| 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
 | diff -urN isakmpd/GNUmakefile isakmpd.new/GNUmakefile
--- isakmpd/GNUmakefile	2006-09-01 19:29:05.000000000 +0200
+++ isakmpd.new/GNUmakefile	2006-09-01 19:29:28.000000000 +0200
@@ -75,13 +75,14 @@
 		isakmp_fld.c isakmp_fld.h
 MAN=		isakmpd.8 isakmpd.conf.5 isakmpd.policy.5
 
-CFLAGS+=	-O2 ${DEBUG} -Wall -DNEED_SYSDEP_APP \
+CFLAGS+=	${DEBUG} -Wall -DNEED_SYSDEP_APP \
 		-I${.CURDIR} -I${.CURDIR}/sysdep/${OS} -I. \
 
 # Different debugging & profiling suggestions
 
 # Include symbolic debugging info
 DEBUG=		-g
+CFLAGS+=	-g
 
 # Do execution time profiles
 #CFLAGS+=	-pg
@@ -172,6 +173,14 @@
 CFLAGS+=        -DUSE_RAWKEY
 endif
 
+ifdef USE_OPENSSL_MD5
+CFLAGS+=	-DUSE_OPENSSL_MD5
+endif
+
+ifdef USE_OPENSSL_SHA1
+CFLAGS+=	-DUSE_OPENSSL_SHA1
+endif
+
 SRCS+=		${IPSEC_SRCS} ${X509} ${POLICY} ${EC} ${AGGRESSIVE} ${DNSSEC} \
 		$(ISAKMP_CFG)
 CFLAGS+=	${IPSEC_CFLAGS}
diff -urN isakmpd/sysdep/common/libsysdep/GNUmakefile isakmpd.new/sysdep/common/libsysdep/GNUmakefile
--- isakmpd/sysdep/common/libsysdep/GNUmakefile	2003-06-03 16:52:06.000000000 +0200
+++ isakmpd.new/sysdep/common/libsysdep/GNUmakefile	2006-09-01 19:29:28.000000000 +0200
@@ -31,10 +31,18 @@
 .CURDIR:=	$(shell pwd)
 
 LIB=		sysdep
-SRCS=		arc4random.c blowfish.c cast.c md5.c sha1.c strlcat.c strlcpy.c
+SRCS=		arc4random.c blowfish.c cast.c strlcat.c strlcpy.c
 NOMAN=
 CFLAGS+=	-I${.CURDIR}/.. -I/usr/include/machine
 
+ifeq (,$(findstring USE_OPENSSL_MD5,$(CFLAGS)))
+SRCS+=md5.c
+endif
+
+ifeq (,$(findstring USE_OPENSSL_SHA1,$(CFLAGS)))
+SRCS+=sha1.c
+endif
+
 lib${LIB}.a: ${SRCS:%.c=%.o}
 	ar cq $@ ${SRCS:%.c=%.o}
 
diff -urN isakmpd/sysdep/common/libsysdep/md5.c isakmpd.new/sysdep/common/libsysdep/md5.c
--- isakmpd/sysdep/common/libsysdep/md5.c	2002-06-14 23:34:58.000000000 +0200
+++ isakmpd.new/sysdep/common/libsysdep/md5.c	2006-09-01 19:29:28.000000000 +0200
@@ -5,6 +5,8 @@
  * changes to accommodate it in the kernel by ji.
  */
 
+#ifndef USE_OPENSSL_MD5
+
 /* MD5C.C - RSA Data Security, Inc., MD5 message-digest algorithm
  */
 
@@ -390,3 +392,4 @@
 #endif
 #endif
 
+#endif /* USE_OPENSSL_MD5 */
diff -urN isakmpd/sysdep/common/libsysdep/sha1.c isakmpd.new/sysdep/common/libsysdep/sha1.c
--- isakmpd/sysdep/common/libsysdep/sha1.c	2001-01-28 23:38:48.000000000 +0100
+++ isakmpd.new/sysdep/common/libsysdep/sha1.c	2006-09-01 19:29:28.000000000 +0200
@@ -1,5 +1,7 @@
 /*	$OpenBSD: sha1.c,v 1.2 2001/01/28 22:38:48 niklas Exp $	*/
 
+#ifndef USE_OPENSSL_SHA1
+
 /*
 SHA-1 in C
 By Steve Reid <steve@edmweb.com>
@@ -171,3 +173,5 @@
     SHA1Transform(context->state, context->buffer);
 #endif
 }
+
+#endif /* USE_OPENSSL_SHA1 */
diff -urN isakmpd/sysdep/common/md5.h isakmpd.new/sysdep/common/md5.h
--- isakmpd/sysdep/common/md5.h	2001-01-28 23:38:47.000000000 +0100
+++ isakmpd.new/sysdep/common/md5.h	2006-09-01 19:29:28.000000000 +0200
@@ -1,5 +1,15 @@
 /*	$OpenBSD: md5.h,v 1.2 2001/01/28 22:38:47 niklas Exp $	*/
 
+#ifdef USE_OPENSSL_MD5
+
+#include <openssl/md5.h>
+
+#define MD5Init		MD5_Init
+#define	MD5Update	MD5_Update
+#define	MD5Final	MD5_Final
+
+#else	/* USE_OPENSSL_MD5 */
+
 /* GLOBAL.H - RSAREF types and constants
  */
 
@@ -71,3 +81,5 @@
 void MD5Final PROTO_LIST ((unsigned char [16], MD5_CTX *));
 
 #define _MD5_H_
+
+#endif	/* USE_OPENSSL_MD5 */
diff -urN isakmpd/sysdep/common/sha1.h isakmpd.new/sysdep/common/sha1.h
--- isakmpd/sysdep/common/sha1.h	2001-01-28 23:38:47.000000000 +0100
+++ isakmpd.new/sysdep/common/sha1.h	2006-09-01 19:29:28.000000000 +0200
@@ -1,5 +1,16 @@
 /*	$OpenBSD: sha1.h,v 1.2 2001/01/28 22:38:47 niklas Exp $	*/
 
+#ifdef USE_OPENSSL_SHA1
+
+#include <openssl/sha.h>
+
+typedef SHA_CTX SHA1_CTX;
+#define	SHA1Init	SHA1_Init
+#define	SHA1Update	SHA1_Update
+#define	SHA1Final	SHA1_Final
+
+#else	/* USE_OPENSSL_SHA1 */
+
 /*
 SHA-1 in C
 By Steve Reid <steve@edmweb.com>
@@ -16,3 +27,5 @@
 void SHA1Init(SHA1_CTX* context);
 void SHA1Update(SHA1_CTX* context, unsigned char* data, unsigned int len);
 void SHA1Final(unsigned char digest[20], SHA1_CTX* context);
+
+#endif	/* USE_OPENSSL_SHA1 */
diff -urN isakmpd/sysdep/linux/GNUmakefile.sysdep isakmpd.new/sysdep/linux/GNUmakefile.sysdep
--- isakmpd/sysdep/linux/GNUmakefile.sysdep	2006-09-01 19:29:05.000000000 +0200
+++ isakmpd.new/sysdep/linux/GNUmakefile.sysdep	2006-09-01 19:29:29.000000000 +0200
@@ -48,6 +48,8 @@
 USE_LIBCRYPO=	defined
 HAVE_DLOPEN=	defined
 USE_KEYNOTE=	defined
+USE_OPENSSL_MD5=	defined
+USE_OPENSSL_SHA1=	defined
 
 # hack libsysdep.a dependenc
 ${LIBSYSDEPDIR}/.depend ${LIBSYSDEP}:
 |