Mercurial > hg > freeDiameter
changeset 17:ab3c58d88be3
Added proper gcrypt initializer
author | Sebastien Decugis <sdecugis@nict.go.jp> |
---|---|
date | Mon, 05 Oct 2009 14:03:05 +0900 |
parents | 013ce9851131 |
children | e7187583dcf8 |
files | freeDiameter/CMakeLists.txt freeDiameter/config.c freeDiameter/main.c include/freeDiameter/CMakeLists.txt include/freeDiameter/freeDiameter.h |
diffstat | 5 files changed, 30 insertions(+), 6 deletions(-) [+] |
line wrap: on
line diff
--- a/freeDiameter/CMakeLists.txt Fri Oct 02 18:57:06 2009 +0900 +++ b/freeDiameter/CMakeLists.txt Mon Oct 05 14:03:05 2009 +0900 @@ -30,6 +30,11 @@ FIND_PACKAGE(GNUTLS REQUIRED) INCLUDE_DIRECTORIES(${GNUTLS_INCLUDE_DIRS}) SET(FD_LIBS ${FD_LIBS} ${GNUTLS_LIBRARIES}) +find_path(GCRYPT_INCLUDE_DIR NAMES gcrypt.h) +If ( NOT GCRYPT_INCLUDE_DIR ) + MESSAGE(SEND_ERROR "Unable to find gcrypt.h, please install libgcrypt-dev or equivalent") +Endif ( NOT GCRYPT_INCLUDE_DIR ) +INCLUDE_DIRECTORIES(${GCRYPT_INCLUDE_DIR}) # Building the executable ADD_EXECUTABLE(freeDiameterd ${FD_COMMON_SRC} ${FD_COMMON_GEN_SRC} main.c)
--- a/freeDiameter/config.c Fri Oct 02 18:57:06 2009 +0900 +++ b/freeDiameter/config.c Mon Oct 05 14:03:05 2009 +0900 @@ -121,6 +121,11 @@ #endif /* DISABLE_SCTP */ fd_log_debug(" - Pref. proto .. : %s\n", fd_g_config->cnf_flags.pr_tcp ? "TCP" : "SCTP"); fd_log_debug(" - TLS method ... : %s\n", fd_g_config->cnf_flags.tls_alg ? "INBAND" : "Separate port"); + fd_log_debug(" TLS : - Certificate .. : %s\n", fd_g_config->cnf_sec_data.cert_file ?: "(none)"); + fd_log_debug(" - Private key .. : %s\n", fd_g_config->cnf_sec_data.key_file ?: "(none)"); + fd_log_debug(" - CA ........... : %s\n", fd_g_config->cnf_sec_data.ca_file ?: "(none)"); + fd_log_debug(" - CRL .......... : %s\n", fd_g_config->cnf_sec_data.crl_file ?: "(none)"); + fd_log_debug(" - Priority ..... : %s\n", fd_g_config->cnf_sec_data.prio_string ?: "(default)"); fd_log_debug(" Origin-State-Id ........ : %u\n", fd_g_config->cnf_orstateid); } @@ -202,5 +207,11 @@ return EINVAL; } + /* TLS parameters */ + CHECK_GNUTLS_DO( gnutls_certificate_allocate_credentials (&fd_g_config->cnf_sec_data.credentials), return ENOMEM ); + + CHECK_GNUTLS_DO( gnutls_dh_params_init (&fd_g_config->cnf_sec_data.dh_cache), return ENOMEM ); + + return 0; }
--- a/freeDiameter/main.c Fri Oct 02 18:57:06 2009 +0900 +++ b/freeDiameter/main.c Mon Oct 05 14:03:05 2009 +0900 @@ -38,11 +38,9 @@ #include <signal.h> #include <getopt.h> #include <locale.h> +#include <gcrypt.h> -#ifdef GCRY_THREAD_OPTION_PTHREAD_IMPL GCRY_THREAD_OPTION_PTHREAD_IMPL; -#endif /* GCRY_THREAD_OPTION_PTHREAD_IMPL */ - /* forward declarations */ static void * sig_hdl(void * arg); @@ -79,6 +77,7 @@ CHECK_FCT( main_cmdline(argc, argv) ); /* Initialize gnutls */ + (void) gcry_control (GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread); CHECK_GNUTLS_DO( gnutls_global_init(), return EINVAL ); if ( ! gnutls_check_version(GNUTLS_VERSION) ) { fprintf(stderr, "The GNUTLS library is too old; found '%s', need '" GNUTLS_VERSION "'\n", gnutls_check_version(NULL));
--- a/include/freeDiameter/CMakeLists.txt Fri Oct 02 18:57:06 2009 +0900 +++ b/include/freeDiameter/CMakeLists.txt Mon Oct 05 14:03:05 2009 +0900 @@ -11,7 +11,7 @@ # Disable SCTP support completly ? OPTION(DISABLE_SCTP "Disable SCTP support?") -# Disable SCTP support completly ? +# Find TODO items in the code easily ? OPTION(ERRORS_ON_TODO "(development) Generate compilation errors on TODO items ?" OFF)
--- a/include/freeDiameter/freeDiameter.h Fri Oct 02 18:57:06 2009 +0900 +++ b/include/freeDiameter/freeDiameter.h Mon Oct 05 14:03:05 2009 +0900 @@ -89,8 +89,17 @@ } cnf_flags; struct { - /* GNUTLS global state */ - /* Server credential(s) */ + /* Credentials parameters */ + char * key_file; + char * cert_file; + char * ca_file; + char * crl_file; + char * prio_string; + /* GNUTLS server credential(s) (created from previous files) */ + gnutls_certificate_credentials_t credentials; + /* Other GNUTLS global parameters */ + gnutls_priority_t prio_cache; + gnutls_dh_params_t dh_cache; } cnf_sec_data; uint32_t cnf_orstateid; /* The value to use in Origin-State-Id, default to random value */