all_errlist_objs="server mp3_afh afh_common vss command net string signal time
- daemon stat crypt http_send close_on_fork ipc acl afh fade amp_filter
+ daemon stat http_send close_on_fork ipc acl afh fade amp_filter
dccp_send fd user_list chunk_queue afs aft mood score attribute blob ringbuffer
playlist sched audiod grab_client filter_common wav_filter compress_filter
http_recv dccp_recv recv_common write_common file_write audiod_command
client_common recv stdout filter stdin audioc write client exec send_common ggo
udp_recv udp_send color fec fecdec_filter prebuffer_filter mm
server_command_list afs_command_list audiod_command_list bitstream imdct wma_afh
- wma_common wmadec_filter buffer_tree
+ wma_common wmadec_filter buffer_tree crypt_common
"
executables="recv filter audioc write client afh audiod"
audioc_ldflags=""
audiod_cmdline_objs="add_cmdline(audiod compress_filter http_recv dccp_recv file_write client amp_filter udp_recv prebuffer_filter)"
- audiod_errlist_objs="audiod signal string daemon stat net
+ audiod_errlist_objs="audiod signal string daemon stat net crypt_common
time grab_client filter_common wav_filter compress_filter amp_filter http_recv dccp_recv
- recv_common fd sched write_common file_write audiod_command crypt fecdec_filter
+ recv_common fd sched write_common file_write audiod_command fecdec_filter
client_common ggo udp_recv color fec prebuffer_filter audiod_command_list
bitstream imdct wma_common wmadec_filter buffer_tree"
audiod_ldflags="-lm"
server_cmdline_objs="add_cmdline(server)"
server_errlist_objs="server afh_common mp3_afh vss command net string signal
- time daemon crypt http_send close_on_fork mm
+ time daemon http_send close_on_fork mm crypt_common
ipc dccp_send fd user_list chunk_queue afs aft mood score attribute
blob playlist sched acl send_common udp_send color fec
server_command_list afs_command_list wma_afh wma_common"
default_writer="FILE_WRITE"
client_cmdline_objs="add_cmdline(client)"
- client_errlist_objs="client net string crypt fd sched stdin stdout time
- client_common buffer_tree"
+ client_errlist_objs="client net string fd sched stdin stdout time
+ client_common buffer_tree crypt_common"
client_ldflags=""
gui_cmdline_objs="add_cmdline(gui)"
CPPFLAGS="$OLD_CPPFLAGS"
LDFLAGS="$OLD_LDFLAGS"
LIBS="$OLD_LIBS"
+ ########################################################################### crypto
+ AC_ARG_ENABLE(cryptolib, [AS_HELP_STRING(--enable-cryptolib=lib, [
+ Force using crypto library "lib". This package requires either
+ openssl or libgcrypt being installed. Possible values for "lib"
+ are thus "openssl" and "gcrypt". If this option is not given,
+ openssl is tried first. If openssl was not found, gcrypt is
+ tried next.])])
+
+ case "$enable_cryptolib" in
+ "openssl") check_openssl="yes"; check_gcrypt="no";;
+ "gcrypt") check_openssl="no"; check_gcrypt="yes";;
+ "") check_openssl="yes"; check_gcrypt="yes";;
+ *) AC_MSG_ERROR([invalid value "$enable_cryptolib" for --enable-cryptolib]);;
+ esac
###################################################################### openssl
- OLD_CPPFLAGS="$CPPFLAGS"
- OLD_LD_FLAGS="$LDFLAGS"
- OLD_LIBS="$LIBS"
- have_openssl="yes"
- AC_ARG_WITH(openssl_headers, [AC_HELP_STRING(--with-openssl-headers=dir,
- [look for openssl headers also in dir])])
- if test -n "$with_openssl_headers"; then
- openssl_cppflags="-I$with_openssl_headers"
- CPPFLAGS="$CPPFLAGS $openssl_cppflags"
- fi
- AC_ARG_WITH(openssl_libs, [AC_HELP_STRING(--with-openssl-libs=dir,
- [look for openssl libraries also in dir])])
- if test -n "$with_openssl_libs"; then
- openssl_libs="-L$with_openssl_libs"
- LDFLAGS="$LDFLAGS $openssl_libs"
- fi
- AC_CHECK_HEADER(openssl/ssl.h, [], [have_openssl="no"])
- AC_CHECK_LIB([crypto], [RAND_bytes], [], [have_openssl="no"])
- if test "$have_openssl" = "no" -a -z "$with_openssl_headers$with_openssl_libs"; then
- # try harder: openssl is sometimes installed in /usr/local/ssl
- openssl_cppflags="-I/usr/local/ssl/include"
- CPPFLAGS="$CPPFLAGS $openssl_cppflags"
- openssl_libs="-L/usr/local/ssl/lib"
- LDFLAGS="$LDFLAGS $openssl_libs"
- # clear cache
- unset ac_cv_header_openssl_ssl_h 2> /dev/null
- unset ac_cv_lib_crypto_RAND_bytes 2> /dev/null
- AC_CHECK_HEADER(openssl/ssl.h, [have_openssl="yes"], [])
+ if test "$check_openssl" = "yes"; then
+ OLD_CPPFLAGS="$CPPFLAGS"
+ OLD_LD_FLAGS="$LDFLAGS"
+ OLD_LIBS="$LIBS"
+ have_openssl="yes"
+ AC_ARG_WITH(openssl_headers, [AC_HELP_STRING(--with-openssl-headers=dir,
+ [look for openssl headers also in dir])])
+ if test -n "$with_openssl_headers"; then
+ openssl_cppflags="-I$with_openssl_headers"
+ CPPFLAGS="$CPPFLAGS $openssl_cppflags"
+ fi
+ AC_ARG_WITH(openssl_libs, [AC_HELP_STRING(--with-openssl-libs=dir,
+ [look for openssl libraries also in dir])])
+ if test -n "$with_openssl_libs"; then
+ openssl_libs="-L$with_openssl_libs"
+ LDFLAGS="$LDFLAGS $openssl_libs"
+ fi
+ AC_CHECK_HEADER(openssl/ssl.h, [], [have_openssl="no"])
+ AC_CHECK_LIB([crypto], [RAND_bytes], [], [have_openssl="no"])
+ if test "$have_openssl" = "no" -a -z "$with_openssl_headers$with_openssl_libs"; then
+ # try harder: openssl is sometimes installed in /usr/local/ssl
+ openssl_cppflags="-I/usr/local/ssl/include"
+ CPPFLAGS="$CPPFLAGS $openssl_cppflags"
+ openssl_libs="-L/usr/local/ssl/lib"
+ LDFLAGS="$LDFLAGS $openssl_libs"
+ # clear cache
+ unset ac_cv_header_openssl_ssl_h 2> /dev/null
+ unset ac_cv_lib_crypto_RAND_bytes 2> /dev/null
+ AC_CHECK_HEADER(openssl/ssl.h, [have_openssl="yes"], [])
+ if test "$have_openssl" = "yes"; then
+ AC_CHECK_LIB([crypto], [RAND_bytes], [], [have_openssl="no"])
+ fi
+ fi
if test "$have_openssl" = "yes"; then
- AC_CHECK_LIB([crypto], [RAND_bytes], [], [have_openssl="no"])
+ AC_DEFINE(HAVE_OPENSSL, 1, [define to 1 to turn on openssl support])
+ AC_SUBST(openssl_cppflags)
+ openssl_libs="$openssl_libs -lssl -lcrypto"
+ server_ldflags="$server_ldflags $openssl_libs"
+ client_ldflags="$client_ldflags $openssl_libs"
+ audiod_ldflags="$audiod_ldflags $openssl_libs"
+
+ all_errlist_objs="$all_errlist_objs crypt"
+ server_errlist_objs="$server_errlist_objs crypt"
+ client_errlist_objs="$client_errlist_objs crypt"
+ audiod_errlist_objs="$audiod_errlist_objs crypt"
+
+ check_gcrypt="no"
+ else
+ AC_MSG_WARN([openssl libraries not found])
fi
- fi
- if test "$have_openssl" = "yes"; then
- AC_DEFINE(HAVE_OPENSSL, 1, [define to 1 to turn on openssl support])
- AC_SUBST(openssl_cppflags)
- openssl_libs="$openssl_libs -lssl -lcrypto"
- server_ldflags="$server_ldflags $openssl_libs"
- client_ldflags="$client_ldflags $openssl_libs"
- audiod_ldflags="$audiod_ldflags $openssl_libs"
+ CPPFLAGS="$OLD_CPPFLAGS"
+ LDFLAGS="$OLD_LDFLAGS"
+ LIBS="$OLD_LIBS"
else
- AC_MSG_ERROR([openssl libraries not found])
+ have_openssl="no"
+ fi
+ ########################################################################### gcrypt
+ if test "$check_gcrypt" = "yes"; then
+ OLD_CPPFLAGS="$CPPFLAGS"
+ OLD_LD_FLAGS="$LDFLAGS"
+ OLD_LIBS="$LIBS"
+ have_gcrypt="yes"
+ AC_ARG_WITH(gcrypt_headers, [AC_HELP_STRING(--with-gcrypt-headers=dir,
+ [look for gcrypt headers also in dir])])
+ if test -n "$with_gcrypt_headers"; then
+ gcrypt_cppflags="-I$with_gcrypt_headers"
+ CPPFLAGS="$CPPFLAGS $gcrypt_cppflags"
+ fi
+ AC_ARG_WITH(gcrypt_libs, [AC_HELP_STRING(--with-gcrypt-libs=dir,
+ [look for libgcrypt also in dir])])
+ if test -n "$with_gcrypt_libs"; then
+ gcrypt_libs="-L$with_gcrypt_libs"
+ LDFLAGS="$LDFLAGS $gcrypt_libs"
+ fi
+ AC_CHECK_HEADER(gcrypt.h, [], [have_gcrypt="no"])
+ AC_CHECK_LIB([gcrypt], [gcry_randomize], [], [have_gcrypt="no"])
+ if test "$have_gcrypt" = "yes"; then
+ AC_DEFINE(HAVE_GCRYPT, 1, [define to 1 to turn on gcrypt support])
+ AC_SUBST(gcrypt_cppflags)
+ gcrypt_libs="$gcrypt_libs -lgcrypt"
+ server_ldflags="$server_ldflags $gcrypt_libs"
+ client_ldflags="$client_ldflags $gcrypt_libs"
+ audiod_ldflags="$audiod_ldflags $gcrypt_libs"
+
+ all_errlist_objs="$all_errlist_objs gcrypt"
+ server_errlist_objs="$server_errlist_objs gcrypt"
+ client_errlist_objs="$client_errlist_objs gcrypt"
+ audiod_errlist_objs="$audiod_errlist_objs gcrypt"
+ else
+ AC_MSG_WARN([gcrypt library not found])
+ fi
+ CPPFLAGS="$OLD_CPPFLAGS"
+ LDFLAGS="$OLD_LDFLAGS"
+ LIBS="$OLD_LIBS"
+ else
+ have_gcrypt="no"
+ fi
+ ###########################################################################
+ if test "$have_openssl" = "no" -a "$have_gcrypt" = "no"; then
+ AC_MSG_ERROR([neither openssl nor gcrypt usable])
fi
- CPPFLAGS="$OLD_CPPFLAGS"
- LDFLAGS="$OLD_LDFLAGS"
- LIBS="$OLD_LIBS"
########################################################################### libsocket
AC_CHECK_LIB([c], [socket],
[socket_lib=],
f="$f1 $f2 $f3 $f4"
all_errlist_objs="$all_errlist_objs osx_write"
- audiod_errlist_objs="$audiod_errlist_objs osx_write"
+ audiod_errlist_objs="$audiod_errlist_objs osx_write ipc"
audiod_cmdline_objs="$audiod_cmdline_objs osx_write.cmdline"
audiod_ldflags="$audiod_ldflags $f"
- write_errlist_objs="$write_errlist_objs osx_write"
+ write_errlist_objs="$write_errlist_objs osx_write ipc"
write_cmdline_objs="$write_cmdline_objs osx_write.cmdline"
write_ldflags="$write_ldflags $f"
writers="$writers osx"
done
AC_DEFINE_UNQUOTED(DEFINE_ERRLIST_OBJECT_ENUM,
[enum {$SS NUM_SS}],
- [list of all objects that use paraslash's error facility]
+ [list of all objects that use the paraslash error facility]
)
################################################################## status items
git clone git://git.tuebingen.mpg.de/osl
- - XREFERENCE(ftp://ftp.gnu.org/pub/gnu/gcc, gcc). The
- EMPH(gnu compiler collection) is usually shipped with the
- distro. gcc-3.3 or newer is required.
+ - XREFERENCE(ftp://ftp.gnu.org/pub/gnu/gcc, gcc) or
+ XREFERENCE(http://clang.llvm.org, clang). All gcc versions
+ >= 3.3 are currently supported. Clang version 1.1 or newer
+ should work as well.
- XREFERENCE(ftp://ftp.gnu.org/pub/gnu/make, gnu make) is
also shipped with the disto. On BSD systems the gnu make
scripts which run during compilation require the EMPH(Bourne
again shell). It is most likely already installed.
- - XREFERENCE(http://www.openssl.org/, openssl). The EMPH(Secure
- Sockets Layer) library is needed for cryptographic routines
- on both the server and the client side. It is usually shipped
- with the distro, but you might have to install the "development
- package" (called libssl-dev on debian systems) as well.
+ - XREFERENCE(http://www.openssl.org/, openssl) or
+ XREFERENCE(ftp://ftp.gnupg.org/gcrypt/libgcrypt/, libgcrypt).
+ At least one of these two libraries is needed as the backend
+ for cryptographic routines on both the server and the client
+ side. Both openssl and libgcrypt are usually shipped with the
+ distro, but you might have to install the development package
+ (libssl-dev or libgcrypt-dev on debian systems) as well.
- XREFERENCE(ftp://ftp.gnu.org/pub/gnu/help2man, help2man)
is used to create the man pages.
this point on the communication is encrypted using the RC4
stream cipher with the session key known to both peers.
- paraslash relies on the quality of openssl's cryptographically strong
- pseudo-random bytes, on the security of the implementation of the
- openssl RSA and RC4 crypto routines and on the infeasibility to invert
- the SHA1 function.
+ paraslash relies on the quality of the pseudo-random bytes provided
+ by the crypto library (openssl or libgcrypt), on the security of
+ the implementation of the RSA and RC4 crypto routines and on the
+ infeasibility to invert the SHA1 function.
Neither para_server or para_client create RSA keys on their own. This
has to be done once for each user as sketched in REFERENCE(Quick start,
projects / paraslash.git / commitdiff