diff options
author | Christian Pointner <equinox@anylike.org> | 2009-12-28 08:47:50 +0000 |
---|---|---|
committer | Christian Pointner <equinox@anylike.org> | 2009-12-28 08:47:50 +0000 |
commit | bed4a9db37f98cf26445e5a3579fde498ca5ac52 (patch) | |
tree | 23e03c54bff5f08fb1c638bc2224ea92e111cd52 | |
parent | improved error handling (diff) |
moved from libgcrypt to gnutls and from openssl crypto to openssl
-rw-r--r-- | README | 12 | ||||
-rw-r--r-- | src/anylike.c | 46 | ||||
-rwxr-xr-x | src/configure | 22 |
3 files changed, 42 insertions, 38 deletions
@@ -1,7 +1,7 @@ Dependencies ============ -anylike can be built using either libgcrypt or the openssl-crypto library. +anylike can be built using either gnutls or the openssl library. The latter is more performant in most cases but there are some license issues when using this library. It also needs more space when installed. @@ -14,10 +14,10 @@ common: liblua5.1-0-dev liblua5.1-socket-dev -using libgcrypt: - libgcrypt11-dev +using gnutls: + libgnutls-dev -using ssl crypto library: +using openssl: libssl-dev if you want to rebuild the manpage: @@ -38,13 +38,13 @@ cd anylike Building from source -------------------- -using libgcrypt: +using gnutls: # cd src # ./configure # make -using ssl crypto library: +using openssl: # cd src # ./configure --use-ssl-crypto diff --git a/src/anylike.c b/src/anylike.c index a4cb272..3d96b2d 100644 --- a/src/anylike.c +++ b/src/anylike.c @@ -39,41 +39,42 @@ #include "l_crypt.h" #include "l_sig_handler.h" -#ifndef USE_SSL_CRYPTO -#include <gcrypt.h> +#ifndef USE_OPENSSL +#include <gnutls/gnutls.h> #endif #include "daemon.h" -#ifndef USE_SSL_CRYPTO +#ifndef USE_OPENSSL -#define MIN_GCRYPT_VERSION "1.2.0" +#define MIN_GNUTLS_VERSION "2.8.3" -int init_libgcrypt() +int init_gnutls() { - if(!gcry_check_version(MIN_GCRYPT_VERSION)) { - log_printf(NOTICE, "invalid Version of libgcrypt, should be >= %s", MIN_GCRYPT_VERSION); + int ret = gnutls_global_init(); + if(ret != GNUTLS_E_SUCCESS) { + log_printf(ERROR, "gnutls_global_init() returned with error 0x%04X", ret); return -1; } - gcry_error_t err = gcry_control(GCRYCTL_DISABLE_SECMEM, 0); - - if(err) { - log_printf(ERROR, "failed to disable secure memory: %s", gcry_strerror(err)); - return -1; - } - - err = gcry_control(GCRYCTL_INITIALIZATION_FINISHED); - if(err) { - log_printf(ERROR, "failed to finish libgcrypt initialization: %s", gcry_strerror(err)); + if(!gnutls_check_version(MIN_GNUTLS_VERSION)) { + log_printf(NOTICE, "invalid Version of gnutls, should be >= %s but is %s", MIN_GNUTLS_VERSION, gnutls_check_version(NULL)); + gnutls_global_deinit(); return -1; } - log_printf(NOTICE, "libgcrypt init finished"); + log_printf(NOTICE, "gnutls init finished"); return 0; } #endif +void cleanup_crypt() +{ +#ifndef USE_OPENSSL + gnutls_global_deinit(); +#endif +} + #include "anylike_lua_bytecode.h" #define LUA_MAIN_LOOP_FUNC "main_loop" @@ -234,10 +235,10 @@ int main(int argc, char* argv[]) exit(-1); } -#ifndef USE_SSL_CRYPTO - ret = init_libgcrypt(); +#ifndef USE_OPENSSL + ret = init_gnutls(); if(ret) { - log_printf(ERROR, "error on libgcrpyt initialization, exitting"); + log_printf(ERROR, "error on gnutls initialization, exitting"); options_clear(&opt); log_close(); exit(ret); @@ -254,12 +255,14 @@ int main(int argc, char* argv[]) if(opt.chroot_dir_) if(do_chroot(opt.chroot_dir_)) { + cleanup_crypt(); options_clear(&opt); log_close(); exit(-1); } if(opt.username_) if(priv_drop(&priv)) { + cleanup_crypt(); options_clear(&opt); log_close(); exit(-1); @@ -279,6 +282,7 @@ int main(int argc, char* argv[]) ret = main_loop(&opt); + cleanup_crypt(); options_clear(&opt); if(!ret) diff --git a/src/configure b/src/configure index ab40134..f15d502 100755 --- a/src/configure +++ b/src/configure @@ -29,7 +29,7 @@ EBUILD_COMPAT=0 CFLAGS='-g -O2' LDFLAGS='-g -Wall -O2 -ldl -lm' -CRYPTO_LIB='gcrypt' +CRYPTO_LIB='gnutls' LUA_DIR='' LUA='' LUAC='' @@ -52,7 +52,7 @@ print_usage() { echo " --no-manpage dont't install manpage" echo " --examplesdir=<DIR> the path to the examples files (default: $PREFIX/share/examples)" echo " --no-examples dont't install example files" - echo " --use-ssl-crypto use ssl crypto library instead of libgcrypt" + echo " --use-openssl use openssl instead of gnutls" echo " --with-lua=<DIR> use this lua tree instead of system default" } @@ -83,8 +83,8 @@ do --no-examples) INSTALLEXAMPLES=0 ;; - --use-ssl-crypto) - CRYPTO_LIB='ssl' + --use-openssl) + CRYPTO_LIB='openssl' ;; --with-lua=*) LUA_DIR=${arg#--with-lua=} @@ -128,14 +128,14 @@ esac case $CRYPTO_LIB in - gcrypt) - LDFLAGS=$LDFLAGS' -lgcrypt' - echo "using libgcrypt library" + gnutls) + LDFLAGS=$LDFLAGS' -lgnutls' + echo "using gnutls" ;; - ssl) - CFLAGS=$CFLAGS' -DUSE_SSL_CRYPTO' - LDFLAGS=$LDFLAGS' -lcrypto' - echo "using ssl crypto library" + openssl) + CFLAGS=$CFLAGS' -DUSE_OPENSSL' + LDFLAGS=$LDFLAGS' -lssl' + echo "using openssl" ;; esac |