ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/gvpe/configure.ac
(Generate patch)

Comparing gvpe/configure.ac (file contents):
Revision 1.61 by root, Sat Jul 13 04:10:29 2013 UTC vs.
Revision 1.65 by root, Wed Nov 2 07:06:38 2016 UTC

2 2
3AC_PREREQ(2.69) 3AC_PREREQ(2.69)
4AC_INIT 4AC_INIT
5AC_CONFIG_SRCDIR([src/gvpe.C]) 5AC_CONFIG_SRCDIR([src/gvpe.C])
6AC_CANONICAL_TARGET 6AC_CANONICAL_TARGET
7AM_INIT_AUTOMAKE(gvpe, 2.24) 7AM_INIT_AUTOMAKE(gvpe, 3.0)
8AC_CONFIG_HEADERS([config.h]) 8AC_CONFIG_HEADERS([config.h])
9AM_MAINTAINER_MODE 9AM_MAINTAINER_MODE
10 10
11AH_TOP([ 11AH_TOP([
12#ifndef CONFIG_H__ 12#ifndef CONFIG_H__
327 327
328 AC_DEFINE_UNQUOTED(ENABLE_DNS, 1, [DNS tunnel protocol support.]) 328 AC_DEFINE_UNQUOTED(ENABLE_DNS, 1, [DNS tunnel protocol support.])
329 ] 329 ]
330) 330)
331 331
332RSA=3072
333AC_ARG_ENABLE(rsa-length,
334 [AS_HELP_STRING(--enable-rsa-length=BITS,[
335 use BITS rsa keys (default 3072). Allowed values are 2048-10240.])],
336 RSA=$enableval
337)
338AC_DEFINE_UNQUOTED(RSABITS, $RSA, [Size of RSA keys.])
339
332HMAC=12 340HMACSIZE=12
333AC_ARG_ENABLE(hmac-length, 341AC_ARG_ENABLE(hmac-length,
334 [AS_HELP_STRING(--enable-hmac-length=BYTES,[ 342 [AS_HELP_STRING(--enable-hmac-length=BYTES,[
335 use a hmac of length BYTES bytes (default 12). Allowed values are 4, 8, 12, 16.])], 343 use a hmac of length BYTES bytes (default 12). Allowed values are 4, 8, 12, 16.])],
336 HMAC=$enableval 344 HMACSIZE=$enableval
337) 345)
338AC_DEFINE_UNQUOTED(HMACLENGTH, $HMAC, [Size of HMAC in each packet in bytes.]) 346AC_DEFINE_UNQUOTED(HMACLENGTH, $HMACSIZE, [Size of HMAC in each packet in bytes.])
339
340RAND=8
341AC_ARG_ENABLE(rand-length,
342 [AS_HELP_STRING(--enable-rand-length=BYTES,
343 [use BYTES bytes of extra randomness (default 8). Allowed values are 0, 4, 8.])],
344 RAND=$enableval
345)
346AC_DEFINE_UNQUOTED(RAND_SIZE, $RAND, [Add this many bytes of randomness to each packet.])
347 347
348MTU=1500 348MTU=1500
349AC_ARG_ENABLE(max-mtu, 349AC_ARG_ENABLE(max-mtu,
350 [AS_HELP_STRING(--enable-max-mtu=BYTES,enable mtu sizes upto BYTES bytes (default 1500). Use 9100 for jumbogram support.)], 350 [AS_HELP_STRING(--enable-max-mtu=BYTES,enable mtu sizes upto BYTES bytes (default 1500). Use 9100 for jumbogram support.)],
351 MTU=$enableval 351 MTU=$enableval
359 COMPRESS=0 359 COMPRESS=0
360 fi 360 fi
361) 361)
362AC_DEFINE_UNQUOTED(ENABLE_COMPRESSION, $COMPRESS, [Enable compression support.]) 362AC_DEFINE_UNQUOTED(ENABLE_COMPRESSION, $COMPRESS, [Enable compression support.])
363 363
364CIPHER=aes_128_cbc 364CIPHER=aes_128_ctr
365AC_ARG_ENABLE(cipher, 365AC_ARG_ENABLE(cipher,
366 [AS_HELP_STRING(--enable-cipher=CIPHER,[ 366 [AS_HELP_STRING(--enable-cipher=CIPHER,[
367 Select the symmetric cipher (default "aes-128"). 367 Select the symmetric cipher (default "aes-128").
368 Must be one of "bf" (blowfish), "aes-128" (rijndael), "aes-192" or "aes-256".])], 368 Must be one of "aes-128" (rijndael), "aes-192", or "aes-256".])],
369 if test "x$enableval" = xbf ; then CIPHER=bf_cbc ; fi 369 #if test "x$enableval" = xbf ; then CIPHER=bf_ctr ; fi
370 if test "x$enableval" = xaes-128; then CIPHER=aes_128_cbc; fi 370 if test "x$enableval" = xaes-128 ; then CIPHER=aes_128_ctr ; fi
371 if test "x$enableval" = xaes-192; then CIPHER=aes_192_cbc; fi 371 if test "x$enableval" = xaes-192 ; then CIPHER=aes_192_ctr ; fi
372 if test "x$enableval" = xaes-256; then CIPHER=aes_256_cbc; fi 372 if test "x$enableval" = xaes-256 ; then CIPHER=aes_256_ctr ; fi
373 #if test "x$enableval" = xcamellia-128; then CIPHER=camellia_128_ctr; fi
374 #if test "x$enableval" = xcamellia-256; then CIPHER=camellia_256_ctr; fi
373) 375)
374AC_DEFINE_UNQUOTED(ENABLE_CIPHER, EVP_${CIPHER}, [Select the symmetric cipher to use.]) 376AC_DEFINE_UNQUOTED(ENABLE_CIPHER, EVP_${CIPHER}, [Select the symmetric cipher to use.])
375 377
376DIGEST=ripemd160 378HMAC=sha1
377AC_ARG_ENABLE(digest, 379AC_ARG_ENABLE(hmac-digest,
378 [AS_HELP_STRING(--enable-digest=CIPHER,[ 380 [AS_HELP_STRING(--enable-hmac-digest=HMAC,[
379 Select the digest algorithm to use (default "ripemd160"). Must be one of 381 Select the HMAC digest algorithm to use (default "sha1"). Must be one of
380 "sha512", "sha256", "sha1" (legacy), "ripemd160", "md5" (insecure) or "md4" (insecure).])], 382 "sha512", "sha256", "sha1", "ripemd160", "whirlpool".])],
383 if test "x$enableval" = xwhirlpool; then HMAC=whirlpool; fi
384 if test "x$enableval" = xsha512 ; then HMAC=sha512 ; fi
385 if test "x$enableval" = xsha256 ; then HMAC=sha256 ; fi
386 if test "x$enableval" = xsha1 ; then HMAC=sha1 ; fi
387 if test "x$enableval" = xripemd160; then HMAC=ripemd160; fi
388)
389AC_DEFINE_UNQUOTED(ENABLE_HMAC, EVP_${HMAC}, [Select the HMAC digest algorithm to use.])
390
391AUTH=sha512
392AC_ARG_ENABLE(auth-digest,
393 [AS_HELP_STRING(--enable-auth-digest=DIGEST,[
394 Select the hmac algorithm to use (default "sha512"). Must be one of
395 "sha512", "sha256", "whirlpool".])],
396 if test "x$enableval" = xwhirlpool; then AUTH=whirlpool; fi
381 if test "x$enableval" = xsha512 ; then DIGEST=sha512 ; fi 397 if test "x$enableval" = xsha512 ; then AUTH=sha512 ; fi
382 if test "x$enableval" = xsha256 ; then DIGEST=sha256 ; fi 398 if test "x$enableval" = xsha256 ; then AUTH=sha256 ; fi
383 if test "x$enableval" = xsha1 ; then DIGEST=sha1 ; fi
384 if test "x$enableval" = xripemd160; then DIGEST=ripemd160; fi
385 if test "x$enableval" = xmd5 ; then DIGEST=md5 ; fi
386 if test "x$enableval" = xmd4 ; then DIGEST=md4 ; fi
387) 399)
388AC_DEFINE_UNQUOTED(ENABLE_DIGEST, EVP_${DIGEST}, [Select the digest algorithm to use.]) 400AC_DEFINE_UNQUOTED(ENABLE_AUTH, EVP_${AUTH}, [Select the auth digest algorithm to use.])
389 401
390if $CXX -v --help 2>&1 | grep -q fno-rtti; then 402if $CXX -v --help 2>&1 | grep -q fno-rtti; then
391 CXXFLAGS="$CXXFLAGS -fno-rtti" 403 CXXFLAGS="$CXXFLAGS -fno-rtti"
392fi 404fi
393 405
398LIBS="$EXTRA_LIBS $LIBS" 410LIBS="$EXTRA_LIBS $LIBS"
399 411
400dnl if $CXX -v --help 2>&1 | grep -q ffunction-sections; then 412dnl if $CXX -v --help 2>&1 | grep -q ffunction-sections; then
401dnl CXXFLAGS="$CXXFLAGS -ffunction-sections" 413dnl CXXFLAGS="$CXXFLAGS -ffunction-sections"
402dnl fi 414dnl fi
403dnl 415dnl
404dnl if $LD -v --help 2>&1 | grep -q gc-sections; then 416dnl if $LD -v --help 2>&1 | grep -q gc-sections; then
405dnl LDFLAGS="$LDFLAGS -Wl,--gc-sections" 417dnl LDFLAGS="$LDFLAGS -Wl,--gc-sections"
406dnl fi 418dnl fi
407 419
408AC_SUBST(INCLUDES) 420AC_SUBST(INCLUDES)
418echo 430echo
419echo "***" 431echo "***"
420echo "*** Configuration Summary" 432echo "*** Configuration Summary"
421echo "***" 433echo "***"
422echo "*** Kernel Iface: $IFTYPE/$IFSUBTYPE" 434echo "*** Kernel Iface: $IFTYPE/$IFSUBTYPE"
435echo "*** RSA size: $RSA"
423echo "*** Cipher used: $CIPHER" 436echo "*** Cipher used: $CIPHER"
424echo "*** Digest used: $DIGEST" 437echo "*** Digest used: $DIGEST"
438echo "*** Authdigest: $AUTH"
425echo "*** HMAC length: $HMAC" 439echo "*** HMAC length: $HMAC"
426echo "*** RAND used: $RAND"
427echo "*** Max. MTU: $MTU" 440echo "*** Max. MTU: $MTU"
428 441
429echo "***" 442echo "***"
430echo "*** Enable options:" 443echo "*** Enable options:"
431grep ENABLE_ config.h | sed -e 's/^/*** /' 444grep ENABLE_ config.h | sed -e 's/^/*** /'
432 445
433if test "x$DIGEST" = xmd4; then 446if test "$HMACSIZE" -lt 12; then
434echo "***" 447echo "***"
435echo "*** WARNING: The digest you have chosen ($DIGEST) is known to be insecure"
436fi
437
438if test "x$DIGEST" = xmd5; then
439echo "***"
440echo "*** WARNING: The digest you have chosen ($DIGEST) is quite insecure"
441fi
442
443if test "$HMAC" -lt 12; then
444echo "***"
445echo "*** WARNING: The hmac length you have chosen ($HMAC) is quite insecure" 448echo "*** WARNING: The hmac length you have chosen ($HMACSIZE) is quite insecure"
446fi
447
448if test "$RAND" -lt 8; then
449echo "***"
450echo "*** WARNING: The random prefix you have chosen ($RAND) is probably insecure"
451fi 449fi
452 450
453echo "***" 451echo "***"
454echo 452echo
455 453

Diff Legend

Removed lines
+ Added lines
< Changed lines
> Changed lines