From: Francis Dupont Date: Wed, 24 Feb 2021 13:37:44 +0000 (+0100) Subject: [#1661] Extracted asiolink part X-Git-Tag: Kea-1.9.6~173 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5eea88319ce60af36e630bfbc07148256b3592b0;p=thirdparty%2Fkea.git [#1661] Extracted asiolink part --- diff --git a/doc/sphinx/arm/install.rst b/doc/sphinx/arm/install.rst index 94d58e5dc4..095a90f669 100644 --- a/doc/sphinx/arm/install.rst +++ b/doc/sphinx/arm/install.rst @@ -72,8 +72,8 @@ the system: versions). The Boost system library must also be installed. Installing a header-only version of Boost is no longer recommended. -- OpenSSL (at least version 1.0.1) or Botan (at least version 2). - Note that OpenSSL version 1.0.2 or 1.1.0 or later is strongly recommended. +- OpenSSL (at least version 1.0.2) or Botan (at least version 2). + Note that OpenSSL version 1.1.1 or later is strongly recommended. - log4cplus (at least version 1.0.3) development include headers. diff --git a/m4macros/ax_crypto.m4 b/m4macros/ax_crypto.m4 index 4733164583..0e98bcc670 100644 --- a/m4macros/ax_crypto.m4 +++ b/m4macros/ax_crypto.m4 @@ -284,7 +284,7 @@ else if test "${use_openssl}" = "/usr" ; then CRYPTO_CFLAGS="" CRYPTO_INCLUDES="" - CRYPTO_LIBS="-lcrypto" + CRYPTO_LIBS="-lssl -lcrypto" DISTCHECK_CRYPTO_CONFIGURE_FLAG="--with-openssl" else CRYPTO_CFLAGS="" @@ -292,20 +292,20 @@ else DISTCHECK_CRYPTO_CONFIGURE_FLAG="--with-openssl=${use_openssl}" case $host in *-solaris*) - CRYPTO_LIBS="-L${use_openssl}/lib -R${use_openssl}/lib -lcrypto" + CRYPTO_LIBS="-L${use_openssl}/lib -R${use_openssl}/lib -lssl -lcrypto" ;; *-hp-hpux*) - CRYPTO_LIBS="-L${use_openssl}/lib -Wl,+b: -lcrypto" + CRYPTO_LIBS="-L${use_openssl}/lib -Wl,+b: -lssl -lcrypto" ;; *-apple-darwin*) if test -f "${use_openssl}/lib/libcrypto.dylib" ; then - CRYPTO_LIBS="-L${use_openssl}/lib -lcrypto" + CRYPTO_LIBS="-L${use_openssl}/lib -lssl -lcrypto" else - CRYPTO_LIBS="${use_openssl}/lib/libcrypto.a" + CRYPTO_LIBS="${use_openssl}/lib/libssl.a ${use_openssl}/lib/libcrypto.a" fi ;; *) - CRYPTO_LIBS="-L${use_openssl}/lib -lcrypto" + CRYPTO_LIBS="-L${use_openssl}/lib -lssl -lcrypto" ;; esac fi @@ -357,6 +357,9 @@ EOF ])], [AC_MSG_RESULT([yes])], [AC_MSG_ERROR([HMAC functions return void: please use OpenSSL version 1.0.1 or later])]) + dnl Check boost ASIO SSL + AC_CHECK_HEADERS([boost/asio/ssl.hpp],, + [AC_MSG_ERROR([Missing required boost ssl header file])]) LIBS=${LIBS_SAVED} CPPFLAGS=${CPPFLAGS_SAVED} fi diff --git a/src/lib/asiolink/Makefile.am b/src/lib/asiolink/Makefile.am index 0be470ffaf..232e072701 100644 --- a/src/lib/asiolink/Makefile.am +++ b/src/lib/asiolink/Makefile.am @@ -1,7 +1,7 @@ SUBDIRS = . testutils tests AM_CPPFLAGS = -I$(top_srcdir)/src/lib -I$(top_builddir)/src/lib -AM_CPPFLAGS += $(BOOST_INCLUDES) +AM_CPPFLAGS += $(BOOST_INCLUDES) $(CRYPTO_CFLAGS) $(CRYPTO_INCLUDES) AM_CXXFLAGS = $(KEA_CXXFLAGS) -Wno-non-virtual-dtor @@ -12,10 +12,12 @@ CLEANFILES = *.gcno *.gcda lib_LTLIBRARIES = libkea-asiolink.la libkea_asiolink_la_LDFLAGS = -no-undefined -version-info 23:0:0 +libkea_asiolink_la_LDFLAGS += $(CRYPTO_LDFLAGS) libkea_asiolink_la_SOURCES = asiolink.h libkea_asiolink_la_SOURCES += asio_wrapper.h libkea_asiolink_la_SOURCES += addr_utilities.cc addr_utilities.h +libkea_asiolink_la_SOURCES += crypto_tls.h libkea_asiolink_la_SOURCES += dummy_io_cb.h libkea_asiolink_la_SOURCES += interval_timer.cc interval_timer.h libkea_asiolink_la_SOURCES += io_acceptor.h @@ -30,18 +32,27 @@ libkea_asiolink_la_SOURCES += process_spawn.h process_spawn.cc libkea_asiolink_la_SOURCES += tcp_acceptor.h libkea_asiolink_la_SOURCES += tcp_endpoint.h libkea_asiolink_la_SOURCES += tcp_socket.h +libkea_asiolink_la_SOURCES += tls_acceptor.h +libkea_asiolink_la_SOURCES += tls_socket.h libkea_asiolink_la_SOURCES += udp_endpoint.h libkea_asiolink_la_SOURCES += udp_socket.h libkea_asiolink_la_SOURCES += unix_domain_socket.cc unix_domain_socket.h libkea_asiolink_la_SOURCES += unix_domain_socket_acceptor.h libkea_asiolink_la_SOURCES += unix_domain_socket_endpoint.h +if HAVE_BOTAN +#libkea_asiolink_la_SOURCES += botan_tls.cc botan_tls.h +endif +if HAVE_OPENSSL +libkea_asiolink_la_SOURCES += openssl_tls.cc openssl_tls.h +endif + # Note: the ordering matters: -Wno-... must follow -Wextra (defined in # KEA_CXXFLAGS) libkea_asiolink_la_CXXFLAGS = $(AM_CXXFLAGS) libkea_asiolink_la_CPPFLAGS = $(AM_CPPFLAGS) libkea_asiolink_la_LIBADD = $(top_builddir)/src/lib/exceptions/libkea-exceptions.la -libkea_asiolink_la_LIBADD += $(BOOST_LIBS) +libkea_asiolink_la_LIBADD += $(BOOST_LIBS) $(CRYPTO_LIBS) # Specify the headers for copying into the installation directory tree. libkea_asiolink_includedir = $(pkgincludedir)/asiolink @@ -49,6 +60,7 @@ libkea_asiolink_include_HEADERS = \ addr_utilities.h \ asio_wrapper.h \ asiolink.h \ + crypto_tls.h \ dummy_io_cb.h \ interval_timer.h \ io_acceptor.h \ @@ -63,8 +75,18 @@ libkea_asiolink_include_HEADERS = \ tcp_acceptor.h \ tcp_endpoint.h \ tcp_socket.h \ + tls_acceptor.h \ + tls_socket.h \ udp_endpoint.h \ udp_socket.h \ unix_domain_socket.h \ unix_domain_socket_acceptor.h \ unix_domain_socket_endpoint.h + +if HAVE_BOTAN +libkea_asiolink_include_HEADERS += botan_tls.h +endif + +if HAVE_OPENSSL +libkea_asiolink_include_HEADERS += openssl_tls.h +endif diff --git a/src/lib/asiolink/tests/Makefile.am b/src/lib/asiolink/tests/Makefile.am index e51244bae3..94f00657e8 100644 --- a/src/lib/asiolink/tests/Makefile.am +++ b/src/lib/asiolink/tests/Makefile.am @@ -1,8 +1,8 @@ AM_CPPFLAGS = -I$(top_srcdir)/src/lib -I$(top_builddir)/src/lib -AM_CPPFLAGS += $(BOOST_INCLUDES) -AM_CPPFLAGS += -DTEST_DATA_DIR=\"$(srcdir)/testdata\" -AM_CPPFLAGS += -DTEST_DATA_BUILDDIR=\"$(abs_top_builddir)/src/lib/asiolink/tests\" +AM_CPPFLAGS += $(BOOST_INCLUDES) $(CRYPTO_CFLAGS) $(CRYPTO_INCLUDES) AM_CPPFLAGS += -DTEST_SCRIPT_SH=\"$(abs_top_builddir)/src/lib/asiolink/tests/process_spawn_app.sh\" +TEST_CA_DIR = $(abs_srcdir)/../testutils/ca +AM_CPPFLAGS += -DTEST_CA_DIR=\"$(TEST_CA_DIR)\" AM_CXXFLAGS = $(KEA_CXXFLAGS) @@ -37,8 +37,11 @@ run_unittests_SOURCES += io_service_unittest.cc run_unittests_SOURCES += io_service_signal_unittests.cc run_unittests_SOURCES += dummy_io_callback_unittest.cc run_unittests_SOURCES += tcp_acceptor_unittest.cc -run_unittests_SOURCES += process_spawn_unittest.cc run_unittests_SOURCES += unix_domain_socket_unittest.cc +run_unittests_SOURCES += process_spawn_unittest.cc +run_unittests_SOURCES += tls_unittest.cc +run_unittests_SOURCES += tls_acceptor_unittest.cc +run_unittests_SOURCES += tls_socket_unittest.cc run_unittests_CPPFLAGS = $(AM_CPPFLAGS) $(GTEST_INCLUDES) @@ -48,9 +51,10 @@ run_unittests_LDADD += $(top_builddir)/src/lib/log/libkea-log.la run_unittests_LDADD += $(top_builddir)/src/lib/util/unittests/libutil_unittests.la run_unittests_LDADD += $(top_builddir)/src/lib/util/libkea-util.la run_unittests_LDADD += $(top_builddir)/src/lib/exceptions/libkea-exceptions.la -run_unittests_LDADD += $(LOG4CPLUS_LIBS) $(BOOST_LIBS) $(GTEST_LDADD) +run_unittests_LDADD += $(LOG4CPLUS_LIBS) $(BOOST_LIBS) $(CRYPTO_LIBS) +run_unittests_LDADD += $(GTEST_LDADD) -run_unittests_LDFLAGS = $(AM_LDFLAGS) $(GTEST_LDFLAGS) +run_unittests_LDFLAGS = $(AM_LDFLAGS) $(CRYPTO_LDFLAGS) $(GTEST_LDFLAGS) # Note: the ordering matters: -Wno-... must follow -Wextra (defined in # KEA_CXXFLAGS) diff --git a/src/lib/asiolink/testutils/Makefile.am b/src/lib/asiolink/testutils/Makefile.am index a20cae5432..09d780c08e 100644 --- a/src/lib/asiolink/testutils/Makefile.am +++ b/src/lib/asiolink/testutils/Makefile.am @@ -1,10 +1,40 @@ SUBDIRS = . AM_CPPFLAGS = -I$(top_builddir)/src/lib -I$(top_srcdir)/src/lib -AM_CPPFLAGS += $(BOOST_INCLUDES) +AM_CPPFLAGS += $(BOOST_INCLUDES) $(CRYPTO_CFLAGS) $(CRYPTO_INCLUDES) +TEST_CA_DIR = $(abs_srcdir)/ca +AM_CPPFLAGS += -DTEST_CA_DIR=\"$(TEST_CA_DIR)\" AM_CXXFLAGS = $(KEA_CXXFLAGS) +EXTRA_DIST = +EXTRA_DIST += ca/0c7eedb9.0 +EXTRA_DIST += ca/26d052a5.0 +EXTRA_DIST += ca/3071e5ff.0 +EXTRA_DIST += ca/a465d731.0 +EXTRA_DIST += ca/ad950210.0 +EXTRA_DIST += ca/d3d11a5f.0 +EXTRA_DIST += ca/doc +EXTRA_DIST += ca/ext-addr-conf.cnf +EXTRA_DIST += ca/ext-conf.cnf +EXTRA_DIST += ca/kea-ca.crt +EXTRA_DIST += ca/kea-ca.key +EXTRA_DIST += ca/kea-client.crt +EXTRA_DIST += ca/kea-client.csr +EXTRA_DIST += ca/kea-client.key +EXTRA_DIST += ca/kea-client.p12 +EXTRA_DIST += ca/kea-other.crt +EXTRA_DIST += ca/kea-other.key +EXTRA_DIST += ca/kea-self.crt +EXTRA_DIST += ca/kea-self.key +EXTRA_DIST += ca/kea-server-addr.crt +EXTRA_DIST += ca/kea-server-addr.csr +EXTRA_DIST += ca/kea-server.crt +EXTRA_DIST += ca/kea-server.csr +EXTRA_DIST += ca/kea-server.key +EXTRA_DIST += ca/server-addr-conf.cnf +EXTRA_DIST += ca/server-conf.cnf + CLEANFILES = *.gcno *.gcda if HAVE_GTEST @@ -13,13 +43,37 @@ noinst_LTLIBRARIES = libasiolinktest.la libasiolinktest_la_SOURCES = test_server_unix_socket.cc test_server_unix_socket.h libasiolinktest_la_SOURCES += timed_signal.cc timed_signal.h +libasiolinktest_la_SOURCES += test_tls.cc test_tls.h libasiolinktest_la_CXXFLAGS = $(AM_CXXFLAGS) libasiolinktest_la_CPPFLAGS = $(AM_CPPFLAGS) $(GTEST_INCLUDES) -libasiolinktest_la_LDFLAGS = $(AM_LDFLAGS) +libasiolinktest_la_LDFLAGS = $(AM_LDFLAGS) $(CRYPTO_LDFLAGS) libasiolinktest_la_LIBADD = $(top_builddir)/src/lib/asiolink/libkea-asiolink.la libasiolinktest_la_LIBADD += $(top_builddir)/src/lib/exceptions/libkea-exceptions.la -libasiolinktest_la_LIBADD += $(BOOST_LIBS) +libasiolinktest_la_LIBADD += $(BOOST_LIBS) $(CRYPTO_LIBS) + +if HAVE_OPENSSL +# Boost ASIO SSL sample server and client for C++11. +# https://www.boost.org/doc/libs/1_75_0/doc/html/boost_asio/example/cpp11/ssl/ +# openssl_sample_server +# openssl_sample_server + +noinst_PROGRAMS = openssl_sample_client openssl_sample_server + +openssl_sample_client_SOURCES = openssl_sample_client.cpp +openssl_sample_client_CPPFLAGS = $(AM_CPPFLAGS) +openssl_sample_client_LDFLAGS = $(AM_LDFLAGS) $(CRYPTO_LDFLAGS) +openssl_sample_client_LDADD = $(CRYPTO_LIBS) + +openssl_sample_server_SOURCES = openssl_sample_server.cpp +openssl_sample_server_CPPFLAGS = $(AM_CPPFLAGS) +openssl_sample_server_LDFLAGS = $(AM_LDFLAGS) $(CRYPTO_LDFLAGS) +openssl_sample_server_LDADD = $(CRYPTO_LIBS) +endif endif + + + +