1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
|
/*
* anytun
*
* The secure anycast tunneling protocol (satp) defines a protocol used
* for communication between any combination of unicast and anycast
* tunnel endpoints. It has less protocol overhead than IPSec in Tunnel
* mode and allows tunneling of every ETHER TYPE protocol (e.g.
* ethernet, ip, arp ...). satp directly includes cryptography and
* message authentication based on the methodes used by SRTP. It is
* intended to deliver a generic, scaleable and secure solution for
* tunneling and relaying of packets of any protocol.
*
*
* Copyright (C) 2007-2009 Othmar Gsenger, Erwin Nindl,
* Christian Pointner <satp@wirdorange.org>
*
* This file is part of Anytun.
*
* Anytun is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* any later version.
*
* Anytun is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with anytun. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef ANYTUN_cryptinit_hpp_INCLUDED
#define ANYTUN_cryptinit_hpp_INCLUDED
#ifndef NO_CRYPT
#ifndef USE_SSL_CRYPTO
#include <gcrypt.h>
// boost thread callbacks for libgcrypt
static int boost_mutex_init(void** priv)
{
boost::mutex* lock = new boost::mutex();
if(!lock) {
return ENOMEM;
}
*priv = lock;
return 0;
}
static int boost_mutex_destroy(void** lock)
{
delete reinterpret_cast<boost::mutex*>(*lock);
return 0;
}
static int boost_mutex_lock(void** lock)
{
reinterpret_cast<boost::mutex*>(*lock)->lock();
return 0;
}
static int boost_mutex_unlock(void** lock)
{
reinterpret_cast<boost::mutex*>(*lock)->unlock();
return 0;
}
static struct gcry_thread_cbs gcry_threads_boost = {
GCRY_THREAD_OPTION_USER, NULL,
boost_mutex_init, boost_mutex_destroy,
boost_mutex_lock, boost_mutex_unlock
};
#define MIN_GCRYPT_VERSION "1.2.0"
bool initLibGCrypt()
{
// make libgcrypt thread safe
// this must be called before any other libgcrypt call
gcry_control(GCRYCTL_SET_THREAD_CBS, &gcry_threads_boost);
// this must be called right after the GCRYCTL_SET_THREAD_CBS command
// no other function must be called till now
if(!gcry_check_version(MIN_GCRYPT_VERSION)) {
std::cout << "initLibGCrypt: Invalid Version of libgcrypt, should be >= " << MIN_GCRYPT_VERSION << std::endl;
return false;
}
gcry_error_t err = gcry_control(GCRYCTL_DISABLE_SECMEM, 0);
if(err) {
std::cout << "initLibGCrypt: Failed to disable secure memory: " << AnytunGpgError(err) << std::endl;
return false;
}
// Tell Libgcrypt that initialization has completed.
err = gcry_control(GCRYCTL_INITIALIZATION_FINISHED);
if(err) {
std::cout << "initLibGCrypt: Failed to finish initialization: " << AnytunGpgError(err) << std::endl;
return false;
}
cLog.msg(Log::PRIO_NOTICE) << "initLibGCrypt: libgcrypt init finished";
return true;
}
#endif
#endif
bool initCrypto()
{
#ifndef NO_CRYPT
#ifndef USE_SSL_CRYPTO
return initLibGCrypt();
#else
return true;
#endif
#else
return true;
#endif
}
#endif
|
