mirror of
https://github.com/OpenVPN/openvpn.git
synced 2024-09-20 03:52:28 +02:00
Rename ALLOW_NON_CBC_CIPHERS to ENABLE_OFB_CFB_MODE, and add to configure.
Makes OFB/CFB compile time configurable, and fixes output of --show-ciphers to also show OFB/CFB ciphers along the way (becasue crypto.h was not included from crypto_openssl.c). Signed-off-by: Steffan Karger <steffan@karger.me> Acked-by: Arne Schwabe <arne@rfc2549.org> Message-Id: <1402244175-31462-2-git-send-email-steffan@karger.me> URL: http://article.gmane.org/gmane.network.openvpn.devel/8781 Signed-off-by: Gert Doering <gert@greenie.muc.de>
This commit is contained in:
parent
a637016ea3
commit
c353af2f47
@ -71,6 +71,13 @@ AC_ARG_ENABLE(
|
||||
[enable_crypto="yes"]
|
||||
)
|
||||
|
||||
AC_ARG_ENABLE(
|
||||
[ofb-cfb],
|
||||
[AS_HELP_STRING([--enable-ofb-cfb], [enable support for OFB and CFB cipher modes @<:@default=yes@:>@])],
|
||||
,
|
||||
[enable_crypto_ofb_cfb="yes"]
|
||||
)
|
||||
|
||||
AC_ARG_ENABLE(
|
||||
[ssl],
|
||||
[AS_HELP_STRING([--disable-ssl], [disable SSL support for TLS-based key exchange @<:@default=yes@:>@])],
|
||||
@ -1094,6 +1101,7 @@ fi
|
||||
|
||||
if test "${enable_crypto}" = "yes"; then
|
||||
test "${have_crypto_crypto}" != "yes" && AC_MSG_ERROR([${with_crypto_library} crypto is required but missing])
|
||||
test "${enable_crypto_ofb_cfb}" = "yes" && AC_DEFINE([ENABLE_OFB_CFB_MODE], [1], [Enable OFB and CFB cipher modes])
|
||||
OPTIONAL_CRYPTO_CFLAGS="${OPTIONAL_CRYPTO_CFLAGS} ${CRYPTO_CRYPTO_CFLAGS}"
|
||||
OPTIONAL_CRYPTO_LIBS="${OPTIONAL_CRYPTO_LIBS} ${CRYPTO_CRYPTO_LIBS}"
|
||||
AC_DEFINE([ENABLE_CRYPTO], [1], [Enable crypto library])
|
||||
|
@ -428,7 +428,7 @@ init_key_type (struct key_type *kt, const char *ciphername,
|
||||
{
|
||||
const unsigned int mode = cipher_kt_mode (kt->cipher);
|
||||
if (!(mode == OPENVPN_MODE_CBC
|
||||
#ifdef ALLOW_NON_CBC_CIPHERS
|
||||
#ifdef ENABLE_OFB_CFB_MODE
|
||||
|| (cfb_ofb_allowed && (mode == OPENVPN_MODE_CFB || mode == OPENVPN_MODE_OFB))
|
||||
#endif
|
||||
))
|
||||
|
@ -32,8 +32,6 @@
|
||||
|
||||
#ifdef ENABLE_CRYPTO
|
||||
|
||||
#define ALLOW_NON_CBC_CIPHERS
|
||||
|
||||
#include "crypto_backend.h"
|
||||
#include "basic.h"
|
||||
#include "buffer.h"
|
||||
|
@ -263,7 +263,7 @@ show_available_ciphers ()
|
||||
{
|
||||
const unsigned int mode = EVP_CIPHER_mode (cipher);
|
||||
if (mode == EVP_CIPH_CBC_MODE
|
||||
#ifdef ALLOW_NON_CBC_CIPHERS
|
||||
#ifdef ENABLE_OFB_CFB_MODE
|
||||
|| mode == EVP_CIPH_CFB_MODE || mode == EVP_CIPH_OFB_MODE
|
||||
#endif
|
||||
)
|
||||
|
Loading…
Reference in New Issue
Block a user