1, value->len, 1, 0, this->yb); return SUCCESS; } -/** - * Implementation of private_diffie_hellman_t.compute_shared_secret. - */ -static void compute_shared_secret (private_diffie_hellman_t *this) -{ - /* initialize my public value */ - mpz_init(this->shared_secret); - /* calculate my public value */ - mpz_powm(this->shared_secret,this->other_public_value,this->my_private_value,this->modulus); - - this->shared_secret_is_computed = TRUE; -} - -/** - * Implementation of private_diffie_hellman_t.compute_public_value. - */ -static void compute_public_value (private_diffie_hellman_t *this) -{ - mpz_t generator; - /* initialize generator and set it*/ - mpz_init_set_ui (generator,this->generator); - /* initialize my public value */ - mpz_init(this->my_public_value); - /* calculate my public value */ - mpz_powm(this->my_public_value,generator,this->my_private_value,this->modulus); - /* generator not used anymore */ - mpz_clear(generator); -} - /** * Implementation of diffie_hellman_t.get_my_public_value. */ -static void get_my_public_value(private_diffie_hellman_t *this,chunk_t *public_value) +static void get_my_public_value(private_diffie_hellman_t *this,chunk_t *value) { - public_value->len = this->modulus_length; - public_value->ptr = mpz_export(NULL, NULL, 1, public_value->len, 1, 0, this->my_public_value); + value->len = this->p_len; + value->ptr = mpz_export(NULL, NULL, 1, value->len, 1, 0, this->ya); } /** * Implementation of diffie_hellman_t.get_shared_secret. */ -static status_t get_shared_secret(private_diffie_hellman_t *this,chunk_t *secret) +static status_t get_shared_secret(private_diffie_hellman_t *this, chunk_t *secret) { - if (!this->shared_secret_is_computed) + if (!this->computed) { return FAILED; } - secret->len = this->modulus_length; - secret->ptr = mpz_export(NULL, NULL, 1, secret->len, 1, 0, this->shared_secret); + secret->len = this->p_len; + secret->ptr = mpz_export(NULL, NULL, 1, secret->len, 1, 0, this->zz); return SUCCESS; } @@ -531,35 +493,57 @@ static status_t get_shared_secret(private_diffie_hellman_t *this,chunk_t *secret */ static diffie_hellman_group_t get_dh_group(private_diffie_hellman_t *this) { - return this->dh_group_number; + return this->group; } /** - * Implementation of diffie_hellman_t.destroy. + * Lookup the modulus in modulo table */ -static void destroy(private_diffie_hellman_t *this) +static status_t set_modulus(private_diffie_hellman_t *this) { - mpz_clear(this->modulus); - mpz_clear(this->my_private_value); - mpz_clear(this->my_public_value); - mpz_clear(this->other_public_value); - - if (this->shared_secret_is_computed) + int i; + status_t status = NOT_FOUND; + + for (i = 0; i < (sizeof(modulus_entries) / sizeof(modulus_entry_t)); i++) { - /* other public value gets initialized together with shared secret */ - mpz_clear(this->shared_secret); + if (modulus_entries[i].group == this->group) + { + chunk_t chunk; + chunk.ptr = modulus_entries[i].modulus; + chunk.len = modulus_entries[i].modulus_len; + mpz_import(this->p, chunk.len, 1, 1, 1, 0, chunk.ptr); + this->p_len = chunk.len; + mpz_set_ui(this->g, modulus_entries[i].generator); + status = SUCCESS; + break; + } } + return status; +} + +/** + * Implementation of diffie_hellman_t.destroy. + */ +static void destroy(private_diffie_hellman_t *this) +{ + mpz_clear(this->p); + mpz_clear(this->xa); + mpz_clear(this->ya); + mpz_clear(this->yb); + mpz_clear(this->zz); + mpz_clear(this->g); free(this); } /* * Described in header. */ -diffie_hellman_t *diffie_hellman_create(diffie_hellman_group_t dh_group_number) +diffie_hellman_t *diffie_hellman_create(diffie_hellman_group_t group) { private_diffie_hellman_t *this = malloc_thing(private_diffie_hellman_t); randomizer_t *randomizer; - chunk_t random_bytes; + chunk_t random; + status_t status; /* public functions */ this->public.get_shared_secret = (status_t (*)(diffie_hellman_t *, chunk_t *)) get_shared_secret; @@ -569,44 +553,37 @@ diffie_hellman_t *diffie_hellman_create(diffie_hellman_group_t dh_group_number) this->public.get_dh_group = (diffie_hellman_group_t (*)(diffie_hellman_t *)) get_dh_group; this->public.destroy = (void (*)(diffie_hellman_t *)) destroy; - /* private functions */ - this->set_modulus = set_modulus; - this->compute_public_value = compute_public_value; - this->compute_shared_secret = compute_shared_secret; - /* private variables */ - this->dh_group_number = dh_group_number; - mpz_init(this->modulus); - mpz_init(this->other_public_value); - mpz_init(this->my_private_value); + this->group = group; + mpz_init(this->p); + mpz_init(this->yb); + mpz_init(this->ya); + mpz_init(this->xa); + mpz_init(this->zz); + mpz_init(this->g); + + this->computed = FALSE; - /* set this->modulus */ - if (this->set_modulus(this) != SUCCESS) + /* find a modulus according to group */ + if (set_modulus(this) != SUCCESS) { - free(this); + destroy(this); return NULL; } randomizer = randomizer_create(); - if (randomizer == NULL) - { - free(this); - return NULL; - } - if (randomizer->allocate_pseudo_random_bytes(randomizer, this->modulus_length, &random_bytes) != SUCCESS) + status = randomizer->allocate_pseudo_random_bytes( + randomizer, this->p_len, &random); + randomizer->destroy(randomizer); + if (status != SUCCESS) { - randomizer->destroy(randomizer); - free(this); + destroy(this); return NULL; } + mpz_import(this->xa, random.len, 1, 1, 1, 0, random.ptr); + chunk_free(&random); - mpz_import(this->my_private_value, random_bytes.len, 1, 1, 1, 0, random_bytes.ptr); - chunk_free(&random_bytes); + mpz_powm(this->ya, this->g, this->xa, this->p); - randomizer->destroy(randomizer); - - this->compute_public_value(this); - - this->shared_secret_is_computed = FALSE; - - return &(this->public); + return &this->public; } + diff --git a/src/libstrongswan/crypto/diffie_hellman.h b/src/libstrongswan/crypto/diffie_hellman.h index 29a2ab45b..8cd06d60e 100644 --- a/src/libstrongswan/crypto/diffie_hellman.h +++ b/src/libstrongswan/crypto/diffie_hellman.h @@ -6,7 +6,7 @@ */ /* - * Copyright (C) 2005-2006 Martin Willi + * Copyright (C) 2005-2007 Martin Willi * Copyright (C) 2005 Jan Hutter * Hochschule fuer Technik Rapperswil * @@ -36,7 +36,7 @@ typedef struct diffie_hellman_t diffie_hellman_t; * * See IKEv2 RFC 3.3.2 and RFC 3526. * - * @ingroup transforms + * @ingroup crypto */ enum diffie_hellman_group_t { MODP_NONE = 0, @@ -56,76 +56,74 @@ enum diffie_hellman_group_t { extern enum_name_t *diffie_hellman_group_names; /** - * @brief Implementation of the widely used Diffie-Hellman algorithm. + * @brief Implementation of the Diffie-Hellman algorithm, as in RFC2631. * * @b Constructors: * - diffie_hellman_create() * - * @ingroup transforms + * @ingroup crypto */ struct diffie_hellman_t { /** * @brief Returns the shared secret of this diffie hellman exchange. * - * @warning Space for returned secret is allocated and must be + * Space for returned secret is allocated and must be * freed by the caller. * - * @param this calling diffie_hellman_t object - * @param[out] secret shared secret will be written into this chunk + * @param this calling object + * @param secret shared secret will be written into this chunk * @return - * - SUCCESS - * - FAILED if not both DH values are set + * - SUCCESS + * - FAILED if not both DH values are set */ status_t (*get_shared_secret) (diffie_hellman_t *this, chunk_t *secret); /** * @brief Sets the public value of partner. * - * chunk gets cloned and can be destroyed afterwards. + * Chunk gets cloned and can be destroyed afterwards. * - * @param this calling diffie_hellman_t object - * @param public_value public value of partner + * @param this calling object + * @param value public value of partner */ - void (*set_other_public_value) (diffie_hellman_t *this, chunk_t public_value); + void (*set_other_public_value) (diffie_hellman_t *this, chunk_t value); /** * @brief Gets the public value of partner. * - * @warning Space for returned chunk is allocated and must be - * freed by the caller. + * Space for returned chunk is allocated and must be freed by the caller. * - * @param this calling diffie_hellman_t object - * @param[out] public_value public value of partner is stored at this location + * @param this calling object + * @param value public value of partner is stored at this location * @return - * - SUCCESS - * - FAILED if other public value not set + * - SUCCESS + * - FAILED if other public value not set */ - status_t (*get_other_public_value) (diffie_hellman_t *this, chunk_t *public_value); + status_t (*get_other_public_value) (diffie_hellman_t *this, chunk_t *value); /** - * @brief Gets the public value of caller + * @brief Gets the own public value to transmit. * - * @warning Space for returned chunk is allocated and must be - * freed by the caller. + * Space for returned chunk is allocated and must be freed by the caller. * - * @param this calling diffie_hellman_t object - * @param[out] public_value public value of caller is stored at this location + * @param this calling object + * @param value public value of caller is stored at this location */ - void (*get_my_public_value) (diffie_hellman_t *this, chunk_t *public_value); + void (*get_my_public_value) (diffie_hellman_t *this, chunk_t *value); /** * @brief Get the DH group used. * - * @param this calling diffie_hellman_t object - * @return DH group set in construction + * @param this calling object + * @return DH group set in construction */ diffie_hellman_group_t (*get_dh_group) (diffie_hellman_t *this); /** * @brief Destroys an diffie_hellman_t object. * - * @param this diffie_hellman_t object to destroy + * @param this diffie_hellman_t object to destroy */ void (*destroy) (diffie_hellman_t *this); }; @@ -133,15 +131,14 @@ struct diffie_hellman_t { /** * @brief Creates a new diffie_hellman_t object. * - * The first diffie hellman public value gets automatically created. - * - * @param dh_group_number Diffie Hellman group number to use + * @param group Diffie Hellman group number to use * @return - * - diffie_hellman_t object - * - NULL if dh group not supported + * - diffie_hellman_t object + * - NULL if dh group not supported * - * @ingroup transforms + * @ingroup crypto */ -diffie_hellman_t *diffie_hellman_create(diffie_hellman_group_t dh_group_number); +diffie_hellman_t *diffie_hellman_create(diffie_hellman_group_t group); #endif /*DIFFIE_HELLMAN_H_*/ + diff --git a/src/libstrongswan/crypto/hashers/hasher.c b/src/libstrongswan/crypto/hashers/hasher.c index 7fa6346d6..14bfb022f 100644 --- a/src/libstrongswan/crypto/hashers/hasher.c +++ b/src/libstrongswan/crypto/hashers/hasher.c @@ -19,17 +19,21 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. + * + * RCSID $Id: hasher.c 3304 2007-10-12 23:18:42Z andreas $ */ #include "hasher.h" +#include #include #include #include -ENUM(hash_algorithm_names, HASH_MD2, HASH_SHA512, +ENUM(hash_algorithm_names, HASH_UNKNOWN, HASH_SHA512, + "HASH_UNKNOWN", "HASH_MD2", "HASH_MD5", "HASH_SHA1", @@ -63,3 +67,76 @@ hasher_t *hasher_create(hash_algorithm_t hash_algorithm) return NULL; } } + +/* + * Described in header. + */ +hash_algorithm_t hasher_algorithm_from_oid(int oid) +{ + hash_algorithm_t algorithm; + + switch (oid) + { + case OID_MD2: + case OID_MD2_WITH_RSA: + algorithm = HASH_MD2; + break; + case OID_MD5: + case OID_MD5_WITH_RSA: + algorithm = HASH_MD5; + break; + case OID_SHA1: + case OID_SHA1_WITH_RSA: + algorithm = HASH_SHA1; + break; + case OID_SHA256: + case OID_SHA256_WITH_RSA: + algorithm = HASH_SHA256; + break; + case OID_SHA384: + case OID_SHA384_WITH_RSA: + algorithm = HASH_SHA384; + break; + case OID_SHA512: + case OID_SHA512_WITH_RSA: + algorithm = HASH_SHA512; + break; + default: + algorithm = HASH_UNKNOWN; + } + return algorithm; +} + +/* + * Described in header. + */ +int hasher_signature_algorithm_to_oid(hash_algorithm_t alg) +{ + int oid; + + switch (alg) + { + case HASH_MD2: + oid = OID_MD2_WITH_RSA; + break; + case HASH_MD5: + oid = OID_MD5_WITH_RSA; + break; + case HASH_SHA1: + oid = OID_SHA1_WITH_RSA; + break; + case HASH_SHA256: + oid = OID_SHA256_WITH_RSA; + break; + case HASH_SHA384: + oid = OID_SHA384_WITH_RSA; + break; + case HASH_SHA512: + oid = OID_SHA512_WITH_RSA; + break; + default: + oid = OID_UNKNOWN; + } + return oid; +} + diff --git a/src/libstrongswan/crypto/hashers/hasher.h b/src/libstrongswan/crypto/hashers/hasher.h index 6c17f892d..48b904576 100644 --- a/src/libstrongswan/crypto/hashers/hasher.h +++ b/src/libstrongswan/crypto/hashers/hasher.h @@ -19,6 +19,8 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. + * + * RCSID $Id: hasher.h 3307 2007-10-17 02:56:24Z andreas $ */ #ifndef HASHER_H_ @@ -42,17 +44,18 @@ typedef struct hasher_t hasher_t; * @ingroup hashers */ enum hash_algorithm_t { - HASH_MD2 = 0, + HASH_UNKNOWN = 0, + HASH_MD2 = 1, /** Implemented in class md5_hasher_t */ - HASH_MD5 = 1, + HASH_MD5 = 2, /** Implemented in class sha1_hasher_t */ - HASH_SHA1 = 2, + HASH_SHA1 = 3, /** Implemented in class sha2_hasher_t */ - HASH_SHA256 = 3, + HASH_SHA256 = 4, /** Implemented in class sha2_hasher_t */ - HASH_SHA384 = 4, + HASH_SHA384 = 5, /** Implemented in class sha2_hasher_t */ - HASH_SHA512 = 5, + HASH_SHA512 = 6, }; #define HASH_SIZE_MD2 16 @@ -68,7 +71,6 @@ enum hash_algorithm_t { */ extern enum_name_t *hash_algorithm_names; - /** * @brief Generic interface for all hash functions. * @@ -82,7 +84,7 @@ struct hasher_t { * @brief Hash data and write it in the buffer. * * If the parameter hash is NULL, no result is written back - * an more data can be appended to already hashed data. + * and more data can be appended to already hashed data. * If not, the result is written back and the hasher is reset. * * The hash output parameter must hold at least @@ -98,7 +100,7 @@ struct hasher_t { * @brief Hash data and allocate space for the hash. * * If the parameter hash is NULL, no result is written back - * an more data can be appended to already hashed data. + * and more data can be appended to already hashed data. * If not, the result is written back and the hasher is reset. * * @param this calling object @@ -156,4 +158,28 @@ struct hasher_t { */ hasher_t *hasher_create(hash_algorithm_t hash_algorithm); +/** + * @brief Conversion of ASN.1 OID to hash algorithm. + * + * @param oid ASN.1 OID + * @return + * - hash algorithm + * - HASH_UNKNOWN if OID unsuported + * + * @ingroup hashers + */ +hash_algorithm_t hasher_algorithm_from_oid(int oid); + +/** + * @brief Conversion of hash signature algorithm ASN.1 OID. + * + * @param alg hash algorithm + * @return + * - ASN.1 OID if known hash algorithm + * - OID_UNKNOW + * + * @ingroup hashers + */ +int hasher_signature_algorithm_to_oid(hash_algorithm_t alg); + #endif /* HASHER_H_ */ diff --git a/src/libstrongswan/crypto/hmac.h b/src/libstrongswan/crypto/hmac.h index d320bc5aa..06b75aaf9 100644 --- a/src/libstrongswan/crypto/hmac.h +++ b/src/libstrongswan/crypto/hmac.h @@ -42,7 +42,7 @@ typedef struct hmac_t hmac_t; * @b Constructors: * - hmac_create() * - * @ingroup transforms + * @ingroup crypto */ struct hmac_t { /** diff --git a/src/libstrongswan/crypto/ietf_attr_list.c b/src/libstrongswan/crypto/ietf_attr_list.c new file mode 100644 index 000000000..1ecadf679 --- /dev/null +++ b/src/libstrongswan/crypto/ietf_attr_list.c @@ -0,0 +1,405 @@ +/** + * @file ietf_attr.c + * + * @brief Implementation of ietfAttr_t. + * + */ + +/* + * Copyright (C) 2007 Andreas Steffen, Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include +#include + +#include +#include +#include + +#include "ietf_attr_list.h" + +/** + * Private definition of ietfAttribute kinds + */ +typedef enum { + IETF_ATTRIBUTE_OCTETS = 0, + IETF_ATTRIBUTE_OID = 1, + IETF_ATTRIBUTE_STRING = 2 +} ietfAttribute_t; + +typedef struct ietfAttr_t ietfAttr_t; + +/** + * Private definition of an ietfAttribute + */ +struct ietfAttr_t { + /** + * IETF attribute kind + */ + ietfAttribute_t kind; + + /** + * IETF attribute valuse + */ + chunk_t value; + + /** + * Compares two ietfAttributes + * + * return -1 if this is earlier in the alphabet than other + * return 0 if this equals other + * return +1 if this is later in the alphabet than other + * + * @param this calling object + * @param other other object + */ + int (*compare) (const ietfAttr_t *this ,const ietfAttr_t *other); + + /** + * Destroys the ietfAttr_t object. + * + * @param this ietfAttr_t to destroy + */ + void (*destroy) (ietfAttr_t *this); +}; + +/** + * Implements ietfAttr_t.compare. + */ +static int ietfAttr_compare(const ietfAttr_t *this ,const ietfAttr_t *other) +{ + int cmp_len, len, cmp_value; + + /* OID attributes are appended after STRING and OCTETS attributes */ + if (this->kind != IETF_ATTRIBUTE_OID && other->kind == IETF_ATTRIBUTE_OID) + { + return -1; + } + if (this->kind == IETF_ATTRIBUTE_OID && other->kind != IETF_ATTRIBUTE_OID) + { + return 1; + } + + cmp_len = this->value.len - other->value.len; + len = (cmp_len < 0)? this->value.len : other->value.len; + cmp_value = memcmp(this->value.ptr, other->value.ptr, len); + + return (cmp_value == 0)? cmp_len : cmp_value; +} + +/** + * Implements ietfAttr_t.destroy. + */ +static void ietfAttr_destroy(ietfAttr_t *this) +{ + free(this->value.ptr); + free(this); +} + +/** + * Creates an ietfAttr_t object. + */ +static ietfAttr_t *ietfAttr_create(ietfAttribute_t kind, chunk_t value) +{ + ietfAttr_t *this = malloc_thing(ietfAttr_t); + + /* initialize */ + this->kind = kind; + this->value = chunk_clone(value); + + /* function */ + this->compare = ietfAttr_compare; + this->destroy = ietfAttr_destroy; + + return this; +} + +/** + * Adds an ietfAttr_t object to a sorted linked list + */ +static void ietfAttr_add(linked_list_t *list, ietfAttr_t *attr) +{ + iterator_t *iterator = list->create_iterator(list, TRUE); + ietfAttr_t *current_attr; + bool found = FALSE; + + while (iterator->iterate(iterator, (void **)¤t_attr)) + { + int cmp = attr->compare(attr, current_attr); + + if (cmp > 0) + { + continue; + } + if (cmp == 0) + { + attr->destroy(attr); + } + else + { + iterator->insert_before(iterator, attr); + } + found = TRUE; + break; + } + iterator->destroy(iterator); + if (!found) + { + list->insert_last(list, attr); + } +} + +/* + * Described in header. + */ +bool ietfAttr_list_equals(linked_list_t *list_a, linked_list_t *list_b) +{ + bool result = TRUE; + + /* lists must have the same number of attributes */ + if (list_a->get_count(list_a) != list_b->get_count(list_b)) + { + return FALSE; + } + /* empty lists - no attributes */ + if (list_a->get_count(list_a) == 0) + { + return TRUE; + } + + /* compare two alphabetically-sorted lists */ + { + iterator_t *iterator_a = list_a->create_iterator(list_a, TRUE); + iterator_t *iterator_b = list_b->create_iterator(list_b, TRUE); + ietfAttr_t *attr_a, *attr_b; + + while (iterator_a->iterate(iterator_a, (void **)&attr_a) && + iterator_b->iterate(iterator_b, (void **)&attr_b)) + { + if (attr_a->compare(attr_a, attr_b) != 0) + { + /* we have a mismatch */ + result = FALSE; + break; + } + } + iterator_a->destroy(iterator_a); + iterator_b->destroy(iterator_b); + } + return result; +} + +/* + * Described in header. + */ +void ietfAttr_list_list(linked_list_t *list, FILE *out) +{ + iterator_t *iterator = list->create_iterator(list, TRUE); + ietfAttr_t *attr; + bool first = TRUE; + + while (iterator->iterate(iterator, (void **)&attr)) + { + if (first) + { + first = FALSE; + } + else + { + fprintf(out, ", "); + } + + switch (attr->kind) + { + case IETF_ATTRIBUTE_OCTETS: + case IETF_ATTRIBUTE_STRING: + fprintf(out, "%.*s", (int)attr->value.len, attr->value.ptr); + break; + case IETF_ATTRIBUTE_OID: + { + int oid = known_oid(attr->value); + + if (oid == OID_UNKNOWN) + { + fprintf(out, "0x#B", &attr->value); + } + else + { + fprintf(out, "%s", oid_names[oid]); + } + } + break; + default: + break; + } + } + iterator->destroy(iterator); +} + +/* + * Described in header. + */ +void ietfAttr_list_create_from_string(char *msg, linked_list_t *list) +{ + chunk_t line = { msg, strlen(msg) }; + + while (eat_whitespace(&line)) + { + chunk_t group; + + /* extract the next comma-separated group attribute */ + if (!extract_token(&group, ',', &line)) + { + group = line; + line.len = 0; + } + + /* remove any trailing spaces */ + while (group.len > 0 && *(group.ptr + group.len - 1) == ' ') + { + group.len--; + } + + /* add the group attribute to the list */ + if (group.len > 0) + { + ietfAttr_t *attr = ietfAttr_create(IETF_ATTRIBUTE_STRING, group); + + ietfAttr_add(list, attr); + } + } +} + +/** + * ASN.1 definition of ietfAttrSyntax + */ +static const asn1Object_t ietfAttrSyntaxObjects[] = +{ + { 0, "ietfAttrSyntax", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */ + { 1, "policyAuthority", ASN1_CONTEXT_C_0, ASN1_OPT | + ASN1_BODY }, /* 1 */ + { 1, "end opt", ASN1_EOC, ASN1_END }, /* 2 */ + { 1, "values", ASN1_SEQUENCE, ASN1_LOOP }, /* 3 */ + { 2, "octets", ASN1_OCTET_STRING, ASN1_OPT | + ASN1_BODY }, /* 4 */ + { 2, "end choice", ASN1_EOC, ASN1_END }, /* 5 */ + { 2, "oid", ASN1_OID, ASN1_OPT | + ASN1_BODY }, /* 6 */ + { 2, "end choice", ASN1_EOC, ASN1_END }, /* 7 */ + { 2, "string", ASN1_UTF8STRING, ASN1_OPT | + ASN1_BODY }, /* 8 */ + { 2, "end choice", ASN1_EOC, ASN1_END }, /* 9 */ + { 1, "end loop", ASN1_EOC, ASN1_END } /* 10 */ +}; + +#define IETF_ATTR_OCTETS 4 +#define IETF_ATTR_OID 6 +#define IETF_ATTR_STRING 8 +#define IETF_ATTR_ROOF 11 + +/* + * Described in header. + */ +void ietfAttr_list_create_from_chunk(chunk_t chunk, linked_list_t *list, int level0) +{ + asn1_ctx_t ctx; + chunk_t object; + u_int level; + int objectID = 0; + + asn1_init(&ctx, chunk, level0, FALSE, FALSE); + + while (objectID < IETF_ATTR_ROOF) + { + if (!extract_object(ietfAttrSyntaxObjects, &objectID, &object, &level, &ctx)) + { + return; + } + + switch (objectID) + { + case IETF_ATTR_OCTETS: + case IETF_ATTR_OID: + case IETF_ATTR_STRING: + { + ietfAttribute_t kind = (objectID - IETF_ATTR_OCTETS) / 2; + ietfAttr_t *attr = ietfAttr_create(kind, object); + ietfAttr_add(list, attr); + } + break; + default: + break; + } + objectID++; + } +} + +/* + * Described in header. + */ +chunk_t ietfAttr_list_encode(linked_list_t *list) +{ + chunk_t ietfAttributes; + size_t size = 0; + u_char *pos; + iterator_t *iterator = list->create_iterator(list, TRUE); + ietfAttr_t *attr; + + /* precalculate the total size of all values */ + while (iterator->iterate(iterator, (void **)&attr)) + { + size_t len = attr->value.len; + + size += 1 + (len > 0) + (len >= 128) + (len >= 256) + (len >= 65536) + len; + } + iterator->destroy(iterator); + + pos = build_asn1_object(&ietfAttributes, ASN1_SEQUENCE, size); + + iterator = list->create_iterator(list, TRUE); + while (iterator->iterate(iterator, (void **)&attr)) + { + chunk_t ietfAttribute; + asn1_t type = ASN1_NULL; + + switch (attr->kind) + { + case IETF_ATTRIBUTE_OCTETS: + type = ASN1_OCTET_STRING; + break; + case IETF_ATTRIBUTE_STRING: + type = ASN1_UTF8STRING; + break; + case IETF_ATTRIBUTE_OID: + type = ASN1_OID; + break; + } + ietfAttribute = asn1_simple_object(type, attr->value); + + /* copy ietfAttribute into ietfAttributes chunk */ + memcpy(pos, ietfAttribute.ptr, ietfAttribute.len); + pos += ietfAttribute.len; + free(ietfAttribute.ptr); + } + iterator->destroy(iterator); + + return asn1_wrap(ASN1_SEQUENCE, "m", ietfAttributes); +} + +/* + * Described in header. + */ +void ietfAttr_list_destroy(linked_list_t *list) +{ + list->destroy_offset(list, offsetof(ietfAttr_t, destroy)); +} diff --git a/src/libstrongswan/crypto/ietf_attr_list.h b/src/libstrongswan/crypto/ietf_attr_list.h new file mode 100644 index 000000000..75407bbf6 --- /dev/null +++ b/src/libstrongswan/crypto/ietf_attr_list.h @@ -0,0 +1,89 @@ +/** + * @file ietf_attr_list.h + * + * @brief Handling of ietfAttr_t linked lists + * + */ + +/* + * Copyright (C) 2007 Andreas Steffen + * + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#ifndef IETF_ATTR_LIST_H_ +#define IETF_ATTR_LIST_H_ + +#include +#include + + +/** + * @brief Compare two linked lists of ietfAttr_t objects for equality + * + * @param list_a first alphabetically-sorted list + * @param list_b second alphabetically-sorted list + * @return TRUE if equal + * + * @ingroup crypto + */ +bool ietfAttr_list_equals(linked_list_t *list_a, linked_list_t *list_b); + +/** + * @brief Lists a linked list of ietfAttr_t objects + * + * @param list alphabetically-sorted linked list of attributes + @param out output file + * + * @ingroup crypto + */ +void ietfAttr_list_list(linked_list_t *list, FILE *out); + +/** + * @brief Create a linked list of ietfAttr_t objects from a string + * + * @param msg string with comma-separated group names + * @param list alphabetically-sorted linked list of attributes + * + * @ingroup crypto + */ +void ietfAttr_list_create_from_string(char *msg, linked_list_t *list); + +/** + * @brief Create a linked list of ietfAttr_t objects from an ASN.1-coded chunk + * + * @param chunk chunk containing ASN.1-coded attributes + * @param list alphabetically-sorted linked list of attributes + * @param level0 parsing level + */ +void ietfAttr_list_create_from_chunk(chunk_t chunk, linked_list_t *list, int level0); + +/** + * @brief Encode a linked list of ietfAttr_t objects into an ASN.1-coded chunk + * + * @param list alphabetically-sorted linked list of attributes + * @return chunk containing ASN.1-coded attributes + */ +chunk_t ietfAttr_list_encode(linked_list_t *list); + +/** + * @brief Destroys a linked list of ietfAttr_t objects + * + * @param list list to be destroyed + * + * @ingroup crypto + */ +void ietfAttr_list_destroy(linked_list_t *list); + +#endif /* IETF_ATTR_LIST_H_ */ + diff --git a/src/libstrongswan/crypto/ocsp.c b/src/libstrongswan/crypto/ocsp.c index 0d8093e4a..e4d907188 100644 --- a/src/libstrongswan/crypto/ocsp.c +++ b/src/libstrongswan/crypto/ocsp.c @@ -466,11 +466,11 @@ static chunk_t ocsp_build_request(private_ocsp_t *this) static bool ocsp_parse_basic_response(chunk_t blob, int level0, response_t *res) { u_int level, version; - u_int extn_oid = OID_UNKNOWN; asn1_ctx_t ctx; bool critical; chunk_t object; int objectID = 0; + int extn_oid = OID_UNKNOWN; asn1_init(&ctx, blob, level0, FALSE, FALSE); @@ -546,9 +546,8 @@ static response_status ocsp_parse_response(response_t *res) chunk_t object; u_int level; int objectID = 0; - + int ocspResponseType = OID_UNKNOWN; response_status rStatus = STATUS_INTERNALERROR; - u_int ocspResponseType = OID_UNKNOWN; asn1_init(&ctx, res->chunk, 0, FALSE, FALSE); @@ -615,6 +614,13 @@ static bool ocsp_valid_response(response_t *res, x509_t *ocsp_cert) rsa_public_key_t *public_key; time_t until = UNDEFINED_TIME; err_t ugh; + hash_algorithm_t algorithm = hasher_algorithm_from_oid(res->algorithm); + + if (algorithm == HASH_UNKNOWN) + { + DBG1("unknown signature algorithm"); + return FALSE; + } DBG2("verifying ocsp response signature:"); DBG2("signer: '%D'", ocsp_cert->get_subject(ocsp_cert)); @@ -627,8 +633,8 @@ static bool ocsp_valid_response(response_t *res, x509_t *ocsp_cert) return FALSE; } public_key = ocsp_cert->get_public_key(ocsp_cert); - - return public_key->verify_emsa_pkcs1_signature(public_key, res->tbs, res->signature) == SUCCESS; + + return public_key->verify_emsa_pkcs1_signature(public_key, algorithm, res->tbs, res->signature) == SUCCESS; } /** diff --git a/src/libstrongswan/crypto/pkcs7.c b/src/libstrongswan/crypto/pkcs7.c new file mode 100644 index 000000000..70510471a --- /dev/null +++ b/src/libstrongswan/crypto/pkcs7.c @@ -0,0 +1,710 @@ +/** + * @file pkcs7.c + * + * @brief Implementation of pkcs7_t. + * + */ + +/* + * Copyright (C) 2005 Jan Hutter, Martin Willi + * Copyright (C) 2002-2005 Andreas Steffen + * Hochschule fuer Technik Rapperswil, Switzerland + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + * + * RCSID $Id: pkcs7.c 3302 2007-10-12 21:57:20Z andreas $ + */ + +#include +#include + +#include +#include "debug.h" + +#include +#include +#include +#include +#include +#include + +#include "pkcs7.h" + +typedef struct private_pkcs7_t private_pkcs7_t; + +/** + * Private data of a pkcs7_t object. + */ +struct private_pkcs7_t { + /** + * Public interface for this certificate. + */ + pkcs7_t public; + + /** + * contentInfo type + */ + int type; + + /** + * ASN.1 encoded content + */ + chunk_t content; + + /** + * Has the content already been parsed? + */ + bool parsed; + + /** + * ASN.1 parsing start level + */ + u_int level; + + /** + * retrieved data + */ + chunk_t data; + + /** + * ASN.1 encoded attributes + */ + chunk_t attributes; + + /** + * Linked list of X.509 certificates + */ + linked_list_t *certs; +}; + +/** + * ASN.1 definition of the PKCS#7 ContentInfo type + */ +static const asn1Object_t contentInfoObjects[] = { + { 0, "contentInfo", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */ + { 1, "contentType", ASN1_OID, ASN1_BODY }, /* 1 */ + { 1, "content", ASN1_CONTEXT_C_0, ASN1_OPT | + ASN1_BODY }, /* 2 */ + { 1, "end opt", ASN1_EOC, ASN1_END } /* 3 */ +}; + +#define PKCS7_INFO_TYPE 1 +#define PKCS7_INFO_CONTENT 2 +#define PKCS7_INFO_ROOF 4 + +/** + * ASN.1 definition of the PKCS#7 signedData type + */ +static const asn1Object_t signedDataObjects[] = { + { 0, "signedData", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */ + { 1, "version", ASN1_INTEGER, ASN1_BODY }, /* 1 */ + { 1, "digestAlgorithms", ASN1_SET, ASN1_LOOP }, /* 2 */ + { 2, "algorithm", ASN1_EOC, ASN1_RAW }, /* 3 */ + { 1, "end loop", ASN1_EOC, ASN1_END }, /* 4 */ + { 1, "contentInfo", ASN1_EOC, ASN1_RAW }, /* 5 */ + { 1, "certificates", ASN1_CONTEXT_C_0, ASN1_OPT | + ASN1_LOOP }, /* 6 */ + { 2, "certificate", ASN1_SEQUENCE, ASN1_OBJ }, /* 7 */ + { 1, "end opt or loop", ASN1_EOC, ASN1_END }, /* 8 */ + { 1, "crls", ASN1_CONTEXT_C_1, ASN1_OPT | + ASN1_LOOP }, /* 9 */ + { 2, "crl", ASN1_SEQUENCE, ASN1_OBJ }, /* 10 */ + { 1, "end opt or loop", ASN1_EOC, ASN1_END }, /* 11 */ + { 1, "signerInfos", ASN1_SET, ASN1_LOOP }, /* 12 */ + { 2, "signerInfo", ASN1_SEQUENCE, ASN1_NONE }, /* 13 */ + { 3, "version", ASN1_INTEGER, ASN1_BODY }, /* 14 */ + { 3, "issuerAndSerialNumber", ASN1_SEQUENCE, ASN1_BODY }, /* 15 */ + { 4, "issuer", ASN1_SEQUENCE, ASN1_OBJ }, /* 16 */ + { 4, "serial", ASN1_INTEGER, ASN1_BODY }, /* 17 */ + { 3, "digestAlgorithm", ASN1_EOC, ASN1_RAW }, /* 18 */ + { 3, "authenticatedAttributes", ASN1_CONTEXT_C_0, ASN1_OPT | + ASN1_OBJ }, /* 19 */ + { 3, "end opt", ASN1_EOC, ASN1_END }, /* 20 */ + { 3, "digestEncryptionAlgorithm", ASN1_EOC, ASN1_RAW }, /* 21 */ + { 3, "encryptedDigest", ASN1_OCTET_STRING, ASN1_BODY }, /* 22 */ + { 3, "unauthenticatedAttributes", ASN1_CONTEXT_C_1, ASN1_OPT }, /* 23 */ + { 3, "end opt", ASN1_EOC, ASN1_END }, /* 24 */ + { 1, "end loop", ASN1_EOC, ASN1_END } /* 25 */ +}; + +#define PKCS7_DIGEST_ALG 3 +#define PKCS7_SIGNED_CONTENT_INFO 5 +#define PKCS7_SIGNED_CERT 7 +#define PKCS7_SIGNER_INFO 13 +#define PKCS7_SIGNED_ISSUER 16 +#define PKCS7_SIGNED_SERIAL_NUMBER 17 +#define PKCS7_DIGEST_ALGORITHM 18 +#define PKCS7_AUTH_ATTRIBUTES 19 +#define PKCS7_DIGEST_ENC_ALGORITHM 21 +#define PKCS7_ENCRYPTED_DIGEST 22 +#define PKCS7_SIGNED_ROOF 26 + +/** + * ASN.1 definition of the PKCS#7 envelopedData type + */ +static const asn1Object_t envelopedDataObjects[] = { + { 0, "envelopedData", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */ + { 1, "version", ASN1_INTEGER, ASN1_BODY }, /* 1 */ + { 1, "recipientInfos", ASN1_SET, ASN1_LOOP }, /* 2 */ + { 2, "recipientInfo", ASN1_SEQUENCE, ASN1_BODY }, /* 3 */ + { 3, "version", ASN1_INTEGER, ASN1_BODY }, /* 4 */ + { 3, "issuerAndSerialNumber", ASN1_SEQUENCE, ASN1_BODY }, /* 5 */ + { 4, "issuer", ASN1_SEQUENCE, ASN1_OBJ }, /* 6 */ + { 4, "serial", ASN1_INTEGER, ASN1_BODY }, /* 7 */ + { 3, "encryptionAlgorithm", ASN1_EOC, ASN1_RAW }, /* 8 */ + { 3, "encryptedKey", ASN1_OCTET_STRING, ASN1_BODY }, /* 9 */ + { 1, "end loop", ASN1_EOC, ASN1_END }, /* 10 */ + { 1, "encryptedContentInfo", ASN1_SEQUENCE, ASN1_OBJ }, /* 11 */ + { 2, "contentType", ASN1_OID, ASN1_BODY }, /* 12 */ + { 2, "contentEncryptionAlgorithm", ASN1_EOC, ASN1_RAW }, /* 13 */ + { 2, "encryptedContent", ASN1_CONTEXT_S_0, ASN1_BODY } /* 14 */ +}; + +#define PKCS7_ENVELOPED_VERSION 1 +#define PKCS7_RECIPIENT_INFO_VERSION 4 +#define PKCS7_ISSUER 6 +#define PKCS7_SERIAL_NUMBER 7 +#define PKCS7_ENCRYPTION_ALG 8 +#define PKCS7_ENCRYPTED_KEY 9 +#define PKCS7_CONTENT_TYPE 12 +#define PKCS7_CONTENT_ENC_ALGORITHM 13 +#define PKCS7_ENCRYPTED_CONTENT 14 +#define PKCS7_ENVELOPED_ROOF 15 + +/** + * PKCS7 contentInfo OIDs + */ +static u_char ASN1_pkcs7_data_oid_str[] = { + 0x06, 0x09, + 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x01 +}; + +static u_char ASN1_pkcs7_signed_data_oid_str[] = { + 0x06, 0x09, + 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x02 +}; + +static u_char ASN1_pkcs7_enveloped_data_oid_str[] = { + 0x06, 0x09, + 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x03 +}; + +static u_char ASN1_pkcs7_signed_enveloped_data_oid_str[] = { + 0x06, 0x09, + 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x04 +}; + +static u_char ASN1_pkcs7_digested_data_oid_str[] = { + 0x06, 0x09, + 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x05 +}; + +static char ASN1_pkcs7_encrypted_data_oid_str[] = { + 0x06, 0x09, + 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x06 +}; + +static const chunk_t ASN1_pkcs7_data_oid = + chunk_from_buf(ASN1_pkcs7_data_oid_str); +static const chunk_t ASN1_pkcs7_signed_data_oid = + chunk_from_buf(ASN1_pkcs7_signed_data_oid_str); +static const chunk_t ASN1_pkcs7_enveloped_data_oid = + chunk_from_buf(ASN1_pkcs7_enveloped_data_oid_str); +static const chunk_t ASN1_pkcs7_signed_enveloped_data_oid = + chunk_from_buf(ASN1_pkcs7_signed_enveloped_data_oid_str); +static const chunk_t ASN1_pkcs7_digested_data_oid = + chunk_from_buf(ASN1_pkcs7_digested_data_oid_str); +static const chunk_t ASN1_pkcs7_encrypted_data_oid = + chunk_from_buf(ASN1_pkcs7_encrypted_data_oid_str); + +/** + * 3DES and DES encryption OIDs + */ +static u_char ASN1_3des_ede_cbc_oid_str[] = { + 0x06, 0x08, + 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x03, 0x07 +}; + +static u_char ASN1_des_cbc_oid_str[] = { + 0x06, 0x05, + 0x2B, 0x0E, 0x03, 0x02, 0x07 +}; + +static const chunk_t ASN1_3des_ede_cbc_oid = + chunk_from_buf(ASN1_3des_ede_cbc_oid_str); +static const chunk_t ASN1_des_cbc_oid = + chunk_from_buf(ASN1_des_cbc_oid_str); + +/** + * PKCS#7 attribute type OIDs + */ +static u_char ASN1_contentType_oid_str[] = { + 0x06, 0x09, + 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x03 +}; + +static u_char ASN1_messageDigest_oid_str[] = { + 0x06, 0x09, + 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x04 +}; + +static const chunk_t ASN1_contentType_oid = + chunk_from_buf(ASN1_contentType_oid_str); +static const chunk_t ASN1_messageDigest_oid = + chunk_from_buf(ASN1_messageDigest_oid_str); + +/** + * Implements pkcs7_t.is_signedData. + */ +static bool is_data(private_pkcs7_t *this) +{ + return this->type == OID_PKCS7_DATA; +} + +/** + * Implements pkcs7_t.is_signedData. + */ +static bool is_signedData(private_pkcs7_t *this) +{ + return this->type == OID_PKCS7_SIGNED_DATA; +} + +/** + * Implements pkcs7_t.is_signedData. + */ +static bool is_envelopedData(private_pkcs7_t *this) +{ + return this->type == OID_PKCS7_ENVELOPED_DATA; +} + +/** + * Check whether to abort the requested parsing + */ +static bool abort_parsing(private_pkcs7_t *this, int type) +{ + if (this->type != type) + { + DBG1("pkcs7 content to be parsed is not of type '%s'", + oid_names[type]); + return TRUE; + } + if (this->parsed) + { + DBG1("pkcs7 content has already been parsed"); + return TRUE; + } + this->parsed = TRUE; + return FALSE; +} + +/** + * Implements pkcs7_t.parse_data. + */ +static bool parse_data(private_pkcs7_t *this) +{ + chunk_t data = this->content; + + if (abort_parsing(this, OID_PKCS7_DATA)) + { + return FALSE; + } + if (parse_asn1_simple_object(&data, ASN1_OCTET_STRING, this->level, "data")) + { + this->data = chunk_clone(data); + return TRUE; + } + else + { + return FALSE; + } +} + +/** + * Parse PKCS#7 signedData content + */ +static bool parse_signedData(private_pkcs7_t *this, x509_t *cacert) +{ + asn1_ctx_t ctx; + chunk_t object; + u_int level; + int objectID = 0; + + int digest_alg = OID_UNKNOWN; + int enc_alg = OID_UNKNOWN; + int signerInfos = 0; + + chunk_t encrypted_digest = chunk_empty; + + if (abort_parsing(this, OID_PKCS7_SIGNED_DATA)) + { + return FALSE; + } + + asn1_init(&ctx, this->content, this->level, FALSE, FALSE); + + while (objectID < PKCS7_SIGNED_ROOF) + { + if (!extract_object(signedDataObjects, &objectID, &object, &level, &ctx)) + { + return FALSE; + } + + switch (objectID) + { + case PKCS7_DIGEST_ALG: + digest_alg = parse_algorithmIdentifier(object, level, NULL); + break; + case PKCS7_SIGNED_CONTENT_INFO: + this->data = chunk_clone(object); + break; + case PKCS7_SIGNED_CERT: + { + x509_t *cert = x509_create_from_chunk(object, level+1); + + if (cert) + { + this->certs->insert_last(this->certs, (void*)cert); + } + } + break; + case PKCS7_SIGNER_INFO: + signerInfos++; + DBG2(" signer #%d", signerInfos); + break; + case PKCS7_SIGNED_ISSUER: + { + identification_t *issuer; + + issuer = identification_create_from_encoding(ID_DER_ASN1_DN, object); + DBG2(" '%D'", issuer); + issuer->destroy(issuer); + } + break; + case PKCS7_AUTH_ATTRIBUTES: + this->attributes = object; + *this->attributes.ptr = ASN1_SET; + break; + case PKCS7_DIGEST_ALGORITHM: + digest_alg = parse_algorithmIdentifier(object, level, NULL); + break; + case PKCS7_DIGEST_ENC_ALGORITHM: + enc_alg = parse_algorithmIdentifier(object, level, NULL); + break; + case PKCS7_ENCRYPTED_DIGEST: + encrypted_digest = object; + } + objectID++; + } + + /* check the signature only if a cacert is available */ + if (cacert != NULL) + { + rsa_public_key_t *signer = cacert->get_public_key(cacert); + hash_algorithm_t algorithm = hasher_algorithm_from_oid(digest_alg); + + if (signerInfos == 0) + { + DBG1("no signerInfo object found"); + return FALSE; + } + else if (signerInfos > 1) + { + DBG1("more than one signerInfo object found"); + return FALSE; + } + if (this->attributes.ptr == NULL) + { + DBG1("no authenticatedAttributes object found"); + return FALSE; + } + if (enc_alg != OID_RSA_ENCRYPTION) + { + DBG1("only RSA digest encryption supported"); + return FALSE; + } + if (signer->verify_emsa_pkcs1_signature(signer, algorithm, + this->attributes, encrypted_digest) != SUCCESS) + { + DBG1("invalid digest signature"); + return FALSE; + } + else + { + DBG2("digest signature is valid"); + } + } + return TRUE; +} + +/** + * Parse PKCS#7 envelopedData content + */ +static bool parse_envelopedData(private_pkcs7_t *this, chunk_t serialNumber, + rsa_private_key_t *key) +{ + asn1_ctx_t ctx; + chunk_t object; + u_int level; + int objectID = 0; + + chunk_t iv = chunk_empty; + chunk_t symmetric_key = chunk_empty; + chunk_t encrypted_content = chunk_empty; + + crypter_t *crypter = NULL; + + if (abort_parsing(this, OID_PKCS7_ENVELOPED_DATA)) + { + return FALSE; + } + + asn1_init(&ctx, this->content, this->level, FALSE, FALSE); + + while (objectID < PKCS7_ENVELOPED_ROOF) + { + if (!extract_object(envelopedDataObjects, &objectID, &object, &level, &ctx)) + { + goto failed; + } + + switch (objectID) + { + case PKCS7_ENVELOPED_VERSION: + if (*object.ptr != 0) + { + DBG1("envelopedData version is not 0"); + goto failed; + } + break; + case PKCS7_RECIPIENT_INFO_VERSION: + if (*object.ptr != 0) + { + DBG1("recipient info version is not 0"); + goto failed; + } + break; + case PKCS7_ISSUER: + { + identification_t *issuer; + + issuer = identification_create_from_encoding(ID_DER_ASN1_DN, object); + DBG2(" '%D'", issuer); + issuer->destroy(issuer); + } + break; + case PKCS7_SERIAL_NUMBER: + if (!chunk_equals(serialNumber, object)) + { + DBG1("serial numbers do not match"); + goto failed; + } + break; + case PKCS7_ENCRYPTION_ALG: + { + int alg = parse_algorithmIdentifier(object, level, NULL); + + if (alg != OID_RSA_ENCRYPTION) + { + DBG1("only rsa encryption supported"); + goto failed; + } + } + break; + case PKCS7_ENCRYPTED_KEY: + if (key->pkcs1_decrypt(key, object, &symmetric_key) != SUCCESS) + { + DBG1("symmetric key could not be decrypted with rsa"); + goto failed; + } + DBG4("symmetric key : %B", &symmetric_key); + break; + case PKCS7_CONTENT_TYPE: + if (known_oid(object) != OID_PKCS7_DATA) + { + DBG1("encrypted content not of type pkcs7 data"); + goto failed; + } + break; + case PKCS7_CONTENT_ENC_ALGORITHM: + { + int alg = parse_algorithmIdentifier(object, level, &iv); + + switch (alg) + { + case OID_DES_CBC: + crypter = crypter_create(ENCR_DES, 0); + break; + case OID_3DES_EDE_CBC: + crypter = crypter_create(ENCR_3DES, 0); + break; + default: + DBG1("Only DES and 3DES supported for symmetric encryption"); + goto failed; + } + if (symmetric_key.len != crypter->get_key_size(crypter)) + { + DBG1("symmetric key has wrong length"); + goto failed; + } + if (!parse_asn1_simple_object(&iv, ASN1_OCTET_STRING, level+1, "IV")) + { + DBG1("IV could not be parsed"); + goto failed; + } + if (iv.len != crypter->get_block_size(crypter)) + { + DBG1("IV has wrong length"); + goto failed; + } + } + break; + case PKCS7_ENCRYPTED_CONTENT: + encrypted_content = object; + break; + } + objectID++; + } + + /* decrypt the content */ + crypter->decrypt(crypter, encrypted_content, iv, &this->data); + DBG4("decrypted content with padding: %B", &this->data); + + /* remove the padding */ + { + u_char *pos = this->data.ptr + this->data.len - 1; + u_char pattern = *pos; + size_t padding = pattern; + + if (padding > this->data.len) + { + DBG1("padding greater than data length"); + goto failed; + } + this->data.len -= padding; + + while (padding-- > 0) + { + if (*pos-- != pattern) + { + DBG1("wrong padding pattern"); + goto failed; + } + } + } + crypter->destroy(crypter); + free(symmetric_key.ptr); + return TRUE; + +failed: + DESTROY_IF(crypter); + free(symmetric_key.ptr); + chunk_free(&this->data); + return FALSE; +} + +/** + * Implements pkcs7_t.get_data + */ +static chunk_t get_data(private_pkcs7_t *this) +{ + return this->data; +} + +/** + * Implements pkcs_t.create_crluri_iterator + */ +static iterator_t *create_certificate_iterator(const private_pkcs7_t *this) +{ + return this->certs->create_iterator(this->certs, TRUE); +} + +/** + * Implements pkcs7_t.destroy + */ +static void destroy(private_pkcs7_t *this) +{ + this->certs->destroy_offset(this->certs, offsetof(x509_t, destroy)); + free(this->data.ptr); + free(this); +} + +/** + * Parse PKCS#7 contentInfo object + */ +static bool parse_contentInfo(chunk_t blob, u_int level0, private_pkcs7_t *cInfo) +{ + asn1_ctx_t ctx; + chunk_t object; + u_int level; + int objectID = 0; + + asn1_init(&ctx, blob, level0, FALSE, FALSE); + + while (objectID < PKCS7_INFO_ROOF) + { + if (!extract_object(contentInfoObjects, &objectID, &object, &level, &ctx)) + { + return FALSE; + } + + if (objectID == PKCS7_INFO_TYPE) + { + cInfo->type = known_oid(object); + if (cInfo->type < OID_PKCS7_DATA + || cInfo->type > OID_PKCS7_ENCRYPTED_DATA) + { + DBG1("unknown pkcs7 content type"); + return FALSE; + } + } + else if (objectID == PKCS7_INFO_CONTENT) + { + cInfo->content = object; + } + objectID++; + } + return TRUE; +} + +/* + * Described in header. + */ +pkcs7_t *pkcs7_create_from_chunk(chunk_t chunk, u_int level) +{ + private_pkcs7_t *this = malloc_thing(private_pkcs7_t); + + /* initialize */ + this->type = OID_UNKNOWN; + this->content = chunk_empty; + this->parsed = FALSE; + this->level = level + 2; + this->data = chunk_empty; + this->attributes = chunk_empty; + this->certs = linked_list_create(); + + /*public functions */ + this->public.is_data = (bool (*) (pkcs7_t*))is_data; + this->public.is_signedData = (bool (*) (pkcs7_t*))is_signedData; + this->public.is_envelopedData = (bool (*) (pkcs7_t*))is_envelopedData; + this->public.parse_data = (bool (*) (pkcs7_t*))parse_data; + this->public.parse_signedData = (bool (*) (pkcs7_t*,x509_t*))parse_signedData; + this->public.parse_envelopedData = (bool (*) (pkcs7_t*,chunk_t,rsa_private_key_t*))parse_envelopedData; + this->public.get_data = (chunk_t (*) (pkcs7_t*))get_data; + this->public.create_certificate_iterator = (iterator_t* (*) (pkcs7_t*))create_certificate_iterator; + this->public.destroy = (void (*) (pkcs7_t*))destroy; + + if (!parse_contentInfo(chunk, level, this)) + { + destroy(this); + return NULL; + } + return &this->public; +} diff --git a/src/libstrongswan/crypto/pkcs7.h b/src/libstrongswan/crypto/pkcs7.h new file mode 100644 index 000000000..c8434225a --- /dev/null +++ b/src/libstrongswan/crypto/pkcs7.h @@ -0,0 +1,132 @@ +/** + * @file pkcs7.h + * + * @brief Interface of pkcs7_t. + * + */ + +/* + * Copyright (C) 2005 Jan Hutter, Martin Willi + * Copyright (C) 2002-2007 Andreas Steffen + * + * Hochschule fuer Technik Rapperswil, Switzerland + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + * + * RCSID $Id: pkcs7.h 3302 2007-10-12 21:57:20Z andreas $ + */ + +#ifndef _PKCS7_H +#define _PKCS7_H + +typedef struct pkcs7_t pkcs7_t; + +#include +#include +#include +#include + +/** + * @brief PKCS#7 contentInfo object. + * + * @b Constructors: + * -pkcs7_create_from_chunk() + * + * @ingroup crypto + */ +struct pkcs7_t { + /** + * @brief Check if the PKCS#7 contentType is data + * + * @param this calling object + * @return TRUE if the contentType is data + */ + bool (*is_data) (pkcs7_t *this); + + /** + * @brief Check if the PKCS#7 contentType is signedData + * + * @param this calling object + * @return TRUE if the contentType is signedData + */ + bool (*is_signedData) (pkcs7_t *this); + + /** + * @brief Check if the PKCS#7 contentType is envelopedData + * + * @param this calling object + * @return TRUE if the contentType is envelopedData + */ + bool (*is_envelopedData) (pkcs7_t *this); + + /** + * @brief Parse a PKCS#7 data content. + * + * @param this calling object + * @return TRUE if parsing was successful + */ + bool (*parse_data) (pkcs7_t *this); + + /** + * @brief Parse a PKCS#7 signedData content. + * + * @param this calling object + * @param cacert cacert used to verify the signature + * @return TRUE if parsing was successful + */ + bool (*parse_signedData) (pkcs7_t *this, x509_t *cacert); + + /** + * @brief Parse a PKCS#7 envelopedData content. + * + * @param this calling object + * @param serialNumber serialNumber of the request + * @param key RSA private key used to decrypt the symmetric key + * @return TRUE if parsing was successful + */ + bool (*parse_envelopedData) (pkcs7_t *this, chunk_t serialNumber, rsa_private_key_t *key); + + /** + * @brief Returns the parsed data object + * + * @param this calling object + * @return chunk containing the data object + */ + chunk_t (*get_data) (pkcs7_t *this); + + /** + * @brief Create an iterator for the certificates. + * + * @param this calling object + * @return iterator for the certificates + */ + iterator_t *(*create_certificate_iterator) (pkcs7_t *this); + + /** + * @brief Destroys the contentInfo object. + * + * @param this PKCS#7 contentInfo object to destroy + */ + void (*destroy) (pkcs7_t *this); +}; + +/** + * @brief Read a PKCS#7 contentInfo object from a DER encoded chunk. + * + * @param chunk chunk containing DER encoded data + * @param level ASN.1 parsing start level + * @return created pkcs7_contentInfo object, or NULL if invalid. + * + * @ingroup crypto + */ +pkcs7_t *pkcs7_create_from_chunk(chunk_t chunk, u_int level); + +#endif /* _PKCS7_H */ diff --git a/src/libstrongswan/crypto/rsa/rsa_private_key.c b/src/libstrongswan/crypto/rsa/rsa_private_key.c index 5b1647965..ec2f2fc74 100644 --- a/src/libstrongswan/crypto/rsa/rsa_private_key.c +++ b/src/libstrongswan/crypto/rsa/rsa_private_key.c @@ -19,6 +19,8 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. + * + * RCSID $Id: rsa_private_key.c 3306 2007-10-17 02:55:53Z andreas $ */ #include @@ -29,33 +31,21 @@ #include "rsa_public_key.h" #include "rsa_private_key.h" +#include #include #include #include -/** - * OIDs for hash algorithms are defined in rsa_public_key.c. - */ -extern u_int8_t md2_oid[18]; -extern u_int8_t md5_oid[18]; -extern u_int8_t sha1_oid[15]; -extern u_int8_t sha256_oid[19]; -extern u_int8_t sha384_oid[19]; -extern u_int8_t sha512_oid[19]; - - /** * defined in rsa_public_key.c */ extern chunk_t rsa_public_key_info_to_asn1(const mpz_t n, const mpz_t e); - /** * Public exponent to use for key generation. */ #define PUBLIC_EXPONENT 0x10001 - typedef struct private_rsa_private_key_t private_rsa_private_key_t; /** @@ -153,23 +143,23 @@ struct private_rsa_private_key_t { /* ASN.1 definition of a PKCS#1 RSA private key */ static const asn1Object_t privkey_objects[] = { - { 0, "RSAPrivateKey", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */ - { 1, "version", ASN1_INTEGER, ASN1_BODY }, /* 1 */ - { 1, "modulus", ASN1_INTEGER, ASN1_BODY }, /* 2 */ - { 1, "publicExponent", ASN1_INTEGER, ASN1_BODY }, /* 3 */ - { 1, "privateExponent", ASN1_INTEGER, ASN1_BODY }, /* 4 */ - { 1, "prime1", ASN1_INTEGER, ASN1_BODY }, /* 5 */ - { 1, "prime2", ASN1_INTEGER, ASN1_BODY }, /* 6 */ - { 1, "exponent1", ASN1_INTEGER, ASN1_BODY }, /* 7 */ - { 1, "exponent2", ASN1_INTEGER, ASN1_BODY }, /* 8 */ - { 1, "coefficient", ASN1_INTEGER, ASN1_BODY }, /* 9 */ - { 1, "otherPrimeInfos", ASN1_SEQUENCE, ASN1_OPT | - ASN1_LOOP }, /* 10 */ - { 2, "otherPrimeInfo", ASN1_SEQUENCE, ASN1_NONE }, /* 11 */ - { 3, "prime", ASN1_INTEGER, ASN1_BODY }, /* 12 */ - { 3, "exponent", ASN1_INTEGER, ASN1_BODY }, /* 13 */ - { 3, "coefficient", ASN1_INTEGER, ASN1_BODY }, /* 14 */ - { 1, "end opt or loop", ASN1_EOC, ASN1_END } /* 15 */ + { 0, "RSAPrivateKey", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */ + { 1, "version", ASN1_INTEGER, ASN1_BODY }, /* 1 */ + { 1, "modulus", ASN1_INTEGER, ASN1_BODY }, /* 2 */ + { 1, "publicExponent", ASN1_INTEGER, ASN1_BODY }, /* 3 */ + { 1, "privateExponent", ASN1_INTEGER, ASN1_BODY }, /* 4 */ + { 1, "prime1", ASN1_INTEGER, ASN1_BODY }, /* 5 */ + { 1, "prime2", ASN1_INTEGER, ASN1_BODY }, /* 6 */ + { 1, "exponent1", ASN1_INTEGER, ASN1_BODY }, /* 7 */ + { 1, "exponent2", ASN1_INTEGER, ASN1_BODY }, /* 8 */ + { 1, "coefficient", ASN1_INTEGER, ASN1_BODY }, /* 9 */ + { 1, "otherPrimeInfos", ASN1_SEQUENCE, ASN1_OPT | + ASN1_LOOP }, /* 10 */ + { 2, "otherPrimeInfo", ASN1_SEQUENCE, ASN1_NONE }, /* 11 */ + { 3, "prime", ASN1_INTEGER, ASN1_BODY }, /* 12 */ + { 3, "exponent", ASN1_INTEGER, ASN1_BODY }, /* 13 */ + { 3, "coefficient", ASN1_INTEGER, ASN1_BODY }, /* 14 */ + { 1, "end opt or loop", ASN1_EOC, ASN1_END } /* 15 */ }; #define PRIV_KEY_VERSION 1 @@ -185,6 +175,26 @@ static const asn1Object_t privkey_objects[] = { static private_rsa_private_key_t *rsa_private_key_create_empty(void); +/** + * Auxiliary function overwriting private key material with + * pseudo-random bytes before releasing it + */ +static void mpz_clear_randomized(mpz_t z) +{ + size_t len = mpz_size(z) * GMP_LIMB_BITS / BITS_PER_BYTE; + u_int8_t *random_bytes = alloca(len); + + randomizer_t *randomizer = randomizer_create(); + + randomizer->get_pseudo_random_bytes(randomizer, len, random_bytes); + + /* overwrite mpz_t with pseudo-random bytes before clearing it */ + mpz_import(z, len, 1, 1, 1, 0, random_bytes); + mpz_clear(z); + + randomizer->destroy(randomizer); +} + /** * Implementation of private_rsa_private_key_t.compute_prime. */ @@ -216,7 +226,8 @@ static status_t compute_prime(private_rsa_private_key_t *this, size_t prime_size /* get next prime */ mpz_nextprime (*prime, *prime); - free(random_bytes.ptr); + /* free the random_bytes after overwriting them with a pseudo-random sequence */ + chunk_free_randomized(&random_bytes); } /* check if it isnt too large */ while (((mpz_sizeinbase(*prime, 2) + 7) / 8) > prime_size); @@ -251,59 +262,96 @@ static chunk_t rsadp(private_rsa_private_key_t *this, chunk_t data) decrypted.len = this->k; decrypted.ptr = mpz_export(NULL, NULL, 1, decrypted.len, 1, 0, t1); - mpz_clear(t1); - mpz_clear(t2); + mpz_clear_randomized(t1); + mpz_clear_randomized(t2); return decrypted; } /** - * Implementation of rsa_private_key.build_emsa_signature. + * Implementation of rsa_private_key_t.eme_pkcs1_decrypt. */ -static status_t build_emsa_pkcs1_signature(private_rsa_private_key_t *this, hash_algorithm_t hash_algorithm, chunk_t data, chunk_t *signature) +static status_t pkcs1_decrypt(private_rsa_private_key_t *this, + chunk_t in, chunk_t *out) +{ + status_t status = FAILED; + chunk_t em, em_ori; + + /* decrypt the input data */ + em = em_ori = this->rsadp(this, in); + + /* PKCS#1 v1.5 EME encryption formatting + * EM = 00 || 02 || PS || 00 || M + * PS = pseudo-random nonzero octets + */ + + /* check for magic bytes */ + if (*(em.ptr) != 0x00 || *(em.ptr+1) != 0x02) + { + DBG1("incorrect padding - probably wrong RSA key"); + goto end; + } + em.ptr += 2; + em.len -= 2; + + /* the plaintext data starts after first 0x00 byte */ + while (em.len-- > 0 && *em.ptr++ != 0x00); + + if (em.len == 0) + { + DBG1("no plaintext data found"); + goto end; + } + + *out = chunk_clone(em); + status = SUCCESS; + +end: + free(em_ori.ptr); + return status; +} + +/** + * Implementation of rsa_private_key_t.build_emsa_pkcs1_signature. + */ +static status_t build_emsa_pkcs1_signature(private_rsa_private_key_t *this, + hash_algorithm_t hash_algorithm, + chunk_t data, chunk_t *signature) { hasher_t *hasher; - chunk_t hash; - chunk_t em; - chunk_t oid; + chunk_t em, digestInfo, hash_id, hash; /* get oid string prepended to hash */ switch (hash_algorithm) { case HASH_MD2: { - oid.ptr = md2_oid; - oid.len = sizeof(md2_oid); + hash_id =ASN1_md2_id; break; } case HASH_MD5: { - oid.ptr = md5_oid; - oid.len = sizeof(md5_oid); + hash_id = ASN1_md5_id; break; } case HASH_SHA1: { - oid.ptr = sha1_oid; - oid.len = sizeof(sha1_oid); + hash_id = ASN1_sha1_id; break; } case HASH_SHA256: { - oid.ptr = sha256_oid; - oid.len = sizeof(sha256_oid); + hash_id = ASN1_sha256_id; break; } case HASH_SHA384: { - oid.ptr = sha384_oid; - oid.len = sizeof(sha384_oid); + hash_id = ASN1_sha384_id; break; } case HASH_SHA512: { - oid.ptr = sha512_oid; - oid.len = sizeof(sha512_oid); + hash_id = ASN1_sha512_id; break; } default: @@ -323,10 +371,17 @@ static status_t build_emsa_pkcs1_signature(private_rsa_private_key_t *this, hash hasher->allocate_hash(hasher, data, &hash); hasher->destroy(hasher); + /* build DER-encoded digestInfo */ + digestInfo = asn1_wrap(ASN1_SEQUENCE, "cm", + hash_id, + asn1_simple_object(ASN1_OCTET_STRING, hash) + ); + chunk_free(&hash); + /* build chunk to rsa-decrypt: * EM = 0x00 || 0x01 || PS || 0x00 || T. * PS = 0xFF padding, with length to fill em - * T = oid || hash + * T = encoded_hash */ em.len = this->k; em.ptr = malloc(em.len); @@ -336,78 +391,44 @@ static status_t build_emsa_pkcs1_signature(private_rsa_private_key_t *this, hash /* set magic bytes */ *(em.ptr) = 0x00; *(em.ptr+1) = 0x01; - *(em.ptr + em.len - hash.len - oid.len - 1) = 0x00; - /* set hash */ - memcpy(em.ptr + em.len - hash.len, hash.ptr, hash.len); - /* set oid */ - memcpy(em.ptr + em.len - hash.len - oid.len, oid.ptr, oid.len); - + *(em.ptr + em.len - digestInfo.len - 1) = 0x00; + /* set DER-encoded hash */ + memcpy(em.ptr + em.len - digestInfo.len, digestInfo.ptr, digestInfo.len); + /* build signature */ *signature = this->rsasp1(this, em); - free(hash.ptr); + free(digestInfo.ptr); free(em.ptr); return SUCCESS; } /** - * Implementation of rsa_private_key.get_key. + * Implementation of rsa_private_key_t.pkcs1_write. */ -static status_t get_key(private_rsa_private_key_t *this, chunk_t *key) -{ - chunk_t n, e, p, q, d, exp1, exp2, coeff; - - n.len = this->k; - n.ptr = mpz_export(NULL, NULL, 1, n.len, 1, 0, this->n); - e.len = this->k; - e.ptr = mpz_export(NULL, NULL, 1, e.len, 1, 0, this->e); - p.len = this->k; - p.ptr = mpz_export(NULL, NULL, 1, p.len, 1, 0, this->p); - q.len = this->k; - q.ptr = mpz_export(NULL, NULL, 1, q.len, 1, 0, this->q); - d.len = this->k; - d.ptr = mpz_export(NULL, NULL, 1, d.len, 1, 0, this->d); - exp1.len = this->k; - exp1.ptr = mpz_export(NULL, NULL, 1, exp1.len, 1, 0, this->exp1); - exp2.len = this->k; - exp2.ptr = mpz_export(NULL, NULL, 1, exp2.len, 1, 0, this->exp2); - coeff.len = this->k; - coeff.ptr = mpz_export(NULL, NULL, 1, coeff.len, 1, 0, this->coeff); - - key->len = this->k * 8; - key->ptr = malloc(key->len); - memcpy(key->ptr + this->k * 0, n.ptr , n.len); - memcpy(key->ptr + this->k * 1, e.ptr, e.len); - memcpy(key->ptr + this->k * 2, p.ptr, p.len); - memcpy(key->ptr + this->k * 3, q.ptr, q.len); - memcpy(key->ptr + this->k * 4, d.ptr, d.len); - memcpy(key->ptr + this->k * 5, exp1.ptr, exp1.len); - memcpy(key->ptr + this->k * 6, exp2.ptr, exp2.len); - memcpy(key->ptr + this->k * 7, coeff.ptr, coeff.len); - - free(n.ptr); - free(e.ptr); - free(p.ptr); - free(q.ptr); - free(d.ptr); - free(exp1.ptr); - free(exp2.ptr); - free(coeff.ptr); - - return SUCCESS; -} - -/** - * Implementation of rsa_private_key.save_key. - */ -static status_t save_key(private_rsa_private_key_t *this, char *file) +static bool pkcs1_write(private_rsa_private_key_t *this, const char *filename, bool force) { - return NOT_SUPPORTED; + bool status; + + chunk_t pkcs1 = asn1_wrap(ASN1_SEQUENCE, "cmmmmmmmm", + ASN1_INTEGER_0, + asn1_integer_from_mpz(this->n), + asn1_integer_from_mpz(this->e), + asn1_integer_from_mpz(this->d), + asn1_integer_from_mpz(this->p), + asn1_integer_from_mpz(this->q), + asn1_integer_from_mpz(this->exp1), + asn1_integer_from_mpz(this->exp2), + asn1_integer_from_mpz(this->coeff)); + + status = chunk_write(pkcs1, filename, "pkcs1", 0066, force); + chunk_free_randomized(&pkcs1); + return status; } /** - * Implementation of rsa_private_key.get_public_key. + * Implementation of rsa_private_key_t.get_public_key. */ rsa_public_key_t *get_public_key(private_rsa_private_key_t *this) { @@ -510,47 +531,26 @@ static status_t check(private_rsa_private_key_t *this) status = FAILED; } - mpz_clear(t); - mpz_clear(u); - mpz_clear(q1); + mpz_clear_randomized(t); + mpz_clear_randomized(u); + mpz_clear_randomized(q1); return status; } -/** - * Implementation of rsa_private_key.clone. - */ -static rsa_private_key_t* _clone(private_rsa_private_key_t *this) -{ - private_rsa_private_key_t *clone = rsa_private_key_create_empty(); - - mpz_init_set(clone->n, this->n); - mpz_init_set(clone->e, this->e); - mpz_init_set(clone->p, this->p); - mpz_init_set(clone->q, this->q); - mpz_init_set(clone->d, this->d); - mpz_init_set(clone->exp1, this->exp1); - mpz_init_set(clone->exp2, this->exp2); - mpz_init_set(clone->coeff, this->coeff); - clone->keyid = chunk_clone(this->keyid); - clone->k = this->k; - - return &clone->public; -} - /** * Implementation of rsa_private_key.destroy. */ static void destroy(private_rsa_private_key_t *this) { - mpz_clear(this->n); - mpz_clear(this->e); - mpz_clear(this->p); - mpz_clear(this->q); - mpz_clear(this->d); - mpz_clear(this->exp1); - mpz_clear(this->exp2); - mpz_clear(this->coeff); - free(this->keyid.ptr); + mpz_clear_randomized(this->n); + mpz_clear_randomized(this->e); + mpz_clear_randomized(this->p); + mpz_clear_randomized(this->q); + mpz_clear_randomized(this->d); + mpz_clear_randomized(this->exp1); + mpz_clear_randomized(this->exp2); + mpz_clear_randomized(this->coeff); + chunk_free_randomized(&this->keyid); free(this); } @@ -562,12 +562,11 @@ static private_rsa_private_key_t *rsa_private_key_create_empty(void) private_rsa_private_key_t *this = malloc_thing(private_rsa_private_key_t); /* public functions */ + this->public.pkcs1_decrypt = (status_t (*) (rsa_private_key_t*,chunk_t,chunk_t*))pkcs1_decrypt; this->public.build_emsa_pkcs1_signature = (status_t (*) (rsa_private_key_t*,hash_algorithm_t,chunk_t,chunk_t*))build_emsa_pkcs1_signature; - this->public.get_key = (status_t (*) (rsa_private_key_t*,chunk_t*))get_key; - this->public.save_key = (status_t (*) (rsa_private_key_t*,char*))save_key; - this->public.get_public_key = (rsa_public_key_t *(*) (rsa_private_key_t*))get_public_key; + this->public.pkcs1_write = (bool (*) (rsa_private_key_t*,const char*,bool))pkcs1_write; + this->public.get_public_key = (rsa_public_key_t* (*) (rsa_private_key_t*))get_public_key; this->public.belongs_to = (bool (*) (rsa_private_key_t*,rsa_public_key_t*))belongs_to; - this->public.clone = (rsa_private_key_t*(*)(rsa_private_key_t*))_clone; this->public.destroy = (void (*) (rsa_private_key_t*))destroy; /* private functions */ @@ -575,6 +574,8 @@ static private_rsa_private_key_t *rsa_private_key_create_empty(void) this->rsasp1 = rsadp; /* same algorithm */ this->compute_prime = compute_prime; + this->keyid = chunk_empty; + return this; } @@ -613,9 +614,7 @@ rsa_private_key_t *rsa_private_key_create(size_t key_size) /* Swapping Primes so p is larger then q */ if (mpz_cmp(p, q) < 0) { - mpz_set(t, p); - mpz_set(p, q); - mpz_set(q, t); + mpz_swap(p, q); } mpz_mul(n, p, q); /* n = p*q */ @@ -645,9 +644,9 @@ rsa_private_key_t *rsa_private_key_create(size_t key_size) mpz_add(coeff, coeff, p); } - mpz_clear(q1); - mpz_clear(m); - mpz_clear(t); + mpz_clear_randomized(q1); + mpz_clear_randomized(m); + mpz_clear_randomized(t); /* apply values */ *(this->p) = *p; @@ -733,7 +732,7 @@ rsa_private_key_t *rsa_private_key_create_from_chunk(chunk_t blob) objectID++; } - this->k = (mpz_sizeinbase(this->n, 2) + 7) / 8; + this->k = (mpz_sizeinbase(this->n, 2) + 7) / BITS_PER_BYTE; /* form the keyid as a SHA-1 hash of a publicKeyInfo object */ { @@ -769,6 +768,6 @@ rsa_private_key_t *rsa_private_key_create_from_file(char *filename, chunk_t *pas return NULL; key = rsa_private_key_create_from_chunk(chunk); - free(chunk.ptr); + chunk_free_randomized(&chunk); return key; } diff --git a/src/libstrongswan/crypto/rsa/rsa_private_key.h b/src/libstrongswan/crypto/rsa/rsa_private_key.h index 9ec07704e..e5cf49810 100644 --- a/src/libstrongswan/crypto/rsa/rsa_private_key.h +++ b/src/libstrongswan/crypto/rsa/rsa_private_key.h @@ -19,6 +19,8 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. + * + * RCSID $Id: rsa_private_key.h 3296 2007-10-12 15:23:29Z andreas $ */ #ifndef RSA_PRIVATE_KEY_H_ @@ -42,12 +44,23 @@ typedef struct rsa_private_key_t rsa_private_key_t; * * @see rsa_public_key_t * - * @todo Implement get_key(), save_key(), get_public_key() - * * @ingroup rsa */ struct rsa_private_key_t { + /** + * @brief Decrypt a data block based on EME-PKCS1 encoding. + * + * + * @param this calling object + * @param data encrypted input data + * @param out decrypted output data + * @return + * - SUCCESS + * - FAILED if padding is not correct + */ + status_t (*pkcs1_decrypt) (rsa_private_key_t *this, chunk_t in, chunk_t *out); + /** * @brief Build a signature over a chunk using EMSA-PKCS1 encoding. * @@ -67,45 +80,17 @@ struct rsa_private_key_t { status_t (*build_emsa_pkcs1_signature) (rsa_private_key_t *this, hash_algorithm_t hash_algorithm, chunk_t data, chunk_t *signature); /** - * @brief Gets the key. - * - * UNIMPLEMENTED! - * + * @brief Writes an RSA private key to a file in PKCS#1 format. + * * @param this calling object - * @param key key (in a propriarity format) - * @return - * - SUCCESS - * - INVALID_STATE, if key not set + * @param filename file to which the key should be written. + * @param force if TRUE overwrite existing file + * @return TRUE if successful - FALSE otherwise */ - status_t (*get_key) (rsa_private_key_t *this, chunk_t *key); + bool (*pkcs1_write) (rsa_private_key_t *this, const char *filename, bool force); /** - * @brief Saves a key to a file. - * - * Not implemented! - * - * @param this calling object - * @param file file to which the key should be written. - * @return NOT_SUPPORTED - */ - status_t (*save_key) (rsa_private_key_t *this, char *file); - - /** - * @brief Generate a new key. - * - * Generates a new private_key with specified key size - * - * @param this calling object - * @param key_size size of the key in bits - * @return - * - SUCCESS - * - INVALID_ARG if key_size invalid - */ - status_t (*generate_key) (rsa_private_key_t *this, size_t key_size); - - /** - * @brief Create a rsa_public_key_t with the public - * parts of the key. + * @brief Create a rsa_public_key_t with the public part of the key. * * @param this calling object * @return public_key @@ -124,14 +109,6 @@ struct rsa_private_key_t { */ bool (*belongs_to) (rsa_private_key_t *this, rsa_public_key_t *public); - /** - * @brief Clone the private key. - * - * @param this private key to clone - * @return clone of this - */ - rsa_private_key_t *(*clone) (rsa_private_key_t *this); - /** * @brief Destroys the private key. * diff --git a/src/libstrongswan/crypto/rsa/rsa_public_key.c b/src/libstrongswan/crypto/rsa/rsa_public_key.c index 38899670f..6f2158d2b 100644 --- a/src/libstrongswan/crypto/rsa/rsa_public_key.c +++ b/src/libstrongswan/crypto/rsa/rsa_public_key.c @@ -19,6 +19,8 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. + * + * RCSID $Id: rsa_public_key.c 3303 2007-10-12 22:49:39Z andreas $ */ #include @@ -29,74 +31,13 @@ #include "rsa_public_key.h" +#include #include #include #include -/* - * For simplicity, we use these predefined values for hash algorithm OIDs - * These also contain the length of the appended hash - * These values are also used in rsa_private_key.c. - */ - -const u_int8_t md2_oid[] = { - 0x30,0x20, - 0x30,0x0c, - 0x06,0x08, - 0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x02, - 0x05,0x00, - 0x04,0x10 -}; - -const u_int8_t md5_oid[] = { - 0x30,0x20, - 0x30,0x0c, - 0x06,0x08, - 0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x05, - 0x05,0x00, - 0x04,0x10 -}; - -const u_int8_t sha1_oid[] = { - 0x30,0x21, - 0x30,0x09, - 0x06,0x05, - 0x2b,0x0e,0x03,0x02,0x1a, - 0x05,0x00, - 0x04,0x14 -}; - -const u_int8_t sha256_oid[] = { - 0x30,0x31, - 0x30,0x0d, - 0x06,0x09, - 0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x01, - 0x05,0x00, - 0x04,0x20 -}; - -const u_int8_t sha384_oid[] = { - 0x30,0x41, - 0x30,0x0d, - 0x06,0x09, - 0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x02, - 0x05,0x00, - 0x04,0x30 -}; - -const u_int8_t sha512_oid[] = { - 0x30,0x51, - 0x30,0x0d, - 0x06,0x09, - 0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x03, - 0x05,0x00, - 0x04,0x40 -}; - -#define LARGEST_HASH_OID_SIZE sizeof(sha512_oid) - -/* ASN.1 definition public key */ -static const asn1Object_t pubkey_objects[] = { +/* ASN.1 definition of RSApublicKey */ +static const asn1Object_t pubkeyObjects[] = { { 0, "RSAPublicKey", ASN1_SEQUENCE, ASN1_OBJ }, /* 0 */ { 1, "modulus", ASN1_INTEGER, ASN1_BODY }, /* 1 */ { 1, "publicExponent", ASN1_INTEGER, ASN1_BODY }, /* 2 */ @@ -107,6 +48,18 @@ static const asn1Object_t pubkey_objects[] = { #define PUB_KEY_EXPONENT 2 #define PUB_KEY_ROOF 3 +/* ASN.1 definition of digestInfo */ +static const asn1Object_t digestInfoObjects[] = { + { 0, "digestInfo", ASN1_SEQUENCE, ASN1_OBJ }, /* 0 */ + { 1, "digestAlgorithm", ASN1_EOC, ASN1_RAW }, /* 1 */ + { 1, "digest", ASN1_OCTET_STRING, ASN1_BODY }, /* 2 */ +}; + +#define DIGEST_INFO 0 +#define DIGEST_INFO_ALGORITHM 1 +#define DIGEST_INFO_DIGEST 2 +#define DIGEST_INFO_ROOF 3 + typedef struct private_rsa_public_key_t private_rsa_public_key_t; /** @@ -186,12 +139,11 @@ static chunk_t rsaep(const private_rsa_public_key_t *this, chunk_t data) /** * Implementation of rsa_public_key.verify_emsa_pkcs1_signature. */ -static status_t verify_emsa_pkcs1_signature(const private_rsa_public_key_t *this, chunk_t data, chunk_t signature) +static status_t verify_emsa_pkcs1_signature(const private_rsa_public_key_t *this, + hash_algorithm_t algorithm, + chunk_t data, chunk_t signature) { - hasher_t *hasher = NULL; - chunk_t hash; - chunk_t em; - u_int8_t *pos; + chunk_t em_ori, em; status_t res = FAILED; /* remove any preceding 0-bytes from signature */ @@ -207,7 +159,7 @@ static status_t verify_emsa_pkcs1_signature(const private_rsa_public_key_t *this } /* unpack signature */ - em = this->rsavp1(this, signature); + em_ori = em = this->rsavp1(this, signature); /* result should look like this: * EM = 0x00 || 0x01 || PS || 0x00 || T. @@ -216,141 +168,160 @@ static status_t verify_emsa_pkcs1_signature(const private_rsa_public_key_t *this */ /* check magic bytes */ - if ((*(em.ptr) != 0x00) || (*(em.ptr+1) != 0x01)) + if (*(em.ptr) != 0x00 || *(em.ptr+1) != 0x01) { + DBG2("incorrect padding - probably wrong RSA key"); goto end; } + em.ptr += 2; + em.len -= 2; /* find magic 0x00 */ - pos = em.ptr + 2; - while (pos <= em.ptr + em.len) + while (em.len > 0) { - if (*pos == 0x00) + if (*em.ptr == 0x00) { /* found magic byte, stop */ - pos++; + em.ptr++; + em.len--; break; } - else if (*pos != 0xFF) + else if (*em.ptr != 0xFF) { /* bad padding, decryption failed ?!*/ goto end; } - pos++; + em.ptr++; + em.len--; } - if (pos + LARGEST_HASH_OID_SIZE > em.ptr + em.len) - { - /* not enought room for oid compare */ - goto end; - } - - if (memeq(md2_oid, pos, sizeof(md2_oid))) - { - hasher = hasher_create(HASH_MD2); - pos += sizeof(md2_oid); - } - else if (memeq(md5_oid, pos, sizeof(md5_oid))) + if (em.len == 0) { - hasher = hasher_create(HASH_MD5); - pos += sizeof(md5_oid); - } - else if (memeq(sha1_oid, pos, sizeof(sha1_oid))) - { - hasher = hasher_create(HASH_SHA1); - pos += sizeof(sha1_oid); - } - else if (memeq(sha256_oid, pos, sizeof(sha256_oid))) - { - hasher = hasher_create(HASH_SHA256); - pos += sizeof(sha256_oid); - } - else if (memeq(sha384_oid, pos, sizeof(sha384_oid))) - { - hasher = hasher_create(HASH_SHA384); - pos += sizeof(sha384_oid); - } - else if (memeq(sha512_oid, pos, sizeof(sha512_oid))) - { - hasher = hasher_create(HASH_SHA512); - pos += sizeof(sha512_oid); - } - - if (hasher == NULL) - { - /* unsupported hash algorithm */ - res = NOT_SUPPORTED;; + /* no digestInfo found */ goto end; } - - if (pos + hasher->get_hash_size(hasher) != em.ptr + em.len) + + /* parse ASN.1-based digestInfo */ { - /* bad length */ - hasher->destroy(hasher); - goto end; + asn1_ctx_t ctx; + chunk_t object; + u_int level; + int objectID = 0; + hash_algorithm_t hash_algorithm = HASH_UNKNOWN; + + asn1_init(&ctx, em, 0, FALSE, FALSE); + + while (objectID < DIGEST_INFO_ROOF) + { + if (!extract_object(digestInfoObjects, &objectID, &object, &level, &ctx)) + { + goto end; + } + switch (objectID) + { + case DIGEST_INFO: + if (em.len > object.len) + { + DBG1("digestInfo field in signature is followed by %u surplus bytes", + em.len - object.len); + goto end; + } + break; + case DIGEST_INFO_ALGORITHM: + { + int hash_oid = parse_algorithmIdentifier(object, level+1, NULL); + + hash_algorithm = hasher_algorithm_from_oid(hash_oid); + if (hash_algorithm == HASH_UNKNOWN + || (algorithm != HASH_UNKNOWN && hash_algorithm != algorithm)) + { + DBG1("wrong hash algorithm used in signature"); + goto end; + } + } + break; + case DIGEST_INFO_DIGEST: + { + chunk_t hash; + hasher_t *hasher = hasher_create(hash_algorithm); + + if (object.len != hasher->get_hash_size(hasher)) + { + DBG1("hash size in signature is %u bytes instead of %u bytes", + object.len, hasher->get_hash_size(hasher)); + hasher->destroy(hasher); + goto end; + } + + /* build our own hash */ + hasher->allocate_hash(hasher, data, &hash); + hasher->destroy(hasher); + + /* compare the hashes */ + res = memeq(object.ptr, hash.ptr, hash.len) ? SUCCESS : FAILED; + free(hash.ptr); + } + break; + default: + break; + } + objectID++; + } } - - /* build our own hash */ - hasher->allocate_hash(hasher, data, &hash); - hasher->destroy(hasher); - - /* compare the hashes */ - res = memeq(hash.ptr, pos, hash.len) ? SUCCESS : FAILED; - free(hash.ptr); end: - free(em.ptr); + free(em_ori.ptr); return res; } - + + /** - * Implementation of rsa_public_key.get_key. + * Implementation of rsa_public_key_t.get_modulus. */ -static status_t get_key(const private_rsa_public_key_t *this, chunk_t *key) -{ - chunk_t n, e; - - n.len = this->k; - n.ptr = mpz_export(NULL, NULL, 1, n.len, 1, 0, this->n); - e.len = this->k; - e.ptr = mpz_export(NULL, NULL, 1, e.len, 1, 0, this->e); - - key->len = this->k * 2; - key->ptr = malloc(key->len); - memcpy(key->ptr, n.ptr, n.len); - memcpy(key->ptr + n.len, e.ptr, e.len); - free(n.ptr); - free(e.ptr); - - return SUCCESS; +static mpz_t *get_modulus(const private_rsa_public_key_t *this) +{ + return (mpz_t*)&this->n; } /** - * Implementation of rsa_public_key.save_key. + * Implementation of rsa_public_key_t.get_keysize. */ -static status_t save_key(const private_rsa_public_key_t *this, char *file) +static size_t get_keysize(const private_rsa_public_key_t *this) { - return NOT_SUPPORTED; + return this->k; } /** - * Implementation of rsa_public_key.get_modulus. + * Build a DER-encoded publicKeyInfo object from an RSA public key. + * Also used in rsa_private_key.c. */ -static mpz_t *get_modulus(const private_rsa_public_key_t *this) +chunk_t rsa_public_key_info_to_asn1(const mpz_t n, const mpz_t e) { - return (mpz_t*)&this->n; + chunk_t rawKey = asn1_wrap(ASN1_SEQUENCE, "mm", + asn1_integer_from_mpz(n), + asn1_integer_from_mpz(e)); + chunk_t publicKey; + + u_char *pos = build_asn1_object(&publicKey, ASN1_BIT_STRING, 1 + rawKey.len); + + *pos++ = 0x00; + memcpy(pos, rawKey.ptr, rawKey.len); + free(rawKey.ptr); + + return asn1_wrap(ASN1_SEQUENCE, "cm", ASN1_rsaEncryption_id, + publicKey); } /** - * Implementation of rsa_public_key.get_keysize. + * Implementation of rsa_public_key_t.get_publicKeyInfo. */ -static size_t get_keysize(const private_rsa_public_key_t *this) +static chunk_t get_publicKeyInfo(const private_rsa_public_key_t *this) { - return this->k; + return rsa_public_key_info_to_asn1(this->n, this->e); } /** - * Implementation of rsa_public_key.get_keyid. + * Implementation of rsa_public_key_t.get_keyid. */ static chunk_t get_keyid(const private_rsa_public_key_t *this) { @@ -358,7 +329,7 @@ static chunk_t get_keyid(const private_rsa_public_key_t *this) } /** - * Implementation of rsa_public_key.clone. + * Implementation of rsa_public_key_t.clone. */ static rsa_public_key_t* _clone(const private_rsa_public_key_t *this) { @@ -373,7 +344,7 @@ static rsa_public_key_t* _clone(const private_rsa_public_key_t *this) } /** - * Implementation of rsa_public_key.destroy. + * Implementation of rsa_public_key_t.destroy. */ static void destroy(private_rsa_public_key_t *this) { @@ -391,11 +362,10 @@ private_rsa_public_key_t *rsa_public_key_create_empty(void) private_rsa_public_key_t *this = malloc_thing(private_rsa_public_key_t); /* public functions */ - this->public.verify_emsa_pkcs1_signature = (status_t (*) (const rsa_public_key_t*,chunk_t,chunk_t))verify_emsa_pkcs1_signature; - this->public.get_key = (status_t (*) (const rsa_public_key_t*,chunk_t*))get_key; - this->public.save_key = (status_t (*) (const rsa_public_key_t*,char*))save_key; + this->public.verify_emsa_pkcs1_signature = (status_t (*) (const rsa_public_key_t*,hash_algorithm_t,chunk_t,chunk_t))verify_emsa_pkcs1_signature; this->public.get_modulus = (mpz_t *(*) (const rsa_public_key_t*))get_modulus; this->public.get_keysize = (size_t (*) (const rsa_public_key_t*))get_keysize; + this->public.get_publicKeyInfo = (chunk_t (*) (const rsa_public_key_t*))get_publicKeyInfo; this->public.get_keyid = (chunk_t (*) (const rsa_public_key_t*))get_keyid; this->public.clone = (rsa_public_key_t* (*) (const rsa_public_key_t*))_clone; this->public.destroy = (void (*) (rsa_public_key_t*))destroy; @@ -407,27 +377,6 @@ private_rsa_public_key_t *rsa_public_key_create_empty(void) return this; } -/** - * Build a DER-encoded publicKeyInfo object from an RSA public key. - * Also used in rsa_private_key.c. - */ -chunk_t rsa_public_key_info_to_asn1(const mpz_t n, const mpz_t e) -{ - chunk_t rawKey = asn1_wrap(ASN1_SEQUENCE, "mm", - asn1_integer_from_mpz(n), - asn1_integer_from_mpz(e)); - chunk_t publicKey; - - u_char *pos = build_asn1_object(&publicKey, ASN1_BIT_STRING, 1 + rawKey.len); - - *pos++ = 0x00; - memcpy(pos, rawKey.ptr, rawKey.len); - free(rawKey.ptr); - - return asn1_wrap(ASN1_SEQUENCE, "cm", ASN1_rsaEncryption_id, - publicKey); -} - /* * See header */ @@ -447,7 +396,7 @@ rsa_public_key_t *rsa_public_key_create_from_chunk(chunk_t blob) while (objectID < PUB_KEY_ROOF) { - if (!extract_object(pubkey_objects, &objectID, &object, &level, &ctx)) + if (!extract_object(pubkeyObjects, &objectID, &object, &level, &ctx)) { destroy(this); return FALSE; @@ -489,8 +438,9 @@ rsa_public_key_t *rsa_public_key_create_from_file(char *filename) rsa_public_key_t *pubkey = NULL; if (!pem_asn1_load_file(filename, NULL, "public key", &chunk, &pgp)) + { return NULL; - + } pubkey = rsa_public_key_create_from_chunk(chunk); free(chunk.ptr); return pubkey; diff --git a/src/libstrongswan/crypto/rsa/rsa_public_key.h b/src/libstrongswan/crypto/rsa/rsa_public_key.h index 1ee54dcc3..0a40c2204 100644 --- a/src/libstrongswan/crypto/rsa/rsa_public_key.h +++ b/src/libstrongswan/crypto/rsa/rsa_public_key.h @@ -19,6 +19,8 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. + * + * RCSID $Id: rsa_public_key.h 3303 2007-10-12 22:49:39Z andreas $ */ #ifndef RSA_PUBLIC_KEY_H_ @@ -29,6 +31,7 @@ typedef struct rsa_public_key_t rsa_public_key_t; #include #include +#include /** * @brief RSA public key with associated functions. @@ -58,6 +61,7 @@ struct rsa_public_key_t { * * @param this rsa_public_key to use * @param data data to sign + # @param algorithm hash algorithm the signature is based on * @param signature signature to verify * @return * - SUCCESS, if signature ok @@ -66,34 +70,9 @@ struct rsa_public_key_t { * - INVALID_ARG, if signature is not a signature * - FAILED if signature invalid or unable to verify */ - status_t (*verify_emsa_pkcs1_signature) (const rsa_public_key_t *this, chunk_t data, chunk_t signature); - - /** - * @brief Gets the key. - * - * Currently uses a proprietary format which is only inteded - * for testing. This should be replaced with a proper - * ASN1 encoded key format, when charon gets the ASN1 - * capabilities. - * - * @param this calling object - * @param key key (in a propriarity format) - * @return - * - SUCCESS - * - INVALID_STATE, if key not set - */ - status_t (*get_key) (const rsa_public_key_t *this, chunk_t *key); - - /** - * @brief Saves a key to a file. - * - * Not implemented! - * - * @param this calling object - * @param file file to which the key should be written. - * @return NOT_SUPPORTED - */ - status_t (*save_key) (const rsa_public_key_t *this, char *file); + status_t (*verify_emsa_pkcs1_signature) (const rsa_public_key_t *this, + hash_algorithm_t algorithm, + chunk_t data, chunk_t signature); /** * @brief Get the modulus of the key. @@ -111,6 +90,14 @@ struct rsa_public_key_t { */ size_t (*get_keysize) (const rsa_public_key_t *this); + /** + * @brief Get the DER encoded publicKeyInfo object. + * + * @param this calling object + * @return DER encoded publicKeyInfo object + */ + chunk_t (*get_publicKeyInfo) (const rsa_public_key_t *this); + /** * @brief Get the keyid formed as the SHA-1 hash of a publicKeyInfo object. * diff --git a/src/libstrongswan/crypto/signers/hmac_signer.c b/src/libstrongswan/crypto/signers/hmac_signer.c index 76e1ce50e..ad5b882a6 100644 --- a/src/libstrongswan/crypto/signers/hmac_signer.c +++ b/src/libstrongswan/crypto/signers/hmac_signer.c @@ -52,14 +52,19 @@ struct private_hmac_signer_t { /** * Implementation of signer_t.get_signature. */ -static void get_signature (private_hmac_signer_t *this, chunk_t data, u_int8_t *buffer) +static void get_signature(private_hmac_signer_t *this, chunk_t data, u_int8_t *buffer) { - u_int8_t full_mac[this->hmac_prf->get_block_size(this->hmac_prf)]; - - this->hmac_prf->get_bytes(this->hmac_prf, data, full_mac); - - /* copy MAC depending on truncation */ - memcpy(buffer, full_mac, this->block_size); + if (buffer == NULL) + { /* append mode */ + this->hmac_prf->get_bytes(this->hmac_prf, data, NULL); + } + else + { + u_int8_t full_mac[this->hmac_prf->get_block_size(this->hmac_prf)]; + + this->hmac_prf->get_bytes(this->hmac_prf, data, full_mac); + memcpy(buffer, full_mac, this->block_size); + } } /** @@ -67,18 +72,24 @@ static void get_signature (private_hmac_signer_t *this, chunk_t data, u_int8_t * */ static void allocate_signature (private_hmac_signer_t *this, chunk_t data, chunk_t *chunk) { - chunk_t signature; - u_int8_t full_mac[this->hmac_prf->get_block_size(this->hmac_prf)]; - - this->hmac_prf->get_bytes(this->hmac_prf,data,full_mac); + if (chunk == NULL) + { /* append mode */ + this->hmac_prf->get_bytes(this->hmac_prf, data, NULL); + } + else + { + chunk_t signature; + u_int8_t full_mac[this->hmac_prf->get_block_size(this->hmac_prf)]; + + this->hmac_prf->get_bytes(this->hmac_prf, data, full_mac); - signature.ptr = malloc(this->block_size); - signature.len = this->block_size; - - /* copy signature */ - memcpy(signature.ptr, full_mac, this->block_size); + signature.ptr = malloc(this->block_size); + signature.len = this->block_size; + + memcpy(signature.ptr, full_mac, this->block_size); - *chunk = signature; + *chunk = signature; + } } /** diff --git a/src/libstrongswan/crypto/signers/signer.h b/src/libstrongswan/crypto/signers/signer.h index 0f3709712..4218e4146 100644 --- a/src/libstrongswan/crypto/signers/signer.h +++ b/src/libstrongswan/crypto/signers/signer.h @@ -74,6 +74,9 @@ extern enum_name_t *integrity_algorithm_names; struct signer_t { /** * @brief Generate a signature. + * + * If buffer is NULL, data is processed and prepended to a next call until + * buffer is a valid pointer. * * @param this calling object * @param data a chunk containing the data to sign @@ -83,6 +86,9 @@ struct signer_t { /** * @brief Generate a signature and allocate space for it. + * + * If chunk is NULL, data is processed and prepended to a next call until + * chunk is a valid chunk pointer. * * @param this calling object * @param data a chunk containing the data to sign diff --git a/src/libstrongswan/crypto/x509.c b/src/libstrongswan/crypto/x509.c index 5bf3f26d7..d9093fc62 100755 --- a/src/libstrongswan/crypto/x509.c +++ b/src/libstrongswan/crypto/x509.c @@ -23,6 +23,8 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. + * + * RCSID $Id: x509.c 3301 2007-10-12 21:56:30Z andreas $ */ #include @@ -114,7 +116,7 @@ struct private_x509_t { /** * Signature algorithm */ - int sigAlg; + int signatureAlgorithm; /** * ID representing the certificate issuer @@ -196,11 +198,6 @@ struct private_x509_t { */ bool isOcspSigner; - /** - * Signature algorithm (must be identical to sigAlg) - */ - int algorithm; - /** * Signature */ @@ -445,16 +442,15 @@ static bool parse_basicConstraints(chunk_t blob, int level0) return isCA; } -/* +/** * extracts an otherName */ -static bool -parse_otherName(chunk_t blob, int level0) +static bool parse_otherName(chunk_t blob, int level0) { asn1_ctx_t ctx; chunk_t object; - int objectID = 0; u_int level; + int objectID = 0; int oid = OID_UNKNOWN; asn1_init(&ctx, blob, level0, FALSE, FALSE); @@ -484,7 +480,7 @@ parse_otherName(chunk_t blob, int level0) return TRUE; } -/* +/** * extracts a generalName */ static identification_t *parse_generalName(chunk_t blob, int level0) @@ -544,10 +540,10 @@ static identification_t *parse_generalName(chunk_t blob, int level0) } -/** - * extracts one or several GNs and puts them into a chained list +/* + * Defined in header. */ -void parse_generalNames(chunk_t blob, int level0, bool implicit, linked_list_t *list) +void x509_parse_generalNames(chunk_t blob, int level0, bool implicit, linked_list_t *list) { asn1_ctx_t ctx; chunk_t object; @@ -589,10 +585,10 @@ static chunk_t parse_keyIdentifier(chunk_t blob, int level0, bool implicit) return object; } -/** - * extracts an authoritykeyIdentifier +/* + * Defined in header. */ -void parse_authorityKeyIdentifier(chunk_t blob, int level0 , chunk_t *authKeyID, chunk_t *authKeySerialNumber) +void x509_parse_authorityKeyIdentifier(chunk_t blob, int level0 , chunk_t *authKeyID, chunk_t *authKeySerialNumber) { asn1_ctx_t ctx; chunk_t object; @@ -639,8 +635,7 @@ static void parse_authorityInfoAccess(chunk_t blob, int level0, linked_list_t *l chunk_t object; u_int level; int objectID = 0; - - u_int accessMethod = OID_UNKNOWN; + int accessMethod = OID_UNKNOWN; asn1_init(&ctx, blob, level0, FALSE, FALSE); while (objectID < AUTH_INFO_ACCESS_ROOF) @@ -659,15 +654,26 @@ static void parse_authorityInfoAccess(chunk_t blob, int level0, linked_list_t *l switch (accessMethod) { case OID_OCSP: - if (*object.ptr == ASN1_CONTEXT_S_6) + case OID_CA_ISSUERS: { identification_t *accessLocation; - if (asn1_length(&object) == ASN1_INVALID_LENGTH) + accessLocation = parse_generalName(object, level+1); + if (accessLocation == NULL) + { + /* parsing went wrong - abort */ return; - DBG2(" '%.*s'",(int)object.len, object.ptr); - accessLocation = identification_create_from_encoding(ID_DER_ASN1_GN_URI, object); - list->insert_last(list, (void *)accessLocation); + } + DBG2(" '%D'", accessLocation); + if (accessMethod == OID_OCSP) + { + list->insert_last(list, (void *)accessLocation); + } + else + { + /* caIsssuer accessLocation is not used yet */ + accessLocation->destroy(accessLocation); + } } break; default: @@ -731,7 +737,7 @@ static void parse_crlDistributionPoints(chunk_t blob, int level0, linked_list_t if (objectID == CRL_DIST_POINTS_FULLNAME) { /* append extracted generalNames to existing chained list */ - parse_generalNames(object, level+1, TRUE, list); + x509_parse_generalNames(object, level+1, TRUE, list); } objectID++; @@ -748,8 +754,8 @@ static bool parse_certificate(chunk_t blob, u_int level0, private_x509_t *this) bool critical; chunk_t object; u_int level; - u_int extn_oid = OID_UNKNOWN; int objectID = 0; + int extn_oid = OID_UNKNOWN; asn1_init(&ctx, blob, level0, FALSE, FALSE); while (objectID < X509_OBJ_ROOF) @@ -778,7 +784,7 @@ static bool parse_certificate(chunk_t blob, u_int level0, private_x509_t *this) this->serialNumber = object; break; case X509_OBJ_SIG_ALG: - this->sigAlg = parse_algorithmIdentifier(object, level, NULL); + this->signatureAlgorithm = parse_algorithmIdentifier(object, level, NULL); break; case X509_OBJ_ISSUER: this->issuer = identification_create_from_encoding(ID_DER_ASN1_DN, object); @@ -797,7 +803,7 @@ static bool parse_certificate(chunk_t blob, u_int level0, private_x509_t *this) case X509_OBJ_SUBJECT_PUBLIC_KEY_ALGORITHM: if (parse_algorithmIdentifier(object, level, NULL) != OID_RSA_ENCRYPTION) { - DBG2(" unsupported public key algorithm"); + DBG1(" unsupported public key algorithm"); return FALSE; } break; @@ -809,7 +815,7 @@ static bool parse_certificate(chunk_t blob, u_int level0, private_x509_t *this) } else { - DBG2(" invalid RSA public key format"); + DBG1(" invalid RSA public key format"); return FALSE; } break; @@ -831,7 +837,7 @@ static bool parse_certificate(chunk_t blob, u_int level0, private_x509_t *this) this->subjectKeyID = chunk_clone(parse_keyIdentifier(object, level, FALSE)); break; case OID_SUBJECT_ALT_NAME: - parse_generalNames(object, level, FALSE, this->subjectAltNames); + x509_parse_generalNames(object, level, FALSE, this->subjectAltNames); break; case OID_BASIC_CONSTRAINTS: this->isCA = parse_basicConstraints(object, level); @@ -840,7 +846,8 @@ static bool parse_certificate(chunk_t blob, u_int level0, private_x509_t *this) parse_crlDistributionPoints(object, level, this->crlDistributionPoints); break; case OID_AUTHORITY_KEY_ID: - parse_authorityKeyIdentifier(object, level , &this->authKeyID, &this->authKeySerialNumber); + x509_parse_authorityKeyIdentifier(object, level, + &this->authKeyID, &this->authKeySerialNumber); break; case OID_AUTHORITY_INFO_ACCESS: parse_authorityInfoAccess(object, level, this->ocspAccessLocations); @@ -861,7 +868,15 @@ static bool parse_certificate(chunk_t blob, u_int level0, private_x509_t *this) break; } case X509_OBJ_ALGORITHM: - this->algorithm = parse_algorithmIdentifier(object, level, NULL); + { + int alg = parse_algorithmIdentifier(object, level, NULL); + + if (alg != this->signatureAlgorithm) + { + DBG1(" signature algorithms do not agree"); + return FALSE; + } + } break; case X509_OBJ_SIGNATURE: this->signature = object; @@ -1119,7 +1134,14 @@ static iterator_t *create_ocspuri_iterator(const private_x509_t *this) */ static bool verify(const private_x509_t *this, const rsa_public_key_t *signer) { - return signer->verify_emsa_pkcs1_signature(signer, this->tbsCertificate, this->signature) == SUCCESS; + hash_algorithm_t algorithm = hasher_algorithm_from_oid(this->signatureAlgorithm); + + if (algorithm == HASH_UNKNOWN) + { + DBG1(" unknown signature algorithm"); + return FALSE; + } + return signer->verify_emsa_pkcs1_signature(signer, algorithm, this->tbsCertificate, this->signature) == SUCCESS; } /** @@ -1221,6 +1243,101 @@ static void list(private_x509_t *this, FILE *out, bool utc) } } +/* + * Defined in header. + */ +chunk_t x509_build_generalNames(linked_list_t *list) +{ + linked_list_t *generalNames = linked_list_create(); + iterator_t *iterator = list->create_iterator(list, TRUE); + identification_t *name; + size_t len = 0; + + while (iterator->iterate(iterator, (void**)&name)) + { + asn1_t asn1_type = ASN1_EOC; + chunk_t *generalName = malloc_thing(chunk_t); + + switch (name->get_type(name)) + { + case ID_RFC822_ADDR: + asn1_type = ASN1_CONTEXT_S_1; + break; + case ID_FQDN: + asn1_type = ASN1_CONTEXT_S_2; + break; + case ID_DER_ASN1_DN: + asn1_type = ASN1_CONTEXT_C_4; + break; + case ID_DER_ASN1_GN_URI: + asn1_type = ASN1_CONTEXT_S_6; + break; + case ID_IPV4_ADDR: + asn1_type = ASN1_CONTEXT_S_7; + break; + default: + continue; + } + + *generalName = asn1_simple_object(asn1_type, name->get_encoding(name)); + len += generalName->len; + generalNames->insert_last(generalNames, generalName); + } + iterator->destroy(iterator); + + if (len > 0) + { + iterator_t *iterator = generalNames->create_iterator(generalNames, TRUE); + chunk_t names, *generalName; + u_char *pos = build_asn1_object(&names, ASN1_SEQUENCE, len); + + while (iterator->iterate(iterator, (void**)&generalName)) + { + memcpy(pos, generalName->ptr, generalName->len); + pos += generalName->len; + free(generalName->ptr); + free(generalName); + } + iterator->destroy(iterator); + generalNames->destroy(generalNames); + + return asn1_wrap(ASN1_OCTET_STRING, "m", names); + } + else + { + return chunk_empty; + } +} + +/* + * Defined in header. + */ +chunk_t x509_build_subjectAltNames(linked_list_t *list) +{ + chunk_t generalNames = x509_build_generalNames(list); + + if (generalNames.len) + { + return asn1_wrap(ASN1_SEQUENCE, "cm", + ASN1_subjectAltName_oid, + asn1_wrap(ASN1_OCTET_STRING, "m", generalNames) + ); + } + else + { + return chunk_empty; + } +} + +/** + * Implementation of x509_t.build_encoding. + */ +static void build_encoding(private_x509_t *this, hash_algorithm_t alg, + rsa_private_key_t *private_key) +{ + +} + /** * Implements x509_t.destroy */ @@ -1240,10 +1357,10 @@ static void destroy(private_x509_t *this) free(this); } -/* - * Described in header. +/** + * Internal generic constructor */ -x509_t *x509_create_from_chunk(chunk_t chunk, u_int level) +static private_x509_t *x509_create_empty(void) { private_x509_t *this = malloc_thing(private_x509_t); @@ -1290,9 +1407,34 @@ x509_t *x509_create_from_chunk(chunk_t chunk, u_int level) this->public.create_crluri_iterator = (iterator_t* (*) (const x509_t*))create_crluri_iterator; this->public.create_ocspuri_iterator = (iterator_t* (*) (const x509_t*))create_ocspuri_iterator; this->public.verify = (bool (*) (const x509_t*,const rsa_public_key_t*))verify; - this->public.list = (void(*)(x509_t*, FILE *out, bool utc))list; + this->public.list = (void (*) (x509_t*, FILE *out, bool utc))list; + this->public.build_encoding = (void (*) (x509_t*,hash_algorithm_t,rsa_private_key_t*))build_encoding; this->public.destroy = (void (*) (x509_t*))destroy; + return this; +} + +/* + * Described in header. + */ +x509_t *x509_create_(chunk_t serialNumber, identification_t *issuer, identification_t *subject) +{ + private_x509_t *this = x509_create_empty(); + + this->serialNumber = serialNumber; + this->issuer = issuer->clone(issuer); + this->subject = subject->clone(subject); + + return &this->public; +} + +/* + * Described in header. + */ +x509_t *x509_create_from_chunk(chunk_t chunk, u_int level) +{ + private_x509_t *this = x509_create_empty(); + if (!parse_certificate(chunk, level, this)) { destroy(this); @@ -1314,8 +1456,15 @@ x509_t *x509_create_from_chunk(chunk_t chunk, u_int level) this->isSelfSigned = FALSE; if (this->subject->equals(this->subject, this->issuer)) { + hash_algorithm_t algorithm = hasher_algorithm_from_oid(this->signatureAlgorithm); + + if (algorithm == HASH_UNKNOWN) + { + destroy(this); + return NULL; + } this->isSelfSigned = this->public_key->verify_emsa_pkcs1_signature(this->public_key, - this->tbsCertificate, this->signature) == SUCCESS; + algorithm, this->tbsCertificate, this->signature) == SUCCESS; } if (this->isSelfSigned) { diff --git a/src/libstrongswan/crypto/x509.h b/src/libstrongswan/crypto/x509.h index c6fe148d4..1ab267dac 100755 --- a/src/libstrongswan/crypto/x509.h +++ b/src/libstrongswan/crypto/x509.h @@ -23,6 +23,8 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. + * + * RCSID $Id: x509.h 3301 2007-10-12 21:56:30Z andreas $ */ #ifndef X509_H_ @@ -31,7 +33,8 @@ typedef struct x509_t x509_t; #include -#include +#include +#include #include #include #include @@ -49,6 +52,7 @@ typedef struct x509_t x509_t; * @brief X.509 certificate. * * @b Constructors: + * - x509_create() * - x509_create_from_chunk() * - x509_create_from_file() * @@ -288,8 +292,25 @@ struct x509_t { * @param out stream to write to * @param utc TRUE for UTC times, FALSE for local time */ - void (*list)(x509_t *this, FILE *out, bool utc); + void (*list) (x509_t *this, FILE *out, bool utc); + /** + * @brief Adds a list of subjectAltNames + * + * @param this calling object + * @param subjectAltNames list of subjectAltNames to be added + */ + void (*add_subjectAltNames) (x509_t *this, linked_list_t *subjectAltNames); + + /** + * @brief Builds a DER-encoded signed X.509 certificate + * + * @param this calling object + * @param alg hash algorithm used to compute the certificate digest + * @param private_key RSA private key used to sign the certificate digest + */ + void (*build_encoding) (x509_t *this, hash_algorithm_t alg, rsa_private_key_t *private_key); + /** * @brief Destroys the certificate. * @@ -299,17 +320,34 @@ struct x509_t { }; /** - * @brief Read a x509 certificate from a DER encoded blob. - * + * @brief Create a X.509 certificate from its components + * + * @param serialNumber chunk containing the serialNumber + * @param issuer issuer distinguished name + * @param notBefore start date of validity + * @param notAfter end date of validity + * @param subject subject distinguished name + * + * @return created x509_t certificate, or NULL if invalid. + * + * @ingroup crypto + */ +x509_t *x509_create(chunk_t serialNumber, identification_t *issuer, + time_t notBefore, time_t notAfter, + identification_t *subject); + +/** + * @brief Read a X.509 certificate from a DER encoded blob. + * * @param chunk chunk containing DER encoded data - * @return created x509_t certificate, or NULL if invlid. + * @return created x509_t certificate, or NULL if invalid. * * @ingroup crypto */ x509_t *x509_create_from_chunk(chunk_t chunk, u_int level); /** - * @brief Read a x509 certificate from a DER encoded file. + * @brief Read a X.509 certificate from a DER encoded file. * * @param filename file containing DER encoded data * @param label label describing kind of certificate @@ -329,7 +367,7 @@ x509_t *x509_create_from_file(const char *filename, const char *label); * * @ingroup crypto */ -void parse_authorityKeyIdentifier(chunk_t blob, int level0, chunk_t *authKeyID, chunk_t *authKeySerialNumber); +void x509_parse_authorityKeyIdentifier(chunk_t blob, int level0, chunk_t *authKeyID, chunk_t *authKeySerialNumber); /** * @brief Parses DER encoded generalNames @@ -337,10 +375,30 @@ void parse_authorityKeyIdentifier(chunk_t blob, int level0, chunk_t *authKeyID, * @param blob blob containing DER encoded data * @param level0 indicates the current parsing level * @param implicit implicit coding is used - * @param list linked list of decoded generalNames + * @param list list of decoded generalNames + * + * @ingroup crypto + */ +void x509_parse_generalNames(chunk_t blob, int level0, bool implicit, linked_list_t *list); + +/** + * @brief Builds a DER encoded list of generalNames + * + * @param list list of generalNames to be encoded + * @return DER encoded list of generalNames + * + * @ingroup crypto + */ +chunk_t x509_build_generalNames(linked_list_t *list); + +/** + * @brief Builds a DER encoded list of subjectAltNames + * + * @param list list of subjectAltNames to be encoded + * @return DER encoded list of subjectAltNames * * @ingroup crypto */ -void parse_generalNames(chunk_t blob, int level0, bool implicit, linked_list_t *list); +chunk_t x509_build_subjectAltNames(linked_list_t *list); #endif /* X509_H_ */ diff --git a/src/libstrongswan/debug.c b/src/libstrongswan/debug.c index 996cae502..a71e978b8 100644 --- a/src/libstrongswan/debug.c +++ b/src/libstrongswan/debug.c @@ -28,7 +28,7 @@ /** * default dbg function which printf all to stderr */ -static void dbg_stderr(int level, char *fmt, ...) +void dbg_default(int level, char *fmt, ...) { va_list args; @@ -38,4 +38,4 @@ static void dbg_stderr(int level, char *fmt, ...) va_end(args); } -void (*dbg) (int level, char *fmt, ...) = dbg_stderr; +void (*dbg) (int level, char *fmt, ...) = dbg_default; diff --git a/src/libstrongswan/debug.h b/src/libstrongswan/debug.h index c424a1c11..71f2c7dfd 100644 --- a/src/libstrongswan/debug.h +++ b/src/libstrongswan/debug.h @@ -57,4 +57,7 @@ /** dbg function hook, uses stderr logger by default */ extern void (*dbg) (int level, char *fmt, ...); +/** default logging function, prints to stderr */ +void dbg_default(int level, char *fmt, ...); + #endif /* DEBUG_H_ */ diff --git a/src/libstrongswan/fips/fips.c b/src/libstrongswan/fips/fips.c new file mode 100644 index 000000000..aba292d81 --- /dev/null +++ b/src/libstrongswan/fips/fips.c @@ -0,0 +1,103 @@ +/** + * @file fips.c + * + * @brief Implementation of the libstrongswan integrity test. + * + */ + +/* + * Copyright (C) 2007 Bruno Krieg, Daniel Wydler + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include + +#include +#include +#include "fips.h" + +extern const u_char FIPS_rodata_start[]; +extern const u_char FIPS_rodata_end[]; +extern const void *FIPS_text_start(); +extern const void *FIPS_text_end(); + +/** + * Described in header + */ +bool fips_compute_hmac_signature(const char *key, char *signature) +{ + u_char *text_start = (u_char *)FIPS_text_start(); + u_char *text_end = (u_char *)FIPS_text_end(); + size_t text_len, rodata_len; + signer_t *signer; + + if (text_start > text_end) + { + DBG1(" TEXT start (%p) > TEXT end (%p", + text_start, text_end); + return FALSE; + } + text_len = text_end - text_start; + DBG1(" TEXT: %p + %6d = %p", + text_start, (int)text_len, text_end); + + if (FIPS_rodata_start > FIPS_rodata_end) + { + DBG1(" RODATA start (%p) > RODATA end (%p", + FIPS_rodata_start, FIPS_rodata_end); + return FALSE; + } + rodata_len = FIPS_rodata_end - FIPS_rodata_start; + DBG1(" RODATA: %p + %6d = %p", + FIPS_rodata_start, (int)rodata_len, FIPS_rodata_end); + + signer = (signer_t *)hmac_signer_create(HASH_SHA1, HASH_SIZE_SHA1); + if (signer == NULL) + { + DBG1(" SHA-1 HMAC signer could not be created"); + return FALSE; + } + else + { + chunk_t hmac_key = { key, strlen(key) }; + chunk_t text_chunk = { text_start, text_len }; + chunk_t rodata_chunk = { (u_char *)FIPS_rodata_start, rodata_len }; + chunk_t signature_chunk = chunk_empty; + + signer->set_key(signer, hmac_key); + signer->allocate_signature(signer, text_chunk, NULL); + signer->allocate_signature(signer, rodata_chunk, &signature_chunk); + signer->destroy(signer); + + sprintf(signature, "%#B", &signature_chunk); + DBG1(" SHA-1 HMAC key: %s", key); + DBG1(" SHA-1 HMAC sig: %s", signature); + free(signature_chunk.ptr); + return TRUE; + } +} + +/** + * Described in header + */ +bool fips_verify_hmac_signature(const char *key, + const char *signature) +{ + char current_signature[BUF_LEN]; + + if (!fips_compute_hmac_signature(key, current_signature)) + { + return FALSE; + } + return streq(signature, current_signature); +} diff --git a/src/libstrongswan/fips/fips.h b/src/libstrongswan/fips/fips.h new file mode 100644 index 000000000..decf73bfd --- /dev/null +++ b/src/libstrongswan/fips/fips.h @@ -0,0 +1,47 @@ +/** + * @file fips.h + * + * @brief Interface of the libstrongswan integrity test + * + * @ingroup fips + */ + +/* + * Copyright (C) 2007 Bruno Krieg, Daniel Wydler + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#ifndef FIPS_H_ +#define FIPS_H_ + +#include + +/** + * @brief compute HMAC signature over RODATA and TEXT sections of libstrongswan + * + * @param key key used for HMAC signature in ASCII string format + * @param signature HMAC signature in HEX string format + * @return TRUE if HMAC signature computation was successful + */ +bool fips_compute_hmac_signature(const char *key, char *signature); + +/** + * @brief verify HMAC signature over RODATA and TEXT sections of libstrongswan + * + * @param key key used for HMAC signature in ASCII string format + * @param signature signature value from fips_signature.h in HEX string format + * @return TRUE if signatures agree + */ +bool fips_verify_hmac_signature(const char *key, const char *signature); + +#endif /*FIPS_H_*/ diff --git a/src/libstrongswan/fips/fips_canister_end.c b/src/libstrongswan/fips/fips_canister_end.c new file mode 100644 index 000000000..46d41a664 --- /dev/null +++ b/src/libstrongswan/fips/fips_canister_end.c @@ -0,0 +1,173 @@ +/** + * @file fips_canister_end.c + * + * @brief Marks the end of TEXT and RODATA. + * + */ + +/* ==================================================================== + * Copyright (c) 2005 The OpenSSL Project. Rights for redistribution + * and usage in source and binary forms are granted according to the + * OpenSSL license. + */ + +#include +#if defined(__DECC) +# include +# pragma __nostandard +#endif + +#if !defined(POINTER_TO_FUNCTION_IS_POINTER_TO_1ST_INSTRUCTION) +# if (defined(__sun) && (defined(__sparc) || defined(__sparcv9))) || \ + (defined(__sgi) && (defined(__mips) || defined(mips))) || \ + (defined(__osf__) && defined(__alpha)) || \ + (defined(__linux) && (defined(__arm) || defined(__arm__))) || \ + (defined(__i386) || defined(__i386__)) || \ + (defined(__x86_64) || defined(__x86_64__)) || \ + (defined(vax) || defined(__vax__)) +# define POINTER_TO_FUNCTION_IS_POINTER_TO_1ST_INSTRUCTION +# endif +#endif + +#define FIPS_ref_point FIPS_text_end +/* Some compilers put string literals into a separate segment. As we + * are mostly interested to hash AES tables in .rodata, we declare + * reference points accordingly. In case you wonder, the values are + * big-endian encoded variable names, just to prevent these arrays + * from being merged by linker. */ +const unsigned int FIPS_rodata_end[]= + { 0x46495053, 0x5f726f64, 0x6174615f, 0x656e645b }; + + +/* + * I declare reference function as static in order to avoid certain + * pitfalls in -dynamic linker behaviour... + */ +static void *instruction_pointer(void) +{ + void *ret = NULL; + +/* These are ABI-neutral CPU-specific snippets. ABI-neutrality means + * that they are designed to work under any OS running on particular + * CPU, which is why you don't find any #ifdef THIS_OR_THAT_OS in + * this function. */ +#if defined(INSTRUCTION_POINTER_IMPLEMENTED) + INSTRUCTION_POINTER_IMPLEMENTED(ret); +#elif defined(__GNUC__) && __GNUC__>=2 +# if defined(__alpha) || defined(__alpha__) +# define INSTRUCTION_POINTER_IMPLEMENTED + __asm __volatile ( "br %0,1f\n1:" : "=r"(ret) ); +# elif defined(__i386) || defined(__i386__) +# define INSTRUCTION_POINTER_IMPLEMENTED + __asm __volatile ( "call 1f\n1: popl %0" : "=r"(ret) ); + ret = (void *)((size_t)ret&~3UL); /* align for better performance */ +# elif defined(__ia64) || defined(__ia64__) +# define INSTRUCTION_POINTER_IMPLEMENTED + __asm __volatile ( "mov %0=ip" : "=r"(ret) ); +# elif defined(__hppa) || defined(__hppa__) || defined(__pa_risc) +# define INSTRUCTION_POINTER_IMPLEMENTED + __asm __volatile ( "blr %%r0,%0\n\tnop" : "=r"(ret) ); + ret = (void *)((size_t)ret&~3UL); /* mask privilege level */ +# elif defined(__mips) || defined(__mips__) +# define INSTRUCTION_POINTER_IMPLEMENTED + void *scratch; + __asm __volatile ( "move %1,$31\n\t" /* save ra */ + "bal .+8; nop\n\t" + "move %0,$31\n\t" + "move $31,%1" /* restore ra */ + : "=r"(ret),"=r"(scratch) ); +# elif defined(__ppc__) || defined(__powerpc) || defined(__powerpc__) || \ + defined(__POWERPC__) || defined(_POWER) || defined(__PPC__) || \ + defined(__PPC64__) || defined(__powerpc64__) +# define INSTRUCTION_POINTER_IMPLEMENTED + void *scratch; + __asm __volatile ( "mfspr %1,8\n\t" /* save lr */ + "bl .+4\n\t" + "mfspr %0,8\n\t" /* mflr ret */ + "mtspr 8,%1" /* restore lr */ + : "=r"(ret),"=r"(scratch) ); +# elif defined(__sparc) || defined(__sparc__) || defined(__sparcv9) +# define INSTRUCTION_POINTER_IMPLEMENTED + void *scratch; + __asm __volatile ( "mov %%o7,%1\n\t" + "call .+8; nop\n\t" + "mov %%o7,%0\n\t" + "mov %1,%%o7" + : "=r"(ret),"=r"(scratch) ); +# elif defined(__x86_64) || defined(__x86_64__) +# define INSTRUCTION_POINTER_IMPLEMENTED + __asm __volatile ( "leaq 0(%%rip),%0" : "=r"(ret) ); + ret = (void *)((size_t)ret&~3UL); /* align for better performance */ +# endif +#elif defined(__DECC) && defined(__alpha) +# define INSTRUCTION_POINTER_IMPLEMENTED + ret = (void *)(size_t)asm("br %v0,1f\n1:"); +#elif defined(_MSC_VER) && defined(_M_IX86) +# undef INSTRUCTION_POINTER_IMPLEMENTED + void *scratch; + _asm { + call self + self: pop eax + mov scratch,eax + } + ret = (void *)((size_t)scratch&~3UL); +#endif + return ret; +} + +/* + * This function returns pointer to an instruction in the vicinity of + * its entry point, but not outside this object module. This guarantees + * that sequestered code is covered... + */ +void *FIPS_ref_point() +{ +#if defined(INSTRUCTION_POINTER_IMPLEMENTED) + return instruction_pointer(); +/* Below we essentially cover vendor compilers which do not support + * inline assembler... */ +#elif defined(_AIX) + struct { void *ip,*gp,*env; } *p = (void *)instruction_pointer; + return p->ip; +#elif defined(_HPUX_SOURCE) +# if defined(__hppa) || defined(__hppa__) + struct { void *i[4]; } *p = (void *)FIPS_ref_point; + + if (sizeof(p) == 8) /* 64-bit */ + return p->i[2]; + else if ((size_t)p & 2) + { p = (void *)((size_t)p&~3UL); + return p->i[0]; + } + else + return (void *)p; +# elif defined(__ia64) || defined(__ia64__) + struct { unsigned long long ip,gp; } *p=(void *)instruction_pointer; + return (void *)(size_t)p->ip; +# endif +#elif (defined(__VMS) || defined(VMS)) && !(defined(vax) || defined(__vax__)) + /* applies to both alpha and ia64 */ + struct { unsigned __int64 opaque,ip; } *p=(void *)instruction_pointer; + return (void *)(size_t)p->ip; +#elif defined(__VOS__) + /* applies to both pa-risc and ia32 */ + struct { void *dp,*ip,*gp; } *p = (void *)instruction_pointer; + return p->ip; +#elif defined(_WIN32) +# if defined(_WIN64) && defined(_M_IA64) + struct { void *ip,*gp; } *p = (void *)FIPS_ref_point; + return p->ip; +# else + return (void *)FIPS_ref_point; +# endif +/* + * In case you wonder why there is no #ifdef __linux. All Linux targets + * are GCC-based and therefore are covered by instruction_pointer above + * [well, some are covered by by the one below]... + */ +#elif defined(POINTER_TO_FUNCTION_IS_POINTER_TO_1ST_INSTRUCTION) + return (void *)instruction_pointer; +#else + return NULL; +#endif +} diff --git a/src/libstrongswan/fips/fips_canister_start.c b/src/libstrongswan/fips/fips_canister_start.c new file mode 100644 index 000000000..eaf2571f8 --- /dev/null +++ b/src/libstrongswan/fips/fips_canister_start.c @@ -0,0 +1,174 @@ +/** + * @file fips_canister_start.c + * + * @brief Marks the start of TEXT and RODATA. + * + */ + +/* ==================================================================== + * Copyright (c) 2005 The OpenSSL Project. Rights for redistribution + * and usage in source and binary forms are granted according to the + * OpenSSL license. + */ + +#include +#if defined(__DECC) +# include +# pragma __nostandard +#endif + +#if !defined(POINTER_TO_FUNCTION_IS_POINTER_TO_1ST_INSTRUCTION) +# if (defined(__sun) && (defined(__sparc) || defined(__sparcv9))) || \ + (defined(__sgi) && (defined(__mips) || defined(mips))) || \ + (defined(__osf__) && defined(__alpha)) || \ + (defined(__linux) && (defined(__arm) || defined(__arm__))) || \ + (defined(__i386) || defined(__i386__)) || \ + (defined(__x86_64) || defined(__x86_64__)) || \ + (defined(vax) || defined(__vax__)) +# define POINTER_TO_FUNCTION_IS_POINTER_TO_1ST_INSTRUCTION +# endif +#endif + + +#define FIPS_ref_point FIPS_text_start +/* Some compilers put string literals into a separate segment. As we + * are mostly interested to hash AES tables in .rodata, we declare + * reference points accordingly. In case you wonder, the values are + * big-endian encoded variable names, just to prevent these arrays + * from being merged by linker. */ +const unsigned int FIPS_rodata_start[]= + { 0x46495053, 0x5f726f64, 0x6174615f, 0x73746172 }; + + +/* + * I declare reference function as static in order to avoid certain + * pitfalls in -dynamic linker behaviour... + */ +static void *instruction_pointer(void) +{ + void *ret = NULL; + +/* These are ABI-neutral CPU-specific snippets. ABI-neutrality means + * that they are designed to work under any OS running on particular + * CPU, which is why you don't find any #ifdef THIS_OR_THAT_OS in + * this function. */ +#if defined(INSTRUCTION_POINTER_IMPLEMENTED) + INSTRUCTION_POINTER_IMPLEMENTED(ret); +#elif defined(__GNUC__) && __GNUC__>=2 +# if defined(__alpha) || defined(__alpha__) +# define INSTRUCTION_POINTER_IMPLEMENTED + __asm __volatile ( "br %0,1f\n1:" : "=r"(ret) ); +# elif defined(__i386) || defined(__i386__) +# define INSTRUCTION_POINTER_IMPLEMENTED + __asm __volatile ( "call 1f\n1: popl %0" : "=r"(ret) ); + ret = (void *)((size_t)ret&~3UL); /* align for better performance */ +# elif defined(__ia64) || defined(__ia64__) +# define INSTRUCTION_POINTER_IMPLEMENTED + __asm __volatile ( "mov %0=ip" : "=r"(ret) ); +# elif defined(__hppa) || defined(__hppa__) || defined(__pa_risc) +# define INSTRUCTION_POINTER_IMPLEMENTED + __asm __volatile ( "blr %%r0,%0\n\tnop" : "=r"(ret) ); + ret = (void *)((size_t)ret&~3UL); /* mask privilege level */ +# elif defined(__mips) || defined(__mips__) +# define INSTRUCTION_POINTER_IMPLEMENTED + void *scratch; + __asm __volatile ( "move %1,$31\n\t" /* save ra */ + "bal .+8; nop\n\t" + "move %0,$31\n\t" + "move $31,%1" /* restore ra */ + : "=r"(ret),"=r"(scratch) ); +# elif defined(__ppc__) || defined(__powerpc) || defined(__powerpc__) || \ + defined(__POWERPC__) || defined(_POWER) || defined(__PPC__) || \ + defined(__PPC64__) || defined(__powerpc64__) +# define INSTRUCTION_POINTER_IMPLEMENTED + void *scratch; + __asm __volatile ( "mfspr %1,8\n\t" /* save lr */ + "bl .+4\n\t" + "mfspr %0,8\n\t" /* mflr ret */ + "mtspr 8,%1" /* restore lr */ + : "=r"(ret),"=r"(scratch) ); +# elif defined(__sparc) || defined(__sparc__) || defined(__sparcv9) +# define INSTRUCTION_POINTER_IMPLEMENTED + void *scratch; + __asm __volatile ( "mov %%o7,%1\n\t" + "call .+8; nop\n\t" + "mov %%o7,%0\n\t" + "mov %1,%%o7" + : "=r"(ret),"=r"(scratch) ); +# elif defined(__x86_64) || defined(__x86_64__) +# define INSTRUCTION_POINTER_IMPLEMENTED + __asm __volatile ( "leaq 0(%%rip),%0" : "=r"(ret) ); + ret = (void *)((size_t)ret&~3UL); /* align for better performance */ +# endif +#elif defined(__DECC) && defined(__alpha) +# define INSTRUCTION_POINTER_IMPLEMENTED + ret = (void *)(size_t)asm("br %v0,1f\n1:"); +#elif defined(_MSC_VER) && defined(_M_IX86) +# undef INSTRUCTION_POINTER_IMPLEMENTED + void *scratch; + _asm { + call self + self: pop eax + mov scratch,eax + } + ret = (void *)((size_t)scratch&~3UL); +#endif + return ret; +} + +/* + * This function returns pointer to an instruction in the vicinity of + * its entry point, but not outside this object module. This guarantees + * that sequestered code is covered... + */ +void *FIPS_ref_point() +{ +#if defined(INSTRUCTION_POINTER_IMPLEMENTED) + return instruction_pointer(); +/* Below we essentially cover vendor compilers which do not support + * inline assembler... */ +#elif defined(_AIX) + struct { void *ip,*gp,*env; } *p = (void *)instruction_pointer; + return p->ip; +#elif defined(_HPUX_SOURCE) +# if defined(__hppa) || defined(__hppa__) + struct { void *i[4]; } *p = (void *)FIPS_ref_point; + + if (sizeof(p) == 8) /* 64-bit */ + return p->i[2]; + else if ((size_t)p & 2) + { p = (void *)((size_t)p&~3UL); + return p->i[0]; + } + else + return (void *)p; +# elif defined(__ia64) || defined(__ia64__) + struct { unsigned long long ip,gp; } *p=(void *)instruction_pointer; + return (void *)(size_t)p->ip; +# endif +#elif (defined(__VMS) || defined(VMS)) && !(defined(vax) || defined(__vax__)) + /* applies to both alpha and ia64 */ + struct { unsigned __int64 opaque,ip; } *p=(void *)instruction_pointer; + return (void *)(size_t)p->ip; +#elif defined(__VOS__) + /* applies to both pa-risc and ia32 */ + struct { void *dp,*ip,*gp; } *p = (void *)instruction_pointer; + return p->ip; +#elif defined(_WIN32) +# if defined(_WIN64) && defined(_M_IA64) + struct { void *ip,*gp; } *p = (void *)FIPS_ref_point; + return p->ip; +# else + return (void *)FIPS_ref_point; +# endif +/* + * In case you wonder why there is no #ifdef __linux. All Linux targets + * are GCC-based and therefore are covered by instruction_pointer above + * [well, some are covered by by the one below]... + */ +#elif defined(POINTER_TO_FUNCTION_IS_POINTER_TO_1ST_INSTRUCTION) + return (void *)instruction_pointer; +#else + return NULL; +#endif +} diff --git a/src/libstrongswan/fips/fips_signer.c b/src/libstrongswan/fips/fips_signer.c new file mode 100644 index 000000000..7fb61d5b7 --- /dev/null +++ b/src/libstrongswan/fips/fips_signer.c @@ -0,0 +1,63 @@ +/** + * @file fips_signer.c + * + * @brief Computes a HMAC signature and stores it in fips_signature.h. + * + */ + +/* + * Copyright (C) 2007 Bruno Krieg, Daniel Wydler + * Hochschule fuer Technik Rapperswil, Switzerland + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include + +#include +#include "fips.h" + +int main(int argc, char* argv[]) +{ + FILE *f; + char *hmac_key = "strongSwan Version " VERSION; + char hmac_signature[BUF_LEN]; + + if (!fips_compute_hmac_signature(hmac_key, hmac_signature)) + { + exit(1); + } + + /** + * write computed HMAC signature to fips_signature.h + */ + f = fopen("fips_signature.h", "wt"); + + if (f == NULL) + { + exit(1); + } + fprintf(f, "/* SHA-1 HMAC signature computed over TEXT and RODATA of libstrongswan\n"); + fprintf(f, " *\n"); + fprintf(f, " * This file has been automatically generated by fips_signer\n"); + fprintf(f, " * Do not edit manually!\n"); + fprintf(f, " */\n"); + fprintf(f, "\n"); + fprintf(f, "#ifndef FIPS_SIGNATURE_H_\n"); + fprintf(f, "#define FIPS_SIGNATURE_H_\n"); + fprintf(f, "\n"); + fprintf(f, "const char *hmac_key = \"%s\";\n", hmac_key); + fprintf(f, "const char *hmac_signature = \"%s\";\n", hmac_signature); + fprintf(f, "\n"); + fprintf(f, "#endif /* FIPS_SIGNATURE_H_ */\n"); + fclose(f); + exit(0); +} diff --git a/src/libstrongswan/library.h b/src/libstrongswan/library.h index 67a05f118..51b72bfce 100644 --- a/src/libstrongswan/library.h +++ b/src/libstrongswan/library.h @@ -18,6 +18,8 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. + * + * RCSID $Id: library.h 3255 2007-10-07 13:35:42Z andreas $ */ #ifndef LIBRARY_H_ @@ -26,13 +28,14 @@ /** * @defgroup libstrongswan libstrongswan * - * libstrongswan: library with various crypto related things. + * libstrongswan: library with various cryptographic, X.509 trust chain and + * identity management functions. */ /** * @defgroup asn1 asn1 * - * ASN1 definitions, parser and generator functions. + * ASN.1 definitions, parser and generator functions. * * @ingroup libstrongswan */ @@ -40,7 +43,7 @@ /** * @defgroup crypto crypto * - * Crypto algorithms of different kind. + * Various cryptographic algorithms. * * @ingroup libstrongswan */ @@ -88,6 +91,14 @@ * @ingroup crypto */ +/** + * @defgroup fips fips + * + * Code integrity check of libstrongswan + * + * @ingroup libstrongswan + */ + /** * @defgroup utils utils * @@ -119,6 +130,11 @@ */ #define streq(x,y) (strcmp(x, y) == 0) +/** + * Macro compares two strings for equality + */ +#define strneq(x,y,len) (strncmp(x, y, len) == 0) + /** * Macro compares two binary blobs for equality */ @@ -135,10 +151,20 @@ #define min(x,y) ((x) < (y) ? (x):(y)) /** - * Call destructor of a object if object != NULL + * Call destructor of an object, if object != NULL */ #define DESTROY_IF(obj) if (obj) obj->destroy(obj) +/** + * Call offset destructor of an object, if object != NULL + */ +#define DESTROY_OFFSET_IF(obj, offset) if (obj) obj->destroy_offset(obj, offset); + +/** + * Call function destructor of an object, if object != NULL + */ +#define DESTROY_FUNCTION_IF(obj, fn) if (obj) obj->destroy_function(obj, fn); + /** * Debug macro to follow control flow */ diff --git a/src/libstrongswan/utils/enumerator.c b/src/libstrongswan/utils/enumerator.c new file mode 100644 index 000000000..842a2e997 --- /dev/null +++ b/src/libstrongswan/utils/enumerator.c @@ -0,0 +1,44 @@ +/** + * @file enumerator.c + * + * @brief Implementation of enumerator_t. + * + */ + +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "enumerator.h" + + +/** + * Implementation of enumerator_create_empty().enumerate + */ +static bool enumerate_empty(enumerator_t *enumerator, ...) +{ + return FALSE; +} + +/** + * See header + */ +enumerator_t* enumerator_create_empty() +{ + enumerator_t *this = malloc_thing(enumerator_t); + this->enumerate = enumerate_empty; + this->destroy = (void*)free; + return this; +} + diff --git a/src/libstrongswan/utils/enumerator.h b/src/libstrongswan/utils/enumerator.h new file mode 100644 index 000000000..df1d78206 --- /dev/null +++ b/src/libstrongswan/utils/enumerator.h @@ -0,0 +1,57 @@ +/** + * @file enumerator.h + * + * @brief Interface of enumerator_t. + * + */ + +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#ifndef ENUMERATOR_H_ +#define ENUMERATOR_H_ + +#include + +typedef struct enumerator_t enumerator_t; + +/** + * @brief Enumerate is simpler, but more flexible than iterator. + */ +struct enumerator_t { + + /** + * @brief Enumerate collection. + * + * The enumerate function takes a variable argument list containing + * pointers where the enumerated values get written. + * + * @param ... variable list of enumerated items, implementation dependant + * @return TRUE if pointers returned + */ + bool (*enumerate)(enumerator_t *this, ...); + + /** + * @brief Destroy a enumerator instance. + */ + void (*destroy)(enumerator_t *this); +}; + +/** + * @brief Create an enumerator which enumerates over nothing + */ +enumerator_t* enumerator_create_empty(); + +#endif /* ENUMERATOR_H_ */ diff --git a/src/libstrongswan/utils/identification.c b/src/libstrongswan/utils/identification.c index ba0a76893..18f6d6824 100644 --- a/src/libstrongswan/utils/identification.c +++ b/src/libstrongswan/utils/identification.c @@ -19,6 +19,8 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. + * + * RCSID $Id: identification.c 3256 2007-10-07 13:42:43Z andreas $ */ #define _GNU_SOURCE @@ -198,19 +200,6 @@ static void update_chunk(chunk_t *ch, int n) ch->ptr += n; ch->len -= n; } -/** - * Prints a binary string in hexadecimal form - */ -void hex_str(chunk_t bin, chunk_t *str) -{ - u_int i; - update_chunk(str, snprintf(str->ptr,str->len,"0x")); - for (i = 0; i < bin.len; i++) - { - update_chunk(str, snprintf(str->ptr,str->len,"%02X",*bin.ptr++)); - } -} - /** * Remove any malicious characters from a chunk. We are very restrictive, but * whe use these strings only to present it to the user. @@ -402,9 +391,9 @@ static status_t dntoa(chunk_t dn, chunk_t *str) /* print OID */ oid_code = known_oid(oid); - if (oid_code == OID_UNKNOWN) - { /* OID not found in list */ - hex_str(oid, str); + if (oid_code == OID_UNKNOWN) + { + update_chunk(str, snprintf(str->ptr,str->len,"0x#B", &oid)); } else { @@ -467,12 +456,16 @@ static bool same_dn(chunk_t a, chunk_t b) || (type_a == ASN1_IA5STRING && known_oid(oid_a) == OID_PKCS9_EMAIL))) { if (strncasecmp(value_a.ptr, value_b.ptr, value_b.len) != 0) + { return FALSE; + } } else { - if (strncmp(value_a.ptr, value_b.ptr, value_b.len) != 0) - return FALSE; + if (!strneq(value_a.ptr, value_b.ptr, value_b.len)) + { + return FALSE; + } } } /* both DNs must have same number of RDNs */ @@ -540,12 +533,16 @@ bool match_dn(chunk_t a, chunk_t b, int *wildcards) || (type_a == ASN1_IA5STRING && known_oid(oid_a) == OID_PKCS9_EMAIL))) { if (strncasecmp(value_a.ptr, value_b.ptr, value_b.len) != 0) + { return FALSE; + } } else { - if (strncmp(value_a.ptr, value_b.ptr, value_b.len) != 0) + if (!strneq(value_a.ptr, value_b.ptr, value_b.len)) + { return FALSE; + } } } /* both DNs must have same number of RDNs */ @@ -931,7 +928,7 @@ static int print(FILE *stream, const struct printf_info *info, case ID_FQDN: { proper = sanitize_chunk(this->encoded); - written = fprintf(stream, "@%.*s", proper.len, proper.ptr); + written = fprintf(stream, "%.*s", proper.len, proper.ptr); chunk_free(&proper); return written; } @@ -1071,8 +1068,15 @@ identification_t *identification_create_from_string(char *string) if (inet_pton(AF_INET, string, &address) <= 0) { - free(this); - return NULL; + /* not IPv4, mostly FQDN */ + this->type = ID_FQDN; + this->encoded.ptr = strdup(string); + this->encoded.len = strlen(string); + this->public.matches = (bool (*) + (identification_t*,identification_t*,int*))matches_string; + this->public.equals = (bool (*) + (identification_t*,identification_t*))equals_strcasecmp; + return &(this->public); } this->encoded = chunk_clone(chunk); this->type = ID_IPV4_ADDR; @@ -1137,6 +1141,7 @@ identification_t *identification_create_from_string(char *string) identification_t *identification_create_from_encoding(id_type_t type, chunk_t encoded) { private_identification_t *this = identification_create(); + this->type = type; switch (type) { diff --git a/src/libstrongswan/utils/leak_detective.c b/src/libstrongswan/utils/leak_detective.c index a28ebba51..dab18fd5c 100644 --- a/src/libstrongswan/utils/leak_detective.c +++ b/src/libstrongswan/utils/leak_detective.c @@ -190,7 +190,8 @@ whitelist_t whitelist[] = { {getprotobynumber, 291}, {getservbyport, 311}, {register_printf_function, 159}, - {syslog, 45}, + {syslog, 44}, + {vsyslog, 41}, {dlopen, 109}, # ifdef LIBCURL /* from /usr/lib/libcurl.so.3 */ diff --git a/src/libstrongswan/utils/linked_list.c b/src/libstrongswan/utils/linked_list.c index de52ea46a..5cd8ffd7a 100644 --- a/src/libstrongswan/utils/linked_list.c +++ b/src/libstrongswan/utils/linked_list.c @@ -6,6 +6,7 @@ */ /* + * Copyright (C) 2007 Tobias Brunner * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter * Hochschule fuer Technik Rapperswil @@ -140,6 +141,52 @@ struct private_iterator_t { void *hook_param; }; +typedef struct private_enumerator_t private_enumerator_t; + +/** + * linked lists enumerator implementation + */ +struct private_enumerator_t { + + /** + * implements enumerator interface + */ + enumerator_t enumerator; + + /** + * next item to enumerate + */ + element_t *next; +}; + +/** + * Implementation of private_enumerator_t.enumerator.enumerate. + */ +static bool enumerate(private_enumerator_t *this, void **item) +{ + if (this->next == NULL) + { + return FALSE; + } + *item = this->next->value; + this->next = this->next->next; + return TRUE; +} + +/** + * Implementation of linked_list_t.create_enumerator. + */ +static enumerator_t* create_enumerator(private_linked_list_t *this) +{ + private_enumerator_t *enumerator = malloc_thing(private_enumerator_t); + + enumerator->enumerator.enumerate = (void*)enumerate; + enumerator->enumerator.destroy = (void*)free; + enumerator->next = this->first; + + return &enumerator->enumerator; +} + /** * Implementation of iterator_t.get_count. */ @@ -630,9 +677,9 @@ static status_t get_last(private_linked_list_t *this, void **item) } /** - * Implementation of linked_list_t.invoke. + * Implementation of linked_list_t.invoke_offset. */ -static void invoke(private_linked_list_t *this, size_t offset) +static void invoke_offset(private_linked_list_t *this, size_t offset) { element_t *current = this->first; @@ -644,6 +691,55 @@ static void invoke(private_linked_list_t *this, size_t offset) } } +/** + * Implementation of linked_list_t.invoke_function. + */ +static void invoke_function(private_linked_list_t *this, void(*fn)(void*)) +{ + element_t *current = this->first; + + while (current) + { + fn(current->value); + current = current->next; + } +} + +/** + * Implementation of linked_list_t.clone_offset + */ +static linked_list_t *clone_offset(private_linked_list_t *this, size_t offset) +{ + linked_list_t *clone = linked_list_create(); + element_t *current = this->first; + + while (current) + { + void* (**method)(void*) = current->value + offset; + clone->insert_last(clone, (*method)(current->value)); + current = current->next; + } + + return clone; +} + +/** + * Implementation of linked_list_t.clone_function + */ +static linked_list_t *clone_function(private_linked_list_t *this, void* (*fn)(void*)) +{ + linked_list_t *clone = linked_list_create(); + element_t *current = this->first; + + while (current) + { + clone->insert_last(clone, fn(current->value)); + current = current->next; + } + + return clone; +} + /** * Implementation of linked_list_t.destroy. */ @@ -651,7 +747,7 @@ static void destroy(private_linked_list_t *this) { void *value; /* Remove all list items before destroying list */ - while (this->public.remove_first(&(this->public), &value) == SUCCESS) + while (remove_first(this, &value) == SUCCESS) { /* values are not destroyed so memory leaks are possible * if list is not empty when deleting */ @@ -744,6 +840,7 @@ linked_list_t *linked_list_create() this->public.get_count = (int (*) (linked_list_t *)) get_count; this->public.create_iterator = (iterator_t * (*) (linked_list_t *,bool))create_iterator; this->public.create_iterator_locked = (iterator_t * (*) (linked_list_t *,pthread_mutex_t*))create_iterator_locked; + this->public.create_enumerator = (enumerator_t*(*)(linked_list_t*))create_enumerator; this->public.get_first = (status_t (*) (linked_list_t *, void **item))get_first; this->public.get_last = (status_t (*) (linked_list_t *, void **item))get_last; this->public.insert_first = (void (*) (linked_list_t *, void *item))insert_first; @@ -753,7 +850,10 @@ linked_list_t *linked_list_create() this->public.insert_at_position = (status_t (*) (linked_list_t *,size_t, void *))insert_at_position; this->public.remove_at_position = (status_t (*) (linked_list_t *,size_t, void **))remove_at_position; this->public.get_at_position = (status_t (*) (linked_list_t *,size_t, void **))get_at_position; - this->public.invoke = (void (*)(linked_list_t*,size_t))invoke; + this->public.invoke_offset = (void (*)(linked_list_t*,size_t))invoke_offset; + this->public.invoke_function = (void (*)(linked_list_t*,void(*)(void*)))invoke_function; + this->public.clone_offset = (linked_list_t * (*)(linked_list_t*,size_t))clone_offset; + this->public.clone_function = (linked_list_t * (*)(linked_list_t*,void*(*)(void*)))clone_function; this->public.destroy = (void (*) (linked_list_t *))destroy; this->public.destroy_offset = (void (*) (linked_list_t *,size_t))destroy_offset; this->public.destroy_function = (void (*)(linked_list_t*,void(*)(void*)))destroy_function; diff --git a/src/libstrongswan/utils/linked_list.h b/src/libstrongswan/utils/linked_list.h index 58bcbbdaa..ebe5c187c 100644 --- a/src/libstrongswan/utils/linked_list.h +++ b/src/libstrongswan/utils/linked_list.h @@ -6,6 +6,7 @@ */ /* + * Copyright (C) 2007 Tobias Brunner * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter * Hochschule fuer Technik Rapperswil @@ -30,6 +31,7 @@ typedef struct linked_list_t linked_list_t; #include #include +#include /** * @brief Class implementing a double linked list. @@ -55,6 +57,9 @@ struct linked_list_t { * @brief Creates a iterator for the given list. * * @warning Created iterator_t object has to get destroyed by the caller. + * + * @deprecated Iterator is obsolete and will disappear, it is too + * complicated to implement. Use enumerator instead. * * @param this calling object * @param forward iterator direction (TRUE: front to end) @@ -74,7 +79,18 @@ struct linked_list_t { */ iterator_t *(*create_iterator_locked) (linked_list_t *this, pthread_mutex_t *mutex); - + + /** + * @brief Create an enumerator over the list. + * + * The enumerator is a "lightweight" iterator. It only has two methods + * and should therefore be much easier to implement. + * + * @param this calling object + * @return enumerator over list items + */ + enumerator_t* (*create_enumerator)(linked_list_t *this); + /** * @brief Inserts a new item at the beginning of the list. * @@ -183,7 +199,33 @@ struct linked_list_t { * @param this calling object * @param offset offset of the method to invoke on objects */ - void (*invoke) (linked_list_t *this, size_t offset); + void (*invoke_offset) (linked_list_t *this, size_t offset); + + /** + * @brief Invoke a function on all of the contained objects. + * + * @param this calling object + * @param offset offset of the method to invoke on objects + */ + void (*invoke_function) (linked_list_t *this, void (*)(void*)); + + /** + * @brief Clones a list and its objects using the objects' clone method. + * + * @param this calling object + * @param offset offset ot the objects clone function + * @return cloned list + */ + linked_list_t *(*clone_offset) (linked_list_t *this, size_t offset); + + /** + * @brief Clones a list and its objects using a given function. + * + * @param this calling object + * @param function function that clones an object + * @return cloned list + */ + linked_list_t *(*clone_function) (linked_list_t *this, void*(*)(void*)); /** * @brief Destroys a linked_list object. diff --git a/src/libstrongswan/utils/optionsfrom.c b/src/libstrongswan/utils/optionsfrom.c new file mode 100644 index 000000000..ffa571b05 --- /dev/null +++ b/src/libstrongswan/utils/optionsfrom.c @@ -0,0 +1,148 @@ +/** + * @file optionsfrom.c + * + * @brief read command line options from a file + * + */ + +/* + * Copyright (C) 1998, 1999 Henry Spencer. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Library General Public License as published by + * the Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public + * License for more details. + * + */ + +#include +#include + +#include +#include +#include + +#include "optionsfrom.h" + +#define MAX_USES 20 /* loop-detection limit */ +#define SOME_ARGS 10 /* first guess at how many arguments we'll need */ + +/* + * Defined in header. + */ +bool optionsfrom(const char *filename, int *argcp, char **argvp[], int optind) +{ + static int nuses = 0; + char **newargv; + int newargc; + int next; /* place for next argument */ + int room; /* how many more new arguments we can hold */ + size_t bytes; + chunk_t chunk, src, line, token; + bool good = TRUE; + int linepos = 0; + FILE *fd; + + /* avoid endless loops with recursive --optionsfrom arguments */ + nuses++; + if (nuses >= MAX_USES) + { + DBG1("optionsfrom called %d times - looping?", (*argvp)[0], nuses); + return FALSE; + } + + fd = fopen(filename, "r"); + if (fd == NULL) + { + DBG1("optionsfrom: unable to open file '%s': %s", + filename, strerror(errno)); + return FALSE; + } + + /* determine the file size */ + fseek(fd, 0, SEEK_END); + chunk.len = ftell(fd); + rewind(fd); + + /* allocate one byte more just in case of a missing final newline */ + chunk.ptr = malloc(chunk.len + 1); + + /* read the whole file into a chunk */ + bytes = fread(chunk.ptr, 1, chunk.len, fd); + fclose(fd); + + newargc = *argcp + SOME_ARGS; + newargv = malloc((newargc + 1) * sizeof(char *)); + memcpy(newargv, *argvp, optind * sizeof(char *)); + room = SOME_ARGS; + next = optind; + newargv[next] = NULL; + + /* we keep the chunk pointer so that we can still free it */ + src = chunk; + + while (fetchline(&src, &line) && good) + { + linepos++; + while (eat_whitespace(&line)) + { + if (*line.ptr == '"'|| *line.ptr == '\'') + { + char delimiter = *line.ptr; + + line.ptr++; + line.len--; + if (!extract_token(&token, delimiter, &line)) + { + DBG1("optionsfrom: missing terminator at %s:%d", + filename, linepos); + good = FALSE; + break; + } + } + else + { + if (!extract_token(&token, ' ', &line)) + { + /* last token in a line */ + token = line; + line.len = 0; + } + } + + /* do we have to allocate more memory for additional arguments? */ + if (room == 0) + { + newargc += SOME_ARGS; + newargv = realloc(newargv, (newargc+1) * sizeof(char *)); + room = SOME_ARGS; + } + + /* terminate the token by replacing the delimiter with a null character */ + *(token.ptr + token.len) = '\0'; + + /* assign the token to the next argument */ + newargv[next] = token.ptr; + next++; + room--; + } + } + + if (!good) /* error of some kind */ + { + free(chunk.ptr); + free(newargv); + return FALSE; + } + + memcpy(newargv + next, *argvp + optind, (*argcp + 1 - optind) * sizeof(char *)); + *argcp += next - optind; + *argvp = newargv; + return TRUE; +} + diff --git a/src/libstrongswan/utils/optionsfrom.h b/src/libstrongswan/utils/optionsfrom.h new file mode 100644 index 000000000..d6b9efde5 --- /dev/null +++ b/src/libstrongswan/utils/optionsfrom.h @@ -0,0 +1,37 @@ +/** + * @file optionsfrom.h + * + * @brief Read command line options from a file + * + */ + +/* + * Copyright (C) 1998, 1999 Henry Spencer. + * Copyright (C) 2007 Andreas Steffen, Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#ifndef OPTIONSFROM_H_ +#define OPTIONSFROM_H_ + +/** + * @brief Pick up more options from a file, in the middle of an option scan + * + * @param filename file containing the options + * @param argcp pointer to argc + * @param argvp pointer to argv[] + * @param optind current optind, number of next argument + * @return TRUE if optionsfrom parsing successful + */ +bool optionsfrom(const char *filename, int *argcp, char **argvp[], int optind); + +#endif /*OPTIONSFROM_H_*/ diff --git a/src/manager/Makefile.am b/src/manager/Makefile.am new file mode 100644 index 000000000..17eecdbab --- /dev/null +++ b/src/manager/Makefile.am @@ -0,0 +1,53 @@ +ipsec_PROGRAMS = manager.fcgi + +manager_fcgi_SOURCES = \ +main.c manager.c manager.h gateway.h gateway.c database.h database.c \ +controller/auth_controller.c controller/auth_controller.h \ +controller/status_controller.c controller/status_controller.h \ +controller/gateway_controller.c controller/gateway_controller.h + +manager_fcgi_LDADD = $(top_builddir)/src/manager/libappserv.la -lsqlite3 + + + +lib_LTLIBRARIES = libappserv.la + +libappserv_la_SOURCES = \ +lib/context.h lib/dispatcher.c lib/request.h lib/session.h \ +lib/controller.h lib/dispatcher.h lib/request.c lib/session.c \ +lib/xml.h lib/xml.c + +libappserv_la_LIBADD = $(top_builddir)/src/libstrongswan/libstrongswan.la -lfcgi -lpthread -lneo_cgi -lneo_cs -lneo_utl ${xml_LIBS} + +INCLUDES = -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/manager/lib -I/usr/include/ClearSilver ${xml_CFLAGS} +AM_CFLAGS = -rdynamic -DIPSECDIR=\"${ipsecdir}\" -DIPSEC_PIDDIR=\"${piddir}\" + +ipsec_DATA = manager.db + +# Don't forget to add templates to EXTRA_DIST !!! How to automate? +ipsec_templatesdir = ${ipsecdir}/templates +ipsec_templates_DATA = templates/header.cs templates/footer.cs templates/error.cs + +ipsec_templates_authdir = ${ipsec_templatesdir}/auth +ipsec_templates_auth_DATA = templates/auth/login.cs + +ipsec_templates_gatewaydir = ${ipsec_templatesdir}/gateway +ipsec_templates_gateway_DATA = templates/gateway/list.cs + +ipsec_templates_statusdir = ${ipsec_templatesdir}/status +ipsec_templates_status_DATA = templates/status/ikesalist.cs + +ipsec_templates_staticdir = ${ipsec_templatesdir}/static +ipsec_templates_static_DATA = templates/static/style.css templates/static/script.js templates/static/jquery.js \ +templates/static/pipe.png templates/static/pipe-good.png templates/static/pipe-bad.png \ +templates/static/pipe-thin.png templates/static/pipe-thin-left.png templates/static/pipe-thin-right.png \ +templates/static/gateway-left.png templates/static/client-left.png templates/static/strongswan.png \ +templates/static/router.png templates/static/gateway-right.png templates/static/client-right.png + +EXTRA_DIST = manager.db templates/header.cs templates/footer.cs templates/error.cs \ +templates/auth/login.cs templates/gateway/list.cs templates/status/ikesalist.cs \ +templates/static/style.css templates/static/script.js templates/static/jquery.js \ +templates/static/pipe.png templates/static/pipe-good.png templates/static/pipe-bad.png \ +templates/static/pipe-thin.png templates/static/pipe-thin-left.png templates/static/pipe-thin-right.png \ +templates/static/gateway-left.png templates/static/client-left.png templates/static/strongswan.png \ +templates/static/router.png templates/static/gateway-right.png templates/static/client-right.png diff --git a/src/manager/Makefile.in b/src/manager/Makefile.in new file mode 100644 index 000000000..5c09c22d4 --- /dev/null +++ b/src/manager/Makefile.in @@ -0,0 +1,783 @@ +# Makefile.in generated by automake 1.10 from Makefile.am. +# @configure_input@ + +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +@SET_MAKE@ + + + +VPATH = @srcdir@ +pkgdatadir = $(datadir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ +ipsec_PROGRAMS = manager.fcgi$(EXEEXT) +subdir = src/manager +DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/configure.in +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(install_sh) -d +CONFIG_CLEAN_FILES = +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; +am__installdirs = "$(DESTDIR)$(libdir)" "$(DESTDIR)$(ipsecdir)" \ + "$(DESTDIR)$(ipsecdir)" "$(DESTDIR)$(ipsec_templatesdir)" \ + "$(DESTDIR)$(ipsec_templates_authdir)" \ + "$(DESTDIR)$(ipsec_templates_gatewaydir)" \ + "$(DESTDIR)$(ipsec_templates_staticdir)" \ + "$(DESTDIR)$(ipsec_templates_statusdir)" +libLTLIBRARIES_INSTALL = $(INSTALL) +LTLIBRARIES = $(lib_LTLIBRARIES) +am__DEPENDENCIES_1 = +libappserv_la_DEPENDENCIES = \ + $(top_builddir)/src/libstrongswan/libstrongswan.la \ + $(am__DEPENDENCIES_1) +am_libappserv_la_OBJECTS = dispatcher.lo request.lo session.lo xml.lo +libappserv_la_OBJECTS = $(am_libappserv_la_OBJECTS) +ipsecPROGRAMS_INSTALL = $(INSTALL_PROGRAM) +PROGRAMS = $(ipsec_PROGRAMS) +am_manager_fcgi_OBJECTS = main.$(OBJEXT) manager.$(OBJEXT) \ + gateway.$(OBJEXT) database.$(OBJEXT) auth_controller.$(OBJEXT) \ + status_controller.$(OBJEXT) gateway_controller.$(OBJEXT) +manager_fcgi_OBJECTS = $(am_manager_fcgi_OBJECTS) +manager_fcgi_DEPENDENCIES = $(top_builddir)/src/manager/libappserv.la +DEFAULT_INCLUDES = -I.@am__isrc@ +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ + $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ + $(LDFLAGS) -o $@ +SOURCES = $(libappserv_la_SOURCES) $(manager_fcgi_SOURCES) +DIST_SOURCES = $(libappserv_la_SOURCES) $(manager_fcgi_SOURCES) +ipsecDATA_INSTALL = $(INSTALL_DATA) +ipsec_templatesDATA_INSTALL = $(INSTALL_DATA) +ipsec_templates_authDATA_INSTALL = $(INSTALL_DATA) +ipsec_templates_gatewayDATA_INSTALL = $(INSTALL_DATA) +ipsec_templates_staticDATA_INSTALL = $(INSTALL_DATA) +ipsec_templates_statusDATA_INSTALL = $(INSTALL_DATA) +DATA = $(ipsec_DATA) $(ipsec_templates_DATA) \ + $(ipsec_templates_auth_DATA) $(ipsec_templates_gateway_DATA) \ + $(ipsec_templates_static_DATA) $(ipsec_templates_status_DATA) +ETAGS = etags +CTAGS = ctags +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMTAR = @AMTAR@ +AR = @AR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CXX = @CXX@ +CXXCPP = @CXXCPP@ +CXXDEPMODE = @CXXDEPMODE@ +CXXFLAGS = @CXXFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ +DEPDIR = @DEPDIR@ +ECHO = @ECHO@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ +F77 = @F77@ +FFLAGS = @FFLAGS@ +GPERF = @GPERF@ +GREP = @GREP@ +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@ +IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@ +LDFLAGS = @LDFLAGS@ +LEX = @LEX@ +LEXLIB = @LEXLIB@ +LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LIBTOOL = @LIBTOOL@ +LINUX_HEADERS = @LINUX_HEADERS@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAKEINFO = @MAKEINFO@ +MKDIR_P = @MKDIR_P@ +OBJEXT = @OBJEXT@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +PERL = @PERL@ +PKG_CONFIG = @PKG_CONFIG@ +RANLIB = @RANLIB@ +SED = @SED@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +STRIP = @STRIP@ +VERSION = @VERSION@ +YACC = @YACC@ +YFLAGS = @YFLAGS@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_CXX = @ac_ct_CXX@ +ac_ct_F77 = @ac_ct_F77@ +am__include = @am__include@ +am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +backenddir = @backenddir@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +builddir = @builddir@ +confdir = @confdir@ +datadir = @datadir@ +datarootdir = @datarootdir@ +dbus_CFLAGS = @dbus_CFLAGS@ +dbus_LIBS = @dbus_LIBS@ +docdir = @docdir@ +dvidir = @dvidir@ +eapdir = @eapdir@ +exec_prefix = @exec_prefix@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = @htmldir@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +interfacedir = @interfacedir@ +ipsecdir = @ipsecdir@ +ipsecgid = @ipsecgid@ +ipsecuid = @ipsecuid@ +libdir = @libdir@ +libexecdir = @libexecdir@ +linuxdir = @linuxdir@ +localedir = @localedir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +pdfdir = @pdfdir@ +piddir = @piddir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +psdir = @psdir@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +srcdir = @srcdir@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ +xml_CFLAGS = @xml_CFLAGS@ +xml_LIBS = @xml_LIBS@ +manager_fcgi_SOURCES = \ +main.c manager.c manager.h gateway.h gateway.c database.h database.c \ +controller/auth_controller.c controller/auth_controller.h \ +controller/status_controller.c controller/status_controller.h \ +controller/gateway_controller.c controller/gateway_controller.h + +manager_fcgi_LDADD = $(top_builddir)/src/manager/libappserv.la -lsqlite3 +lib_LTLIBRARIES = libappserv.la +libappserv_la_SOURCES = \ +lib/context.h lib/dispatcher.c lib/request.h lib/session.h \ +lib/controller.h lib/dispatcher.h lib/request.c lib/session.c \ +lib/xml.h lib/xml.c + +libappserv_la_LIBADD = $(top_builddir)/src/libstrongswan/libstrongswan.la -lfcgi -lpthread -lneo_cgi -lneo_cs -lneo_utl ${xml_LIBS} +INCLUDES = -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/manager/lib -I/usr/include/ClearSilver ${xml_CFLAGS} +AM_CFLAGS = -rdynamic -DIPSECDIR=\"${ipsecdir}\" -DIPSEC_PIDDIR=\"${piddir}\" +ipsec_DATA = manager.db + +# Don't forget to add templates to EXTRA_DIST !!! How to automate? +ipsec_templatesdir = ${ipsecdir}/templates +ipsec_templates_DATA = templates/header.cs templates/footer.cs templates/error.cs +ipsec_templates_authdir = ${ipsec_templatesdir}/auth +ipsec_templates_auth_DATA = templates/auth/login.cs +ipsec_templates_gatewaydir = ${ipsec_templatesdir}/gateway +ipsec_templates_gateway_DATA = templates/gateway/list.cs +ipsec_templates_statusdir = ${ipsec_templatesdir}/status +ipsec_templates_status_DATA = templates/status/ikesalist.cs +ipsec_templates_staticdir = ${ipsec_templatesdir}/static +ipsec_templates_static_DATA = templates/static/style.css templates/static/script.js templates/static/jquery.js \ +templates/static/pipe.png templates/static/pipe-good.png templates/static/pipe-bad.png \ +templates/static/pipe-thin.png templates/static/pipe-thin-left.png templates/static/pipe-thin-right.png \ +templates/static/gateway-left.png templates/static/client-left.png templates/static/strongswan.png \ +templates/static/router.png templates/static/gateway-right.png templates/static/client-right.png + +EXTRA_DIST = manager.db templates/header.cs templates/footer.cs templates/error.cs \ +templates/auth/login.cs templates/gateway/list.cs templates/status/ikesalist.cs \ +templates/static/style.css templates/static/script.js templates/static/jquery.js \ +templates/static/pipe.png templates/static/pipe-good.png templates/static/pipe-bad.png \ +templates/static/pipe-thin.png templates/static/pipe-thin-left.png templates/static/pipe-thin-right.png \ +templates/static/gateway-left.png templates/static/client-left.png templates/static/strongswan.png \ +templates/static/router.png templates/static/gateway-right.png templates/static/client-right.png + +all: all-am + +.SUFFIXES: +.SUFFIXES: .c .lo .o .obj +$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ + && exit 0; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/manager/Makefile'; \ + cd $(top_srcdir) && \ + $(AUTOMAKE) --gnu src/manager/Makefile +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +install-libLTLIBRARIES: $(lib_LTLIBRARIES) + @$(NORMAL_INSTALL) + test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)" + @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ + echo " $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \ + $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(libdir)/$$f"; \ + else :; fi; \ + done + +uninstall-libLTLIBRARIES: + @$(NORMAL_UNINSTALL) + @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ + echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \ + $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \ + done + +clean-libLTLIBRARIES: + -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES) + @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done +libappserv.la: $(libappserv_la_OBJECTS) $(libappserv_la_DEPENDENCIES) + $(LINK) -rpath $(libdir) $(libappserv_la_OBJECTS) $(libappserv_la_LIBADD) $(LIBS) +install-ipsecPROGRAMS: $(ipsec_PROGRAMS) + @$(NORMAL_INSTALL) + test -z "$(ipsecdir)" || $(MKDIR_P) "$(DESTDIR)$(ipsecdir)" + @list='$(ipsec_PROGRAMS)'; for p in $$list; do \ + p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ + if test -f $$p \ + || test -f $$p1 \ + ; then \ + f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ + echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(ipsecPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(ipsecdir)/$$f'"; \ + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(ipsecPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(ipsecdir)/$$f" || exit 1; \ + else :; fi; \ + done + +uninstall-ipsecPROGRAMS: + @$(NORMAL_UNINSTALL) + @list='$(ipsec_PROGRAMS)'; for p in $$list; do \ + f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ + echo " rm -f '$(DESTDIR)$(ipsecdir)/$$f'"; \ + rm -f "$(DESTDIR)$(ipsecdir)/$$f"; \ + done + +clean-ipsecPROGRAMS: + @list='$(ipsec_PROGRAMS)'; for p in $$list; do \ + f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f $$p $$f"; \ + rm -f $$p $$f ; \ + done +manager.fcgi$(EXEEXT): $(manager_fcgi_OBJECTS) $(manager_fcgi_DEPENDENCIES) + @rm -f manager.fcgi$(EXEEXT) + $(LINK) $(manager_fcgi_OBJECTS) $(manager_fcgi_LDADD) $(LIBS) + +mostlyclean-compile: + -rm -f *.$(OBJEXT) + +distclean-compile: + -rm -f *.tab.c + +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/auth_controller.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/database.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dispatcher.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gateway.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gateway_controller.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/main.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/manager.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/request.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/session.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/status_controller.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/xml.Plo@am__quote@ + +.c.o: +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< + +.c.obj: +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` + +.c.lo: +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< + +dispatcher.lo: lib/dispatcher.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT dispatcher.lo -MD -MP -MF $(DEPDIR)/dispatcher.Tpo -c -o dispatcher.lo `test -f 'lib/dispatcher.c' || echo '$(srcdir)/'`lib/dispatcher.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/dispatcher.Tpo $(DEPDIR)/dispatcher.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='lib/dispatcher.c' object='dispatcher.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o dispatcher.lo `test -f 'lib/dispatcher.c' || echo '$(srcdir)/'`lib/dispatcher.c + +request.lo: lib/request.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT request.lo -MD -MP -MF $(DEPDIR)/request.Tpo -c -o request.lo `test -f 'lib/request.c' || echo '$(srcdir)/'`lib/request.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/request.Tpo $(DEPDIR)/request.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='lib/request.c' object='request.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o request.lo `test -f 'lib/request.c' || echo '$(srcdir)/'`lib/request.c + +session.lo: lib/session.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT session.lo -MD -MP -MF $(DEPDIR)/session.Tpo -c -o session.lo `test -f 'lib/session.c' || echo '$(srcdir)/'`lib/session.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/session.Tpo $(DEPDIR)/session.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='lib/session.c' object='session.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o session.lo `test -f 'lib/session.c' || echo '$(srcdir)/'`lib/session.c + +xml.lo: lib/xml.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT xml.lo -MD -MP -MF $(DEPDIR)/xml.Tpo -c -o xml.lo `test -f 'lib/xml.c' || echo '$(srcdir)/'`lib/xml.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/xml.Tpo $(DEPDIR)/xml.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='lib/xml.c' object='xml.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o xml.lo `test -f 'lib/xml.c' || echo '$(srcdir)/'`lib/xml.c + +auth_controller.o: controller/auth_controller.c +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT auth_controller.o -MD -MP -MF $(DEPDIR)/auth_controller.Tpo -c -o auth_controller.o `test -f 'controller/auth_controller.c' || echo '$(srcdir)/'`controller/auth_controller.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/auth_controller.Tpo $(DEPDIR)/auth_controller.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='controller/auth_controller.c' object='auth_controller.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o auth_controller.o `test -f 'controller/auth_controller.c' || echo '$(srcdir)/'`controller/auth_controller.c + +auth_controller.obj: controller/auth_controller.c +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT auth_controller.obj -MD -MP -MF $(DEPDIR)/auth_controller.Tpo -c -o auth_controller.obj `if test -f 'controller/auth_controller.c'; then $(CYGPATH_W) 'controller/auth_controller.c'; else $(CYGPATH_W) '$(srcdir)/controller/auth_controller.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/auth_controller.Tpo $(DEPDIR)/auth_controller.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='controller/auth_controller.c' object='auth_controller.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o auth_controller.obj `if test -f 'controller/auth_controller.c'; then $(CYGPATH_W) 'controller/auth_controller.c'; else $(CYGPATH_W) '$(srcdir)/controller/auth_controller.c'; fi` + +status_controller.o: controller/status_controller.c +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT status_controller.o -MD -MP -MF $(DEPDIR)/status_controller.Tpo -c -o status_controller.o `test -f 'controller/status_controller.c' || echo '$(srcdir)/'`controller/status_controller.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/status_controller.Tpo $(DEPDIR)/status_controller.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='controller/status_controller.c' object='status_controller.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o status_controller.o `test -f 'controller/status_controller.c' || echo '$(srcdir)/'`controller/status_controller.c + +status_controller.obj: controller/status_controller.c +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT status_controller.obj -MD -MP -MF $(DEPDIR)/status_controller.Tpo -c -o status_controller.obj `if test -f 'controller/status_controller.c'; then $(CYGPATH_W) 'controller/status_controller.c'; else $(CYGPATH_W) '$(srcdir)/controller/status_controller.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/status_controller.Tpo $(DEPDIR)/status_controller.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='controller/status_controller.c' object='status_controller.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o status_controller.obj `if test -f 'controller/status_controller.c'; then $(CYGPATH_W) 'controller/status_controller.c'; else $(CYGPATH_W) '$(srcdir)/controller/status_controller.c'; fi` + +gateway_controller.o: controller/gateway_controller.c +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT gateway_controller.o -MD -MP -MF $(DEPDIR)/gateway_controller.Tpo -c -o gateway_controller.o `test -f 'controller/gateway_controller.c' || echo '$(srcdir)/'`controller/gateway_controller.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/gateway_controller.Tpo $(DEPDIR)/gateway_controller.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='controller/gateway_controller.c' object='gateway_controller.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o gateway_controller.o `test -f 'controller/gateway_controller.c' || echo '$(srcdir)/'`controller/gateway_controller.c + +gateway_controller.obj: controller/gateway_controller.c +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT gateway_controller.obj -MD -MP -MF $(DEPDIR)/gateway_controller.Tpo -c -o gateway_controller.obj `if test -f 'controller/gateway_controller.c'; then $(CYGPATH_W) 'controller/gateway_controller.c'; else $(CYGPATH_W) '$(srcdir)/controller/gateway_controller.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/gateway_controller.Tpo $(DEPDIR)/gateway_controller.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='controller/gateway_controller.c' object='gateway_controller.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o gateway_controller.obj `if test -f 'controller/gateway_controller.c'; then $(CYGPATH_W) 'controller/gateway_controller.c'; else $(CYGPATH_W) '$(srcdir)/controller/gateway_controller.c'; fi` + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs +install-ipsecDATA: $(ipsec_DATA) + @$(NORMAL_INSTALL) + test -z "$(ipsecdir)" || $(MKDIR_P) "$(DESTDIR)$(ipsecdir)" + @list='$(ipsec_DATA)'; for p in $$list; do \ + if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ + f=$(am__strip_dir) \ + echo " $(ipsecDATA_INSTALL) '$$d$$p' '$(DESTDIR)$(ipsecdir)/$$f'"; \ + $(ipsecDATA_INSTALL) "$$d$$p" "$(DESTDIR)$(ipsecdir)/$$f"; \ + done + +uninstall-ipsecDATA: + @$(NORMAL_UNINSTALL) + @list='$(ipsec_DATA)'; for p in $$list; do \ + f=$(am__strip_dir) \ + echo " rm -f '$(DESTDIR)$(ipsecdir)/$$f'"; \ + rm -f "$(DESTDIR)$(ipsecdir)/$$f"; \ + done +install-ipsec_templatesDATA: $(ipsec_templates_DATA) + @$(NORMAL_INSTALL) + test -z "$(ipsec_templatesdir)" || $(MKDIR_P) "$(DESTDIR)$(ipsec_templatesdir)" + @list='$(ipsec_templates_DATA)'; for p in $$list; do \ + if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ + f=$(am__strip_dir) \ + echo " $(ipsec_templatesDATA_INSTALL) '$$d$$p' '$(DESTDIR)$(ipsec_templatesdir)/$$f'"; \ + $(ipsec_templatesDATA_INSTALL) "$$d$$p" "$(DESTDIR)$(ipsec_templatesdir)/$$f"; \ + done + +uninstall-ipsec_templatesDATA: + @$(NORMAL_UNINSTALL) + @list='$(ipsec_templates_DATA)'; for p in $$list; do \ + f=$(am__strip_dir) \ + echo " rm -f '$(DESTDIR)$(ipsec_templatesdir)/$$f'"; \ + rm -f "$(DESTDIR)$(ipsec_templatesdir)/$$f"; \ + done +install-ipsec_templates_authDATA: $(ipsec_templates_auth_DATA) + @$(NORMAL_INSTALL) + test -z "$(ipsec_templates_authdir)" || $(MKDIR_P) "$(DESTDIR)$(ipsec_templates_authdir)" + @list='$(ipsec_templates_auth_DATA)'; for p in $$list; do \ + if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ + f=$(am__strip_dir) \ + echo " $(ipsec_templates_authDATA_INSTALL) '$$d$$p' '$(DESTDIR)$(ipsec_templates_authdir)/$$f'"; \ + $(ipsec_templates_authDATA_INSTALL) "$$d$$p" "$(DESTDIR)$(ipsec_templates_authdir)/$$f"; \ + done + +uninstall-ipsec_templates_authDATA: + @$(NORMAL_UNINSTALL) + @list='$(ipsec_templates_auth_DATA)'; for p in $$list; do \ + f=$(am__strip_dir) \ + echo " rm -f '$(DESTDIR)$(ipsec_templates_authdir)/$$f'"; \ + rm -f "$(DESTDIR)$(ipsec_templates_authdir)/$$f"; \ + done +install-ipsec_templates_gatewayDATA: $(ipsec_templates_gateway_DATA) + @$(NORMAL_INSTALL) + test -z "$(ipsec_templates_gatewaydir)" || $(MKDIR_P) "$(DESTDIR)$(ipsec_templates_gatewaydir)" + @list='$(ipsec_templates_gateway_DATA)'; for p in $$list; do \ + if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ + f=$(am__strip_dir) \ + echo " $(ipsec_templates_gatewayDATA_INSTALL) '$$d$$p' '$(DESTDIR)$(ipsec_templates_gatewaydir)/$$f'"; \ + $(ipsec_templates_gatewayDATA_INSTALL) "$$d$$p" "$(DESTDIR)$(ipsec_templates_gatewaydir)/$$f"; \ + done + +uninstall-ipsec_templates_gatewayDATA: + @$(NORMAL_UNINSTALL) + @list='$(ipsec_templates_gateway_DATA)'; for p in $$list; do \ + f=$(am__strip_dir) \ + echo " rm -f '$(DESTDIR)$(ipsec_templates_gatewaydir)/$$f'"; \ + rm -f "$(DESTDIR)$(ipsec_templates_gatewaydir)/$$f"; \ + done +install-ipsec_templates_staticDATA: $(ipsec_templates_static_DATA) + @$(NORMAL_INSTALL) + test -z "$(ipsec_templates_staticdir)" || $(MKDIR_P) "$(DESTDIR)$(ipsec_templates_staticdir)" + @list='$(ipsec_templates_static_DATA)'; for p in $$list; do \ + if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ + f=$(am__strip_dir) \ + echo " $(ipsec_templates_staticDATA_INSTALL) '$$d$$p' '$(DESTDIR)$(ipsec_templates_staticdir)/$$f'"; \ + $(ipsec_templates_staticDATA_INSTALL) "$$d$$p" "$(DESTDIR)$(ipsec_templates_staticdir)/$$f"; \ + done + +uninstall-ipsec_templates_staticDATA: + @$(NORMAL_UNINSTALL) + @list='$(ipsec_templates_static_DATA)'; for p in $$list; do \ + f=$(am__strip_dir) \ + echo " rm -f '$(DESTDIR)$(ipsec_templates_staticdir)/$$f'"; \ + rm -f "$(DESTDIR)$(ipsec_templates_staticdir)/$$f"; \ + done +install-ipsec_templates_statusDATA: $(ipsec_templates_status_DATA) + @$(NORMAL_INSTALL) + test -z "$(ipsec_templates_statusdir)" || $(MKDIR_P) "$(DESTDIR)$(ipsec_templates_statusdir)" + @list='$(ipsec_templates_status_DATA)'; for p in $$list; do \ + if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ + f=$(am__strip_dir) \ + echo " $(ipsec_templates_statusDATA_INSTALL) '$$d$$p' '$(DESTDIR)$(ipsec_templates_statusdir)/$$f'"; \ + $(ipsec_templates_statusDATA_INSTALL) "$$d$$p" "$(DESTDIR)$(ipsec_templates_statusdir)/$$f"; \ + done + +uninstall-ipsec_templates_statusDATA: + @$(NORMAL_UNINSTALL) + @list='$(ipsec_templates_status_DATA)'; for p in $$list; do \ + f=$(am__strip_dir) \ + echo " rm -f '$(DESTDIR)$(ipsec_templates_statusdir)/$$f'"; \ + rm -f "$(DESTDIR)$(ipsec_templates_statusdir)/$$f"; \ + done + +ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + mkid -fID $$unique +tags: TAGS + +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$tags $$unique; \ + fi +ctags: CTAGS +CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique + +GTAGS: + here=`$(am__cd) $(top_builddir) && pwd` \ + && cd $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) $$here + +distclean-tags: + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags + +distdir: $(DISTFILES) + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + fi; \ + cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + else \ + test -f $(distdir)/$$file \ + || cp -p $$d/$$file $(distdir)/$$file \ + || exit 1; \ + fi; \ + done +check-am: all-am +check: check-am +all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(DATA) +installdirs: + for dir in "$(DESTDIR)$(libdir)" "$(DESTDIR)$(ipsecdir)" "$(DESTDIR)$(ipsecdir)" "$(DESTDIR)$(ipsec_templatesdir)" "$(DESTDIR)$(ipsec_templates_authdir)" "$(DESTDIR)$(ipsec_templates_gatewaydir)" "$(DESTDIR)$(ipsec_templates_staticdir)" "$(DESTDIR)$(ipsec_templates_statusdir)"; do \ + test -z "$$dir" || $(MKDIR_P) "$$dir"; \ + done +install: install-am +install-exec: install-exec-am +install-data: install-data-am +uninstall: uninstall-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-am +install-strip: + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + `test -z '$(STRIP)' || \ + echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install +mostlyclean-generic: + +clean-generic: + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." +clean: clean-am + +clean-am: clean-generic clean-ipsecPROGRAMS clean-libLTLIBRARIES \ + clean-libtool mostlyclean-am + +distclean: distclean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +distclean-am: clean-am distclean-compile distclean-generic \ + distclean-tags + +dvi: dvi-am + +dvi-am: + +html: html-am + +info: info-am + +info-am: + +install-data-am: install-ipsecDATA install-ipsecPROGRAMS \ + install-ipsec_templatesDATA install-ipsec_templates_authDATA \ + install-ipsec_templates_gatewayDATA \ + install-ipsec_templates_staticDATA \ + install-ipsec_templates_statusDATA + +install-dvi: install-dvi-am + +install-exec-am: install-libLTLIBRARIES + +install-html: install-html-am + +install-info: install-info-am + +install-man: + +install-pdf: install-pdf-am + +install-ps: install-ps-am + +installcheck-am: + +maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-am + +mostlyclean-am: mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool + +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + +uninstall-am: uninstall-ipsecDATA uninstall-ipsecPROGRAMS \ + uninstall-ipsec_templatesDATA \ + uninstall-ipsec_templates_authDATA \ + uninstall-ipsec_templates_gatewayDATA \ + uninstall-ipsec_templates_staticDATA \ + uninstall-ipsec_templates_statusDATA uninstall-libLTLIBRARIES + +.MAKE: install-am install-strip + +.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ + clean-ipsecPROGRAMS clean-libLTLIBRARIES clean-libtool ctags \ + distclean distclean-compile distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-ipsecDATA install-ipsecPROGRAMS \ + install-ipsec_templatesDATA install-ipsec_templates_authDATA \ + install-ipsec_templates_gatewayDATA \ + install-ipsec_templates_staticDATA \ + install-ipsec_templates_statusDATA install-libLTLIBRARIES \ + install-man install-pdf install-pdf-am install-ps \ + install-ps-am install-strip installcheck installcheck-am \ + installdirs maintainer-clean maintainer-clean-generic \ + mostlyclean mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool pdf pdf-am ps ps-am tags uninstall \ + uninstall-am uninstall-ipsecDATA uninstall-ipsecPROGRAMS \ + uninstall-ipsec_templatesDATA \ + uninstall-ipsec_templates_authDATA \ + uninstall-ipsec_templates_gatewayDATA \ + uninstall-ipsec_templates_staticDATA \ + uninstall-ipsec_templates_statusDATA uninstall-libLTLIBRARIES + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/src/manager/controller/auth_controller.c b/src/manager/controller/auth_controller.c new file mode 100644 index 000000000..fd4a3c7a5 --- /dev/null +++ b/src/manager/controller/auth_controller.c @@ -0,0 +1,132 @@ +/** + * @file auth_controller.c + * + * @brief Implementation of auth_controller_t. + * + */ + +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "auth_controller.h" +#include "../manager.h" + +#include + + +typedef struct private_auth_controller_t private_auth_controller_t; + +/** + * private data of the task manager + */ +struct private_auth_controller_t { + + /** + * public functions + */ + auth_controller_t public; + + /** + * manager instance + */ + manager_t *manager; +}; + +static void login(private_auth_controller_t *this, request_t *request) +{ + request->set(request, "action", "check"); + request->set(request, "title", "Login"); + request->render(request, "templates/auth/login.cs"); +} + +static void check(private_auth_controller_t *this, request_t *request) +{ + char *username, *password; + + username = request->get_query_data(request, "username"); + password = request->get_query_data(request, "password"); + if (username && password && + this->manager->login(this->manager, username, password)) + { + request->redirect(request, "status/ikesalist"); + } + else + { + request->redirect(request, "auth/login"); + } +} + +static void logout(private_auth_controller_t *this, request_t *request) +{ + this->manager->logout(this->manager); + request->redirect(request, "auth/login"); +} + +/** + * Implementation of controller_t.get_name + */ +static char* get_name(private_auth_controller_t *this) +{ + return "auth"; +} + +/** + * Implementation of controller_t.handle + */ +static void handle(private_auth_controller_t *this, + request_t *request, char *action) +{ + if (action) + { + if (streq(action, "login")) + { + return login(this, request); + } + else if (streq(action, "check")) + { + return check(this, request); + } + else if (streq(action, "logout")) + { + return logout(this, request); + } + } + request->redirect(request, "auth/login"); +} + +/** + * Implementation of controller_t.destroy + */ +static void destroy(private_auth_controller_t *this) +{ + free(this); +} + +/* + * see header file + */ +controller_t *auth_controller_create(context_t *context, void *param) +{ + private_auth_controller_t *this = malloc_thing(private_auth_controller_t); + + this->public.controller.get_name = (char*(*)(controller_t*))get_name; + this->public.controller.handle = (void(*)(controller_t*,request_t*,char*,char*,char*,char*,char*))handle; + this->public.controller.destroy = (void(*)(controller_t*))destroy; + + this->manager = (manager_t*)context; + + return &this->public.controller; +} + diff --git a/src/manager/controller/auth_controller.h b/src/manager/controller/auth_controller.h new file mode 100644 index 000000000..c90546a17 --- /dev/null +++ b/src/manager/controller/auth_controller.h @@ -0,0 +1,47 @@ +/** + * @file auth_controller.h + * + * @brief Interface of auth_controller_t. + * + */ + +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#ifndef AUTH_CONTROLLER_H_ +#define AUTH_CONTROLLER_H_ + + +#include + +typedef struct auth_controller_t auth_controller_t; + +/** + * @brief Authentication controller. + */ +struct auth_controller_t { + + /** + * Implements controller_t interface. + */ + controller_t controller; +}; + +/** + * @brief Create a auth_controller controller instance. + */ +controller_t *auth_controller_create(context_t *context, void *param); + +#endif /* AUTH_CONTROLLER_H_ */ diff --git a/src/manager/controller/gateway_controller.c b/src/manager/controller/gateway_controller.c new file mode 100644 index 000000000..bdc779256 --- /dev/null +++ b/src/manager/controller/gateway_controller.c @@ -0,0 +1,148 @@ +/** + * @file gateway_controller.c + * + * @brief Implementation of gateway_controller_t. + * + */ + +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "gateway_controller.h" +#include "../manager.h" +#include "../gateway.h" + +#include + + +typedef struct private_gateway_controller_t private_gateway_controller_t; + +/** + * private data of the gateway_controller + */ +struct private_gateway_controller_t { + + /** + * public functions + */ + gateway_controller_t public; + + /** + * manager instance + */ + manager_t *manager; + +}; + +static void list(private_gateway_controller_t *this, request_t *request) +{ + enumerator_t *enumerator; + char *name, *address; + int id, port; + + enumerator = this->manager->create_gateway_enumerator(this->manager); + while (enumerator->enumerate(enumerator, &id, &name, &port, &address)) + { + request->setf(request, "gateways.%d.name=%s", id, name); + if (port) + { + request->setf(request, "gateways.%d.address=tcp://%s:%d", + id, address, port); + } + else + { + request->setf(request, "gateways.%d.address=unix://%s", + id, IPSEC_PIDDIR"/charon.xml"); + } + } + enumerator->destroy(enumerator); + request->set(request, "action", "select"); + request->set(request, "title", "Choose gateway"); + request->render(request, "templates/gateway/list.cs"); +} + +static void _select(private_gateway_controller_t *this, request_t *request) +{ + char *id; + + id = request->get_query_data(request, "gateway"); + if (id) + { + if (this->manager->select_gateway(this->manager, atoi(id))) + { + request->redirect(request, "status/ikesalist"); + return; + } + } + request->redirect(request, "gateway/list"); +} + +/** + * Implementation of controller_t.get_name + */ +static char* get_name(private_gateway_controller_t *this) +{ + return "gateway"; +} + +/** + * Implementation of controller_t.handle + */ +static void handle(private_gateway_controller_t *this, + request_t *request, char *action) +{ + if (!this->manager->logged_in(this->manager)) + { + return request->redirect(request, "auth/login"); + } + if (action) + { + if (streq(action, "list")) + { + return list(this, request); + } + else if (streq(action, "select")) + { + return _select(this, request); + } + } + request->redirect(request, "gateway/list"); +} + + +/** + * Implementation of controller_t.destroy + */ +static void destroy(private_gateway_controller_t *this) +{ + free(this); +} + +/* + * see header file + */ +controller_t *gateway_controller_create(context_t *context, void *param) +{ + private_gateway_controller_t *this = malloc_thing(private_gateway_controller_t); + + this->public.controller.get_name = (char*(*)(controller_t*))get_name; + this->public.controller.handle = (void(*)(controller_t*,request_t*,char*,char*,char*,char*,char*))handle; + this->public.controller.destroy = (void(*)(controller_t*))destroy; + + this->manager = (manager_t*)context; + + return &this->public.controller; +} + diff --git a/src/manager/controller/gateway_controller.h b/src/manager/controller/gateway_controller.h new file mode 100644 index 000000000..5872e20e2 --- /dev/null +++ b/src/manager/controller/gateway_controller.h @@ -0,0 +1,47 @@ +/** + * @file gateway_controller.h + * + * @brief Interface of gateway_controller_t. + * + */ + +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#ifndef GATEWAY_CONTROLLER_H_ +#define GATEWAY_CONTROLLER_H_ + + +#include + +typedef struct gateway_controller_t gateway_controller_t; + +/** + * @brief Status controller. + */ +struct gateway_controller_t { + + /** + * Implements controller_t interface. + */ + controller_t controller; +}; + +/** + * @brief Create a gateway_controller controller instance. + */ +controller_t *gateway_controller_create(context_t *context, void *param); + +#endif /* GATEWAY_CONTROLLER_H_ */ diff --git a/src/manager/controller/status_controller.c b/src/manager/controller/status_controller.c new file mode 100644 index 000000000..bcdbd26ea --- /dev/null +++ b/src/manager/controller/status_controller.c @@ -0,0 +1,238 @@ +/** + * @file status_controller.c + * + * @brief Implementation of status_controller_t. + * + */ + +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "status_controller.h" +#include "../manager.h" +#include "../gateway.h" + +#include + +#include + + +typedef struct private_status_controller_t private_status_controller_t; + +/** + * private data of the task manager + */ +struct private_status_controller_t { + + /** + * public functions + */ + status_controller_t public; + + /** + * manager instance + */ + manager_t *manager; +}; + +/** + * read XML of a childsa element and fill template + */ +static void process_childsa(private_status_controller_t *this, char *id, + enumerator_t *e, request_t *r) +{ + xml_t *xml; + enumerator_t *e1, *e2; + char *name, *value, *reqid = "", *section = ""; + int num = 0; + + while (e->enumerate(e, &xml, &name, &value)) + { + if (streq(name, "reqid")) + { + reqid = value; + } + else if (streq(name, "local") || streq(name, "remote")) + { + section = name; + e1 = xml->children(xml); + while (e1->enumerate(e1, &xml, &name, &value)) + { + if (streq(name, "networks")) + { + e2 = xml->children(xml); + while (e2->enumerate(e2, &xml, &name, &value)) + { + if (streq(name, "network")) + { + r->setf(r, "ikesas.%s.childsas.%s.%s.networks.%d=%s", + id, reqid, section, ++num, value); + } + } + e2->destroy(e2); + } + else + { + r->setf(r, "ikesas.%s.childsas.%s.%s.%s=%s", + id, reqid, section, name, value); + } + } + e1->destroy(e1); + } + else + { + r->setf(r, "ikesas.%s.childsas.%s.%s=%s", + id, reqid, name, value); + } + } +} + +/** + * read XML of a ikesa element and fill template + */ +static void process_ikesa(private_status_controller_t *this, + enumerator_t *e, request_t *r) +{ + xml_t *xml; + enumerator_t *e1, *e2; + char *name, *value, *id = "", *section = ""; + + while (e->enumerate(e, &xml, &name, &value)) + { + if (streq(name, "id")) + { + id = value; + } + else if (streq(name, "local") || streq(name, "remote")) + { + section = name; + e1 = xml->children(xml); + while (e1->enumerate(e1, &xml, &name, &value)) + { + r->setf(r, "ikesas.%s.%s.%s=%s", id, section, name, value); + } + e1->destroy(e1); + } + else if (streq(name, "childsalist")) + { + e1 = xml->children(xml); + while (e1->enumerate(e1, &xml, &name, &value)) + { + if (streq(name, "childsa")) + { + e2 = xml->children(xml); + process_childsa(this, id, e2, r); + e2->destroy(e2); + } + } + e1->destroy(e1); + } + else + { + r->setf(r, "ikesas.%s.%s=%s", id, name, value); + } + } +} + +static void ikesalist(private_status_controller_t *this, request_t *r) +{ + gateway_t *gateway; + xml_t *xml; + enumerator_t *e1, *e2; + char *name, *value; + + gateway = this->manager->select_gateway(this->manager, 0); + e1 = gateway->query_ikesalist(gateway); + if (e1 == NULL) + { + r->set(r, "title", "Error"); + r->set(r, "error", "querying the gateway failed"); + r->render(r, "templates/error.cs"); + } + else + { + r->set(r, "title", "IKE SA overview"); + + while (e1->enumerate(e1, &xml, &name, &value)) + { + if (streq(name, "ikesa")) + { + e2 = xml->children(xml); + process_ikesa(this, e2, r); + e2->destroy(e2); + } + } + e1->destroy(e1); + + r->render(r, "templates/status/ikesalist.cs"); + } +} + +/** + * Implementation of controller_t.get_name + */ +static char* get_name(private_status_controller_t *this) +{ + return "status"; +} + +/** + * Implementation of controller_t.handle + */ +static void handle(private_status_controller_t *this, + request_t *request, char *action) +{ + if (!this->manager->logged_in(this->manager)) + { + return request->redirect(request, "auth/login"); + } + if (this->manager->select_gateway(this->manager, 0) == NULL) + { + return request->redirect(request, "gateway/list"); + } + if (action) + { + if (streq(action, "ikesalist")) + { + return ikesalist(this, request); + } + } + return request->redirect(request, "status/ikesalist"); +} + +/** + * Implementation of controller_t.destroy + */ +static void destroy(private_status_controller_t *this) +{ + free(this); +} + +/* + * see header file + */ +controller_t *status_controller_create(context_t *context, void *param) +{ + private_status_controller_t *this = malloc_thing(private_status_controller_t); + + this->public.controller.get_name = (char*(*)(controller_t*))get_name; + this->public.controller.handle = (void(*)(controller_t*,request_t*,char*,char*,char*,char*,char*))handle; + this->public.controller.destroy = (void(*)(controller_t*))destroy; + + this->manager = (manager_t*)context; + + return &this->public.controller; +} + diff --git a/src/manager/controller/status_controller.h b/src/manager/controller/status_controller.h new file mode 100644 index 000000000..a736dda83 --- /dev/null +++ b/src/manager/controller/status_controller.h @@ -0,0 +1,47 @@ +/** + * @file status_controller.h + * + * @brief Interface of status_controller_t. + * + */ + +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#ifndef STATUS_CONTROLLER_H_ +#define STATUS_CONTROLLER_H_ + + +#include + +typedef struct status_controller_t status_controller_t; + +/** + * @brief Status controller. + */ +struct status_controller_t { + + /** + * Implements controller_t interface. + */ + controller_t controller; +}; + +/** + * @brief Create a status_controller controller instance. + */ +controller_t *status_controller_create(context_t *context, void *param); + +#endif /* STATUS_CONTROLLER_H_ */ diff --git a/src/manager/database.c b/src/manager/database.c new file mode 100644 index 000000000..a7776c81e --- /dev/null +++ b/src/manager/database.c @@ -0,0 +1,183 @@ +/** + * @file database.c + * + * @brief Implementation of database_t. + * + */ + +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "database.h" + +#include +#include +#include + + +typedef struct private_database_t private_database_t; + +/** + * private data of database + */ +struct private_database_t { + + /** + * public functions + */ + database_t public; + + /** + * SQLite database handle + */ + sqlite3 *db; +}; + +/** + * database enumerator implements enumerator_t + */ +typedef struct { + enumerator_t enumerator; + sqlite3_stmt *stmt; +} db_enumerator_t; + +/** + * destroy a database enumerator + */ +static void db_enumerator_destroy(db_enumerator_t* this) +{ + sqlite3_finalize(this->stmt); + free(this); +} + +/** + * create a database enumerator + */ +static enumerator_t *db_enumerator_create(bool(*enumerate)(db_enumerator_t*,void*,...), + sqlite3_stmt *stmt) +{ + db_enumerator_t *this = malloc_thing(db_enumerator_t); + this->enumerator.enumerate = (void*)enumerate; + this->enumerator.destroy = (void*)db_enumerator_destroy; + this->stmt = stmt; + return &this->enumerator; +} + +/** + * Implementation of database_t.login. + */ +static int login(private_database_t *this, char *username, char *password) +{ + sqlite3_stmt *stmt; + hasher_t *hasher; + chunk_t hash, data; + size_t username_len, password_len; + int uid = 0; + char *str; + + /* hash = SHA1( username | password ) */ + hasher = hasher_create(HASH_SHA1); + hash = chunk_alloca(hasher->get_hash_size(hasher)); + username_len = strlen(username); + password_len = strlen(password); + data = chunk_alloca(username_len + password_len); + memcpy(data.ptr, username, username_len); + memcpy(data.ptr + username_len, password, password_len); + hasher->get_hash(hasher, data, hash.ptr); + hasher->destroy(hasher); + str = chunk_to_hex(hash, FALSE); + + if (sqlite3_prepare_v2(this->db, + "SELECT oid FROM users WHERE username = ? AND password = ?;", + -1, &stmt, NULL) == SQLITE_OK) + { + if (sqlite3_bind_text(stmt, 1, username, -1, SQLITE_STATIC) == SQLITE_OK && + sqlite3_bind_text(stmt, 2, str, -1, SQLITE_STATIC) == SQLITE_OK && + sqlite3_step(stmt) == SQLITE_ROW) + { + uid = sqlite3_column_int(stmt, 0); + } + sqlite3_finalize(stmt); + } + free(str); + return uid; +} + +/** + * enumerate function for gateway enumrator + */ +static bool gateway_enumerate(db_enumerator_t* e, int *id, const char **name, + int *port, const char **address) +{ + if (sqlite3_step(e->stmt) == SQLITE_ROW) + { + *id = sqlite3_column_int(e->stmt, 0); + *name = sqlite3_column_text(e->stmt, 1); + *port = sqlite3_column_int(e->stmt, 2); + *address = sqlite3_column_text(e->stmt, 3); + return TRUE; + } + return FALSE; +} + +/** + * Implementation of database_t.create_gateway_enumerator. + */ +static enumerator_t* create_gateway_enumerator(private_database_t *this, int user) +{ + sqlite3_stmt *stmt; + + if (sqlite3_prepare_v2(this->db, + "SELECT gateways.oid AS gid, name, port, address FROM " + "gateways, user_gateway AS ug ON gid = ug.gateway WHERE ug.user = ?;", + -1, &stmt, NULL) == SQLITE_OK) + { + if (sqlite3_bind_int(stmt, 1, user) == SQLITE_OK) + { + return db_enumerator_create((void*)gateway_enumerate, stmt); + } + sqlite3_finalize(stmt); + } + return enumerator_create_empty(); +} + +/** + * Implementation of database_t.destroy + */ +static void destroy(private_database_t *this) +{ + sqlite3_close(this->db); + free(this); +} + +/* + * see header file + */ +database_t *database_create(char *dbfile) +{ + private_database_t *this = malloc_thing(private_database_t); + + this->public.login = (int(*)(database_t*, char *username, char *password))login; + this->public.create_gateway_enumerator = (enumerator_t*(*)(database_t*,int))create_gateway_enumerator; + this->public.destroy = (void(*)(database_t*))destroy; + + if (sqlite3_open(dbfile, &this->db) != SQLITE_OK) + { + destroy(this); + return NULL; + } + return &this->public; +} + diff --git a/src/manager/database.h b/src/manager/database.h new file mode 100644 index 000000000..228d1cb22 --- /dev/null +++ b/src/manager/database.h @@ -0,0 +1,69 @@ +/** + * @file database.h + * + * @brief Interface of database_t. + * + */ + +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#ifndef DATABASE_H_ +#define DATABASE_H_ + +#include + + +typedef struct database_t database_t; + +/** + * @brief Persistent database. + */ +struct database_t { + + /** + * @brief Try to log in using specified credentials. + * + * @param username username + * @param password plaintext password + * @return user ID if login good, 0 otherwise + */ + int (*login)(database_t *this, char *username, char *password); + + /** + * @brief Create an iterator over the gateways. + * + * enumerate() arguments: int id, char *name, int port, char *address + * If port is 0, address is a Unix socket address. + * + * @param user user Id + * @return enumerator + */ + enumerator_t* (*create_gateway_enumerator)(database_t *this, int user); + + /** + * @brief Destroy a database instance. + */ + void (*destroy)(database_t *this); +}; + +/** + * @brief Create a database instance. + * + * @param dbfile SQLite database file + */ +database_t *database_create(char *dbfile); + +#endif /* DATABASE_H_ */ diff --git a/src/manager/gateway.c b/src/manager/gateway.c new file mode 100644 index 000000000..5f5a4b477 --- /dev/null +++ b/src/manager/gateway.c @@ -0,0 +1,253 @@ +/** + * @file gateway.c + * + * @brief Implementation of gateway_t. + * + */ + +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "gateway.h" + +#include +#include +#include +#include +#include +#include + +#include + +typedef struct private_gateway_t private_gateway_t; + +/** + * private data of gateway + */ +struct private_gateway_t { + + /** + * public functions + */ + gateway_t public; + + /** + * name of the gateway + */ + char *name; + + /** + * host to connect using tcp + */ + host_t *host; + + /** + * socket file descriptor, > 0 if connected + */ + int fd; +}; + +struct sockaddr_un unix_addr = { AF_UNIX, IPSEC_PIDDIR "/charon.xml"}; + +/** + * establish connection to gateway + */ +static bool connect_(private_gateway_t *this) +{ + int family, len; + struct sockaddr *addr; + + if (this->fd >= 0) + { + close(this->fd); + } + if (this->host) + { + family = AF_INET; + addr = this->host->get_sockaddr(this->host); + len = *this->host->get_sockaddr_len(this->host); + } + else + { + family = AF_UNIX; + addr = (struct sockaddr*)&unix_addr; + len = sizeof(unix_addr); + } + + this->fd = socket(family, SOCK_STREAM, 0); + if (this->fd < 0) + { + return FALSE; + } + if (connect(this->fd, addr, len) != 0) + { + close(this->fd); + this->fd = -1; + return FALSE; + } + return TRUE; +} + +/** + * Implementation of gateway_t.request. + */ +static char* request(private_gateway_t *this, char *xml) +{ + if (this->fd < 0) + { + if (!connect_(this)) + { + return NULL; + } + } + while (TRUE) + { + char buf[8096]; + ssize_t len; + + len = strlen(xml); + if (send(this->fd, xml, len, 0) != len) + { + return NULL; + } + len = recv(this->fd, buf, sizeof(buf) - 1, 0); + if (len < 0) + { + return NULL; + } + if (len == 0) + { + if (!connect_(this)) + { + return NULL; + } + continue; + } + buf[len] = 0; + return strdup(buf); + } +} + +/** + * Implementation of gateway_t.query_ikesalist. + */ +static enumerator_t* query_ikesalist(private_gateway_t *this) +{ + char *str, *name, *value; + xml_t *xml; + enumerator_t *e1, *e2, *e3, *e4 = NULL; + + str = request(this, "" + "" + "" + "" + ""); + if (str == NULL) + { + return NULL; + } + xml = xml_create(str); + if (xml == NULL) + { + return NULL; + } + + e1 = xml->children(xml); + free(str); + while (e1->enumerate(e1, &xml, &name, &value)) + { + if (streq(name, "message")) + { + e2 = xml->children(xml); + while (e2->enumerate(e2, &xml, &name, &value)) + { + if (streq(name, "query")) + { + e3 = xml->children(xml); + while (e3->enumerate(e3, &xml, &name, &value)) + { + if (streq(name, "ikesalist")) + { + e4 = xml->children(xml); + e1->destroy(e1); + e2->destroy(e2); + e3->destroy(e3); + return e4; + } + } + e3->destroy(e3); + } + } + e2->destroy(e2); + } + } + e1->destroy(e1); + return NULL; +} + +/** + * Implementation of gateway_t.destroy + */ +static void destroy(private_gateway_t *this) +{ + if (this->fd >= 0) + { + close(this->fd); + } + if (this->host) this->host->destroy(this->host); + free(this->name); + free(this); +} + +/** + * generic constructor + */ +static private_gateway_t *gateway_create(char *name) +{ + private_gateway_t *this = malloc_thing(private_gateway_t); + + this->public.request = (char*(*)(gateway_t*, char *xml))request; + this->public.query_ikesalist = (enumerator_t*(*)(gateway_t*))query_ikesalist; + this->public.destroy = (void(*)(gateway_t*))destroy; + + this->name = strdup(name); + this->host = NULL; + this->fd = -1; + + return this; +} + +/** + * see header + */ +gateway_t *gateway_create_tcp(char *name, host_t *host) +{ + private_gateway_t *this = gateway_create(name); + + this->host = host; + + return &this->public; +} + +/** + * see header + */ +gateway_t *gateway_create_unix(char *name) +{ + private_gateway_t *this = gateway_create(name); + + return &this->public; +} + diff --git a/src/manager/gateway.h b/src/manager/gateway.h new file mode 100644 index 000000000..1fe2aef4b --- /dev/null +++ b/src/manager/gateway.h @@ -0,0 +1,74 @@ +/** + * @file gateway.h + * + * @brief Interface of gateway_t. + * + */ + +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#ifndef GATEWAY_H_ +#define GATEWAY_H_ + +#include +#include + +typedef struct gateway_t gateway_t; + +/** + * @brief A connection to a gateway. + */ +struct gateway_t { + + /** + * @brief Send an XML request to the gateway. + * + * @param xml xml request string + * @return allocated xml response string + */ + char* (*request)(gateway_t *this, char *xml); + + /** + * @brief Query the list of IKE_SAs and all its children. + * + * @return enumerator over ikesa XML elements + */ + enumerator_t* (*query_ikesalist)(gateway_t *this); + + /** + * @brief Destroy a gateway instance. + */ + void (*destroy)(gateway_t *this); +}; + +/** + * @brief Create a gateway instance using a TCP connection. + * + * @param name name of the gateway + * @param host gateway connection endpoint + * @param + */ +gateway_t *gateway_create_tcp(char *name, host_t *host); + +/** + * @brief Create a gateway instance using a UNIX socket. + * + * @param name name of the gateway + * @param + */ +gateway_t *gateway_create_unix(char *name); + +#endif /* GATEWAY_H_ */ diff --git a/src/manager/lib/context.h b/src/manager/lib/context.h new file mode 100644 index 000000000..23c979b8e --- /dev/null +++ b/src/manager/lib/context.h @@ -0,0 +1,47 @@ +/** + * @file context.h + * + * @brief Interface of context_t. + * + */ + +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#ifndef CONTEXT_H_ +#define CONTEXT_H_ + +typedef struct context_t context_t; + +/** + * @brief Constructor function for a context + */ +typedef context_t *(*context_constructor_t)(void *param); + +/** + * @brief Custom session context + * + */ +struct context_t { + + /** + * @brief Destroy the context_t. + * + * @param this calling object + */ + void (*destroy) (context_t *this); +}; + +#endif /* CONTEXT_H_ */ diff --git a/src/manager/lib/controller.h b/src/manager/lib/controller.h new file mode 100644 index 000000000..5b39f559c --- /dev/null +++ b/src/manager/lib/controller.h @@ -0,0 +1,84 @@ +/** + * @file controller.h + * + * @brief Interface controller_t. + * + */ + +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#ifndef CONTROLLER_H_ +#define CONTROLLER_H_ + +#include "request.h" +#include "context.h" + +typedef struct controller_t controller_t; + +/** + * @brief Controller action handle function + * + * @param request http request + * @param response http response + */ +typedef void *(*controller_handler_t)(controller_t *this, request_t *request); + +/** + * @brief Constructor function for a controller + * + * @param context session specific context + * @param param user supplied param + */ +typedef controller_t *(*controller_constructor_t)(context_t* context, void *param); + +/** + * @brief Controller interface, to be implemented by users controllers. + * + */ +struct controller_t { + + /** + * @brief Get the name of the controller. + * + * @return name of the controller + */ + char* (*get_name)(controller_t *this); + + /** + * @brief Handle a HTTP request for that controller. + * + * Request URLs are parsed in the form + * controller_name/p1/p2/p3/p4/p5 with a maximum of 5 parameters. Each + * parameter not found in the request URL is set to NULL. + * + * @param request HTTP request + * @param p1 first parameter + * @param p2 second parameter + * @param p3 third parameter + * @param p4 forth parameter + * @param p5 fifth parameter + * @return + */ + void (*handle)(controller_t *this, request_t *request, + char *a1, char *a2, char *a3, char *a4, char *a5); + + /** + * @brief Destroy the controller instance. + */ + void (*destroy) (controller_t *this); +}; + +#endif /* CONTROLLER_H_ */ diff --git a/src/manager/lib/dispatcher.c b/src/manager/lib/dispatcher.c new file mode 100644 index 000000000..df669ceb6 --- /dev/null +++ b/src/manager/lib/dispatcher.c @@ -0,0 +1,402 @@ +/** + * @file dispatcher.c + * + * @brief Implementation of dispatcher_t. + * + */ + +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "dispatcher.h" + +#include "request.h" +#include "session.h" + +#include +#include +#include +#include + +#include + +typedef struct private_dispatcher_t private_dispatcher_t; + +/** + * private data of the task manager + */ +struct private_dispatcher_t { + + /** + * public functions + */ + dispatcher_t public; + + /** + * fcgi socket fd + */ + int fd; + + /** + * thread list + */ + pthread_t *threads; + + /** + * number of threads in "threads" + */ + int thread_count; + + /** + * session locking mutex + */ + pthread_mutex_t mutex; + + /** + * List of sessions + */ + linked_list_t *sessions; + + /** + * session timeout + */ + time_t timeout; + + /** + * List of controllers controller_constructor_t + */ + linked_list_t *controllers; + + /** + * constructor function to create session context (in constructor_entry_t) + */ + context_constructor_t context_constructor; + + /** + * user param to context constructor + */ + void *param; + + /** + * thread specific initialization handler + */ + void (*init)(void *param); + + /** + * argument to pass to thread intiializer + */ + void *init_param; + + /** + * thread specific deinitialization handler + */ + void (*deinit)(void *param); + + /** + * param tho thread specific deinitialization handler + */ + void *deinit_param; +}; + +typedef struct { + /** constructor function */ + controller_constructor_t constructor; + /** parameter to constructor */ + void *param; +} constructor_entry_t; + +typedef struct { + /** session instance */ + session_t *session; + /** condvar to wait for session */ + pthread_cond_t cond; + /** number of threads waiting for session */ + int waiting; + /** last use of the session */ + time_t used; +} session_entry_t; + +/** + * create a session and instanciate controllers + */ +static session_t* load_session(private_dispatcher_t *this) +{ + iterator_t *iterator; + constructor_entry_t *entry; + session_t *session; + context_t *context = NULL; + controller_t *controller; + + if (this->context_constructor) + { + context = this->context_constructor(this->param); + } + session = session_create(context); + + iterator = this->controllers->create_iterator(this->controllers, TRUE); + while (iterator->iterate(iterator, (void**)&entry)) + { + controller = entry->constructor(context, entry->param); + session->add_controller(session, controller); + } + iterator->destroy(iterator); + + return session; +} + +/** + * create a new session entry + */ +static session_entry_t *session_entry_create(private_dispatcher_t *this) +{ + session_entry_t *entry; + + entry = malloc_thing(session_entry_t); + entry->waiting = 1; + pthread_cond_init(&entry->cond, NULL); + entry->session = load_session(this); + entry->used = time(NULL); + + return entry; +} + +static void session_entry_destroy(session_entry_t *entry) +{ + entry->session->destroy(entry->session); + free(entry); +} + +/** + * Implementation of dispatcher_t.add_controller. + */ +static void add_controller(private_dispatcher_t *this, + controller_constructor_t constructor, void *param) +{ + constructor_entry_t *entry = malloc_thing(constructor_entry_t); + + entry->constructor = constructor; + entry->param = param; + this->controllers->insert_last(this->controllers, entry); +} + +/** + * Actual dispatching code + */ +static void dispatch(private_dispatcher_t *this) +{ + FCGX_Request fcgi_req; + + if (FCGX_InitRequest(&fcgi_req, this->fd, 0) == 0) + { + while (TRUE) + { + request_t *request; + session_entry_t *current, *found = NULL; + iterator_t *iterator; + time_t now; + char *sid; + int accepted; + + pthread_setcancelstate(PTHREAD_CANCEL_ENABLE, NULL); + accepted = FCGX_Accept_r(&fcgi_req); + pthread_setcancelstate(PTHREAD_CANCEL_DISABLE, NULL); + + if (accepted != 0) + { + break; + } + + /* prepare */ + request = request_create(&fcgi_req, TRUE); + if (request == NULL) + { + continue; + } + sid = request->get_cookie(request, "SID"); + now = time(NULL); + + /* find session */ + iterator = this->sessions->create_iterator_locked(this->sessions, &this->mutex); + while (iterator->iterate(iterator, (void**)¤t)) + { + /* check all sessions for timeout */ + if (current->waiting == 0 && + current->used < now - this->timeout) + { + iterator->remove(iterator); + session_entry_destroy(current); + continue; + } + if (!found && sid && + streq(current->session->get_sid(current->session), sid)) + { + found = current; + found->waiting++; + } + } + iterator->destroy(iterator); + + if (found) + { /* wait until session is unused */ + pthread_mutex_lock(&this->mutex); + while (found->waiting > 1) + { + pthread_cond_wait(&found->cond, &this->mutex); + } + pthread_mutex_unlock(&this->mutex); + } + else + { /* create a new session if not found */ + found = session_entry_create(this); + pthread_mutex_lock(&this->mutex); + this->sessions->insert_first(this->sessions, found); + pthread_mutex_unlock(&this->mutex); + } + + /* start processing */ + found->session->process(found->session, request); + found->used = time(NULL); + + /* release session */ + pthread_mutex_lock(&this->mutex); + found->waiting--; + pthread_cond_signal(&found->cond); + pthread_mutex_unlock(&this->mutex); + + /* cleanup */ + request->destroy(request); + + /* + FCGX_FPrintF(fcgi_req.out, "
    "); + char **env = fcgi_req.envp; + while (*env) + { + FCGX_FPrintF(fcgi_req.out, "
  • %s
  • ", *env); + env++; + } + FCGX_FPrintF(fcgi_req.out, "
"); + */ + } + } +} + +/** + * Setup thread and start dispatching + */ +static void start_dispatching(private_dispatcher_t *this) +{ + pthread_setcancelstate(PTHREAD_CANCEL_DISABLE, NULL); + if (this->init) + { + this->init(this->init_param); + } + if (this->deinit) + { + pthread_cleanup_push(this->deinit, this->deinit_param); + dispatch(this); + pthread_cleanup_pop(1); + } + else + { + dispatch(this); + } +} + +/** + * Implementation of dispatcher_t.run. + */ +static void run(private_dispatcher_t *this, int threads, + void(*init)(void *param), void *init_param, + void(*deinit)(void *param), void *deinit_param) +{ + this->init = init; + this->init_param = init_param; + this->deinit = deinit; + this->deinit_param = deinit_param; + this->thread_count = threads; + this->threads = malloc(sizeof(pthread_t) * threads); + while (threads) + { + if (pthread_create(&this->threads[threads - 1], + NULL, (void*)start_dispatching, this) == 0) + { + threads--; + } + } +} + +/** + * Implementation of dispatcher_t.waitsignal. + */ +static void waitsignal(private_dispatcher_t *this) +{ + sigset_t set; + int sig; + + sigemptyset(&set); + sigaddset(&set, SIGINT); + sigaddset(&set, SIGTERM); + sigaddset(&set, SIGHUP); + sigprocmask(SIG_BLOCK, &set, NULL); + sigwait(&set, &sig); +} + +/** + * Implementation of dispatcher_t.destroy + */ +static void destroy(private_dispatcher_t *this) +{ + FCGX_ShutdownPending(); + while (this->thread_count--) + { + pthread_cancel(this->threads[this->thread_count]); + pthread_join(this->threads[this->thread_count], NULL); + } + this->sessions->destroy_function(this->sessions, (void*)session_entry_destroy); + this->controllers->destroy_function(this->controllers, free); + free(this); +} + +/* + * see header file + */ +dispatcher_t *dispatcher_create(char *socket, int timeout, + context_constructor_t constructor, void *param) +{ + private_dispatcher_t *this = malloc_thing(private_dispatcher_t); + + this->public.add_controller = (void(*)(dispatcher_t*, controller_constructor_t, void*))add_controller; + this->public.run = (void(*)(dispatcher_t*, int threads,void(*)(void *),void *,void(*)(void *),void *))run; + this->public.waitsignal = (void(*)(dispatcher_t*))waitsignal; + this->public.destroy = (void(*)(dispatcher_t*))destroy; + + this->sessions = linked_list_create(); + this->controllers = linked_list_create(); + this->context_constructor = constructor; + pthread_mutex_init(&this->mutex, NULL); + this->param = param; + this->fd = 0; + this->timeout = timeout; + + FCGX_Init(); + + if (socket) + { + unlink(socket); + this->fd = FCGX_OpenSocket(socket, 10); + } + return &this->public; +} + diff --git a/src/manager/lib/dispatcher.h b/src/manager/lib/dispatcher.h new file mode 100644 index 000000000..274837838 --- /dev/null +++ b/src/manager/lib/dispatcher.h @@ -0,0 +1,95 @@ +/** + * @file dispatcher.h + * + * @brief Interface of dispatcher_t. + * + */ + +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#ifndef DISPATCHER_H_ +#define DISPATCHER_H_ + +#include "controller.h" + +typedef struct dispatcher_t dispatcher_t; + +/** + * @brief Dispatcher, accepts connections using multiple threads. + * + * The dispatcher creates a session for each client (using SID cookies). In + * each session, a session context is created using the context constructor. + * Each controller is instanciated in the session using the controller + * constructor added with add_controller. + */ +struct dispatcher_t { + + /** + * @brief Register a controller to the dispatcher. + * + * The first controller added serves as default controller. Client's + * get redirected to it if no other controller matches. + * + * @param constructor constructor function to the conntroller + * @param param param to pass to constructor + */ + void (*add_controller)(dispatcher_t *this, + controller_constructor_t constructor, void *param); + + /** + * @brief Start with dispatching. + * + * It may be necessary to call per-thread initialization functions. + * If init is not NULL, the handler is called right after thread + * creation (by the created thread) and the deinit function is called + * before the thread gets destroyed (again by the thread itself). + * + * @param thread number of dispatching threads + * @param init thread specific initialization function, or NULL + * @param init_param param to pass to init function + * @param deinit thread dpecific deinitialization function, or NULL + * @param deinit_param param to pass to deinit function + */ + void (*run)(dispatcher_t *this, int threads, + void(*init)(void *param), void *init_param, + void(*deinit)(void *param), void *deinit_param); + + /** + * @brief Wait for a relevant signal action. + */ + void (*waitsignal)(dispatcher_t *this); + + /** + * @brief Destroy the dispatcher_t. + */ + void (*destroy) (dispatcher_t *this); +}; + +/** + * @brief Create a dispatcher. + * + * The context constructor is invoked to create a session context for + * each session. + * + * @param socket FastCGI socket path, NULL for dynamic + * @param timeout session timeout + * @param constructor construction function for session context + * @param param parameter to supply to context constructor + */ +dispatcher_t *dispatcher_create(char *socket, int timeout, + context_constructor_t constructor, void *param); + +#endif /* DISPATCHER_H_ */ diff --git a/src/manager/lib/request.c b/src/manager/lib/request.c new file mode 100644 index 000000000..4623b3860 --- /dev/null +++ b/src/manager/lib/request.c @@ -0,0 +1,305 @@ +/** + * @file request.c + * + * @brief Implementation of request_t. + * + */ + +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#define _GNU_SOURCE + +#include "request.h" + +#include +#include +#include +#include + +typedef struct private_request_t private_request_t; + +/** + * private data of the task manager + */ +struct private_request_t { + + /** + * public functions + */ + request_t public; + + /** + * FastCGI request object + */ + FCGX_Request *req; + + /** + * ClearSilver CGI Kit context + */ + CGI *cgi; + + /** + * ClearSilver HDF dataset for this request + */ + HDF *hdf; +}; + +/** + * thread specific FCGX_Request, used for ClearSilver cgiwrap callbacks. + * ClearSilver cgiwrap is not threadsave, so we use a private + * context for each thread. + */ +static __thread FCGX_Request *req; + +/** + * length of param list in req->envp + */ +static __thread int req_env_len; + +/** + * fcgiwrap read callback + */ +static int read_cb(void *null, char *buf, int size) +{ + return FCGX_GetStr(buf, size, req->in); +} + +/** + * fcgiwrap writef callback + */ +static int writef_cb(void *null, const char *format, va_list args) +{ + FCGX_VFPrintF(req->out, format, args); + return 0; +} +/** + * fcgiwrap write callback + */ +static int write_cb(void *null, const char *buf, int size) +{ + return FCGX_PutStr(buf, size, req->out); +} + +/** + * fcgiwrap getenv callback + */ +static char *getenv_cb(void *null, const char *key) +{ + char *value; + + value = FCGX_GetParam(key, req->envp); + return value ? strdup(value) : NULL; +} + +/** + * fcgiwrap getenv callback + */ +static int putenv_cb(void *null, const char *key, const char *value) +{ + /* not supported */ + return 1; +} + +/** + * fcgiwrap iterenv callback + */ +static int iterenv_cb(void *null, int num, char **key, char **value) +{ + *key = NULL; + *value = NULL; + + if (num < req_env_len) + { + char *eq; + + eq = strchr(req->envp[num], '='); + if (eq) + { + *key = strndup(req->envp[num], eq - req->envp[num]); + *value = strdup(eq + 1); + } + if (*key == NULL || *value == NULL) + { + free(*key); + free(*value); + return 1; + } + } + return 0; +} + +/** + * Implementation of request_t.get_cookie. + */ +static char* get_cookie(private_request_t *this, char *name) +{ + return hdf_get_valuef(this->hdf, "Cookie.%s", name); +} + +/** + * Implementation of request_t.get_path. + */ +static char* get_path(private_request_t *this) +{ + char * path = FCGX_GetParam("PATH_INFO", this->req->envp); + return path ? path : ""; +} + +/** + * Implementation of request_t.get_post_data. + */ +static char* get_query_data(private_request_t *this, char *name) +{ + return hdf_get_valuef(this->hdf, "Query.%s", name); +} + +/** + * Implementation of request_t.add_cookie. + */ +static void add_cookie(private_request_t *this, char *name, char *value) +{ + cgi_cookie_set (this->cgi, name, value, + FCGX_GetParam("SCRIPT_NAME", this->req->envp), + NULL, NULL, 0, 0); +} + +/** + * Implementation of request_t.redirect. + */ +static void redirect(private_request_t *this, char *location) +{ + FCGX_FPrintF(this->req->out, "Status: 303 See Other\n"); + FCGX_FPrintF(this->req->out, "Location: %s%s%s\n\n", + FCGX_GetParam("SCRIPT_NAME", this->req->envp), + *location == '/' ? "" : "/", location); +} + +/** + * Implementation of request_t.get_base. + */ +static char* get_base(private_request_t *this) +{ + return FCGX_GetParam("SCRIPT_NAME", this->req->envp); +} + +/** + * Implementation of request_t.render. + */ +static void render(private_request_t *this, char *template) +{ + NEOERR* err; + + err = cgi_display(this->cgi, template); + if (err) + { + cgi_neo_error(this->cgi, err); + nerr_log_error(err); + } + return; +} + +/** + * Implementation of request_t.set. + */ +static void set(private_request_t *this, char *key, char *value) +{ + hdf_set_value(this->hdf, key, value); +} + +/** + * Implementation of request_t.setf. + */ +static void setf(private_request_t *this, char *format, ...) +{ + va_list args; + + va_start(args, format); + hdf_set_valuevf(this->hdf, format, args); + va_end(args); +} + +/** + * Implementation of request_t.destroy + */ +static void destroy(private_request_t *this) +{ + cgi_destroy(&this->cgi); + free(this); +} + +/* + * see header file + */ +request_t *request_create(FCGX_Request *request, bool debug) +{ + NEOERR* err; + static bool initialized = FALSE; + private_request_t *this = malloc_thing(private_request_t); + + this->public.get_path = (char*(*)(request_t*))get_path; + this->public.get_base = (char*(*)(request_t*))get_base; + this->public.add_cookie = (void(*)(request_t*, char *name, char *value))add_cookie; + this->public.get_cookie = (char*(*)(request_t*,char*))get_cookie; + this->public.get_query_data = (char*(*)(request_t*, char *name))get_query_data; + this->public.redirect = (void(*)(request_t*, char *location))redirect; + this->public.render = (void(*)(request_t*,char*))render; + this->public.set = (void(*)(request_t*, char *, char*))set; + this->public.setf = (void(*)(request_t*, char *format, ...))setf; + this->public.destroy = (void(*)(request_t*))destroy; + + if (!initialized) + { + cgiwrap_init_emu(NULL, read_cb, writef_cb, write_cb, + getenv_cb, putenv_cb, iterenv_cb); + initialized = TRUE; + } + + this->req = request; + req = request; + req_env_len = 0; + while (req->envp[req_env_len] != NULL) + { + req_env_len++; + } + + err = hdf_init(&this->hdf); + if (!err) + { + hdf_set_value(this->hdf, "base", get_base(this)); + hdf_set_value(this->hdf, "Config.NoCache", "true"); + if (!debug) + { + hdf_set_value(this->hdf, "Config.TimeFooter", "0"); + hdf_set_value(this->hdf, "Config.CompressionEnabled", "1"); + hdf_set_value(this->hdf, "Config.WhiteSpaceStrip", "2"); + } + + err = cgi_init(&this->cgi, this->hdf); + if (!err) + { + err = cgi_parse(this->cgi); + if (!err) + { + return &this->public; + } + cgi_destroy(&this->cgi); + } + } + nerr_log_error(err); + free(this); + return NULL; +} + diff --git a/src/manager/lib/request.h b/src/manager/lib/request.h new file mode 100644 index 000000000..e6fd71e71 --- /dev/null +++ b/src/manager/lib/request.h @@ -0,0 +1,127 @@ +/** + * @file request.h + * + * @brief Interface of request_t. + * + */ + +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#ifndef REQUEST_H_ +#define REQUEST_H_ + +#include +#include + +typedef struct request_t request_t; + +/** + * @brief A HTTP request, encapsulates FCGX_Request. + * + */ +struct request_t { + + /** + * @brief Add a cookie to the reply (Set-Cookie header). + * + * @param name name of the cookie to set + * @param value value of the cookie + */ + void (*add_cookie)(request_t *this, char *name, char *value); + + /** + * @brief Get a cookie the client sent in the request. + * + * @param name name of the cookie + * @return cookie value, NULL if no such cookie found + */ + char* (*get_cookie)(request_t *this, char *name); + + /** + * @brief Get the request path relative to the application. + * + * @return path + */ + char* (*get_path)(request_t *this); + + /** + * @brief Get the base path of the application. + * + * @return base path + */ + char* (*get_base)(request_t *this); + + /** + * @brief Get a post/get variable included in the request. + * + * @param name name of the POST/GET variable + * @return value, NULL if not found + */ + char* (*get_query_data)(request_t *this, char *name); + + /** + * @brief Redirect the client to another location. + * + * @param location location to redirect to + */ + void (*redirect)(request_t *this, char *location); + + /** + * @brief Set a template value. + * + * @param key key to set + * @param value value to set key to + */ + void (*set)(request_t *this, char *key, char *value); + + /** + * @brief Set a template value using format strings. + * + * Format string is in the form "key=value", where printf like format + * substitution occurs over the whole string. + * + * @param format printf like format string + * @param ... variable argument list + */ + void (*setf)(request_t *this, char *format, ...); + + /** + * @brief Render a template. + * + * The render() function additionally sets a HDF variable "base" + * which points to the root of the web application and allows to point to + * other targets without to worry about path location. + * + * @param template clearsilver template file location + * @return rendered template string + */ + void (*render)(request_t *this, char *template); + + /** + * @brief Destroy the request_t. + */ + void (*destroy) (request_t *this); +}; + +/** + * @brief Create a request from the fastcgi struct. + * + * @param request the FCGI request + * @param debug no stripping, no compression, timing information + */ +request_t *request_create(FCGX_Request *request, bool debug); + +#endif /* REQUEST_H_ */ diff --git a/src/manager/lib/session.c b/src/manager/lib/session.c new file mode 100644 index 000000000..fe260b887 --- /dev/null +++ b/src/manager/lib/session.c @@ -0,0 +1,175 @@ +/** + * @file session.c + * + * @brief Implementation of session_t. + * + */ + +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#define _GNU_SOURCE + +#include "session.h" + +#include +#include +#include + +#include +#include + +typedef struct private_session_t private_session_t; + +/** + * private data of the task manager + */ +struct private_session_t { + + /** + * public functions + */ + session_t public; + + /** + * session ID + */ + char *sid; + + /** + * list of controller instances controller_t + */ + linked_list_t *controllers; + + /** + * user defined session context + */ + context_t *context; +}; + +/** + * Implementation of session_t.load_controller. + */ +static void add_controller(private_session_t *this, controller_t *controller) +{ + this->controllers->insert_last(this->controllers, controller); +} + +/** + * Create a session ID and a cookie + */ +static void create_sid(private_session_t *this, request_t *request) +{ + char buf[16]; + chunk_t chunk = chunk_from_buf(buf); + randomizer_t *randomizer = randomizer_create(); + + randomizer->get_pseudo_random_bytes(randomizer, sizeof(buf), buf); + this->sid = chunk_to_hex(chunk, FALSE); + request->add_cookie(request, "SID", this->sid); + randomizer->destroy(randomizer); +} + +/** + * Implementation of session_t.process. + */ +static void process(private_session_t *this, request_t *request) +{ + char *pos, *start, *param[6] = {NULL, NULL, NULL, NULL, NULL, NULL}; + iterator_t *iterator; + bool handled = FALSE; + controller_t *current; + int i = 0; + + if (this->sid == NULL) + { + create_sid(this, request); + } + + start = request->get_path(request); + if (start) + { + if (*start == '/') start++; + while ((pos = strchr(start, '/')) != NULL && i < 5) + { + param[i++] = strndup(start, pos - start); + start = pos + 1; + } + param[i] = strdup(start); + iterator = this->controllers->create_iterator(this->controllers, TRUE); + while (iterator->iterate(iterator, (void**)¤t)) + { + if (streq(current->get_name(current), param[0])) + { + current->handle(current, request, param[1], param[2], param[3], + param[4], param[5]); + handled = TRUE; + break; + } + } + iterator->destroy(iterator); + for (i = 0; i < 6; i++) + { + free(param[i]); + } + } + if (!handled) + { + if (this->controllers->get_first(this->controllers, + (void**)¤t) == SUCCESS) + { + request->redirect(request, current->get_name(current)); + } + } +} + +/** + * Implementation of session_t.get_sid. + */ +static char* get_sid(private_session_t *this) +{ + return this->sid; +} + +/** + * Implementation of session_t.destroy + */ +static void destroy(private_session_t *this) +{ + this->controllers->destroy_offset(this->controllers, offsetof(controller_t, destroy)); + if (this->context) this->context->destroy(this->context); + free(this->sid); + free(this); +} + +/* + * see header file + */ +session_t *session_create(context_t *context) +{ + private_session_t *this = malloc_thing(private_session_t); + + this->public.add_controller = (void(*)(session_t*, controller_t*))add_controller; + this->public.process = (void(*)(session_t*,request_t*))process; + this->public.get_sid = (char*(*)(session_t*))get_sid; + this->public.destroy = (void(*)(session_t*))destroy; + + this->sid = NULL; + this->controllers = linked_list_create(); + this->context = context; + + return &this->public; +} + diff --git a/src/manager/lib/session.h b/src/manager/lib/session.h new file mode 100644 index 000000000..d18545876 --- /dev/null +++ b/src/manager/lib/session.h @@ -0,0 +1,73 @@ +/** + * @file session.h + * + * @brief Interface of session_t. + * + */ + +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#ifndef SESSION_H_ +#define SESSION_H_ + +#include "request.h" +#include "controller.h" + +typedef struct session_t session_t; + +/** + * @brief A session, identified by a session ID. + * + */ +struct session_t { + + /** + * @brief Get the session ID of the session. + * + * @return session ID + */ + char* (*get_sid)(session_t *this); + + /** + * @brief Add a controller instance to the session. + * + * @param controller controller to add + */ + void (*add_controller)(session_t *this, controller_t *controller); + + /** + * @brief Process a request in this session. + * + * @param request request to process + */ + void (*process)(session_t *this, request_t *request); + + /** + * @brief Destroy the session_t. + * + * @param this calling object + */ + void (*destroy) (session_t *this); +}; + +/** + * @brief Create a session. + * + * @param context user defined session context instance + */ +session_t *session_create(context_t *context); + +#endif /* SESSION_H_ */ diff --git a/src/manager/lib/xml.c b/src/manager/lib/xml.c new file mode 100644 index 000000000..008235b69 --- /dev/null +++ b/src/manager/lib/xml.c @@ -0,0 +1,169 @@ +/** + * @file xml.c + * + * @brief Implementation of xml_t. + * + */ + +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "xml.h" + +#include +#include + + +typedef struct private_xml_t private_xml_t; + +/** + * private data of xml + */ +struct private_xml_t { + + /** + * public functions + */ + xml_t public; + + /** + * root node of this xml (part) + */ + xmlNode *node; + + /** + * document, only for root xml_t + */ + xmlDoc *doc; + + /** + * Root xml_t* + */ + private_xml_t *root; + + /** + * number of enumerator instances + */ + int enums; +}; + +/** + * child element enumerator + */ +typedef struct { + /** enumerator interface */ + enumerator_t e; + /** current child context (returned to enumerate() caller) */ + private_xml_t child; + /** currently processing node */ + xmlNode *node; +} child_enum_t; + +/** + * Implementation of xml_t.children().enumerate(). + */ +static bool child_enumerate(child_enum_t *e, private_xml_t **child, + char **name, char **value) +{ + while (e->node && e->node->type != XML_ELEMENT_NODE) + { + e->node = e->node->next; + } + if (e->node) + { + xmlNode *text; + + text = e->node->children; + *value = NULL; + + while (text && text->type != XML_TEXT_NODE) + { + text = text->next; + } + if (text) + { + *value = text->content; + } + *name = (char*)e->node->name; + *child = &e->child; + e->child.node = e->node->children; + e->node = e->node->next; + return TRUE; + } + return FALSE; +} + +/** + * Implementation of xml_t.get_attribute. + */ +static char* get_attribute(private_xml_t *this, char *name) +{ + return NULL; +} + +/** + * destroy enumerator, and complete tree if this was the last enumerator + */ +static void child_destroy(child_enum_t *this) +{ + if (--this->child.root->enums == 0) + { + xmlFreeDoc(this->child.root->doc); + free(this->child.root); + } + free(this); +} + +/** + * Implementation of xml_t.children. + */ +static enumerator_t* children(private_xml_t *this) +{ + child_enum_t *ce = malloc_thing(child_enum_t); + ce->e.enumerate = (void*)child_enumerate; + ce->e.destroy = (void*)child_destroy; + ce->node = this->node; + ce->child.public.children = (void*)children; + ce->child.public.get_attribute = (void*)get_attribute; + ce->child.node = NULL; + ce->child.doc = this->doc; + ce->child.root = this->root; + this->root->enums++; + return &ce->e; +} + +/* + * see header file + */ +xml_t *xml_create(char *xml) +{ + private_xml_t *this = malloc_thing(private_xml_t); + + this->public.get_attribute = (char*(*)(xml_t*,char*))get_attribute; + this->public.children = (enumerator_t*(*)(xml_t*))children; + + this->doc = xmlReadMemory(xml, strlen(xml), NULL, NULL, 0); + if (this->doc == NULL) + { + free(this); + return NULL; + } + this->node = xmlDocGetRootElement(this->doc); + this->root = this; + this->enums = 0; + + return &this->public; +} + diff --git a/src/manager/lib/xml.h b/src/manager/lib/xml.h new file mode 100644 index 000000000..738a8e1b3 --- /dev/null +++ b/src/manager/lib/xml.h @@ -0,0 +1,63 @@ +/** + * @file xml.h + * + * @brief Interface of xml_t. + * + */ + +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#ifndef XML_H_ +#define XML_H_ + +#include + +typedef struct xml_t xml_t; + +/** + * @brief Simple enumerator based XML parser. + * + * An xml_t is a single node of the XML tree, but also serves as root node + * and therefore the document. + * This object has no destructor, the tree gets destroyed when all enumerator + * instances get destroyed. + */ +struct xml_t { + + /** + * @brief Create an enumerator over all children. + * + * Enumerated values must not be manipulated or freed. + * + * @return enumerator over (xml_t* child, char *name, char *value) + */ + enumerator_t* (*children)(xml_t *this); + + /** + * @brief Get an attribute value by its name. + * + * @param name name of the attribute + * @return attribute value, NULL if not found + */ + char *(*get_attribute)(xml_t *this, char *name); +}; + +/** + * @brief Create a xml instance. + */ +xml_t *xml_create(char *xml); + +#endif /* XML_H_ */ diff --git a/src/manager/main.c b/src/manager/main.c new file mode 100644 index 000000000..bbe07cbf3 --- /dev/null +++ b/src/manager/main.c @@ -0,0 +1,68 @@ +/** + * @file main.c + * + * @brief Implementation of dispatcher_t. + * + */ + +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include +#include + +#include "manager.h" +#include "database.h" +#include "controller/auth_controller.h" +#include "controller/status_controller.h" +#include "controller/gateway_controller.h" + +#define DBFILE IPSECDIR "/manager.db" +#define SESSION_TIMEOUT 180 +#define THREADS 10 + +int main (int arc, char *argv[]) +{ + dispatcher_t *dispatcher; + database_t *database; + char *socket = NULL; + +#ifdef FCGI_SOCKET + socket = FCGI_SOCKET; +#endif /* FCGI_SOCKET */ + + database = database_create(DBFILE); + if (database == NULL) + { + fprintf(stderr, "opening database '%s' failed.\n", DBFILE); + return 1; + } + + dispatcher = dispatcher_create(socket, SESSION_TIMEOUT, + (context_constructor_t)manager_create, database); + dispatcher->add_controller(dispatcher, status_controller_create, NULL); + dispatcher->add_controller(dispatcher, gateway_controller_create, NULL); + dispatcher->add_controller(dispatcher, auth_controller_create, NULL); + + dispatcher->run(dispatcher, THREADS, NULL, NULL, NULL, NULL); + + dispatcher->waitsignal(dispatcher); + + dispatcher->destroy(dispatcher); + database->destroy(database); + + return 0; +} + diff --git a/src/manager/manager.c b/src/manager/manager.c new file mode 100644 index 000000000..39c8d995a --- /dev/null +++ b/src/manager/manager.c @@ -0,0 +1,167 @@ +/** + * @file manager.c + * + * @brief Implementation of manager_t. + * + */ + +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "manager.h" + +#include "gateway.h" + +#include + +typedef struct private_manager_t private_manager_t; + +/** + * private data of manager + */ +struct private_manager_t { + + /** + * public functions + */ + manager_t public; + + /** + * underlying database + */ + database_t *db; + + /** + * user id, if we are logged in + */ + int user; + + /** + * selected gateway + */ + gateway_t *gateway; +}; + +/** + * Implementation of manager_t.create_gateway_enumerator. + */ +static enumerator_t* create_gateway_enumerator(private_manager_t *this) +{ + return this->db->create_gateway_enumerator(this->db, this->user); +} + +/** + * Implementation of manager_t.select_gateway. + */ +static gateway_t* select_gateway(private_manager_t *this, int select_id) +{ + if (select_id != 0) + { + enumerator_t *enumerator; + int id, port; + char *name, *address; + host_t *host; + + if (this->gateway) this->gateway->destroy(this->gateway); + this->gateway = NULL; + + enumerator = this->db->create_gateway_enumerator(this->db, this->user); + while (enumerator->enumerate(enumerator, &id, &name, &port, &address)) + { + if (select_id == id) + { + if (port == 0) + { + this->gateway = gateway_create_unix(name); + } + else + { + host = host_create_from_string(address, port); + if (host) + { + this->gateway = gateway_create_tcp(name, host); + } + } + break; + } + } + enumerator->destroy(enumerator); + } + return this->gateway; +} + +/** + * Implementation of manager_t.logged_in. + */ +static bool logged_in(private_manager_t *this) +{ + return this->user != 0; +} + +/** + * Implementation of manager_t.login. + */ +static bool login(private_manager_t *this, char *username, char *password) +{ + if (!this->user) + { + this->user = this->db->login(this->db, username, password); + } + return this->user != 0; +} + +/** + * Implementation of manager_t.logout. + */ +static void logout(private_manager_t *this) +{ + if (this->gateway) + { + this->gateway->destroy(this->gateway); + this->gateway = NULL; + } + this->user = 0; +} + +/** + * Implementation of manager_t.destroy + */ +static void destroy(private_manager_t *this) +{ + if (this->gateway) this->gateway->destroy(this->gateway); + free(this); +} + +/* + * see header file + */ +manager_t *manager_create(database_t *database) +{ + private_manager_t *this = malloc_thing(private_manager_t); + + this->public.login = (bool(*)(manager_t*, char *username, char *password))login; + this->public.logged_in = (bool(*)(manager_t*))logged_in; + this->public.logout = (void(*)(manager_t*))logout; + this->public.create_gateway_enumerator = (enumerator_t*(*)(manager_t*))create_gateway_enumerator; + this->public.select_gateway = (gateway_t*(*)(manager_t*, int id))select_gateway; + this->public.context.destroy = (void(*)(context_t*))destroy; + + this->user = 0; + this->db = database; + this->gateway = NULL; + + return &this->public; +} + diff --git a/src/manager/manager.db b/src/manager/manager.db new file mode 100644 index 000000000..23b6ed2e0 Binary files /dev/null and b/src/manager/manager.db differ diff --git a/src/manager/manager.h b/src/manager/manager.h new file mode 100644 index 000000000..4235618cd --- /dev/null +++ b/src/manager/manager.h @@ -0,0 +1,93 @@ +/** + * @file manager.h + * + * @brief Interface of manager_t. + * + */ + +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#ifndef MANAGER_H_ +#define MANAGER_H_ + +#include "database.h" +#include "gateway.h" + +#include + +#include + +typedef struct manager_t manager_t; + +/** + * @brief The manager, manages multiple gateways. + */ +struct manager_t { + + /** + * implements context_t interface + */ + context_t context; + + /** + * @brief Create an iterator over all configured gateways. + * + * enumerate() arguments: int id, char *name, int port, char *address + * If port is 0, address is a Unix socket address. + * + * @return enumerator + */ + enumerator_t* (*create_gateway_enumerator)(manager_t *this); + + /** + * @brief Select a gateway. + * + * If id is 0, the previously selected gateway is returned. If none has + * been selected yet, NULL is returned. + * + * @param id id of the gateway (from enumerate), or 0 + * @return selected gateway, or NULL + */ + gateway_t* (*select_gateway)(manager_t *this, int id); + + /** + * @brief Try to log in. + * + * @param username username + * @param password cleartext password + * @return TRUE if login successful + */ + bool (*login)(manager_t *this, char *username, char *password); + + /** + * @brief Check if user logged in. + * + * @return TRUE if logged in + */ + bool (*logged_in)(manager_t *this); + + /** + * @brief Log out. + */ + void (*logout)(manager_t *this); +}; + +/** + * @brief Create a manager instance. + */ +manager_t *manager_create(database_t *database); + +#endif /* MANAGER_H_ */ diff --git a/src/manager/templates/auth/login.cs b/src/manager/templates/auth/login.cs new file mode 100644 index 000000000..49a8ec6e0 --- /dev/null +++ b/src/manager/templates/auth/login.cs @@ -0,0 +1,17 @@ + +
+
+ + + + + + + + + + +
Username
Password
+
+
+ diff --git a/src/manager/templates/error.cs b/src/manager/templates/error.cs new file mode 100644 index 000000000..be9b1a3a1 --- /dev/null +++ b/src/manager/templates/error.cs @@ -0,0 +1,3 @@ + +
+ diff --git a/src/manager/templates/footer.cs b/src/manager/templates/footer.cs new file mode 100644 index 000000000..db3601961 --- /dev/null +++ b/src/manager/templates/footer.cs @@ -0,0 +1,4 @@ + + + + diff --git a/src/manager/templates/gateway/list.cs b/src/manager/templates/gateway/list.cs new file mode 100644 index 000000000..b93364d6f --- /dev/null +++ b/src/manager/templates/gateway/list.cs @@ -0,0 +1,15 @@ + +
+
+

+ +

+ +

+

+
+ diff --git a/src/manager/templates/header.cs b/src/manager/templates/header.cs new file mode 100644 index 000000000..64a859a9a --- /dev/null +++ b/src/manager/templates/header.cs @@ -0,0 +1,24 @@ + + + + <?cs var:title ?> - strongSwan Manager + +