--- gvpe/configure.ac	2013/07/18 13:35:19	1.63
+++ gvpe/configure.ac	2018/10/25 04:32:26	1.66
@@ -4,7 +4,7 @@
 AC_INIT
 AC_CONFIG_SRCDIR([src/gvpe.C])
 AC_CANONICAL_TARGET
-AM_INIT_AUTOMAKE(gvpe, 2.25)
+AM_INIT_AUTOMAKE(gvpe, 3.1)
 AC_CONFIG_HEADERS([config.h])
 AM_MAINTAINER_MODE
 
@@ -236,11 +236,7 @@
 dnl These are defined in files in m4/
 tinc_TUNTAP
 
-tinc_OPENSSL
-if test "x$openssl_include" != x; then
-   CXXFLAGS="$CXXFLAGS -I$openssl_include"
-fi
-dnl tinc_ZLIB
+PKG_CHECK_MODULES([LIBCRYPTO], [libcrypto >= 1])
 
 AC_ARG_ENABLE(threads,
   [AS_HELP_STRING(--enable-threads,try to use threads for long-running asynchronous operations (default enabled).)],
@@ -345,14 +341,6 @@
 )
 AC_DEFINE_UNQUOTED(HMACLENGTH, $HMACSIZE, [Size of HMAC in each packet in bytes.])
 
-RANDSIZE=12
-AC_ARG_ENABLE(rand-length,
-  [AS_HELP_STRING(--enable-rand-length=BYTES,
-      [use BYTES bytes of extra randomness (default 12). Allowed values are 0, 4, 8, 12.])],
-  RANDSIZE=$enableval
-)
-AC_DEFINE_UNQUOTED(RAND_SIZE, $RANDSIZE, [Add this many bytes of randomness to each packet.])
-
 MTU=1500
 AC_ARG_ENABLE(max-mtu,
   [AS_HELP_STRING(--enable-max-mtu=BYTES,enable mtu sizes upto BYTES bytes (default 1500). Use 9100 for jumbogram support.)],
@@ -369,17 +357,17 @@
 )
 AC_DEFINE_UNQUOTED(ENABLE_COMPRESSION, $COMPRESS, [Enable compression support.])
 
-CIPHER=aes_128_cbc
+CIPHER=aes_128_ctr
 AC_ARG_ENABLE(cipher,
   [AS_HELP_STRING(--enable-cipher=CIPHER,[
       Select the symmetric cipher (default "aes-128").
-      Must be one of "bf" (blowfish), "aes-128" (rijndael), "aes-192", "aes-256", "camellia-128" or "camellia-256".])],
-  if test "x$enableval" = xbf          ; then CIPHER=bf_cbc          ; fi
-  if test "x$enableval" = xaes-128     ; then CIPHER=aes_128_cbc     ; fi
-  if test "x$enableval" = xaes-192     ; then CIPHER=aes_192_cbc     ; fi
-  if test "x$enableval" = xaes-256     ; then CIPHER=aes_256_cbc     ; fi
-  if test "x$enableval" = xcamellia-128; then CIPHER=camellia_128_cbc; fi
-  if test "x$enableval" = xcamellia-256; then CIPHER=camellia_256_cbc; fi
+      Must be one of "aes-128" (rijndael), "aes-192", or "aes-256".])],
+  #if test "x$enableval" = xbf          ; then CIPHER=bf_ctr          ; fi
+  if test "x$enableval" = xaes-128     ; then CIPHER=aes_128_ctr     ; fi
+  if test "x$enableval" = xaes-192     ; then CIPHER=aes_192_ctr     ; fi
+  if test "x$enableval" = xaes-256     ; then CIPHER=aes_256_ctr     ; fi
+  #if test "x$enableval" = xcamellia-128; then CIPHER=camellia_128_ctr; fi
+  #if test "x$enableval" = xcamellia-256; then CIPHER=camellia_256_ctr; fi
 )
 AC_DEFINE_UNQUOTED(ENABLE_CIPHER, EVP_${CIPHER}, [Select the symmetric cipher to use.])
 
@@ -420,7 +408,7 @@
 dnl if $CXX -v --help 2>&1 | grep -q ffunction-sections; then
 dnl    CXXFLAGS="$CXXFLAGS -ffunction-sections"
 dnl fi
-dnl 
+dnl
 dnl if $LD -v --help 2>&1 | grep -q gc-sections; then
 dnl    LDFLAGS="$LDFLAGS -Wl,--gc-sections"
 dnl fi
@@ -445,7 +433,6 @@
 echo "*** Digest used:  $DIGEST"
 echo "*** Authdigest:   $AUTH"
 echo "*** HMAC length:  $HMAC"
-echo "*** RAND used:    $RAND"
 echo "*** Max. MTU:     $MTU"
 
 echo "***"
@@ -457,12 +444,40 @@
 echo "*** WARNING: The hmac length you have chosen ($HMACSIZE) is quite insecure"
 fi
 
-if test "$RANDSIZE" -lt 12; then
-echo "***"
-echo "*** WARNING: The random prefix you have chosen ($RANDSIZE) is probably insecure"
-fi
-
 echo "***"
 echo
 
+if pkg-config --exists 'libcrypto >= 1.1 libcrypto < 2.0'; then
+   cat <<EOF
+@<:@33m
+***
+*** WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+***
+*** You seem to configure gvpe with OpenSSL 1.1 or newer.
+*** While this probably compiles, please note that this is not only
+*** unsupported, but also discouraged.
+***
+*** It is recommended to use either OpenSSL 1.0, as long as that is still
+*** supported, or LibreSSL (https://www.libressl.org/).
+***
+*** This is not a political issue - while porting GVPE to the newer
+*** OpenSSL 1.1 API, I encountered two incompatible API changes that were
+*** not documented, were not caught while compiling but caused security
+*** issues. When reported, the reaction of the OpenSSL developers was to
+*** update the documentation.
+***
+*** As a result, I lost all confidence in the ability and desire of
+*** OpenSSL developers to create a safe API, and would highly recommend
+*** switching to LibreSSL which explicitly avoids such braking changes.
+***
+*** WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+***
+*** Again, do not use OpenSSL 1.1 and complain if stuff breaks.
+*** You have been warned, but your choice is respected.
+***
+@<:@0m
+
+EOF
+fi
+