libknet: more nss crypto work

make crypto_init/fini work. make libknet shared (necessary for correct linking with nss). Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
kronosnet · Sep 24, 2012 · 9a240a0 · 9a240a0
1 parent c0ddf9f
commit 9a240a0
Show file tree

Hide file tree

Showing 13 changed files with 221 additions and 278 deletions.
diff --git a/kronosnetd/Makefile.am b/kronosnetd/Makefile.am
@@ -30,6 +30,6 @@ kronosnetd_CPPFLAGS	= \
 kronosnetd_CFLAGS	= $(LIBQB_CFLAGS)
 
 kronosnetd_LDADD	= \
-			  $(top_builddir)/libknet/libknet.a \
+			  $(top_builddir)/libknet/libknet.la \
 			  $(top_builddir)/libtap/libtap.la \
 			  $(LIBQB_LIBS)
diff --git a/kronosnetd/vty_cli_cmds.c b/kronosnetd/vty_cli_cmds.c
@@ -1198,6 +1198,8 @@ static int knet_cmd_interface(struct knet_vty *vty)
 	memset(&knet_handle_cfg, 0, sizeof(struct knet_handle_cfg));
 	knet_handle_cfg.fd = tap_get_fd(knet_iface->cfg_eth.tap);
 	knet_handle_cfg.node_id = requested_id;
+	knet_handle_cfg.crypto_cipher_type = (char *)"none";
+	knet_handle_cfg.crypto_hash_type = (char *)"none";
 
 	knet_iface->cfg_ring.knet_h = knet_handle_new(&knet_handle_cfg);
 	if (!knet_iface->cfg_ring.knet_h) {

diff --git a/libknet/Makefile.am b/libknet/Makefile.am
@@ -9,13 +9,16 @@ sources			= \
 			  common.c \
 			  handle.c \
 			  host.c \
-			  listener.c
+			  listener.c \
+			  nsscrypto.c
 
 include_HEADERS		= libknet.h
-noinst_HEADERS		= libknet-private.h
+noinst_HEADERS		= libknet-private.h \
+			  nsscrypto.h
 
-noinst_LIBRARIES	= libknet.a
-#lib_LTLIBRARIES	= libknet.la
+lib_LTLIBRARIES		= libknet.la
 
-libknet_a_SOURCES	= $(sources)
-#libknet_la_SOURCES	= $(sources)
+libknet_la_SOURCES	= $(sources)
+
+libknet_la_CFLAGS	= $(nss_CFLAGS)
+libknet_la_LIBADD	= $(nss_LIBS)
diff --git a/libknet/handle.c b/libknet/handle.c
@@ -8,6 +8,7 @@
 #include <sys/epoll.h>
 
 #include "libknet-private.h"
+#include "nsscrypto.h"
 
 #define KNET_MAX_EVENTS 8
 #define KNET_PING_TIMERES 200000
@@ -34,33 +35,32 @@ knet_handle_t knet_handle_new(const struct knet_handle_cfg *knet_handle_cfg)
 		errno = EINVAL;
 		return NULL;
 	}
-	/*
-	 * cryto hooks will validate crypto config
-	 */
-	//crypto_init
 
 	if ((knet_h = malloc(sizeof(struct knet_handle))) == NULL)
 		return NULL;
 
 	memset(knet_h, 0, sizeof(struct knet_handle));
 
-	if ((knet_h->tap_to_links_buf = malloc(KNET_DATABUFSIZE))== NULL)
+	if (crypto_init(knet_h, knet_handle_cfg) < 0)
 		goto exit_fail1;
 
+	if ((knet_h->tap_to_links_buf = malloc(KNET_DATABUFSIZE))== NULL)
+		goto exit_fail2;
+
 	memset(knet_h->tap_to_links_buf, 0, KNET_DATABUFSIZE);
 
 	if ((knet_h->recv_from_links_buf = malloc(KNET_DATABUFSIZE))== NULL)
-		goto exit_fail2;
+		goto exit_fail3;
 
 	memset(knet_h->recv_from_links_buf, 0, KNET_DATABUFSIZE);
 
 	if ((knet_h->pingbuf = malloc(KNET_PINGBUFSIZE))== NULL)
-		goto exit_fail3;
+		goto exit_fail4;
 
 	memset(knet_h->pingbuf, 0, KNET_PINGBUFSIZE);
 
 	if (pthread_rwlock_init(&knet_h->list_rwlock, NULL) != 0)
-		goto exit_fail4;
+		goto exit_fail5;
 
 	knet_h->sockfd = knet_handle_cfg->fd;
 	knet_h->tap_to_links_epollfd = epoll_create(KNET_MAX_EVENTS);
@@ -69,11 +69,11 @@ knet_handle_t knet_handle_new(const struct knet_handle_cfg *knet_handle_cfg)
 
 	if ((knet_h->tap_to_links_epollfd < 0) ||
 	    (knet_h->recv_from_links_epollfd < 0))
-		goto exit_fail5;
+		goto exit_fail6;
 
 	if ((_fdset_cloexec(knet_h->tap_to_links_epollfd) != 0) ||
 	    (_fdset_cloexec(knet_h->recv_from_links_epollfd != 0)))
-		goto exit_fail5;
+		goto exit_fail6;
 
 	memset(&ev, 0, sizeof(struct epoll_event));
 
@@ -82,45 +82,48 @@ knet_handle_t knet_handle_new(const struct knet_handle_cfg *knet_handle_cfg)
 
 	if (epoll_ctl(knet_h->tap_to_links_epollfd,
 				EPOLL_CTL_ADD, knet_h->sockfd, &ev) != 0)
-		goto exit_fail5;
+		goto exit_fail6;
 
 	if (pthread_create(&knet_h->tap_to_links_thread, 0,
 				_handle_tap_to_links_thread, (void *) knet_h) != 0)
-		goto exit_fail5;
+		goto exit_fail6;
 
 	if (pthread_create(&knet_h->recv_from_links_thread, 0,
 				_handle_recv_from_links_thread, (void *) knet_h) != 0)
-		goto exit_fail6;
+		goto exit_fail7;
 
 	if (pthread_create(&knet_h->heartbt_thread, 0,
 				_handle_heartbt_thread, (void *) knet_h) != 0)
-		goto exit_fail7;
+		goto exit_fail8;
 
 	return knet_h;
 
-exit_fail7:
+exit_fail8:
 	pthread_cancel(knet_h->recv_from_links_thread);
 
-exit_fail6:
+exit_fail7:
 	pthread_cancel(knet_h->tap_to_links_thread);
 
-exit_fail5:
+exit_fail6:
 	if (knet_h->tap_to_links_epollfd >= 0)
 		close(knet_h->tap_to_links_epollfd);
 	if (knet_h->recv_from_links_epollfd >= 0)
 		close(knet_h->recv_from_links_epollfd);
 
 	pthread_rwlock_destroy(&knet_h->list_rwlock);
 
-exit_fail4:
+exit_fail5:
 	free(knet_h->pingbuf);
 
-exit_fail3:
+exit_fail4:
 	free(knet_h->recv_from_links_buf);
 
-exit_fail2:
+exit_fail3:
 	free(knet_h->tap_to_links_buf);
 
+exit_fail2:
+	crypto_fini(knet_h);
+
 exit_fail1:
 	free(knet_h);
 	return NULL;
@@ -159,6 +162,8 @@ int knet_handle_free(knet_handle_t knet_h)
 	free(knet_h->recv_from_links_buf);
 	free(knet_h->pingbuf);
 
+	crypto_fini(knet_h);
+
 	free(knet_h);
 
 	return 0;

diff --git a/libknet/libknet-private.h b/libknet/libknet-private.h
@@ -26,12 +26,14 @@ struct knet_handle {
 	struct knet_host *host_index[KNET_MAX_HOST];
 	struct knet_listener *listener_head;
 	struct knet_frame *tap_to_links_buf;
+	char *tap_to_links_buf_crypt;
 	struct knet_frame *recv_from_links_buf;
 	struct knet_frame *pingbuf;
 	pthread_t tap_to_links_thread;
 	pthread_t recv_from_links_thread;
 	pthread_t heartbt_thread;
 	pthread_rwlock_t list_rwlock;
+	struct crypto_instance *crypto_instance;
 };
 
 int _fdset_cloexec(int fd);

diff --git a/libknet/libknet.h b/libknet/libknet.h
@@ -84,7 +84,7 @@ struct knet_handle_cfg {
 	uint16_t	node_id;
 	char		*crypto_cipher_type;
 	char		*crypto_hash_type;
-	char		*private_key;
+	unsigned char	*private_key;
 	unsigned int	private_key_len;
 };