Page Menu
Home
ClusterLabs Projects
Search
Configure Global Search
Log In
Files
F4512759
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Flag For Later
Award Token
Size
65 KB
Referenced Files
None
Subscribers
None
View Options
diff --git a/build-aux/knet_valgrind_memcheck.supp b/build-aux/knet_valgrind_memcheck.supp
index bb182dc3..4f424cd9 100644
--- a/build-aux/knet_valgrind_memcheck.supp
+++ b/build-aux/knet_valgrind_memcheck.supp
@@ -1,478 +1,526 @@
{
lzma internal stuff
Memcheck:Cond
fun:lzma_stream_buffer_encode
fun:lzma_easy_buffer_encode
fun:lzma_compress
fun:_parse_recv_from_sock
fun:_handle_send_to_links
fun:_handle_send_to_links_thread
fun:start_thread
fun:clone
}
{
lzma internal stuff
Memcheck:Value8
fun:lzma_stream_header_encode
fun:lzma_stream_buffer_encode
fun:lzma_easy_buffer_encode
fun:lzma_compress
fun:_parse_recv_from_sock
fun:_handle_send_to_links
fun:_handle_send_to_links_thread
fun:start_thread
fun:clone
}
{
lzma internal stuff
Memcheck:Cond
fun:lzma_crc32
fun:lzma_stream_header_encode
fun:lzma_stream_buffer_encode
fun:lzma_easy_buffer_encode
fun:lzma_compress
fun:_parse_recv_from_sock
fun:_handle_send_to_links
fun:_handle_send_to_links_thread
fun:start_thread
fun:clone
}
{
lzma internal stuff
Memcheck:Value8
fun:lzma_crc32
fun:lzma_stream_header_encode
fun:lzma_stream_buffer_encode
fun:lzma_easy_buffer_encode
fun:lzma_compress
fun:_parse_recv_from_sock
fun:_handle_send_to_links
fun:_handle_send_to_links_thread
fun:start_thread
fun:clone
}
{
lzma internal stuff
Memcheck:Cond
obj:/usr/lib64/liblzma.so.5.2.2
fun:lzma_block_buffer_encode
fun:lzma_stream_buffer_encode
fun:lzma_easy_buffer_encode
fun:lzma_compress
fun:_parse_recv_from_sock
fun:_handle_send_to_links
fun:_handle_send_to_links_thread
fun:start_thread
fun:clone
}
{
lzma internal stuff
Memcheck:Value8
fun:lzma_block_header_encode
obj:/usr/lib64/liblzma.so.5.2.2
fun:lzma_block_buffer_encode
fun:lzma_stream_buffer_encode
fun:lzma_easy_buffer_encode
fun:lzma_compress
fun:_parse_recv_from_sock
fun:_handle_send_to_links
fun:_handle_send_to_links_thread
fun:start_thread
fun:clone
}
{
lzma internal stuff
Memcheck:Cond
obj:/usr/lib64/liblzma.so.5.2.2
obj:/usr/lib64/liblzma.so.5.2.2
fun:lzma_block_buffer_encode
fun:lzma_stream_buffer_encode
fun:lzma_easy_buffer_encode
fun:lzma_compress
fun:_parse_recv_from_sock
fun:_handle_send_to_links
fun:_handle_send_to_links_thread
fun:start_thread
fun:clone
}
{
lzma internal stuff
Memcheck:Cond
obj:/usr/lib64/liblzma.so.5.2.2
obj:/usr/lib64/liblzma.so.5.2.2
obj:/usr/lib64/liblzma.so.5.2.2
fun:lzma_block_buffer_encode
fun:lzma_stream_buffer_encode
fun:lzma_easy_buffer_encode
fun:lzma_compress
fun:_parse_recv_from_sock
fun:_handle_send_to_links
fun:_handle_send_to_links_thread
fun:start_thread
fun:clone
}
{
lzma internal stuff
Memcheck:Value8
obj:/usr/lib64/liblzma.so.5.2.2
obj:/usr/lib64/liblzma.so.5.2.2
obj:/usr/lib64/liblzma.so.5.2.2
fun:lzma_block_buffer_encode
fun:lzma_stream_buffer_encode
fun:lzma_easy_buffer_encode
fun:lzma_compress
fun:_parse_recv_from_sock
fun:_handle_send_to_links
fun:_handle_send_to_links_thread
fun:start_thread
fun:clone
}
{
lzma internal stuff
Memcheck:Cond
fun:is_overlap
fun:memcpy@@GLIBC_2.14
obj:/usr/lib64/liblzma.so.5.2.2
obj:/usr/lib64/liblzma.so.5.2.2
obj:/usr/lib64/liblzma.so.5.2.2
obj:/usr/lib64/liblzma.so.5.2.2
fun:lzma_block_buffer_encode
fun:lzma_stream_buffer_encode
fun:lzma_easy_buffer_encode
fun:lzma_compress
fun:_parse_recv_from_sock
fun:_handle_send_to_links
fun:_handle_send_to_links_thread
fun:start_thread
}
{
lzma internal stuff
Memcheck:Cond
fun:memcpy@@GLIBC_2.14
obj:/usr/lib64/liblzma.so.5.2.2
obj:/usr/lib64/liblzma.so.5.2.2
obj:/usr/lib64/liblzma.so.5.2.2
obj:/usr/lib64/liblzma.so.5.2.2
fun:lzma_block_buffer_encode
fun:lzma_stream_buffer_encode
fun:lzma_easy_buffer_encode
fun:lzma_compress
fun:_parse_recv_from_sock
fun:_handle_send_to_links
fun:_handle_send_to_links_thread
fun:start_thread
}
{
lzma internal stuff
Memcheck:Value8
fun:memcpy@@GLIBC_2.14
obj:/usr/lib64/liblzma.so.5.2.2
obj:/usr/lib64/liblzma.so.5.2.2
obj:/usr/lib64/liblzma.so.5.2.2
obj:/usr/lib64/liblzma.so.5.2.2
fun:lzma_block_buffer_encode
fun:lzma_stream_buffer_encode
fun:lzma_easy_buffer_encode
fun:lzma_compress
fun:_parse_recv_from_sock
fun:_handle_send_to_links
fun:_handle_send_to_links_thread
fun:start_thread
}
{
lzma internal stuff
Memcheck:Value8
fun:lzma_vli_encode
fun:lzma_filter_flags_encode
fun:lzma_block_header_encode
obj:/usr/lib64/liblzma.so.5.2.2
fun:lzma_block_buffer_encode
fun:lzma_stream_buffer_encode
fun:lzma_easy_buffer_encode
fun:lzma_compress
fun:_parse_recv_from_sock
fun:_handle_send_to_links
fun:_handle_send_to_links_thread
fun:start_thread
fun:clone
}
{
lzma internal stuff
Memcheck:Value8
obj:/usr/lib64/liblzma.so.5.2.2
fun:lzma_filter_flags_encode
fun:lzma_block_header_encode
obj:/usr/lib64/liblzma.so.5.2.2
fun:lzma_block_buffer_encode
fun:lzma_stream_buffer_encode
fun:lzma_easy_buffer_encode
fun:lzma_compress
fun:_parse_recv_from_sock
fun:_handle_send_to_links
fun:_handle_send_to_links_thread
fun:start_thread
fun:clone
}
{
lzma internal stuff
Memcheck:Cond
fun:memset
fun:lzma_block_header_encode
obj:/usr/lib64/liblzma.so.5.2.2
fun:lzma_block_buffer_encode
fun:lzma_stream_buffer_encode
fun:lzma_easy_buffer_encode
fun:lzma_compress
fun:_parse_recv_from_sock
fun:_handle_send_to_links
fun:_handle_send_to_links_thread
fun:start_thread
fun:clone
}
{
lzma internal stuff
Memcheck:Value8
fun:memset
fun:lzma_block_header_encode
obj:/usr/lib64/liblzma.so.5.2.2
fun:lzma_block_buffer_encode
fun:lzma_stream_buffer_encode
fun:lzma_easy_buffer_encode
fun:lzma_compress
fun:_parse_recv_from_sock
fun:_handle_send_to_links
fun:_handle_send_to_links_thread
fun:start_thread
fun:clone
}
{
lzma internal stuff
Memcheck:Cond
fun:lzma_block_unpadded_size
fun:lzma_stream_buffer_encode
fun:lzma_easy_buffer_encode
fun:lzma_compress
fun:_parse_recv_from_sock
fun:_handle_send_to_links
fun:_handle_send_to_links_thread
fun:start_thread
fun:clone
}
{
lzma internal stuff
Memcheck:Cond
fun:lzma_index_append
fun:lzma_stream_buffer_encode
fun:lzma_easy_buffer_encode
fun:lzma_compress
fun:_parse_recv_from_sock
fun:_handle_send_to_links
fun:_handle_send_to_links_thread
fun:start_thread
fun:clone
}
{
lzma internal stuff
Memcheck:Cond
fun:lzma_vli_size
fun:lzma_index_append
fun:lzma_stream_buffer_encode
fun:lzma_easy_buffer_encode
fun:lzma_compress
fun:_parse_recv_from_sock
fun:_handle_send_to_links
fun:_handle_send_to_links_thread
fun:start_thread
fun:clone
}
{
lzma internal stuff
Memcheck:Cond
fun:lzma_index_buffer_encode
fun:lzma_stream_buffer_encode
fun:lzma_easy_buffer_encode
fun:lzma_compress
fun:_parse_recv_from_sock
fun:_handle_send_to_links
fun:_handle_send_to_links_thread
fun:start_thread
fun:clone
}
{
lzma internal stuff
Memcheck:Cond
obj:/usr/lib64/liblzma.so.5.2.2
fun:lzma_index_buffer_encode
fun:lzma_stream_buffer_encode
fun:lzma_easy_buffer_encode
fun:lzma_compress
fun:_parse_recv_from_sock
fun:_handle_send_to_links
fun:_handle_send_to_links_thread
fun:start_thread
fun:clone
}
{
lzma internal stuff
Memcheck:Value8
obj:/usr/lib64/liblzma.so.5.2.2
fun:lzma_index_buffer_encode
fun:lzma_stream_buffer_encode
fun:lzma_easy_buffer_encode
fun:lzma_compress
fun:_parse_recv_from_sock
fun:_handle_send_to_links
fun:_handle_send_to_links_thread
fun:start_thread
fun:clone
}
{
lzma internal stuff
Memcheck:Cond
fun:lzma_vli_encode
obj:/usr/lib64/liblzma.so.5.2.2
fun:lzma_index_buffer_encode
fun:lzma_stream_buffer_encode
fun:lzma_easy_buffer_encode
fun:lzma_compress
fun:_parse_recv_from_sock
fun:_handle_send_to_links
fun:_handle_send_to_links_thread
fun:start_thread
fun:clone
}
{
lzma internal stuff
Memcheck:Value8
fun:lzma_vli_encode
obj:/usr/lib64/liblzma.so.5.2.2
fun:lzma_index_buffer_encode
fun:lzma_stream_buffer_encode
fun:lzma_easy_buffer_encode
fun:lzma_compress
fun:_parse_recv_from_sock
fun:_handle_send_to_links
fun:_handle_send_to_links_thread
fun:start_thread
fun:clone
}
{
lzma internal stuff
Memcheck:Cond
fun:lzma_crc32
obj:/usr/lib64/liblzma.so.5.2.2
fun:lzma_index_buffer_encode
fun:lzma_stream_buffer_encode
fun:lzma_easy_buffer_encode
fun:lzma_compress
fun:_parse_recv_from_sock
fun:_handle_send_to_links
fun:_handle_send_to_links_thread
fun:start_thread
fun:clone
}
{
lzma internal stuff
Memcheck:Value8
fun:lzma_crc32
obj:/usr/lib64/liblzma.so.5.2.2
fun:lzma_index_buffer_encode
fun:lzma_stream_buffer_encode
fun:lzma_easy_buffer_encode
fun:lzma_compress
fun:_parse_recv_from_sock
fun:_handle_send_to_links
fun:_handle_send_to_links_thread
fun:start_thread
fun:clone
}
{
lzma internal stuff
Memcheck:Value8
fun:lzma_stream_footer_encode
fun:lzma_stream_buffer_encode
fun:lzma_easy_buffer_encode
fun:lzma_compress
fun:_parse_recv_from_sock
fun:_handle_send_to_links
fun:_handle_send_to_links_thread
fun:start_thread
fun:clone
}
{
lzma internal stuff
Memcheck:Value8
fun:lzma_crc32
fun:lzma_stream_footer_encode
fun:lzma_stream_buffer_encode
fun:lzma_easy_buffer_encode
fun:lzma_compress
fun:_parse_recv_from_sock
fun:_handle_send_to_links
fun:_handle_send_to_links_thread
fun:start_thread
fun:clone
}
{
lzma internal stuff
Memcheck:Cond
fun:lzma_crc32
fun:lzma_stream_footer_encode
fun:lzma_stream_buffer_encode
fun:lzma_easy_buffer_encode
fun:lzma_compress
fun:_parse_recv_from_sock
fun:_handle_send_to_links
fun:_handle_send_to_links_thread
fun:start_thread
fun:clone
}
{
lzma internal stuff
Memcheck:Cond
obj:/usr/lib64/liblzma.so.5.2.2
obj:/usr/lib64/liblzma.so.5.2.2
obj:/usr/lib64/liblzma.so.5.2.2
obj:/usr/lib64/liblzma.so.5.2.2
fun:lzma_block_buffer_encode
fun:lzma_stream_buffer_encode
fun:lzma_easy_buffer_encode
fun:lzma_compress
fun:_parse_recv_from_sock
fun:_handle_send_to_links
fun:_handle_send_to_links_thread
fun:start_thread
}
{
lzma internal stuff (Debian Unstable)
Memcheck:Cond
obj:/lib/x86_64-linux-gnu/liblzma.so.5.2.2
obj:/lib/x86_64-linux-gnu/liblzma.so.5.2.2
obj:/lib/x86_64-linux-gnu/liblzma.so.5.2.2
obj:/lib/x86_64-linux-gnu/liblzma.so.5.2.2
fun:lzma_block_buffer_encode
fun:lzma_stream_buffer_encode
fun:lzma_easy_buffer_encode
fun:lzma_compress
fun:_parse_recv_from_sock
fun:_handle_send_to_links
fun:_handle_send_to_links_thread
fun:start_thread
}
{
lzma internal stuff (Ubuntu 17.10 i386)
Memcheck:Cond
obj:/lib/i386-linux-gnu/liblzma.so.5.2.2
obj:/lib/i386-linux-gnu/liblzma.so.5.2.2
obj:/lib/i386-linux-gnu/liblzma.so.5.2.2
obj:/lib/i386-linux-gnu/liblzma.so.5.2.2
obj:/lib/i386-linux-gnu/liblzma.so.5.2.2
obj:/lib/i386-linux-gnu/liblzma.so.5.2.2
fun:lzma_stream_buffer_encode
fun:lzma_easy_buffer_encode
fun:lzma_compress
fun:_parse_recv_from_sock
fun:_handle_send_to_links
fun:_handle_send_to_links_thread
fun:start_thread
}
+{
+ nss internal stuff (FreeBSD 11.1)
+ Memcheck:Addr8
+ obj:/libexec/ld-elf.so.1
+ obj:/libexec/ld-elf.so.1
+ obj:/libexec/ld-elf.so.1
+ obj:/libexec/ld-elf.so.1
+ obj:/libexec/ld-elf.so.1
+ obj:/libexec/ld-elf.so.1
+ fun:PR_LoadLibraryWithFlags
+ obj:/usr/local/lib/nss/libnssutil3.so
+ fun:PORT_LoadLibraryFromOrigin
+ obj:/usr/local/lib/nss/libnss3.so
+ fun:PR_CallOnce
+ obj:/usr/local/lib/nss/libnss3.so
+}
+{
+ nss internal stuff (FreeBSD 11.1)
+ Memcheck:Addr8
+ obj:/libexec/ld-elf.so.1
+ obj:/libexec/ld-elf.so.1
+ obj:/libexec/ld-elf.so.1
+ obj:/libexec/ld-elf.so.1
+ fun:PR_LoadLibraryWithFlags
+ obj:/usr/local/lib/nss/libnssutil3.so
+ fun:PORT_LoadLibraryFromOrigin
+ obj:/usr/local/lib/nss/libnss3.so
+ fun:PR_CallOnce
+ obj:/usr/local/lib/nss/libnss3.so
+ fun:SECMOD_LoadModule
+ obj:/usr/local/lib/nss/libnss3.so
+}
+{
+ nss internal stuff (FreeBSD 11.1)
+ Memcheck:Addr8
+ obj:/libexec/ld-elf.so.1
+ obj:/libexec/ld-elf.so.1
+ obj:/libexec/ld-elf.so.1
+ obj:/libexec/ld-elf.so.1
+ obj:/usr/local/lib/libcrypto.so.10
+ fun:DSO_load
+ fun:DSO_dsobyaddr
+ obj:/usr/local/lib/libcrypto.so.10
+ fun:pthread_once
+ fun:CRYPTO_THREAD_run_once
+ fun:OPENSSL_init_crypto
+ fun:opensslcrypto_load_lib
+}
diff --git a/configure.ac b/configure.ac
index 8465cacf..6af90c8b 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,514 +1,534 @@
#
# Copyright (C) 2010-2017 Red Hat, Inc. All rights reserved.
#
# Authors: Fabio M. Di Nitto <fabbione@kronosnet.org>
# Federico Simoncelli <fsimon@kronosnet.org>
#
# This software licensed under GPL-2.0+, LGPL-2.0+
#
# -*- Autoconf -*-
# Process this file with autoconf to produce a configure script.
#
AC_PREREQ([2.63])
AC_INIT([kronosnet],
m4_esyscmd([build-aux/git-version-gen .tarball-version]),
[devel@lists.kronosnet.org])
AC_USE_SYSTEM_EXTENSIONS
AM_INIT_AUTOMAKE([1.13 dist-bzip2 dist-xz color-tests -Wno-portability subdir-objects])
LT_PREREQ([2.2.6])
LT_INIT
AC_CONFIG_MACRO_DIR([m4])
AC_CONFIG_SRCDIR([kronosnetd/main.c])
AC_CONFIG_HEADERS([config.h])
AC_CANONICAL_HOST
AC_PROG_LIBTOOL
AC_LANG([C])
systemddir=${prefix}/lib/systemd/system
if test "$prefix" = "NONE"; then
prefix="/usr"
if test "$localstatedir" = "\${prefix}/var"; then
localstatedir="/var"
fi
if test "$sysconfdir" = "\${prefix}/etc"; then
sysconfdir="/etc"
fi
if test "$systemddir" = "NONE/lib/systemd/system"; then
systemddir=/lib/systemd/system
fi
if test "$libdir" = "\${exec_prefix}/lib"; then
if test -e /usr/lib64; then
libdir="/usr/lib64"
else
libdir="/usr/lib"
fi
fi
fi
AC_PROG_AWK
AC_PROG_GREP
AC_PROG_SED
AC_PROG_CPP
AC_PROG_CC
AC_PROG_CC_C99
if test "x$ac_cv_prog_cc_c99" = "xno"; then
AC_MSG_ERROR(["C99 support is required"])
fi
AC_PROG_LN_S
AC_PROG_INSTALL
AC_PROG_MAKE_SET
PKG_PROG_PKG_CONFIG
AC_CHECK_PROGS([PUBLICAN], [publican], [:])
AC_CHECK_PROGS([DOXYGEN], [doxygen])
AC_CHECK_PROGS([DOXY2MAN], [doxy2man])
manpageupdates=1
if test "x$DOXYGEN" = "x" || test "x$DOXY2MAN" = "x"; then
manpageupdates=0;
fi
AM_CONDITIONAL([MANPAGEUPDATES], [test $manpageupdates -gt 0])
AC_CHECK_PROGS([VALGRIND_EXEC], [valgrind])
AM_CONDITIONAL([HAS_VALGRIND], [test x$VALGRIND_EXEC != "x"])
AC_ARG_ENABLE([libknet-sctp],
[ --disable-libknet-sctp : disable libknet SCTP support ],,
[ enable_libknet_sctp="yes" ])
AM_CONDITIONAL([BUILDSCTP], [test x$enable_libknet_sctp = xyes])
AC_ARG_ENABLE([crypto-all],
[ --disable-crypto-all : disable libknet all crypto modules support ],,
[ enable_crypto_all="yes" ])
AC_ARG_ENABLE([crypto-nss],
[ --disable-crypto-nss : disable libknet nss support ],,
[ enable_crypto_nss="$enable_crypto_all" ])
AM_CONDITIONAL([BUILDCRYPTONSS], [test x$enable_crypto_nss = xyes])
AC_ARG_ENABLE([crypto-openssl],
[ --disable-crypto-openssl : disable libknet openssl support ],,
[ enable_crypto_openssl="$enable_crypto_all" ])
AM_CONDITIONAL([BUILDCRYPTOOPENSSL], [test x$enable_crypto_openssl = xyes])
AC_ARG_ENABLE([compress-all],
[ --disable-compress-all : disable libknet all compress modules support ],,
[ enable_compress_all="yes" ])
AC_ARG_ENABLE([compress-zlib],
[ --disable-compress-zlib : disable libknet zlib support ],,
[ enable_compress_zlib="$enable_compress_all" ])
AM_CONDITIONAL([BUILDCOMPZLIB], [test x$enable_compress_zlib = xyes])
AC_ARG_ENABLE([compress-lz4],
[ --disable-compress-lz4 : disable libknet lz4 support ],,
[ enable_compress_lz4="$enable_compress_all" ])
AM_CONDITIONAL([BUILDCOMPLZ4], [test x$enable_compress_lz4 = xyes])
AC_ARG_ENABLE([compress-lzo2],
[ --disable-compress-lzo2 : disable libknet lzo2 support ],,
[ enable_compress_lzo2="$enable_compress_all" ])
AM_CONDITIONAL([BUILDCOMPLZO2], [test x$enable_compress_lzo2 = xyes])
AC_ARG_ENABLE([compress-lzma],
[ --disable-compress-lzma : disable libknet lzma support ],,
[ enable_compress_lzma="$enable_compress_all" ])
AM_CONDITIONAL([BUILDCOMPLZMA], [test x$enable_compress_lzma = xyes])
AC_ARG_ENABLE([compress-bzip2],
[ --disable-compress-bzip2 : disable libknet bzip2 support ],,
[ enable_compress_bzip2="$enable_compress_all" ])
AM_CONDITIONAL([BUILDCOMPBZIP2], [test x$enable_compress_bzip2 = xyes])
AC_ARG_ENABLE([poc],
[ --enable-poc : enable building poc code ],,
[ enable_poc="no" ])
AM_CONDITIONAL([BUILD_POC], [test x$enable_poc = xyes])
AC_ARG_ENABLE([kronosnetd],
[ --enable-kronosnetd : Kronosnetd support ],,
[ enable_kronosnetd="no" ])
AM_CONDITIONAL([BUILD_KRONOSNETD], [test x$enable_kronosnetd = xyes])
AC_ARG_ENABLE([runautogen],
[ --enable-runautogen : run autogen.sh ],,
[ enable_runautogen="no" ])
AM_CONDITIONAL([BUILD_RUNAUTOGEN], [test x$enable_runautogen = xyes])
AC_ARG_ENABLE([libtap],
[ --enable-libtap : libtap support ],,
[ enable_libtap="no" ])
if test "x$enable_kronosnetd" = xyes; then
enable_libtap=yes
fi
AM_CONDITIONAL([BUILD_LIBTAP], [test x$enable_libtap = xyes])
## local helper functions
# this function checks if CC support options passed as
# args. Global CFLAGS are ignored during this test.
cc_supports_flag() {
saveCPPFLAGS="$CPPFLAGS"
CPPFLAGS="$@"
if echo $CC | grep -q clang; then
CPPFLAGS="-Werror $CPPFLAGS"
fi
AC_MSG_CHECKING([whether $CC supports "$@"])
AC_PREPROC_IFELSE([AC_LANG_PROGRAM([])],
[RC=0; AC_MSG_RESULT([yes])],
[RC=1; AC_MSG_RESULT([no])])
CPPFLAGS="$saveCPPFLAGS"
return $RC
}
# helper macro to check libs without adding them to LIBS
check_lib_no_libs() {
lib_no_libs_arg1=$1
shift
lib_no_libs_arg2=$1
shift
lib_no_libs_args=$@
AC_CHECK_LIB([$lib_no_libs_arg1],
[$lib_no_libs_arg2],,,
[$lib_no_libs_args])
LIBS=$ac_check_lib_save_LIBS
}
# Checks for C features
AC_C_INLINE
# Checks for libraries.
AC_CHECK_LIB([pthread], [pthread_create], [AC_SUBST([pthread_LIBS], [-lpthread])], [AC_MSG_ERROR([kronosnet requires pthread library])])
AC_CHECK_LIB([m], [ceil], [AC_SUBST([m_LIBS], [-lm])], [AC_MSG_ERROR([kronosnet requires m library])])
AC_CHECK_LIB([rt], [clock_gettime], [AC_SUBST([rt_LIBS], [-lrt])], [AC_MSG_ERROR([kronosnet requires rt library])])
AC_SEARCH_LIBS([dlopen], [dl dld], [dllibs=$ac_res], [AC_MSG_ERROR([kronosnet requires dl library])])
if test "x$dllibs" != "xnone required"; then
AC_SUBST([dl_LIBS], [$dllibs])
fi
+# OS detection
+
+AC_MSG_CHECKING([for os in ${host_os}])
+case "$host_os" in
+ *linux*)
+ AC_DEFINE_UNQUOTED([KNET_LINUX], [1], [Compiling for Linux platform])
+ AC_MSG_RESULT([Linux])
+ ;;
+ *bsd*)
+ AC_DEFINE_UNQUOTED([KNET_BSD], [1], [Compiling for BSD platform])
+ AC_MSG_RESULT([BSD])
+ if test "x$enable_libtap" = xyes; then
+ AC_MSG_ERROR([libtap is not currently supported on BSD platforms])
+ fi
+ ;;
+ *)
+ AC_MSG_ERROR([Unsupported OS? hmmmm])
+ ;;
+esac
+
# crypto libraries checks
if test "x$enable_crypto_nss" = xyes; then
PKG_CHECK_MODULES([nss],[nss])
AC_DEFINE_UNQUOTED([BUILDCRYPTONSS], [1], [Enable nss crypto])
fi
if test "x$enable_crypto_openssl" = xyes; then
PKG_CHECK_MODULES([openssl],[openssl < 1.1],
[AC_DEFINE_UNQUOTED([BUILDCRYPTOOPENSSL10], [1], [openssl 1.0 crypto])],
[PKG_CHECK_MODULES([openssl],[openssl >= 1.1],
[AC_DEFINE_UNQUOTED([BUILDCRYPTOOPENSSL11], [1], [openssl 1.1 crypto])])])
AC_DEFINE_UNQUOTED([BUILDCRYPTOOPENSSL], [1], [Enable openssl crypto])
fi
# compress libraries checks
if test "x$enable_compress_zlib" = xyes; then
PKG_CHECK_MODULES([zlib], [zlib])
AC_DEFINE_UNQUOTED([BUILDCOMPZLIB], [1], [Enable zlib compression])
fi
if test "x$enable_compress_lz4" = xyes; then
PKG_CHECK_MODULES([liblz4], [liblz4])
AC_DEFINE_UNQUOTED([BUILDCOMPLZ4], [1], [Enable lz4 compress])
fi
if test "x$enable_compress_lzo2" = xyes; then
PKG_CHECK_MODULES([lzo2], [lzo2],,
[AC_CHECK_HEADERS([lzo/lzo1x.h],
[AC_CHECK_LIB([lzo2], [lzo1x_decompress_safe],
[AC_SUBST([lzo2_LIBS], [-llzo2])])],
[AC_MSG_ERROR(["missing required lzo/lzo1x.h header"])])])
AC_DEFINE_UNQUOTED([BUILDCOMPLZO2], [1], [Enable lzo2 compress])
fi
if test "x$enable_compress_lzma" = xyes; then
PKG_CHECK_MODULES([liblzma], [liblzma])
AC_DEFINE_UNQUOTED([BUILDCOMPLZMA], [1], [Enable lzma compress])
fi
if test "x$enable_compress_bzip2" = xyes; then
PKG_CHECK_MODULES([bzip2], [bzip2],,
[AC_CHECK_HEADERS([bzlib.h],
[AC_CHECK_LIB([bz2], [BZ2_bzBuffToBuffCompress],
[AC_SUBST([bzip2_LIBS], [-lbz2])])],
[AC_MSG_ERROR(["missing required bzlib.h"])])])
AC_DEFINE_UNQUOTED([BUILDCOMPBZIP2], [1], [Enable bzip2 compress])
fi
# Checks for header files.
AC_CHECK_HEADERS([fcntl.h])
AC_CHECK_HEADERS([stdlib.h])
AC_CHECK_HEADERS([string.h])
AC_CHECK_HEADERS([strings.h])
AC_CHECK_HEADERS([sys/ioctl.h])
AC_CHECK_HEADERS([syslog.h])
AC_CHECK_HEADERS([unistd.h])
AC_CHECK_HEADERS([netinet/in.h])
AC_CHECK_HEADERS([sys/socket.h])
AC_CHECK_HEADERS([arpa/inet.h])
AC_CHECK_HEADERS([netdb.h])
AC_CHECK_HEADERS([limits.h])
AC_CHECK_HEADERS([stdint.h])
AC_CHECK_HEADERS([sys/epoll.h])
if test "x$enable_libknet_sctp" = xyes; then
AC_CHECK_HEADERS([netinet/sctp.h],, [AC_MSG_ERROR(["missing required SCTP headers"])])
fi
# Checks for typedefs, structures, and compiler characteristics.
AC_C_INLINE
AC_TYPE_SIZE_T
AC_TYPE_PID_T
AC_TYPE_SSIZE_T
AC_TYPE_UINT8_T
AC_TYPE_UINT16_T
AC_TYPE_UINT32_T
AC_TYPE_UINT64_T
AC_TYPE_INT32_T
# Checks for library functions.
AC_FUNC_ALLOCA
AC_FUNC_FORK
AC_FUNC_MALLOC
AC_FUNC_REALLOC
AC_CHECK_FUNCS([memset])
AC_CHECK_FUNCS([strdup])
AC_CHECK_FUNCS([strerror])
AC_CHECK_FUNCS([dup2])
AC_CHECK_FUNCS([select])
AC_CHECK_FUNCS([socket])
AC_CHECK_FUNCS([inet_ntoa])
AC_CHECK_FUNCS([memmove])
AC_CHECK_FUNCS([strchr])
AC_CHECK_FUNCS([atexit])
AC_CHECK_FUNCS([ftruncate])
AC_CHECK_FUNCS([strrchr])
AC_CHECK_FUNCS([strstr])
AC_CHECK_FUNCS([clock_gettime])
AC_CHECK_FUNCS([strcasecmp])
AC_CHECK_FUNCS([kevent])
# if neither sys/epoll.h nor kevent are present, we should fail.
if test "x$ac_cv_header_sys_epoll_h" = xno && test "x$ac_cv_func_kevent" = xno; then
AC_MSG_ERROR([Both epoll and kevent unavailable on this OS])
fi
if test "x$ac_cv_header_sys_epoll_h" = xyes && test "x$ac_cv_func_kevent" = xyes; then
AC_MSG_ERROR([Both epoll and kevent available on this OS, please contact the maintainers to fix the code])
fi
# checks (for kronosnetd)
if test "x$enable_kronosnetd" = xyes; then
AC_CHECK_HEADERS([security/pam_appl.h],
[AC_CHECK_LIB([pam], [pam_start])],
[AC_MSG_ERROR([Unable to find LinuxPAM devel files])])
AC_CHECK_HEADERS([security/pam_misc.h],
[AC_CHECK_LIB([pam_misc], [misc_conv])],
[AC_MSG_ERROR([Unable to find LinuxPAM MISC devel files])])
PKG_CHECK_MODULES([libqb], [libqb])
AC_CHECK_LIB([qb], [qb_log_thread_priority_set],
[have_qb_log_thread_priority_set="yes"],
[have_qb_log_thread_priority_set="no"])
if test "x${have_qb_log_thread_priority_set}" = xyes; then
AC_DEFINE_UNQUOTED([HAVE_QB_LOG_THREAD_PRIORITY_SET], [1], [have qb_log_thread_priority_set])
fi
fi
# local options
AC_ARG_ENABLE([debug],
[ --enable-debug enable debug build. ],
[ default="no" ])
AC_ARG_ENABLE([publicandocs],
[ --enable-publicandocs enable docs build. ],
[ default="no" ])
AC_ARG_WITH([initdefaultdir],
[ --with-initdefaultdir : path to /etc/sysconfig/.. or /etc/default dir. ],
[ INITDEFAULTDIR="$withval" ],
[ INITDEFAULTDIR="$sysconfdir/default" ])
AC_ARG_WITH([initddir],
[ --with-initddir=DIR : path to init script directory. ],
[ INITDDIR="$withval" ],
[ INITDDIR="$sysconfdir/init.d" ])
AC_ARG_WITH([systemddir],
[ --with-systemddir=DIR : path to systemd unit files directory. ],
[ SYSTEMDDIR="$withval" ],
[ SYSTEMDDIR="$systemddir" ])
AC_ARG_WITH([syslogfacility],
[ --with-syslogfacility=FACILITY
default syslog facility. ],
[ SYSLOGFACILITY="$withval" ],
[ SYSLOGFACILITY="LOG_DAEMON" ])
AC_ARG_WITH([sysloglevel],
[ --with-sysloglevel=LEVEL
default syslog level. ],
[ SYSLOGLEVEL="$withval" ],
[ SYSLOGLEVEL="LOG_INFO" ])
AC_ARG_WITH([defaultadmgroup],
[ --with-defaultadmgroup=GROUP
define PAM group. Users part of this group will be
allowed to configure kronosnet. Others will only
receive read-only rights. ],
[ DEFAULTADMGROUP="$withval" ],
[ DEFAULTADMGROUP="kronosnetadm" ])
## random vars
LOGDIR=${localstatedir}/log/
RUNDIR=${localstatedir}/run/
DEFAULT_CONFIG_DIR=${sysconfdir}/kronosnet
## do subst
AM_CONDITIONAL([BUILD_DOCS], [test "x${enable_publicandocs}" = xyes])
AM_CONDITIONAL([DEBUG], [test "x${enable_debug}" = xyes])
AC_SUBST([DEFAULT_CONFIG_DIR])
AC_SUBST([INITDEFAULTDIR])
AC_SUBST([INITDDIR])
AC_SUBST([SYSTEMDDIR])
AC_SUBST([LOGDIR])
AC_SUBST([DEFAULTADMGROUP])
AC_DEFINE_UNQUOTED([DEFAULT_CONFIG_DIR],
["$(eval echo ${DEFAULT_CONFIG_DIR})"],
[Default config directory])
AC_DEFINE_UNQUOTED([DEFAULT_CONFIG_FILE],
["$(eval echo ${DEFAULT_CONFIG_DIR}/kronosnetd.conf)"],
[Default config file])
AC_DEFINE_UNQUOTED([LOGDIR],
["$(eval echo ${LOGDIR})"],
[Default logging directory])
AC_DEFINE_UNQUOTED([DEFAULT_LOG_FILE],
["$(eval echo ${LOGDIR}/kronosnetd.log)"],
[Default log file])
AC_DEFINE_UNQUOTED([RUNDIR],
["$(eval echo ${RUNDIR})"],
[Default run directory])
AC_DEFINE_UNQUOTED([SYSLOGFACILITY],
[$(eval echo ${SYSLOGFACILITY})],
[Default syslog facility])
AC_DEFINE_UNQUOTED([SYSLOGLEVEL],
[$(eval echo ${SYSLOGLEVEL})],
[Default syslog level])
AC_DEFINE_UNQUOTED([DEFAULTADMGROUP],
["$(eval echo ${DEFAULTADMGROUP})"],
[Default admin group])
## *FLAGS handling
ENV_CFLAGS="$CFLAGS"
ENV_CPPFLAGS="$CPPFLAGS"
ENV_LDFLAGS="$LDFLAGS"
# debug build stuff
if test "x${enable_debug}" = xyes; then
AC_DEFINE_UNQUOTED([DEBUG], [1], [Compiling Debugging code])
OPT_CFLAGS="-O0"
else
OPT_CFLAGS="-O3"
fi
# gdb flags
if test "x${GCC}" = xyes; then
GDB_FLAGS="-ggdb3"
else
GDB_FLAGS="-g"
fi
# extra warnings
EXTRA_WARNINGS=""
WARNLIST="
all
extra
unused
shadow
missing-prototypes
missing-declarations
suggest-attribute=noreturn
suggest-attribute=format
strict-prototypes
declaration-after-statement
pointer-arith
write-strings
cast-align
bad-function-cast
missing-format-attribute
float-equal
format=2
format-signedness
format-security
format-nonliteral
no-long-long
unsigned-char
gnu89-inline
no-strict-aliasing
error
address
cpp
overflow
parentheses
sequence-point
switch
shift-overflow=2
overlength-strings
retundent-decls
init-self
uninitialized
unused-but-set-variable
unused-function
unused-result
unused-value
unused-variable
unknown-pragmas
no-unused-parameter
"
for j in $WARNLIST; do
if cc_supports_flag -W$j; then
EXTRA_WARNINGS="$EXTRA_WARNINGS -W$j";
fi
done
CFLAGS="$ENV_CFLAGS $lt_prog_compiler_pic $OPT_CFLAGS $GDB_FLAGS \
$EXTRA_WARNINGS $WERROR_CFLAGS"
CPPFLAGS="$ENV_CPPFLAGS"
LDFLAGS="$ENV_LDFLAGS $lt_prog_compiler_pic -Wl,--as-needed"
AC_CONFIG_FILES([
Makefile
init/Makefile
libtap/Makefile
libtap/libtap.pc
kronosnetd/Makefile
kronosnetd/kronosnetd.logrotate
libknet/Makefile
libknet/libknet.pc
libknet/tests/Makefile
libknet/man/Doxyfile
libknet/man/Makefile
docs/Makefile
poc-code/Makefile
poc-code/iov-hash/Makefile
poc-code/access-list/Makefile
])
AC_OUTPUT
diff --git a/libknet/compress_zlib.c b/libknet/compress_zlib.c
index 813d3f7a..76edae01 100644
--- a/libknet/compress_zlib.c
+++ b/libknet/compress_zlib.c
@@ -1,201 +1,206 @@
/*
* Copyright (C) 2010-2017 Red Hat, Inc. All rights reserved.
*
* Author: Fabio M. Di Nitto <fabbione@kronosnet.org>
*
* This software licensed under GPL-2.0+, LGPL-2.0+
*/
#include "config.h"
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <dlfcn.h>
#ifdef BUILDCOMPZLIB
#include <zlib.h>
#include "internals.h"
#include "compress_zlib.h"
#include "logging.h"
#include "common.h"
+#ifdef KNET_LINUX
#define LIBZ_1 "libz.so.1"
+#endif
+#ifdef KNET_BSD
+#define LIBZ_1 "libz.so"
+#endif
/*
* global vars for dlopen
*/
static void *zlib_lib;
/*
* symbols remapping
*/
int (*_int_uncompress)(Bytef *dest, uLongf *destLen,
const Bytef *source, uLong sourceLen);
int (*_int_compress2)(Bytef *dest, uLongf *destLen,
const Bytef *source, uLong sourceLen,
int level);
static int zlib_remap_symbols(knet_handle_t knet_h)
{
int err = 0;
char *error = NULL;
_int_uncompress = dlsym(zlib_lib, "uncompress");
if (!_int_uncompress) {
error = dlerror();
log_err(knet_h, KNET_SUB_ZLIBCOMP, "unable to map uncompress: %s", error);
err = -1;
goto out;
}
_int_compress2 = dlsym(zlib_lib, "compress2");
if (!_int_compress2) {
error = dlerror();
log_err(knet_h, KNET_SUB_ZLIBCOMP, "unable to map compress2: %s", error);
err = -1;
goto out;
}
out:
if (err) {
_int_uncompress = NULL;
_int_compress2 = NULL;
errno = EINVAL;
}
return err;
}
int zlib_load_lib(
knet_handle_t knet_h)
{
int err = 0, savederrno = 0;
if (!zlib_lib) {
zlib_lib = open_lib(knet_h, LIBZ_1, 0);
if (!zlib_lib) {
savederrno = EAGAIN;
err = -1;
goto out;
}
}
if (zlib_remap_symbols(knet_h) < 0) {
savederrno = errno;
err = -1;
}
out:
errno = savederrno;
return err;
}
int zlib_val_level(
knet_handle_t knet_h,
int compress_level)
{
if (compress_level < 0) {
log_err(knet_h, KNET_SUB_ZLIBCOMP, "zlib does not support negative compression level %d",
compress_level);
return -1;
}
if (compress_level > 9) {
log_err(knet_h, KNET_SUB_ZLIBCOMP, "zlib does not support compression level higher than 9");
return -1;
}
if (compress_level == 0) {
log_warn(knet_h, KNET_SUB_ZLIBCOMP, "zlib compress level 0 does NOT perform any compression");
}
return 0;
}
int zlib_compress(
knet_handle_t knet_h,
const unsigned char *buf_in,
const ssize_t buf_in_len,
unsigned char *buf_out,
ssize_t *buf_out_len)
{
int zerr = 0, err = 0;
int savederrno = 0;
uLongf destLen = *buf_out_len;
zerr = (*_int_compress2)(buf_out, &destLen,
buf_in, buf_in_len,
knet_h->compress_level);
*buf_out_len = destLen;
switch(zerr) {
case Z_OK:
err = 0;
savederrno = 0;
break;
case Z_MEM_ERROR:
log_err(knet_h, KNET_SUB_ZLIBCOMP, "zlib compress mem error");
err = -1;
savederrno = ENOMEM;
break;
case Z_BUF_ERROR:
log_err(knet_h, KNET_SUB_ZLIBCOMP, "zlib compress buf error");
err = -1;
savederrno = ENOBUFS;
break;
case Z_STREAM_ERROR:
log_err(knet_h, KNET_SUB_ZLIBCOMP, "zlib compress stream error");
err = -1;
savederrno = EINVAL;
break;
default:
log_err(knet_h, KNET_SUB_ZLIBCOMP, "zlib unknown compress error: %d", zerr);
break;
}
errno = savederrno;
return err;
}
int zlib_decompress(
knet_handle_t knet_h,
const unsigned char *buf_in,
const ssize_t buf_in_len,
unsigned char *buf_out,
ssize_t *buf_out_len)
{
int zerr = 0, err = 0;
int savederrno = 0;
uLongf destLen = *buf_out_len;
zerr = (*_int_uncompress)(buf_out, &destLen,
buf_in, buf_in_len);
*buf_out_len = destLen;
switch(zerr) {
case Z_OK:
err = 0;
savederrno = 0;
break;
case Z_MEM_ERROR:
log_err(knet_h, KNET_SUB_ZLIBCOMP, "zlib decompress mem error");
err = -1;
savederrno = ENOMEM;
break;
case Z_BUF_ERROR:
log_err(knet_h, KNET_SUB_ZLIBCOMP, "zlib decompress buf error");
err = -1;
savederrno = ENOBUFS;
break;
case Z_DATA_ERROR:
log_err(knet_h, KNET_SUB_ZLIBCOMP, "zlib decompress data error");
err = -1;
savederrno = EINVAL;
break;
default:
log_err(knet_h, KNET_SUB_ZLIBCOMP, "zlib unknown decompress error: %d", zerr);
break;
}
errno = savederrno;
return err;
}
#endif
diff --git a/libknet/crypto_openssl.c b/libknet/crypto_openssl.c
index 7707a592..b1dae327 100644
--- a/libknet/crypto_openssl.c
+++ b/libknet/crypto_openssl.c
@@ -1,843 +1,848 @@
/*
* Copyright (C) 2010-2017 Red Hat, Inc. All rights reserved.
*
* Author: Fabio M. Di Nitto <fabbione@kronosnet.org>
*
* This software licensed under GPL-2.0+, LGPL-2.0+
*/
#include "config.h"
#include <errno.h>
#include <dlfcn.h>
#include <string.h>
#ifdef BUILDCRYPTOOPENSSL
#include <openssl/conf.h>
#include <openssl/evp.h>
#include <openssl/hmac.h>
#include <openssl/rand.h>
#include <openssl/err.h>
#include "common.h"
#include "crypto.h"
#include "crypto_openssl.h"
#include "logging.h"
/*
* 1.0.2 requires at least 120 bytes
* 1.1.0 requires at least 256 bytes
*/
#define SSLERR_BUF_SIZE 512
/*
* make this more generic.
* Fedora packages it one way, Debian another
* and it changes by version
*/
+#ifdef KNET_LINUX
#define LIBOPENSSL "libcrypto.so"
+#endif
+#ifdef KNET_BSD
+#define LIBOPENSSL "libcrypto.so.10"
+#endif
/*
* global vars for dlopen
*/
static void *openssl_lib;
/*
* symbols remapping
*/
#ifdef BUILDCRYPTOOPENSSL10
void (*_int_OPENSSL_add_all_algorithms_noconf)(void);
#endif
#ifdef BUILDCRYPTOOPENSSL11
int (*_int_OPENSSL_init_crypto)(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings);
#endif
#ifdef BUILDCRYPTOOPENSSL10
void (*_int_ERR_load_crypto_strings)(void);
#endif
unsigned long (*_int_ERR_get_error)(void);
void (*_int_ERR_error_string_n)(unsigned long e, char *buf, size_t len);
void (*_int_RAND_seed)(const void *buf, int num);
int (*_int_RAND_bytes)(unsigned char *buf, int num);
const EVP_MD *(*_int_EVP_get_digestbyname)(const char *name);
int (*_int_EVP_MD_size)(const EVP_MD *md);
unsigned char *(*_int_HMAC)(const EVP_MD *evp_md, const void *key, int key_len,
const unsigned char *d, size_t n, unsigned char *md,
unsigned int *md_len);
const EVP_CIPHER *(*_int_EVP_get_cipherbyname)(const char *name);
int (*_int_EVP_CIPHER_block_size)(const EVP_CIPHER *cipher);
#ifdef BUILDCRYPTOOPENSSL10
void (*_int_EVP_CIPHER_CTX_init)(EVP_CIPHER_CTX *a);
int (*_int_EVP_CIPHER_CTX_cleanup)(EVP_CIPHER_CTX *a);
#endif
#ifdef BUILDCRYPTOOPENSSL11
EVP_CIPHER_CTX *(*_int_EVP_CIPHER_CTX_new)(void);
void (*_int_EVP_CIPHER_CTX_free)(EVP_CIPHER_CTX *c);
#endif
int (*_int_EVP_EncryptInit_ex)(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
ENGINE *impl, const unsigned char *key,
const unsigned char *iv);
int (*_int_EVP_EncryptUpdate)(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
const unsigned char *in, int inl);
int (*_int_EVP_EncryptFinal_ex)(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
int (*_int_EVP_DecryptInit_ex)(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
ENGINE *impl, const unsigned char *key,
const unsigned char *iv);
int (*_int_EVP_DecryptUpdate)(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
const unsigned char *in, int inl);
int (*_int_EVP_DecryptFinal_ex)(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
static void clean_openssl_syms(void)
{
#ifdef BUILDCRYPTOOPENSSL10
_int_OPENSSL_add_all_algorithms_noconf = NULL;
#endif
#ifdef BUILDCRYPTOOPENSSL11
_int_OPENSSL_init_crypto = NULL;
#endif
#ifdef BUILDCRYPTOOPENSSL10
_int_ERR_load_crypto_strings = NULL;
#endif
_int_ERR_get_error = NULL;
_int_ERR_error_string_n = NULL;
_int_RAND_seed = NULL;
_int_RAND_bytes = NULL;
_int_EVP_get_digestbyname = NULL;
_int_EVP_MD_size = NULL;
_int_HMAC = NULL;
_int_EVP_get_cipherbyname = NULL;
_int_EVP_CIPHER_block_size = NULL;
#ifdef BUILDCRYPTOOPENSSL10
_int_EVP_CIPHER_CTX_init = NULL;
_int_EVP_CIPHER_CTX_cleanup = NULL;
#endif
#ifdef BUILDCRYPTOOPENSSL11
_int_EVP_CIPHER_CTX_new = NULL;
_int_EVP_CIPHER_CTX_free = NULL;
#endif
_int_EVP_EncryptInit_ex = NULL;
_int_EVP_EncryptUpdate = NULL;
_int_EVP_EncryptFinal_ex = NULL;
_int_EVP_DecryptInit_ex = NULL;
_int_EVP_DecryptUpdate = NULL;
_int_EVP_DecryptFinal_ex = NULL;
return;
}
static int opensslcrypto_remap_symbols(knet_handle_t knet_h)
{
int err = 0;
char *error = NULL;
#ifdef BUILDCRYPTOOPENSSL10
_int_OPENSSL_add_all_algorithms_noconf = dlsym(openssl_lib, "OPENSSL_add_all_algorithms_noconf");
if (!_int_OPENSSL_add_all_algorithms_noconf) {
error = dlerror();
log_err(knet_h, KNET_SUB_OPENSSLCRYPTO, "unable to map OPENSSL_add_all_algorithms_noconf: %s", error);
err = -1;
goto out;
}
#endif
#ifdef BUILDCRYPTOOPENSSL11
_int_OPENSSL_init_crypto = dlsym(openssl_lib, "OPENSSL_init_crypto");
if (!_int_OPENSSL_init_crypto) {
error = dlerror();
log_err(knet_h, KNET_SUB_OPENSSLCRYPTO, "unable to map OPENSSL_init_crypto: %s", error);
err = -1;
goto out;
}
#endif
#ifdef BUILDCRYPTOOPENSSL10
_int_ERR_load_crypto_strings = dlsym(openssl_lib, "ERR_load_crypto_strings");
if (!_int_ERR_load_crypto_strings) {
error = dlerror();
log_err(knet_h, KNET_SUB_OPENSSLCRYPTO, "unable to map ERR_load_crypto_strings: %s", error);
err = -1;
goto out;
}
#endif
_int_ERR_get_error = dlsym(openssl_lib, "ERR_get_error");
if (!_int_ERR_get_error) {
error = dlerror();
log_err(knet_h, KNET_SUB_OPENSSLCRYPTO, "unable to map ERR_get_error: %s", error);
err = -1;
goto out;
}
_int_ERR_error_string_n = dlsym(openssl_lib, "ERR_error_string_n");
if (!_int_ERR_error_string_n) {
error = dlerror();
log_err(knet_h, KNET_SUB_OPENSSLCRYPTO, "unable to map ERR_error_string_n: %s", error);
err = -1;
goto out;
}
_int_RAND_seed = dlsym(openssl_lib, "RAND_seed");
if (!_int_RAND_seed) {
error = dlerror();
log_err(knet_h, KNET_SUB_OPENSSLCRYPTO, "unable to map RAND_seed: %s", error);
err = -1;
goto out;
}
_int_RAND_bytes = dlsym(openssl_lib, "RAND_bytes");
if (!_int_RAND_bytes) {
error = dlerror();
log_err(knet_h, KNET_SUB_OPENSSLCRYPTO, "unable to map RAND_bytes: %s", error);
err = -1;
goto out;
}
_int_EVP_get_digestbyname = dlsym(openssl_lib, "EVP_get_digestbyname");
if (!_int_EVP_get_digestbyname) {
error = dlerror();
log_err(knet_h, KNET_SUB_OPENSSLCRYPTO, "unable to map EVP_get_digestbyname: %s", error);
err = -1;
goto out;
}
_int_EVP_MD_size = dlsym(openssl_lib, "EVP_MD_size");
if (!_int_EVP_MD_size) {
error = dlerror();
log_err(knet_h, KNET_SUB_OPENSSLCRYPTO, "unable to map EVP_MD_size: %s", error);
err = -1;
goto out;
}
_int_HMAC = dlsym(openssl_lib, "HMAC");
if (!_int_HMAC) {
error = dlerror();
log_err(knet_h, KNET_SUB_OPENSSLCRYPTO, "unable to map HMAC: %s", error);
err = -1;
goto out;
}
_int_EVP_get_cipherbyname = dlsym(openssl_lib, "EVP_get_cipherbyname");
if (!_int_EVP_get_cipherbyname) {
error = dlerror();
log_err(knet_h, KNET_SUB_OPENSSLCRYPTO, "unable to map EVP_get_cipherbyname: %s", error);
err = -1;
goto out;
}
_int_EVP_CIPHER_block_size = dlsym(openssl_lib, "EVP_CIPHER_block_size");
if (!_int_EVP_CIPHER_block_size) {
error = dlerror();
log_err(knet_h, KNET_SUB_OPENSSLCRYPTO, "unable to map EVP_CIPHER_block_size: %s", error);
err = -1;
goto out;
}
#ifdef BUILDCRYPTOOPENSSL10
_int_EVP_CIPHER_CTX_init = dlsym(openssl_lib, "EVP_CIPHER_CTX_init");
if (!_int_EVP_CIPHER_CTX_init) {
error = dlerror();
log_err(knet_h, KNET_SUB_OPENSSLCRYPTO, "unable to map EVP_CIPHER_CTX_init: %s", error);
err = -1;
goto out;
}
_int_EVP_CIPHER_CTX_cleanup = dlsym(openssl_lib, "EVP_CIPHER_CTX_cleanup");
if (!_int_EVP_CIPHER_CTX_cleanup) {
error = dlerror();
log_err(knet_h, KNET_SUB_OPENSSLCRYPTO, "unable to map EVP_CIPHER_CTX_cleanup: %s", error);
err = -1;
goto out;
}
#endif
#ifdef BUILDCRYPTOOPENSSL11
_int_EVP_CIPHER_CTX_new = dlsym(openssl_lib, "EVP_CIPHER_CTX_new");
if (!_int_EVP_CIPHER_CTX_new) {
error = dlerror();
log_err(knet_h, KNET_SUB_OPENSSLCRYPTO, "unable to map EVP_CIPHER_CTX_new: %s", error);
err = -1;
goto out;
}
_int_EVP_CIPHER_CTX_free = dlsym(openssl_lib, "EVP_CIPHER_CTX_free");
if (!_int_EVP_CIPHER_CTX_free) {
error = dlerror();
log_err(knet_h, KNET_SUB_OPENSSLCRYPTO, "unable to map EVP_CIPHER_CTX_free: %s", error);
err = -1;
goto out;
}
#endif
_int_EVP_EncryptInit_ex = dlsym(openssl_lib, "EVP_EncryptInit_ex");
if (!_int_EVP_EncryptInit_ex) {
error = dlerror();
log_err(knet_h, KNET_SUB_OPENSSLCRYPTO, "unable to map EVP_EncryptInit_ex: %s", error);
err = -1;
goto out;
}
_int_EVP_EncryptUpdate = dlsym(openssl_lib, "EVP_EncryptUpdate");
if (!_int_EVP_EncryptUpdate) {
error = dlerror();
log_err(knet_h, KNET_SUB_OPENSSLCRYPTO, "unable to map EVP_EncryptUpdate: %s", error);
err = -1;
goto out;
}
_int_EVP_EncryptFinal_ex = dlsym(openssl_lib, "EVP_EncryptFinal_ex");
if (!_int_EVP_EncryptFinal_ex) {
error = dlerror();
log_err(knet_h, KNET_SUB_OPENSSLCRYPTO, "unable to map EVP_EncryptFinal_ex: %s", error);
err = -1;
goto out;
}
_int_EVP_DecryptInit_ex = dlsym(openssl_lib, "EVP_DecryptInit_ex");
if (!_int_EVP_DecryptInit_ex) {
error = dlerror();
log_err(knet_h, KNET_SUB_OPENSSLCRYPTO, "unable to map EVP_DecryptInit_ex: %s", error);
err = -1;
goto out;
}
_int_EVP_DecryptUpdate = dlsym(openssl_lib, "EVP_DecryptUpdate");
if (!_int_EVP_DecryptUpdate) {
error = dlerror();
log_err(knet_h, KNET_SUB_OPENSSLCRYPTO, "unable to map EVP_DecryptUpdate: %s", error);
err = -1;
goto out;
}
_int_EVP_DecryptFinal_ex = dlsym(openssl_lib, "EVP_DecryptFinal_ex");
if (!_int_EVP_DecryptFinal_ex) {
error = dlerror();
log_err(knet_h, KNET_SUB_OPENSSLCRYPTO, "unable to map EVP_DecryptFinal_ex: %s", error);
err = -1;
goto out;
}
out:
if (err) {
clean_openssl_syms();
}
return err;
}
static int openssl_is_init = 0;
int opensslcrypto_load_lib(
knet_handle_t knet_h)
{
int err = 0, savederrno = 0;
if (!openssl_lib) {
openssl_lib = open_lib(knet_h, LIBOPENSSL, 0);
if (!openssl_lib) {
savederrno = errno;
err = -1;
goto out;
}
}
if (opensslcrypto_remap_symbols(knet_h) < 0) {
savederrno = errno;
err = -1;
goto out;
}
if (!openssl_is_init) {
#ifdef BUILDCRYPTOOPENSSL10
(*_int_ERR_load_crypto_strings)();
(*_int_OPENSSL_add_all_algorithms_noconf)();
#endif
#ifdef BUILDCRYPTOOPENSSL11
if (!(*_int_OPENSSL_init_crypto)(OPENSSL_INIT_ADD_ALL_CIPHERS \
| OPENSSL_INIT_ADD_ALL_DIGESTS, NULL)) {
log_err(knet_h, KNET_SUB_OPENSSLCRYPTO, "Unable to init openssl");
err = -1;
savederrno = EAGAIN;
goto out;
}
#endif
openssl_is_init = 1;
}
out:
errno = savederrno;
return err;
}
/*
* crypto definitions and conversion tables
*/
#define SALT_SIZE 16
struct opensslcrypto_instance {
void *private_key;
int private_key_len;
const EVP_CIPHER *crypto_cipher_type;
const EVP_MD *crypto_hash_type;
};
/*
* crypt/decrypt functions openssl1.0
*/
#ifdef BUILDCRYPTOOPENSSL10
static int encrypt_openssl(
knet_handle_t knet_h,
const struct iovec *iov,
int iovcnt,
unsigned char *buf_out,
ssize_t *buf_out_len)
{
struct opensslcrypto_instance *instance = knet_h->crypto_instance->model_instance;
EVP_CIPHER_CTX ctx;
int tmplen = 0, offset = 0;
unsigned char *salt = buf_out;
unsigned char *data = buf_out + SALT_SIZE;
int err = 0;
int i;
char sslerr[SSLERR_BUF_SIZE];
(*_int_EVP_CIPHER_CTX_init)(&ctx);
/*
* contribute to PRNG for each packet we send/receive
*/
(*_int_RAND_seed)((unsigned char *)iov[iovcnt - 1].iov_base, iov[iovcnt - 1].iov_len);
if (!(*_int_RAND_bytes)(salt, SALT_SIZE)) {
(*_int_ERR_error_string_n)((*_int_ERR_get_error)(), sslerr, sizeof(sslerr));
log_err(knet_h, KNET_SUB_OPENSSLCRYPTO, "Unable to get random salt data: %s", sslerr);
err = -1;
goto out;
}
/*
* add warning re keylength
*/
(*_int_EVP_EncryptInit_ex)(&ctx, instance->crypto_cipher_type, NULL, instance->private_key, salt);
for (i=0; i<iovcnt; i++) {
if (!(*_int_EVP_EncryptUpdate)(&ctx,
data + offset, &tmplen,
(unsigned char *)iov[i].iov_base, iov[i].iov_len)) {
(*_int_ERR_error_string_n)((*_int_ERR_get_error)(), sslerr, sizeof(sslerr));
log_err(knet_h, KNET_SUB_OPENSSLCRYPTO, "Unable to encrypt: %s", sslerr);
err = -1;
goto out;
}
offset = offset + tmplen;
}
if (!(*_int_EVP_EncryptFinal_ex)(&ctx, data + offset, &tmplen)) {
(*_int_ERR_error_string_n)((*_int_ERR_get_error)(), sslerr, sizeof(sslerr));
log_err(knet_h, KNET_SUB_OPENSSLCRYPTO, "Unable to finalize encrypt: %s", sslerr);
err = -1;
goto out;
}
*buf_out_len = offset + tmplen + SALT_SIZE;
out:
(*_int_EVP_CIPHER_CTX_cleanup)(&ctx);
return err;
}
static int decrypt_openssl (
knet_handle_t knet_h,
const unsigned char *buf_in,
const ssize_t buf_in_len,
unsigned char *buf_out,
ssize_t *buf_out_len)
{
struct opensslcrypto_instance *instance = knet_h->crypto_instance->model_instance;
EVP_CIPHER_CTX ctx;
int tmplen1 = 0, tmplen2 = 0;
unsigned char *salt = (unsigned char *)buf_in;
unsigned char *data = salt + SALT_SIZE;
int datalen = buf_in_len - SALT_SIZE;
int err = 0;
char sslerr[SSLERR_BUF_SIZE];
(*_int_EVP_CIPHER_CTX_init)(&ctx);
/*
* contribute to PRNG for each packet we send/receive
*/
(*_int_RAND_seed)(buf_in, buf_in_len);
/*
* add warning re keylength
*/
(*_int_EVP_DecryptInit_ex)(&ctx, instance->crypto_cipher_type, NULL, instance->private_key, salt);
if (!(*_int_EVP_DecryptUpdate)(&ctx, buf_out, &tmplen1, data, datalen)) {
(*_int_ERR_error_string_n)((*_int_ERR_get_error)(), sslerr, sizeof(sslerr));
log_err(knet_h, KNET_SUB_OPENSSLCRYPTO, "Unable to decrypt: %s", sslerr);
err = -1;
goto out;
}
if (!(*_int_EVP_DecryptFinal_ex)(&ctx, buf_out + tmplen1, &tmplen2)) {
(*_int_ERR_error_string_n)((*_int_ERR_get_error)(), sslerr, sizeof(sslerr));
log_err(knet_h, KNET_SUB_OPENSSLCRYPTO, "Unable to finalize decrypt: %s", sslerr);
err = -1;
goto out;
}
*buf_out_len = tmplen1 + tmplen2;
out:
(*_int_EVP_CIPHER_CTX_cleanup)(&ctx);
return err;
}
#endif
#ifdef BUILDCRYPTOOPENSSL11
static int encrypt_openssl(
knet_handle_t knet_h,
const struct iovec *iov,
int iovcnt,
unsigned char *buf_out,
ssize_t *buf_out_len)
{
struct opensslcrypto_instance *instance = knet_h->crypto_instance->model_instance;
EVP_CIPHER_CTX *ctx;
int tmplen = 0, offset = 0;
unsigned char *salt = buf_out;
unsigned char *data = buf_out + SALT_SIZE;
int err = 0;
int i;
char sslerr[SSLERR_BUF_SIZE];
ctx = (*_int_EVP_CIPHER_CTX_new)();
/*
* contribute to PRNG for each packet we send/receive
*/
(*_int_RAND_seed)((unsigned char *)iov[iovcnt - 1].iov_base, iov[iovcnt - 1].iov_len);
if (!(*_int_RAND_bytes)(salt, SALT_SIZE)) {
(*_int_ERR_error_string_n)((*_int_ERR_get_error)(), sslerr, sizeof(sslerr));
log_err(knet_h, KNET_SUB_OPENSSLCRYPTO, "Unable to get random salt data: %s", sslerr);
err = -1;
goto out;
}
/*
* add warning re keylength
*/
(*_int_EVP_EncryptInit_ex)(ctx, instance->crypto_cipher_type, NULL, instance->private_key, salt);
for (i=0; i<iovcnt; i++) {
if (!(*_int_EVP_EncryptUpdate)(ctx,
data + offset, &tmplen,
(unsigned char *)iov[i].iov_base, iov[i].iov_len)) {
(*_int_ERR_error_string_n)((*_int_ERR_get_error)(), sslerr, sizeof(sslerr));
log_err(knet_h, KNET_SUB_OPENSSLCRYPTO, "Unable to encrypt: %s", sslerr);
err = -1;
goto out;
}
offset = offset + tmplen;
}
if (!(*_int_EVP_EncryptFinal_ex)(ctx, data + offset, &tmplen)) {
(*_int_ERR_error_string_n)((*_int_ERR_get_error)(), sslerr, sizeof(sslerr));
log_err(knet_h, KNET_SUB_OPENSSLCRYPTO, "Unable to finalize encrypt: %s", sslerr);
err = -1;
goto out;
}
*buf_out_len = offset + tmplen + SALT_SIZE;
out:
(*_int_EVP_CIPHER_CTX_free)(ctx);
return err;
}
static int decrypt_openssl (
knet_handle_t knet_h,
const unsigned char *buf_in,
const ssize_t buf_in_len,
unsigned char *buf_out,
ssize_t *buf_out_len)
{
struct opensslcrypto_instance *instance = knet_h->crypto_instance->model_instance;
EVP_CIPHER_CTX *ctx;
int tmplen1 = 0, tmplen2 = 0;
unsigned char *salt = (unsigned char *)buf_in;
unsigned char *data = salt + SALT_SIZE;
int datalen = buf_in_len - SALT_SIZE;
int err = 0;
char sslerr[SSLERR_BUF_SIZE];
ctx = (*_int_EVP_CIPHER_CTX_new)();
/*
* contribute to PRNG for each packet we send/receive
*/
(*_int_RAND_seed)(buf_in, buf_in_len);
/*
* add warning re keylength
*/
(*_int_EVP_DecryptInit_ex)(ctx, instance->crypto_cipher_type, NULL, instance->private_key, salt);
if (!(*_int_EVP_DecryptUpdate)(ctx, buf_out, &tmplen1, data, datalen)) {
(*_int_ERR_error_string_n)((*_int_ERR_get_error)(), sslerr, sizeof(sslerr));
log_err(knet_h, KNET_SUB_OPENSSLCRYPTO, "Unable to decrypt: %s", sslerr);
err = -1;
goto out;
}
if (!(*_int_EVP_DecryptFinal_ex)(ctx, buf_out + tmplen1, &tmplen2)) {
(*_int_ERR_error_string_n)((*_int_ERR_get_error)(), sslerr, sizeof(sslerr));
log_err(knet_h, KNET_SUB_OPENSSLCRYPTO, "Unable to finalize decrypt: %s", sslerr);
err = -1;
goto out;
}
*buf_out_len = tmplen1 + tmplen2;
out:
(*_int_EVP_CIPHER_CTX_free)(ctx);
return err;
}
#endif
/*
* hash/hmac/digest functions
*/
static int calculate_openssl_hash(
knet_handle_t knet_h,
const unsigned char *buf,
const size_t buf_len,
unsigned char *hash)
{
struct opensslcrypto_instance *instance = knet_h->crypto_instance->model_instance;
unsigned int hash_len = 0;
unsigned char *hash_out = NULL;
char sslerr[SSLERR_BUF_SIZE];
hash_out = (*_int_HMAC)(instance->crypto_hash_type,
instance->private_key, instance->private_key_len,
buf, buf_len,
hash, &hash_len);
if ((!hash_out) || (hash_len != knet_h->sec_hash_size)) {
(*_int_ERR_error_string_n)((*_int_ERR_get_error)(), sslerr, sizeof(sslerr));
log_err(knet_h, KNET_SUB_OPENSSLCRYPTO, "Unable to calculate hash: %s", sslerr);
return -1;
}
return 0;
}
/*
* exported API
*/
int opensslcrypto_encrypt_and_sign (
knet_handle_t knet_h,
const unsigned char *buf_in,
const ssize_t buf_in_len,
unsigned char *buf_out,
ssize_t *buf_out_len)
{
struct iovec iov_in;
memset(&iov_in, 0, sizeof(iov_in));
iov_in.iov_base = (unsigned char *)buf_in;
iov_in.iov_len = buf_in_len;
return opensslcrypto_encrypt_and_signv(knet_h, &iov_in, 1, buf_out, buf_out_len);
}
int opensslcrypto_encrypt_and_signv (
knet_handle_t knet_h,
const struct iovec *iov_in,
int iovcnt_in,
unsigned char *buf_out,
ssize_t *buf_out_len)
{
struct opensslcrypto_instance *instance = knet_h->crypto_instance->model_instance;
int i;
if (instance->crypto_cipher_type) {
if (encrypt_openssl(knet_h, iov_in, iovcnt_in, buf_out, buf_out_len) < 0) {
return -1;
}
} else {
*buf_out_len = 0;
for (i=0; i<iovcnt_in; i++) {
memmove(buf_out + *buf_out_len, iov_in[i].iov_base, iov_in[i].iov_len);
*buf_out_len = *buf_out_len + iov_in[i].iov_len;
}
}
if (instance->crypto_hash_type) {
if (calculate_openssl_hash(knet_h, buf_out, *buf_out_len, buf_out + *buf_out_len) < 0) {
return -1;
}
*buf_out_len = *buf_out_len + knet_h->sec_hash_size;
}
return 0;
}
int opensslcrypto_authenticate_and_decrypt (
knet_handle_t knet_h,
const unsigned char *buf_in,
const ssize_t buf_in_len,
unsigned char *buf_out,
ssize_t *buf_out_len)
{
struct opensslcrypto_instance *instance = knet_h->crypto_instance->model_instance;
ssize_t temp_len = buf_in_len;
if (instance->crypto_hash_type) {
unsigned char tmp_hash[knet_h->sec_hash_size];
ssize_t temp_buf_len = buf_in_len - knet_h->sec_hash_size;
if ((temp_buf_len < 0) || (temp_buf_len > KNET_MAX_PACKET_SIZE)) {
log_err(knet_h, KNET_SUB_OPENSSLCRYPTO, "Incorrect packet size.");
return -1;
}
if (calculate_openssl_hash(knet_h, buf_in, temp_buf_len, tmp_hash) < 0) {
return -1;
}
if (memcmp(tmp_hash, buf_in + temp_buf_len, knet_h->sec_hash_size) != 0) {
log_err(knet_h, KNET_SUB_OPENSSLCRYPTO, "Digest does not match");
return -1;
}
temp_len = temp_len - knet_h->sec_hash_size;
*buf_out_len = temp_len;
}
if (instance->crypto_cipher_type) {
if (decrypt_openssl(knet_h, buf_in, temp_len, buf_out, buf_out_len) < 0) {
return -1;
}
} else {
memmove(buf_out, buf_in, temp_len);
*buf_out_len = temp_len;
}
return 0;
}
int opensslcrypto_init(
knet_handle_t knet_h,
struct knet_handle_crypto_cfg *knet_handle_crypto_cfg)
{
struct opensslcrypto_instance *opensslcrypto_instance = NULL;
log_debug(knet_h, KNET_SUB_OPENSSLCRYPTO,
"Initizializing openssl crypto module [%s/%s]",
knet_handle_crypto_cfg->crypto_cipher_type,
knet_handle_crypto_cfg->crypto_hash_type);
knet_h->crypto_instance->model_instance = malloc(sizeof(struct opensslcrypto_instance));
if (!knet_h->crypto_instance->model_instance) {
log_err(knet_h, KNET_SUB_OPENSSLCRYPTO, "Unable to allocate memory for openssl model instance");
return -1;
}
opensslcrypto_instance = knet_h->crypto_instance->model_instance;
memset(opensslcrypto_instance, 0, sizeof(struct opensslcrypto_instance));
if (strcmp(knet_handle_crypto_cfg->crypto_cipher_type, "none") == 0) {
opensslcrypto_instance->crypto_cipher_type = NULL;
} else {
opensslcrypto_instance->crypto_cipher_type = (*_int_EVP_get_cipherbyname)(knet_handle_crypto_cfg->crypto_cipher_type);
if (!opensslcrypto_instance->crypto_cipher_type) {
log_err(knet_h, KNET_SUB_OPENSSLCRYPTO, "unknown crypto cipher type requested");
goto out_err;
}
}
if (strcmp(knet_handle_crypto_cfg->crypto_hash_type, "none") == 0) {
opensslcrypto_instance->crypto_hash_type = NULL;
} else {
opensslcrypto_instance->crypto_hash_type = (*_int_EVP_get_digestbyname)(knet_handle_crypto_cfg->crypto_hash_type);
if (!opensslcrypto_instance->crypto_hash_type) {
log_err(knet_h, KNET_SUB_OPENSSLCRYPTO, "unknown crypto hash type requested");
goto out_err;
}
}
if ((opensslcrypto_instance->crypto_cipher_type) &&
(!opensslcrypto_instance->crypto_hash_type)) {
log_err(knet_h, KNET_SUB_OPENSSLCRYPTO, "crypto communication requires hash specified");
goto out_err;
}
opensslcrypto_instance->private_key = malloc(knet_handle_crypto_cfg->private_key_len);
if (!opensslcrypto_instance->private_key) {
log_err(knet_h, KNET_SUB_OPENSSLCRYPTO, "Unable to allocate memory for openssl private key");
goto out_err;
}
memmove(opensslcrypto_instance->private_key, knet_handle_crypto_cfg->private_key, knet_handle_crypto_cfg->private_key_len);
opensslcrypto_instance->private_key_len = knet_handle_crypto_cfg->private_key_len;
knet_h->sec_header_size = 0;
if (opensslcrypto_instance->crypto_hash_type) {
knet_h->sec_hash_size = (*_int_EVP_MD_size)(opensslcrypto_instance->crypto_hash_type);
knet_h->sec_header_size += knet_h->sec_hash_size;
}
if (opensslcrypto_instance->crypto_cipher_type) {
int block_size;
block_size = (*_int_EVP_CIPHER_block_size)(opensslcrypto_instance->crypto_cipher_type);
if (block_size < 0) {
goto out_err;
}
knet_h->sec_header_size += (block_size * 2);
knet_h->sec_header_size += SALT_SIZE;
knet_h->sec_salt_size = SALT_SIZE;
knet_h->sec_block_size = block_size;
}
return 0;
out_err:
opensslcrypto_fini(knet_h);
return -1;
}
void opensslcrypto_fini(
knet_handle_t knet_h)
{
struct opensslcrypto_instance *opensslcrypto_instance = knet_h->crypto_instance->model_instance;
if (opensslcrypto_instance) {
if (opensslcrypto_instance->private_key) {
free(opensslcrypto_instance->private_key);
opensslcrypto_instance->private_key = NULL;
}
free(opensslcrypto_instance);
knet_h->crypto_instance->model_instance = NULL;
knet_h->sec_header_size = 0;
}
return;
}
#endif
diff --git a/libknet/tests/api-test-coverage b/libknet/tests/api-test-coverage
index 9287e7a7..82f6963d 100755
--- a/libknet/tests/api-test-coverage
+++ b/libknet/tests/api-test-coverage
@@ -1,79 +1,79 @@
-#!/bin/bash
+#!/bin/sh
srcdir="$1"/libknet/tests
builddir="$2"/libknet/tests
headerapicalls="$(grep knet_ "$srcdir"/../libknet.h | grep -v "^ \*" | grep -v ^struct | grep -v "^[[:space:]]" | grep -v typedef | sed -e 's/(.*//g' -e 's/^const //g' -e 's/\*//g' | awk '{print $2}')"
exportedapicalls="$(nm -B -D "$builddir"/../.libs/libknet.so | grep ' T ' | awk '{print $3}')"
echo "Checking for exported symbols NOT available in header file"
for i in $exportedapicalls; do
found=0
for x in $headerapicalls; do
if [ "$x" = "$i" ]; then
found=1
break;
fi
done
if [ "$found" = 0 ]; then
echo "Symbol $i not found in header file"
exit 1
fi
done
echo "Checking for symbols in header file NOT exported by binary lib"
for i in $headerapicalls; do
found=0
for x in $exportedapicalls; do
if [ "$x" = "$i" ]; then
found=1
break;
fi
done
if [ "$found" = 0 ]; then
echo "Symbol $i not found in binary lib"
exit 1
fi
done
echo "Checking for tests with memcheck exceptions"
for i in $(grep -l is_memcheck "$srcdir"/*.c | grep -v test-common); do
echo "WARNING: $(basename $i) - has memcheck exception enabled"
done
echo "Checking for tests with helgrind exceptions"
for i in $(grep -l is_helgrind "$srcdir"/*.c | grep -v test-common); do
echo "WARNING: $(basename $i) has helgrind exception enabled"
done
echo "Checking for api test coverage"
numapicalls=0
found=0
missing=0
for i in $headerapicalls; do
numapicalls=$((numapicalls + 1))
if [ -f $srcdir/api_${i}.c ]; then
found=$((found + 1))
else
missing=$((missing + 1))
echo "MISSING: $i"
fi
done
echo "Summary"
echo "-------"
echo "Found : $found"
echo "Missing : $missing"
echo "Total : $numapicalls"
which bc > /dev/null 2>&1 && {
coverage=$(echo "scale=3; $found / $numapicalls * 100" | bc -l)
echo "Coverage: $coverage%"
}
exit 0
diff --git a/libknet/tests/api_knet_link_get_ping_timers.c b/libknet/tests/api_knet_link_get_ping_timers.c
index daecdec8..cc87db9c 100644
--- a/libknet/tests/api_knet_link_get_ping_timers.c
+++ b/libknet/tests/api_knet_link_get_ping_timers.c
@@ -1,200 +1,200 @@
/*
* Copyright (C) 2016 Red Hat, Inc. All rights reserved.
*
* Authors: Fabio M. Di Nitto <fabbione@kronosnet.org>
*
* This software licensed under GPL-2.0+, LGPL-2.0+
*/
#include "config.h"
#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include "libknet.h"
#include "internals.h"
#include "link.h"
#include "netutils.h"
#include "test-common.h"
static void test(void)
{
knet_handle_t knet_h;
int logfds[2];
struct sockaddr_storage src, dst;
time_t interval = 0, timeout = 0;
unsigned int precision = 0;
memset(&src, 0, sizeof(struct sockaddr_storage));
if (knet_strtoaddr("127.0.0.1", "50000", &src, sizeof(struct sockaddr_storage)) < 0) {
printf("Unable to convert src to sockaddr: %s\n", strerror(errno));
exit(FAIL);
}
memset(&dst, 0, sizeof(struct sockaddr_storage));
if (knet_strtoaddr("127.0.0.1", "50001", &dst, sizeof(struct sockaddr_storage)) < 0) {
printf("Unable to convert dst to sockaddr: %s\n", strerror(errno));
exit(FAIL);
}
printf("Test knet_link_get_ping_timers incorrect knet_h\n");
if ((!knet_link_get_ping_timers(NULL, 1, 0, &interval, &timeout, &precision)) || (errno != EINVAL)) {
printf("knet_link_get_ping_timers accepted invalid knet_h or returned incorrect error: %s\n", strerror(errno));
exit(FAIL);
}
setup_logpipes(logfds);
knet_h = knet_handle_new(1, logfds[1], KNET_LOG_DEBUG);
if (!knet_h) {
printf("knet_handle_new failed: %s\n", strerror(errno));
flush_logs(logfds[0], stdout);
close_logpipes(logfds);
exit(FAIL);
}
printf("Test knet_link_get_ping_timers with unconfigured host_id\n");
if ((!knet_link_get_ping_timers(knet_h, 1, 0, &interval, &timeout, &precision)) || (errno != EINVAL)) {
printf("knet_link_get_ping_timers accepted invalid host_id or returned incorrect error: %s\n", strerror(errno));
knet_handle_free(knet_h);
flush_logs(logfds[0], stdout);
close_logpipes(logfds);
exit(FAIL);
}
flush_logs(logfds[0], stdout);
printf("Test knet_link_get_ping_timers with incorrect linkid\n");
if (knet_host_add(knet_h, 1) < 0) {
printf("Unable to add host_id 1: %s\n", strerror(errno));
knet_handle_free(knet_h);
flush_logs(logfds[0], stdout);
close_logpipes(logfds);
exit(FAIL);
}
if ((!knet_link_get_ping_timers(knet_h, 1, KNET_MAX_LINK, &interval, &timeout, &precision)) || (errno != EINVAL)) {
printf("knet_link_get_ping_timers accepted invalid linkid or returned incorrect error: %s\n", strerror(errno));
knet_host_remove(knet_h, 1);
knet_handle_free(knet_h);
flush_logs(logfds[0], stdout);
close_logpipes(logfds);
exit(FAIL);
}
flush_logs(logfds[0], stdout);
printf("Test knet_link_get_ping_timers with incorrect interval\n");
if ((!knet_link_get_ping_timers(knet_h, 1, 0, NULL, &timeout, &precision)) || (errno != EINVAL)) {
printf("knet_link_get_ping_timers accepted invalid interval or returned incorrect error: %s\n", strerror(errno));
knet_host_remove(knet_h, 1);
knet_handle_free(knet_h);
flush_logs(logfds[0], stdout);
close_logpipes(logfds);
exit(FAIL);
}
flush_logs(logfds[0], stdout);
printf("Test knet_link_get_ping_timers with incorrect timeout\n");
if ((!knet_link_get_ping_timers(knet_h, 1, 0, &interval, NULL, &precision)) || (errno != EINVAL)) {
printf("knet_link_get_ping_timers accepted invalid timeout or returned incorrect error: %s\n", strerror(errno));
knet_host_remove(knet_h, 1);
knet_handle_free(knet_h);
flush_logs(logfds[0], stdout);
close_logpipes(logfds);
exit(FAIL);
}
flush_logs(logfds[0], stdout);
printf("Test knet_link_get_ping_timers with incorrect interval\n");
if ((!knet_link_get_ping_timers(knet_h, 1, 0, &interval, &timeout, NULL)) || (errno != EINVAL)) {
printf("knet_link_get_ping_timers accepted invalid interval or returned incorrect error: %s\n", strerror(errno));
knet_host_remove(knet_h, 1);
knet_handle_free(knet_h);
flush_logs(logfds[0], stdout);
close_logpipes(logfds);
exit(FAIL);
}
flush_logs(logfds[0], stdout);
printf("Test knet_link_get_ping_timers with unconfigured link\n");
if ((!knet_link_get_ping_timers(knet_h, 1, 0, &interval, &timeout, &precision)) || (errno != EINVAL)) {
printf("knet_link_get_ping_timers accepted unconfigured link or returned incorrect error: %s\n", strerror(errno));
knet_host_remove(knet_h, 1);
knet_handle_free(knet_h);
flush_logs(logfds[0], stdout);
close_logpipes(logfds);
exit(FAIL);
}
flush_logs(logfds[0], stdout);
printf("Test knet_link_get_ping_timers with correct values\n");
if (knet_link_set_config(knet_h, 1, 0, KNET_TRANSPORT_UDP, &src, &dst, 0) < 0) {
printf("Unable to configure link: %s\n", strerror(errno));
knet_host_remove(knet_h, 1);
knet_handle_free(knet_h);
flush_logs(logfds[0], stdout);
close_logpipes(logfds);
exit(FAIL);
}
if (knet_link_get_ping_timers(knet_h, 1, 0, &interval, &timeout, &precision) < 0) {
printf("knet_link_get_ping_timers failed: %s\n", strerror(errno));
knet_link_clear_config(knet_h, 1, 0);
knet_host_remove(knet_h, 1);
knet_handle_free(knet_h);
flush_logs(logfds[0], stdout);
close_logpipes(logfds);
exit(FAIL);
}
- printf("DEFAULT: int: %ld timeout: %ld prec: %u\n", interval, timeout, precision);
+ printf("DEFAULT: int: %ld timeout: %ld prec: %u\n", (long int)interval, (long int)timeout, precision);
if ((interval != KNET_LINK_DEFAULT_PING_INTERVAL) ||
(timeout != KNET_LINK_DEFAULT_PING_TIMEOUT) ||
(precision != KNET_LINK_DEFAULT_PING_PRECISION)) {
printf("knet_link_get_ping_timers failed to set values\n");
knet_link_clear_config(knet_h, 1, 0);
knet_host_remove(knet_h, 1);
knet_handle_free(knet_h);
flush_logs(logfds[0], stdout);
close_logpipes(logfds);
exit(FAIL);
}
flush_logs(logfds[0], stdout);
knet_link_clear_config(knet_h, 1, 0);
knet_host_remove(knet_h, 1);
knet_handle_free(knet_h);
flush_logs(logfds[0], stdout);
close_logpipes(logfds);
}
int main(int argc, char *argv[])
{
need_root();
test();
return PASS;
}
File Metadata
Details
Attached
Mime Type
text/x-diff
Expires
Wed, Jun 25, 6:54 AM (11 h, 3 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
1952479
Default Alt Text
(65 KB)
Attached To
Mode
rK kronosnet
Attached
Detach File
Event Timeline
Log In to Comment