Georg/luksrku
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Assume system-wide installed OpenSSL v1.1

Browse Source 
After Debian has pretty much migrated to v1.1, we now assume that
OpenSSL is preinstalled system-wide -- it's not experimental anymore.
Currently we assume it's preinstalled in /usr/local.
This commit is contained in:
Johannes Bauer 2018-01-16 18:59:50 +01:00
parent b8659ae8fc
commit 781b10c0c9
3 changed files with 15 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
Makefile
View File

@ -2,13 +2,10 @@
all: luksrku luksrku-config
INSTALL_PREFIX := /usr/local/
OPENSSL_DIR := `pwd`/openssl-1.1.0e/
#OPENSSL_DIR := /home/joe/openssl/
#LIBDIR := /usr/lib/x86_64-linux-gnu/
LIBDIR := $(OPENSSL_DIR)
CFLAGS := -std=c11 -Wall -Wextra -O2 -pthread -D_POSIX_SOURCE -D_XOPEN_SOURCE=500 -Wmissing-prototypes -Wstrict-prototypes -Wno-unused-parameter -I$(OPENSSL_DIR)include
CFLAGS := -std=c11 -Wall -Wextra -O2 -pthread -D_POSIX_SOURCE -D_XOPEN_SOURCE=500 -Wmissing-prototypes -Wstrict-prototypes -Wno-unused-parameter
#CFLAGS += -g -DDEBUG
LDFLAGS := -L$(OPENSSL_DIR) -lcrypto -lssl
LDFLAGS := -lcrypto -lssl
LDFLAGS += -L/usr/local/lib
#LDFLAGS := -static $(LIBDIR)libssl.a $(LIBDIR)libcrypto.a
#LDFLAGS := -static $(LIBDIR)libssl.a $(LIBDIR)libcrypto.a -ldl
@ -20,24 +17,21 @@ install: all
cp luksrku luksrku-config $(INSTALL_PREFIX)sbin/
chown root:root $(INSTALL_PREFIX)sbin/luksrku $(INSTALL_PREFIX)sbin/luksrku-config
chmod 755 $(INSTALL_PREFIX)sbin/luksrku $(INSTALL_PREFIX)sbin/luksrku-config
cp -a $(OPENSSL_DIR)libssl* $(OPENSSL_DIR)libcrypto* $(INSTALL_PREFIX)lib/
ldconfig
clean:
rm -f $(OBJS) $(OBJS_CFG) luksrku luksrku-config
valgrind: luksrku
LD_LIBRARY_PATH=$(OPENSSL_DIR) valgrind --leak-check=full --show-leak-kinds=all ./luksrku -v --client-mode -k client_keys.bin
#LD_LIBRARY_PATH=$(OPENSSL_DIR) valgrind --leak-check=full --show-leak-kinds=all ./luksrku -v --server-mode -k server_key.bin
valgrind --leak-check=full --show-leak-kinds=all ./luksrku -v --client-mode -k client_keys.bin
test: luksrku
LD_LIBRARY_PATH=$(OPENSSL_DIR) ./luksrku -v --server-mode -k server_key.bin
./luksrku -v --server-mode -k server_key.bin
gdb: luksrku
LD_LIBRARY_PATH=$(OPENSSL_DIR) gdb --args ./luksrku -v --server-mode -k server_key.bin
gdb --args ./luksrku -v --server-mode -k server_key.bin
testclient: luksrku
LD_LIBRARY_PATH=$(OPENSSL_DIR) ./luksrku -v --client-mode -k client_keys.bin
./luksrku -v --client-mode -k client_keys.bin
derive: luksrku-config
./luksrku-config server server_key.txt server_key.bin

19
build_openssl
View File

@ -1,19 +0,0 @@
#!/bin/bash
#
#
VERSION="1.1.0e"
URL="https://www.openssl.org/source/openssl-${VERSION}.tar.gz"
LOCAL_TARGZ="openssl-${VERSION}.tar.gz"
LOCAL_DIR="openssl-${VERSION}"
if [ ! -f "$LOCAL_TARGZ" ]; then
wget "$URL"
fi
if [ ! -d "$LOCAL_DIR" ]; then
tar xfz "$LOCAL_TARGZ"
cd "$LOCAL_DIR"
./config
make -j 16
fi

12
luksrku.c
View File

@ -33,6 +33,10 @@
#include "log.h"
#include "keyfile.h"
#if OPENSSL_VERSION_NUMBER < 0x010100000
#error "luksrku requires at least OpenSSL v1.1 to work."
#endif
int main(int argc, char **argv) {
#ifdef DEBUG
fprintf(stderr, "WARNING: This has been compiled in DEBUG mode and uses reduced security.\n");
@ -66,7 +70,7 @@ int main(int argc, char **argv) {
#ifdef DEBUG
keydb_dump(&keydb);
#endif
if (keydb.entrycnt == 0) {
log_msg(LLVL_FATAL, "Key database file %s contains no keys.", options.keydbfile);
success = false;
@ -79,13 +83,13 @@ int main(int argc, char **argv) {
success = false;
break;
}
if (keydb_disk_key_count(&keydb) != 0) {
log_msg(LLVL_FATAL, "Server configuration files may not contain disk unlocking keys.");
success = false;
break;
}
if (!dtls_server(keydb_getentry(&keydb, 0), &options)) {
log_msg(LLVL_FATAL, "Failed to start DTLS server.");
success = false;
@ -99,7 +103,7 @@ int main(int argc, char **argv) {
}
}
} while (false);
keydb_free(&keydb);
if (!success) {
exit(EXIT_FAILURE);