Initial commit
This commit is contained in:
domenico
@@ -0,0 +1,10 @@
|
||||
--- a/src/openvpn/options.c
|
||||
+++ b/src/openvpn/options.c
|
||||
@@ -106,7 +106,6 @@ const char title_string[] =
|
||||
#ifdef HAVE_AEAD_CIPHER_MODES
|
||||
" [AEAD]"
|
||||
#endif
|
||||
- " built on " __DATE__
|
||||
;
|
||||
|
||||
#ifndef ENABLE_SMALL
|
||||
@@ -0,0 +1,11 @@
|
||||
--- a/src/openvpn/ssl_mbedtls.c
|
||||
+++ b/src/openvpn/ssl_mbedtls.c
|
||||
@@ -1406,7 +1406,7 @@ const char *
|
||||
get_ssl_library_version(void)
|
||||
{
|
||||
static char mbedtls_version[30];
|
||||
- unsigned int pv = mbedtls_version_get_number();
|
||||
+ unsigned int pv = MBEDTLS_VERSION_NUMBER;
|
||||
sprintf( mbedtls_version, "mbed TLS %d.%d.%d",
|
||||
(pv>>24)&0xff, (pv>>16)&0xff, (pv>>8)&0xff );
|
||||
return mbedtls_version;
|
||||
@@ -0,0 +1,74 @@
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -1078,68 +1078,15 @@ dnl
|
||||
AC_ARG_VAR([LZ4_CFLAGS], [C compiler flags for lz4])
|
||||
AC_ARG_VAR([LZ4_LIBS], [linker flags for lz4])
|
||||
if test "$enable_lz4" = "yes" && test "$enable_comp_stub" = "no"; then
|
||||
- if test -z "${LZ4_CFLAGS}" -a -z "${LZ4_LIBS}"; then
|
||||
- # if the user did not explicitly specify flags, try to autodetect
|
||||
- PKG_CHECK_MODULES([LZ4],
|
||||
- [liblz4 >= 1.7.1 liblz4 < 100],
|
||||
- [have_lz4="yes"],
|
||||
- [LZ4_LIBS="-llz4"] # If this fails, we will do another test next.
|
||||
- # We also add set LZ4_LIBS otherwise the
|
||||
- # linker will not know about the lz4 library
|
||||
- )
|
||||
- fi
|
||||
|
||||
saved_CFLAGS="${CFLAGS}"
|
||||
saved_LIBS="${LIBS}"
|
||||
CFLAGS="${CFLAGS} ${LZ4_CFLAGS}"
|
||||
LIBS="${LIBS} ${LZ4_LIBS}"
|
||||
|
||||
- # If pkgconfig check failed or LZ4_CFLAGS/LZ4_LIBS env vars
|
||||
- # are used, check the version directly in the LZ4 include file
|
||||
- if test "${have_lz4}" != "yes"; then
|
||||
- AC_CHECK_HEADERS([lz4.h],
|
||||
- [have_lz4h="yes"],
|
||||
- [])
|
||||
-
|
||||
- if test "${have_lz4h}" = "yes" ; then
|
||||
- AC_MSG_CHECKING([additionally if system LZ4 version >= 1.7.1])
|
||||
- AC_COMPILE_IFELSE(
|
||||
- [AC_LANG_PROGRAM([[
|
||||
-#include <lz4.h>
|
||||
- ]],
|
||||
- [[
|
||||
-/* Version encoding: MMNNPP (Major miNor Patch) - see lz4.h for details */
|
||||
-#if LZ4_VERSION_NUMBER < 10701L
|
||||
-#error LZ4 is too old
|
||||
-#endif
|
||||
- ]]
|
||||
- )],
|
||||
- [
|
||||
- AC_MSG_RESULT([ok])
|
||||
- have_lz4="yes"
|
||||
- ],
|
||||
- [AC_MSG_RESULT([system LZ4 library is too old])]
|
||||
- )
|
||||
- fi
|
||||
- fi
|
||||
-
|
||||
- # Double check we have a few needed functions
|
||||
- if test "${have_lz4}" = "yes" ; then
|
||||
- AC_CHECK_LIB([lz4],
|
||||
- [LZ4_compress_default],
|
||||
- [],
|
||||
- [have_lz4="no"])
|
||||
- AC_CHECK_LIB([lz4],
|
||||
- [LZ4_decompress_safe],
|
||||
- [],
|
||||
- [have_lz4="no"])
|
||||
- fi
|
||||
-
|
||||
- if test "${have_lz4}" != "yes" ; then
|
||||
- AC_MSG_RESULT([ usable LZ4 library or header not found, using version in src/compat/compat-lz4.*])
|
||||
- AC_DEFINE([NEED_COMPAT_LZ4], [1], [use copy of LZ4 source in compat/])
|
||||
- LZ4_LIBS=""
|
||||
- fi
|
||||
+ AC_MSG_RESULT([ usable LZ4 library or header not found, using version in src/compat/compat-lz4.*])
|
||||
+ AC_DEFINE([NEED_COMPAT_LZ4], [1], [use copy of LZ4 source in compat/])
|
||||
+ LZ4_LIBS=""
|
||||
OPTIONAL_LZ4_CFLAGS="${LZ4_CFLAGS}"
|
||||
OPTIONAL_LZ4_LIBS="${LZ4_LIBS}"
|
||||
AC_DEFINE(ENABLE_LZ4, [1], [Enable LZ4 compression library])
|
||||
@@ -0,0 +1,81 @@
|
||||
--- a/src/openvpn/syshead.h
|
||||
+++ b/src/openvpn/syshead.h
|
||||
@@ -597,11 +597,11 @@ socket_defined(const socket_descriptor_t
|
||||
/*
|
||||
* Should we include NTLM proxy functionality
|
||||
*/
|
||||
-#if defined(ENABLE_CRYPTO)
|
||||
-#define NTLM 1
|
||||
-#else
|
||||
+//#if defined(ENABLE_CRYPTO)
|
||||
+//#define NTLM 1
|
||||
+//#else
|
||||
#define NTLM 0
|
||||
-#endif
|
||||
+//#endif
|
||||
|
||||
/*
|
||||
* Should we include proxy digest auth functionality
|
||||
--- a/src/openvpn/crypto_mbedtls.c
|
||||
+++ b/src/openvpn/crypto_mbedtls.c
|
||||
@@ -319,6 +319,7 @@ int
|
||||
key_des_num_cblocks(const mbedtls_cipher_info_t *kt)
|
||||
{
|
||||
int ret = 0;
|
||||
+#ifdef MBEDTLS_DES_C
|
||||
if (kt->type == MBEDTLS_CIPHER_DES_CBC)
|
||||
{
|
||||
ret = 1;
|
||||
@@ -331,6 +332,7 @@ key_des_num_cblocks(const mbedtls_cipher
|
||||
{
|
||||
ret = 3;
|
||||
}
|
||||
+#endif
|
||||
|
||||
dmsg(D_CRYPTO_DEBUG, "CRYPTO INFO: n_DES_cblocks=%d", ret);
|
||||
return ret;
|
||||
@@ -339,6 +341,7 @@ key_des_num_cblocks(const mbedtls_cipher
|
||||
bool
|
||||
key_des_check(uint8_t *key, int key_len, int ndc)
|
||||
{
|
||||
+#ifdef MBEDTLS_DES_C
|
||||
int i;
|
||||
struct buffer b;
|
||||
|
||||
@@ -367,11 +370,15 @@ key_des_check(uint8_t *key, int key_len,
|
||||
|
||||
err:
|
||||
return false;
|
||||
+#else
|
||||
+ return true;
|
||||
+#endif
|
||||
}
|
||||
|
||||
void
|
||||
key_des_fixup(uint8_t *key, int key_len, int ndc)
|
||||
{
|
||||
+#ifdef MBEDTLS_DES_C
|
||||
int i;
|
||||
struct buffer b;
|
||||
|
||||
@@ -386,6 +393,7 @@ key_des_fixup(uint8_t *key, int key_len,
|
||||
}
|
||||
mbedtls_des_key_set_parity(key);
|
||||
}
|
||||
+#endif
|
||||
}
|
||||
|
||||
/*
|
||||
@@ -710,10 +718,12 @@ cipher_des_encrypt_ecb(const unsigned ch
|
||||
unsigned char *src,
|
||||
unsigned char *dst)
|
||||
{
|
||||
+#ifdef MBEDTLS_DES_C
|
||||
mbedtls_des_context ctx;
|
||||
|
||||
ASSERT(mbed_ok(mbedtls_des_setkey_enc(&ctx, key)));
|
||||
ASSERT(mbed_ok(mbedtls_des_crypt_ecb(&ctx, src, dst)));
|
||||
+#endif
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user