… | |
… | |
767 | enable_static_daemon |
767 | enable_static_daemon |
768 | enable_icmp |
768 | enable_icmp |
769 | enable_tcp |
769 | enable_tcp |
770 | enable_http_proxy |
770 | enable_http_proxy |
771 | enable_dns |
771 | enable_dns |
|
|
772 | enable_rsa_length |
772 | enable_hmac_length |
773 | enable_hmac_length |
773 | enable_rand_length |
774 | enable_rand_length |
774 | enable_max_mtu |
775 | enable_max_mtu |
775 | enable_compression |
776 | enable_compression |
776 | enable_cipher |
777 | enable_cipher |
777 | enable_digest |
778 | enable_hmac_digest |
|
|
779 | enable_auth_digest |
778 | ' |
780 | ' |
779 | ac_precious_vars='build_alias |
781 | ac_precious_vars='build_alias |
780 | host_alias |
782 | host_alias |
781 | target_alias |
783 | target_alias |
782 | CC |
784 | CC |
… | |
… | |
1428 | --disable-icmp enable icmp protocol support (default enabled). |
1430 | --disable-icmp enable icmp protocol support (default enabled). |
1429 | --disable-tcp enable tcp protocol support (default enabled). |
1431 | --disable-tcp enable tcp protocol support (default enabled). |
1430 | --disable-http-proxy enable http proxy connect support (default enabled). |
1432 | --disable-http-proxy enable http proxy connect support (default enabled). |
1431 | --enable-dns enable dns tunnel protocol support (default |
1433 | --enable-dns enable dns tunnel protocol support (default |
1432 | disabled). |
1434 | disabled). |
|
|
1435 | --enable-rsa-length=BITS |
|
|
1436 | use BITS rsa keys (default 3072). Allowed values are |
|
|
1437 | 2048-10240. |
1433 | --enable-hmac-length=BYTES |
1438 | --enable-hmac-length=BYTES |
1434 | use a hmac of length BYTES bytes (default 12). |
1439 | use a hmac of length BYTES bytes (default 12). |
1435 | Allowed values are 4, 8, 12, 16. |
1440 | Allowed values are 4, 8, 12, 16. |
1436 | --enable-rand-length=BYTES |
1441 | --enable-rand-length=BYTES |
1437 | use BYTES bytes of extra randomness (default 8). |
1442 | use BYTES bytes of extra randomness (default 12). |
1438 | Allowed values are 0, 4, 8. |
1443 | Allowed values are 0, 4, 8, 12. |
1439 | --enable-max-mtu=BYTES enable mtu sizes upto BYTES bytes (default 1500). |
1444 | --enable-max-mtu=BYTES enable mtu sizes upto BYTES bytes (default 1500). |
1440 | Use 9100 for jumbogram support. |
1445 | Use 9100 for jumbogram support. |
1441 | --disable-compression Disable compression support. |
1446 | --disable-compression Disable compression support. |
1442 | --enable-cipher=CIPHER Select the symmetric cipher (default "aes-128"). |
1447 | --enable-cipher=CIPHER Select the symmetric cipher (default "aes-128"). |
1443 | Must be one of "bf" (blowfish), "aes-128" |
1448 | Must be one of "bf" (blowfish), "aes-128" |
1444 | (rijndael), "aes-192" or "aes-256". |
1449 | (rijndael), "aes-192", "aes-256", "camellia-128" or |
1445 | --enable-digest=CIPHER Select the digest algorithm to use (default |
1450 | "camellia-256". |
|
|
1451 | --enable-hmac-digest=HMAC |
|
|
1452 | Select the HMAC digest algorithm to use (default |
1446 | "ripemd160"). Must be one of "sha512", "sha256", |
1453 | "sha1"). Must be one of "sha512", "sha256", "sha1", |
1447 | "sha1" (somewhat insecure), "ripemd160", "md5" |
1454 | "ripemd160", "whirlpool". |
1448 | (insecure) or "md4" (insecure). |
1455 | --enable-auth-digest=DIGEST |
|
|
1456 | Select the hmac algorithm to use (default "sha512"). |
|
|
1457 | Must be one of "sha512", "sha256", "whirlpool". |
1449 | |
1458 | |
1450 | Optional Packages: |
1459 | Optional Packages: |
1451 | --with-PACKAGE[=ARG] use PACKAGE [ARG=yes] |
1460 | --with-PACKAGE[=ARG] use PACKAGE [ARG=yes] |
1452 | --without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no) |
1461 | --without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no) |
1453 | --with-gnu-ld assume the C compiler uses GNU ld default=no |
1462 | --with-gnu-ld assume the C compiler uses GNU ld default=no |
… | |
… | |
3199 | fi |
3208 | fi |
3200 | |
3209 | |
3201 | |
3210 | |
3202 | # Define the identity of the package. |
3211 | # Define the identity of the package. |
3203 | PACKAGE=gvpe |
3212 | PACKAGE=gvpe |
3204 | VERSION=2.24 |
3213 | VERSION=2.25 |
3205 | |
3214 | |
3206 | |
3215 | |
3207 | cat >>confdefs.h <<_ACEOF |
3216 | cat >>confdefs.h <<_ACEOF |
3208 | #define PACKAGE "$PACKAGE" |
3217 | #define PACKAGE "$PACKAGE" |
3209 | _ACEOF |
3218 | _ACEOF |
… | |
… | |
8585 | |
8594 | |
8586 | |
8595 | |
8587 | fi |
8596 | fi |
8588 | |
8597 | |
8589 | |
8598 | |
|
|
8599 | RSA=3072 |
|
|
8600 | # Check whether --enable-rsa-length was given. |
|
|
8601 | if test "${enable_rsa_length+set}" = set; then : |
|
|
8602 | enableval=$enable_rsa_length; RSA=$enableval |
|
|
8603 | |
|
|
8604 | fi |
|
|
8605 | |
|
|
8606 | |
|
|
8607 | cat >>confdefs.h <<_ACEOF |
|
|
8608 | #define RSABITS $RSA |
|
|
8609 | _ACEOF |
|
|
8610 | |
|
|
8611 | |
8590 | HMAC=12 |
8612 | HMACSIZE=12 |
8591 | # Check whether --enable-hmac-length was given. |
8613 | # Check whether --enable-hmac-length was given. |
8592 | if test "${enable_hmac_length+set}" = set; then : |
8614 | if test "${enable_hmac_length+set}" = set; then : |
8593 | enableval=$enable_hmac_length; HMAC=$enableval |
8615 | enableval=$enable_hmac_length; HMACSIZE=$enableval |
8594 | |
8616 | |
8595 | fi |
8617 | fi |
8596 | |
8618 | |
8597 | |
8619 | |
8598 | cat >>confdefs.h <<_ACEOF |
8620 | cat >>confdefs.h <<_ACEOF |
8599 | #define HMACLENGTH $HMAC |
8621 | #define HMACLENGTH $HMACSIZE |
8600 | _ACEOF |
8622 | _ACEOF |
8601 | |
8623 | |
8602 | |
8624 | |
8603 | RAND=8 |
8625 | RANDSIZE=12 |
8604 | # Check whether --enable-rand-length was given. |
8626 | # Check whether --enable-rand-length was given. |
8605 | if test "${enable_rand_length+set}" = set; then : |
8627 | if test "${enable_rand_length+set}" = set; then : |
8606 | enableval=$enable_rand_length; RAND=$enableval |
8628 | enableval=$enable_rand_length; RANDSIZE=$enableval |
8607 | |
8629 | |
8608 | fi |
8630 | fi |
8609 | |
8631 | |
8610 | |
8632 | |
8611 | cat >>confdefs.h <<_ACEOF |
8633 | cat >>confdefs.h <<_ACEOF |
8612 | #define RAND_SIZE $RAND |
8634 | #define RAND_SIZE $RANDSIZE |
8613 | _ACEOF |
8635 | _ACEOF |
8614 | |
8636 | |
8615 | |
8637 | |
8616 | MTU=1500 |
8638 | MTU=1500 |
8617 | # Check whether --enable-max-mtu was given. |
8639 | # Check whether --enable-max-mtu was given. |
… | |
… | |
8642 | |
8664 | |
8643 | |
8665 | |
8644 | CIPHER=aes_128_cbc |
8666 | CIPHER=aes_128_cbc |
8645 | # Check whether --enable-cipher was given. |
8667 | # Check whether --enable-cipher was given. |
8646 | if test "${enable_cipher+set}" = set; then : |
8668 | if test "${enable_cipher+set}" = set; then : |
8647 | enableval=$enable_cipher; if test "x$enableval" = xbf ; then CIPHER=bf_cbc ; fi |
8669 | enableval=$enable_cipher; if test "x$enableval" = xbf ; then CIPHER=bf_cbc ; fi |
8648 | if test "x$enableval" = xaes-128; then CIPHER=aes_128_cbc; fi |
8670 | if test "x$enableval" = xaes-128 ; then CIPHER=aes_128_cbc ; fi |
8649 | if test "x$enableval" = xaes-192; then CIPHER=aes_192_cbc; fi |
8671 | if test "x$enableval" = xaes-192 ; then CIPHER=aes_192_cbc ; fi |
8650 | if test "x$enableval" = xaes-256; then CIPHER=aes_256_cbc; fi |
8672 | if test "x$enableval" = xaes-256 ; then CIPHER=aes_256_cbc ; fi |
|
|
8673 | if test "x$enableval" = xcamellia-128; then CIPHER=camellia_128_cbc; fi |
|
|
8674 | if test "x$enableval" = xcamellia-256; then CIPHER=camellia_256_cbc; fi |
8651 | |
8675 | |
8652 | fi |
8676 | fi |
8653 | |
8677 | |
8654 | |
8678 | |
8655 | cat >>confdefs.h <<_ACEOF |
8679 | cat >>confdefs.h <<_ACEOF |
8656 | #define ENABLE_CIPHER EVP_${CIPHER} |
8680 | #define ENABLE_CIPHER EVP_${CIPHER} |
8657 | _ACEOF |
8681 | _ACEOF |
8658 | |
8682 | |
8659 | |
8683 | |
8660 | DIGEST=ripemd160 |
8684 | HMAC=sha1 |
8661 | # Check whether --enable-digest was given. |
8685 | # Check whether --enable-hmac-digest was given. |
8662 | if test "${enable_digest+set}" = set; then : |
8686 | if test "${enable_hmac_digest+set}" = set; then : |
|
|
8687 | enableval=$enable_hmac_digest; if test "x$enableval" = xwhirlpool; then HMAC=whirlpool; fi |
8663 | enableval=$enable_digest; if test "x$enableval" = xsha512 ; then DIGEST=sha512 ; fi |
8688 | if test "x$enableval" = xsha512 ; then HMAC=sha512 ; fi |
8664 | if test "x$enableval" = xsha256 ; then DIGEST=sha256 ; fi |
8689 | if test "x$enableval" = xsha256 ; then HMAC=sha256 ; fi |
8665 | if test "x$enableval" = xsha1 ; then DIGEST=sha1 ; fi |
8690 | if test "x$enableval" = xsha1 ; then HMAC=sha1 ; fi |
8666 | if test "x$enableval" = xripemd160; then DIGEST=ripemd160; fi |
8691 | if test "x$enableval" = xripemd160; then HMAC=ripemd160; fi |
8667 | if test "x$enableval" = xmd5 ; then DIGEST=md5 ; fi |
|
|
8668 | if test "x$enableval" = xmd4 ; then DIGEST=md4 ; fi |
|
|
8669 | |
8692 | |
8670 | fi |
8693 | fi |
8671 | |
8694 | |
8672 | |
8695 | |
8673 | cat >>confdefs.h <<_ACEOF |
8696 | cat >>confdefs.h <<_ACEOF |
|
|
8697 | #define ENABLE_HMAC EVP_${HMAC} |
|
|
8698 | _ACEOF |
|
|
8699 | |
|
|
8700 | |
|
|
8701 | AUTH=sha512 |
|
|
8702 | # Check whether --enable-auth-digest was given. |
|
|
8703 | if test "${enable_auth_digest+set}" = set; then : |
|
|
8704 | enableval=$enable_auth_digest; if test "x$enableval" = xwhirlpool; then AUTH=whirlpool; fi |
|
|
8705 | if test "x$enableval" = xsha512 ; then AUTH=sha512 ; fi |
|
|
8706 | if test "x$enableval" = xsha256 ; then AUTH=sha256 ; fi |
|
|
8707 | |
|
|
8708 | fi |
|
|
8709 | |
|
|
8710 | |
|
|
8711 | cat >>confdefs.h <<_ACEOF |
8674 | #define ENABLE_DIGEST EVP_${DIGEST} |
8712 | #define ENABLE_AUTH EVP_${AUTH} |
8675 | _ACEOF |
8713 | _ACEOF |
8676 | |
8714 | |
8677 | |
8715 | |
8678 | if $CXX -v --help 2>&1 | grep -q fno-rtti; then |
8716 | if $CXX -v --help 2>&1 | grep -q fno-rtti; then |
8679 | CXXFLAGS="$CXXFLAGS -fno-rtti" |
8717 | CXXFLAGS="$CXXFLAGS -fno-rtti" |
… | |
… | |
10263 | echo |
10301 | echo |
10264 | echo "***" |
10302 | echo "***" |
10265 | echo "*** Configuration Summary" |
10303 | echo "*** Configuration Summary" |
10266 | echo "***" |
10304 | echo "***" |
10267 | echo "*** Kernel Iface: $IFTYPE/$IFSUBTYPE" |
10305 | echo "*** Kernel Iface: $IFTYPE/$IFSUBTYPE" |
|
|
10306 | echo "*** RSA size: $RSA" |
10268 | echo "*** Cipher used: $CIPHER" |
10307 | echo "*** Cipher used: $CIPHER" |
10269 | echo "*** Digest used: $DIGEST" |
10308 | echo "*** Digest used: $DIGEST" |
|
|
10309 | echo "*** Authdigest: $AUTH" |
10270 | echo "*** HMAC length: $HMAC" |
10310 | echo "*** HMAC length: $HMAC" |
10271 | echo "*** RAND used: $RAND" |
10311 | echo "*** RAND used: $RAND" |
10272 | echo "*** Max. MTU: $MTU" |
10312 | echo "*** Max. MTU: $MTU" |
10273 | |
10313 | |
10274 | echo "***" |
10314 | echo "***" |
10275 | echo "*** Enable options:" |
10315 | echo "*** Enable options:" |
10276 | grep ENABLE_ config.h | sed -e 's/^/*** /' |
10316 | grep ENABLE_ config.h | sed -e 's/^/*** /' |
10277 | |
10317 | |
10278 | if test "x$DIGEST" = xmd4; then |
10318 | if test "$HMACSIZE" -lt 12; then |
10279 | echo "***" |
10319 | echo "***" |
10280 | echo "*** WARNING: The digest you have chosen ($DIGEST) is known to be insecure" |
10320 | echo "*** WARNING: The hmac length you have chosen ($HMACSIZE) is quite insecure" |
10281 | fi |
10321 | fi |
10282 | |
10322 | |
10283 | if test "x$DIGEST" = xmd5; then |
10323 | if test "$RANDSIZE" -lt 12; then |
10284 | echo "***" |
10324 | echo "***" |
10285 | echo "*** WARNING: The digest you have chosen ($DIGEST) is probably insecure" |
|
|
10286 | fi |
|
|
10287 | |
|
|
10288 | if test "$HMAC" -lt 12; then |
|
|
10289 | echo "***" |
|
|
10290 | echo "*** WARNING: The hmac length you have chosen ($HMAC) is probably insecure" |
|
|
10291 | fi |
|
|
10292 | |
|
|
10293 | if test "$RAND" -lt 8; then |
|
|
10294 | echo "***" |
|
|
10295 | echo "*** WARNING: The random prefix you have chosen ($RAND) is probably insecure" |
10325 | echo "*** WARNING: The random prefix you have chosen ($RANDSIZE) is probably insecure" |
10296 | fi |
10326 | fi |
10297 | |
10327 | |
10298 | echo "***" |
10328 | echo "***" |
10299 | echo |
10329 | echo |
10300 | |
10330 | |