diff --git a/libratbox/ChangeLog b/libratbox/ChangeLog index f70226c..76e0b7d 100644 --- a/libratbox/ChangeLog +++ b/libratbox/ChangeLog @@ -1,3 +1,344 @@ +androsyn 2008/06/24 14:04:50 UTC (25588) + Log: + move some of the common accept code into a function + + Modified: + libratbox/trunk/src/openssl.c (File Modified) + + +androsyn 2008/06/20 21:49:53 UTC (25576) + Log: + rerun autoconf again + + Modified: + libratbox/trunk/configure (File Modified) + + +androsyn 2008/06/20 21:49:06 UTC (25574) + Log: + enable Id tags on configure.ac + + Modified: + libratbox/trunk/configure.ac (File Modified) (Property Modified) + + +jilles 2008/06/20 21:42:48 UTC (25572) + Log: + Rerun autoconf. + + + Modified: + libratbox/trunk/configure (File Modified) + + +jilles 2008/06/20 21:42:29 UTC (25570) + Log: + Change == in test to =. + + + Modified: + libratbox/trunk/configure.ac (File Modified) + + +androsyn 2008/06/20 18:46:08 UTC (25568) + Log: + add a missing commio-ssl.h include in gnutls.c + + Modified: + libratbox/trunk/src/gnutls.c (File Modified) + + +androsyn 2008/06/19 19:05:46 UTC (25556) + Log: + don't load the certificate twice and remember to close the file after opening it + + Modified: + libratbox/trunk/src/gnutls.c (File Modified) + + +androsyn 2008/06/11 14:40:44 UTC (25532) + Log: + All sorts of autotools goo for GNUTLS. Partially based on nenolod's patch. + + + Modified: + libratbox/trunk/Makefile.in (File Modified) + libratbox/trunk/aclocal.m4 (File Modified) + libratbox/trunk/configure (File Modified) + libratbox/trunk/configure.ac (File Modified) + libratbox/trunk/include/libratbox_config.h.in (File Modified) + libratbox/trunk/src/Makefile.am (File Modified) + libratbox/trunk/src/Makefile.in (File Modified) + libratbox/trunk/src/nossl.c (File Modified) + + +androsyn 2008/06/11 06:12:55 UTC (25530) + Log: + first pass at gnutls code.. + + Modified: + libratbox/trunk/src/gnutls.c (File Added) + + +jilles 2008/05/17 13:36:55 UTC (25387) + Log: + Remove static inline symbols from export-syms.txt. + These do not exist in the library and some platforms + such as MacOS X don't like that. + + + Modified: + libratbox/trunk/src/export-syms.txt (File Modified) + + +androsyn 2008/05/16 16:06:02 UTC (25377) + Log: + fix a compile warning + + Modified: + libratbox/trunk/src/openssl.c (File Modified) + + +androsyn 2008/05/16 15:19:51 UTC (25375) + Log: + fix up the soft assert stuff for libratbox and rename likely/unlikely to rb_likely/rb_unlikely + + Modified: + libratbox/trunk/include/commio-int.h (File Modified) + libratbox/trunk/include/ratbox_lib.h (File Modified) + libratbox/trunk/include/rb_memory.h (File Modified) + libratbox/trunk/src/balloc.c (File Modified) + libratbox/trunk/src/commio.c (File Modified) + libratbox/trunk/src/linebuf.c (File Modified) + libratbox/trunk/src/poll.c (File Modified) + libratbox/trunk/src/ratbox_lib.c (File Modified) + libratbox/trunk/src/sigio.c (File Modified) + libratbox/trunk/src/snprintf.c (File Modified) + + +jilles 2008/05/14 17:55:22 UTC (25364) + Log: + Fix a mistake in kqueue 'overflow' handling. + If there is no space in the output buffer to report an + error adding to the kqueue, kevent(2) will abort and + return the error in errno (I was correct that it does + not tell you where it failed). So do not abort the loop + if kevent(2) fails and do not log (expected) EBADF. + + + Modified: + libratbox/trunk/src/kqueue.c (File Modified) + + +androsyn 2008/05/13 14:48:46 UTC (25358) + Log: + save connect errno so that we get a correct connect failure reason + + Modified: + libratbox/trunk/src/commio.c (File Modified) + + +jilles 2008/05/12 17:52:22 UTC (25356) + Log: + Fix a possible crash with SSL connections closing early. + + + Modified: + libratbox/trunk/src/openssl.c (File Modified) + + +jilles 2008/05/12 16:51:54 UTC (25354) + Log: + Fix kqueue sometimes dropping updates. + (ircd wouldn't read or write anymore to certain clients) + This happens because kqueue.c will often try to add + already closed file descriptors to the kqueue. The kernel + tries to report bad file descriptors in the eventlist; if + the eventlist has no space, processing of the changelist + is silently halted. + The fix: + 1. allocate two kqlst things, one for what kqlst currently does + and one as output buffer + this ensures the kevent(2) call in rb_select_kqueue() never + drops updates + 2. replace the kevent(2) call in kq_update_events() by a loop + that processes the updates one at a time + that doesn't happen much, and it's the only way to be sure + without also getting events out of the queue we cannot process + at that time + + + Modified: + libratbox/trunk/src/kqueue.c (File Modified) + + +androsyn 2008/05/08 19:32:13 UTC (25327) + Log: + forgot prototypes and nossl versions of rb_ssl handshake stuff + + Modified: + libratbox/trunk/include/rb_commio.h (File Modified) + libratbox/trunk/src/nossl.c (File Modified) + + +androsyn 2008/05/08 19:09:42 UTC (25325) + Log: + keep track of the number of openssl handshakes and export rb_ssl_handshake_count and rb_ssl_clear_handshake_count + + Modified: + libratbox/trunk/include/commio-int.h (File Modified) + libratbox/trunk/src/export-syms.txt (File Modified) + libratbox/trunk/src/openssl.c (File Modified) + + +androsyn 2008/05/02 12:41:05 UTC (25291) + Log: + fix build for bsd platforms with lack EVFILT_TIMER + + Modified: + libratbox/trunk/src/kqueue.c (File Modified) + + +androsyn 2008/04/21 18:38:23 UTC (25245) + Log: + kill a process with SIGKILL when calling helper_close to be certain the process goes away + + Modified: + libratbox/trunk/src/helper.c (File Modified) + + +river 2008/04/16 20:33:35 UTC (25235) + Log: + support for compiling on OpenVMS (untested) + + + Modified: + libratbox/trunk/include/libratbox_config.h_vms (File Added) + libratbox/trunk/src/descrip.mms (File Added) + libratbox/trunk/src/rawbuf.c (File Modified) + + +androsyn 2008/04/16 20:11:37 UTC (25233) + Log: + less than zero doesn't make sense for size_t + + Modified: + libratbox/trunk/src/balloc.c (File Modified) + + +jilles 2008/04/13 16:19:04 UTC (25229) + Log: + patricia: remove ugly abuse of K&R style function declaration + It left the argument types unspecified in a function + pointer, then called it using different numbers of + arguments. + + + Modified: + libratbox/trunk/include/rb_patricia.h (File Modified) + libratbox/trunk/src/patricia.c (File Modified) + + +jilles 2008/04/12 22:20:43 UTC (25227) + Log: + Remove linebuf's per-line flushing flag, as it's per-head state. + In rare cases, this sharing caused the ircd to skip + part of outgoing traffic, e.g. appearing as "not enough + parameters" errors on the other side. + The purpose of this flag can be fulfilled by the writeofs + in the bufhead. + + + Modified: + libratbox/trunk/include/rb_linebuf.h (File Modified) + libratbox/trunk/src/linebuf.c (File Modified) + + +jilles 2008/04/12 14:30:19 UTC (25225) + Log: + read/write return type should be ssize_t, not int or size_t. + The writev emulation used size_t, which is unsigned, + preventing negative values to be seen. + + + Modified: + libratbox/trunk/src/commio.c (File Modified) + + +jilles 2008/04/11 08:48:21 UTC (25223) + Log: + kqueue: also use EV_ONESHOT for read events + This makes the kernel's state agree with our handler pointer. + SSL may need to suspend selecting for reading to write + something, e.g. with renegotiation. + + + Modified: + libratbox/trunk/src/kqueue.c (File Modified) + + +jilles 2008/04/09 19:43:08 UTC (25219) + Log: + Call the accept callback when timing out an SSL accept. + The callback will close the F. + + + Modified: + libratbox/trunk/src/openssl.c (File Modified) + + +jilles 2008/04/09 19:26:04 UTC (25217) + Log: + Fix up ssl_accept WANT_READ/WANT_WRITE a bit. + Only select for the exact thing asked, and if + SSL_ERROR_SYSCALL happens abort it even if the + errno is "ignorable". + + + Modified: + libratbox/trunk/src/openssl.c (File Modified) + + +jilles 2008/04/05 19:09:32 UTC (25205) + Log: + Fix SET_SS_LEN so that it also works correctly outside libratbox. + Use RB_SOCKADDR_HAS_SA_LEN instead of SOCKADDR_IN_HAS_LEN + which is only defined inside libratbox. + This fixes creating own sockaddr structs in other programs + using SET_SS_LEN, then passing them to libratbox, on + 4.4BSD based systems. + + + Modified: + libratbox/trunk/include/ratbox_lib.h (File Modified) + + +androsyn 2008/04/04 18:43:29 UTC (25203) + Log: + don't spin on accept when you don't get any data + + Modified: + libratbox/trunk/src/openssl.c (File Modified) + + +androsyn 2008/04/01 22:05:38 UTC (25197) + Log: + return useful errno values here + + Modified: + libratbox/trunk/src/nossl.c (File Modified) + + +jilles 2008/04/01 20:38:54 UTC (25195) + Log: + Make this link without OpenSSL. + Patch from nenolod. + + + Modified: + libratbox/trunk/src/nossl.c (File Modified) + + androsyn 2008/03/30 16:34:18 UTC (25177) Log: Remove DISABLE_SSL_COMP stuff completely. Force our outbound connections to use TLSv1 diff --git a/libratbox/Makefile.in b/libratbox/Makefile.in index 051ad7d..d4fc067 100644 --- a/libratbox/Makefile.in +++ b/libratbox/Makefile.in @@ -13,6 +13,7 @@ # PARTICULAR PURPOSE. @SET_MAKE@ + VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ @@ -33,7 +34,8 @@ build_triplet = @build@ host_triplet = @host@ subdir = . DIST_COMMON = README $(am__configure_deps) $(srcdir)/Makefile.am \ - $(srcdir)/Makefile.in $(top_srcdir)/configure \ + $(srcdir)/Makefile.in $(srcdir)/libratbox.pc.in \ + $(top_srcdir)/configure \ $(top_srcdir)/include/libratbox_config.h.in COPYING ChangeLog \ INSTALL TODO config.guess config.sub depcomp install-sh \ ltmain.sh missing @@ -46,7 +48,7 @@ am__CONFIG_DISTCLEAN_FILES = config.status config.cache config.log \ configure.lineno config.status.lineno mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/include/libratbox_config.h -CONFIG_CLEAN_FILES = +CONFIG_CLEAN_FILES = libratbox.pc SOURCES = DIST_SOURCES = RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \ @@ -56,6 +58,15 @@ RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \ install-pdf-recursive install-ps-recursive install-recursive \ installcheck-recursive installdirs-recursive pdf-recursive \ ps-recursive uninstall-recursive +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; +am__installdirs = "$(DESTDIR)$(pkgconfigdir)" +pkgconfigDATA_INSTALL = $(INSTALL_DATA) +DATA = $(pkgconfig_DATA) RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \ distclean-recursive maintainer-clean-recursive ETAGS = etags @@ -142,7 +153,7 @@ SED = @SED@ SEDOBJ = @SEDOBJ@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ -SSL_INCLUDES = @SSL_INCLUDES@ +SSL_CFLAGS = @SSL_CFLAGS@ SSL_LIBS = @SSL_LIBS@ STRIP = @STRIP@ TOUCH = @TOUCH@ @@ -201,6 +212,8 @@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ AUTOMAKE_OPTIONS = foreign SUBDIRS = src +pkgconfigdir = $(libdir)/pkgconfig +pkgconfig_DATA = libratbox.pc all: all-recursive .SUFFIXES: @@ -254,6 +267,8 @@ $(top_srcdir)/include/libratbox_config.h.in: @MAINTAINER_MODE_TRUE@ $(am__config distclean-hdr: -rm -f include/libratbox_config.h include/stamp-h1 +libratbox.pc: $(top_builddir)/config.status $(srcdir)/libratbox.pc.in + cd $(top_builddir) && $(SHELL) ./config.status $@ mostlyclean-libtool: -rm -f *.lo @@ -263,6 +278,23 @@ clean-libtool: distclean-libtool: -rm -f libtool +install-pkgconfigDATA: $(pkgconfig_DATA) + @$(NORMAL_INSTALL) + test -z "$(pkgconfigdir)" || $(MKDIR_P) "$(DESTDIR)$(pkgconfigdir)" + @list='$(pkgconfig_DATA)'; for p in $$list; do \ + if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ + f=$(am__strip_dir) \ + echo " $(pkgconfigDATA_INSTALL) '$$d$$p' '$(DESTDIR)$(pkgconfigdir)/$$f'"; \ + $(pkgconfigDATA_INSTALL) "$$d$$p" "$(DESTDIR)$(pkgconfigdir)/$$f"; \ + done + +uninstall-pkgconfigDATA: + @$(NORMAL_UNINSTALL) + @list='$(pkgconfig_DATA)'; for p in $$list; do \ + f=$(am__strip_dir) \ + echo " rm -f '$(DESTDIR)$(pkgconfigdir)/$$f'"; \ + rm -f "$(DESTDIR)$(pkgconfigdir)/$$f"; \ + done # This directory's subdirectories are mostly independent; you can cd # into them and run `make' without going through this Makefile. @@ -544,9 +576,12 @@ distcleancheck: distclean exit 1; } >&2 check-am: all-am check: check-recursive -all-am: Makefile +all-am: Makefile $(DATA) installdirs: installdirs-recursive installdirs-am: + for dir in "$(DESTDIR)$(pkgconfigdir)"; do \ + test -z "$$dir" || $(MKDIR_P) "$$dir"; \ + done install: install-recursive install-exec: install-exec-recursive install-data: install-data-recursive @@ -591,7 +626,7 @@ info: info-recursive info-am: -install-data-am: +install-data-am: install-pkgconfigDATA install-dvi: install-dvi-recursive @@ -627,7 +662,7 @@ ps: ps-recursive ps-am: -uninstall-am: +uninstall-am: uninstall-pkgconfigDATA .MAKE: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) install-am \ install-strip @@ -642,11 +677,12 @@ uninstall-am: install-data install-data-am install-dvi install-dvi-am \ install-exec install-exec-am install-html install-html-am \ install-info install-info-am install-man install-pdf \ - install-pdf-am install-ps install-ps-am install-strip \ - installcheck installcheck-am installdirs installdirs-am \ - maintainer-clean maintainer-clean-generic mostlyclean \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags tags-recursive uninstall uninstall-am + install-pdf-am install-pkgconfigDATA install-ps install-ps-am \ + install-strip installcheck installcheck-am installdirs \ + installdirs-am maintainer-clean maintainer-clean-generic \ + mostlyclean mostlyclean-generic mostlyclean-libtool pdf pdf-am \ + ps ps-am tags tags-recursive uninstall uninstall-am \ + uninstall-pkgconfigDATA # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. diff --git a/libratbox/aclocal.m4 b/libratbox/aclocal.m4 index 6730501..cce9fea 100644 --- a/libratbox/aclocal.m4 +++ b/libratbox/aclocal.m4 @@ -21,7 +21,7 @@ To do so, use the procedure documented by the package, typically `autoreconf'.]) # libtool.m4 - Configure libtool for the host system. -*-Autoconf-*- -# serial 52 Debian 1.5.26-4 AC_PROG_LIBTOOL +# serial 52 Debian 1.5.26-1ubuntu1 AC_PROG_LIBTOOL # AC_PROVIDE_IFELSE(MACRO-NAME, IF-PROVIDED, IF-NOT-PROVIDED) @@ -6671,116 +6671,6 @@ AC_SUBST([SED]) AC_MSG_RESULT([$SED]) ]) -# longlong.m4 serial 13 -dnl Copyright (C) 1999-2007 Free Software Foundation, Inc. -dnl This file is free software; the Free Software Foundation -dnl gives unlimited permission to copy and/or distribute it, -dnl with or without modifications, as long as this notice is preserved. - -dnl From Paul Eggert. - -# Define HAVE_LONG_LONG_INT if 'long long int' works. -# This fixes a bug in Autoconf 2.61, but can be removed once we -# assume 2.62 everywhere. - -# Note: If the type 'long long int' exists but is only 32 bits large -# (as on some very old compilers), HAVE_LONG_LONG_INT will not be -# defined. In this case you can treat 'long long int' like 'long int'. - -AC_DEFUN([AC_TYPE_LONG_LONG_INT], -[ - AC_CACHE_CHECK([for long long int], [ac_cv_type_long_long_int], - [AC_LINK_IFELSE( - [_AC_TYPE_LONG_LONG_SNIPPET], - [dnl This catches a bug in Tandem NonStop Kernel (OSS) cc -O circa 2004. - dnl If cross compiling, assume the bug isn't important, since - dnl nobody cross compiles for this platform as far as we know. - AC_RUN_IFELSE( - [AC_LANG_PROGRAM( - [[@%:@include - @%:@ifndef LLONG_MAX - @%:@ define HALF \ - (1LL << (sizeof (long long int) * CHAR_BIT - 2)) - @%:@ define LLONG_MAX (HALF - 1 + HALF) - @%:@endif]], - [[long long int n = 1; - int i; - for (i = 0; ; i++) - { - long long int m = n << i; - if (m >> i != n) - return 1; - if (LLONG_MAX / 2 < m) - break; - } - return 0;]])], - [ac_cv_type_long_long_int=yes], - [ac_cv_type_long_long_int=no], - [ac_cv_type_long_long_int=yes])], - [ac_cv_type_long_long_int=no])]) - if test $ac_cv_type_long_long_int = yes; then - AC_DEFINE([HAVE_LONG_LONG_INT], 1, - [Define to 1 if the system has the type `long long int'.]) - fi -]) - -# Define HAVE_UNSIGNED_LONG_LONG_INT if 'unsigned long long int' works. -# This fixes a bug in Autoconf 2.61, but can be removed once we -# assume 2.62 everywhere. - -# Note: If the type 'unsigned long long int' exists but is only 32 bits -# large (as on some very old compilers), AC_TYPE_UNSIGNED_LONG_LONG_INT -# will not be defined. In this case you can treat 'unsigned long long int' -# like 'unsigned long int'. - -AC_DEFUN([AC_TYPE_UNSIGNED_LONG_LONG_INT], -[ - AC_CACHE_CHECK([for unsigned long long int], - [ac_cv_type_unsigned_long_long_int], - [AC_LINK_IFELSE( - [_AC_TYPE_LONG_LONG_SNIPPET], - [ac_cv_type_unsigned_long_long_int=yes], - [ac_cv_type_unsigned_long_long_int=no])]) - if test $ac_cv_type_unsigned_long_long_int = yes; then - AC_DEFINE([HAVE_UNSIGNED_LONG_LONG_INT], 1, - [Define to 1 if the system has the type `unsigned long long int'.]) - fi -]) - -# Expands to a C program that can be used to test for simultaneous support -# of 'long long' and 'unsigned long long'. We don't want to say that -# 'long long' is available if 'unsigned long long' is not, or vice versa, -# because too many programs rely on the symmetry between signed and unsigned -# integer types (excluding 'bool'). -AC_DEFUN([_AC_TYPE_LONG_LONG_SNIPPET], -[ - AC_LANG_PROGRAM( - [[/* Test preprocessor. */ - #if ! (-9223372036854775807LL < 0 && 0 < 9223372036854775807ll) - error in preprocessor; - #endif - #if ! (18446744073709551615ULL <= -1ull) - error in preprocessor; - #endif - /* Test literals. */ - long long int ll = 9223372036854775807ll; - long long int nll = -9223372036854775807LL; - unsigned long long int ull = 18446744073709551615ULL; - /* Test constant expressions. */ - typedef int a[((-9223372036854775807LL < 0 && 0 < 9223372036854775807ll) - ? 1 : -1)]; - typedef int b[(18446744073709551615ULL <= (unsigned long long int) -1 - ? 1 : -1)]; - int i = 63;]], - [[/* Test availability of runtime routines for shift and division. */ - long long int llmax = 9223372036854775807ll; - unsigned long long int ullmax = 18446744073709551615ull; - return ((ll << 63) | (ll >> 63) | (ll < i) | (ll > i) - | (llmax / ll) | (llmax % ll) - | (ull << 63) | (ull >> 63) | (ull << i) | (ull >> i) - | (ullmax / ull) | (ullmax % ull));]]) -]) - # pkg.m4 - Macros to locate and utilise pkg-config. -*- Autoconf -*- # # Copyright © 2004 Scott James Remnant . diff --git a/libratbox/configure b/libratbox/configure index a65b65e..e463495 100755 --- a/libratbox/configure +++ b/libratbox/configure @@ -2,7 +2,7 @@ # Guess values for system-dependent variables and create Makefiles. # Generated by GNU Autoconf 2.61 for libratbox devel. # -# $Id: configure.ac 23020 2006-09-01 18:20:19Z androsyn $ +# $Id: configure.ac 25574 2008-06-20 21:49:06Z androsyn $ # # Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001, # 2002, 2003, 2004, 2005, 2006 Free Software Foundation, Inc. @@ -895,7 +895,7 @@ GNUTLS_CFLAGS GNUTLS_LIBS PICFLAGS SEDOBJ -SSL_INCLUDES +SSL_CFLAGS SSL_LIBS RB_PREFIX LIBOBJS @@ -1508,10 +1508,10 @@ Optional Features: optimize for fast installation [default=yes] --disable-libtool-lock avoid locking (might break parallel builds) --disable-ipv6 Disable IPv6 support - --enable-gnutls Enable GnuTLS support. - --disable-gnutls Disable GnuTLS support. --enable-openssl=DIR Enable OpenSSL support (DIR optional). --disable-openssl Disable OpenSSL support. + --enable-gnutls Enable GnuTLS support. + --disable-gnutls Disable GnuTLS support. --enable-assert Enable assert(). Choose between soft(warnings) and hard(aborts the daemon) --enable-profile Enable profiling @@ -1616,7 +1616,7 @@ Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001, This configure script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it. -$Id: configure.ac 23020 2006-09-01 18:20:19Z androsyn $ +$Id: configure.ac 25574 2008-06-20 21:49:06Z androsyn $ _ACEOF exit fi @@ -22261,43 +22261,26 @@ if test "${ac_cv_type_long_long_int+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF - - /* confdefs.h. */ +/* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ -/* Test preprocessor. */ - #if ! (-9223372036854775807LL < 0 && 0 < 9223372036854775807ll) - error in preprocessor; - #endif - #if ! (18446744073709551615ULL <= -1ull) - error in preprocessor; - #endif - /* Test literals. */ - long long int ll = 9223372036854775807ll; - long long int nll = -9223372036854775807LL; - unsigned long long int ull = 18446744073709551615ULL; - /* Test constant expressions. */ - typedef int a[((-9223372036854775807LL < 0 && 0 < 9223372036854775807ll) - ? 1 : -1)]; - typedef int b[(18446744073709551615ULL <= (unsigned long long int) -1 - ? 1 : -1)]; - int i = 63; +long long int ll = 9223372036854775807ll; + long long int nll = -9223372036854775807LL; + typedef int a[((-9223372036854775807LL < 0 + && 0 < 9223372036854775807ll) + ? 1 : -1)]; + int i = 63; int main () { -/* Test availability of runtime routines for shift and division. */ - long long int llmax = 9223372036854775807ll; - unsigned long long int ullmax = 18446744073709551615ull; - return ((ll << 63) | (ll >> 63) | (ll < i) | (ll > i) - | (llmax / ll) | (llmax % ll) - | (ull << 63) | (ull >> 63) | (ull << i) | (ull >> i) - | (ullmax / ull) | (ullmax % ull)); +long long int llmax = 9223372036854775807ll; + return ((ll << 63) | (ll >> 63) | (ll < i) | (ll > i) + | (llmax / ll) | (llmax % ll)); ; return 0; } - _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (ac_try="$ac_link" @@ -22483,43 +22466,24 @@ if test "${ac_cv_type_unsigned_long_long_int+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF - - /* confdefs.h. */ +/* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ -/* Test preprocessor. */ - #if ! (-9223372036854775807LL < 0 && 0 < 9223372036854775807ll) - error in preprocessor; - #endif - #if ! (18446744073709551615ULL <= -1ull) - error in preprocessor; - #endif - /* Test literals. */ - long long int ll = 9223372036854775807ll; - long long int nll = -9223372036854775807LL; - unsigned long long int ull = 18446744073709551615ULL; - /* Test constant expressions. */ - typedef int a[((-9223372036854775807LL < 0 && 0 < 9223372036854775807ll) - ? 1 : -1)]; - typedef int b[(18446744073709551615ULL <= (unsigned long long int) -1 - ? 1 : -1)]; - int i = 63; +unsigned long long int ull = 18446744073709551615ULL; + typedef int a[(18446744073709551615ULL <= (unsigned long long int) -1 + ? 1 : -1)]; + int i = 63; int main () { -/* Test availability of runtime routines for shift and division. */ - long long int llmax = 9223372036854775807ll; - unsigned long long int ullmax = 18446744073709551615ull; - return ((ll << 63) | (ll >> 63) | (ll < i) | (ll > i) - | (llmax / ll) | (llmax % ll) - | (ull << 63) | (ull >> 63) | (ull << i) | (ull >> i) - | (ullmax / ull) | (ullmax % ull)); +unsigned long long int ullmax = 18446744073709551615ull; + return (ull << 63 | ull >> 63 | ull << i | ull >> i + | ullmax / ull | ullmax % ull); ; return 0; } - _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (ac_try="$ac_link" @@ -25886,221 +25850,6 @@ _ACEOF fi -{ echo "$as_me:$LINENO: checking for GnuTLS" >&5 -echo $ECHO_N "checking for GnuTLS... $ECHO_C" >&6; } -# Check whether --enable-gnutls was given. -if test "${enable_gnutls+set}" = set; then - enableval=$enable_gnutls; cf_enable_gnutls=$enableval -else - cf_enable_gnutls="auto" -fi - - -if test "$cf_enable_gnutls" != no; then - - -if test "x$ac_cv_env_PKG_CONFIG_set" != "xset"; then - if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}pkg-config", so it can be a program name with args. -set dummy ${ac_tool_prefix}pkg-config; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_path_PKG_CONFIG+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - case $PKG_CONFIG in - [\\/]* | ?:[\\/]*) - ac_cv_path_PKG_CONFIG="$PKG_CONFIG" # Let the user override the test with a path. - ;; - *) - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_path_PKG_CONFIG="$as_dir/$ac_word$ac_exec_ext" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - - ;; -esac -fi -PKG_CONFIG=$ac_cv_path_PKG_CONFIG -if test -n "$PKG_CONFIG"; then - { echo "$as_me:$LINENO: result: $PKG_CONFIG" >&5 -echo "${ECHO_T}$PKG_CONFIG" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - -fi -if test -z "$ac_cv_path_PKG_CONFIG"; then - ac_pt_PKG_CONFIG=$PKG_CONFIG - # Extract the first word of "pkg-config", so it can be a program name with args. -set dummy pkg-config; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_path_ac_pt_PKG_CONFIG+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - case $ac_pt_PKG_CONFIG in - [\\/]* | ?:[\\/]*) - ac_cv_path_ac_pt_PKG_CONFIG="$ac_pt_PKG_CONFIG" # Let the user override the test with a path. - ;; - *) - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_path_ac_pt_PKG_CONFIG="$as_dir/$ac_word$ac_exec_ext" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - - ;; -esac -fi -ac_pt_PKG_CONFIG=$ac_cv_path_ac_pt_PKG_CONFIG -if test -n "$ac_pt_PKG_CONFIG"; then - { echo "$as_me:$LINENO: result: $ac_pt_PKG_CONFIG" >&5 -echo "${ECHO_T}$ac_pt_PKG_CONFIG" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - if test "x$ac_pt_PKG_CONFIG" = x; then - PKG_CONFIG="" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&5 -echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&2;} -ac_tool_warned=yes ;; -esac - PKG_CONFIG=$ac_pt_PKG_CONFIG - fi -else - PKG_CONFIG="$ac_cv_path_PKG_CONFIG" -fi - -fi -if test -n "$PKG_CONFIG"; then - _pkg_min_version=0.9.0 - { echo "$as_me:$LINENO: checking pkg-config is at least version $_pkg_min_version" >&5 -echo $ECHO_N "checking pkg-config is at least version $_pkg_min_version... $ECHO_C" >&6; } - if $PKG_CONFIG --atleast-pkgconfig-version $_pkg_min_version; then - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - PKG_CONFIG="" - fi - -fi - -pkg_failed=no -{ echo "$as_me:$LINENO: checking for GNUTLS" >&5 -echo $ECHO_N "checking for GNUTLS... $ECHO_C" >&6; } - -if test -n "$PKG_CONFIG"; then - if test -n "$GNUTLS_CFLAGS"; then - pkg_cv_GNUTLS_CFLAGS="$GNUTLS_CFLAGS" - else - if test -n "$PKG_CONFIG" && \ - { (echo "$as_me:$LINENO: \$PKG_CONFIG --exists --print-errors \"gnutls\"") >&5 - ($PKG_CONFIG --exists --print-errors "gnutls") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; then - pkg_cv_GNUTLS_CFLAGS=`$PKG_CONFIG --cflags "gnutls" 2>/dev/null` -else - pkg_failed=yes -fi - fi -else - pkg_failed=untried -fi -if test -n "$PKG_CONFIG"; then - if test -n "$GNUTLS_LIBS"; then - pkg_cv_GNUTLS_LIBS="$GNUTLS_LIBS" - else - if test -n "$PKG_CONFIG" && \ - { (echo "$as_me:$LINENO: \$PKG_CONFIG --exists --print-errors \"gnutls\"") >&5 - ($PKG_CONFIG --exists --print-errors "gnutls") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; then - pkg_cv_GNUTLS_LIBS=`$PKG_CONFIG --libs "gnutls" 2>/dev/null` -else - pkg_failed=yes -fi - fi -else - pkg_failed=untried -fi - - - -if test $pkg_failed = yes; then - -if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then - _pkg_short_errors_supported=yes -else - _pkg_short_errors_supported=no -fi - if test $_pkg_short_errors_supported = yes; then - GNUTLS_PKG_ERRORS=`$PKG_CONFIG --short-errors --errors-to-stdout --print-errors "gnutls"` - else - GNUTLS_PKG_ERRORS=`$PKG_CONFIG --errors-to-stdout --print-errors "gnutls"` - fi - # Put the nasty error message in config.log where it belongs - echo "$GNUTLS_PKG_ERRORS" >&5 - - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - cf_enable_gnutls="no" -elif test $pkg_failed = untried; then - cf_enable_gnutls="no" -else - GNUTLS_CFLAGS=$pkg_cv_GNUTLS_CFLAGS - GNUTLS_LIBS=$pkg_cv_GNUTLS_LIBS - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - - CPPFLAGS="$CPPFLAGS $GNUTLS_CFLAGS" - LIBS="$LIBS $GNUTLS_LIBS" - cf_enable_gnutls="yes" - -fi -fi - -if test "$cf_enable_gnutls" != no; then - -cat >>confdefs.h <<\_ACEOF -#define HAVE_GNUTLS 1 -_ACEOF - -fi { echo "$as_me:$LINENO: checking for OpenSSL" >&5 echo $ECHO_N "checking for OpenSSL... $ECHO_C" >&6; } @@ -26112,10 +25861,6 @@ else fi -if test "$cf_enable_gnutls" = "yes" -a "$cf_enable_openssl" = "auto"; then - cf_enable_openssl="no" -fi - if test "$cf_enable_openssl" != "no" ; then cf_openssl_basedir="" if test "$cf_enable_openssl" != "auto" && @@ -26133,7 +25878,7 @@ if test "$cf_enable_openssl" != "no" ; then fi if test ! -z "$cf_openssl_basedir"; then if test -f "${cf_openssl_basedir}/include/openssl/opensslv.h" ; then - SSL_INCLUDES="-I${cf_openssl_basedir}/include" + SSL_CFLAGS="-I${cf_openssl_basedir}/include" SSL_LIBS="-L${cf_openssl_basedir}/lib" else cf_openssl_basedir="" @@ -26160,7 +25905,7 @@ echo "${ECHO_T}disabled" >&6; } fi save_CPPFLAGS="$CPPFLAGS" -CPPFLAGS="$CPPFLAGS $SSL_INCLUDES" +CPPFLAGS="$CPPFLAGS $SSL_CFLAGS" save_LIBS="$LIBS" LIBS="$LIBS $SSL_LIBS" if test "$cf_enable_openssl" != no; then @@ -26374,15 +26119,241 @@ fi fi -if test "$cf_enable_openssl" != no; then + + +{ echo "$as_me:$LINENO: checking for GnuTLS" >&5 +echo $ECHO_N "checking for GnuTLS... $ECHO_C" >&6; } +# Check whether --enable-gnutls was given. +if test "${enable_gnutls+set}" = set; then + enableval=$enable_gnutls; cf_enable_gnutls=$enableval +else + cf_enable_gnutls="auto" +fi + + +if test "$cf_enable_gnutls" != no; then + + +if test "x$ac_cv_env_PKG_CONFIG_set" != "xset"; then + if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}pkg-config", so it can be a program name with args. +set dummy ${ac_tool_prefix}pkg-config; ac_word=$2 +{ echo "$as_me:$LINENO: checking for $ac_word" >&5 +echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } +if test "${ac_cv_path_PKG_CONFIG+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + case $PKG_CONFIG in + [\\/]* | ?:[\\/]*) + ac_cv_path_PKG_CONFIG="$PKG_CONFIG" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_path_PKG_CONFIG="$as_dir/$ac_word$ac_exec_ext" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done +done +IFS=$as_save_IFS + + ;; +esac +fi +PKG_CONFIG=$ac_cv_path_PKG_CONFIG +if test -n "$PKG_CONFIG"; then + { echo "$as_me:$LINENO: result: $PKG_CONFIG" >&5 +echo "${ECHO_T}$PKG_CONFIG" >&6; } +else + { echo "$as_me:$LINENO: result: no" >&5 +echo "${ECHO_T}no" >&6; } +fi + + +fi +if test -z "$ac_cv_path_PKG_CONFIG"; then + ac_pt_PKG_CONFIG=$PKG_CONFIG + # Extract the first word of "pkg-config", so it can be a program name with args. +set dummy pkg-config; ac_word=$2 +{ echo "$as_me:$LINENO: checking for $ac_word" >&5 +echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } +if test "${ac_cv_path_ac_pt_PKG_CONFIG+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + case $ac_pt_PKG_CONFIG in + [\\/]* | ?:[\\/]*) + ac_cv_path_ac_pt_PKG_CONFIG="$ac_pt_PKG_CONFIG" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_path_ac_pt_PKG_CONFIG="$as_dir/$ac_word$ac_exec_ext" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done +done +IFS=$as_save_IFS + + ;; +esac +fi +ac_pt_PKG_CONFIG=$ac_cv_path_ac_pt_PKG_CONFIG +if test -n "$ac_pt_PKG_CONFIG"; then + { echo "$as_me:$LINENO: result: $ac_pt_PKG_CONFIG" >&5 +echo "${ECHO_T}$ac_pt_PKG_CONFIG" >&6; } +else + { echo "$as_me:$LINENO: result: no" >&5 +echo "${ECHO_T}no" >&6; } +fi + + if test "x$ac_pt_PKG_CONFIG" = x; then + PKG_CONFIG="" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools +whose name does not start with the host triplet. If you think this +configuration is useful to you, please write to autoconf@gnu.org." >&5 +echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools +whose name does not start with the host triplet. If you think this +configuration is useful to you, please write to autoconf@gnu.org." >&2;} +ac_tool_warned=yes ;; +esac + PKG_CONFIG=$ac_pt_PKG_CONFIG + fi +else + PKG_CONFIG="$ac_cv_path_PKG_CONFIG" +fi + +fi +if test -n "$PKG_CONFIG"; then + _pkg_min_version=0.9.0 + { echo "$as_me:$LINENO: checking pkg-config is at least version $_pkg_min_version" >&5 +echo $ECHO_N "checking pkg-config is at least version $_pkg_min_version... $ECHO_C" >&6; } + if $PKG_CONFIG --atleast-pkgconfig-version $_pkg_min_version; then + { echo "$as_me:$LINENO: result: yes" >&5 +echo "${ECHO_T}yes" >&6; } + else + { echo "$as_me:$LINENO: result: no" >&5 +echo "${ECHO_T}no" >&6; } + PKG_CONFIG="" + fi + +fi + +pkg_failed=no +{ echo "$as_me:$LINENO: checking for GNUTLS" >&5 +echo $ECHO_N "checking for GNUTLS... $ECHO_C" >&6; } + +if test -n "$PKG_CONFIG"; then + if test -n "$GNUTLS_CFLAGS"; then + pkg_cv_GNUTLS_CFLAGS="$GNUTLS_CFLAGS" + else + if test -n "$PKG_CONFIG" && \ + { (echo "$as_me:$LINENO: \$PKG_CONFIG --exists --print-errors \"gnutls\"") >&5 + ($PKG_CONFIG --exists --print-errors "gnutls") 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; then + pkg_cv_GNUTLS_CFLAGS=`$PKG_CONFIG --cflags "gnutls" 2>/dev/null` +else + pkg_failed=yes +fi + fi +else + pkg_failed=untried +fi +if test -n "$PKG_CONFIG"; then + if test -n "$GNUTLS_LIBS"; then + pkg_cv_GNUTLS_LIBS="$GNUTLS_LIBS" + else + if test -n "$PKG_CONFIG" && \ + { (echo "$as_me:$LINENO: \$PKG_CONFIG --exists --print-errors \"gnutls\"") >&5 + ($PKG_CONFIG --exists --print-errors "gnutls") 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; then + pkg_cv_GNUTLS_LIBS=`$PKG_CONFIG --libs "gnutls" 2>/dev/null` +else + pkg_failed=yes +fi + fi +else + pkg_failed=untried +fi + + + +if test $pkg_failed = yes; then + +if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then + _pkg_short_errors_supported=yes +else + _pkg_short_errors_supported=no +fi + if test $_pkg_short_errors_supported = yes; then + GNUTLS_PKG_ERRORS=`$PKG_CONFIG --short-errors --errors-to-stdout --print-errors "gnutls"` + else + GNUTLS_PKG_ERRORS=`$PKG_CONFIG --errors-to-stdout --print-errors "gnutls"` + fi + # Put the nasty error message in config.log where it belongs + echo "$GNUTLS_PKG_ERRORS" >&5 + + { echo "$as_me:$LINENO: result: no" >&5 +echo "${ECHO_T}no" >&6; } + cf_enable_gnutls="no" +elif test $pkg_failed = untried; then + cf_enable_gnutls="no" +else + GNUTLS_CFLAGS=$pkg_cv_GNUTLS_CFLAGS + GNUTLS_LIBS=$pkg_cv_GNUTLS_LIBS + { echo "$as_me:$LINENO: result: yes" >&5 +echo "${ECHO_T}yes" >&6; } + + cf_enable_gnutls="yes" + +fi +fi + +if test "$cf_enable_gnutls" = "auto" -a "$cf_enable_openssl" = "yes"; then + cf_enable_gnutls="no" +fi + +if test x"$cf_enable_openssl" != xno; then cat >>confdefs.h <<\_ACEOF #define HAVE_OPENSSL 1 _ACEOF + GNUTLS_CFLAGS="" + GNUTLS_LIBS="" + SSL_TYPE="openssl" +elif test x"$cf_enable_gnutls" != xno; then + +cat >>confdefs.h <<\_ACEOF +#define HAVE_GNUTLS 1 +_ACEOF + + SSL_LIBS="" + SSL_CFLAGS="" + SSL_TYPE="gnutls" fi + + CPPFLAGS="$save_CPPFLAGS" LIBS="$save_LIBS" @@ -26479,6 +26450,7 @@ fi + if test "$prefix" = "NONE"; then cat >>confdefs.h <<_ACEOF @@ -26514,6 +26486,7 @@ done ac_config_commands="$ac_config_commands include/librb-config.h" + ac_config_files="$ac_config_files src/Makefile Makefile libratbox.pc" @@ -27451,7 +27424,7 @@ GNUTLS_CFLAGS!$GNUTLS_CFLAGS$ac_delim GNUTLS_LIBS!$GNUTLS_LIBS$ac_delim PICFLAGS!$PICFLAGS$ac_delim SEDOBJ!$SEDOBJ$ac_delim -SSL_INCLUDES!$SSL_INCLUDES$ac_delim +SSL_CFLAGS!$SSL_CFLAGS$ac_delim SSL_LIBS!$SSL_LIBS$ac_delim RB_PREFIX!$RB_PREFIX$ac_delim LIBOBJS!$LIBOBJS$ac_delim @@ -28368,7 +28341,6 @@ echo "Installing into: $prefix" echo "IPv6 support ................... $have_v6" echo "Assert debugging ............... $assert" echo "Block allocator ................ $balloc" -echo "OpenSSL ........................ $cf_enable_openssl" -echo "GnuTLS ......................... $cf_enable_gnutls" +echo "SSL Type........................ $SSL_TYPE" echo diff --git a/libratbox/configure.ac b/libratbox/configure.ac index 95c23ac..eb2b620 100644 --- a/libratbox/configure.ac +++ b/libratbox/configure.ac @@ -1,4 +1,4 @@ -dnl $Id: configure.ac 23020 2006-09-01 18:20:19Z androsyn $ +dnl $Id: configure.ac 25574 2008-06-20 21:49:06Z androsyn $ dnl Process this file with autoconf to produce a configure script. dnl TODO: clean up all the OpenSSL and shared module checking stuff; @@ -8,7 +8,7 @@ dnl said functions need to be just about as complex as they already are. AC_PREREQ(2.60) AUTOMAKE_OPTIONS = 1.10 dnl Sneaky way to get an Id tag into the configure script -AC_COPYRIGHT([$Id: configure.ac 23020 2006-09-01 18:20:19Z androsyn $]) +AC_COPYRIGHT([$Id: configure.ac 25574 2008-06-20 21:49:06Z androsyn $]) AC_INIT([libratbox],[devel]) AM_INIT_AUTOMAKE(AC_PACKAGE_TARNAME, AC_PACKAGE_VERSION, -) @@ -241,25 +241,6 @@ if test "$is_mingw" = "yes"; then AC_DEFINE(HAVE_WIN32, [1], [Define to 1 if you are on windows]) fi -dnl GnuTLS support -AC_MSG_CHECKING(for GnuTLS) -AC_ARG_ENABLE(gnutls, -[AC_HELP_STRING([--enable-gnutls],[Enable GnuTLS support.]) -AC_HELP_STRING([--disable-gnutls],[Disable GnuTLS support.])], -[cf_enable_gnutls=$enableval], -[cf_enable_gnutls="auto"]) - -if test "$cf_enable_gnutls" != no; then - PKG_CHECK_MODULES(GNUTLS, [gnutls], [ - CPPFLAGS="$CPPFLAGS $GNUTLS_CFLAGS" - LIBS="$LIBS $GNUTLS_LIBS" - cf_enable_gnutls="yes" - ], [cf_enable_gnutls="no"]) -fi - -if test "$cf_enable_gnutls" != no; then - AC_DEFINE(HAVE_GNUTLS, 1, [Has GNUTLS]) -fi dnl OpenSSL support AC_MSG_CHECKING(for OpenSSL) @@ -269,11 +250,6 @@ AC_HELP_STRING([--disable-openssl],[Disable OpenSSL support.])], [cf_enable_openssl=$enableval], [cf_enable_openssl="auto"]) -dnl Prefer GnuTLS over OpenSSL due to licensing issues, this could use improvement -if test "$cf_enable_gnutls" = "yes" -a "$cf_enable_openssl" = "auto"; then - cf_enable_openssl="no" -fi - if test "$cf_enable_openssl" != "no" ; then cf_openssl_basedir="" if test "$cf_enable_openssl" != "auto" && @@ -294,7 +270,7 @@ if test "$cf_enable_openssl" != "no" ; then dnl Now check cf_openssl_found to see if we found anything. if test ! -z "$cf_openssl_basedir"; then if test -f "${cf_openssl_basedir}/include/openssl/opensslv.h" ; then - SSL_INCLUDES="-I${cf_openssl_basedir}/include" + SSL_CFLAGS="-I${cf_openssl_basedir}/include" SSL_LIBS="-L${cf_openssl_basedir}/lib" else dnl OpenSSL wasn't found in the directory specified. Naughty @@ -329,7 +305,7 @@ else fi save_CPPFLAGS="$CPPFLAGS" -CPPFLAGS="$CPPFLAGS $SSL_INCLUDES" +CPPFLAGS="$CPPFLAGS $SSL_CFLAGS" save_LIBS="$LIBS" LIBS="$LIBS $SSL_LIBS" if test "$cf_enable_openssl" != no; then @@ -369,10 +345,40 @@ if test "$cf_enable_openssl" != no; then [cf_enable_openssl=no], [-lcrypto]) fi -if test "$cf_enable_openssl" != no; then - AC_DEFINE(HAVE_OPENSSL,1,[Has OpenSSL]) + + +dnl GnuTLS support +AC_MSG_CHECKING(for GnuTLS) +AC_ARG_ENABLE(gnutls, +[AC_HELP_STRING([--enable-gnutls],[Enable GnuTLS support.]) +AC_HELP_STRING([--disable-gnutls],[Disable GnuTLS support.])], +[cf_enable_gnutls=$enableval], +[cf_enable_gnutls="auto"]) + +if test "$cf_enable_gnutls" != no; then + PKG_CHECK_MODULES(GNUTLS, [gnutls], [ + cf_enable_gnutls="yes" + ], [cf_enable_gnutls="no"]) fi +if test "$cf_enable_gnutls" = "auto" -a "$cf_enable_openssl" = "yes"; then + cf_enable_gnutls="no" +fi + +if test x"$cf_enable_openssl" != xno; then + AC_DEFINE(HAVE_OPENSSL,1,[Has OpenSSL]) + GNUTLS_CFLAGS="" + GNUTLS_LIBS="" + SSL_TYPE="openssl" +elif test x"$cf_enable_gnutls" != xno; then + AC_DEFINE(HAVE_GNUTLS, 1, [Has GnuTLS]) + SSL_LIBS="" + SSL_CFLAGS="" + SSL_TYPE="gnutls" +fi + + + CPPFLAGS="$save_CPPFLAGS" LIBS="$save_LIBS" @@ -431,9 +437,10 @@ AC_SUBST(LDFLAGS) AC_SUBST(PICFLAGS) AC_SUBST(CFLAGS) AC_SUBST(SEDOBJ) -AC_SUBST(SSL_INCLUDES) +AC_SUBST(SSL_CFLAGS) AC_SUBST(SSL_LIBS) - +AC_SUBST(GNUTLS_CFLAGS) +AC_SUBST(GNUTLS_LIBS) if test "$prefix" = "NONE"; then AC_DEFINE_UNQUOTED(RB_PREFIX, "$ac_default_prefix", [Prefix where libratbox is installed.]) @@ -675,11 +682,12 @@ fi ) -AC_CONFIG_FILES([ - src/Makefile - Makefile - libratbox.pc -]) + +AC_CONFIG_FILES( \ + src/Makefile \ + Makefile \ + libratbox.pc \ +) AC_OUTPUT @@ -694,7 +702,6 @@ echo "Installing into: $prefix" echo "IPv6 support ................... $have_v6" echo "Assert debugging ............... $assert" echo "Block allocator ................ $balloc" -echo "OpenSSL ........................ $cf_enable_openssl" -echo "GnuTLS ......................... $cf_enable_gnutls" +echo "SSL Type........................ $SSL_TYPE" echo diff --git a/libratbox/include/commio-int.h b/libratbox/include/commio-int.h index ae84625..ad767dc 100644 --- a/libratbox/include/commio-int.h +++ b/libratbox/include/commio-int.h @@ -115,6 +115,7 @@ struct _fde struct conndata *connect; struct acceptdata *accept; void *ssl; + unsigned int handshake_count; unsigned long ssl_errno; }; @@ -137,7 +138,7 @@ rb_find_fd(int fd) rb_dlink_list *hlist; rb_dlink_node *ptr; - if(unlikely(fd < 0)) + if(rb_unlikely(fd < 0)) return NULL; hlist = &rb_fd_table[rb_hash_fd(fd)]; diff --git a/libratbox/include/libratbox_config.h.in b/libratbox/include/libratbox_config.h.in index 0737b7e..76b3501 100644 --- a/libratbox/include/libratbox_config.h.in +++ b/libratbox/include/libratbox_config.h.in @@ -51,7 +51,7 @@ /* Define to 1 if you have the `gmtime_r' function. */ #undef HAVE_GMTIME_R -/* Has GNUTLS */ +/* Has GnuTLS */ #undef HAVE_GNUTLS /* Define to 1 if the system has the type `intmax_t'. */ diff --git a/libratbox/include/ratbox_lib.h b/libratbox/include/ratbox_lib.h index 04ab573..21ebc0d 100644 --- a/libratbox/include/ratbox_lib.h +++ b/libratbox/include/ratbox_lib.h @@ -1,5 +1,5 @@ /* - * $Id: ratbox_lib.h 24866 2008-01-10 16:33:54Z androsyn $ + * $Id: ratbox_lib.h 25375 2008-05-16 15:19:51Z androsyn $ */ #ifndef RB_LIB_H @@ -38,32 +38,32 @@ char *alloca(); #ifdef __GNUC__ -#ifdef likely -#undef likely +#ifdef rb_likely +#undef rb_likely #endif -#ifdef unlikely -#undef unlikely +#ifdef rb_unlikely +#undef rb_unlikely #endif #if __GNUC__ == 2 && __GNUC_MINOR__ < 96 # define __builtin_expect(x, expected_value) (x) #endif -#define likely(x) __builtin_expect(!!(x), 1) -#define unlikely(x) __builtin_expect(!!(x), 0) +#define rb_likely(x) __builtin_expect(!!(x), 1) +#define rb_unlikely(x) __builtin_expect(!!(x), 0) #else /* !__GNUC__ */ #define UNUSED(x) x -#ifdef likely -#undef likely +#ifdef rb_likely +#undef rb_likely #endif -#ifdef unlikely -#undef unlikely +#ifdef rb_unlikely +#undef rb_unlikely #endif -#define likely(x) (x) -#define unlikely(x) (x) +#define rb_likely(x) (x) +#define rb_unlikely(x) (x) #endif @@ -118,24 +118,18 @@ unsigned int geteuid(void); #ifdef SOFT_ASSERT #ifdef __GNUC__ #define lrb_assert(expr) do \ - if(unlikely(!(expr))) { \ - lib_ilog(L_MAIN, \ + if(rb_unlikely(!(expr))) { \ + rb_lib_log( \ "file: %s line: %d (%s): Assertion failed: (%s)", \ __FILE__, __LINE__, __PRETTY_FUNCTION__, #expr); \ - sendto_realops_flags(UMODE_ALL, L_ALL, \ - "file: %s line: %d (%s): Assertion failed: (%s)", \ - __FILE__, __LINE__, __PRETTY_FUNCTION__, #expr); \ } \ while(0) #else #define lrb_assert(expr) do \ - if(unlikely(!(expr))) { \ - lib_ilog(L_MAIN, \ + if(rb_unlikely(!(expr))) { \ + rb_lib_log(L_MAIN, \ "file: %s line: %d: Assertion failed: (%s)", \ __FILE__, __LINE__, #expr); \ - sendto_realops_flags(UMODE_ALL, L_ALL, \ - "file: %s line: %d: Assertion failed: (%s)" \ - __FILE__, __LINE__, #expr); \ } \ while(0) #endif diff --git a/libratbox/include/rb_commio.h b/libratbox/include/rb_commio.h index 91f0821..cff8d02 100644 --- a/libratbox/include/rb_commio.h +++ b/libratbox/include/rb_commio.h @@ -21,7 +21,7 @@ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 * USA * - * $Id: rb_commio.h 25038 2008-01-23 16:03:08Z androsyn $ + * $Id: rb_commio.h 25327 2008-05-08 19:32:13Z androsyn $ */ #ifndef RB_LIB_H @@ -168,5 +168,7 @@ void rb_ssl_start_accepted(rb_fde_t *new_F, ACCB *cb, void *data, int timeout); void rb_ssl_start_connected(rb_fde_t *F, CNCB *callback, void *data, int timeout); int rb_supports_ssl(void); - +unsigned int rb_ssl_handshake_count(rb_fde_t *F); +void rb_ssl_clear_handshake_count(rb_fde_t *F); + #endif /* INCLUDED_commio_h */ diff --git a/libratbox/include/rb_linebuf.h b/libratbox/include/rb_linebuf.h index 3f1e78b..31b89c5 100644 --- a/libratbox/include/rb_linebuf.h +++ b/libratbox/include/rb_linebuf.h @@ -21,7 +21,7 @@ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 * USA * - * $Id: rb_linebuf.h 24324 2007-08-31 22:05:45Z androsyn $ + * $Id: rb_linebuf.h 25227 2008-04-12 22:20:43Z jilles $ */ #ifndef RB_LIB_H diff --git a/libratbox/include/rb_memory.h b/libratbox/include/rb_memory.h index d8fa683..1cb3d3c 100644 --- a/libratbox/include/rb_memory.h +++ b/libratbox/include/rb_memory.h @@ -21,7 +21,7 @@ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 * USA * - * $Id: rb_memory.h 25022 2008-01-23 03:54:00Z androsyn $ + * $Id: rb_memory.h 25375 2008-05-16 15:19:51Z androsyn $ */ #ifndef RB_LIB_H @@ -40,7 +40,7 @@ static inline void * rb_malloc(size_t size) { void *ret = calloc(1, size); - if(unlikely(ret == NULL)) + if(rb_unlikely(ret == NULL)) rb_outofmemory(); return (ret); } @@ -50,7 +50,7 @@ rb_realloc(void *x, size_t y) { void *ret = realloc(x, y); - if(unlikely(ret == NULL)) + if(rb_unlikely(ret == NULL)) rb_outofmemory(); return (ret); } @@ -59,7 +59,7 @@ static inline char * rb_strndup(const char *x, size_t y) { char *ret = malloc(y); - if(unlikely(ret == NULL)) + if(rb_unlikely(ret == NULL)) rb_outofmemory(); rb_strlcpy(ret, x, y); return(ret); @@ -69,7 +69,7 @@ static inline char * rb_strdup(const char *x) { char *ret = malloc(strlen(x) + 1); - if(unlikely(ret == NULL)) + if(rb_unlikely(ret == NULL)) rb_outofmemory(); strcpy(ret, x); return(ret); @@ -79,8 +79,9 @@ rb_strdup(const char *x) static inline void rb_free(void *ptr) { - if(likely(ptr != NULL)) + if(rb_likely(ptr != NULL)) free(ptr); } #endif /* _I_MEMORY_H */ + diff --git a/libratbox/src/Makefile.am b/libratbox/src/Makefile.am index bc08499..55b5fed 100644 --- a/libratbox/src/Makefile.am +++ b/libratbox/src/Makefile.am @@ -1,8 +1,8 @@ -# $Id: Makefile.am 24820 2008-01-02 19:47:32Z androsyn $ +# $Id: Makefile.am 25532 2008-06-11 14:40:44Z androsyn $ AUTOMAKE_OPTIONS = foreign -INCLUDES = -I. -I../include @SSL_INCLUDES@ +INCLUDES = -I. -I../include @SSL_CFLAGS@ @GNUTLS_CFLAGS@ libratbox_la_SOURCES = \ unix.c \ @@ -32,6 +32,6 @@ libratbox_la_SOURCES = \ libratbox_la_LDFLAGS = -version-info 3:0:0 -no-undefined -export-symbols export-syms.txt -libratbox_la_LIBADD = @CRYPT_LIB@ @SSL_LIBS@ +libratbox_la_LIBADD = @CRYPT_LIB@ @SSL_LIBS@ @GNUTLS_LIBS@ lib_LTLIBRARIES = libratbox.la diff --git a/libratbox/src/Makefile.in b/libratbox/src/Makefile.in index bf7009b..16738f9 100644 --- a/libratbox/src/Makefile.in +++ b/libratbox/src/Makefile.in @@ -14,7 +14,7 @@ @SET_MAKE@ -# $Id: Makefile.am 24820 2008-01-02 19:47:32Z androsyn $ +# $Id: Makefile.am 25532 2008-06-11 14:40:44Z androsyn $ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ @@ -150,7 +150,7 @@ SED = @SED@ SEDOBJ = @SEDOBJ@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ -SSL_INCLUDES = @SSL_INCLUDES@ +SSL_CFLAGS = @SSL_CFLAGS@ SSL_LIBS = @SSL_LIBS@ STRIP = @STRIP@ TOUCH = @TOUCH@ @@ -208,7 +208,7 @@ target_alias = @target_alias@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ AUTOMAKE_OPTIONS = foreign -INCLUDES = -I. -I../include @SSL_INCLUDES@ +INCLUDES = -I. -I../include @SSL_CFLAGS@ @GNUTLS_CFLAGS@ libratbox_la_SOURCES = \ unix.c \ win32.c \ @@ -235,8 +235,8 @@ libratbox_la_SOURCES = \ rawbuf.c \ patricia.c -libratbox_la_LDFLAGS = -avoid-version -no-undefined -export-symbols export-syms.txt -libratbox_la_LIBADD = @CRYPT_LIB@ @SSL_LIBS@ +libratbox_la_LDFLAGS = -version-info 3:0:0 -no-undefined -export-symbols export-syms.txt +libratbox_la_LIBADD = @CRYPT_LIB@ @SSL_LIBS@ @GNUTLS_LIBS@ lib_LTLIBRARIES = libratbox.la all: all-am diff --git a/libratbox/src/balloc.c b/libratbox/src/balloc.c index cd5c5e7..86d521e 100644 --- a/libratbox/src/balloc.c +++ b/libratbox/src/balloc.c @@ -28,7 +28,7 @@ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 * USA * - * $Id: balloc.c 25048 2008-01-23 18:34:02Z androsyn $ + * $Id: balloc.c 25375 2008-05-16 15:19:51Z androsyn $ */ /* @@ -233,7 +233,7 @@ newblock(rb_bh * bh) b->alloc_size = bh->elemsPerBlock * (bh->elemSize + sizeof(rb_heap_block *)); b->elems = get_block(b->alloc_size); - if(unlikely(b->elems == NULL)) + if(rb_unlikely(b->elems == NULL)) { return (1); } @@ -273,7 +273,7 @@ rb_bh_create(size_t elemsize, int elemsperblock, const char *desc) lrb_assert(elemsize > 0 && elemsperblock > 0); lrb_assert(elemsize >= sizeof(rb_dlink_node)); /* Catch idiotic requests up front */ - if((elemsize <= 0) || (elemsperblock <= 0)) + if((elemsize == 0) || (elemsperblock <= 0)) { rb_bh_fail("Attempting to rb_bh_create idiotic sizes"); } @@ -337,7 +337,7 @@ rb_bh_alloc(rb_bh * bh) rb_heap_memblock *memblock; #endif lrb_assert(bh != NULL); - if(unlikely(bh == NULL)) + if(rb_unlikely(bh == NULL)) { rb_bh_fail("Cannot allocate if bh == NULL"); } @@ -350,7 +350,7 @@ rb_bh_alloc(rb_bh * bh) /* Allocate new block and assign */ /* newblock returns 1 if unsuccessful, 0 if not */ - if(unlikely(newblock(bh))) + if(rb_unlikely(newblock(bh))) { rb_lib_log("newblock() failed"); rb_outofmemory(); /* Well that didn't work either...bail */ @@ -392,15 +392,15 @@ rb_bh_free(rb_bh * bh, void *ptr) lrb_assert(bh != NULL); lrb_assert(ptr != NULL); - if(unlikely(bh == NULL)) + if(rb_unlikely(bh == NULL)) { - rb_lib_log("balloc.c:rb_bh_free() bh == NULL"); + rb_lib_log("balloc.c:rb_bhFree() bh == NULL"); return (1); } - if(unlikely(ptr == NULL)) + if(rb_unlikely(ptr == NULL)) { - rb_lib_log("balloc.rb_bh_free() ptr == NULL"); + rb_lib_log("balloc.rb_bhFree() ptr == NULL"); return (1); } @@ -409,7 +409,7 @@ rb_bh_free(rb_bh * bh, void *ptr) #else memblock = (rb_heap_memblock *) ((uintptr_t)ptr - sizeof(rb_heap_block *)); /* XXX */ - if(unlikely(!((uintptr_t)ptr >= (uintptr_t)memblock->block->elems && (uintptr_t)ptr < (uintptr_t)memblock->block->elems + (uintptr_t)memblock->block->alloc_size))) + if(rb_unlikely(!((uintptr_t)ptr >= (uintptr_t)memblock->block->elems && (uintptr_t)ptr < (uintptr_t)memblock->block->elems + (uintptr_t)memblock->block->alloc_size))) { rb_bh_fail("rb_bh_free() bogus pointer"); } diff --git a/libratbox/src/commio.c b/libratbox/src/commio.c index 44932c9..5f67728 100644 --- a/libratbox/src/commio.c +++ b/libratbox/src/commio.c @@ -21,7 +21,7 @@ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 * USA * - * $Id: commio.c 25358 2008-05-13 14:48:46Z androsyn $ + * $Id: commio.c 25375 2008-05-16 15:19:51Z androsyn $ */ #include #include @@ -368,7 +368,7 @@ rb_accept_tryaccept(rb_fde_t *F, void *data) new_F = rb_open(new_fd, RB_FD_SOCKET, "Incoming Connection"); - if(unlikely(!rb_set_nb(new_F))) + if(rb_unlikely(!rb_set_nb(new_F))) { rb_get_errno(); rb_lib_log("rb_accept: Couldn't set FD %d non blocking!", new_F->fd); @@ -603,7 +603,7 @@ rb_socketpair(int family, int sock_type, int proto, rb_fde_t **F1, rb_fde_t **F2 } /* Set the socket non-blocking, and other wonderful bits */ - if(unlikely(!rb_set_nb(*F1))) + if(rb_unlikely(!rb_set_nb(*F1))) { rb_lib_log("rb_open: Couldn't set FD %d non blocking: %s", nfd[0], strerror(errno)); rb_close(*F1); @@ -611,7 +611,7 @@ rb_socketpair(int family, int sock_type, int proto, rb_fde_t **F1, rb_fde_t **F2 return -1; } - if(unlikely(!rb_set_nb(*F2))) + if(rb_unlikely(!rb_set_nb(*F2))) { rb_lib_log("rb_open: Couldn't set FD %d non blocking: %s", nfd[1], strerror(errno)); rb_close(*F1); @@ -640,7 +640,7 @@ rb_pipe(rb_fde_t **F1, rb_fde_t **F2, const char *desc) *F1 = rb_open(fd[0], RB_FD_PIPE, desc); *F2 = rb_open(fd[1], RB_FD_PIPE, desc); - if(unlikely(!rb_set_nb(*F1))) + if(rb_unlikely(!rb_set_nb(*F1))) { rb_lib_log("rb_open: Couldn't set FD %d non blocking: %s", fd[0], strerror(errno)); rb_close(*F1); @@ -648,7 +648,7 @@ rb_pipe(rb_fde_t **F1, rb_fde_t **F2, const char *desc) return -1; } - if(unlikely(!rb_set_nb(*F2))) + if(rb_unlikely(!rb_set_nb(*F2))) { rb_lib_log("rb_open: Couldn't set FD %d non blocking: %s", fd[1], strerror(errno)); rb_close(*F1); @@ -679,7 +679,7 @@ rb_socket(int family, int sock_type, int proto, const char *note) rb_fde_t *F; int fd; /* First, make sure we aren't going to run out of file descriptors */ - if(unlikely(number_fd >= rb_maxconnections)) + if(rb_unlikely(number_fd >= rb_maxconnections)) { errno = ENFILE; return NULL; @@ -692,7 +692,7 @@ rb_socket(int family, int sock_type, int proto, const char *note) */ fd = socket(family, sock_type, proto); rb_fd_hack(&fd); - if(unlikely(fd < 0)) + if(rb_unlikely(fd < 0)) return NULL; /* errno will be passed through, yay.. */ #if defined(RB_IPV6) && defined(IPV6_V6ONLY) @@ -718,7 +718,7 @@ rb_socket(int family, int sock_type, int proto, const char *note) return NULL; /* Set the socket non-blocking, and other wonderful bits */ - if(unlikely(!rb_set_nb(F))) + if(rb_unlikely(!rb_set_nb(F))) { rb_lib_log("rb_open: Couldn't set FD %d non blocking: %s", fd, strerror(errno)); rb_close(F); @@ -801,7 +801,7 @@ rb_open(int fd, rb_uint8_t type, const char *desc) rb_fde_t *F = add_fd(fd); lrb_assert(fd >= 0); - if(unlikely(IsFDOpen(F))) + if(rb_unlikely(IsFDOpen(F))) { return NULL; } @@ -831,7 +831,7 @@ rb_close(rb_fde_t *F) lrb_assert(IsFDOpen(F)); lrb_assert(!(type & RB_FD_FILE)); - if(unlikely(type & RB_FD_FILE)) + if(rb_unlikely(type & RB_FD_FILE)) { lrb_assert(F->read_handler == NULL); lrb_assert(F->write_handler == NULL); diff --git a/libratbox/src/export-syms.txt b/libratbox/src/export-syms.txt index 6c48bcc..378a44d 100644 --- a/libratbox/src/export-syms.txt +++ b/libratbox/src/export-syms.txt @@ -143,3 +143,5 @@ rb_gettimeofday rb_sleep rb_spawn_process rb_supports_ssl +rb_ssl_handshake_count +rb_ssl_clear_handshake_count diff --git a/libratbox/src/gnutls.c b/libratbox/src/gnutls.c index 15eb4f5..cd279b3 100644 --- a/libratbox/src/gnutls.c +++ b/libratbox/src/gnutls.c @@ -4,7 +4,6 @@ * * Copyright (C) 2007-2008 ircd-ratbox development team * Copyright (C) 2007-2008 Aaron Sethman - * Copyright (C) 2008 William Pitcock * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -21,29 +20,50 @@ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 * USA * - * $Id: commio.c 24808 2008-01-02 08:17:05Z androsyn $ + * $Id: gnutls.c 25568 2008-06-20 18:46:08Z androsyn $ */ #include #include - -#ifdef HAVE_GNUTLS - #include #include -#include +#ifdef HAVE_GNUTLS -static gnutls_certificate_credentials_t x509_cred; -static gnutls_dh_params_t dh_params; +#include +#include + +static gnutls_certificate_credentials x509; +static gnutls_dh_params dh_params; + + + +#define SSL_P(x) *((gnutls_session_t *)F->ssl) void rb_ssl_shutdown(rb_fde_t * F) { + int i; if(F == NULL || F->ssl == NULL) return; + for (i = 0; i < 4; i++) + { + if(gnutls_bye(SSL_P(F), GNUTLS_SHUT_RDWR) == GNUTLS_E_SUCCESS) + break; + } + gnutls_deinit(SSL_P(F)); + rb_free(F->ssl); +} - gnutls_bye((gnutls_session_t) F->ssl, GNUTLS_SHUT_RDWR); - gnutls_deinit((gnutls_session_t) F->ssl); +unsigned int +rb_ssl_handshake_count(rb_fde_t *F) +{ + return F->handshake_count; +} + +void +rb_ssl_clear_handshake_count(rb_fde_t *F) +{ + F->handshake_count = 0; } static void @@ -53,38 +73,52 @@ rb_ssl_timeout(rb_fde_t * F, void *notused) F->accept->callback(F, RB_ERR_TIMEOUT, NULL, 0, F->accept->data); } + +static int do_ssl_handshake(rb_fde_t *F, PF *callback) +{ + int ret; + int flags; + + ret = gnutls_handshake(SSL_P(F)); + if(ret < 0) + { + if((ret == GNUTLS_E_INTERRUPTED && rb_ignore_errno(errno)) || ret == GNUTLS_E_AGAIN) + { + if(gnutls_record_get_direction(SSL_P(F)) == 0) + flags = RB_SELECT_READ; + else + flags = RB_SELECT_WRITE; + rb_setselect(F, flags, callback, NULL); + return 0; + } + F->ssl_errno = ret; + return -1; + } + return 1; /* handshake is finished..go about life */ +} + static void rb_ssl_tryaccept(rb_fde_t * F, void *data) { - int ssl_err; - lrb_assert(F->accept != NULL); - int flags; + int ret; struct acceptdata *ad; - if((ssl_err = gnutls_handshake((gnutls_session_t) F->ssl)) != 0) - { - switch (ssl_err) - { - case GNUTLS_E_INTERRUPTED: - if(rb_ignore_errno(errno)) - case GNUTLS_E_AGAIN: - { - if(gnutls_record_get_direction((gnutls_session_t) F->ssl)) - flags = RB_SELECT_WRITE; - else - flags = RB_SELECT_READ; + lrb_assert(F->accept != NULL); - F->ssl_errno = ssl_err; - rb_setselect(F, flags, rb_ssl_tryaccept, NULL); - return; - } - break; - default: - F->ssl_errno = ssl_err; + ret = do_ssl_handshake(F, rb_ssl_tryaccept); + + switch(ret) + { + case -1: F->accept->callback(F, RB_ERROR_SSL, NULL, 0, F->accept->data); break; - } - return; + case 0: + /* do_ssl_handshake does the rb_setselect stuff */ + return; + default: + break; + + } rb_settimeout(F, 0, NULL, NULL); rb_setselect(F, RB_SELECT_READ | RB_SELECT_WRITE, NULL, NULL); @@ -94,91 +128,49 @@ rb_ssl_tryaccept(rb_fde_t * F, void *data) ad->callback(F, RB_OK, (struct sockaddr *) &ad->S, ad->addrlen, ad->data); rb_free(ad); + } void rb_ssl_start_accepted(rb_fde_t * new_F, ACCB * cb, void *data, int timeout) { - gnutls_session_t sess; - int ssl_err; - + gnutls_session_t *ssl; new_F->type |= RB_FD_SSL; - - gnutls_init(&sess, GNUTLS_SERVER); - gnutls_set_default_priority(sess); - gnutls_credentials_set(sess, GNUTLS_CRD_CERTIFICATE, x509_cred); - gnutls_dh_set_prime_bits(sess, 1024); - gnutls_certificate_server_set_request(sess, GNUTLS_CERT_REQUEST); - - new_F->ssl = sess; - + ssl = new_F->ssl = rb_malloc(sizeof(gnutls_session_t)); new_F->accept = rb_malloc(sizeof(struct acceptdata)); - + new_F->accept->callback = cb; new_F->accept->data = data; rb_settimeout(new_F, timeout, rb_ssl_timeout, NULL); new_F->accept->addrlen = 0; - gnutls_transport_set_ptr((gnutls_session_t) new_F->ssl, (gnutls_transport_ptr_t) rb_get_fd(new_F)); - - if((ssl_err = gnutls_handshake((gnutls_session_t) new_F->ssl)) != 0) + gnutls_init(ssl, GNUTLS_SERVER); + gnutls_set_default_priority(*ssl); + gnutls_credentials_set(*ssl, GNUTLS_CRD_CERTIFICATE, x509); + gnutls_dh_set_prime_bits(*ssl, 1024); + gnutls_transport_set_ptr(*ssl, (gnutls_transport_ptr_t) (long int)new_F->fd); + if(do_ssl_handshake(new_F, rb_ssl_tryaccept)) { - switch(ssl_err) - { - case GNUTLS_E_INTERRUPTED: - if(rb_ignore_errno(errno)) - case GNUTLS_E_AGAIN: - { - int flags; - - if(gnutls_record_get_direction((gnutls_session_t) new_F->ssl)) - flags = RB_SELECT_WRITE; - else - flags = RB_SELECT_READ; - - new_F->ssl_errno = ssl_err; - rb_setselect(new_F, flags, rb_ssl_tryaccept, NULL); - return; - } - break; - default: - new_F->ssl_errno = ssl_err; - new_F->accept->callback(new_F, RB_ERROR_SSL, NULL, 0, new_F->accept->data); - return; - } - } - else - { - struct acceptdata *ad; - - rb_settimeout(new_F, 0, NULL, NULL); - rb_setselect(new_F, RB_SELECT_READ | RB_SELECT_WRITE, NULL, NULL); - - ad = new_F->accept; + struct acceptdata *ad = new_F->accept; new_F->accept = NULL; - ad->callback(new_F, RB_OK, (struct sockaddr *) &ad->S, ad->addrlen, - ad->data); - rb_free(ad); + ad->callback(new_F, RB_OK, (struct sockaddr *) &ad->S, ad->addrlen, ad->data); + rb_free(ad); } + } + + + void rb_ssl_accept_setup(rb_fde_t * F, int new_fd, struct sockaddr *st, int addrlen) { - gnutls_session_t sess; rb_fde_t *new_F; - int ssl_err; new_F = rb_find_fd(new_fd); - - gnutls_init(&sess, GNUTLS_SERVER); - gnutls_set_default_priority(sess); - gnutls_credentials_set(sess, GNUTLS_CRD_CERTIFICATE, x509_cred); - gnutls_dh_set_prime_bits(sess, 1024); - gnutls_certificate_server_set_request(sess, GNUTLS_CERT_REQUEST); - new_F->type |= RB_FD_SSL; + new_F->ssl = rb_malloc(sizeof(gnutls_session_t)); new_F->accept = rb_malloc(sizeof(struct acceptdata)); new_F->accept->callback = F->accept->callback; @@ -187,89 +179,53 @@ rb_ssl_accept_setup(rb_fde_t * F, int new_fd, struct sockaddr *st, int addrlen) memcpy(&new_F->accept->S, st, addrlen); new_F->accept->addrlen = addrlen; - gnutls_transport_set_ptr((gnutls_session_t) new_F->ssl, (gnutls_transport_ptr_t) rb_get_fd(new_F)); - if((ssl_err = gnutls_handshake((gnutls_session_t) new_F->ssl)) != 0) + gnutls_init((gnutls_session_t *)new_F->ssl, GNUTLS_SERVER); + gnutls_set_default_priority(SSL_P(new_F)); + gnutls_credentials_set(SSL_P(new_F), GNUTLS_CRD_CERTIFICATE, x509); + gnutls_dh_set_prime_bits(SSL_P(new_F), 1024); + gnutls_transport_set_ptr(SSL_P(new_F), (gnutls_transport_ptr_t) (long int)new_fd); + if(do_ssl_handshake(F, rb_ssl_tryaccept)) { - switch(ssl_err) - { - case GNUTLS_E_INTERRUPTED: - if(rb_ignore_errno(errno)) - case GNUTLS_E_AGAIN: - { - int flags; - - if(gnutls_record_get_direction((gnutls_session_t) new_F->ssl)) - flags = RB_SELECT_WRITE; - else - flags = RB_SELECT_READ; - - new_F->ssl_errno = ssl_err; - rb_setselect(new_F, flags, rb_ssl_tryaccept, NULL); - return; - } - break; - default: - new_F->ssl_errno = ssl_err; - new_F->accept->callback(new_F, RB_ERROR_SSL, NULL, 0, new_F->accept->data); - return; - } - } - else - { - struct acceptdata *ad; - - rb_settimeout(new_F, 0, NULL, NULL); - rb_setselect(new_F, RB_SELECT_READ | RB_SELECT_WRITE, NULL, NULL); - - ad = new_F->accept; - new_F->accept = NULL; - ad->callback(new_F, RB_OK, (struct sockaddr *) &ad->S, ad->addrlen, - ad->data); - rb_free(ad); + struct acceptdata *ad = F->accept; + F->accept = NULL; + ad->callback(F, RB_OK, (struct sockaddr *) &ad->S, ad->addrlen, ad->data); + rb_free(ad); } } + + + static ssize_t rb_ssl_read_or_write(int r_or_w, rb_fde_t * F, void *rbuf, const void *wbuf, size_t count) { ssize_t ret; - unsigned long err; - gnutls_session_t ssl = F->ssl; + gnutls_session_t *ssl = F->ssl; if(r_or_w == 0) - ret = gnutls_record_recv(ssl, rbuf, count); + ret = gnutls_record_recv(*ssl, rbuf, count); else - ret = gnutls_record_send(ssl, wbuf, count); + ret = gnutls_record_send(*ssl, wbuf, count); if(ret < 0) { - switch (ret) + switch(ret) { case GNUTLS_E_AGAIN: - errno = EAGAIN; - if (gnutls_record_get_direction(ssl)) - return RB_RW_SSL_NEED_WRITE; - else - return RB_RW_SSL_NEED_READ; case GNUTLS_E_INTERRUPTED: - err = ret; - if(err == 0) + if(rb_ignore_errno(errno)) { - F->ssl_errno = 0; - return RB_RW_IO_ERROR; + if(gnutls_record_get_direction(*ssl) == 0) + return RB_RW_SSL_NEED_READ; + else + return RB_RW_SSL_NEED_WRITE; + break; } - break; default: - err = ret; - break; + F->ssl_errno = ret; + errno = EIO; + return RB_RW_IO_ERROR; } - F->ssl_errno = err; - if(err > 0) - { - errno = EIO; /* not great but... */ - return RB_RW_SSL_ERROR; - } - return RB_RW_IO_ERROR; } return ret; } @@ -286,38 +242,107 @@ rb_ssl_write(rb_fde_t * F, const void *buf, size_t count) return rb_ssl_read_or_write(1, F, NULL, buf, count); } +static void +rb_gcry_random_seed(void *unused) +{ + gcry_fast_random_poll(); +} + int rb_init_ssl(void) { - int ret = 1, g_ret; - gnutls_global_init(); - - gnutls_certificate_allocate_credentials(&x509_cred); - gnutls_dh_params_init(&dh_params); - - if((g_ret = gnutls_dh_params_generate2(dh_params, 1024)) < 0) + + if(gnutls_certificate_allocate_credentials(&x509) != GNUTLS_E_SUCCESS) { - rb_lib_log("rb_init_gnutls: Failed to generate GNUTLS DH params: %s", gnutls_strerror(g_ret)); - ret = 0; + rb_lib_log("rb_init_ssl: Unable to allocate SSL/TLS certificate credentials"); + return 0; } + rb_event_addish("rb_gcry_random_seed", rb_gcry_random_seed, NULL, 300); + return 1; +} - gnutls_certificate_set_dh_params(x509_cred, dh_params); +static void +rb_free_datum_t(gnutls_datum_t *d) +{ + rb_free(d->data); + rb_free(d); +} - return ret; +static gnutls_datum_t * +rb_load_file_into_datum_t(const char *file) +{ + FILE *f; + gnutls_datum_t *datum; + struct stat fileinfo; + if((f = fopen(file, "r")) == NULL) + return NULL; + if(fstat(fileno(f), &fileinfo)) + return NULL; + + datum = rb_malloc(sizeof(gnutls_datum_t)); + + if(fileinfo.st_size > 131072) /* deal with retards */ + datum->size = 131072; + else + datum->size = fileinfo.st_size; + + datum->data = rb_malloc(datum->size + 1); + fread(datum->data, datum->size, 1, f); + fclose(f); + return datum; } int rb_setup_ssl_server(const char *cert, const char *keyfile, const char *dhfile) { - int ret = 0; - - if((ret = gnutls_certificate_set_x509_key_file(x509_cred, cert, keyfile, GNUTLS_X509_FMT_PEM)) < 0) + int ret; + gnutls_datum_t *d_cert, *d_key; + if(cert == NULL) { - rb_lib_log("rb_setup_ssl_server: Setting x509 keys up failed: %s", gnutls_strerror(ret)); + rb_lib_log("rb_setup_ssl_server: No certificate file"); return 0; } + if((d_cert = rb_load_file_into_datum_t(cert)) == NULL) + { + rb_lib_log("rb_setup_ssl_server: Error loading certificate: %s", strerror(errno)); + return 0; + } + + if((d_key = rb_load_file_into_datum_t(keyfile)) == NULL) + { + rb_lib_log("rb_setup_ssl_server: Error loading key: %s", strerror(errno)); + return 0; + } + + + if((ret = gnutls_certificate_set_x509_key_mem(x509, d_cert, d_key, GNUTLS_X509_FMT_PEM)) != GNUTLS_E_SUCCESS) + { + rb_lib_log("rb_setup_ssl_server: Error loading certificate or key file: %s", gnutls_strerror(ret)); + return 0; + } + rb_free_datum_t(d_cert); + rb_free_datum_t(d_key); + + if(dhfile != NULL) + { + if(gnutls_dh_params_init(&dh_params) == GNUTLS_E_SUCCESS) + { + gnutls_datum_t *data; + int xret; + data = rb_load_file_into_datum_t(dhfile); + if(data != NULL) + { + xret = gnutls_dh_params_import_pkcs3(dh_params, data, GNUTLS_X509_FMT_PEM); + if(xret < 0) + rb_lib_log("rb_setup_ssl_server: Error parsing DH file: %s\n", gnutls_strerror(xret)); + rb_free_datum_t(data); + } + gnutls_certificate_set_dh_params(x509, dh_params); + } else + rb_lib_log("rb_setup_ssl_server: Unable to setup DH parameters"); + } return 1; } @@ -354,40 +379,30 @@ static void rb_ssl_tryconn_cb(rb_fde_t * F, void *data) { struct ssl_connect *sconn = data; - int ssl_err; + int ret; - if((ssl_err = gnutls_handshake((gnutls_session_t) F->ssl)) != 0) - { - switch (ssl_err) - { - case GNUTLS_E_INTERRUPTED: - if(rb_ignore_errno(errno)) - case GNUTLS_E_AGAIN: - { - F->ssl_errno = ssl_err; - rb_setselect(F, RB_SELECT_READ | RB_SELECT_WRITE, - rb_ssl_tryconn_cb, sconn); - return; - } - default: - F->ssl_errno = ssl_err; - rb_ssl_connect_realcb(F, RB_ERROR_SSL, sconn); - return; - } - } - else - { - rb_ssl_connect_realcb(F, RB_OK, sconn); - } + ret = do_ssl_handshake(F, rb_ssl_tryconn_cb); + + switch(ret) + { + case -1: + rb_ssl_connect_realcb(F, RB_ERROR_SSL, sconn); + break; + case 0: + /* do_ssl_handshake does the rb_setselect stuff */ + return; + default: + break; + + + } + rb_ssl_connect_realcb(F, RB_OK, sconn); } static void rb_ssl_tryconn(rb_fde_t * F, int status, void *data) { - gnutls_session_t sess; struct ssl_connect *sconn = data; - int ssl_err; - if(status != RB_OK) { rb_ssl_connect_realcb(F, status, sconn); @@ -396,35 +411,15 @@ rb_ssl_tryconn(rb_fde_t * F, int status, void *data) F->type |= RB_FD_SSL; - gnutls_init(&sess, GNUTLS_CLIENT); - gnutls_set_default_priority(sess); - gnutls_credentials_set(sess, GNUTLS_CRD_CERTIFICATE, x509_cred); - gnutls_dh_set_prime_bits(sess, 1024); - gnutls_transport_set_ptr(sess, (gnutls_transport_ptr_t) F->fd); - - F->ssl = sess; - + rb_settimeout(F, sconn->timeout, rb_ssl_tryconn_timeout_cb, sconn); - if((ssl_err = gnutls_handshake((gnutls_session_t) F->ssl)) != 0) - { - switch (ssl_err) - { - case GNUTLS_E_INTERRUPTED: - if(rb_ignore_errno(errno)) - case GNUTLS_E_AGAIN: - { - F->ssl_errno = ssl_err; - rb_setselect(F, RB_SELECT_READ | RB_SELECT_WRITE, - rb_ssl_tryconn_cb, sconn); - return; - } - default: - F->ssl_errno = ssl_err; - rb_ssl_connect_realcb(F, RB_ERROR_SSL, sconn); - return; - } - } - else + F->ssl = rb_malloc(sizeof(gnutls_session_t)); + gnutls_init(F->ssl, GNUTLS_CLIENT); + gnutls_set_default_priority(SSL_P(F)); + gnutls_dh_set_prime_bits(SSL_P(F), 1024); + gnutls_transport_set_ptr(SSL_P(F), (gnutls_transport_ptr_t) (long int)F->fd); + + if(do_ssl_handshake(F, rb_ssl_tryconn_cb)) { rb_ssl_connect_realcb(F, RB_OK, sconn); } @@ -443,14 +438,13 @@ rb_connect_tcp_ssl(rb_fde_t * F, struct sockaddr *dest, sconn->callback = callback; sconn->timeout = timeout; rb_connect_tcp(F, dest, clocal, socklen, rb_ssl_tryconn, sconn, timeout); + } void rb_ssl_start_connected(rb_fde_t * F, CNCB * callback, void *data, int timeout) { - gnutls_session_t sess; struct ssl_connect *sconn; - int ssl_err; if(F == NULL) return; @@ -462,52 +456,33 @@ rb_ssl_start_connected(rb_fde_t * F, CNCB * callback, void *data, int timeout) F->connect->callback = callback; F->connect->data = data; F->type |= RB_FD_SSL; - - gnutls_init(&sess, GNUTLS_CLIENT); - gnutls_set_default_priority(sess); - gnutls_credentials_set(sess, GNUTLS_CRD_CERTIFICATE, x509_cred); - gnutls_dh_set_prime_bits(sess, 1024); - gnutls_transport_set_ptr(sess, (gnutls_transport_ptr_t) F->fd); - - F->ssl = sess; + F->ssl = rb_malloc(sizeof(gnutls_session_t)); + gnutls_init(F->ssl, GNUTLS_CLIENT); + gnutls_set_default_priority(SSL_P(F)); + gnutls_dh_set_prime_bits(SSL_P(F), 1024); + gnutls_transport_set_ptr(SSL_P(F), (gnutls_transport_ptr_t) (long int)F->fd); + rb_settimeout(F, sconn->timeout, rb_ssl_tryconn_timeout_cb, sconn); - if((ssl_err = gnutls_handshake((gnutls_session_t) F->ssl)) != 0) - { - switch (ssl_err) - { - case GNUTLS_E_INTERRUPTED: - if(rb_ignore_errno(errno)) - case GNUTLS_E_AGAIN: - { - F->ssl_errno = ssl_err; - rb_setselect(F, RB_SELECT_READ | RB_SELECT_WRITE, - rb_ssl_tryconn_cb, sconn); - return; - } - default: - F->ssl_errno = ssl_err; - rb_ssl_connect_realcb(F, RB_ERROR_SSL, sconn); - return; - } - } - else + + if(do_ssl_handshake(F, rb_ssl_tryconn_cb)) { rb_ssl_connect_realcb(F, RB_OK, sconn); } } -/* XXX: implement me */ int rb_init_prng(const char *path, prng_seed_t seed_type) { - return -1; + gcry_fast_random_poll(); + return 1; } int rb_get_random(void *buf, size_t length) { - return -1; + gcry_randomize(buf, length, GCRY_STRONG_RANDOM); + return 1; } diff --git a/libratbox/src/helper.c b/libratbox/src/helper.c index 7edcb25..a4a6260 100644 --- a/libratbox/src/helper.c +++ b/libratbox/src/helper.c @@ -19,7 +19,7 @@ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 * USA * - * $Id: helper.c 25038 2008-01-23 16:03:08Z androsyn $ + * $Id: helper.c 25245 2008-04-21 18:38:23Z androsyn $ */ #include #include @@ -271,7 +271,7 @@ rb_helper_close(rb_helper *helper) { if(helper == NULL) return; - + kill(helper->pid, SIGKILL); rb_close(helper->ifd); rb_close(helper->ofd); rb_free(helper); diff --git a/libratbox/src/kqueue.c b/libratbox/src/kqueue.c index fe56a68..51d92c8 100644 --- a/libratbox/src/kqueue.c +++ b/libratbox/src/kqueue.c @@ -22,7 +22,7 @@ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 * USA * - * $Id: kqueue.c 25038 2008-01-23 16:03:08Z androsyn $ + * $Id: kqueue.c 25364 2008-05-14 17:55:22Z jilles $ */ #include @@ -285,6 +285,8 @@ rb_select_kqueue(long delay) } return RB_OK; } + +#if defined(KQUEUE_SCHED_EVENT) static int can_do_event = 0; int rb_kqueue_supports_event(void) @@ -343,6 +345,7 @@ rb_kqueue_init_event(void) { return; } +#endif /* KQUEUE_SCHED_EVENT */ #else /* kqueue not supported */ int diff --git a/libratbox/src/linebuf.c b/libratbox/src/linebuf.c index 8b059cc..a6c05f3 100644 --- a/libratbox/src/linebuf.c +++ b/libratbox/src/linebuf.c @@ -21,7 +21,7 @@ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 * USA * - * $Id: linebuf.c 25038 2008-01-23 16:03:08Z androsyn $ + * $Id: linebuf.c 25375 2008-05-16 15:19:51Z androsyn $ */ #include @@ -547,13 +547,13 @@ rb_linebuf_putmsg(buf_head_t * bufhead, const char *format, va_list * va_args, c bufline->terminated = 1; /* Truncate the data if required */ - if(unlikely(len > 510)) + if(rb_unlikely(len > 510)) { len = 510; bufline->buf[len++] = '\r'; bufline->buf[len++] = '\n'; } - else if(unlikely(len == 0)) + else if(rb_unlikely(len == 0)) { bufline->buf[len++] = '\r'; bufline->buf[len++] = '\n'; @@ -593,19 +593,19 @@ rb_linebuf_putbuf(buf_head_t *bufhead, const char *buffer) /* Create a new line */ bufline = rb_linebuf_new_line(bufhead); - if(unlikely(buffer != NULL)) + if(rb_unlikely(buffer != NULL)) len = rb_strlcpy(bufline->buf, buffer, BUF_DATA_SIZE); bufline->terminated = 1; /* Truncate the data if required */ - if(unlikely(len > 510)) + if(rb_unlikely(len > 510)) { len = 510; bufline->buf[len++] = '\r'; bufline->buf[len++] = '\n'; } - else if(unlikely(len == 0)) + else if(rb_unlikely(len == 0)) { bufline->buf[len++] = '\r'; bufline->buf[len++] = '\n'; @@ -648,7 +648,7 @@ rb_linebuf_put(buf_head_t * bufhead, const char *format, ...) /* Create a new line */ bufline = rb_linebuf_new_line(bufhead); - if(unlikely(format != NULL)) + if(rb_unlikely(format != NULL)) { va_start(args, format); len = rb_vsnprintf(bufline->buf, BUF_DATA_SIZE, format, args); @@ -658,13 +658,13 @@ rb_linebuf_put(buf_head_t * bufhead, const char *format, ...) bufline->terminated = 1; /* Truncate the data if required */ - if(unlikely(len > 510)) + if(rb_unlikely(len > 510)) { len = 510; bufline->buf[len++] = '\r'; bufline->buf[len++] = '\n'; } - else if(unlikely(len == 0)) + else if(rb_unlikely(len == 0)) { bufline->buf[len++] = '\r'; bufline->buf[len++] = '\n'; diff --git a/libratbox/src/nossl.c b/libratbox/src/nossl.c index c27a0c7..eed302e 100644 --- a/libratbox/src/nossl.c +++ b/libratbox/src/nossl.c @@ -112,14 +112,28 @@ rb_ssl_accept_setup(rb_fde_t * F, int new_fd, struct sockaddr *st, int addrlen) ssize_t rb_ssl_read(rb_fde_t * F, void *buf, size_t count) { - return 0; + errno = ENOSYS; + return -1; } ssize_t rb_ssl_write(rb_fde_t * F, const void *buf, size_t count) { - return 0; + errno = ENOSYS; + return -1; } +unsigned int +rb_ssl_handshake_count(rb_fde_t *F) +{ + return 0; +} + +void +rb_ssl_clear_handshake_count(rb_fde_t *F) +{ + return; +} + #endif /* !HAVE_OPENSSL */ diff --git a/libratbox/src/openssl.c b/libratbox/src/openssl.c index 24f4ea0..9188c44 100644 --- a/libratbox/src/openssl.c +++ b/libratbox/src/openssl.c @@ -37,6 +37,7 @@ static SSL_CTX *ssl_server_ctx; static SSL_CTX *ssl_client_ctx; +static int libratbox_index = -1; static unsigned long get_last_err(void) { @@ -68,6 +69,18 @@ rb_ssl_shutdown(rb_fde_t * F) SSL_free((SSL *) F->ssl); } +unsigned int +rb_ssl_handshake_count(rb_fde_t *F) +{ + return F->handshake_count; +} + +void +rb_ssl_clear_handshake_count(rb_fde_t *F) +{ + F->handshake_count = 0; +} + static void rb_ssl_timeout(rb_fde_t * F, void *notused) { @@ -76,6 +89,24 @@ rb_ssl_timeout(rb_fde_t * F, void *notused) } +static void rb_ssl_info_callback(SSL *ssl, int where, int ret) +{ + if(where & SSL_CB_HANDSHAKE_START) + { + rb_fde_t *F = SSL_get_ex_data(ssl, libratbox_index); + if(F == NULL) + return; + F->handshake_count++; + } +} + +static void +rb_setup_ssl_cb(rb_fde_t *F) +{ + SSL_set_ex_data(F->ssl, libratbox_index, (char *)F); + SSL_set_info_callback((SSL *)F->ssl, (void *)rb_ssl_info_callback); +} + static void rb_ssl_tryaccept(rb_fde_t * F, void *data) { @@ -121,21 +152,11 @@ rb_ssl_tryaccept(rb_fde_t * F, void *data) } -void -rb_ssl_start_accepted(rb_fde_t * new_F, ACCB * cb, void *data, int timeout) + +static void +rb_ssl_accept_common(rb_fde_t *new_F) { int ssl_err; - - new_F->type |= RB_FD_SSL; - new_F->ssl = SSL_new(ssl_server_ctx); - new_F->accept = rb_malloc(sizeof(struct acceptdata)); - - new_F->accept->callback = cb; - new_F->accept->data = data; - rb_settimeout(new_F, timeout, rb_ssl_timeout, NULL); - - new_F->accept->addrlen = 0; - SSL_set_fd((SSL *) new_F->ssl, rb_get_fd(new_F)); if((ssl_err = SSL_accept((SSL *) new_F->ssl)) <= 0) { switch (ssl_err = SSL_get_error((SSL *) new_F->ssl, ssl_err)) @@ -162,6 +183,23 @@ rb_ssl_start_accepted(rb_fde_t * new_F, ACCB * cb, void *data, int timeout) } } +void +rb_ssl_start_accepted(rb_fde_t * new_F, ACCB * cb, void *data, int timeout) +{ + new_F->type |= RB_FD_SSL; + new_F->ssl = SSL_new(ssl_server_ctx); + new_F->accept = rb_malloc(sizeof(struct acceptdata)); + + new_F->accept->callback = cb; + new_F->accept->data = data; + rb_settimeout(new_F, timeout, rb_ssl_timeout, NULL); + + new_F->accept->addrlen = 0; + SSL_set_fd((SSL *) new_F->ssl, rb_get_fd(new_F)); + rb_setup_ssl_cb(new_F); + rb_ssl_accept_common(new_F); +} + @@ -169,9 +207,10 @@ void rb_ssl_accept_setup(rb_fde_t * F, int new_fd, struct sockaddr *st, int addrlen) { rb_fde_t *new_F; - int ssl_err; new_F = rb_find_fd(new_fd); + if(new_F == NULL) + return; new_F->type |= RB_FD_SSL; new_F->ssl = SSL_new(ssl_server_ctx); new_F->accept = rb_malloc(sizeof(struct acceptdata)); @@ -183,30 +222,8 @@ rb_ssl_accept_setup(rb_fde_t * F, int new_fd, struct sockaddr *st, int addrlen) new_F->accept->addrlen = addrlen; SSL_set_fd((SSL *) new_F->ssl, new_fd); - if((ssl_err = SSL_accept((SSL *) new_F->ssl)) <= 0) - { - switch (ssl_err = SSL_get_error((SSL *) new_F->ssl, ssl_err)) - { - case SSL_ERROR_SYSCALL: - if(rb_ignore_errno(errno)) - case SSL_ERROR_WANT_READ: - case SSL_ERROR_WANT_WRITE: - { - F->ssl_errno = get_last_err(); - rb_setselect(new_F, RB_SELECT_READ | RB_SELECT_WRITE, - rb_ssl_tryaccept, NULL); - return; - } - default: - F->ssl_errno = get_last_err(); - F->accept->callback(F, RB_ERROR_SSL, NULL, 0, F->accept->data); - return; - } - } - else - { - rb_ssl_tryaccept(new_F, NULL); - } + rb_setup_ssl_cb(new_F); + rb_ssl_accept_common(new_F); } static ssize_t @@ -272,8 +289,10 @@ int rb_init_ssl(void) { int ret = 1; + char libratbox_data[] = "libratbox data"; SSL_load_error_strings(); SSL_library_init(); + libratbox_index = SSL_get_ex_new_index(0, libratbox_data, NULL, NULL, NULL); ssl_server_ctx = SSL_CTX_new(SSLv23_server_method()); if(ssl_server_ctx == NULL) { @@ -430,7 +449,7 @@ rb_ssl_tryconn(rb_fde_t * F, int status, void *data) F->type |= RB_FD_SSL; F->ssl = SSL_new(ssl_client_ctx); SSL_set_fd((SSL *) F->ssl, F->fd); - + rb_setup_ssl_cb(F); rb_settimeout(F, sconn->timeout, rb_ssl_tryconn_timeout_cb, sconn); if((ssl_err = SSL_connect((SSL *) F->ssl)) <= 0) { @@ -493,6 +512,7 @@ rb_ssl_start_connected(rb_fde_t * F, CNCB * callback, void *data, int timeout) F->ssl = SSL_new(ssl_client_ctx); SSL_set_fd((SSL *) F->ssl, F->fd); + rb_setup_ssl_cb(F); rb_settimeout(F, sconn->timeout, rb_ssl_tryconn_timeout_cb, sconn); if((ssl_err = SSL_connect((SSL *) F->ssl)) <= 0) { diff --git a/libratbox/src/poll.c b/libratbox/src/poll.c index 0fa2ac2..237fcab 100644 --- a/libratbox/src/poll.c +++ b/libratbox/src/poll.c @@ -22,7 +22,7 @@ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 * USA * - * $Id: poll.c 25038 2008-01-23 16:03:08Z androsyn $ + * $Id: poll.c 25375 2008-05-16 15:19:51Z androsyn $ */ #include #include @@ -81,7 +81,7 @@ rb_init_netio_poll(void) static void resize_pollarray(int fd) { - if(unlikely(fd >= pollfd_list.allocated)) + if(rb_unlikely(fd >= pollfd_list.allocated)) { int x, old_value = pollfd_list.allocated; pollfd_list.allocated += 1024; diff --git a/libratbox/src/ratbox_lib.c b/libratbox/src/ratbox_lib.c index 1f6babe..e80f5d1 100644 --- a/libratbox/src/ratbox_lib.c +++ b/libratbox/src/ratbox_lib.c @@ -20,7 +20,7 @@ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 * USA * - * $Id: ratbox_lib.c 25038 2008-01-23 16:03:08Z androsyn $ + * $Id: ratbox_lib.c 25375 2008-05-16 15:19:51Z androsyn $ */ #include @@ -69,7 +69,7 @@ rb_ctime(const time_t t, char *buf, size_t len) #else tp = gmtime(&t); #endif - if(unlikely(tp == NULL)) + if(rb_unlikely(tp == NULL)) { strcpy(buf, ""); return(buf); @@ -104,7 +104,7 @@ rb_date(const time_t t, char *buf, size_t len) gm = gmtime(&t); #endif - if(unlikely(gm == NULL)) + if(rb_unlikely(gm == NULL)) { rb_strlcpy(buf, "", len); return(buf); @@ -169,7 +169,7 @@ rb_set_time(void) { struct timeval newtime; - if(unlikely(rb_gettimeofday(&newtime, NULL) == -1)) + if(rb_unlikely(rb_gettimeofday(&newtime, NULL) == -1)) { rb_lib_log("Clock Failure (%s)", strerror(errno)); rb_lib_restart("Clock Failure"); @@ -184,7 +184,7 @@ rb_set_time(void) const char * rb_lib_version(void) { - static const char *id = "$Rev: 25038 $"; + static const char *id = "$Rev: 25375 $"; return id; } diff --git a/libratbox/src/rawbuf.c b/libratbox/src/rawbuf.c index 39e3b5b..6a53acb 100644 --- a/libratbox/src/rawbuf.c +++ b/libratbox/src/rawbuf.c @@ -207,7 +207,7 @@ rb_rawbuf_append(rawbuf_head_t * rb, void *data, int len) len -= clen; if(len == 0) return; - data += clen; + data = (char *)data + clen; } @@ -223,7 +223,7 @@ rb_rawbuf_append(rawbuf_head_t * rb, void *data, int len) memcpy(buf->data, data, clen); buf->len += clen; len -= clen; - data += clen; + data = (char *)data + clen; rb->len += clen; } } diff --git a/libratbox/src/sigio.c b/libratbox/src/sigio.c index eefd21f..cd0addb 100644 --- a/libratbox/src/sigio.c +++ b/libratbox/src/sigio.c @@ -23,7 +23,7 @@ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 * USA * - * $Id: sigio.c 25038 2008-01-23 16:03:08Z androsyn $ + * $Id: sigio.c 25375 2008-05-16 15:19:51Z androsyn $ */ #ifndef _GNU_SOURCE @@ -103,7 +103,7 @@ rb_init_netio_sigio(void) static inline void resize_pollarray(int fd) { - if(unlikely(fd >= pollfd_list.allocated)) + if(rb_unlikely(fd >= pollfd_list.allocated)) { int x, old_value = pollfd_list.allocated; pollfd_list.allocated += 1024; diff --git a/libratbox/src/snprintf.c b/libratbox/src/snprintf.c index 0c116ab..f05c296 100644 --- a/libratbox/src/snprintf.c +++ b/libratbox/src/snprintf.c @@ -4,7 +4,7 @@ * The original headers are below.. * Note that this implementation does not process floating point numbers so * you will likely need to fall back to using sprintf yourself to do those... - * $Id: snprintf.c 25038 2008-01-23 16:03:08Z androsyn $ + * $Id: snprintf.c 25375 2008-05-16 15:19:51Z androsyn $ */ /* @@ -295,7 +295,7 @@ int rb_vsnprintf(char *buf, size_t size, const char *fmt, va_list args) /* Reject out-of-range values early. Large positive sizes are used for unknown buffer sizes. */ - if (unlikely((int) size < 0)) { + if (rb_unlikely((int) size < 0)) { return 0; }