diff options
| author | Christian Pointner <equinox@anylike.org> | 2009-12-28 08:47:50 +0000 |
|---|---|---|
| committer | Christian Pointner <equinox@anylike.org> | 2009-12-28 08:47:50 +0000 |
| commit | bed4a9db37f98cf26445e5a3579fde498ca5ac52 (patch) | |
| tree | 23e03c54bff5f08fb1c638bc2224ea92e111cd52 /src | |
| parent | improved error handling (diff) | |
moved from libgcrypt to gnutls and from openssl crypto to openssl
Diffstat (limited to 'src')
| -rw-r--r-- | src/anylike.c | 46 | ||||
| -rwxr-xr-x | src/configure | 22 |
2 files changed, 36 insertions, 32 deletions
diff --git a/src/anylike.c b/src/anylike.c index a4cb272..3d96b2d 100644 --- a/src/anylike.c +++ b/src/anylike.c @@ -39,41 +39,42 @@ #include "l_crypt.h" #include "l_sig_handler.h" -#ifndef USE_SSL_CRYPTO -#include <gcrypt.h> +#ifndef USE_OPENSSL +#include <gnutls/gnutls.h> #endif #include "daemon.h" -#ifndef USE_SSL_CRYPTO +#ifndef USE_OPENSSL -#define MIN_GCRYPT_VERSION "1.2.0" +#define MIN_GNUTLS_VERSION "2.8.3" -int init_libgcrypt() +int init_gnutls() { - if(!gcry_check_version(MIN_GCRYPT_VERSION)) { - log_printf(NOTICE, "invalid Version of libgcrypt, should be >= %s", MIN_GCRYPT_VERSION); + int ret = gnutls_global_init(); + if(ret != GNUTLS_E_SUCCESS) { + log_printf(ERROR, "gnutls_global_init() returned with error 0x%04X", ret); return -1; } - gcry_error_t err = gcry_control(GCRYCTL_DISABLE_SECMEM, 0); - - if(err) { - log_printf(ERROR, "failed to disable secure memory: %s", gcry_strerror(err)); - return -1; - } - - err = gcry_control(GCRYCTL_INITIALIZATION_FINISHED); - if(err) { - log_printf(ERROR, "failed to finish libgcrypt initialization: %s", gcry_strerror(err)); + if(!gnutls_check_version(MIN_GNUTLS_VERSION)) { + log_printf(NOTICE, "invalid Version of gnutls, should be >= %s but is %s", MIN_GNUTLS_VERSION, gnutls_check_version(NULL)); + gnutls_global_deinit(); return -1; } - log_printf(NOTICE, "libgcrypt init finished"); + log_printf(NOTICE, "gnutls init finished"); return 0; } #endif +void cleanup_crypt() +{ +#ifndef USE_OPENSSL + gnutls_global_deinit(); +#endif +} + #include "anylike_lua_bytecode.h" #define LUA_MAIN_LOOP_FUNC "main_loop" @@ -234,10 +235,10 @@ int main(int argc, char* argv[]) exit(-1); } -#ifndef USE_SSL_CRYPTO - ret = init_libgcrypt(); +#ifndef USE_OPENSSL + ret = init_gnutls(); if(ret) { - log_printf(ERROR, "error on libgcrpyt initialization, exitting"); + log_printf(ERROR, "error on gnutls initialization, exitting"); options_clear(&opt); log_close(); exit(ret); @@ -254,12 +255,14 @@ int main(int argc, char* argv[]) if(opt.chroot_dir_) if(do_chroot(opt.chroot_dir_)) { + cleanup_crypt(); options_clear(&opt); log_close(); exit(-1); } if(opt.username_) if(priv_drop(&priv)) { + cleanup_crypt(); options_clear(&opt); log_close(); exit(-1); @@ -279,6 +282,7 @@ int main(int argc, char* argv[]) ret = main_loop(&opt); + cleanup_crypt(); options_clear(&opt); if(!ret) diff --git a/src/configure b/src/configure index ab40134..f15d502 100755 --- a/src/configure +++ b/src/configure @@ -29,7 +29,7 @@ EBUILD_COMPAT=0 CFLAGS='-g -O2' LDFLAGS='-g -Wall -O2 -ldl -lm' -CRYPTO_LIB='gcrypt' +CRYPTO_LIB='gnutls' LUA_DIR='' LUA='' LUAC='' @@ -52,7 +52,7 @@ print_usage() { echo " --no-manpage dont't install manpage" echo " --examplesdir=<DIR> the path to the examples files (default: $PREFIX/share/examples)" echo " --no-examples dont't install example files" - echo " --use-ssl-crypto use ssl crypto library instead of libgcrypt" + echo " --use-openssl use openssl instead of gnutls" echo " --with-lua=<DIR> use this lua tree instead of system default" } @@ -83,8 +83,8 @@ do --no-examples) INSTALLEXAMPLES=0 ;; - --use-ssl-crypto) - CRYPTO_LIB='ssl' + --use-openssl) + CRYPTO_LIB='openssl' ;; --with-lua=*) LUA_DIR=${arg#--with-lua=} @@ -128,14 +128,14 @@ esac case $CRYPTO_LIB in - gcrypt) - LDFLAGS=$LDFLAGS' -lgcrypt' - echo "using libgcrypt library" + gnutls) + LDFLAGS=$LDFLAGS' -lgnutls' + echo "using gnutls" ;; - ssl) - CFLAGS=$CFLAGS' -DUSE_SSL_CRYPTO' - LDFLAGS=$LDFLAGS' -lcrypto' - echo "using ssl crypto library" + openssl) + CFLAGS=$CFLAGS' -DUSE_OPENSSL' + LDFLAGS=$LDFLAGS' -lssl' + echo "using openssl" ;; esac |