… | |
… | |
2 | |
2 | |
3 | AC_PREREQ(2.69) |
3 | AC_PREREQ(2.69) |
4 | AC_INIT |
4 | AC_INIT |
5 | AC_CONFIG_SRCDIR([src/gvpe.C]) |
5 | AC_CONFIG_SRCDIR([src/gvpe.C]) |
6 | AC_CANONICAL_TARGET |
6 | AC_CANONICAL_TARGET |
7 | AM_INIT_AUTOMAKE(gvpe, 2.24) |
7 | AM_INIT_AUTOMAKE(gvpe, 2.25) |
8 | AC_CONFIG_HEADERS([config.h]) |
8 | AC_CONFIG_HEADERS([config.h]) |
9 | AM_MAINTAINER_MODE |
9 | AM_MAINTAINER_MODE |
10 | |
10 | |
11 | AH_TOP([ |
11 | AH_TOP([ |
12 | #ifndef CONFIG_H__ |
12 | #ifndef CONFIG_H__ |
… | |
… | |
327 | |
327 | |
328 | AC_DEFINE_UNQUOTED(ENABLE_DNS, 1, [DNS tunnel protocol support.]) |
328 | AC_DEFINE_UNQUOTED(ENABLE_DNS, 1, [DNS tunnel protocol support.]) |
329 | ] |
329 | ] |
330 | ) |
330 | ) |
331 | |
331 | |
|
|
332 | RSA=3072 |
|
|
333 | AC_ARG_ENABLE(rsa-length, |
|
|
334 | [AS_HELP_STRING(--enable-rsa-length=BITS,[ |
|
|
335 | use BITS rsa keys (default 3072). Allowed values are 2048-10240.])], |
|
|
336 | RSA=$enableval |
|
|
337 | ) |
|
|
338 | AC_DEFINE_UNQUOTED(RSABITS, $RSA, [Size of RSA keys.]) |
|
|
339 | |
332 | HMAC=12 |
340 | HMAC=12 |
333 | AC_ARG_ENABLE(hmac-length, |
341 | AC_ARG_ENABLE(hmac-length, |
334 | [AS_HELP_STRING(--enable-hmac-length=BYTES,[ |
342 | [AS_HELP_STRING(--enable-hmac-length=BYTES,[ |
335 | use a hmac of length BYTES bytes (default 12). Allowed values are 4, 8, 12, 16.])], |
343 | use a hmac of length BYTES bytes (default 12). Allowed values are 4, 8, 12, 16.])], |
336 | HMAC=$enableval |
344 | HMAC=$enableval |
… | |
… | |
363 | |
371 | |
364 | CIPHER=aes_128_cbc |
372 | CIPHER=aes_128_cbc |
365 | AC_ARG_ENABLE(cipher, |
373 | AC_ARG_ENABLE(cipher, |
366 | [AS_HELP_STRING(--enable-cipher=CIPHER,[ |
374 | [AS_HELP_STRING(--enable-cipher=CIPHER,[ |
367 | Select the symmetric cipher (default "aes-128"). |
375 | Select the symmetric cipher (default "aes-128"). |
368 | Must be one of "bf" (blowfish), "aes-128" (rijndael), "aes-192" or "aes-256".])], |
376 | Must be one of "bf" (blowfish), "aes-128" (rijndael), "aes-192", "aes-256", "camellia-128" or "camellia-256".])], |
369 | if test "x$enableval" = xbf ; then CIPHER=bf_cbc ; fi |
377 | if test "x$enableval" = xbf ; then CIPHER=bf_cbc ; fi |
370 | if test "x$enableval" = xaes-128; then CIPHER=aes_128_cbc; fi |
378 | if test "x$enableval" = xaes-128 ; then CIPHER=aes_128_cbc ; fi |
371 | if test "x$enableval" = xaes-192; then CIPHER=aes_192_cbc; fi |
379 | if test "x$enableval" = xaes-192 ; then CIPHER=aes_192_cbc ; fi |
372 | if test "x$enableval" = xaes-256; then CIPHER=aes_256_cbc; fi |
380 | if test "x$enableval" = xaes-256 ; then CIPHER=aes_256_cbc ; fi |
|
|
381 | if test "x$enableval" = xcamellia-128; then CIPHER=camellia_128_cbc; fi |
|
|
382 | if test "x$enableval" = xcamellia-256; then CIPHER=camellia_256_cbc; fi |
373 | ) |
383 | ) |
374 | AC_DEFINE_UNQUOTED(ENABLE_CIPHER, EVP_${CIPHER}, [Select the symmetric cipher to use.]) |
384 | AC_DEFINE_UNQUOTED(ENABLE_CIPHER, EVP_${CIPHER}, [Select the symmetric cipher to use.]) |
375 | |
385 | |
376 | DIGEST=ripemd160 |
386 | DIGEST=sha1 |
377 | AC_ARG_ENABLE(digest, |
387 | AC_ARG_ENABLE(digest, |
378 | [AS_HELP_STRING(--enable-digest=CIPHER,[ |
388 | [AS_HELP_STRING(--enable-digest=DIGEST,[ |
379 | Select the digest algorithm to use (default "ripemd160"). Must be one of |
389 | Select the digest algorithm to use (default "sha1"). Must be one of |
380 | "sha512", "sha256", "sha1" (legacy), "ripemd160", "md5" (insecure) or "md4" (insecure).])], |
390 | "sha512", "sha256", "sha1", "ripemd160", "whirlpool".])], |
|
|
391 | if test "x$enableval" = xwhirlpool; then DIGEST=whirlpool; fi |
381 | if test "x$enableval" = xsha512 ; then DIGEST=sha512 ; fi |
392 | if test "x$enableval" = xsha512 ; then DIGEST=sha512 ; fi |
382 | if test "x$enableval" = xsha256 ; then DIGEST=sha256 ; fi |
393 | if test "x$enableval" = xsha256 ; then DIGEST=sha256 ; fi |
383 | if test "x$enableval" = xsha1 ; then DIGEST=sha1 ; fi |
394 | if test "x$enableval" = xsha1 ; then DIGEST=sha1 ; fi |
384 | if test "x$enableval" = xripemd160; then DIGEST=ripemd160; fi |
395 | if test "x$enableval" = xripemd160; then DIGEST=ripemd160; fi |
385 | if test "x$enableval" = xmd5 ; then DIGEST=md5 ; fi |
|
|
386 | if test "x$enableval" = xmd4 ; then DIGEST=md4 ; fi |
|
|
387 | ) |
396 | ) |
388 | AC_DEFINE_UNQUOTED(ENABLE_DIGEST, EVP_${DIGEST}, [Select the digest algorithm to use.]) |
397 | AC_DEFINE_UNQUOTED(ENABLE_DIGEST, EVP_${DIGEST}, [Select the digest algorithm to use.]) |
|
|
398 | |
|
|
399 | AUTH=sha512 |
|
|
400 | AC_ARG_ENABLE(auth-digest, |
|
|
401 | [AS_HELP_STRING(--enable-auth-digest=DIGEST,[ |
|
|
402 | Select the hmac algorithm to use (default "sha512"). Must be one of |
|
|
403 | "sha512", "sha256", "whirlpool".])], |
|
|
404 | if test "x$enableval" = xwhirlpool; then AUTH=whirlpool; fi |
|
|
405 | if test "x$enableval" = xsha512 ; then AUTH=sha512 ; fi |
|
|
406 | if test "x$enableval" = xsha256 ; then AUTH=sha256 ; fi |
|
|
407 | ) |
|
|
408 | AC_DEFINE_UNQUOTED(ENABLE_AUTH, EVP_${AUTH}, [Select the auth digest algorithm to use.]) |
389 | |
409 | |
390 | if $CXX -v --help 2>&1 | grep -q fno-rtti; then |
410 | if $CXX -v --help 2>&1 | grep -q fno-rtti; then |
391 | CXXFLAGS="$CXXFLAGS -fno-rtti" |
411 | CXXFLAGS="$CXXFLAGS -fno-rtti" |
392 | fi |
412 | fi |
393 | |
413 | |
… | |
… | |
418 | echo |
438 | echo |
419 | echo "***" |
439 | echo "***" |
420 | echo "*** Configuration Summary" |
440 | echo "*** Configuration Summary" |
421 | echo "***" |
441 | echo "***" |
422 | echo "*** Kernel Iface: $IFTYPE/$IFSUBTYPE" |
442 | echo "*** Kernel Iface: $IFTYPE/$IFSUBTYPE" |
|
|
443 | echo "*** RSA size: $RSA" |
423 | echo "*** Cipher used: $CIPHER" |
444 | echo "*** Cipher used: $CIPHER" |
424 | echo "*** Digest used: $DIGEST" |
445 | echo "*** Digest used: $DIGEST" |
|
|
446 | echo "*** Authdigest: $AUTH" |
425 | echo "*** HMAC length: $HMAC" |
447 | echo "*** HMAC length: $HMAC" |
426 | echo "*** RAND used: $RAND" |
448 | echo "*** RAND used: $RAND" |
427 | echo "*** Max. MTU: $MTU" |
449 | echo "*** Max. MTU: $MTU" |
428 | |
450 | |
429 | echo "***" |
451 | echo "***" |
430 | echo "*** Enable options:" |
452 | echo "*** Enable options:" |
431 | grep ENABLE_ config.h | sed -e 's/^/*** /' |
453 | grep ENABLE_ config.h | sed -e 's/^/*** /' |
432 | |
454 | |
433 | if test "x$DIGEST" = xmd4; then |
|
|
434 | echo "***" |
|
|
435 | echo "*** WARNING: The digest you have chosen ($DIGEST) is known to be insecure" |
|
|
436 | fi |
|
|
437 | |
|
|
438 | if test "x$DIGEST" = xmd5; then |
|
|
439 | echo "***" |
|
|
440 | echo "*** WARNING: The digest you have chosen ($DIGEST) is quite insecure" |
|
|
441 | fi |
|
|
442 | |
|
|
443 | if test "$HMAC" -lt 12; then |
455 | if test "$HMAC" -lt 12; then |
444 | echo "***" |
456 | echo "***" |
445 | echo "*** WARNING: The hmac length you have chosen ($HMAC) is quite insecure" |
457 | echo "*** WARNING: The hmac length you have chosen ($HMAC) is quite insecure" |
446 | fi |
458 | fi |
447 | |
459 | |