ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/gvpe/configure.ac
(Generate patch)

Comparing gvpe/configure.ac (file contents):
Revision 1.58 by root, Tue Mar 8 17:33:30 2011 UTC vs.
Revision 1.65 by root, Wed Nov 2 07:06:38 2016 UTC

1dnl Process this file with autoconf to produce a configure script. 1dnl Process this file with autoconf to produce a configure script.
2 2
3AC_PREREQ(2.59) 3AC_PREREQ(2.69)
4AC_INIT 4AC_INIT
5AC_CONFIG_SRCDIR([src/gvpe.C]) 5AC_CONFIG_SRCDIR([src/gvpe.C])
6AC_CANONICAL_TARGET 6AC_CANONICAL_TARGET
7AM_INIT_AUTOMAKE(gvpe, 2.24) 7AM_INIT_AUTOMAKE(gvpe, 3.0)
8AC_CONFIG_HEADERS([config.h]) 8AC_CONFIG_HEADERS([config.h])
9AM_MAINTAINER_MODE 9AM_MAINTAINER_MODE
10 10
11AH_TOP([ 11AH_TOP([
12#ifndef CONFIG_H__ 12#ifndef CONFIG_H__
45# define CLOCALE <clocale> 45# define CLOCALE <clocale>
46#else 46#else
47# define CLOCALE <locale.h> 47# define CLOCALE <locale.h>
48#endif 48#endif
49]) 49])
50
51dnl Include the macros from the m4/ directory
52AM_ACLOCAL_INCLUDE(m4)
53 50
54AM_GNU_GETTEXT([external]) 51AM_GNU_GETTEXT([external])
55AM_GNU_GETTEXT_VERSION(0.11.5) 52AM_GNU_GETTEXT_VERSION(0.11.5)
56 53
57# Enable GNU extensions. 54# Enable GNU extensions.
330 327
331 AC_DEFINE_UNQUOTED(ENABLE_DNS, 1, [DNS tunnel protocol support.]) 328 AC_DEFINE_UNQUOTED(ENABLE_DNS, 1, [DNS tunnel protocol support.])
332 ] 329 ]
333) 330)
334 331
332RSA=3072
333AC_ARG_ENABLE(rsa-length,
334 [AS_HELP_STRING(--enable-rsa-length=BITS,[
335 use BITS rsa keys (default 3072). Allowed values are 2048-10240.])],
336 RSA=$enableval
337)
338AC_DEFINE_UNQUOTED(RSABITS, $RSA, [Size of RSA keys.])
339
335HMAC=12 340HMACSIZE=12
336AC_ARG_ENABLE(hmac-length, 341AC_ARG_ENABLE(hmac-length,
337 [AS_HELP_STRING(--enable-hmac-length=BYTES,[ 342 [AS_HELP_STRING(--enable-hmac-length=BYTES,[
338 use a hmac of length BYTES bytes (default 12). Allowed values are 4, 8, 12, 16.])], 343 use a hmac of length BYTES bytes (default 12). Allowed values are 4, 8, 12, 16.])],
339 HMAC=$enableval 344 HMACSIZE=$enableval
340) 345)
341AC_DEFINE_UNQUOTED(HMACLENGTH, $HMAC, [Size of HMAC in each packet in bytes.]) 346AC_DEFINE_UNQUOTED(HMACLENGTH, $HMACSIZE, [Size of HMAC in each packet in bytes.])
342
343RAND=8
344AC_ARG_ENABLE(rand-length,
345 [AS_HELP_STRING(--enable-rand-length=BYTES,
346 [use BYTES bytes of extra randomness (default 8). Allowed values are 0, 4, 8.])],
347 RAND=$enableval
348)
349AC_DEFINE_UNQUOTED(RAND_SIZE, $RAND, [Add this many bytes of randomness to each packet.])
350 347
351MTU=1500 348MTU=1500
352AC_ARG_ENABLE(max-mtu, 349AC_ARG_ENABLE(max-mtu,
353 [AS_HELP_STRING(--enable-max-mtu=BYTES,enable mtu sizes upto BYTES bytes (default 1500). Use 9100 for jumbogram support.)], 350 [AS_HELP_STRING(--enable-max-mtu=BYTES,enable mtu sizes upto BYTES bytes (default 1500). Use 9100 for jumbogram support.)],
354 MTU=$enableval 351 MTU=$enableval
355) 352)
356AC_DEFINE_UNQUOTED(MAX_MTU, $MTU + 14, [Maximum MTU supported.]) 353AC_DEFINE_UNQUOTED(MAX_MTU, ($MTU + 14), [Maximum MTU supported.])
357 354
358COMPRESS=1 355COMPRESS=1
359AC_ARG_ENABLE(compression, 356AC_ARG_ENABLE(compression,
360 [AS_HELP_STRING(--disable-compression,Disable compression support.)], 357 [AS_HELP_STRING(--disable-compression,Disable compression support.)],
361 if test "x$enableval" = xno; then 358 if test "x$enableval" = xno; then
362 COMPRESS=0 359 COMPRESS=0
363 fi 360 fi
364) 361)
365AC_DEFINE_UNQUOTED(ENABLE_COMPRESSION, $COMPRESS, [Enable compression support.]) 362AC_DEFINE_UNQUOTED(ENABLE_COMPRESSION, $COMPRESS, [Enable compression support.])
366 363
367CIPHER=aes_128_cbc 364CIPHER=aes_128_ctr
368AC_ARG_ENABLE(cipher, 365AC_ARG_ENABLE(cipher,
369 [AS_HELP_STRING(--enable-cipher=CIPHER,[ 366 [AS_HELP_STRING(--enable-cipher=CIPHER,[
370 Select the symmetric cipher (default "aes-128"). 367 Select the symmetric cipher (default "aes-128").
371 Must be one of "bf" (blowfish), "aes-128" (rijndael), "aes-192" or "aes-256".])], 368 Must be one of "aes-128" (rijndael), "aes-192", or "aes-256".])],
372 if test "x$enableval" = xbf ; then CIPHER=bf_cbc ; fi 369 #if test "x$enableval" = xbf ; then CIPHER=bf_ctr ; fi
373 if test "x$enableval" = xaes-128; then CIPHER=aes_128_cbc; fi 370 if test "x$enableval" = xaes-128 ; then CIPHER=aes_128_ctr ; fi
374 if test "x$enableval" = xaes-192; then CIPHER=aes_192_cbc; fi 371 if test "x$enableval" = xaes-192 ; then CIPHER=aes_192_ctr ; fi
375 if test "x$enableval" = xaes-256; then CIPHER=aes_256_cbc; fi 372 if test "x$enableval" = xaes-256 ; then CIPHER=aes_256_ctr ; fi
373 #if test "x$enableval" = xcamellia-128; then CIPHER=camellia_128_ctr; fi
374 #if test "x$enableval" = xcamellia-256; then CIPHER=camellia_256_ctr; fi
376) 375)
377AC_DEFINE_UNQUOTED(ENABLE_CIPHER, EVP_${CIPHER}, [Select the symmetric cipher to use.]) 376AC_DEFINE_UNQUOTED(ENABLE_CIPHER, EVP_${CIPHER}, [Select the symmetric cipher to use.])
378 377
379DIGEST=ripemd160 378HMAC=sha1
380AC_ARG_ENABLE(digest, 379AC_ARG_ENABLE(hmac-digest,
381 [AS_HELP_STRING(--enable-digest=CIPHER,[ 380 [AS_HELP_STRING(--enable-hmac-digest=HMAC,[
382 Select the digest algorithm to use (default "ripemd160"). Must be one of 381 Select the HMAC digest algorithm to use (default "sha1"). Must be one of
383 "sha512", "sha256", "sha1" (somewhat insecure), "ripemd160", "md5" (insecure) or "md4" (insecure).])], 382 "sha512", "sha256", "sha1", "ripemd160", "whirlpool".])],
383 if test "x$enableval" = xwhirlpool; then HMAC=whirlpool; fi
384 if test "x$enableval" = xsha512 ; then HMAC=sha512 ; fi
385 if test "x$enableval" = xsha256 ; then HMAC=sha256 ; fi
386 if test "x$enableval" = xsha1 ; then HMAC=sha1 ; fi
387 if test "x$enableval" = xripemd160; then HMAC=ripemd160; fi
388)
389AC_DEFINE_UNQUOTED(ENABLE_HMAC, EVP_${HMAC}, [Select the HMAC digest algorithm to use.])
390
391AUTH=sha512
392AC_ARG_ENABLE(auth-digest,
393 [AS_HELP_STRING(--enable-auth-digest=DIGEST,[
394 Select the hmac algorithm to use (default "sha512"). Must be one of
395 "sha512", "sha256", "whirlpool".])],
396 if test "x$enableval" = xwhirlpool; then AUTH=whirlpool; fi
384 if test "x$enableval" = xsha512 ; then DIGEST=sha512 ; fi 397 if test "x$enableval" = xsha512 ; then AUTH=sha512 ; fi
385 if test "x$enableval" = xsha256 ; then DIGEST=sha256 ; fi 398 if test "x$enableval" = xsha256 ; then AUTH=sha256 ; fi
386 if test "x$enableval" = xsha1 ; then DIGEST=sha1 ; fi
387 if test "x$enableval" = xripemd160; then DIGEST=ripemd160; fi
388 if test "x$enableval" = xmd5 ; then DIGEST=md5 ; fi
389 if test "x$enableval" = xmd4 ; then DIGEST=md4 ; fi
390) 399)
391AC_DEFINE_UNQUOTED(ENABLE_DIGEST, EVP_${DIGEST}, [Select the digest algorithm to use.]) 400AC_DEFINE_UNQUOTED(ENABLE_AUTH, EVP_${AUTH}, [Select the auth digest algorithm to use.])
392 401
393if $CXX -v --help 2>&1 | grep -q fno-rtti; then 402if $CXX -v --help 2>&1 | grep -q fno-rtti; then
394 CXXFLAGS="$CXXFLAGS -fno-rtti" 403 CXXFLAGS="$CXXFLAGS -fno-rtti"
395fi 404fi
396 405
401LIBS="$EXTRA_LIBS $LIBS" 410LIBS="$EXTRA_LIBS $LIBS"
402 411
403dnl if $CXX -v --help 2>&1 | grep -q ffunction-sections; then 412dnl if $CXX -v --help 2>&1 | grep -q ffunction-sections; then
404dnl CXXFLAGS="$CXXFLAGS -ffunction-sections" 413dnl CXXFLAGS="$CXXFLAGS -ffunction-sections"
405dnl fi 414dnl fi
406dnl 415dnl
407dnl if $LD -v --help 2>&1 | grep -q gc-sections; then 416dnl if $LD -v --help 2>&1 | grep -q gc-sections; then
408dnl LDFLAGS="$LDFLAGS -Wl,--gc-sections" 417dnl LDFLAGS="$LDFLAGS -Wl,--gc-sections"
409dnl fi 418dnl fi
410 419
411AC_SUBST(INCLUDES) 420AC_SUBST(INCLUDES)
421echo 430echo
422echo "***" 431echo "***"
423echo "*** Configuration Summary" 432echo "*** Configuration Summary"
424echo "***" 433echo "***"
425echo "*** Kernel Iface: $IFTYPE/$IFSUBTYPE" 434echo "*** Kernel Iface: $IFTYPE/$IFSUBTYPE"
435echo "*** RSA size: $RSA"
426echo "*** Cipher used: $CIPHER" 436echo "*** Cipher used: $CIPHER"
427echo "*** Digest used: $DIGEST" 437echo "*** Digest used: $DIGEST"
438echo "*** Authdigest: $AUTH"
428echo "*** HMAC length: $HMAC" 439echo "*** HMAC length: $HMAC"
429echo "*** RAND used: $RAND"
430echo "*** Max. MTU: $MTU" 440echo "*** Max. MTU: $MTU"
431 441
432echo "***" 442echo "***"
433echo "*** Enable options:" 443echo "*** Enable options:"
434grep ENABLE_ config.h | sed -e 's/^/*** /' 444grep ENABLE_ config.h | sed -e 's/^/*** /'
435 445
436if test "x$DIGEST" = xmd4; then 446if test "$HMACSIZE" -lt 12; then
437echo "***" 447echo "***"
438echo "*** WARNING: The digest you have chosen ($DIGEST) is known to be insecure"
439fi
440
441if test "x$DIGEST" = xmd5; then
442echo "***"
443echo "*** WARNING: The digest you have chosen ($DIGEST) is probably insecure"
444fi
445
446if test "$HMAC" -lt 12; then
447echo "***"
448echo "*** WARNING: The hmac length you have chosen ($HMAC) is probably insecure" 448echo "*** WARNING: The hmac length you have chosen ($HMACSIZE) is quite insecure"
449fi
450
451if test "$RAND" -lt 8; then
452echo "***"
453echo "*** WARNING: The random prefix you have chosen ($RAND) is probably insecure"
454fi 449fi
455 450
456echo "***" 451echo "***"
457echo 452echo
458 453

Diff Legend

Removed lines
+ Added lines
< Changed lines
> Changed lines