moved from libgcrypt to gnutls and from openssl crypto to openssl

author: Christian Pointner <equinox@anylike.org> 2009-12-28 08:47:50 +0000
committer: Christian Pointner <equinox@anylike.org> 2009-12-28 08:47:50 +0000
commit: bed4a9db37f98cf26445e5a3579fde498ca5ac52 (patch)
tree: 23e03c54bff5f08fb1c638bc2224ea92e111cd52
parent: improved error handling (diff)
3 files changed, 42 insertions, 38 deletions
diff --git a/README b/README
index ebf7e2d..6ab88ab 100644
--- a/README
+++ b/README
@@ -1,7 +1,7 @@
 Dependencies
 ============
 
-anylike can be built using either libgcrypt or the openssl-crypto library. 
+anylike can be built using either gnutls or the openssl library. 
 The latter is more performant in most cases but there are some license 
 issues when using this library. It also needs more space when installed.
 
@@ -14,10 +14,10 @@ common:
  liblua5.1-0-dev
  liblua5.1-socket-dev
 
-using libgcrypt:
- libgcrypt11-dev
+using gnutls:
+ libgnutls-dev
 
-using ssl crypto library:
+using openssl:
  libssl-dev
 
 if you want to rebuild the manpage:
@@ -38,13 +38,13 @@ cd anylike
 Building from source
 --------------------
 
-using libgcrypt:
+using gnutls:
 
 # cd src
 # ./configure
 # make
 
-using ssl crypto library:
+using openssl:
 
 # cd src
 # ./configure --use-ssl-crypto
diff --git a/src/anylike.c b/src/anylike.c
index a4cb272..3d96b2d 100644
--- a/src/anylike.c
+++ b/src/anylike.c
@@ -39,41 +39,42 @@
 #include "l_crypt.h"
 #include "l_sig_handler.h"
 
-#ifndef USE_SSL_CRYPTO
-#include <gcrypt.h>
+#ifndef USE_OPENSSL
+#include <gnutls/gnutls.h>
 #endif
 
 #include "daemon.h"
 
-#ifndef USE_SSL_CRYPTO
+#ifndef USE_OPENSSL
 
-#define MIN_GCRYPT_VERSION "1.2.0"
+#define MIN_GNUTLS_VERSION "2.8.3"
 
-int init_libgcrypt()
+int init_gnutls()
 {
-  if(!gcry_check_version(MIN_GCRYPT_VERSION)) {
-    log_printf(NOTICE, "invalid Version of libgcrypt, should be >= %s", MIN_GCRYPT_VERSION);
+  int ret = gnutls_global_init();
+  if(ret != GNUTLS_E_SUCCESS) {
+    log_printf(ERROR, "gnutls_global_init() returned with error 0x%04X", ret);
     return -1;
   }
 
-  gcry_error_t err = gcry_control(GCRYCTL_DISABLE_SECMEM, 0);
-
-  if(err) {
-    log_printf(ERROR, "failed to disable secure memory: %s", gcry_strerror(err));
-    return -1;
-  }
-
-  err = gcry_control(GCRYCTL_INITIALIZATION_FINISHED);
-  if(err) {
-    log_printf(ERROR, "failed to finish libgcrypt initialization: %s", gcry_strerror(err));
+  if(!gnutls_check_version(MIN_GNUTLS_VERSION)) {
+    log_printf(NOTICE, "invalid Version of gnutls, should be >= %s but is %s", MIN_GNUTLS_VERSION, gnutls_check_version(NULL));
+    gnutls_global_deinit();
     return -1;
   }
 
-  log_printf(NOTICE, "libgcrypt init finished");
+  log_printf(NOTICE, "gnutls init finished");
   return 0;
 }
 #endif
 
+void cleanup_crypt()
+{
+#ifndef USE_OPENSSL
+  gnutls_global_deinit();
+#endif
+}
+
 #include "anylike_lua_bytecode.h"
 
 #define LUA_MAIN_LOOP_FUNC "main_loop"
@@ -234,10 +235,10 @@ int main(int argc, char* argv[])
       exit(-1);
     }
 
-#ifndef USE_SSL_CRYPTO
-  ret = init_libgcrypt();
+#ifndef USE_OPENSSL
+  ret = init_gnutls();
   if(ret) {
-    log_printf(ERROR, "error on libgcrpyt initialization, exitting");
+    log_printf(ERROR, "error on gnutls initialization, exitting");
     options_clear(&opt);
     log_close();
     exit(ret);
@@ -254,12 +255,14 @@ int main(int argc, char* argv[])
 
   if(opt.chroot_dir_)
     if(do_chroot(opt.chroot_dir_)) {
+      cleanup_crypt();
       options_clear(&opt);
       log_close();
       exit(-1);
     }
   if(opt.username_)
     if(priv_drop(&priv)) {
+      cleanup_crypt();
       options_clear(&opt);
       log_close();
       exit(-1);
@@ -279,6 +282,7 @@ int main(int argc, char* argv[])
 
   ret = main_loop(&opt);
 
+  cleanup_crypt();
   options_clear(&opt);
 
   if(!ret)
diff --git a/src/configure b/src/configure
index ab40134..f15d502 100755
--- a/src/configure
+++ b/src/configure
@@ -29,7 +29,7 @@ EBUILD_COMPAT=0
 CFLAGS='-g -O2'
 LDFLAGS='-g -Wall -O2 -ldl -lm'
 
-CRYPTO_LIB='gcrypt'
+CRYPTO_LIB='gnutls'
 LUA_DIR=''
 LUA=''
 LUAC=''
@@ -52,7 +52,7 @@ print_usage() {
   echo "          --no-manpage              dont't install manpage"
   echo "          --examplesdir=<DIR>       the path to the examples files (default: $PREFIX/share/examples)"
   echo "          --no-examples             dont't install example files"
-  echo "          --use-ssl-crypto          use ssl crypto library instead of libgcrypt"
+  echo "          --use-openssl             use openssl instead of gnutls"
   echo "          --with-lua=<DIR>          use this lua tree instead of system default"
 }
 
@@ -83,8 +83,8 @@ do
   --no-examples)
     INSTALLEXAMPLES=0
   ;;
-  --use-ssl-crypto)
-    CRYPTO_LIB='ssl'
+  --use-openssl)
+    CRYPTO_LIB='openssl'
   ;;
   --with-lua=*)
     LUA_DIR=${arg#--with-lua=}
@@ -128,14 +128,14 @@ esac
 
 
 case $CRYPTO_LIB in
-  gcrypt)
-    LDFLAGS=$LDFLAGS' -lgcrypt'
-    echo "using libgcrypt library"
+  gnutls)
+    LDFLAGS=$LDFLAGS' -lgnutls'
+    echo "using gnutls"
   ;;
-  ssl)
-    CFLAGS=$CFLAGS' -DUSE_SSL_CRYPTO'
-    LDFLAGS=$LDFLAGS' -lcrypto'
-    echo "using ssl crypto library"
+  openssl)
+    CFLAGS=$CFLAGS' -DUSE_OPENSSL'
+    LDFLAGS=$LDFLAGS' -lssl'
+    echo "using openssl"
   ;;
 esac
author	Christian Pointner <equinox@anylike.org>	2009-12-28 08:47:50 +0000
committer	Christian Pointner <equinox@anylike.org>	2009-12-28 08:47:50 +0000
commit	bed4a9db37f98cf26445e5a3579fde498ca5ac52 (patch)
tree	23e03c54bff5f08fb1c638bc2224ea92e111cd52
parent	improved error handling (diff)