--- gvpe/configure.ac	2013/07/16 16:44:36	1.62
+++ gvpe/configure.ac	2016/11/02 07:06:38	1.65
@@ -4,7 +4,7 @@
 AC_INIT
 AC_CONFIG_SRCDIR([src/gvpe.C])
 AC_CANONICAL_TARGET
-AM_INIT_AUTOMAKE(gvpe, 2.25)
+AM_INIT_AUTOMAKE(gvpe, 3.0)
 AC_CONFIG_HEADERS([config.h])
 AM_MAINTAINER_MODE
 
@@ -337,21 +337,13 @@
 )
 AC_DEFINE_UNQUOTED(RSABITS, $RSA, [Size of RSA keys.])
 
-HMAC=12
+HMACSIZE=12
 AC_ARG_ENABLE(hmac-length,
   [AS_HELP_STRING(--enable-hmac-length=BYTES,[
       use a hmac of length BYTES bytes (default 12). Allowed values are 4, 8, 12, 16.])],
-  HMAC=$enableval
+  HMACSIZE=$enableval
 )
-AC_DEFINE_UNQUOTED(HMACLENGTH, $HMAC, [Size of HMAC in each packet in bytes.])
-
-RAND=8
-AC_ARG_ENABLE(rand-length,
-  [AS_HELP_STRING(--enable-rand-length=BYTES,
-      [use BYTES bytes of extra randomness (default 8). Allowed values are 0, 4, 8.])],
-  RAND=$enableval
-)
-AC_DEFINE_UNQUOTED(RAND_SIZE, $RAND, [Add this many bytes of randomness to each packet.])
+AC_DEFINE_UNQUOTED(HMACLENGTH, $HMACSIZE, [Size of HMAC in each packet in bytes.])
 
 MTU=1500
 AC_ARG_ENABLE(max-mtu,
@@ -369,32 +361,32 @@
 )
 AC_DEFINE_UNQUOTED(ENABLE_COMPRESSION, $COMPRESS, [Enable compression support.])
 
-CIPHER=aes_128_cbc
+CIPHER=aes_128_ctr
 AC_ARG_ENABLE(cipher,
   [AS_HELP_STRING(--enable-cipher=CIPHER,[
       Select the symmetric cipher (default "aes-128").
-      Must be one of "bf" (blowfish), "aes-128" (rijndael), "aes-192", "aes-256", "camellia-128" or "camellia-256".])],
-  if test "x$enableval" = xbf          ; then CIPHER=bf_cbc          ; fi
-  if test "x$enableval" = xaes-128     ; then CIPHER=aes_128_cbc     ; fi
-  if test "x$enableval" = xaes-192     ; then CIPHER=aes_192_cbc     ; fi
-  if test "x$enableval" = xaes-256     ; then CIPHER=aes_256_cbc     ; fi
-  if test "x$enableval" = xcamellia-128; then CIPHER=camellia_128_cbc; fi
-  if test "x$enableval" = xcamellia-256; then CIPHER=camellia_256_cbc; fi
+      Must be one of "aes-128" (rijndael), "aes-192", or "aes-256".])],
+  #if test "x$enableval" = xbf          ; then CIPHER=bf_ctr          ; fi
+  if test "x$enableval" = xaes-128     ; then CIPHER=aes_128_ctr     ; fi
+  if test "x$enableval" = xaes-192     ; then CIPHER=aes_192_ctr     ; fi
+  if test "x$enableval" = xaes-256     ; then CIPHER=aes_256_ctr     ; fi
+  #if test "x$enableval" = xcamellia-128; then CIPHER=camellia_128_ctr; fi
+  #if test "x$enableval" = xcamellia-256; then CIPHER=camellia_256_ctr; fi
 )
 AC_DEFINE_UNQUOTED(ENABLE_CIPHER, EVP_${CIPHER}, [Select the symmetric cipher to use.])
 
-DIGEST=sha1
-AC_ARG_ENABLE(digest,
-  [AS_HELP_STRING(--enable-digest=DIGEST,[
-      Select the digest algorithm to use (default "sha1"). Must be one of
+HMAC=sha1
+AC_ARG_ENABLE(hmac-digest,
+  [AS_HELP_STRING(--enable-hmac-digest=HMAC,[
+      Select the HMAC digest algorithm to use (default "sha1"). Must be one of
       "sha512", "sha256", "sha1", "ripemd160", "whirlpool".])],
-  if test "x$enableval" = xwhirlpool; then DIGEST=whirlpool; fi
-  if test "x$enableval" = xsha512   ; then DIGEST=sha512   ; fi
-  if test "x$enableval" = xsha256   ; then DIGEST=sha256   ; fi
-  if test "x$enableval" = xsha1     ; then DIGEST=sha1     ; fi
-  if test "x$enableval" = xripemd160; then DIGEST=ripemd160; fi
+  if test "x$enableval" = xwhirlpool; then HMAC=whirlpool; fi
+  if test "x$enableval" = xsha512   ; then HMAC=sha512   ; fi
+  if test "x$enableval" = xsha256   ; then HMAC=sha256   ; fi
+  if test "x$enableval" = xsha1     ; then HMAC=sha1     ; fi
+  if test "x$enableval" = xripemd160; then HMAC=ripemd160; fi
 )
-AC_DEFINE_UNQUOTED(ENABLE_DIGEST, EVP_${DIGEST}, [Select the digest algorithm to use.])
+AC_DEFINE_UNQUOTED(ENABLE_HMAC, EVP_${HMAC}, [Select the HMAC digest algorithm to use.])
 
 AUTH=sha512
 AC_ARG_ENABLE(auth-digest,
@@ -420,7 +412,7 @@
 dnl if $CXX -v --help 2>&1 | grep -q ffunction-sections; then
 dnl    CXXFLAGS="$CXXFLAGS -ffunction-sections"
 dnl fi
-dnl 
+dnl
 dnl if $LD -v --help 2>&1 | grep -q gc-sections; then
 dnl    LDFLAGS="$LDFLAGS -Wl,--gc-sections"
 dnl fi
@@ -445,21 +437,15 @@
 echo "*** Digest used:  $DIGEST"
 echo "*** Authdigest:   $AUTH"
 echo "*** HMAC length:  $HMAC"
-echo "*** RAND used:    $RAND"
 echo "*** Max. MTU:     $MTU"
 
 echo "***"
 echo "*** Enable options:"
 grep ENABLE_ config.h | sed -e 's/^/*** /'
 
-if test "$HMAC" -lt 12; then
-echo "***"
-echo "*** WARNING: The hmac length you have chosen ($HMAC) is quite insecure"
-fi
-
-if test "$RAND" -lt 8; then
+if test "$HMACSIZE" -lt 12; then
 echo "***"
-echo "*** WARNING: The random prefix you have chosen ($RAND) is probably insecure"
+echo "*** WARNING: The hmac length you have chosen ($HMACSIZE) is quite insecure"
 fi
 
 echo "***"