… | |
… | |
761 | enable_tcp |
761 | enable_tcp |
762 | enable_http_proxy |
762 | enable_http_proxy |
763 | enable_dns |
763 | enable_dns |
764 | enable_rsa_length |
764 | enable_rsa_length |
765 | enable_hmac_length |
765 | enable_hmac_length |
766 | enable_rand_length |
|
|
767 | enable_max_mtu |
766 | enable_max_mtu |
768 | enable_compression |
767 | enable_compression |
769 | enable_cipher |
768 | enable_cipher |
770 | enable_hmac_digest |
769 | enable_hmac_digest |
771 | enable_auth_digest |
770 | enable_auth_digest |
… | |
… | |
1428 | use BITS rsa keys (default 3072). Allowed values are |
1427 | use BITS rsa keys (default 3072). Allowed values are |
1429 | 2048-10240. |
1428 | 2048-10240. |
1430 | --enable-hmac-length=BYTES |
1429 | --enable-hmac-length=BYTES |
1431 | use a hmac of length BYTES bytes (default 12). |
1430 | use a hmac of length BYTES bytes (default 12). |
1432 | Allowed values are 4, 8, 12, 16. |
1431 | Allowed values are 4, 8, 12, 16. |
1433 | --enable-rand-length=BYTES |
|
|
1434 | use BYTES bytes of extra randomness (default 12). |
|
|
1435 | Allowed values are 0, 4, 8, 12. |
|
|
1436 | --enable-max-mtu=BYTES enable mtu sizes upto BYTES bytes (default 1500). |
1432 | --enable-max-mtu=BYTES enable mtu sizes upto BYTES bytes (default 1500). |
1437 | Use 9100 for jumbogram support. |
1433 | Use 9100 for jumbogram support. |
1438 | --disable-compression Disable compression support. |
1434 | --disable-compression Disable compression support. |
1439 | --enable-cipher=CIPHER Select the symmetric cipher (default "aes-128"). |
1435 | --enable-cipher=CIPHER Select the symmetric cipher (default "aes-128"). |
1440 | Must be one of "bf" (blowfish), "aes-128" |
1436 | Must be one of "aes-128" (rijndael), "aes-192", or |
1441 | (rijndael), "aes-192", "aes-256", "camellia-128" or |
|
|
1442 | "camellia-256". |
1437 | "aes-256". |
1443 | --enable-hmac-digest=HMAC |
1438 | --enable-hmac-digest=HMAC |
1444 | Select the HMAC digest algorithm to use (default |
1439 | Select the HMAC digest algorithm to use (default |
1445 | "sha1"). Must be one of "sha512", "sha256", "sha1", |
1440 | "sha1"). Must be one of "sha512", "sha256", "sha1", |
1446 | "ripemd160", "whirlpool". |
1441 | "ripemd160", "whirlpool". |
1447 | --enable-auth-digest=DIGEST |
1442 | --enable-auth-digest=DIGEST |
… | |
… | |
8482 | cat >>confdefs.h <<_ACEOF |
8477 | cat >>confdefs.h <<_ACEOF |
8483 | #define HMACLENGTH $HMACSIZE |
8478 | #define HMACLENGTH $HMACSIZE |
8484 | _ACEOF |
8479 | _ACEOF |
8485 | |
8480 | |
8486 | |
8481 | |
8487 | RANDSIZE=12 |
|
|
8488 | # Check whether --enable-rand-length was given. |
|
|
8489 | if test "${enable_rand_length+set}" = set; then : |
|
|
8490 | enableval=$enable_rand_length; RANDSIZE=$enableval |
|
|
8491 | |
|
|
8492 | fi |
|
|
8493 | |
|
|
8494 | |
|
|
8495 | cat >>confdefs.h <<_ACEOF |
|
|
8496 | #define RAND_SIZE $RANDSIZE |
|
|
8497 | _ACEOF |
|
|
8498 | |
|
|
8499 | |
|
|
8500 | MTU=1500 |
8482 | MTU=1500 |
8501 | # Check whether --enable-max-mtu was given. |
8483 | # Check whether --enable-max-mtu was given. |
8502 | if test "${enable_max_mtu+set}" = set; then : |
8484 | if test "${enable_max_mtu+set}" = set; then : |
8503 | enableval=$enable_max_mtu; MTU=$enableval |
8485 | enableval=$enable_max_mtu; MTU=$enableval |
8504 | |
8486 | |
… | |
… | |
8523 | cat >>confdefs.h <<_ACEOF |
8505 | cat >>confdefs.h <<_ACEOF |
8524 | #define ENABLE_COMPRESSION $COMPRESS |
8506 | #define ENABLE_COMPRESSION $COMPRESS |
8525 | _ACEOF |
8507 | _ACEOF |
8526 | |
8508 | |
8527 | |
8509 | |
8528 | CIPHER=aes_128_cbc |
8510 | CIPHER=aes_128_ctr |
8529 | # Check whether --enable-cipher was given. |
8511 | # Check whether --enable-cipher was given. |
8530 | if test "${enable_cipher+set}" = set; then : |
8512 | if test "${enable_cipher+set}" = set; then : |
8531 | enableval=$enable_cipher; if test "x$enableval" = xbf ; then CIPHER=bf_cbc ; fi |
8513 | enableval=$enable_cipher; #if test "x$enableval" = xbf ; then CIPHER=bf_ctr ; fi |
8532 | if test "x$enableval" = xaes-128 ; then CIPHER=aes_128_cbc ; fi |
8514 | if test "x$enableval" = xaes-128 ; then CIPHER=aes_128_ctr ; fi |
8533 | if test "x$enableval" = xaes-192 ; then CIPHER=aes_192_cbc ; fi |
8515 | if test "x$enableval" = xaes-192 ; then CIPHER=aes_192_ctr ; fi |
8534 | if test "x$enableval" = xaes-256 ; then CIPHER=aes_256_cbc ; fi |
8516 | if test "x$enableval" = xaes-256 ; then CIPHER=aes_256_ctr ; fi |
8535 | if test "x$enableval" = xcamellia-128; then CIPHER=camellia_128_cbc; fi |
8517 | #if test "x$enableval" = xcamellia-128; then CIPHER=camellia_128_ctr; fi |
8536 | if test "x$enableval" = xcamellia-256; then CIPHER=camellia_256_cbc; fi |
8518 | #if test "x$enableval" = xcamellia-256; then CIPHER=camellia_256_ctr; fi |
8537 | |
8519 | |
8538 | fi |
8520 | fi |
8539 | |
8521 | |
8540 | |
8522 | |
8541 | cat >>confdefs.h <<_ACEOF |
8523 | cat >>confdefs.h <<_ACEOF |
… | |
… | |
10146 | echo "*** RSA size: $RSA" |
10128 | echo "*** RSA size: $RSA" |
10147 | echo "*** Cipher used: $CIPHER" |
10129 | echo "*** Cipher used: $CIPHER" |
10148 | echo "*** Digest used: $DIGEST" |
10130 | echo "*** Digest used: $DIGEST" |
10149 | echo "*** Authdigest: $AUTH" |
10131 | echo "*** Authdigest: $AUTH" |
10150 | echo "*** HMAC length: $HMAC" |
10132 | echo "*** HMAC length: $HMAC" |
10151 | echo "*** RAND used: $RAND" |
|
|
10152 | echo "*** Max. MTU: $MTU" |
10133 | echo "*** Max. MTU: $MTU" |
10153 | |
10134 | |
10154 | echo "***" |
10135 | echo "***" |
10155 | echo "*** Enable options:" |
10136 | echo "*** Enable options:" |
10156 | grep ENABLE_ config.h | sed -e 's/^/*** /' |
10137 | grep ENABLE_ config.h | sed -e 's/^/*** /' |
… | |
… | |
10158 | if test "$HMACSIZE" -lt 12; then |
10139 | if test "$HMACSIZE" -lt 12; then |
10159 | echo "***" |
10140 | echo "***" |
10160 | echo "*** WARNING: The hmac length you have chosen ($HMACSIZE) is quite insecure" |
10141 | echo "*** WARNING: The hmac length you have chosen ($HMACSIZE) is quite insecure" |
10161 | fi |
10142 | fi |
10162 | |
10143 | |
10163 | if test "$RANDSIZE" -lt 12; then |
|
|
10164 | echo "***" |
|
|
10165 | echo "*** WARNING: The random prefix you have chosen ($RANDSIZE) is probably insecure" |
|
|
10166 | fi |
|
|
10167 | |
|
|
10168 | echo "***" |
10144 | echo "***" |
10169 | echo |
10145 | echo |
10170 | |
10146 | |
10171 | |
10147 | |