Exemple #1
0
static void init_openssl(void)
{
    atexit(fini_openssl);
    OpenSSL_add_all_algorithms();
    ENGINE_load_builtin_engines();
    ENGINE_register_all_complete();
}
Exemple #2
0
void
tor_init (void)
{
	if (initialized) {
		return;
	}

	ERR_load_crypto_strings();
	OpenSSL_add_all_algorithms();

	// enable proper threading
	locks.length = CRYPTO_num_locks();
	locks.item   = malloc(locks.length * sizeof(uv_mutex_t));

	for (size_t i = 0; i < locks.length; i++) {
		uv_mutex_init(&locks.item[i]);
	}

	CRYPTO_set_locking_callback(_locking_callback);
	CRYPTO_set_id_callback(uv_thread_self);
	CRYPTO_set_dynlock_create_callback(_dynlock_create_callback);
	CRYPTO_set_dynlock_lock_callback(_dynlock_lock_callback);
	CRYPTO_set_dynlock_destroy_callback(_dynlock_destroy_callback);

	ENGINE_load_builtin_engines();
	ENGINE_register_all_complete();

	initialized = true;
}
Exemple #3
0
void ENGINE_load_builtin_engines(void)
	{
	/* Some ENGINEs need this */
	OPENSSL_cpuid_setup();
#if 0
	/* There's no longer any need for an "openssl" ENGINE unless, one day,
	 * it is the *only* way for standard builtin implementations to be be
	 * accessed (ie. it would be possible to statically link binaries with
	 * *no* builtin implementations). */
	ENGINE_load_openssl();
#endif
#if !defined(OPENSSL_NO_HW) && (defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV))
	ENGINE_load_cryptodev();
#endif
#ifndef OPENSSL_NO_RDRAND
	ENGINE_load_rdrand();
#endif
	ENGINE_load_dynamic();
#ifndef OPENSSL_NO_STATIC_ENGINE
#ifndef OPENSSL_NO_HW
#ifndef OPENSSL_NO_HW_4758_CCA
	ENGINE_load_4758cca();
#endif
#ifndef OPENSSL_NO_HW_AEP
	ENGINE_load_aep();
#endif
#ifndef OPENSSL_NO_HW_ATALLA
	ENGINE_load_atalla();
#endif
#ifndef OPENSSL_NO_HW_CSWIFT
	ENGINE_load_cswift();
#endif
#ifndef OPENSSL_NO_HW_NCIPHER
	ENGINE_load_chil();
#endif
#ifndef OPENSSL_NO_HW_NURON
	ENGINE_load_nuron();
#endif
#ifndef OPENSSL_NO_HW_SUREWARE
	ENGINE_load_sureware();
#endif
#ifndef OPENSSL_NO_HW_UBSEC
	ENGINE_load_ubsec();
#endif
#ifndef OPENSSL_NO_HW_PADLOCK
	ENGINE_load_padlock();
#endif
#endif
#ifndef OPENSSL_NO_GOST
	ENGINE_load_gost();
#endif
#ifndef OPENSSL_NO_GMP
	ENGINE_load_gmp();
#endif
#if defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_NO_CAPIENG)
	ENGINE_load_capi();
#endif
#endif
	ENGINE_register_all_complete();
	}
Exemple #4
0
void BTCTrader::signRequest ( QString* header, QNetworkRequest* newRequest )
{
    nonce += 1;
    *header = ( header->length() == 0 ) ? "nonce=" + QString::number( nonce ) : "nonce=" + QString::number( nonce ) + "&" + *header;

    QByteArray key = QByteArray::fromBase64( restSign.toStdString().c_str() );
    unsigned char* result;
    unsigned int result_len = 512;
    HMAC_CTX ctx;

    result = (unsigned char*) malloc(sizeof(unsigned char) * result_len);

    ENGINE_load_builtin_engines();
    ENGINE_register_all_complete();

    HMAC_CTX_init(&ctx);
    HMAC_Init_ex(&ctx, key.constData(), key.length(), EVP_sha512(), NULL);
    HMAC_Update(&ctx, (unsigned char*)header->toAscii().constData(), header->length());
    HMAC_Final(&ctx, result, &result_len);
    HMAC_CTX_cleanup(&ctx);

    newRequest->setRawHeader( "Rest-Key", restKey.toStdString().c_str() );
    newRequest->setRawHeader( "Rest-Sign", QByteArray::fromRawData( (char*)result, result_len ).toBase64() );
    newRequest->setRawHeader( "content-type","application/x-www-form-urlencoded" );
    free ( result );
}
Exemple #5
0
static ENGINE *
setup_engine (const char *engine)
{
  ENGINE *e = NULL;

  ENGINE_load_builtin_engines ();

  if (engine)
    {
      if (strcmp (engine, "auto") == 0)
	{
	  msg (M_INFO, "Initializing OpenSSL auto engine support");
	  ENGINE_register_all_complete ();
	  return NULL;
	}
      if ((e = ENGINE_by_id (engine)) == NULL
	 && (e = try_load_engine (engine)) == NULL)
	{
	  msg (M_FATAL, "OpenSSL error: cannot load engine '%s'", engine);
	}

      if (!ENGINE_set_default (e, ENGINE_METHOD_ALL))
	{
	  msg (M_FATAL, "OpenSSL error: ENGINE_set_default failed on engine '%s'",
	       engine);
	}

      msg (M_INFO, "Initializing OpenSSL support for engine '%s'",
	   ENGINE_get_id (e));
    }
  return e;
}
Exemple #6
0
void ENGINE_load_builtin_engines(void)
{
    /* Some ENGINEs need this */
    OPENSSL_cpuid_setup();
#if !defined(OPENSSL_NO_HW) && (defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV))
# ifdef ENGINE_load_cryptodev
    ENGINE_load_cryptodev();
# endif
#endif
#ifndef OPENSSL_NO_RDRAND
# ifdef ENGINE_load_rdrand
    ENGINE_load_rdrand();
# endif
#endif
# ifdef ENGINE_load_dynamic
    ENGINE_load_dynamic();
# endif
#ifndef OPENSSL_NO_STATIC_ENGINE
# ifndef OPENSSL_NO_HW
#  ifndef OPENSSL_NO_HW_PADLOCK
#   ifdef ENGINE_load_padlock
    ENGINE_load_padlock();
#   endif
#  endif
# endif
# if defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_NO_CAPIENG)
#  ifdef ENGINE_load_capi
    ENGINE_load_capi();
#  endif
# endif
#endif
    ENGINE_register_all_complete();
}
void openssl_init(bool threaded)
{
    // initialize the SSL library
    SSL_load_error_strings();
    SSL_library_init();

    unsigned int randSeed = 0;
    RAND_bytes( (unsigned char*)&randSeed, sizeof(randSeed) );
    srand( randSeed );

#ifndef OPENSSL_NO_ENGINE
    /* Load all bundled ENGINEs into memory and make them visible */
    ENGINE_load_builtin_engines();
    /* Register all of them for every algorithm they collectively implement */
    ENGINE_register_all_complete();
#endif // NO_ENGINE

    if(threaded)
    {
	// provide locking functions to OpenSSL since we'll be running with
	// threads accessing openssl in parallel.
	CRYPTO_set_id_callback( threads_thread_id );
	CRYPTO_set_locking_callback( threads_locking_callback );
    }
}
Exemple #8
0
void ENGINE_load_builtin_engines(void)
	{
	/* Some ENGINEs need this */
	OPENSSL_cpuid_setup();
#if 0
	/* There's no longer any need for an "openssl" ENGINE unless, one day,
	 * it is the *only* way for standard builtin implementations to be be
	 * accessed (ie. it would be possible to statically link binaries with
	 * *no* builtin implementations). */
	ENGINE_load_openssl();
#endif
#if !defined(OPENSSL_NO_HW) && (defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV))
	ENGINE_load_cryptodev();
#endif
#ifndef OPENSSL_NO_RSAX
	ENGINE_load_rsax();
#endif
#ifndef OPENSSL_NO_RDRAND
	ENGINE_load_rdrand();
#endif
	ENGINE_load_dynamic();
#ifndef OPENSSL_NO_STATIC_ENGINE
#ifndef OPENSSL_NO_HW
#ifndef OPENSSL_NO_HW_PADLOCK
	ENGINE_load_padlock();
#endif
#endif
#ifndef OPENSSL_NO_GOST
	ENGINE_load_gost();
#endif
#endif
	ENGINE_register_all_complete();
	}
Exemple #9
0
char* QBox_MakeUpToken(const QBox_AuthPolicy* auth)
{
	char* uptoken;
	char* policy_str;
	char* encoded_digest;
	char* encoded_policy_str;
	char digest[EVP_MAX_MD_SIZE + 1];
	unsigned int dgtlen = sizeof(digest);

	HMAC_CTX ctx;

	ENGINE_load_builtin_engines();
	ENGINE_register_all_complete();

	policy_str = QBox_AuthPolicy_json(auth);
	encoded_policy_str = QBox_String_Encode(policy_str);
	free(policy_str);

	bzero(digest, sizeof(digest));

	HMAC_CTX_init(&ctx);
	HMAC_Init_ex(&ctx, QBOX_SECRET_KEY, strlen(QBOX_SECRET_KEY), EVP_sha1(), NULL);
	HMAC_Update(&ctx, encoded_policy_str, strlen(encoded_policy_str));
	HMAC_Final(&ctx, digest, &dgtlen);
	HMAC_CTX_cleanup(&ctx);

	encoded_digest = QBox_Memory_Encode(digest, dgtlen);
	uptoken = QBox_String_Concat(QBOX_ACCESS_KEY, ":", encoded_digest, ":", encoded_policy_str, NULL);
	free(encoded_policy_str);
	free(encoded_digest);

	return uptoken;
}
Exemple #10
0
void ENGINE_setup_bsd_cryptodev(void) {
	static int bsd_cryptodev_default_loaded = 0;
	if (!bsd_cryptodev_default_loaded) {
		ENGINE_load_cryptodev();
		ENGINE_register_all_complete();
	}
	bsd_cryptodev_default_loaded=1;
}
Exemple #11
0
void _libssh2_openssl_crypto_init(void)
{
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
    ENGINE_load_builtin_engines();
    ENGINE_register_all_complete();
#else
    OpenSSL_add_all_algorithms();
    OpenSSL_add_all_ciphers();
    ENGINE_load_builtin_engines();
    ENGINE_register_all_complete();
#endif
#ifndef HAVE_EVP_AES_128_CTR
    _libssh2_EVP_aes_128_ctr();
    _libssh2_EVP_aes_192_ctr();
    _libssh2_EVP_aes_256_ctr();
#endif
}
Exemple #12
0
void ENGINE_setup_openbsd(void) {
	static int openbsd_default_loaded = 0;
	if (!openbsd_default_loaded) {
		ENGINE_load_cryptodev();
		ENGINE_register_all_complete();
	}
	openbsd_default_loaded=1;
}
void
ssh_SSLeay_add_all_algorithms(void)
{
	SSLeay_add_all_algorithms();

	/* Enable use of crypto hardware */
	ENGINE_load_builtin_engines();
	ENGINE_register_all_complete();
}
Exemple #14
0
void ENGINE_load_builtin_engines(void)
{
    /* Some ENGINEs need this */
    OPENSSL_cpuid_setup();
#if !defined(OPENSSL_NO_HW) && (defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV))
    ENGINE_load_cryptodev();
#endif
#ifndef OPENSSL_NO_RDRAND
    ENGINE_load_rdrand();
#endif
    ENGINE_load_dynamic();
#ifndef OPENSSL_NO_STATIC_ENGINE
# ifndef OPENSSL_NO_HW
#  ifndef OPENSSL_NO_HW_4758_CCA
    ENGINE_load_4758cca();
#  endif
/*-
 * These engines have been disabled as they do not currently build
#ifndef OPENSSL_NO_HW_AEP
        ENGINE_load_aep();
#endif
#ifndef OPENSSL_NO_HW_ATALLA
        ENGINE_load_atalla();
#endif
#ifndef OPENSSL_NO_HW_CSWIFT
        ENGINE_load_cswift();
#endif
#ifndef OPENSSL_NO_HW_NCIPHER
        ENGINE_load_chil();
#endif
#ifndef OPENSSL_NO_HW_NURON
        ENGINE_load_nuron();
#endif
#ifndef OPENSSL_NO_HW_SUREWARE
        ENGINE_load_sureware();
#endif
#ifndef OPENSSL_NO_HW_UBSEC
        ENGINE_load_ubsec();
#endif
*/
#  ifndef OPENSSL_NO_HW_PADLOCK
    ENGINE_load_padlock();
#  endif
# endif
# ifndef OPENSSL_NO_GOST
    ENGINE_load_gost();
# endif
# ifndef OPENSSL_NO_GMP
    ENGINE_load_gmp();
# endif
# if defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_NO_CAPIENG)
    ENGINE_load_capi();
# endif
#endif
    ENGINE_register_all_complete();
}
Exemple #15
0
void
ca_sslinit(void)
{
	OpenSSL_add_all_algorithms();
	ERR_load_crypto_strings();

	/* Init hardware crypto engines. */
	ENGINE_load_builtin_engines();
	ENGINE_register_all_complete();
}
void
ssh_OpenSSL_add_all_algorithms(void)
{
	OpenSSL_add_all_algorithms();

	/* Enable use of crypto hardware */
	ENGINE_load_builtin_engines();
	ENGINE_register_all_complete();
	OPENSSL_config(NULL);
}
Exemple #17
0
static void SMSSLInit(void)
{
	SSL_load_error_strings();
	SSL_library_init();
	OpenSSL_add_all_algorithms();
	//ERR_load_crypto_strings();

	/* Init available hardware crypto engines. */
	ENGINE_load_builtin_engines();
	ENGINE_register_all_complete();
}
Exemple #18
0
int get_aes_sha1_threshold()
{
AES_KEY key;
uint8_t ukey[16];

	ENGINE_load_builtin_engines();
        ENGINE_register_all_complete();

	memset(ukey, 0xaf, sizeof(ukey));
	AES_set_encrypt_key(ukey, 16*8, &key);

	return aead_test(CRYPTO_AES_CBC, CRYPTO_SHA1, ukey, 16, &key, aes_sha_combo);
}
Exemple #19
0
static QBox_Error QBox_DigestAuth_Auth(void* self, QBox_Header** header, const char* url, const char* addition, size_t addlen)
{
	QBox_Error err;
	char const* path = NULL;
	char* auth = NULL;
	char digest[EVP_MAX_MD_SIZE + 1];
	unsigned int dgtlen = sizeof(digest);
	char* enc_digest = NULL;
	HMAC_CTX ctx;

	ENGINE_load_builtin_engines();
	ENGINE_register_all_complete();

	path = strstr(url, "://");
	if (path != NULL) {
		path = strchr(path + 3, '/');
	}
	if (path == NULL) {
		err.code = 400;
		err.message = "Invalid URL";
		return err;
	}

	/* Do digest calculation */
	HMAC_CTX_init(&ctx);

	HMAC_Init_ex(&ctx, QBOX_SECRET_KEY, strlen(QBOX_SECRET_KEY), EVP_sha1(), NULL);
	HMAC_Update(&ctx, path, strlen(path));
	HMAC_Update(&ctx, "\n", 1);

	if (addlen > 0) {
		HMAC_Update(&ctx, addition, addlen);
	}

	HMAC_Final(&ctx, digest, &dgtlen);
	HMAC_CTX_cleanup(&ctx);

	digest[dgtlen] = '\0';
	enc_digest = QBox_String_Encode(digest);

	/* Set appopriate HTTP header */
	auth = QBox_String_Concat("Authorization: QBox ", QBOX_ACCESS_KEY, ":", enc_digest, NULL);
	free(enc_digest);

	*header = curl_slist_append(*header, auth);
	free(auth);

	err.code    = 200;
	err.message = "OK";
	return err;
}
Exemple #20
0
/**
 * Initialise the crypto library and perform one time initialisation.
 */
static apr_status_t crypto_init(apr_pool_t *pool, const char *params, int *rc)
{
    CRYPTO_malloc_init();
    ERR_load_crypto_strings();
    /* SSL_load_error_strings(); */
    OpenSSL_add_all_algorithms();
    ENGINE_load_builtin_engines();
    ENGINE_register_all_complete();

    apr_pool_cleanup_register(pool, pool, crypto_shutdown_helper,
            apr_pool_cleanup_null);

    return APR_SUCCESS;
}
Exemple #21
0
void
ENGINE_load_builtin_engines(void)
{
	/* Some ENGINEs need this */
	OPENSSL_cpuid_setup();

#ifndef OPENSSL_NO_STATIC_ENGINE
#ifndef OPENSSL_NO_HW
#ifndef OPENSSL_NO_HW_PADLOCK
	ENGINE_load_padlock();
#endif
#endif
#endif
	ENGINE_register_all_complete();
}
Exemple #22
0
void
ssl_init(struct relayd *env)
{
	static int	 initialized = 0;

	if (initialized)
		return;

	SSL_library_init();
	SSL_load_error_strings();

	/* Init hardware crypto engines. */
	ENGINE_load_builtin_engines();
	ENGINE_register_all_complete();

	initialized = 1;
}
Exemple #23
0
static SSL_CTX * ssl_server_init(const char *keypath, const char *certpath)
{
    SSL_CTX *ctx;
    ENGINE *e;

    ENGINE_load_builtin_engines();
    ENGINE_register_all_complete();

    e = ENGINE_by_id("padlock");
    if (e) {
        fprintf(stderr, "[*] Using padlock engine for default ciphers\n");
        ENGINE_set_default_ciphers(ENGINE_by_id("padlock"));
        use_padlock_engine = 1;
    } else {
        fprintf(stderr, "[*] Padlock engine not available\n");
        use_padlock_engine = 0;
    }

    SSL_load_error_strings();
    SSL_library_init();

    if (!RAND_poll())
	return NULL;

    ctx = SSL_CTX_new(SSLv23_server_method());

    if (!SSL_CTX_use_certificate_chain_file(ctx, certpath) ||
	    !SSL_CTX_use_PrivateKey_file(ctx, keypath, SSL_FILETYPE_PEM)) {
	fprintf(stderr, "Could not read %s or %s file\n", keypath, certpath);
	fprintf(stderr, "To generate a key and self-signed certificate, run:\n");
	fprintf(stderr, "\topenssl genrsa -out key.pem 2048\n");
	fprintf(stderr, "\topenssl req -new -key key.pem -out cert.req\n");
	fprintf(stderr, "\topenssl x509 -req -days 365 -in cert.req -signkey key.pem -out cert.pem\n");
	return NULL;
    }

    SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2);
    if (use_padlock_engine == 1) {
	if (SSL_CTX_set_cipher_list(ctx, "AES+SHA") != 1) {
	    fprintf(stderr, "Error setting client cipher list\n");
	    return NULL;
	}
    }
    return ctx;
}
Exemple #24
0
void
ssl_init(void)
{
	static int	inited = 0;

	if (inited)
		return;

	SSL_library_init();
	SSL_load_error_strings();
	
	OpenSSL_add_all_algorithms();
	
	/* Init hardware crypto engines. */
	ENGINE_load_builtin_engines();
	ENGINE_register_all_complete();
	inited = 1;
}
Exemple #25
0
/**
 * Initialise the crypto library and perform one time initialisation.
 */
static apr_status_t crypto_init(apr_pool_t *pool, const char *params,
        const apu_err_t **result)
{
#if APR_USE_OPENSSL_PRE_1_1_API
    (void)CRYPTO_malloc_init();
#else
    OPENSSL_malloc_init();
#endif
    ERR_load_crypto_strings();
    /* SSL_load_error_strings(); */
    OpenSSL_add_all_algorithms();
    ENGINE_load_builtin_engines();
    ENGINE_register_all_complete();

    apr_pool_cleanup_register(pool, pool, crypto_shutdown_helper,
            apr_pool_cleanup_null);

    return APR_SUCCESS;
}
Exemple #26
0
char* CryptoHandler::hmac_sha512(char* datain, char* keyin, const bool& base64)
{
	unsigned char* key = (unsigned char*) keyin;
	unsigned char* data = (unsigned char*) datain;
	unsigned char* result;
	unsigned int result_len = 64;

	HMAC_CTX ctx;
	result = (unsigned char*) malloc(sizeof(char) * result_len);

	ENGINE_load_builtin_engines();
	ENGINE_register_all_complete();

	HMAC_CTX_init(&ctx);
	HMAC_Init_ex(&ctx, key, strlen(keyin), EVP_sha512(), NULL);
	HMAC_Update(&ctx, data, strlen(datain));
	HMAC_Final(&ctx, result, &result_len);
	HMAC_CTX_cleanup(&ctx);

	if(base64)
		return base64encode(result,result_len);
	return (char*)result;
}
Exemple #27
0
/*
 * If this function is called with a non NULL settings value then it must be
 * called prior to any threads making calls to any OpenSSL functions,
 * i.e. passing a non-null settings value is assumed to be single-threaded.
 */
int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings)
{
    static int stoperrset = 0;

    if (stopped) {
        if (!stoperrset) {
            /*
             * We only ever set this once to avoid getting into an infinite
             * loop where the error system keeps trying to init and fails so
             * sets an error etc
             */
            stoperrset = 1;
            CRYPTOerr(CRYPTO_F_OPENSSL_INIT_CRYPTO, ERR_R_INIT_FAIL);
        }
        return 0;
    }

    if (!base_inited && !RUN_ONCE(&base, ossl_init_base))
        return 0;

    if ((opts & OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS)
            && !RUN_ONCE(&load_crypto_strings,
                         ossl_init_no_load_crypto_strings))
        return 0;

    if ((opts & OPENSSL_INIT_LOAD_CRYPTO_STRINGS)
            && !RUN_ONCE(&load_crypto_strings, ossl_init_load_crypto_strings))
        return 0;

    if ((opts & OPENSSL_INIT_NO_ADD_ALL_CIPHERS)
            && !RUN_ONCE(&add_all_ciphers, ossl_init_no_add_algs))
        return 0;

    if ((opts & OPENSSL_INIT_ADD_ALL_CIPHERS)
            && !RUN_ONCE(&add_all_ciphers, ossl_init_add_all_ciphers))
        return 0;

    if ((opts & OPENSSL_INIT_NO_ADD_ALL_DIGESTS)
            && !RUN_ONCE(&add_all_digests, ossl_init_no_add_algs))
        return 0;

    if ((opts & OPENSSL_INIT_ADD_ALL_DIGESTS)
            && !RUN_ONCE(&add_all_digests, ossl_init_add_all_digests))
        return 0;

    if ((opts & OPENSSL_INIT_NO_LOAD_CONFIG)
            && !RUN_ONCE(&config, ossl_init_no_config))
        return 0;

    if (opts & OPENSSL_INIT_LOAD_CONFIG) {
        int ret;
        CRYPTO_THREAD_write_lock(init_lock);
        appname = (settings == NULL) ? NULL : settings->appname;
        ret = RUN_ONCE(&config, ossl_init_config);
        CRYPTO_THREAD_unlock(init_lock);
        if (!ret)
            return 0;
    }

    if ((opts & OPENSSL_INIT_ASYNC)
            && !RUN_ONCE(&async, ossl_init_async))
        return 0;

#ifndef OPENSSL_NO_ENGINE
    if ((opts & OPENSSL_INIT_ENGINE_OPENSSL)
            && !RUN_ONCE(&engine_openssl, ossl_init_engine_openssl))
        return 0;
# if !defined(OPENSSL_NO_HW) && \
    (defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV))
    if ((opts & OPENSSL_INIT_ENGINE_CRYPTODEV)
            && !RUN_ONCE(&engine_cryptodev, ossl_init_engine_cryptodev))
        return 0;
# endif
# ifndef OPENSSL_NO_RDRAND
    if ((opts & OPENSSL_INIT_ENGINE_RDRAND)
            && !RUN_ONCE(&engine_rdrand, ossl_init_engine_rdrand))
        return 0;
# endif
    if ((opts & OPENSSL_INIT_ENGINE_DYNAMIC)
            && !RUN_ONCE(&engine_dynamic, ossl_init_engine_dynamic))
        return 0;
# ifndef OPENSSL_NO_STATIC_ENGINE
#  if !defined(OPENSSL_NO_HW) && !defined(OPENSSL_NO_HW_PADLOCK)
    if ((opts & OPENSSL_INIT_ENGINE_PADLOCK)
            && !RUN_ONCE(&engine_padlock, ossl_init_engine_padlock))
        return 0;
#  endif
#  if defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_NO_CAPIENG)
    if ((opts & OPENSSL_INIT_ENGINE_CAPI)
            && !RUN_ONCE(&engine_capi, ossl_init_engine_capi))
        return 0;
#  endif
#  if !defined(OPENSSL_NO_AFALGENG)
    if ((opts & OPENSSL_INIT_ENGINE_AFALG)
            && !RUN_ONCE(&engine_afalg, ossl_init_engine_afalg))
        return 0;
#  endif
# endif
    if (opts & (OPENSSL_INIT_ENGINE_ALL_BUILTIN
                | OPENSSL_INIT_ENGINE_OPENSSL
                | OPENSSL_INIT_ENGINE_AFALG)) {
        ENGINE_register_all_complete();
    }
#endif

#ifndef OPENSSL_NO_COMP
    if ((opts & OPENSSL_INIT_ZLIB)
            && !RUN_ONCE(&zlib, ossl_init_zlib))
        return 0;
#endif

    return 1;
}
Exemple #28
0
int main(int argc, char **argv) {
	program_name = argv[0];

	if(!parse_options(argc, argv))
		return 1;
	
	make_names();

	if(show_version) {
		printf("%s version %s (built %s %s, protocol %d)\n", PACKAGE,
			   VERSION, __DATE__, __TIME__, PROT_CURRENT);
		printf("Copyright (C) 1998-2010 Ivo Timmermans, Guus Sliepen and others.\n"
				"See the AUTHORS file for a complete list.\n\n"
				"tinc comes with ABSOLUTELY NO WARRANTY.  This is free software,\n"
				"and you are welcome to redistribute it under certain conditions;\n"
				"see the file COPYING for details.\n");

		return 0;
	}

	if(show_help) {
		usage(false);
		return 0;
	}

	if(kill_tincd)
		return !kill_other(kill_tincd);

	openlogger("tinc", use_logfile?LOGMODE_FILE:LOGMODE_STDERR);

	g_argv = argv;

	init_configuration(&config_tree);

	/* Slllluuuuuuurrrrp! */

	RAND_load_file("/dev/urandom", 1024);

	ENGINE_load_builtin_engines();
	ENGINE_register_all_complete();

	OpenSSL_add_all_algorithms();

	if(generate_keys) {
		read_server_config();
		return !keygen(generate_keys);
	}

	if(!read_server_config())
		return 1;

#ifdef HAVE_LZO
	if(lzo_init() != LZO_E_OK) {
		logger(LOG_ERR, "Error initializing LZO compressor!");
		return 1;
	}
#endif

#ifdef HAVE_MINGW
	if(WSAStartup(MAKEWORD(2, 2), &wsa_state)) {
		logger(LOG_ERR, "System call `%s' failed: %s", "WSAStartup", winerror(GetLastError()));
		return 1;
	}

	if(!do_detach || !init_service())
		return main2(argc, argv);
	else
		return 1;
}
int main (int argc, char *argv[])
{
    gchar *in_dir;
    GList *tmp;
    struct evhttp_uri *uri;
    struct timeval tv;

    log_level = LOG_debug;

    event_set_mem_functions (g_malloc, g_realloc, g_free);
    // init SSL libraries
    CRYPTO_set_mem_functions (g_malloc0, g_realloc, g_free);
    ENGINE_load_builtin_engines ();
    ENGINE_register_all_complete ();
    ERR_load_crypto_strings ();
    OpenSSL_add_all_algorithms ();

    SSL_load_error_strings ();
    SSL_library_init ();
    if (!RAND_poll ()) {
        fprintf(stderr, "RAND_poll() failed.\n");
        return 1;
    }
    g_random_set_seed (time (NULL));

    in_dir = g_dir_make_tmp (NULL, NULL);
    g_assert (in_dir);

    app = g_new0 (Application, 1);
    app->files_count = 10;
    app->evbase = event_base_new ();
	app->dns_base = evdns_base_new (app->evbase, 1);

        app->conf = conf_create ();
        conf_add_boolean (app->conf, "log.use_syslog", TRUE);
        
        conf_add_uint (app->conf, "auth.ttl", 85800);
        
        conf_add_int (app->conf, "pool.writers", 2);
        conf_add_int (app->conf, "pool.readers", 2);
        conf_add_int (app->conf, "pool.operations", 4);
        conf_add_uint (app->conf, "pool.max_requests_per_pool", 100);

        conf_add_int (app->conf, "connection.timeout", 20);
        conf_add_int (app->conf, "connection.retries", -1);

        conf_add_uint (app->conf, "filesystem.dir_cache_max_time", 5);
        conf_add_boolean (app->conf, "filesystem.cache_enabled", TRUE);
        conf_add_string (app->conf, "filesystem.cache_dir", "/tmp/hydrafs");
        conf_add_string (app->conf, "filesystem.cache_dir_max_size", "1Gb");

        conf_add_boolean (app->conf, "statistics.enabled", TRUE);
        conf_add_int (app->conf, "statistics.port", 8011);

    conf_add_string (app->conf, "auth.user", "test:tester");
    conf_add_string (app->conf, "auth.key", "testing");
    uri = evhttp_uri_parse ("https://10.0.0.104:8080/auth/v1.0");
    
    app->ssl_ctx = SSL_CTX_new (TLSv1_client_method ());
    
    app->stats = hfs_stats_srv_create (app);
    app->auth_client = auth_client_create (app, uri);

    app->http = http_client_create (app);

    // start server
     start_srv (app->evbase, in_dir);

    app->timeout = evtimer_new (app->evbase, on_output_timer, NULL);

    evutil_timerclear(&tv);
    tv.tv_sec = 0;
    tv.tv_usec = 500;
    event_add (app->timeout, &tv);

    event_base_dispatch (app->evbase);

    evhttp_uri_free (uri);
    event_del (app->timeout);
    event_free (app->timeout);

    evhttp_free (app->http_srv);
    auth_client_destroy (app->auth_client);

    evdns_base_free (app->dns_base, 0);
    event_base_free (app->evbase);

    conf_destroy (app->conf);
    g_free (app);

    return 0;
}
void context_init(void) { /* init SSL */
    int i;

#if SSLEAY_VERSION_NUMBER >= 0x00907000L
    /* Load all bundled ENGINEs into memory and make them visible */
    ENGINE_load_builtin_engines();
    /* Register all of them for every algorithm they collectively implement */
    ENGINE_register_all_complete();
#endif
    if(!init_prng())
        log(LOG_INFO, "PRNG seeded successfully");
    SSLeay_add_ssl_algorithms();
    SSL_load_error_strings();
    if(options.option.client) {
        ctx=SSL_CTX_new(SSLv3_client_method());
    } else { /* Server mode */
        ctx=SSL_CTX_new(SSLv23_server_method());
#ifndef NO_RSA
        SSL_CTX_set_tmp_rsa_callback(ctx, tmp_rsa_cb);
#endif /* NO_RSA */
        if(init_dh())
            log(LOG_WARNING, "Diffie-Hellman initialization failed");
    }
    if(options.ssl_options) {
        log(LOG_DEBUG, "Configuration SSL options: 0x%08lX",
            options.ssl_options);
        log(LOG_DEBUG, "SSL options set: 0x%08lX", 
            SSL_CTX_set_options(ctx, options.ssl_options));
    }
#if SSLEAY_VERSION_NUMBER >= 0x00906000L
    SSL_CTX_set_mode(ctx,
        SSL_MODE_ENABLE_PARTIAL_WRITE|SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
#endif /* OpenSSL-0.9.6 */

    SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_BOTH);
    SSL_CTX_set_timeout(ctx, options.session_timeout);
    if(options.option.cert) {
        if(!SSL_CTX_use_certificate_chain_file(ctx, options.cert)) {
            log(LOG_ERR, "Error reading certificate file: %s", options.cert);
            sslerror("SSL_CTX_use_certificate_chain_file");
            exit(1);
        }
        log(LOG_DEBUG, "Certificate: %s", options.cert);
        log(LOG_DEBUG, "Key file: %s", options.key);
#ifdef USE_WIN32
        SSL_CTX_set_default_passwd_cb(ctx, pem_passwd_cb);
#endif
        for(i=0; i<3; i++) {
#ifdef NO_RSA
            if(SSL_CTX_use_PrivateKey_file(ctx, options.key,
                    SSL_FILETYPE_PEM))
#else /* NO_RSA */
            if(SSL_CTX_use_RSAPrivateKey_file(ctx, options.key,
                    SSL_FILETYPE_PEM))
#endif /* NO_RSA */
                break;
            if(i<2 && ERR_GET_REASON(ERR_peek_error())==EVP_R_BAD_DECRYPT) {
                sslerror_stack(); /* dump the error stack */
                log(LOG_ERR, "Wrong pass phrase: retrying");
                continue;
            }
#ifdef NO_RSA
            sslerror("SSL_CTX_use_PrivateKey_file");
#else /* NO_RSA */
            sslerror("SSL_CTX_use_RSAPrivateKey_file");
#endif /* NO_RSA */
            exit(1);
        }
        if(!SSL_CTX_check_private_key(ctx)) {
            sslerror("Private key does not match the certificate");
            exit(1);
        }
    }

    verify_init(); /* Initialize certificate verification */

    SSL_CTX_set_info_callback(ctx, info_callback);

    if(options.cipher_list) {
        if (!SSL_CTX_set_cipher_list(ctx, options.cipher_list)) {
            sslerror("SSL_CTX_set_cipher_list");
            exit(1);
        }
    }
}