![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d04c883)
raw | patch | inline | side by side (parent: d04c883)
| author | Florian Forster <octo@leeloo.lan.home.verplant.org> | |
| Thu, 23 Apr 2009 09:10:26 +0000 (11:10 +0200) | ||
| committer | Florian Forster <octo@leeloo.lan.home.verplant.org> | |
| Thu, 23 Apr 2009 09:10:26 +0000 (11:10 +0200) |
On Doug's OpenBSD machine I've seen:
configure: gcrypt CPPFLAGS: -I/usr/local/include -I/usr/local/include
checking gcrypt.h usability... yes
checking gcrypt.h presence... yes
checking for gcrypt.h... yes
configure: gcrypt LDFLAGS: -L/usr/local/lib
checking for gcry_md_hash_buffer in -lgcrypt... no
Because so far the network plugin only used the existence of the header
file to determine whether or not to enable `gcrypt' support, the build
fails. With this patch, the plugin will use a define that's only
available if *all* tests were successful.
configure: gcrypt CPPFLAGS: -I/usr/local/include -I/usr/local/include
checking gcrypt.h usability... yes
checking gcrypt.h presence... yes
checking for gcrypt.h... yes
configure: gcrypt LDFLAGS: -L/usr/local/lib
checking for gcry_md_hash_buffer in -lgcrypt... no
Because so far the network plugin only used the existence of the header
file to determine whether or not to enable `gcrypt' support, the build
fails. With this patch, the plugin will use a define that's only
available if *all* tests were successful.
| configure.in | patch | blob | history | |
| src/network.c | patch | blob | history |
diff --git a/configure.in b/configure.in
index 7c4e417d90719f8097763c7c334b5375f4304903..c585390e16e415069c5fb338bebace0e78b98953 100644 (file)
--- a/configure.in
+++ b/configure.in
CPPFLAGS="$SAVE_CPPFLAGS"
LDFLAGS="$SAVE_LDFLAGS"
+if test "x$with_libgcrypt" = "xyes"
+then
+ AC_DEFINE(HAVE_LIBGCRYPT, 1, [Define to 1 if you have the gcrypt library (-lgcrypt).])
+fi
+
AC_SUBST(GCRYPT_CPPFLAGS)
AC_SUBST(GCRYPT_LDFLAGS)
AC_SUBST(GCRYPT_LIBS)
libcurl . . . . . . . $with_libcurl
libdbi . . . . . . . $with_libdbi
libesmtp . . . . . . $with_libesmtp
+ libgcrypt . . . . . . $with_libgcrypt
libiokit . . . . . . $with_libiokit
libiptc . . . . . . . $with_libiptc
libjvm . . . . . . . $with_java
diff --git a/src/network.c b/src/network.c
index 7023eaa34d5644c633b10419859a077df4625e7a..25db4fee0f7c2bb1d7507b55b175235be1b4e165 100644 (file)
--- a/src/network.c
+++ b/src/network.c
# include <poll.h>
#endif
-#if HAVE_GCRYPT_H
+#if HAVE_LIBGCRYPT
# include <gcrypt.h>
#endif
socklen_t addrlen;
#define SECURITY_LEVEL_NONE 0
-#if HAVE_GCRYPT_H
+#if HAVE_LIBGCRYPT
# define SECURITY_LEVEL_SIGN 1
# define SECURITY_LEVEL_ENCRYPT 2
int security_level;
char *shared_secret;
unsigned char shared_secret_hash[32];
gcry_cipher_hd_t cypher;
-#endif /* HAVE_GCRYPT_H */
+#endif /* HAVE_LIBGCRYPT */
struct sockent *next;
} sockent_t;
return (retval);
} /* int cache_check */
-#if HAVE_GCRYPT_H
+#if HAVE_LIBGCRYPT
static gcry_cipher_hd_t network_get_aes256_cypher (sockent_t *se, /* {{{ */
const void *iv, size_t iv_size)
{
return (se->cypher);
} /* }}} int network_get_aes256_cypher */
-#endif /* HAVE_GCRYPT_H */
+#endif /* HAVE_LIBGCRYPT */
static int write_part_values (char **ret_buffer, int *ret_buffer_len,
const data_set_t *ds, const value_list_t *vl)
buffer_offset += (s); \
} while (0)
-#if HAVE_GCRYPT_H
+#if HAVE_LIBGCRYPT
static int parse_part_sign_sha256 (sockent_t *se, /* {{{ */
void **ret_buffer, size_t *ret_buffer_len, int flags)
{
return (0);
} /* }}} int parse_part_sign_sha256 */
-/* #endif HAVE_GCRYPT_H */
+/* #endif HAVE_LIBGCRYPT */
-#else /* if !HAVE_GCRYPT_H */
+#else /* if !HAVE_LIBGCRYPT */
static int parse_part_sign_sha256 (sockent_t *se, /* {{{ */
void **ret_buffer, size_t *ret_buffer_size, int flags)
{
return (0);
} /* }}} int parse_part_sign_sha256 */
-#endif /* !HAVE_GCRYPT_H */
+#endif /* !HAVE_LIBGCRYPT */
-#if HAVE_GCRYPT_H
+#if HAVE_LIBGCRYPT
static int parse_part_encr_aes256 (sockent_t *se, /* {{{ */
void **ret_buffer, size_t *ret_buffer_len,
int flags)
return (0);
} /* }}} int parse_part_encr_aes256 */
-/* #endif HAVE_GCRYPT_H */
+/* #endif HAVE_LIBGCRYPT */
-#else /* if !HAVE_GCRYPT_H */
+#else /* if !HAVE_LIBGCRYPT */
static int parse_part_encr_aes256 (sockent_t *se, /* {{{ */
void **ret_buffer, size_t *ret_buffer_size, int flags)
{
return (0);
} /* }}} int parse_part_encr_aes256 */
-#endif /* !HAVE_GCRYPT_H */
+#endif /* !HAVE_LIBGCRYPT */
#undef BUFFER_READ
value_list_t vl = VALUE_LIST_INIT;
notification_t n;
-#if HAVE_GCRYPT_H
+#if HAVE_LIBGCRYPT
int packet_was_signed = (flags & PP_SIGNED);
int packet_was_encrypted = (flags & PP_ENCRYPTED);
int printed_ignore_warning = 0;
-#endif /* HAVE_GCRYPT_H */
+#endif /* HAVE_LIBGCRYPT */
memset (&vl, '\0', sizeof (vl));
break;
}
}
-#if HAVE_GCRYPT_H
+#if HAVE_LIBGCRYPT
else if ((se->security_level == SECURITY_LEVEL_ENCRYPT)
&& (packet_was_encrypted == 0))
{
buffer = ((char *) buffer) + pkg_length;
continue;
}
-#endif /* HAVE_GCRYPT_H */
+#endif /* HAVE_LIBGCRYPT */
else if (pkg_type == TYPE_SIGN_SHA256)
{
status = parse_part_sign_sha256 (se,
break;
}
}
-#if HAVE_GCRYPT_H
+#if HAVE_LIBGCRYPT
else if ((se->security_level == SECURITY_LEVEL_SIGN)
&& (packet_was_encrypted == 0)
&& (packet_was_signed == 0))
buffer = ((char *) buffer) + pkg_length;
continue;
}
-#endif /* HAVE_GCRYPT_H */
+#endif /* HAVE_LIBGCRYPT */
else if (pkg_type == TYPE_VALUES)
{
status = parse_part_values (&buffer, &buffer_size,
{
next = se->next;
-#if HAVE_GCRYPT_H
+#if HAVE_LIBGCRYPT
if (se->cypher != NULL)
{
gcry_cipher_close (se->cypher);
se->cypher = NULL;
}
free (se->shared_secret);
-#endif /* HAVE_GCRYPT_H */
+#endif /* HAVE_LIBGCRYPT */
free (se->addr);
free (se);
network_set_ttl (se, ai_ptr);
}
-#if HAVE_GCRYPT_H
+#if HAVE_LIBGCRYPT
se->security_level = security_level;
se->shared_secret = NULL;
se->cypher = NULL;
/* Make compiler happy */
security_level = 0;
shared_secret = NULL;
-#endif /* HAVE_GCRYPT_H */
+#endif /* HAVE_LIBGCRYPT */
if (se_tail == NULL)
{
} /* while (42) */
} /* }}} void networt_send_buffer_plain */
-#if HAVE_GCRYPT_H
+#if HAVE_LIBGCRYPT
static void networt_send_buffer_signed (const sockent_t *se, /* {{{ */
const char *in_buffer, size_t in_buffer_size)
{
networt_send_buffer_plain (se, buffer, buffer_size);
#undef BUFFER_ADD
} /* }}} void networt_send_buffer_encrypted */
-#endif /* HAVE_GCRYPT_H */
+#endif /* HAVE_LIBGCRYPT */
static void network_send_buffer (char *buffer, size_t buffer_len) /* {{{ */
{
for (se = sending_sockets; se != NULL; se = se->next)
{
-#if HAVE_GCRYPT_H
+#if HAVE_LIBGCRYPT
if (se->security_level == SECURITY_LEVEL_ENCRYPT)
networt_send_buffer_encrypted (se, buffer, buffer_len);
else if (se->security_level == SECURITY_LEVEL_SIGN)
networt_send_buffer_signed (se, buffer, buffer_len);
else /* if (se->security_level == SECURITY_LEVEL_NONE) */
-#endif /* HAVE_GCRYPT_H */
+#endif /* HAVE_LIBGCRYPT */
networt_send_buffer_plain (se, buffer, buffer_len);
} /* for (sending_sockets) */
} /* }}} void network_send_buffer */
return (0);
} /* }}} int network_config_set_ttl */
-#if HAVE_GCRYPT_H
+#if HAVE_LIBGCRYPT
static int network_config_set_security_level (oconfig_item_t *ci, /* {{{ */
int *retval)
{
return (0);
} /* }}} int network_config_set_security_level */
-#endif /* HAVE_GCRYPT_H */
+#endif /* HAVE_LIBGCRYPT */
static int network_config_listen_server (const oconfig_item_t *ci) /* {{{ */
{
{
oconfig_item_t *child = ci->children + i;
-#if HAVE_GCRYPT_H
+#if HAVE_LIBGCRYPT
if (strcasecmp ("Secret", child->key) == 0)
{
if ((child->values_num == 1)
else if (strcasecmp ("SecurityLevel", child->key) == 0)
network_config_set_security_level (child, &security_level);
else
-#endif /* HAVE_GCRYPT_H */
+#endif /* HAVE_LIBGCRYPT */
{
WARNING ("network plugin: Option `%s' is not allowed here.",
child->key);