--- gvpe/configure.ac	2011/10/18 13:24:01	1.59
+++ gvpe/configure.ac	2018/10/25 04:32:26	1.66
@@ -1,10 +1,10 @@
 dnl Process this file with autoconf to produce a configure script.
 
-AC_PREREQ(2.59)
+AC_PREREQ(2.69)
 AC_INIT
 AC_CONFIG_SRCDIR([src/gvpe.C])
 AC_CANONICAL_TARGET
-AM_INIT_AUTOMAKE(gvpe, 2.24)
+AM_INIT_AUTOMAKE(gvpe, 3.1)
 AC_CONFIG_HEADERS([config.h])
 AM_MAINTAINER_MODE
 
@@ -48,9 +48,6 @@
 #endif
 ])
 
-dnl Include the macros from the m4/ directory
-AM_ACLOCAL_INCLUDE(m4)
-
 AM_GNU_GETTEXT([external])
 AM_GNU_GETTEXT_VERSION(0.11.5)
 
@@ -239,11 +236,7 @@
 dnl These are defined in files in m4/
 tinc_TUNTAP
 
-tinc_OPENSSL
-if test "x$openssl_include" != x; then
-   CXXFLAGS="$CXXFLAGS -I$openssl_include"
-fi
-dnl tinc_ZLIB
+PKG_CHECK_MODULES([LIBCRYPTO], [libcrypto >= 1])
 
 AC_ARG_ENABLE(threads,
   [AS_HELP_STRING(--enable-threads,try to use threads for long-running asynchronous operations (default enabled).)],
@@ -332,21 +325,21 @@
   ]
 )
 
-HMAC=12
+RSA=3072
+AC_ARG_ENABLE(rsa-length,
+  [AS_HELP_STRING(--enable-rsa-length=BITS,[
+      use BITS rsa keys (default 3072). Allowed values are 2048-10240.])],
+  RSA=$enableval
+)
+AC_DEFINE_UNQUOTED(RSABITS, $RSA, [Size of RSA keys.])
+
+HMACSIZE=12
 AC_ARG_ENABLE(hmac-length,
   [AS_HELP_STRING(--enable-hmac-length=BYTES,[
       use a hmac of length BYTES bytes (default 12). Allowed values are 4, 8, 12, 16.])],
-  HMAC=$enableval
+  HMACSIZE=$enableval
 )
-AC_DEFINE_UNQUOTED(HMACLENGTH, $HMAC, [Size of HMAC in each packet in bytes.])
-
-RAND=8
-AC_ARG_ENABLE(rand-length,
-  [AS_HELP_STRING(--enable-rand-length=BYTES,
-      [use BYTES bytes of extra randomness (default 8). Allowed values are 0, 4, 8.])],
-  RAND=$enableval
-)
-AC_DEFINE_UNQUOTED(RAND_SIZE, $RAND, [Add this many bytes of randomness to each packet.])
+AC_DEFINE_UNQUOTED(HMACLENGTH, $HMACSIZE, [Size of HMAC in each packet in bytes.])
 
 MTU=1500
 AC_ARG_ENABLE(max-mtu,
@@ -364,31 +357,43 @@
 )
 AC_DEFINE_UNQUOTED(ENABLE_COMPRESSION, $COMPRESS, [Enable compression support.])
 
-CIPHER=aes_128_cbc
+CIPHER=aes_128_ctr
 AC_ARG_ENABLE(cipher,
   [AS_HELP_STRING(--enable-cipher=CIPHER,[
       Select the symmetric cipher (default "aes-128").
-      Must be one of "bf" (blowfish), "aes-128" (rijndael), "aes-192" or "aes-256".])],
-  if test "x$enableval" = xbf     ; then CIPHER=bf_cbc     ; fi
-  if test "x$enableval" = xaes-128; then CIPHER=aes_128_cbc; fi
-  if test "x$enableval" = xaes-192; then CIPHER=aes_192_cbc; fi
-  if test "x$enableval" = xaes-256; then CIPHER=aes_256_cbc; fi
+      Must be one of "aes-128" (rijndael), "aes-192", or "aes-256".])],
+  #if test "x$enableval" = xbf          ; then CIPHER=bf_ctr          ; fi
+  if test "x$enableval" = xaes-128     ; then CIPHER=aes_128_ctr     ; fi
+  if test "x$enableval" = xaes-192     ; then CIPHER=aes_192_ctr     ; fi
+  if test "x$enableval" = xaes-256     ; then CIPHER=aes_256_ctr     ; fi
+  #if test "x$enableval" = xcamellia-128; then CIPHER=camellia_128_ctr; fi
+  #if test "x$enableval" = xcamellia-256; then CIPHER=camellia_256_ctr; fi
 )
 AC_DEFINE_UNQUOTED(ENABLE_CIPHER, EVP_${CIPHER}, [Select the symmetric cipher to use.])
 
-DIGEST=ripemd160
-AC_ARG_ENABLE(digest,
-  [AS_HELP_STRING(--enable-digest=CIPHER,[
-      Select the digest algorithm to use (default "ripemd160"). Must be one of
-      "sha512", "sha256", "sha1" (somewhat insecure), "ripemd160", "md5" (insecure) or "md4" (insecure).])],
-  if test "x$enableval" = xsha512   ; then DIGEST=sha512   ; fi
-  if test "x$enableval" = xsha256   ; then DIGEST=sha256   ; fi
-  if test "x$enableval" = xsha1     ; then DIGEST=sha1     ; fi
-  if test "x$enableval" = xripemd160; then DIGEST=ripemd160; fi
-  if test "x$enableval" = xmd5      ; then DIGEST=md5      ; fi
-  if test "x$enableval" = xmd4      ; then DIGEST=md4      ; fi
+HMAC=sha1
+AC_ARG_ENABLE(hmac-digest,
+  [AS_HELP_STRING(--enable-hmac-digest=HMAC,[
+      Select the HMAC digest algorithm to use (default "sha1"). Must be one of
+      "sha512", "sha256", "sha1", "ripemd160", "whirlpool".])],
+  if test "x$enableval" = xwhirlpool; then HMAC=whirlpool; fi
+  if test "x$enableval" = xsha512   ; then HMAC=sha512   ; fi
+  if test "x$enableval" = xsha256   ; then HMAC=sha256   ; fi
+  if test "x$enableval" = xsha1     ; then HMAC=sha1     ; fi
+  if test "x$enableval" = xripemd160; then HMAC=ripemd160; fi
+)
+AC_DEFINE_UNQUOTED(ENABLE_HMAC, EVP_${HMAC}, [Select the HMAC digest algorithm to use.])
+
+AUTH=sha512
+AC_ARG_ENABLE(auth-digest,
+  [AS_HELP_STRING(--enable-auth-digest=DIGEST,[
+      Select the hmac algorithm to use (default "sha512"). Must be one of
+      "sha512", "sha256", "whirlpool".])],
+  if test "x$enableval" = xwhirlpool; then AUTH=whirlpool; fi
+  if test "x$enableval" = xsha512   ; then AUTH=sha512   ; fi
+  if test "x$enableval" = xsha256   ; then AUTH=sha256   ; fi
 )
-AC_DEFINE_UNQUOTED(ENABLE_DIGEST, EVP_${DIGEST}, [Select the digest algorithm to use.])
+AC_DEFINE_UNQUOTED(ENABLE_AUTH, EVP_${AUTH}, [Select the auth digest algorithm to use.])
 
 if $CXX -v --help 2>&1 | grep -q fno-rtti; then
    CXXFLAGS="$CXXFLAGS -fno-rtti"
@@ -403,7 +408,7 @@
 dnl if $CXX -v --help 2>&1 | grep -q ffunction-sections; then
 dnl    CXXFLAGS="$CXXFLAGS -ffunction-sections"
 dnl fi
-dnl 
+dnl
 dnl if $LD -v --help 2>&1 | grep -q gc-sections; then
 dnl    LDFLAGS="$LDFLAGS -Wl,--gc-sections"
 dnl fi
@@ -423,37 +428,56 @@
 echo "*** Configuration Summary"
 echo "***"
 echo "*** Kernel Iface: $IFTYPE/$IFSUBTYPE"
+echo "*** RSA size:     $RSA"
 echo "*** Cipher used:  $CIPHER"
 echo "*** Digest used:  $DIGEST"
+echo "*** Authdigest:   $AUTH"
 echo "*** HMAC length:  $HMAC"
-echo "*** RAND used:    $RAND"
 echo "*** Max. MTU:     $MTU"
 
 echo "***"
 echo "*** Enable options:"
 grep ENABLE_ config.h | sed -e 's/^/*** /'
 
-if test "x$DIGEST" = xmd4; then
+if test "$HMACSIZE" -lt 12; then
 echo "***"
-echo "*** WARNING: The digest you have chosen ($DIGEST) is known to be insecure"
+echo "*** WARNING: The hmac length you have chosen ($HMACSIZE) is quite insecure"
 fi
 
-if test "x$DIGEST" = xmd5; then
 echo "***"
-echo "*** WARNING: The digest you have chosen ($DIGEST) is probably insecure"
-fi
+echo
 
-if test "$HMAC" -lt 12; then
-echo "***"
-echo "*** WARNING: The hmac length you have chosen ($HMAC) is probably insecure"
-fi
+if pkg-config --exists 'libcrypto >= 1.1 libcrypto < 2.0'; then
+   cat <<EOF
+@<:@33m
+***
+*** WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+***
+*** You seem to configure gvpe with OpenSSL 1.1 or newer.
+*** While this probably compiles, please note that this is not only
+*** unsupported, but also discouraged.
+***
+*** It is recommended to use either OpenSSL 1.0, as long as that is still
+*** supported, or LibreSSL (https://www.libressl.org/).
+***
+*** This is not a political issue - while porting GVPE to the newer
+*** OpenSSL 1.1 API, I encountered two incompatible API changes that were
+*** not documented, were not caught while compiling but caused security
+*** issues. When reported, the reaction of the OpenSSL developers was to
+*** update the documentation.
+***
+*** As a result, I lost all confidence in the ability and desire of
+*** OpenSSL developers to create a safe API, and would highly recommend
+*** switching to LibreSSL which explicitly avoids such braking changes.
+***
+*** WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+***
+*** Again, do not use OpenSSL 1.1 and complain if stuff breaks.
+*** You have been warned, but your choice is respected.
+***
+@<:@0m
 
-if test "$RAND" -lt 8; then
-echo "***"
-echo "*** WARNING: The random prefix you have chosen ($RAND) is probably insecure"
+EOF
 fi
 
-echo "***"
-echo
-