use the OpenSSL AES implementation if it's available (unless configured not to)
git-svn-id: http://svn.digium.com/svn/asterisk/trunk@66071 f38db490-d61c-443f-a65b-d21fe96a405b
This commit is contained in:
parent
fb966a66a6
commit
13417b262f
|
@ -26,6 +26,7 @@ SPEEX=@PBX_SPEEX@
|
||||||
SQLITE=@PBX_SQLITE@
|
SQLITE=@PBX_SQLITE@
|
||||||
SQLITE3=@PBX_SQLITE3@
|
SQLITE3=@PBX_SQLITE3@
|
||||||
SSL=@PBX_OPENSSL@
|
SSL=@PBX_OPENSSL@
|
||||||
|
CRYPTO=@PBX_CRYPTO@
|
||||||
TONEZONE=@PBX_TONEZONE@
|
TONEZONE=@PBX_TONEZONE@
|
||||||
UNIXODBC=@PBX_UNIXODBC@
|
UNIXODBC=@PBX_UNIXODBC@
|
||||||
VORBIS=@PBX_VORBIS@
|
VORBIS=@PBX_VORBIS@
|
||||||
|
|
|
@ -30,6 +30,7 @@
|
||||||
|
|
||||||
/*** MODULEINFO
|
/*** MODULEINFO
|
||||||
<use>zaptel</use>
|
<use>zaptel</use>
|
||||||
|
<use>crypto</use>
|
||||||
***/
|
***/
|
||||||
|
|
||||||
#include "asterisk.h"
|
#include "asterisk.h"
|
||||||
|
@ -594,9 +595,9 @@ struct chan_iax2_pvt {
|
||||||
/*! permitted encryption methods */
|
/*! permitted encryption methods */
|
||||||
int encmethods;
|
int encmethods;
|
||||||
/*! Encryption AES-128 Key */
|
/*! Encryption AES-128 Key */
|
||||||
aes_encrypt_ctx ecx;
|
ast_aes_encrypt_key ecx;
|
||||||
/*! Decryption AES-128 Key */
|
/*! Decryption AES-128 Key */
|
||||||
aes_decrypt_ctx dcx;
|
ast_aes_decrypt_key dcx;
|
||||||
/*! 32 bytes of semi-random data */
|
/*! 32 bytes of semi-random data */
|
||||||
unsigned char semirand[32];
|
unsigned char semirand[32];
|
||||||
/*! Associated registry */
|
/*! Associated registry */
|
||||||
|
@ -615,8 +616,8 @@ struct chan_iax2_pvt {
|
||||||
struct sockaddr_in transfer;
|
struct sockaddr_in transfer;
|
||||||
/*! What's the new call number for the transfer */
|
/*! What's the new call number for the transfer */
|
||||||
unsigned short transfercallno;
|
unsigned short transfercallno;
|
||||||
/*! Transfer decrypt AES-128 Key */
|
/*! Transfer encrypt AES-128 Key */
|
||||||
aes_encrypt_ctx tdcx;
|
ast_aes_encrypt_key tdcx;
|
||||||
|
|
||||||
/*! Status of knowledge of peer ADSI capability */
|
/*! Status of knowledge of peer ADSI capability */
|
||||||
int peeradsicpe;
|
int peeradsicpe;
|
||||||
|
@ -3804,13 +3805,13 @@ static int iax2_trunk_queue(struct chan_iax2_pvt *pvt, struct iax_frame *fr)
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
static void build_enc_keys(const unsigned char *digest, aes_encrypt_ctx *ecx, aes_decrypt_ctx *dcx)
|
static void build_enc_keys(const unsigned char *digest, ast_aes_encrypt_key *ecx, ast_aes_decrypt_key *dcx)
|
||||||
{
|
{
|
||||||
aes_encrypt_key128(digest, ecx);
|
ast_aes_encrypt_key(digest, ecx);
|
||||||
aes_decrypt_key128(digest, dcx);
|
ast_aes_decrypt_key(digest, dcx);
|
||||||
}
|
}
|
||||||
|
|
||||||
static void memcpy_decrypt(unsigned char *dst, const unsigned char *src, int len, aes_decrypt_ctx *dcx)
|
static void memcpy_decrypt(unsigned char *dst, const unsigned char *src, int len, ast_aes_decrypt_key *dcx)
|
||||||
{
|
{
|
||||||
#if 0
|
#if 0
|
||||||
/* Debug with "fake encryption" */
|
/* Debug with "fake encryption" */
|
||||||
|
@ -3823,7 +3824,7 @@ static void memcpy_decrypt(unsigned char *dst, const unsigned char *src, int len
|
||||||
unsigned char lastblock[16] = { 0 };
|
unsigned char lastblock[16] = { 0 };
|
||||||
int x;
|
int x;
|
||||||
while(len > 0) {
|
while(len > 0) {
|
||||||
aes_decrypt(src, dst, dcx);
|
ast_aes_decrypt(src, dst, dcx);
|
||||||
for (x=0;x<16;x++)
|
for (x=0;x<16;x++)
|
||||||
dst[x] ^= lastblock[x];
|
dst[x] ^= lastblock[x];
|
||||||
memcpy(lastblock, src, sizeof(lastblock));
|
memcpy(lastblock, src, sizeof(lastblock));
|
||||||
|
@ -3834,7 +3835,7 @@ static void memcpy_decrypt(unsigned char *dst, const unsigned char *src, int len
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
static void memcpy_encrypt(unsigned char *dst, const unsigned char *src, int len, aes_encrypt_ctx *ecx)
|
static void memcpy_encrypt(unsigned char *dst, const unsigned char *src, int len, ast_aes_encrypt_key *ecx)
|
||||||
{
|
{
|
||||||
#if 0
|
#if 0
|
||||||
/* Debug with "fake encryption" */
|
/* Debug with "fake encryption" */
|
||||||
|
@ -3849,7 +3850,7 @@ static void memcpy_encrypt(unsigned char *dst, const unsigned char *src, int len
|
||||||
while(len > 0) {
|
while(len > 0) {
|
||||||
for (x=0;x<16;x++)
|
for (x=0;x<16;x++)
|
||||||
curblock[x] ^= src[x];
|
curblock[x] ^= src[x];
|
||||||
aes_encrypt(curblock, dst, ecx);
|
ast_aes_encrypt(curblock, dst, ecx);
|
||||||
memcpy(curblock, dst, sizeof(curblock));
|
memcpy(curblock, dst, sizeof(curblock));
|
||||||
dst += 16;
|
dst += 16;
|
||||||
src += 16;
|
src += 16;
|
||||||
|
@ -3858,7 +3859,7 @@ static void memcpy_encrypt(unsigned char *dst, const unsigned char *src, int len
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
static int decode_frame(aes_decrypt_ctx *dcx, struct ast_iax2_full_hdr *fh, struct ast_frame *f, int *datalen)
|
static int decode_frame(ast_aes_decrypt_key *dcx, struct ast_iax2_full_hdr *fh, struct ast_frame *f, int *datalen)
|
||||||
{
|
{
|
||||||
int padding;
|
int padding;
|
||||||
unsigned char *workspace;
|
unsigned char *workspace;
|
||||||
|
@ -3903,7 +3904,7 @@ static int decode_frame(aes_decrypt_ctx *dcx, struct ast_iax2_full_hdr *fh, stru
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int encrypt_frame(aes_encrypt_ctx *ecx, struct ast_iax2_full_hdr *fh, unsigned char *poo, int *datalen)
|
static int encrypt_frame(ast_aes_encrypt_key *ecx, struct ast_iax2_full_hdr *fh, unsigned char *poo, int *datalen)
|
||||||
{
|
{
|
||||||
int padding;
|
int padding;
|
||||||
unsigned char *workspace;
|
unsigned char *workspace;
|
||||||
|
@ -5262,7 +5263,7 @@ static int register_verify(int callno, struct sockaddr_in *sin, struct iax_ies *
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
static int authenticate(const char *challenge, const char *secret, const char *keyn, int authmethods, struct iax_ie_data *ied, struct sockaddr_in *sin, aes_encrypt_ctx *ecx, aes_decrypt_ctx *dcx)
|
static int authenticate(const char *challenge, const char *secret, const char *keyn, int authmethods, struct iax_ie_data *ied, struct sockaddr_in *sin, ast_aes_encrypt_key *ecx, ast_aes_decrypt_key *dcx)
|
||||||
{
|
{
|
||||||
int res = -1;
|
int res = -1;
|
||||||
int x;
|
int x;
|
||||||
|
|
|
@ -737,6 +737,10 @@ CURSES_LIB
|
||||||
CURSES_INCLUDE
|
CURSES_INCLUDE
|
||||||
CURSES_DIR
|
CURSES_DIR
|
||||||
PBX_CURSES
|
PBX_CURSES
|
||||||
|
CRYPTO_LIB
|
||||||
|
CRYPTO_INCLUDE
|
||||||
|
CRYPTO_DIR
|
||||||
|
PBX_CRYPTO
|
||||||
GNUTLS_LIB
|
GNUTLS_LIB
|
||||||
GNUTLS_INCLUDE
|
GNUTLS_INCLUDE
|
||||||
GNUTLS_DIR
|
GNUTLS_DIR
|
||||||
|
@ -1521,6 +1525,7 @@ Optional Packages:
|
||||||
--with-cap=PATH use POSIX 1.e capabilities files in PATH
|
--with-cap=PATH use POSIX 1.e capabilities files in PATH
|
||||||
--with-curl=PATH use cURL files in PATH
|
--with-curl=PATH use cURL files in PATH
|
||||||
--with-curses=PATH use curses files in PATH
|
--with-curses=PATH use curses files in PATH
|
||||||
|
--with-crypto=PATH use OpenSSL Cryptography Support files in PATH
|
||||||
--with-gnutls=PATH use GNU TLS support (used for iksemel only) files in
|
--with-gnutls=PATH use GNU TLS support (used for iksemel only) files in
|
||||||
PATH
|
PATH
|
||||||
--with-gsm=PATH use GSM files in PATH , or 'internal'
|
--with-gsm=PATH use GSM files in PATH , or 'internal'
|
||||||
|
@ -7784,6 +7789,34 @@ PBX_CURSES=0
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
CRYPTO_DESCRIP="OpenSSL Cryptography Support"
|
||||||
|
CRYPTO_OPTION="crypto"
|
||||||
|
|
||||||
|
# Check whether --with-crypto was given.
|
||||||
|
if test "${with_crypto+set}" = set; then
|
||||||
|
withval=$with_crypto;
|
||||||
|
case ${withval} in
|
||||||
|
n|no)
|
||||||
|
USE_CRYPTO=no
|
||||||
|
;;
|
||||||
|
y|ye|yes)
|
||||||
|
ac_mandatory_list="${ac_mandatory_list} CRYPTO"
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
CRYPTO_DIR="${withval}"
|
||||||
|
ac_mandatory_list="${ac_mandatory_list} CRYPTO"
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
fi
|
||||||
|
|
||||||
|
PBX_CRYPTO=0
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
GNUTLS_DESCRIP="GNU TLS support (used for iksemel only)"
|
GNUTLS_DESCRIP="GNU TLS support (used for iksemel only)"
|
||||||
GNUTLS_OPTION="gnutls"
|
GNUTLS_OPTION="gnutls"
|
||||||
|
|
||||||
|
@ -29239,6 +29272,399 @@ fi
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
if test "x${PBX_CRYPTO}" != "x1" -a "${USE_CRYPTO}" != "no"; then
|
||||||
|
pbxlibdir=""
|
||||||
|
if test "x${CRYPTO_DIR}" != "x"; then
|
||||||
|
if test -d ${CRYPTO_DIR}/lib; then
|
||||||
|
pbxlibdir="-L${CRYPTO_DIR}/lib"
|
||||||
|
else
|
||||||
|
pbxlibdir="-L${CRYPTO_DIR}"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
pbxfuncname="AES_encrypt"
|
||||||
|
if test "x${pbxfuncname}" = "x" ; then # empty lib, assume only headers
|
||||||
|
AST_CRYPTO_FOUND=yes
|
||||||
|
else
|
||||||
|
as_ac_Lib=`echo "ac_cv_lib_crypto_${pbxfuncname}" | $as_tr_sh`
|
||||||
|
{ echo "$as_me:$LINENO: checking for ${pbxfuncname} in -lcrypto" >&5
|
||||||
|
echo $ECHO_N "checking for ${pbxfuncname} in -lcrypto... $ECHO_C" >&6; }
|
||||||
|
if { as_var=$as_ac_Lib; eval "test \"\${$as_var+set}\" = set"; }; then
|
||||||
|
echo $ECHO_N "(cached) $ECHO_C" >&6
|
||||||
|
else
|
||||||
|
ac_check_lib_save_LIBS=$LIBS
|
||||||
|
LIBS="-lcrypto ${pbxlibdir} $LIBS"
|
||||||
|
cat >conftest.$ac_ext <<_ACEOF
|
||||||
|
/* confdefs.h. */
|
||||||
|
_ACEOF
|
||||||
|
cat confdefs.h >>conftest.$ac_ext
|
||||||
|
cat >>conftest.$ac_ext <<_ACEOF
|
||||||
|
/* end confdefs.h. */
|
||||||
|
|
||||||
|
/* Override any GCC internal prototype to avoid an error.
|
||||||
|
Use char because int might match the return type of a GCC
|
||||||
|
builtin and then its argument prototype would still apply. */
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C"
|
||||||
|
#endif
|
||||||
|
char ${pbxfuncname} ();
|
||||||
|
int
|
||||||
|
main ()
|
||||||
|
{
|
||||||
|
return ${pbxfuncname} ();
|
||||||
|
;
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
_ACEOF
|
||||||
|
rm -f conftest.$ac_objext conftest$ac_exeext
|
||||||
|
if { (ac_try="$ac_link"
|
||||||
|
case "(($ac_try" in
|
||||||
|
*\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
|
||||||
|
*) ac_try_echo=$ac_try;;
|
||||||
|
esac
|
||||||
|
eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
|
||||||
|
(eval "$ac_link") 2>conftest.er1
|
||||||
|
ac_status=$?
|
||||||
|
grep -v '^ *+' conftest.er1 >conftest.err
|
||||||
|
rm -f conftest.er1
|
||||||
|
cat conftest.err >&5
|
||||||
|
echo "$as_me:$LINENO: \$? = $ac_status" >&5
|
||||||
|
(exit $ac_status); } && {
|
||||||
|
test -z "$ac_c_werror_flag" ||
|
||||||
|
test ! -s conftest.err
|
||||||
|
} && test -s conftest$ac_exeext &&
|
||||||
|
$as_test_x conftest$ac_exeext; then
|
||||||
|
eval "$as_ac_Lib=yes"
|
||||||
|
else
|
||||||
|
echo "$as_me: failed program was:" >&5
|
||||||
|
sed 's/^/| /' conftest.$ac_ext >&5
|
||||||
|
|
||||||
|
eval "$as_ac_Lib=no"
|
||||||
|
fi
|
||||||
|
|
||||||
|
rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
|
||||||
|
conftest$ac_exeext conftest.$ac_ext
|
||||||
|
LIBS=$ac_check_lib_save_LIBS
|
||||||
|
fi
|
||||||
|
ac_res=`eval echo '${'$as_ac_Lib'}'`
|
||||||
|
{ echo "$as_me:$LINENO: result: $ac_res" >&5
|
||||||
|
echo "${ECHO_T}$ac_res" >&6; }
|
||||||
|
if test `eval echo '${'$as_ac_Lib'}'` = yes; then
|
||||||
|
AST_CRYPTO_FOUND=yes
|
||||||
|
else
|
||||||
|
AST_CRYPTO_FOUND=no
|
||||||
|
fi
|
||||||
|
|
||||||
|
fi
|
||||||
|
|
||||||
|
if test "${AST_CRYPTO_FOUND}" = "yes"; then
|
||||||
|
CRYPTO_LIB="-lcrypto "
|
||||||
|
CRYPTO_HEADER_FOUND="1"
|
||||||
|
if test "x${CRYPTO_DIR}" != "x"; then
|
||||||
|
CRYPTO_LIB="${pbxlibdir} ${CRYPTO_LIB}"
|
||||||
|
CRYPTO_INCLUDE="-I${CRYPTO_DIR}/include"
|
||||||
|
saved_cppflags="${CPPFLAGS}"
|
||||||
|
CPPFLAGS="${CPPFLAGS} -I${CRYPTO_DIR}/include"
|
||||||
|
if test "xopenssl/aes.h" != "x" ; then
|
||||||
|
as_ac_Header=`echo "ac_cv_header_${CRYPTO_DIR}/include/openssl/aes.h" | $as_tr_sh`
|
||||||
|
if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
|
||||||
|
{ echo "$as_me:$LINENO: checking for ${CRYPTO_DIR}/include/openssl/aes.h" >&5
|
||||||
|
echo $ECHO_N "checking for ${CRYPTO_DIR}/include/openssl/aes.h... $ECHO_C" >&6; }
|
||||||
|
if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
|
||||||
|
echo $ECHO_N "(cached) $ECHO_C" >&6
|
||||||
|
fi
|
||||||
|
ac_res=`eval echo '${'$as_ac_Header'}'`
|
||||||
|
{ echo "$as_me:$LINENO: result: $ac_res" >&5
|
||||||
|
echo "${ECHO_T}$ac_res" >&6; }
|
||||||
|
else
|
||||||
|
# Is the header compilable?
|
||||||
|
{ echo "$as_me:$LINENO: checking ${CRYPTO_DIR}/include/openssl/aes.h usability" >&5
|
||||||
|
echo $ECHO_N "checking ${CRYPTO_DIR}/include/openssl/aes.h usability... $ECHO_C" >&6; }
|
||||||
|
cat >conftest.$ac_ext <<_ACEOF
|
||||||
|
/* confdefs.h. */
|
||||||
|
_ACEOF
|
||||||
|
cat confdefs.h >>conftest.$ac_ext
|
||||||
|
cat >>conftest.$ac_ext <<_ACEOF
|
||||||
|
/* end confdefs.h. */
|
||||||
|
$ac_includes_default
|
||||||
|
#include <${CRYPTO_DIR}/include/openssl/aes.h>
|
||||||
|
_ACEOF
|
||||||
|
rm -f conftest.$ac_objext
|
||||||
|
if { (ac_try="$ac_compile"
|
||||||
|
case "(($ac_try" in
|
||||||
|
*\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
|
||||||
|
*) ac_try_echo=$ac_try;;
|
||||||
|
esac
|
||||||
|
eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
|
||||||
|
(eval "$ac_compile") 2>conftest.er1
|
||||||
|
ac_status=$?
|
||||||
|
grep -v '^ *+' conftest.er1 >conftest.err
|
||||||
|
rm -f conftest.er1
|
||||||
|
cat conftest.err >&5
|
||||||
|
echo "$as_me:$LINENO: \$? = $ac_status" >&5
|
||||||
|
(exit $ac_status); } && {
|
||||||
|
test -z "$ac_c_werror_flag" ||
|
||||||
|
test ! -s conftest.err
|
||||||
|
} && test -s conftest.$ac_objext; then
|
||||||
|
ac_header_compiler=yes
|
||||||
|
else
|
||||||
|
echo "$as_me: failed program was:" >&5
|
||||||
|
sed 's/^/| /' conftest.$ac_ext >&5
|
||||||
|
|
||||||
|
ac_header_compiler=no
|
||||||
|
fi
|
||||||
|
|
||||||
|
rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
|
||||||
|
{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
|
||||||
|
echo "${ECHO_T}$ac_header_compiler" >&6; }
|
||||||
|
|
||||||
|
# Is the header present?
|
||||||
|
{ echo "$as_me:$LINENO: checking ${CRYPTO_DIR}/include/openssl/aes.h presence" >&5
|
||||||
|
echo $ECHO_N "checking ${CRYPTO_DIR}/include/openssl/aes.h presence... $ECHO_C" >&6; }
|
||||||
|
cat >conftest.$ac_ext <<_ACEOF
|
||||||
|
/* confdefs.h. */
|
||||||
|
_ACEOF
|
||||||
|
cat confdefs.h >>conftest.$ac_ext
|
||||||
|
cat >>conftest.$ac_ext <<_ACEOF
|
||||||
|
/* end confdefs.h. */
|
||||||
|
#include <${CRYPTO_DIR}/include/openssl/aes.h>
|
||||||
|
_ACEOF
|
||||||
|
if { (ac_try="$ac_cpp conftest.$ac_ext"
|
||||||
|
case "(($ac_try" in
|
||||||
|
*\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
|
||||||
|
*) ac_try_echo=$ac_try;;
|
||||||
|
esac
|
||||||
|
eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
|
||||||
|
(eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1
|
||||||
|
ac_status=$?
|
||||||
|
grep -v '^ *+' conftest.er1 >conftest.err
|
||||||
|
rm -f conftest.er1
|
||||||
|
cat conftest.err >&5
|
||||||
|
echo "$as_me:$LINENO: \$? = $ac_status" >&5
|
||||||
|
(exit $ac_status); } >/dev/null && {
|
||||||
|
test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" ||
|
||||||
|
test ! -s conftest.err
|
||||||
|
}; then
|
||||||
|
ac_header_preproc=yes
|
||||||
|
else
|
||||||
|
echo "$as_me: failed program was:" >&5
|
||||||
|
sed 's/^/| /' conftest.$ac_ext >&5
|
||||||
|
|
||||||
|
ac_header_preproc=no
|
||||||
|
fi
|
||||||
|
|
||||||
|
rm -f conftest.err conftest.$ac_ext
|
||||||
|
{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
|
||||||
|
echo "${ECHO_T}$ac_header_preproc" >&6; }
|
||||||
|
|
||||||
|
# So? What about this header?
|
||||||
|
case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
|
||||||
|
yes:no: )
|
||||||
|
{ echo "$as_me:$LINENO: WARNING: ${CRYPTO_DIR}/include/openssl/aes.h: accepted by the compiler, rejected by the preprocessor!" >&5
|
||||||
|
echo "$as_me: WARNING: ${CRYPTO_DIR}/include/openssl/aes.h: accepted by the compiler, rejected by the preprocessor!" >&2;}
|
||||||
|
{ echo "$as_me:$LINENO: WARNING: ${CRYPTO_DIR}/include/openssl/aes.h: proceeding with the compiler's result" >&5
|
||||||
|
echo "$as_me: WARNING: ${CRYPTO_DIR}/include/openssl/aes.h: proceeding with the compiler's result" >&2;}
|
||||||
|
ac_header_preproc=yes
|
||||||
|
;;
|
||||||
|
no:yes:* )
|
||||||
|
{ echo "$as_me:$LINENO: WARNING: ${CRYPTO_DIR}/include/openssl/aes.h: present but cannot be compiled" >&5
|
||||||
|
echo "$as_me: WARNING: ${CRYPTO_DIR}/include/openssl/aes.h: present but cannot be compiled" >&2;}
|
||||||
|
{ echo "$as_me:$LINENO: WARNING: ${CRYPTO_DIR}/include/openssl/aes.h: check for missing prerequisite headers?" >&5
|
||||||
|
echo "$as_me: WARNING: ${CRYPTO_DIR}/include/openssl/aes.h: check for missing prerequisite headers?" >&2;}
|
||||||
|
{ echo "$as_me:$LINENO: WARNING: ${CRYPTO_DIR}/include/openssl/aes.h: see the Autoconf documentation" >&5
|
||||||
|
echo "$as_me: WARNING: ${CRYPTO_DIR}/include/openssl/aes.h: see the Autoconf documentation" >&2;}
|
||||||
|
{ echo "$as_me:$LINENO: WARNING: ${CRYPTO_DIR}/include/openssl/aes.h: section \"Present But Cannot Be Compiled\"" >&5
|
||||||
|
echo "$as_me: WARNING: ${CRYPTO_DIR}/include/openssl/aes.h: section \"Present But Cannot Be Compiled\"" >&2;}
|
||||||
|
{ echo "$as_me:$LINENO: WARNING: ${CRYPTO_DIR}/include/openssl/aes.h: proceeding with the preprocessor's result" >&5
|
||||||
|
echo "$as_me: WARNING: ${CRYPTO_DIR}/include/openssl/aes.h: proceeding with the preprocessor's result" >&2;}
|
||||||
|
{ echo "$as_me:$LINENO: WARNING: ${CRYPTO_DIR}/include/openssl/aes.h: in the future, the compiler will take precedence" >&5
|
||||||
|
echo "$as_me: WARNING: ${CRYPTO_DIR}/include/openssl/aes.h: in the future, the compiler will take precedence" >&2;}
|
||||||
|
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
{ echo "$as_me:$LINENO: checking for ${CRYPTO_DIR}/include/openssl/aes.h" >&5
|
||||||
|
echo $ECHO_N "checking for ${CRYPTO_DIR}/include/openssl/aes.h... $ECHO_C" >&6; }
|
||||||
|
if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
|
||||||
|
echo $ECHO_N "(cached) $ECHO_C" >&6
|
||||||
|
else
|
||||||
|
eval "$as_ac_Header=\$ac_header_preproc"
|
||||||
|
fi
|
||||||
|
ac_res=`eval echo '${'$as_ac_Header'}'`
|
||||||
|
{ echo "$as_me:$LINENO: result: $ac_res" >&5
|
||||||
|
echo "${ECHO_T}$ac_res" >&6; }
|
||||||
|
|
||||||
|
fi
|
||||||
|
if test `eval echo '${'$as_ac_Header'}'` = yes; then
|
||||||
|
CRYPTO_HEADER_FOUND=1
|
||||||
|
else
|
||||||
|
CRYPTO_HEADER_FOUND=0
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
fi
|
||||||
|
CPPFLAGS="${saved_cppflags}"
|
||||||
|
else
|
||||||
|
if test "xopenssl/aes.h" != "x" ; then
|
||||||
|
if test "${ac_cv_header_openssl_aes_h+set}" = set; then
|
||||||
|
{ echo "$as_me:$LINENO: checking for openssl/aes.h" >&5
|
||||||
|
echo $ECHO_N "checking for openssl/aes.h... $ECHO_C" >&6; }
|
||||||
|
if test "${ac_cv_header_openssl_aes_h+set}" = set; then
|
||||||
|
echo $ECHO_N "(cached) $ECHO_C" >&6
|
||||||
|
fi
|
||||||
|
{ echo "$as_me:$LINENO: result: $ac_cv_header_openssl_aes_h" >&5
|
||||||
|
echo "${ECHO_T}$ac_cv_header_openssl_aes_h" >&6; }
|
||||||
|
else
|
||||||
|
# Is the header compilable?
|
||||||
|
{ echo "$as_me:$LINENO: checking openssl/aes.h usability" >&5
|
||||||
|
echo $ECHO_N "checking openssl/aes.h usability... $ECHO_C" >&6; }
|
||||||
|
cat >conftest.$ac_ext <<_ACEOF
|
||||||
|
/* confdefs.h. */
|
||||||
|
_ACEOF
|
||||||
|
cat confdefs.h >>conftest.$ac_ext
|
||||||
|
cat >>conftest.$ac_ext <<_ACEOF
|
||||||
|
/* end confdefs.h. */
|
||||||
|
$ac_includes_default
|
||||||
|
#include <openssl/aes.h>
|
||||||
|
_ACEOF
|
||||||
|
rm -f conftest.$ac_objext
|
||||||
|
if { (ac_try="$ac_compile"
|
||||||
|
case "(($ac_try" in
|
||||||
|
*\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
|
||||||
|
*) ac_try_echo=$ac_try;;
|
||||||
|
esac
|
||||||
|
eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
|
||||||
|
(eval "$ac_compile") 2>conftest.er1
|
||||||
|
ac_status=$?
|
||||||
|
grep -v '^ *+' conftest.er1 >conftest.err
|
||||||
|
rm -f conftest.er1
|
||||||
|
cat conftest.err >&5
|
||||||
|
echo "$as_me:$LINENO: \$? = $ac_status" >&5
|
||||||
|
(exit $ac_status); } && {
|
||||||
|
test -z "$ac_c_werror_flag" ||
|
||||||
|
test ! -s conftest.err
|
||||||
|
} && test -s conftest.$ac_objext; then
|
||||||
|
ac_header_compiler=yes
|
||||||
|
else
|
||||||
|
echo "$as_me: failed program was:" >&5
|
||||||
|
sed 's/^/| /' conftest.$ac_ext >&5
|
||||||
|
|
||||||
|
ac_header_compiler=no
|
||||||
|
fi
|
||||||
|
|
||||||
|
rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
|
||||||
|
{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
|
||||||
|
echo "${ECHO_T}$ac_header_compiler" >&6; }
|
||||||
|
|
||||||
|
# Is the header present?
|
||||||
|
{ echo "$as_me:$LINENO: checking openssl/aes.h presence" >&5
|
||||||
|
echo $ECHO_N "checking openssl/aes.h presence... $ECHO_C" >&6; }
|
||||||
|
cat >conftest.$ac_ext <<_ACEOF
|
||||||
|
/* confdefs.h. */
|
||||||
|
_ACEOF
|
||||||
|
cat confdefs.h >>conftest.$ac_ext
|
||||||
|
cat >>conftest.$ac_ext <<_ACEOF
|
||||||
|
/* end confdefs.h. */
|
||||||
|
#include <openssl/aes.h>
|
||||||
|
_ACEOF
|
||||||
|
if { (ac_try="$ac_cpp conftest.$ac_ext"
|
||||||
|
case "(($ac_try" in
|
||||||
|
*\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
|
||||||
|
*) ac_try_echo=$ac_try;;
|
||||||
|
esac
|
||||||
|
eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
|
||||||
|
(eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1
|
||||||
|
ac_status=$?
|
||||||
|
grep -v '^ *+' conftest.er1 >conftest.err
|
||||||
|
rm -f conftest.er1
|
||||||
|
cat conftest.err >&5
|
||||||
|
echo "$as_me:$LINENO: \$? = $ac_status" >&5
|
||||||
|
(exit $ac_status); } >/dev/null && {
|
||||||
|
test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" ||
|
||||||
|
test ! -s conftest.err
|
||||||
|
}; then
|
||||||
|
ac_header_preproc=yes
|
||||||
|
else
|
||||||
|
echo "$as_me: failed program was:" >&5
|
||||||
|
sed 's/^/| /' conftest.$ac_ext >&5
|
||||||
|
|
||||||
|
ac_header_preproc=no
|
||||||
|
fi
|
||||||
|
|
||||||
|
rm -f conftest.err conftest.$ac_ext
|
||||||
|
{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
|
||||||
|
echo "${ECHO_T}$ac_header_preproc" >&6; }
|
||||||
|
|
||||||
|
# So? What about this header?
|
||||||
|
case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
|
||||||
|
yes:no: )
|
||||||
|
{ echo "$as_me:$LINENO: WARNING: openssl/aes.h: accepted by the compiler, rejected by the preprocessor!" >&5
|
||||||
|
echo "$as_me: WARNING: openssl/aes.h: accepted by the compiler, rejected by the preprocessor!" >&2;}
|
||||||
|
{ echo "$as_me:$LINENO: WARNING: openssl/aes.h: proceeding with the compiler's result" >&5
|
||||||
|
echo "$as_me: WARNING: openssl/aes.h: proceeding with the compiler's result" >&2;}
|
||||||
|
ac_header_preproc=yes
|
||||||
|
;;
|
||||||
|
no:yes:* )
|
||||||
|
{ echo "$as_me:$LINENO: WARNING: openssl/aes.h: present but cannot be compiled" >&5
|
||||||
|
echo "$as_me: WARNING: openssl/aes.h: present but cannot be compiled" >&2;}
|
||||||
|
{ echo "$as_me:$LINENO: WARNING: openssl/aes.h: check for missing prerequisite headers?" >&5
|
||||||
|
echo "$as_me: WARNING: openssl/aes.h: check for missing prerequisite headers?" >&2;}
|
||||||
|
{ echo "$as_me:$LINENO: WARNING: openssl/aes.h: see the Autoconf documentation" >&5
|
||||||
|
echo "$as_me: WARNING: openssl/aes.h: see the Autoconf documentation" >&2;}
|
||||||
|
{ echo "$as_me:$LINENO: WARNING: openssl/aes.h: section \"Present But Cannot Be Compiled\"" >&5
|
||||||
|
echo "$as_me: WARNING: openssl/aes.h: section \"Present But Cannot Be Compiled\"" >&2;}
|
||||||
|
{ echo "$as_me:$LINENO: WARNING: openssl/aes.h: proceeding with the preprocessor's result" >&5
|
||||||
|
echo "$as_me: WARNING: openssl/aes.h: proceeding with the preprocessor's result" >&2;}
|
||||||
|
{ echo "$as_me:$LINENO: WARNING: openssl/aes.h: in the future, the compiler will take precedence" >&5
|
||||||
|
echo "$as_me: WARNING: openssl/aes.h: in the future, the compiler will take precedence" >&2;}
|
||||||
|
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
{ echo "$as_me:$LINENO: checking for openssl/aes.h" >&5
|
||||||
|
echo $ECHO_N "checking for openssl/aes.h... $ECHO_C" >&6; }
|
||||||
|
if test "${ac_cv_header_openssl_aes_h+set}" = set; then
|
||||||
|
echo $ECHO_N "(cached) $ECHO_C" >&6
|
||||||
|
else
|
||||||
|
ac_cv_header_openssl_aes_h=$ac_header_preproc
|
||||||
|
fi
|
||||||
|
{ echo "$as_me:$LINENO: result: $ac_cv_header_openssl_aes_h" >&5
|
||||||
|
echo "${ECHO_T}$ac_cv_header_openssl_aes_h" >&6; }
|
||||||
|
|
||||||
|
fi
|
||||||
|
if test $ac_cv_header_openssl_aes_h = yes; then
|
||||||
|
CRYPTO_HEADER_FOUND=1
|
||||||
|
else
|
||||||
|
CRYPTO_HEADER_FOUND=0
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
if test "x${CRYPTO_HEADER_FOUND}" = "x0" ; then
|
||||||
|
CRYPTO_LIB=""
|
||||||
|
CRYPTO_INCLUDE=""
|
||||||
|
else
|
||||||
|
if test "x${pbxfuncname}" = "x" ; then # only checking headers -> no library
|
||||||
|
CRYPTO_LIB=""
|
||||||
|
fi
|
||||||
|
PBX_CRYPTO=1
|
||||||
|
# XXX don't know how to evaluate the description (third argument) in AC_DEFINE_UNQUOTED
|
||||||
|
|
||||||
|
cat >>confdefs.h <<_ACEOF
|
||||||
|
#define HAVE_CRYPTO 1
|
||||||
|
_ACEOF
|
||||||
|
|
||||||
|
|
||||||
|
cat >>confdefs.h <<_ACEOF
|
||||||
|
#define HAVE_CRYPTO_VERSION
|
||||||
|
_ACEOF
|
||||||
|
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
if test "${PBX_CRYPTO}" != "0";
|
||||||
|
then
|
||||||
|
|
||||||
if test "x${PBX_OPENSSL}" != "x1" -a "${USE_OPENSSL}" != "no"; then
|
if test "x${PBX_OPENSSL}" != "x1" -a "${USE_OPENSSL}" != "no"; then
|
||||||
pbxlibdir=""
|
pbxlibdir=""
|
||||||
if test "x${OPENSSL_DIR}" != "x"; then
|
if test "x${OPENSSL_DIR}" != "x"; then
|
||||||
|
@ -29628,6 +30054,7 @@ _ACEOF
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
if test "x${PBX_FREETDS}" != "x1" -a "${USE_FREETDS}" != "no"; then
|
if test "x${PBX_FREETDS}" != "x1" -a "${USE_FREETDS}" != "no"; then
|
||||||
|
@ -35694,6 +36121,10 @@ CURSES_LIB!$CURSES_LIB$ac_delim
|
||||||
CURSES_INCLUDE!$CURSES_INCLUDE$ac_delim
|
CURSES_INCLUDE!$CURSES_INCLUDE$ac_delim
|
||||||
CURSES_DIR!$CURSES_DIR$ac_delim
|
CURSES_DIR!$CURSES_DIR$ac_delim
|
||||||
PBX_CURSES!$PBX_CURSES$ac_delim
|
PBX_CURSES!$PBX_CURSES$ac_delim
|
||||||
|
CRYPTO_LIB!$CRYPTO_LIB$ac_delim
|
||||||
|
CRYPTO_INCLUDE!$CRYPTO_INCLUDE$ac_delim
|
||||||
|
CRYPTO_DIR!$CRYPTO_DIR$ac_delim
|
||||||
|
PBX_CRYPTO!$PBX_CRYPTO$ac_delim
|
||||||
GNUTLS_LIB!$GNUTLS_LIB$ac_delim
|
GNUTLS_LIB!$GNUTLS_LIB$ac_delim
|
||||||
GNUTLS_INCLUDE!$GNUTLS_INCLUDE$ac_delim
|
GNUTLS_INCLUDE!$GNUTLS_INCLUDE$ac_delim
|
||||||
GNUTLS_DIR!$GNUTLS_DIR$ac_delim
|
GNUTLS_DIR!$GNUTLS_DIR$ac_delim
|
||||||
|
@ -35766,10 +36197,6 @@ PRI_LIB!$PRI_LIB$ac_delim
|
||||||
PRI_INCLUDE!$PRI_INCLUDE$ac_delim
|
PRI_INCLUDE!$PRI_INCLUDE$ac_delim
|
||||||
PRI_DIR!$PRI_DIR$ac_delim
|
PRI_DIR!$PRI_DIR$ac_delim
|
||||||
PBX_PRI!$PBX_PRI$ac_delim
|
PBX_PRI!$PBX_PRI$ac_delim
|
||||||
SS7_LIB!$SS7_LIB$ac_delim
|
|
||||||
SS7_INCLUDE!$SS7_INCLUDE$ac_delim
|
|
||||||
SS7_DIR!$SS7_DIR$ac_delim
|
|
||||||
PBX_SS7!$PBX_SS7$ac_delim
|
|
||||||
_ACEOF
|
_ACEOF
|
||||||
|
|
||||||
if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 97; then
|
if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 97; then
|
||||||
|
@ -35811,6 +36238,10 @@ _ACEOF
|
||||||
ac_delim='%!_!# '
|
ac_delim='%!_!# '
|
||||||
for ac_last_try in false false false false false :; do
|
for ac_last_try in false false false false false :; do
|
||||||
cat >conf$$subs.sed <<_ACEOF
|
cat >conf$$subs.sed <<_ACEOF
|
||||||
|
SS7_LIB!$SS7_LIB$ac_delim
|
||||||
|
SS7_INCLUDE!$SS7_INCLUDE$ac_delim
|
||||||
|
SS7_DIR!$SS7_DIR$ac_delim
|
||||||
|
PBX_SS7!$PBX_SS7$ac_delim
|
||||||
PWLIB_LIB!$PWLIB_LIB$ac_delim
|
PWLIB_LIB!$PWLIB_LIB$ac_delim
|
||||||
PWLIB_INCLUDE!$PWLIB_INCLUDE$ac_delim
|
PWLIB_INCLUDE!$PWLIB_INCLUDE$ac_delim
|
||||||
PWLIB_DIR!$PWLIB_DIR$ac_delim
|
PWLIB_DIR!$PWLIB_DIR$ac_delim
|
||||||
|
@ -35904,10 +36335,6 @@ PWLIB_LIBDIR!$PWLIB_LIBDIR$ac_delim
|
||||||
PWLIB_PLATFORM!$PWLIB_PLATFORM$ac_delim
|
PWLIB_PLATFORM!$PWLIB_PLATFORM$ac_delim
|
||||||
OPENH323DIR!$OPENH323DIR$ac_delim
|
OPENH323DIR!$OPENH323DIR$ac_delim
|
||||||
OPENH323_INCDIR!$OPENH323_INCDIR$ac_delim
|
OPENH323_INCDIR!$OPENH323_INCDIR$ac_delim
|
||||||
OPENH323_LIBDIR!$OPENH323_LIBDIR$ac_delim
|
|
||||||
OPENH323_SUFFIX!$OPENH323_SUFFIX$ac_delim
|
|
||||||
OPENH323_BUILD!$OPENH323_BUILD$ac_delim
|
|
||||||
QTMOC!$QTMOC$ac_delim
|
|
||||||
_ACEOF
|
_ACEOF
|
||||||
|
|
||||||
if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 97; then
|
if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 97; then
|
||||||
|
@ -35949,6 +36376,10 @@ _ACEOF
|
||||||
ac_delim='%!_!# '
|
ac_delim='%!_!# '
|
||||||
for ac_last_try in false false false false false :; do
|
for ac_last_try in false false false false false :; do
|
||||||
cat >conf$$subs.sed <<_ACEOF
|
cat >conf$$subs.sed <<_ACEOF
|
||||||
|
OPENH323_LIBDIR!$OPENH323_LIBDIR$ac_delim
|
||||||
|
OPENH323_SUFFIX!$OPENH323_SUFFIX$ac_delim
|
||||||
|
OPENH323_BUILD!$OPENH323_BUILD$ac_delim
|
||||||
|
QTMOC!$QTMOC$ac_delim
|
||||||
EDITLINE_LIB!$EDITLINE_LIB$ac_delim
|
EDITLINE_LIB!$EDITLINE_LIB$ac_delim
|
||||||
PBX_H323!$PBX_H323$ac_delim
|
PBX_H323!$PBX_H323$ac_delim
|
||||||
PBX_IXJUSER!$PBX_IXJUSER$ac_delim
|
PBX_IXJUSER!$PBX_IXJUSER$ac_delim
|
||||||
|
@ -35964,7 +36395,7 @@ CURL_CONFIG!$CURL_CONFIG$ac_delim
|
||||||
LTLIBOBJS!$LTLIBOBJS$ac_delim
|
LTLIBOBJS!$LTLIBOBJS$ac_delim
|
||||||
_ACEOF
|
_ACEOF
|
||||||
|
|
||||||
if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 13; then
|
if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 17; then
|
||||||
break
|
break
|
||||||
elif $ac_last_try; then
|
elif $ac_last_try; then
|
||||||
{ { echo "$as_me:$LINENO: error: could not make $CONFIG_STATUS" >&5
|
{ { echo "$as_me:$LINENO: error: could not make $CONFIG_STATUS" >&5
|
||||||
|
|
|
@ -186,6 +186,7 @@ AST_EXT_LIB_SETUP([BKTR], [Stack Backtrace support], [execinfo])
|
||||||
AST_EXT_LIB_SETUP([CAP], [POSIX 1.e capabilities], [cap])
|
AST_EXT_LIB_SETUP([CAP], [POSIX 1.e capabilities], [cap])
|
||||||
AST_EXT_LIB_SETUP([CURL], [cURL], [curl])
|
AST_EXT_LIB_SETUP([CURL], [cURL], [curl])
|
||||||
AST_EXT_LIB_SETUP([CURSES], [curses], [curses])
|
AST_EXT_LIB_SETUP([CURSES], [curses], [curses])
|
||||||
|
AST_EXT_LIB_SETUP([CRYPTO], [OpenSSL Cryptography Support], [crypto])
|
||||||
AST_EXT_LIB_SETUP([GNUTLS], [GNU TLS support (used for iksemel only)], [gnutls])
|
AST_EXT_LIB_SETUP([GNUTLS], [GNU TLS support (used for iksemel only)], [gnutls])
|
||||||
AST_EXT_LIB_SETUP([GSM], [GSM], [gsm], [, or 'internal'])
|
AST_EXT_LIB_SETUP([GSM], [GSM], [gsm], [, or 'internal'])
|
||||||
AST_EXT_LIB_SETUP([IKSEMEL], [Iksemel Jabber Library], [iksemel])
|
AST_EXT_LIB_SETUP([IKSEMEL], [Iksemel Jabber Library], [iksemel])
|
||||||
|
@ -846,7 +847,12 @@ AST_EXT_LIB_CHECK([SQLITE], [sqlite], [sqlite_exec], [sqlite.h])
|
||||||
|
|
||||||
AST_EXT_LIB_CHECK([SQLITE3], [sqlite3], [sqlite3_open], [sqlite3.h])
|
AST_EXT_LIB_CHECK([SQLITE3], [sqlite3], [sqlite3_open], [sqlite3.h])
|
||||||
|
|
||||||
AST_EXT_LIB_CHECK([OPENSSL], [ssl], [ssl2_connect], [openssl/ssl.h], [-lcrypto])
|
AST_EXT_LIB_CHECK([CRYPTO], [crypto], [AES_encrypt], [openssl/aes.h])
|
||||||
|
|
||||||
|
if test "${PBX_CRYPTO}" != "0";
|
||||||
|
then
|
||||||
|
AST_EXT_LIB_CHECK([OPENSSL], [ssl], [ssl2_connect], [openssl/ssl.h], [-lcrypto])
|
||||||
|
fi
|
||||||
|
|
||||||
AST_EXT_LIB_CHECK([FREETDS], [tds], [tds_version], [tds.h])
|
AST_EXT_LIB_CHECK([FREETDS], [tds], [tds_version], [tds.h])
|
||||||
if test "${PBX_FREETDS}" != "0";
|
if test "${PBX_FREETDS}" != "0";
|
||||||
|
|
|
@ -1,170 +1,65 @@
|
||||||
/*
|
/*
|
||||||
* Asterisk -- An open source telephony toolkit.
|
* Asterisk -- An open source telephony toolkit.
|
||||||
*
|
*
|
||||||
|
* Copyright (C) 20075, Digium, Inc.
|
||||||
|
*
|
||||||
|
* Kevin P. Fleming <kpfleming@digium.com>
|
||||||
|
*
|
||||||
* See http://www.asterisk.org for more information about
|
* See http://www.asterisk.org for more information about
|
||||||
* the Asterisk project. Please do not directly contact
|
* the Asterisk project. Please do not directly contact
|
||||||
* any of the maintainers of this project for assistance;
|
* any of the maintainers of this project for assistance;
|
||||||
* the project provides a web site, mailing lists and IRC
|
* the project provides a web site, mailing lists and IRC
|
||||||
* channels for your use.
|
* channels for your use.
|
||||||
|
*
|
||||||
|
* This program is free software, distributed under the terms of
|
||||||
|
* the GNU General Public License Version 2. See the LICENSE file
|
||||||
|
* at the top of the source tree.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/*
|
/*! \file
|
||||||
---------------------------------------------------------------------------
|
* \brief Wrappers for AES encryption/decryption
|
||||||
Copyright (c) 2003, Dr Brian Gladman <brg@gladman.me.uk>, Worcester, UK.
|
*
|
||||||
All rights reserved.
|
* These wrappers provided a generic interface to either the
|
||||||
|
* AES methods provided by OpenSSL's crypto library, or the
|
||||||
|
* AES implementation included with Asterisk.
|
||||||
|
*/
|
||||||
|
|
||||||
LICENSE TERMS
|
#ifndef _ASTERISK_AES_H
|
||||||
|
#define _ASTERISK_AES_H
|
||||||
|
|
||||||
The free distribution and use of this software in both source and binary
|
#ifdef HAVE_CRYPTO
|
||||||
form is allowed (with or without changes) provided that:
|
|
||||||
|
|
||||||
1. distributions of this source code include the above copyright
|
/* Use the OpenSSL crypto library */
|
||||||
notice, this list of conditions and the following disclaimer;
|
#include "openssl/aes.h"
|
||||||
|
|
||||||
2. distributions in binary form include the above copyright
|
typedef AES_KEY ast_aes_encrypt_key;
|
||||||
notice, this list of conditions and the following disclaimer
|
typedef AES_KEY ast_aes_decrypt_key;
|
||||||
in the documentation and/or other associated materials;
|
|
||||||
|
|
||||||
3. the copyright holder's name is not used to endorse products
|
#define ast_aes_encrypt_key(key, context) AES_set_encrypt_key(key, 1024, context)
|
||||||
built using this software without specific written permission.
|
|
||||||
|
|
||||||
ALTERNATIVELY, provided that this notice is retained in full, this product
|
#define ast_aes_decrypt_key(key, context) AES_set_decrypt_key(key, 1024, context)
|
||||||
may be distributed under the terms of the GNU General Public License (GPL),
|
|
||||||
in which case the provisions of the GPL apply INSTEAD OF those given above.
|
|
||||||
|
|
||||||
DISCLAIMER
|
#define ast_aes_encrypt(in, out, context) AES_encrypt(in, out, context)
|
||||||
|
|
||||||
This software is provided 'as is' with no explicit or implied warranties
|
#define ast_aes_decrypt(in, out, context) AES_decrypt(in, out, context)
|
||||||
in respect of its properties, including, but not limited to, correctness
|
|
||||||
and/or fitness for purpose.
|
|
||||||
---------------------------------------------------------------------------
|
|
||||||
Issue Date: 26/08/2003
|
|
||||||
*/
|
|
||||||
/*!\file
|
|
||||||
|
|
||||||
\brief This file contains the definitions required to use AES in C. See aesopt.h
|
#else /* !HAVE_CRYPTO */
|
||||||
for optimisation details.
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef _AES_H
|
/* Use the included AES implementation */
|
||||||
#define _AES_H
|
|
||||||
|
|
||||||
/* This include is used to find 8 & 32 bit unsigned integer types */
|
#include "aes_internal.h"
|
||||||
#include "limits.h"
|
|
||||||
|
|
||||||
#if defined(__cplusplus)
|
typedef aes_encrypt_ctx ast_aes_encrypt_key;
|
||||||
extern "C"
|
typedef aes_decrypt_ctx ast_aes_decrypt_key;
|
||||||
{
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#define AES_128 /* define if AES with 128 bit keys is needed */
|
#define ast_aes_encrypt_key(key, context) aes_encrypt_key128(key, context)
|
||||||
#undef AES_192 /* define if AES with 192 bit keys is needed */
|
|
||||||
#undef AES_256 /* define if AES with 256 bit keys is needed */
|
|
||||||
#undef AES_VAR /* define if a variable key size is needed */
|
|
||||||
|
|
||||||
/* The following must also be set in assembler files if being used */
|
#define ast_aes_decrypt_key(key, context) aes_decrypt_key128(key, context)
|
||||||
|
|
||||||
#define AES_ENCRYPT /* if support for encryption is needed */
|
#define ast_aes_encrypt(in, out, context) aes_encrypt(in, out, context)
|
||||||
#define AES_DECRYPT /* if support for decryption is needed */
|
|
||||||
#define AES_ERR_CHK /* for parameter checks & error return codes */
|
|
||||||
|
|
||||||
#if UCHAR_MAX == 0xff /* an unsigned 8 bit type */
|
#define ast_aes_decrypt(in, out, context) aes_decrypt(in, out, context)
|
||||||
typedef unsigned char aes_08t;
|
|
||||||
#else
|
|
||||||
#error Please define aes_08t as an 8-bit unsigned integer type in aes.h
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#if UINT_MAX == 0xffffffff /* an unsigned 32 bit type */
|
#endif /* !HAVE_CRYPTO */
|
||||||
typedef unsigned int aes_32t;
|
|
||||||
#elif ULONG_MAX == 0xffffffff
|
|
||||||
typedef unsigned long aes_32t;
|
|
||||||
#else
|
|
||||||
#error Please define aes_32t as a 32-bit unsigned integer type in aes.h
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#define AES_BLOCK_SIZE 16 /* the AES block size in bytes */
|
#endif /* _ASTERISK_AES_H */
|
||||||
#define N_COLS 4 /* the number of columns in the state */
|
|
||||||
|
|
||||||
/* a maximum of 60 32-bit words are needed for the key schedule but */
|
|
||||||
/* 64 are claimed to allow space at the top for a CBC xor buffer. */
|
|
||||||
/* If this is not needed, this value can be reduced to 60. A value */
|
|
||||||
/* of 64 may also help in maintaining alignment in some situations */
|
|
||||||
#define KS_LENGTH 64
|
|
||||||
|
|
||||||
#ifdef AES_ERR_CHK
|
|
||||||
#define aes_ret int
|
|
||||||
#define aes_good 0
|
|
||||||
#define aes_error -1
|
|
||||||
#else
|
|
||||||
#define aes_ret void
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#ifndef AES_DLL /* implement normal/DLL functions */
|
|
||||||
#define aes_rval aes_ret
|
|
||||||
#else
|
|
||||||
#define aes_rval aes_ret __declspec(dllexport) _stdcall
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/* This routine must be called before first use if non-static */
|
|
||||||
/* tables are being used */
|
|
||||||
|
|
||||||
void gen_tabs(void);
|
|
||||||
|
|
||||||
/* The key length (klen) is input in bytes when it is in the range */
|
|
||||||
/* 16 <= klen <= 32 or in bits when in the range 128 <= klen <= 256 */
|
|
||||||
|
|
||||||
#ifdef AES_ENCRYPT
|
|
||||||
|
|
||||||
typedef struct
|
|
||||||
{ aes_32t ks[KS_LENGTH];
|
|
||||||
} aes_encrypt_ctx;
|
|
||||||
|
|
||||||
#if defined(AES_128) || defined(AES_VAR)
|
|
||||||
aes_rval aes_encrypt_key128(const void *in_key, aes_encrypt_ctx cx[1]);
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#if defined(AES_192) || defined(AES_VAR)
|
|
||||||
aes_rval aes_encrypt_key192(const void *in_key, aes_encrypt_ctx cx[1]);
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#if defined(AES_256) || defined(AES_VAR)
|
|
||||||
aes_rval aes_encrypt_key256(const void *in_key, aes_encrypt_ctx cx[1]);
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#if defined(AES_VAR)
|
|
||||||
aes_rval aes_encrypt_key(const void *in_key, int key_len, aes_encrypt_ctx cx[1]);
|
|
||||||
#endif
|
|
||||||
|
|
||||||
aes_rval aes_encrypt(const void *in_blk, void *out_blk, const aes_encrypt_ctx cx[1]);
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#ifdef AES_DECRYPT
|
|
||||||
|
|
||||||
typedef struct
|
|
||||||
{ aes_32t ks[KS_LENGTH];
|
|
||||||
} aes_decrypt_ctx;
|
|
||||||
|
|
||||||
#if defined(AES_128) || defined(AES_VAR)
|
|
||||||
aes_rval aes_decrypt_key128(const void *in_key, aes_decrypt_ctx cx[1]);
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#if defined(AES_192) || defined(AES_VAR)
|
|
||||||
aes_rval aes_decrypt_key192(const void *in_key, aes_decrypt_ctx cx[1]);
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#if defined(AES_256) || defined(AES_VAR)
|
|
||||||
aes_rval aes_decrypt_key256(const void *in_key, aes_decrypt_ctx cx[1]);
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#if defined(AES_VAR)
|
|
||||||
aes_rval aes_decrypt_key(const void *in_key, int key_len, aes_decrypt_ctx cx[1]);
|
|
||||||
#endif
|
|
||||||
|
|
||||||
aes_rval aes_decrypt(const void *in_blk, void *out_blk, const aes_decrypt_ctx cx[1]);
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#if defined(__cplusplus)
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#endif
|
|
||||||
|
|
|
@ -0,0 +1,170 @@
|
||||||
|
/*
|
||||||
|
* Asterisk -- An open source telephony toolkit.
|
||||||
|
*
|
||||||
|
* See http://www.asterisk.org for more information about
|
||||||
|
* the Asterisk project. Please do not directly contact
|
||||||
|
* any of the maintainers of this project for assistance;
|
||||||
|
* the project provides a web site, mailing lists and IRC
|
||||||
|
* channels for your use.
|
||||||
|
*/
|
||||||
|
|
||||||
|
/*
|
||||||
|
---------------------------------------------------------------------------
|
||||||
|
Copyright (c) 2003, Dr Brian Gladman <brg@gladman.me.uk>, Worcester, UK.
|
||||||
|
All rights reserved.
|
||||||
|
|
||||||
|
LICENSE TERMS
|
||||||
|
|
||||||
|
The free distribution and use of this software in both source and binary
|
||||||
|
form is allowed (with or without changes) provided that:
|
||||||
|
|
||||||
|
1. distributions of this source code include the above copyright
|
||||||
|
notice, this list of conditions and the following disclaimer;
|
||||||
|
|
||||||
|
2. distributions in binary form include the above copyright
|
||||||
|
notice, this list of conditions and the following disclaimer
|
||||||
|
in the documentation and/or other associated materials;
|
||||||
|
|
||||||
|
3. the copyright holder's name is not used to endorse products
|
||||||
|
built using this software without specific written permission.
|
||||||
|
|
||||||
|
ALTERNATIVELY, provided that this notice is retained in full, this product
|
||||||
|
may be distributed under the terms of the GNU General Public License (GPL),
|
||||||
|
in which case the provisions of the GPL apply INSTEAD OF those given above.
|
||||||
|
|
||||||
|
DISCLAIMER
|
||||||
|
|
||||||
|
This software is provided 'as is' with no explicit or implied warranties
|
||||||
|
in respect of its properties, including, but not limited to, correctness
|
||||||
|
and/or fitness for purpose.
|
||||||
|
---------------------------------------------------------------------------
|
||||||
|
Issue Date: 26/08/2003
|
||||||
|
*/
|
||||||
|
/*!\file
|
||||||
|
|
||||||
|
\brief This file contains the definitions required to use AES in C. See aesopt.h
|
||||||
|
for optimisation details.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef _AES_INTERNAL_H
|
||||||
|
#define _AES_INTERNAL_H
|
||||||
|
|
||||||
|
/* This include is used to find 8 & 32 bit unsigned integer types */
|
||||||
|
#include "limits.h"
|
||||||
|
|
||||||
|
#if defined(__cplusplus)
|
||||||
|
extern "C"
|
||||||
|
{
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#define AES_128 /* define if AES with 128 bit keys is needed */
|
||||||
|
#undef AES_192 /* define if AES with 192 bit keys is needed */
|
||||||
|
#undef AES_256 /* define if AES with 256 bit keys is needed */
|
||||||
|
#undef AES_VAR /* define if a variable key size is needed */
|
||||||
|
|
||||||
|
/* The following must also be set in assembler files if being used */
|
||||||
|
|
||||||
|
#define AES_ENCRYPT /* if support for encryption is needed */
|
||||||
|
#define AES_DECRYPT /* if support for decryption is needed */
|
||||||
|
#define AES_ERR_CHK /* for parameter checks & error return codes */
|
||||||
|
|
||||||
|
#if UCHAR_MAX == 0xff /* an unsigned 8 bit type */
|
||||||
|
typedef unsigned char aes_08t;
|
||||||
|
#else
|
||||||
|
#error Please define aes_08t as an 8-bit unsigned integer type in aes.h
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if UINT_MAX == 0xffffffff /* an unsigned 32 bit type */
|
||||||
|
typedef unsigned int aes_32t;
|
||||||
|
#elif ULONG_MAX == 0xffffffff
|
||||||
|
typedef unsigned long aes_32t;
|
||||||
|
#else
|
||||||
|
#error Please define aes_32t as a 32-bit unsigned integer type in aes.h
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#define AES_BLOCK_SIZE 16 /* the AES block size in bytes */
|
||||||
|
#define N_COLS 4 /* the number of columns in the state */
|
||||||
|
|
||||||
|
/* a maximum of 60 32-bit words are needed for the key schedule but */
|
||||||
|
/* 64 are claimed to allow space at the top for a CBC xor buffer. */
|
||||||
|
/* If this is not needed, this value can be reduced to 60. A value */
|
||||||
|
/* of 64 may also help in maintaining alignment in some situations */
|
||||||
|
#define KS_LENGTH 64
|
||||||
|
|
||||||
|
#ifdef AES_ERR_CHK
|
||||||
|
#define aes_ret int
|
||||||
|
#define aes_good 0
|
||||||
|
#define aes_error -1
|
||||||
|
#else
|
||||||
|
#define aes_ret void
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifndef AES_DLL /* implement normal/DLL functions */
|
||||||
|
#define aes_rval aes_ret
|
||||||
|
#else
|
||||||
|
#define aes_rval aes_ret __declspec(dllexport) _stdcall
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/* This routine must be called before first use if non-static */
|
||||||
|
/* tables are being used */
|
||||||
|
|
||||||
|
void gen_tabs(void);
|
||||||
|
|
||||||
|
/* The key length (klen) is input in bytes when it is in the range */
|
||||||
|
/* 16 <= klen <= 32 or in bits when in the range 128 <= klen <= 256 */
|
||||||
|
|
||||||
|
#ifdef AES_ENCRYPT
|
||||||
|
|
||||||
|
typedef struct
|
||||||
|
{ aes_32t ks[KS_LENGTH];
|
||||||
|
} aes_encrypt_ctx;
|
||||||
|
|
||||||
|
#if defined(AES_128) || defined(AES_VAR)
|
||||||
|
aes_rval aes_encrypt_key128(const void *in_key, aes_encrypt_ctx cx[1]);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(AES_192) || defined(AES_VAR)
|
||||||
|
aes_rval aes_encrypt_key192(const void *in_key, aes_encrypt_ctx cx[1]);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(AES_256) || defined(AES_VAR)
|
||||||
|
aes_rval aes_encrypt_key256(const void *in_key, aes_encrypt_ctx cx[1]);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(AES_VAR)
|
||||||
|
aes_rval aes_encrypt_key(const void *in_key, int key_len, aes_encrypt_ctx cx[1]);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
aes_rval aes_encrypt(const void *in_blk, void *out_blk, const aes_encrypt_ctx cx[1]);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifdef AES_DECRYPT
|
||||||
|
|
||||||
|
typedef struct
|
||||||
|
{ aes_32t ks[KS_LENGTH];
|
||||||
|
} aes_decrypt_ctx;
|
||||||
|
|
||||||
|
#if defined(AES_128) || defined(AES_VAR)
|
||||||
|
aes_rval aes_decrypt_key128(const void *in_key, aes_decrypt_ctx cx[1]);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(AES_192) || defined(AES_VAR)
|
||||||
|
aes_rval aes_decrypt_key192(const void *in_key, aes_decrypt_ctx cx[1]);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(AES_256) || defined(AES_VAR)
|
||||||
|
aes_rval aes_decrypt_key256(const void *in_key, aes_decrypt_ctx cx[1]);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(AES_VAR)
|
||||||
|
aes_rval aes_decrypt_key(const void *in_key, int key_len, aes_decrypt_ctx cx[1]);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
aes_rval aes_decrypt(const void *in_blk, void *out_blk, const aes_decrypt_ctx cx[1]);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(__cplusplus)
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#endif
|
|
@ -77,6 +77,12 @@
|
||||||
/* Define to 1 if your system has a working `chown' function. */
|
/* Define to 1 if your system has a working `chown' function. */
|
||||||
#undef HAVE_CHOWN
|
#undef HAVE_CHOWN
|
||||||
|
|
||||||
|
/* Define this to indicate the ${CRYPTO_DESCRIP} library */
|
||||||
|
#undef HAVE_CRYPTO
|
||||||
|
|
||||||
|
/* Define to indicate the ${CRYPTO_DESCRIP} library version */
|
||||||
|
#undef HAVE_CRYPTO_VERSION
|
||||||
|
|
||||||
/* Define if your system has the curl libraries. */
|
/* Define if your system has the curl libraries. */
|
||||||
#undef HAVE_CURL
|
#undef HAVE_CURL
|
||||||
|
|
||||||
|
|
|
@ -42,13 +42,15 @@
|
||||||
* \author Dr Brian Gladman <brg@gladman.me.uk>
|
* \author Dr Brian Gladman <brg@gladman.me.uk>
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "aesopt.h"
|
|
||||||
|
|
||||||
#if defined(__cplusplus)
|
#if defined(__cplusplus)
|
||||||
extern "C"
|
extern "C"
|
||||||
{
|
{
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#ifndef HAVE_CRYPTO
|
||||||
|
|
||||||
|
#include "aesopt.h"
|
||||||
|
|
||||||
#define si(y,x,k,c) (s(y,c) = word_in(x, c) ^ (k)[c])
|
#define si(y,x,k,c) (s(y,c) = word_in(x, c) ^ (k)[c])
|
||||||
#define so(y,x,c) word_out(y, c, s(x,c))
|
#define so(y,x,c) word_out(y, c, s(x,c))
|
||||||
|
|
||||||
|
@ -312,6 +314,8 @@ aes_rval aes_decrypt(const void *in_blk, void *out_blk, const aes_decrypt_ctx cx
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#endif /* !HAVE_CRYPTO */
|
||||||
|
|
||||||
#if defined(__cplusplus)
|
#if defined(__cplusplus)
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
|
@ -41,13 +41,15 @@
|
||||||
* \author Dr Brian Gladman <brg@gladman.me.uk>
|
* \author Dr Brian Gladman <brg@gladman.me.uk>
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "aesopt.h"
|
|
||||||
|
|
||||||
#if defined(__cplusplus)
|
#if defined(__cplusplus)
|
||||||
extern "C"
|
extern "C"
|
||||||
{
|
{
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#ifndef HAVE_CRYPTO
|
||||||
|
|
||||||
|
#include "aesopt.h"
|
||||||
|
|
||||||
/* Initialise the key schedule from the user supplied key. The key
|
/* Initialise the key schedule from the user supplied key. The key
|
||||||
length can be specified in bytes, with legal values of 16, 24
|
length can be specified in bytes, with legal values of 16, 24
|
||||||
and 32, or in bits, with legal values of 128, 192 and 256. These
|
and 32, or in bits, with legal values of 128, 192 and 256. These
|
||||||
|
@ -464,6 +466,8 @@ aes_rval aes_decrypt_key(const void *in_key, int key_len, aes_decrypt_ctx cx[1])
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#endif /* !HAVE_CRYPTO */
|
||||||
|
|
||||||
#if defined(__cplusplus)
|
#if defined(__cplusplus)
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
|
@ -37,6 +37,8 @@ extern "C"
|
||||||
{
|
{
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#ifndef HAVE_CRYPTO
|
||||||
|
|
||||||
#define DO_TABLES
|
#define DO_TABLES
|
||||||
|
|
||||||
#include "aesopt.h"
|
#include "aesopt.h"
|
||||||
|
@ -226,6 +228,8 @@ void gen_tabs(void)
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#endif /* !HAVE_CRYPTO */
|
||||||
|
|
||||||
#if defined(__cplusplus)
|
#if defined(__cplusplus)
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
|
@ -151,6 +151,9 @@ SQLITE3_LIB=@SQLITE3_LIB@
|
||||||
SSL_INCLUDE=@OPENSSL_INCLUDE@
|
SSL_INCLUDE=@OPENSSL_INCLUDE@
|
||||||
SSL_LIB=@OPENSSL_LIB@
|
SSL_LIB=@OPENSSL_LIB@
|
||||||
|
|
||||||
|
CRYPTO_INCLUDE=@CRYPTO_INCLUDE@
|
||||||
|
CRYPTO_LIB=@CRYPTO_LIB@
|
||||||
|
|
||||||
TONEZONE_INCLUDE=@TONEZONE_INCLUDE@
|
TONEZONE_INCLUDE=@TONEZONE_INCLUDE@
|
||||||
TONEZONE_LIB=@TONEZONE_LIB@
|
TONEZONE_LIB=@TONEZONE_LIB@
|
||||||
|
|
||||||
|
|
|
@ -24,6 +24,7 @@
|
||||||
|
|
||||||
/*** MODULEINFO
|
/*** MODULEINFO
|
||||||
<depend>zlib</depend>
|
<depend>zlib</depend>
|
||||||
|
<use>crypto</use>
|
||||||
***/
|
***/
|
||||||
|
|
||||||
#include "asterisk.h"
|
#include "asterisk.h"
|
||||||
|
@ -173,8 +174,8 @@ struct dundi_transaction {
|
||||||
int eidcount; /*!< Number of eids in eids */
|
int eidcount; /*!< Number of eids in eids */
|
||||||
dundi_eid us_eid; /*!< Our EID, to them */
|
dundi_eid us_eid; /*!< Our EID, to them */
|
||||||
dundi_eid them_eid; /*!< Their EID, to us */
|
dundi_eid them_eid; /*!< Their EID, to us */
|
||||||
aes_encrypt_ctx ecx; /*!< AES 128 Encryption context */
|
ast_aes_encrypt_key ecx; /*!< AES 128 Encryption context */
|
||||||
aes_decrypt_ctx dcx; /*!< AES 128 Decryption context */
|
ast_aes_decrypt_key dcx; /*!< AES 128 Decryption context */
|
||||||
unsigned int flags; /*!< Has final packet been sent */
|
unsigned int flags; /*!< Has final packet been sent */
|
||||||
int ttl; /*!< Remaining TTL for queries on this one */
|
int ttl; /*!< Remaining TTL for queries on this one */
|
||||||
int thread; /*!< We have a calling thread */
|
int thread; /*!< We have a calling thread */
|
||||||
|
@ -240,11 +241,11 @@ struct dundi_peer {
|
||||||
unsigned char txenckey[256]; /*!< Transmitted encrypted key + sig */
|
unsigned char txenckey[256]; /*!< Transmitted encrypted key + sig */
|
||||||
unsigned char rxenckey[256]; /*!< Cache received encrypted key + sig */
|
unsigned char rxenckey[256]; /*!< Cache received encrypted key + sig */
|
||||||
unsigned long us_keycrc32; /*!< CRC-32 of our key */
|
unsigned long us_keycrc32; /*!< CRC-32 of our key */
|
||||||
aes_encrypt_ctx us_ecx; /*!< Cached AES 128 Encryption context */
|
ast_aes_encrypt_key us_ecx; /*!< Cached AES 128 Encryption context */
|
||||||
aes_decrypt_ctx us_dcx; /*!< Cached AES 128 Decryption context */
|
ast_aes_decrypt_key us_dcx; /*!< Cached AES 128 Decryption context */
|
||||||
unsigned long them_keycrc32; /*!< CRC-32 of our key */
|
unsigned long them_keycrc32; /*!< CRC-32 of our key */
|
||||||
aes_encrypt_ctx them_ecx; /*!< Cached AES 128 Encryption context */
|
ast_aes_encrypt_key them_ecx; /*!< Cached AES 128 Encryption context */
|
||||||
aes_decrypt_ctx them_dcx; /*!< Cached AES 128 Decryption context */
|
ast_aes_decrypt_key them_dcx; /*!< Cached AES 128 Decryption context */
|
||||||
time_t keyexpire; /*!< When to expire/recreate key */
|
time_t keyexpire; /*!< When to expire/recreate key */
|
||||||
int registerexpire;
|
int registerexpire;
|
||||||
int lookuptimes[DUNDI_TIMING_HISTORY];
|
int lookuptimes[DUNDI_TIMING_HISTORY];
|
||||||
|
@ -1300,8 +1301,8 @@ static int update_key(struct dundi_peer *peer)
|
||||||
int res;
|
int res;
|
||||||
if (!peer->keyexpire || (peer->keyexpire < time(NULL))) {
|
if (!peer->keyexpire || (peer->keyexpire < time(NULL))) {
|
||||||
build_iv(key);
|
build_iv(key);
|
||||||
aes_encrypt_key128(key, &peer->us_ecx);
|
ast_aes_encrypt_key(key, &peer->us_ecx);
|
||||||
aes_decrypt_key128(key, &peer->us_dcx);
|
ast_aes_decrypt_key(key, &peer->us_dcx);
|
||||||
ekey = ast_key_get(peer->inkey, AST_KEY_PUBLIC);
|
ekey = ast_key_get(peer->inkey, AST_KEY_PUBLIC);
|
||||||
if (!ekey) {
|
if (!ekey) {
|
||||||
ast_log(LOG_NOTICE, "No such key '%s' for creating RSA encrypted shared key for '%s'!\n",
|
ast_log(LOG_NOTICE, "No such key '%s' for creating RSA encrypted shared key for '%s'!\n",
|
||||||
|
@ -1331,7 +1332,7 @@ static int update_key(struct dundi_peer *peer)
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int encrypt_memcpy(unsigned char *dst, unsigned char *src, int len, unsigned char *iv, aes_encrypt_ctx *ecx)
|
static int encrypt_memcpy(unsigned char *dst, unsigned char *src, int len, unsigned char *iv, ast_aes_encrypt_key *ecx)
|
||||||
{
|
{
|
||||||
unsigned char curblock[16];
|
unsigned char curblock[16];
|
||||||
int x;
|
int x;
|
||||||
|
@ -1339,7 +1340,7 @@ static int encrypt_memcpy(unsigned char *dst, unsigned char *src, int len, unsig
|
||||||
while(len > 0) {
|
while(len > 0) {
|
||||||
for (x=0;x<16;x++)
|
for (x=0;x<16;x++)
|
||||||
curblock[x] ^= src[x];
|
curblock[x] ^= src[x];
|
||||||
aes_encrypt(curblock, dst, ecx);
|
ast_aes_encrypt(curblock, dst, ecx);
|
||||||
memcpy(curblock, dst, sizeof(curblock));
|
memcpy(curblock, dst, sizeof(curblock));
|
||||||
dst += 16;
|
dst += 16;
|
||||||
src += 16;
|
src += 16;
|
||||||
|
@ -1347,13 +1348,13 @@ static int encrypt_memcpy(unsigned char *dst, unsigned char *src, int len, unsig
|
||||||
}
|
}
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
static int decrypt_memcpy(unsigned char *dst, unsigned char *src, int len, unsigned char *iv, aes_decrypt_ctx *dcx)
|
static int decrypt_memcpy(unsigned char *dst, unsigned char *src, int len, unsigned char *iv, ast_aes_decrypt_key *dcx)
|
||||||
{
|
{
|
||||||
unsigned char lastblock[16];
|
unsigned char lastblock[16];
|
||||||
int x;
|
int x;
|
||||||
memcpy(lastblock, iv, sizeof(lastblock));
|
memcpy(lastblock, iv, sizeof(lastblock));
|
||||||
while(len > 0) {
|
while(len > 0) {
|
||||||
aes_decrypt(src, dst, dcx);
|
ast_aes_decrypt(src, dst, dcx);
|
||||||
for (x=0;x<16;x++)
|
for (x=0;x<16;x++)
|
||||||
dst[x] ^= lastblock[x];
|
dst[x] ^= lastblock[x];
|
||||||
memcpy(lastblock, src, sizeof(lastblock));
|
memcpy(lastblock, src, sizeof(lastblock));
|
||||||
|
@ -1507,8 +1508,8 @@ static int check_key(struct dundi_peer *peer, unsigned char *newkey, unsigned ch
|
||||||
memcpy(peer->rxenckey, newkey, 128);
|
memcpy(peer->rxenckey, newkey, 128);
|
||||||
memcpy(peer->rxenckey + 128, newsig, 128);
|
memcpy(peer->rxenckey + 128, newsig, 128);
|
||||||
peer->them_keycrc32 = crc32(0L, peer->rxenckey, 128);
|
peer->them_keycrc32 = crc32(0L, peer->rxenckey, 128);
|
||||||
aes_decrypt_key128(dst, &peer->them_dcx);
|
ast_aes_decrypt_key(dst, &peer->them_dcx);
|
||||||
aes_encrypt_key128(dst, &peer->them_ecx);
|
ast_aes_encrypt_key(dst, &peer->them_ecx);
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Reference in New Issue