[ViewVC] Diff of: cvs/gvpe/configure.ac

Comparing gvpe/configure.ac (file contents):
Revision 1.57 by root, Tue Feb 15 13:31:22 2011 UTC vs.
Revision 1.63 by root, Thu Jul 18 13:35:19 2013 UTC

 dnl Process this file with autoconf to produce a configure script.
-AC_PREREQ(2.59)
+AC_PREREQ(2.69)
 AC_INIT
 AC_CONFIG_SRCDIR([src/gvpe.C])
 AC_CANONICAL_TARGET
-AM_INIT_AUTOMAKE(gvpe, 2.24)
+AM_INIT_AUTOMAKE(gvpe, 2.25)
 AC_CONFIG_HEADERS([config.h])
 AM_MAINTAINER_MODE
 AH_TOP([
 #ifndef CONFIG_H__
 # define CLOCALE <clocale>
 #else
 # define CLOCALE <locale.h>
 #endif
 ])
-dnl Include the macros from the m4/ directory
-AM_ACLOCAL_INCLUDE(m4)
 AM_GNU_GETTEXT([external])
 AM_GNU_GETTEXT_VERSION(0.11.5)
 # Enable GNU extensions.
 if test "x$openssl_include" != x; then
    CXXFLAGS="$CXXFLAGS -I$openssl_include"
 fi
 dnl tinc_ZLIB
+AC_ARG_ENABLE(threads,
+  [AS_HELP_STRING(--enable-threads,try to use threads for long-running asynchronous operations (default enabled).)],
+  [try_threads=$enableval],
+  [try_threads=yes]
+)
+if test "x$try_threads" = xyes; then
+   AC_CHECK_HEADER(pthread.h,[
+      LIBS="$LIBS -lpthread"
+      AC_COMPILE_IFELSE(
+         [AC_LANG_PROGRAM([#include <pthread.h>], [pthread_t id; pthread_create (&id, 0, 0, 0);])],
+         [AC_DEFINE_UNQUOTED(ENABLE_PTHREADS, 1, [POSIX thread support.])]
+      )
+   ])
+fi
 AC_ARG_ENABLE(static-daemon,
   [AS_HELP_STRING(--enable-static-daemon,enable statically linked daemon.)],
   [LDFLAGS_DAEMON=-static]
 )
 AC_SUBST(LDFLAGS_DAEMON)
     AC_DEFINE_UNQUOTED(ENABLE_DNS, 1, [DNS tunnel protocol support.])
   ]
 )
+RSA=3072
+AC_ARG_ENABLE(rsa-length,
+  [AS_HELP_STRING(--enable-rsa-length=BITS,[
+      use BITS rsa keys (default 3072). Allowed values are 2048-10240.])],
+  RSA=$enableval
+)
+AC_DEFINE_UNQUOTED(RSABITS, $RSA, [Size of RSA keys.])
-HMAC=12
+HMACSIZE=12
 AC_ARG_ENABLE(hmac-length,
   [AS_HELP_STRING(--enable-hmac-length=BYTES,[
       use a hmac of length BYTES bytes (default 12). Allowed values are 4, 8, 12, 16.])],
-  HMAC=$enableval
+  HMACSIZE=$enableval
 )
-AC_DEFINE_UNQUOTED(HMACLENGTH, $HMAC, [Size of HMAC in each packet in bytes.])
+AC_DEFINE_UNQUOTED(HMACLENGTH, $HMACSIZE, [Size of HMAC in each packet in bytes.])
-RAND=8
+RANDSIZE=12
 AC_ARG_ENABLE(rand-length,
   [AS_HELP_STRING(--enable-rand-length=BYTES,
-      [use BYTES bytes of extra randomness (default 8). Allowed values are 0, 4, 8.])],
+      [use BYTES bytes of extra randomness (default 12). Allowed values are 0, 4, 8, 12.])],
-  RAND=$enableval
+  RANDSIZE=$enableval
 )
-AC_DEFINE_UNQUOTED(RAND_SIZE, $RAND, [Add this many bytes of randomness to each packet.])
+AC_DEFINE_UNQUOTED(RAND_SIZE, $RANDSIZE, [Add this many bytes of randomness to each packet.])
 MTU=1500
 AC_ARG_ENABLE(max-mtu,
   [AS_HELP_STRING(--enable-max-mtu=BYTES,enable mtu sizes upto BYTES bytes (default 1500). Use 9100 for jumbogram support.)],
   MTU=$enableval
 )
-AC_DEFINE_UNQUOTED(MAX_MTU, $MTU + 14, [Maximum MTU supported.])
+AC_DEFINE_UNQUOTED(MAX_MTU, ($MTU + 14), [Maximum MTU supported.])
 COMPRESS=1
 AC_ARG_ENABLE(compression,
   [AS_HELP_STRING(--disable-compression,Disable compression support.)],
   if test "x$enableval" = xno; then
 CIPHER=aes_128_cbc
 AC_ARG_ENABLE(cipher,
   [AS_HELP_STRING(--enable-cipher=CIPHER,[
       Select the symmetric cipher (default "aes-128").
-      Must be one of "bf" (blowfish), "aes-128" (rijndael), "aes-192" or "aes-256".])],
+      Must be one of "bf" (blowfish), "aes-128" (rijndael), "aes-192", "aes-256", "camellia-128" or "camellia-256".])],
-  if test "x$enableval" = xbf     ; then CIPHER=bf_cbc     ; fi
+  if test "x$enableval" = xbf          ; then CIPHER=bf_cbc          ; fi
-  if test "x$enableval" = xaes-128; then CIPHER=aes_128_cbc; fi
+  if test "x$enableval" = xaes-128     ; then CIPHER=aes_128_cbc     ; fi
-  if test "x$enableval" = xaes-192; then CIPHER=aes_192_cbc; fi
+  if test "x$enableval" = xaes-192     ; then CIPHER=aes_192_cbc     ; fi
-  if test "x$enableval" = xaes-256; then CIPHER=aes_256_cbc; fi
+  if test "x$enableval" = xaes-256     ; then CIPHER=aes_256_cbc     ; fi
+  if test "x$enableval" = xcamellia-128; then CIPHER=camellia_128_cbc; fi
+  if test "x$enableval" = xcamellia-256; then CIPHER=camellia_256_cbc; fi
 )
 AC_DEFINE_UNQUOTED(ENABLE_CIPHER, EVP_${CIPHER}, [Select the symmetric cipher to use.])
-DIGEST=ripemd160
+HMAC=sha1
-AC_ARG_ENABLE(digest,
+AC_ARG_ENABLE(hmac-digest,
-  [AS_HELP_STRING(--enable-digest=CIPHER,[
+  [AS_HELP_STRING(--enable-hmac-digest=HMAC,[
-      Select the digest algorithm to use (default "ripemd160"). Must be one of
+      Select the HMAC digest algorithm to use (default "sha1"). Must be one of
-      "sha512", "sha256", "sha1" (somewhat insecure), "ripemd160", "md5" (insecure) or "md4" (insecure).])],
+      "sha512", "sha256", "sha1", "ripemd160", "whirlpool".])],
+  if test "x$enableval" = xwhirlpool; then HMAC=whirlpool; fi
+  if test "x$enableval" = xsha512   ; then HMAC=sha512   ; fi
+  if test "x$enableval" = xsha256   ; then HMAC=sha256   ; fi
+  if test "x$enableval" = xsha1     ; then HMAC=sha1     ; fi
+  if test "x$enableval" = xripemd160; then HMAC=ripemd160; fi
+)
+AC_DEFINE_UNQUOTED(ENABLE_HMAC, EVP_${HMAC}, [Select the HMAC digest algorithm to use.])
+AUTH=sha512
+AC_ARG_ENABLE(auth-digest,
+  [AS_HELP_STRING(--enable-auth-digest=DIGEST,[
+      Select the hmac algorithm to use (default "sha512"). Must be one of
+      "sha512", "sha256", "whirlpool".])],
+  if test "x$enableval" = xwhirlpool; then AUTH=whirlpool; fi
-  if test "x$enableval" = xsha512   ; then DIGEST=sha512   ; fi
+  if test "x$enableval" = xsha512   ; then AUTH=sha512   ; fi
-  if test "x$enableval" = xsha256   ; then DIGEST=sha256   ; fi
+  if test "x$enableval" = xsha256   ; then AUTH=sha256   ; fi
-  if test "x$enableval" = xsha1     ; then DIGEST=sha1     ; fi
-  if test "x$enableval" = xripemd160; then DIGEST=ripemd160; fi
-  if test "x$enableval" = xmd5      ; then DIGEST=md5      ; fi
-  if test "x$enableval" = xmd4      ; then DIGEST=md4      ; fi
 )
-AC_DEFINE_UNQUOTED(ENABLE_DIGEST, EVP_${DIGEST}, [Select the digest algorithm to use.])
+AC_DEFINE_UNQUOTED(ENABLE_AUTH, EVP_${AUTH}, [Select the auth digest algorithm to use.])
 if $CXX -v --help 2>&1 | grep -q fno-rtti; then
    CXXFLAGS="$CXXFLAGS -fno-rtti"
 fi
 echo
 echo "***"
 echo "*** Configuration Summary"
 echo "***"
 echo "*** Kernel Iface: $IFTYPE/$IFSUBTYPE"
+echo "*** RSA size:     $RSA"
 echo "*** Cipher used:  $CIPHER"
 echo "*** Digest used:  $DIGEST"
+echo "*** Authdigest:   $AUTH"
 echo "*** HMAC length:  $HMAC"
 echo "*** RAND used:    $RAND"
 echo "*** Max. MTU:     $MTU"
 echo "***"
 echo "*** Enable options:"
 grep ENABLE_ config.h | sed -e 's/^/*** /'
-if test "x$DIGEST" = xmd4; then
-echo "***"
-echo "*** WARNING: The digest you have chosen ($DIGEST) is known to be insecure"
-fi
-if test "$HMAC" -lt 12; then
+if test "$HMACSIZE" -lt 12; then
 echo "***"
-echo "*** WARNING: The hmac length you have chosen ($HMAC) is probably insecure"
+echo "*** WARNING: The hmac length you have chosen ($HMACSIZE) is quite insecure"
 fi
-if test "$RAND" -lt 8; then
+if test "$RANDSIZE" -lt 12; then
 echo "***"
-echo "*** WARNING: The random prefix you have chosen ($RAND) is probably insecure"
+echo "*** WARNING: The random prefix you have chosen ($RANDSIZE) is probably insecure"
 fi
 echo "***"
 echo

Diff Legend

-–
+Removed lines
-+
+Added lines
-<
+Changed lines
->
+Changed lines

Comparing gvpe/configure.ac (file contents): Revision 1.57 by root, Tue Feb 15 13:31:22 2011 UTC vs. Revision 1.63 by root, Thu Jul 18 13:35:19 2013 UTC

Diff Legend

Comparing gvpe/configure.ac (file contents):
Revision 1.57 by root, Tue Feb 15 13:31:22 2011 UTC vs.
Revision 1.63 by root, Thu Jul 18 13:35:19 2013 UTC