Moved TLS stack to its own library

Doxyfile.in

@@ -531,6 +531,7 @@ INPUT                  = @SRC_DIR@/src/libstrongswan \
                          @SRC_DIR@/src/libhydra \
                          @SRC_DIR@/src/libcharon \
                          @SRC_DIR@/src/libsimaka \
+                         @SRC_DIR@/src/libtls \
                          @SRC_DIR@/src/libfast \
                          @SRC_DIR@/src/manager
 

configure.in

@@ -225,6 +225,10 @@ if test x$eap_sim = xtrue; then
 	simaka=true;
 fi
 
+if test x$eap_tls = xtrue; then
+	tls=true;
+fi
+
 if test x$fips_prf = xtrue; then
 	if test x$openssl = xfalse; then
 		sha1=true;
@@ -895,6 +899,7 @@ AM_CONDITIONAL(USE_FILE_CONFIG, test x$pluto = xtrue -o x$stroke = xtrue)
 AM_CONDITIONAL(USE_LIBCAP, test x$capabilities = xlibcap)
 AM_CONDITIONAL(USE_VSTR, test x$vstr = xtrue)
 AM_CONDITIONAL(USE_SIMAKA, test x$simaka = xtrue)
+AM_CONDITIONAL(USE_TLS, test x$tls = xtrue)
 AM_CONDITIONAL(MONOLITHIC, test x$monolithic = xtrue)
 
 dnl ==============================
@@ -955,6 +960,7 @@ AC_OUTPUT(
 	src/libhydra/plugins/resolve/Makefile
 	src/libfreeswan/Makefile
 	src/libsimaka/Makefile
+	src/libtls/Makefile
 	src/pluto/Makefile
 	src/pluto/plugins/xauth/Makefile
 	src/whack/Makefile

src/Makefile.am

@@ -12,6 +12,10 @@ if USE_SIMAKA
   SUBDIRS += libsimaka
 endif
 
+if USE_TLS
+  SUBDIRS += libtls
+endif
+
 if USE_FILE_CONFIG
   SUBDIRS += libfreeswan starter ipsec _copyright
 endif

src/libcharon/Makefile.am

@@ -352,6 +352,13 @@ if MONOLITHIC
 endif
 endif
 
+if USE_TLS
+if MONOLITHIC
+  # otherwise this library is linked to eap_tls
+  libcharon_la_LIBADD += $(top_builddir)/src/libtls/libtls.la
+endif
+endif
+
 if USE_MEDSRV
   SUBDIRS += plugins/medsrv
   PLUGINS += medsrv

src/libcharon/plugins/eap_tls/Makefile.am

@@ -1,6 +1,6 @@
 
 INCLUDES = -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/libhydra \
-	-I$(top_srcdir)/src/libcharon
+	-I$(top_srcdir)/src/libcharon -I$(top_srcdir)/src/libtls
 
 AM_CFLAGS = -rdynamic
 
@@ -8,18 +8,10 @@ if MONOLITHIC
 noinst_LTLIBRARIES = libstrongswan-eap-tls.la
 else
 plugin_LTLIBRARIES = libstrongswan-eap-tls.la
+libstrongswan_eap_tls_la_LIBADD = $(top_builddir)/src/libtls/libtls.la
 endif
 
-libstrongswan_eap_tls_la_SOURCES = eap_tls_plugin.h eap_tls_plugin.c \
-	eap_tls.h eap_tls.c tls/tls.h tls/tls.c \
-	tls/tls_protection.h tls/tls_protection.c \
-	tls/tls_compression.h tls/tls_compression.c \
-	tls/tls_fragmentation.h tls/tls_fragmentation.c \
-	tls/tls_crypto.h tls/tls_crypto.c \
-	tls/tls_prf.h tls/tls_prf.c \
-	tls/tls_reader.h tls/tls_reader.c \
-	tls/tls_writer.h tls/tls_writer.c \
-	tls/tls_peer.h tls/tls_peer.c \
-	tls/tls_server.h tls/tls_server.c \
-	tls/tls_handshake.h
+libstrongswan_eap_tls_la_SOURCES = \
+	eap_tls_plugin.h eap_tls_plugin.c eap_tls.h eap_tls.c
+
 libstrongswan_eap_tls_la_LDFLAGS = -module -avoid-version

src/libcharon/plugins/eap_tls/eap_tls.c

@@ -15,7 +15,7 @@
 
 #include "eap_tls.h"
 
-#include "tls/tls.h"
+#include <tls.h>
 
 #include <daemon.h>
 #include <library.h>

src/libtls/Makefile.am

@@ -0,0 +1,15 @@
+
+INCLUDES = -I$(top_srcdir)/src/libstrongswan
+
+noinst_LTLIBRARIES = libtls.la
+libtls_la_SOURCES = \
+	tls_protection.h tls_protection.c \
+	tls_compression.h tls_compression.c \
+	tls_fragmentation.h tls_fragmentation.c \
+	tls_crypto.h tls_crypto.c \
+	tls_prf.h tls_prf.c \
+	tls_reader.h tls_reader.c \
+	tls_writer.h tls_writer.c \
+	tls_peer.h tls_peer.c \
+	tls_server.h tls_server.c \
+	tls_handshake.h tls.h tls.c

src/libtls/tls.c

@@ -22,8 +22,6 @@
 #include "tls_server.h"
 #include "tls_peer.h"
 
-#include <daemon.h>
-
 ENUM_BEGIN(tls_version_names, SSL_2_0, SSL_2_0,
 	"SSLv2");
 ENUM_NEXT(tls_version_names, SSL_3_0, TLS_1_2, SSL_2_0,

src/libtls/tls.h

@@ -14,11 +14,13 @@
  */
 
 /**
- * @defgroup tlsgroup tls
- * @{ @ingroup eap_tls
+ * @defgroup libtls libtls
+ *
+ * @addtogroup libtls
+ * TLS implementation on top of libstrongswan
  *
  * @defgroup tls tls
- * @{ @ingroup tls
+ * @{ @ingroup libtls
  */
 
 #ifndef TLS_H_

src/libtls/tls_compression.c

@@ -15,8 +15,6 @@
 
 #include "tls_compression.h"
 
-#include <daemon.h>
-
 typedef struct private_tls_compression_t private_tls_compression_t;
 
 /**

src/libtls/tls_compression.h

@@ -15,7 +15,7 @@
 
 /**
  * @defgroup tls_compression tls_compression
- * @{ @ingroup tls
+ * @{ @ingroup libtls
  */
 
 #ifndef TLS_COMPRESSION_H_

src/libtls/tls_crypto.c

@@ -15,7 +15,7 @@
 
 #include "tls_crypto.h"
 
-#include <daemon.h>
+#include <debug.h>
 
 typedef struct private_tls_crypto_t private_tls_crypto_t;
 

src/libtls/tls_crypto.h

@@ -15,7 +15,7 @@
 
 /**
  * @defgroup tls_crypto tls_crypto
- * @{ @ingroup tls
+ * @{ @ingroup libtls
  */
 
 #ifndef TLS_CRYPTO_H_

src/libtls/tls_fragmentation.c

@@ -17,7 +17,7 @@
 
 #include "tls_reader.h"
 
-#include <daemon.h>
+#include <debug.h>
 
 typedef struct private_tls_fragmentation_t private_tls_fragmentation_t;
 

src/libtls/tls_fragmentation.h

@@ -15,7 +15,7 @@
 
 /**
  * @defgroup tls_fragmentation tls_fragmentation
- * @{ @ingroup tls
+ * @{ @ingroup libtls
  */
 
 #ifndef TLS_FRAGMENTATION_H_

src/libtls/tls_handshake.h

@@ -1,6 +1,6 @@
 /*
  * Copyright (C) 2010 Martin Willi
- * Hochschule fuer Technik Rapperswil
+ * Copyright (C) 2010 revosec AG
  *
  * This program is free software; you can redistribute it and/or modify it
  * under the terms of the GNU General Public License as published by the
@@ -15,7 +15,7 @@
 
 /**
  * @defgroup tls_handshake tls_handshake
- * @{ @ingroup tls
+ * @{ @ingroup libtls
  */
 
 #ifndef TLS_HANDSHAKE_H_

src/libtls/tls_peer.c

@@ -15,7 +15,7 @@
 
 #include "tls_peer.h"
 
-#include <daemon.h>
+#include <debug.h>
 
 #include <time.h>
 

src/libtls/tls_peer.h

@@ -15,7 +15,7 @@
 
 /**
  * @defgroup tls_peer tls_peer
- * @{ @ingroup tls
+ * @{ @ingroup libtls
  */
 
 #ifndef TLS_PEER_H_

src/libtls/tls_prf.h

@@ -15,7 +15,7 @@
 
 /**
  * @defgroup tls_prf tls_prf
- * @{ @ingroup tls
+ * @{ @ingroup libtls
  */
 
 #ifndef TLS_PRF_H_

src/libtls/tls_protection.c

@@ -15,7 +15,7 @@
 
 #include "tls_protection.h"
 
-#include <daemon.h>
+#include <debug.h>
 
 typedef struct private_tls_protection_t private_tls_protection_t;
 

src/libtls/tls_protection.h

@@ -15,7 +15,7 @@
 
 /**
  * @defgroup tls_protection tls_protection
- * @{ @ingroup tls
+ * @{ @ingroup libtls
  */
 
 #ifndef TLS_PROTECTION_H_

src/libtls/tls_reader.c

@@ -1,6 +1,6 @@
 /*
  * Copyright (C) 2010 Martin Willi
- * Hochschule fuer Technik Rapperswil
+ * Copyright (C) 2010 revosec AG
  *
  * This program is free software; you can redistribute it and/or modify it
  * under the terms of the GNU General Public License as published by the
@@ -15,7 +15,7 @@
 
 #include "tls_reader.h"
 
-#include <daemon.h>
+#include <debug.h>
 
 typedef struct private_tls_reader_t private_tls_reader_t;
 

src/libtls/tls_reader.h

@@ -1,6 +1,6 @@
 /*
  * Copyright (C) 2010 Martin Willi
- * Hochschule fuer Technik Rapperswil
+ * Copyright (C) 2010 revosec AG
  *
  * This program is free software; you can redistribute it and/or modify it
  * under the terms of the GNU General Public License as published by the
@@ -15,7 +15,7 @@
 
 /**
  * @defgroup tls_reader tls_reader
- * @{ @ingroup tls
+ * @{ @ingroup libtls
  */
 
 #ifndef TLS_READER_H_

src/libtls/tls_server.c

@@ -17,7 +17,7 @@
 
 #include <time.h>
 
-#include <daemon.h>
+#include <debug.h>
 
 typedef struct private_tls_server_t private_tls_server_t;
 

src/libtls/tls_server.h

@@ -15,7 +15,7 @@
 
 /**
  * @defgroup tls_server tls_server
- * @{ @ingroup tls
+ * @{ @ingroup libtls
  */
 
 #ifndef TLS_SERVER_H_

src/libtls/tls_writer.c

@@ -1,6 +1,6 @@
 /*
  * Copyright (C) 2010 Martin Willi
- * Hochschule fuer Technik Rapperswil
+ * Copyright (C) 2010 revosec AG
  *
  * This program is free software; you can redistribute it and/or modify it
  * under the terms of the GNU General Public License as published by the

src/libtls/tls_writer.h

@@ -1,6 +1,6 @@
 /*
  * Copyright (C) 2010 Martin Willi
- * Hochschule fuer Technik Rapperswil
+ * Copyright (C) 2010 revosec AG
  *
  * This program is free software; you can redistribute it and/or modify it
  * under the terms of the GNU General Public License as published by the
@@ -15,7 +15,7 @@
 
 /**
  * @defgroup tls_writer tls_writer
- * @{ @ingroup tls
+ * @{ @ingroup libtls
  */
 
 #ifndef TLS_WRITER_H_