AM_CONDITIONAL(ENABLE_HTCP, [test "x$enable_htcp" = "xyes"])
AC_MSG_NOTICE([HTCP support enabled: $enable_htcp])
+# Cryptograhic libraries
+AC_ARG_WITH(nettle,
+ AS_HELP_STRING([--without-nettle],[Compile without the Nettle crypto library.]),[
+case "$with_nettle" in
+ yes|no)
+ : # Nothing special to do here
+ ;;
+ *)
+ if test ! -d "$withval" ; then
+ AC_MSG_ERROR([--with-nettle path does not point to a directory])
+ fi
+ NETTLELIBDIR="-L$with_nettle/lib"
+ CPPFLAGS="-I$with_nettle/include $CPPFLAGS"
+ with_nettle=yes
+ esac
+])
+if test "x$with_nettle" != "xno" ; then
+ AC_CHECK_LIB(nettle, nettle_md5_init,[
+ NETTLELIB="$NETTLELIBDIR -lnettle"
+ AC_CHECK_HEADERS(nettle/md5.h)
+ ],[with_nettle=no])
+fi
+AC_MSG_NOTICE([Using Nettle cryptographic library: ${with_nettle:=yes}])
+AC_SUBST(NETTLELIB)
# SSL is not enabled by default.
# Default is to use OpenSSL when available
])
SQUID_DEFINE_BOOL(USE_SSL,$enable_ssl,
[Define this to include code for SSL gatewaying support])
-AC_MSG_NOTICE([Using OpenSSL MD5 implementation: ${with_openssl:=no}])
-SQUID_DEFINE_BOOL(USE_OPENSSL,${with_openssl},
- [Define this to make use of the OpenSSL libraries for MD5 calculation rather than Squid-supplied MD5 implementation or if building with SSL encryption])
+AC_MSG_NOTICE([Using OpenSSL library: ${with_openssl:=no}])
if test "x$enable_ssl" = "xyes"; then
- if test "x$SSLLIB" = "x"; then
+ if test "x$SSLLIB" = "x" -a "x$with_nettle" = "xno"; then
SSLLIB="-lcrypto" # for MD5 routines
fi
# This is a workaround for RedHat 9 brain damage..
$(top_builddir)/lib/libmisccontainers.la \
$(top_builddir)/lib/libmiscencoding.la \
$(COMPAT_LIB) \
+ $(NETTLELIB) \
$(CRYPTLIB) \
$(SSLLIB) \
$(XTRA_LIBS)
basic_radius_auth_LDADD = \
$(top_builddir)/lib/libmiscencoding.la \
$(COMPAT_LIB) \
+ $(NETTLELIB) \
$(SSLLIB) \
$(XTRA_LIBS)
$(COMPAT_LIB) \
$(LDAPLIB) \
$(LBERLIB) \
+ $(NETTLELIB) \
$(CRYPTLIB) \
$(SSLLIB) \
$(XTRA_LIBS)
$(top_builddir)/lib/libmisccontainers.la \
$(top_builddir)/lib/libmiscencoding.la \
$(COMPAT_LIB) \
+ $(NETTLELIB) \
$(CRYPTLIB) \
$(SSLLIB) \
$(XTRA_LIBS)
negotiate_kerberos_auth_LDADD = \
$(top_builddir)/lib/libmiscencoding.la \
$(COMPAT_LIB) \
+ $(NETTLELIB) \
$(KRB5LIBS) \
$(XTRA_LIBS)
negotiate_kerberos_auth_test_LDADD = \
$(top_builddir)/lib/libmiscencoding.la \
$(COMPAT_LIB) \
+ $(NETTLELIB) \
$(KRB5LIBS) \
$(XTRA_LIBS)
negotiate_wrapper_auth_LDADD = \
$(top_builddir)/lib/libmiscencoding.la \
$(COMPAT_LIB) \
+ $(NETTLELIB) \
$(XTRA_LIBS)
$(top_builddir)/lib/ntlmauth/libntlmauth.la \
$(top_builddir)/lib/libmiscencoding.la \
$(COMPAT_LIB) \
+ $(NETTLELIB) \
$(CRYPTLIB) \
$(XTRA_LIBS)
$(top_builddir)/lib/ntlmauth/libntlmauth.la \
$(top_builddir)/lib/libmiscencoding.la \
$(COMPAT_LIB) \
+ $(NETTLELIB) \
$(CRYPTLIB) \
$(XTRA_LIBS)
#ifndef SQUID_MD5_H
#define SQUID_MD5_H
+#if HAVE_NETTLE_MD5_H
+#include <nettle/md5.h>
+
+typedef struct md5_ctx SquidMD5_CTX;
+
+#define SquidMD5Init(c) md5_init((c))
+#define SquidMD5Update(c,b,l) md5_update((c), (l), (const uint8_t *)(b))
+#define SquidMD5Final(d,c) md5_digest((c), MD5_DIGEST_SIZE, (uint8_t *)(d))
+
+#define SQUID_MD5_DIGEST_LENGTH MD5_DIGEST_SIZE
+
+#else
/*
* This is the header file for the MD5 message-digest algorithm.
* The algorithm is due to Ron Rivest. This code was
#define SQUID_MD5_DIGEST_LENGTH 16
+#endif /* HAVE_NETTLE_MD5_H */
+
#endif /* SQUID_MD5_H */
#include "squid.h"
#include "md5.h"
+#if !HAVE_NETTLE_MD5_H
+
#if HAVE_STRING_H
#include <string.h> /* for memcpy() */
#endif
}
#endif /* !ASM_MD5 */
+#endif /* HAVE_ETTLE_MD5_H */
$(DISK_LINKOBJS) \
$(REPL_OBJS) \
$(DISK_OS_LIBS) \
+ $(NETTLELIB) \
$(CRYPTLIB) \
$(REGEXLIB) \
$(ADAPTATION_LIBS) \
mgr/libmgr.la \
$(XTRA_OBJS) \
$(REPL_OBJS) \
+ $(NETTLELIB) \
$(CRYPTLIB) \
$(REGEXLIB) \
$(SSLLIB) \
$(top_builddir)/lib/libmiscutil.la \
$(SQUID_CPPUNIT_LIBS) \
$(SQUID_CPPUNIT_LA) \
+ $(NETTLELIB) \
$(SSLLIB) \
$(COMPAT_LIB) \
$(XTRA_LIBS)
$(top_builddir)/lib/libmiscencoding.la \
$(top_builddir)/lib/libmiscutil.la \
$(DISK_OS_LIBS) \
+ $(NETTLELIB) \
$(REGEXLIB) \
$(SQUID_CPPUNIT_LIBS) \
$(SSLLIB) \
$(top_builddir)/lib/libmisccontainers.la \
$(top_builddir)/lib/libmiscencoding.la \
$(top_builddir)/lib/libmiscutil.la \
+ $(NETTLELIB) \
$(REGEXLIB) \
$(SQUID_CPPUNIT_LIBS) \
$(SQUID_CPPUNIT_LA) \
$(top_builddir)/lib/libmisccontainers.la \
$(top_builddir)/lib/libmiscencoding.la \
$(top_builddir)/lib/libmiscutil.la \
+ $(NETTLELIB) \
$(REGEXLIB) \
$(SQUID_CPPUNIT_LIBS) \
$(SSLLIB) \
ipc/libipc.la \
mgr/libmgr.la \
$(SNMP_LIBS) \
+ $(NETTLELIB) \
$(REGEXLIB) \
$(SQUID_CPPUNIT_LIBS) \
$(SQUID_CPPUNIT_LA) \
ipc/libipc.la \
mgr/libmgr.la \
$(SNMP_LIBS) \
+ $(NETTLELIB) \
$(REGEXLIB) \
$(SQUID_CPPUNIT_LIBS) \
$(SQUID_CPPUNIT_LA) \
$(top_builddir)/lib/libmisccontainers.la \
$(top_builddir)/lib/libmiscencoding.la \
$(top_builddir)/lib/libmiscutil.la \
+ $(NETTLELIB) \
$(REGEXLIB) \
$(SQUID_CPPUNIT_LIBS) \
$(SQUID_CPPUNIT_LA) \
$(top_builddir)/lib/libmiscencoding.la \
$(top_builddir)/lib/libmiscutil.la \
$(DISK_OS_LIBS) \
+ $(NETTLELIB) \
$(REGEXLIB) \
$(SQUID_CPPUNIT_LIBS) \
$(SQUID_CPPUNIT_LA) \
$(top_builddir)/lib/libmisccontainers.la \
$(top_builddir)/lib/libmiscencoding.la \
$(top_builddir)/lib/libmiscutil.la \
+ $(NETTLELIB) \
$(REGEXLIB) \
$(SQUID_CPPUNIT_LIBS) \
$(SSLLIB) \
$(top_builddir)/lib/libmisccontainers.la \
$(top_builddir)/lib/libmiscencoding.la \
$(top_builddir)/lib/libmiscutil.la \
+ $(NETTLELIB) \
$(REGEXLIB) \
$(SQUID_CPPUNIT_LIBS) \
$(SSLLIB) \
$(top_builddir)/lib/libmisccontainers.la \
$(top_builddir)/lib/libmiscencoding.la \
$(top_builddir)/lib/libmiscutil.la \
+ $(NETTLELIB) \
$(REGEXLIB) \
$(SQUID_CPPUNIT_LIBS) \
$(SSLLIB) \
$(top_builddir)/lib/libmisccontainers.la \
$(top_builddir)/lib/libmiscencoding.la \
$(top_builddir)/lib/libmiscutil.la \
+ $(NETTLELIB) \
$(COMPAT_LIB) \
$(SQUID_CPPUNIT_LIBS) \
$(SQUID_CPPUNIT_LA) \
#define WCCP2_MASK_ASSIGNMENT 0x01
#define WCCP2_NONE_SECURITY_LEN 0
-#define WCCP2_MD5_SECURITY_LEN 16
+#define WCCP2_MD5_SECURITY_LEN SQUID_MD5_DIGEST_LENGTH // 16
/* Useful defines */
#define WCCP2_NUMPORTS 8
static char
wccp2_update_md5_security(char *password, char *ptr, char *packet, int len)
{
- uint8_t md5_digest[16];
+ uint8_t md5Digest[SQUID_MD5_DIGEST_LENGTH];
char pwd[WCCP2_PASSWORD_LEN];
SquidMD5_CTX M;
* including the WCCP message header. The WCCP security implementation
* area should be zero'ed before calculating the MD5 hash.
*/
- /* XXX eventually we should be able to kill md5_digest and blit it directly in */
+ /* XXX eventually we should be able to kill md5Digest and blit it directly in */
memset(ws->security_implementation, 0, sizeof(ws->security_implementation));
SquidMD5Init(&M);
SquidMD5Update(&M, packet, len);
- SquidMD5Final(md5_digest, &M);
+ SquidMD5Final(md5Digest, &M);
- memcpy(ws->security_implementation, md5_digest, sizeof(md5_digest));
+ memcpy(ws->security_implementation, md5Digest, sizeof(md5Digest));
/* Finished! */
return 1;
{
struct wccp2_security_md5_t *ws = (struct wccp2_security_md5_t *) security;
- uint8_t md5_digest[16], md5_challenge[16];
+ uint8_t md5Digest[SQUID_MD5_DIGEST_LENGTH], md5_challenge[SQUID_MD5_DIGEST_LENGTH];
char pwd[WCCP2_PASSWORD_LEN];
SquidMD5_CTX M;
pwd[sizeof(pwd) - 1] = '\0';
/* Take a copy of the challenge: we need to NUL it before comparing */
- memcpy(md5_challenge, ws->security_implementation, 16);
+ memcpy(md5_challenge, ws->security_implementation, sizeof(md5_challenge));
memset(ws->security_implementation, 0, sizeof(ws->security_implementation));
SquidMD5Update(&M, packet, len);
- SquidMD5Final(md5_digest, &M);
+ SquidMD5Final(md5Digest, &M);
- return (memcmp(md5_digest, md5_challenge, 16) == 0);
+ return (memcmp(md5Digest, md5_challenge, SQUID_MD5_DIGEST_LENGTH) == 0);
}
void
$(top_builddir)/lib/libmiscencoding.la \
$(top_builddir)/lib/libmiscutil.la \
$(COMPAT_LIB) \
+ $(NETTLELIB) \
$(KRB5LIBS) \
$(XTRA_LIBS)
$(top_builddir)/lib/libmiscencoding.la \
$(top_builddir)/lib/libmiscutil.la \
$(COMPAT_LIB) \
+ $(NETTLELIB) \
$(KRB5LIBS) \
$(XTRA_LIBS)
projects / thirdparty / squid.git / commitdiff
