diff --git a/Makefile.in b/Makefile.in index 216d1947..5647800f 100644 --- a/Makefile.in +++ b/Makefile.in @@ -43,8 +43,8 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/acx_pthread.m4 \ $(top_srcdir)/m4/inet_ntop.m4 $(top_srcdir)/m4/libtool.m4 \ $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \ $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \ - $(top_srcdir)/m4/openssl.m4 $(top_srcdir)/libev/libev.m4 \ - $(top_srcdir)/configure.ac + $(top_srcdir)/m4/openssl.m4 $(top_srcdir)/m4/polarssl.m4 \ + $(top_srcdir)/libev/libev.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) am__CONFIG_DISTCLEAN_FILES = config.status config.cache config.log \ diff --git a/aclocal.m4 b/aclocal.m4 index 7c0669d3..33cde4f3 100644 --- a/aclocal.m4 +++ b/aclocal.m4 @@ -1073,3 +1073,4 @@ m4_include([m4/ltsugar.m4]) m4_include([m4/ltversion.m4]) m4_include([m4/lt~obsolete.m4]) m4_include([m4/openssl.m4]) +m4_include([m4/polarssl.m4]) diff --git a/config.h.in b/config.h.in index 11de8db0..5dde41b3 100644 --- a/config.h.in +++ b/config.h.in @@ -273,6 +273,12 @@ /* Define to 1 if you can safely include both and . */ #undef TIME_WITH_SYS_TIME +/* Use OpenSSL library */ +#undef USE_CRYPTO_OPENSSL + +/* Use PolarSSL library */ +#undef USE_CRYPTO_POLARSSL + /* Version number of package */ #undef VERSION diff --git a/configure b/configure index 944322ff..0a472de2 100755 --- a/configure +++ b/configure @@ -738,6 +738,7 @@ ac_subst_files='' ac_user_opts=' enable_option_checking enable_dependency_tracking +with_crypto_library enable_shared enable_static with_pic @@ -748,6 +749,9 @@ enable_libtool_lock with_openssl with_openssl_include with_openssl_lib +with_polarssl +with_polarssl_include +with_polarssl_lib enable_assert enable_largefile ' @@ -1393,6 +1397,9 @@ Optional Features: Optional Packages: --with-PACKAGE[=ARG] use PACKAGE [ARG=yes] --without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no) + --with-crypto-library=library + build with the given crypto library, + TYPE=openssl|polarssl [default=openssl] --with-pic[=PKGS] try to use only PIC/non-PIC objects [default=use both] --with-gnu-ld assume the C compiler uses GNU ld [default=no] @@ -1403,6 +1410,11 @@ Optional Packages: OpenSSL headers directory (without trailing /openssl) --with-openssl-lib=DIR OpenSSL library directory + --with-polarssl=DIR PolarSSL base directory, or: + --with-polarssl-include=DIR + PolarSSL headers directory (without trailing + /polarssl) + --with-polarssl-lib=DIR PolarSSL library directory Some influential environment variables: CC C compiler command @@ -4005,6 +4017,21 @@ unknown) esac + +# Check whether --with-crypto-library was given. +if test "${with_crypto_library+set}" = set; then : + withval=$with_crypto_library; + case "${withval}" in + openssl|polarssl) ;; + *) as_fn_error $? "bad value ${withval} for --with-crypto-library" "$LINENO" 5 ;; + esac + +else + with_crypto_library="openssl" + +fi + + ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' @@ -12719,6 +12746,8 @@ case $host in ;; esac +case "${with_crypto_library}" in + openssl) @@ -12836,6 +12865,119 @@ fi +$as_echo "#define USE_CRYPTO_OPENSSL 1" >>confdefs.h + + ;; + polarssl) + + + +# Check whether --with-polarssl was given. +if test "${with_polarssl+set}" = set; then : + withval=$with_polarssl; polarssl="$withval" + CFLAGS="$CFLAGS -I$withval/include" + LDFLAGS="$LDFLAGS -L$withval/lib" + +fi + + + +# Check whether --with-polarssl-include was given. +if test "${with_polarssl_include+set}" = set; then : + withval=$with_polarssl_include; polarssl_include="$withval" + CFLAGS="$CFLAGS -I$withval" + +fi + + + +# Check whether --with-polarssl-lib was given. +if test "${with_polarssl_lib+set}" = set; then : + withval=$with_polarssl_lib; polarssl_lib="$withval" + LDFLAGS="$LDFLAGS -L$withval" + +fi + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for cipher_init_ctx in -lpolarssl" >&5 +$as_echo_n "checking for cipher_init_ctx in -lpolarssl... " >&6; } +if ${ac_cv_lib_polarssl_cipher_init_ctx+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lpolarssl $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char cipher_init_ctx (); +int +main () +{ +return cipher_init_ctx (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_lib_polarssl_cipher_init_ctx=yes +else + ac_cv_lib_polarssl_cipher_init_ctx=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_polarssl_cipher_init_ctx" >&5 +$as_echo "$ac_cv_lib_polarssl_cipher_init_ctx" >&6; } +if test "x$ac_cv_lib_polarssl_cipher_init_ctx" = xyes; then : + LIBS="-lpolarssl $LIBS" +else + as_fn_error $? "PolarSSL libraries not found." "$LINENO" 5 + +fi + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking polarssl version" >&5 +$as_echo_n "checking polarssl version... " >&6; } + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include + +int +main () +{ + +#if POLARSSL_VERSION_NUMBER < 0x01020500 +#error invalid version +#endif + + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: result: ok" >&5 +$as_echo "ok" >&6; } +else + as_fn_error $? "PolarSSL 1.2.5 or newer required" "$LINENO" 5 + +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + + +$as_echo "#define USE_CRYPTO_POLARSSL 1" >>confdefs.h + + ;; +esac + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for C/C++ restrict keyword" >&5 $as_echo_n "checking for C/C++ restrict keyword... " >&6; } if ${ac_cv_c_restrict+:} false; then : diff --git a/configure.ac b/configure.ac index d3a30969..c8331f93 100755 --- a/configure.ac +++ b/configure.ac @@ -9,6 +9,19 @@ AC_CONFIG_HEADERS([config.h]) AM_INIT_AUTOMAKE([foreign -Wall -Werror]) m4_ifdef([AM_PROG_AR], [AM_PROG_AR]) +dnl Checks for crypto library +AC_ARG_WITH( + [crypto-library], + [AS_HELP_STRING([--with-crypto-library=library], [build with the given crypto library, TYPE=openssl|polarssl @<:@default=openssl@:>@])], + [ + case "${withval}" in + openssl|polarssl) ;; + *) AC_MSG_ERROR([bad value ${withval} for --with-crypto-library]) ;; + esac + ], + [with_crypto_library="openssl"] +) + dnl Checks for programs. AC_PROG_CC AC_PROG_INSTALL @@ -30,8 +43,17 @@ case $host in ;; esac -dnl Checks for openssl -ss_OPENSSL +dnl Checks for crypto library +case "${with_crypto_library}" in + openssl) + ss_OPENSSL + AC_DEFINE([USE_CRYPTO_OPENSSL], [1], [Use OpenSSL library]) + ;; + polarssl) + ss_POLARSSL + AC_DEFINE([USE_CRYPTO_POLARSSL], [1], [Use PolarSSL library]) + ;; +esac dnl Checks for inet_ntop ss_FUNC_INET_NTOP diff --git a/libasyncns/Makefile.in b/libasyncns/Makefile.in index 9306747e..3075d8dc 100644 --- a/libasyncns/Makefile.in +++ b/libasyncns/Makefile.in @@ -59,8 +59,8 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/acx_pthread.m4 \ $(top_srcdir)/m4/inet_ntop.m4 $(top_srcdir)/m4/libtool.m4 \ $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \ $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \ - $(top_srcdir)/m4/openssl.m4 $(top_srcdir)/libev/libev.m4 \ - $(top_srcdir)/configure.ac + $(top_srcdir)/m4/openssl.m4 $(top_srcdir)/m4/polarssl.m4 \ + $(top_srcdir)/libev/libev.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d diff --git a/libev/Makefile.in b/libev/Makefile.in index e8f3e655..18ec00ec 100644 --- a/libev/Makefile.in +++ b/libev/Makefile.in @@ -43,8 +43,8 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/acx_pthread.m4 \ $(top_srcdir)/m4/inet_ntop.m4 $(top_srcdir)/m4/libtool.m4 \ $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \ $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \ - $(top_srcdir)/m4/openssl.m4 $(top_srcdir)/libev/libev.m4 \ - $(top_srcdir)/configure.ac + $(top_srcdir)/m4/openssl.m4 $(top_srcdir)/m4/polarssl.m4 \ + $(top_srcdir)/libev/libev.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d diff --git a/m4/polarssl.m4 b/m4/polarssl.m4 new file mode 100644 index 00000000..6507efb6 --- /dev/null +++ b/m4/polarssl.m4 @@ -0,0 +1,45 @@ +dnl Check to find the PolarSSL headers/libraries + +AC_DEFUN([ss_POLARSSL], +[ + + AC_ARG_WITH(polarssl, + AS_HELP_STRING([--with-polarssl=DIR], [PolarSSL base directory, or:]), + [polarssl="$withval" + CFLAGS="$CFLAGS -I$withval/include" + LDFLAGS="$LDFLAGS -L$withval/lib"] + ) + + AC_ARG_WITH(polarssl-include, + AS_HELP_STRING([--with-polarssl-include=DIR], [PolarSSL headers directory (without trailing /polarssl)]), + [polarssl_include="$withval" + CFLAGS="$CFLAGS -I$withval"] + ) + + AC_ARG_WITH(polarssl-lib, + AS_HELP_STRING([--with-polarssl-lib=DIR], [PolarSSL library directory]), + [polarssl_lib="$withval" + LDFLAGS="$LDFLAGS -L$withval"] + ) + + AC_CHECK_LIB(polarssl, cipher_init_ctx, + [LIBS="-lpolarssl $LIBS"], + [AC_MSG_ERROR([PolarSSL libraries not found.])] + ) + + AC_MSG_CHECKING([polarssl version]) + AC_COMPILE_IFELSE( + [AC_LANG_PROGRAM( + [[ +#include + ]], + [[ +#if POLARSSL_VERSION_NUMBER < 0x01020500 +#error invalid version +#endif + ]] + )], + [AC_MSG_RESULT([ok])], + [AC_MSG_ERROR([PolarSSL 1.2.5 or newer required])] + ) +]) diff --git a/src/Makefile.in b/src/Makefile.in index a33766bf..55f44c78 100644 --- a/src/Makefile.in +++ b/src/Makefile.in @@ -45,8 +45,8 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/acx_pthread.m4 \ $(top_srcdir)/m4/inet_ntop.m4 $(top_srcdir)/m4/libtool.m4 \ $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \ $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \ - $(top_srcdir)/m4/openssl.m4 $(top_srcdir)/libev/libev.m4 \ - $(top_srcdir)/configure.ac + $(top_srcdir)/m4/openssl.m4 $(top_srcdir)/m4/polarssl.m4 \ + $(top_srcdir)/libev/libev.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d diff --git a/src/redir.c b/src/redir.c index ff254949..99e56af2 100644 --- a/src/redir.c +++ b/src/redir.c @@ -557,12 +557,12 @@ void free_server(struct server *server) } if (server->e_ctx != NULL) { - EVP_CIPHER_CTX_cleanup(&server->e_ctx->evp); + cipher_context_release(&server->e_ctx->evp); free(server->e_ctx); } if (server->d_ctx != NULL) { - EVP_CIPHER_CTX_cleanup(&server->d_ctx->evp); + cipher_context_release(&server->d_ctx->evp); free(server->d_ctx); } if (server->buf != NULL) diff --git a/src/server.c b/src/server.c index b7de0f90..befac8e1 100644 --- a/src/server.c +++ b/src/server.c @@ -830,12 +830,12 @@ void free_server(struct server *server) } if (server->e_ctx != NULL) { - EVP_CIPHER_CTX_cleanup(&server->e_ctx->evp); + cipher_context_release(&server->e_ctx->evp); free(server->e_ctx); } if (server->d_ctx != NULL) { - EVP_CIPHER_CTX_cleanup(&server->d_ctx->evp); + cipher_context_release(&server->d_ctx->evp); free(server->d_ctx); } if (server->buf != NULL)