set(UMURMUR_ROOT_PATH "${CMAKE_CURRENT_LIST_DIR}")
set(UMURMUR_BINARY_DIR ${CMAKE_BINARY_DIR})
+if(NOT CMAKE_BUILD_TYPE)
+ set(CMAKE_BUILD_TYPE Release CACHE STRING "The type of build product that should be produced.")
+endif(NOT CMAKE_BUILD_TYPE)
+
option(USE_POLARSSL_TESTCERT "Link to the PolarSSL test certificate and key." OFF)
option(USE_POLARSSL_HAVEGE "Use the PolarSSL HAVEGE random generator key." OFF)
set(SSLIMP_LIBRARIES ${OPENSSL_LIBRARIES})
set(SSLIMP_INCLUDE_DIR ${OPENSSL_INCLUDE_DIR})
set(SSLIMP_LIBRARY_DIR ${OPENSSL_LIB_DIR})
+
+ if(${CMAKE_SYSTEM_NAME} MATCHES "Darwin")
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wno-deprecated-declarations")
+ endif(${CMAKE_SYSTEM_NAME} MATCHES "Darwin")
+
endif(OPENSSL_FOUND)
elseif("${SSL}" STREQUAL "polarssl")
find_package(PolarSSL REQUIRED)
+0.2.16a:
+[FIX] Crash in SHM API during update (doctaweeks)
+[FIX] Failure to detect missing IPv6 support in FreeBSD jails (marcusball)
+[FIX] Compile-time check for availability of version_get_string (fatbob313)
+
0.2.16:
[FIX] Reworked timestamping code (fatbob313)
[FIX] Banning works again when using IPv6 (fatbob313 and fmorgner)
-uMurmur - minimalistic Mumble server
-====================================
-Project page on [GoogleCode](http://code.google.com/p/umurmur/)
+#About uMurmur
uMurmur is a minimalistic Mumble server primarily targeted to run on embedded computers, like routers, with an open OS like e.g. OpenWRT. The server part of Mumble is called Murmur, hence the name uMurmur. It is available as a precompiled package for quite a lot distributions. Check your distribution's package repository.
Instructions for building from source
-------------------------------------
-1. Requirements
- * [OpenSSL](http://www.openssl.org/) or [PolarSSL](http://polarssl.org/) library. For PolarSSL version 1.0.0 and above is required.
- * [libconfig](http://www.hyperrealm.com/libconfig/)
- * [libprotoc-c](http://code.google.com/p/protobuf-c/) version 1.0.0 (use --disable-protoc option in its ./configure to build only the library). If you for some reason have to run an earlier version you need to recompile the protocol file `Mumble.proto` using the protobuf compiler for the corresponding version.
- * [CMake](http://cmake.org) (optional)
-
-2. Build - CMake
- * Create a build folder and cd into it
- * `cmake ../` to use default settings (polarssl, no test-cert and /dev/urandom as source for randomness).
- * `make`
-
-2. Build - Autotools
- * Run `./autogen.sh`
- * Run `./configure` for default settings
- * `make`
-
-3. Install
- * `make install`
- * Edit the umurmur.conf found in the 'etc' folder in the prefix (eg. /usr/local) you installed to.
-
-4. Run `umurmurd -c <conf file> -p <PID file> -r`. For other switches and their meaning run `umurmurd -h`
-
-A startup script can easily be created if you want to. Just copy an existing script and edit it to your liking.
+[Build instructions](https://github.com/umurmur/umurmur/wiki/Building) can be found in the [wiki](https://github.com/umurmur/umurmur/wiki).
Contributors
------------
Support/Contact/Documentation
-----------------------------
-See the project page, link above.
+Please consult the [wiki](https://github.com/umurmur/umurmur/wiki) and use the [issue tracker](https://github.com/umurmur/umurmur/issues) to report problems with uMurmur or to submit feature requests.
Have fun!
AC_PREREQ([2.63])
AC_INIT([umurmur], [0.2.16], [https://github.com/umurmur/umurmur/issues/new], [umurmur], [http://github.com/umurmur/umurmur])
AC_CONFIG_SRCDIR([src/client.h])
-AC_CONFIG_HEADERS([src/config.h])
+AC_CONFIG_HEADERS([src/config.h:config.h.in])
AM_INIT_AUTOMAKE
AC_CANONICAL_HOST
+AM_SILENT_RULES([yes])
# Configure options.
AC_ARG_WITH([ssl], [AC_HELP_STRING([--with-ssl=@<:@LIB@:>@], [SSL library (openssl|polarssl|gnutls) @<:@default=polarssl@:>@])], [], [with_ssl=polarssl])
case $host_os in
darwin* )
AC_CHECK_FUNC([clock_get_time], [], [AC_MSG_ERROR([could not find clock_get_time()])])
+ CFLAGS+=" -Wno-deprecated-declarations"
;;
* )
AC_CHECK_FUNC([clock_gettime], [], [AC_CHECK_LIB([rt], [clock_gettime], [], [AC_MSG_ERROR([could not find clock_gettime() in librt])])])
AM_CONDITIONAL(USE_SHAREDMEMORY_API, false)
])
-
-
AC_DEFINE([DEFAULT_CONFIG], ["/etc/umurmur.conf"], [Default config])
# Checks for header files.
chlink.destination);
else
ch_dst = ch_itr;
-
+
chl = malloc(sizeof(channellist_t));
+ if(!chl)
+ Log_fatal("Out of memory");
chl->chan = ch_dst;
init_list_entry(&chl->node);
list_add_tail(&chl->node, &ch_src->channel_links);
channel_t *sub;
chl = malloc(sizeof(channellist_t));
+ if(!chl)
+ Log_fatal("Out of memory");
chl->chan = ch;
init_list_entry(&chl->node);
list_add_tail(&chl->node, head);
void Log_warn(const char *logstring, ...);
void Log_info(const char *logstring, ...);
void Log_info_client(client_t *client, const char *logstring, ...);
-void Log_fatal(const char *logstring, ...);
+void Log_fatal(const char *logstring, ...) __attribute__((__noreturn__));
void Log_init(bool_t terminal);
void Log_reset();
sendmsg->payload.channelState->n_links = ch_itr->linkcount;
links = (uint32_t *)malloc(ch_itr->linkcount * sizeof(uint32_t));
+ if(!links)
+ Log_fatal("Out of memory");
+
list_iterate(itr, &ch_itr->channel_links) { /* Iterate links */
channellist_t *chl;
channel_t *ch;
int testsocket = -1;
testsocket = socket(PF_INET, SOCK_STREAM, 0);
- hasv4 = (errno == EAFNOSUPPORT) ? false : true;
+ hasv4 = (errno == EAFNOSUPPORT || errno == EPROTONOSUPPORT) ? false : true;
if (!(testsocket < 0)) close(testsocket);
testsocket = socket(PF_INET6, SOCK_STREAM, 0);
- hasv6 = (errno == EAFNOSUPPORT) ? false : true;
+ hasv6 = (errno == EAFNOSUPPORT || errno == EPROTONOSUPPORT) ? false : true;
if (!(testsocket < 0)) close(testsocket);
if(!hasv4)
Log_info("IPv6 is not supported by this system");
nofServerSocks -= 2;
}
-
if(nofServerSocks == 0)
{
Log_fatal("Neither IPv4 nor IPv6 are supported by this system");
struct sockaddr_storage** Server_setupAddressesAndPorts()
{
struct sockaddr_storage** addresses = calloc(2, sizeof(void*));
+ if(!addresses)
+ Log_fatal("Not enough memory to allocate addresses");
struct sockaddr_storage* v4address = calloc(1, sizeof(struct sockaddr_storage));
+ if(!v4address)
+ Log_fatal("Not enough memory to allocate IPv4 address");
v4address->ss_family = AF_INET;
+
struct sockaddr_storage* v6address = calloc(1, sizeof(struct sockaddr_storage));
+ if(!v6address)
+ Log_fatal("Not enough memory to allocate IPv6 address");
v6address->ss_family = AF_INET6;
#if defined(__NetBSD__) || defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__APPLE__)
-#include "sharedmemory.h"\r
-\r
-int shm_fd;\r
-shm_t *shmptr = NULL;\r
-char shm_file_name[128];\r
-\r
-void Sharedmemory_init( int bindport, int bindport6 )\r
-{\r
-\r
- int server_max_clients = getIntConf(MAX_CLIENTS);\r
- int shmtotal_size = sizeof( shm_t ) + (sizeof( shmclient_t ) * server_max_clients);\r
-\r
- if( !bindport )\r
- {\r
- bindport = getIntConf(BINDPORT);\r
- }\r
-\r
- sprintf( shm_file_name, "/umurmurd:%i", bindport );\r
- Log_info("SHM_API: shm_fd=\"%s\"", shm_file_name );\r
-\r
- shm_fd = shm_open( shm_file_name, O_CREAT | O_RDWR, 0660 );\r
- if(shm_fd == -1)\r
- {\r
- Log_fatal( "SHM_API: Open failed:%s\n", strerror(errno));\r
- exit(EXIT_FAILURE);\r
- }\r
-\r
- if( ftruncate( shm_fd, shmtotal_size ) == -1 )\r
- {\r
- Sharedmemory_deinit();\r
- Log_fatal( "SHM_API: ftruncate : %s\n", strerror(errno));\r
- exit(EXIT_FAILURE);\r
- }\r
-\r
- shmptr = mmap( 0, shmtotal_size, PROT_READ | PROT_WRITE, MAP_SHARED, shm_fd, 0 );\r
- if (shmptr == MAP_FAILED)\r
- {\r
- Log_fatal( "SHM_API: mmap failed : %s\n", strerror(errno));\r
- exit(EXIT_FAILURE);\r
- }\r
-\r
- memset( shmptr, 0, shmtotal_size );\r
-\r
- shmptr->umurmurd_pid = getpid();\r
- shmptr->server_max_clients = server_max_clients;\r
- shmptr->shmtotal_size = shmtotal_size;\r
- shmptr->shmclient_size = sizeof( shmclient_t ) * shmptr->server_max_clients;\r
-\r
-}\r
-\r
-void Sharedmemory_update(void)\r
-{\r
-\r
- uint64_t now;\r
- unsigned int cc = 0;\r
- client_t *client_itr = NULL;\r
-\r
- memset( &shmptr->client[0], 0, shmptr->shmclient_size );\r
- shmptr->clientcount = Client_count();\r
-\r
- if( shmptr->clientcount )\r
- {\r
- Timer_init( &now );\r
- while( Client_iterate(&client_itr) != NULL )\r
- {\r
- if( client_itr->authenticated )\r
- {\r
- channel_t *channel = client_itr->channel;\r
-\r
- char* clientAddressString = Util_clientAddressToString( client_itr );\r
-\r
- strncpy( shmptr->client[cc].username, client_itr->username, 120 );\r
- strncpy( shmptr->client[cc].ipaddress, clientAddressString, INET6_ADDRSTRLEN - 1 );\r
- strncpy( shmptr->client[cc].channel, channel->name, 120 );\r
-\r
- strncpy( shmptr->client[cc].os, client_itr->os, 120 );\r
- strncpy( shmptr->client[cc].release, client_itr->release, 120 );\r
- strncpy( shmptr->client[cc].os_version, client_itr->os_version, 120 );\r
-\r
- shmptr->client[cc].tcp_port = Util_clientAddressToPortTCP( client_itr );\r
- shmptr->client[cc].udp_port = Util_clientAddressToPortUDP( client_itr );\r
-\r
- shmptr->client[cc].online_secs = ( now - client_itr->connectTime ) / 1000000LL;\r
- shmptr->client[cc].idle_secs = ( now - client_itr->idleTime ) / 1000000LL;\r
-\r
- shmptr->client[cc].bUDP = client_itr->bUDP;\r
- shmptr->client[cc].deaf = client_itr->deaf;\r
- shmptr->client[cc].mute = client_itr->mute;\r
- shmptr->client[cc].bOpus = client_itr->bOpus;\r
- shmptr->client[cc].self_deaf = client_itr->self_deaf;\r
- shmptr->client[cc].self_mute = client_itr->self_mute;\r
- shmptr->client[cc].recording = client_itr->recording;\r
- shmptr->client[cc].authenticated = client_itr->authenticated;\r
-\r
- shmptr->client[cc].availableBandwidth = client_itr->availableBandwidth;\r
-\r
- shmptr->client[cc].UDPPingAvg = client_itr->UDPPingAvg;\r
- shmptr->client[cc].UDPPingVar = client_itr->UDPPingVar;\r
- shmptr->client[cc].TCPPingAvg = client_itr->TCPPingAvg;\r
- shmptr->client[cc].TCPPingVar = client_itr->TCPPingVar;\r
-\r
- shmptr->client[cc].isAdmin = client_itr->isAdmin;\r
- shmptr->client[cc].isSuppressed = client_itr->isSuppressed;\r
-\r
- shmptr->client[cc].UDPPackets = client_itr->UDPPackets;\r
- shmptr->client[cc].TCPPackets = client_itr->TCPPackets;\r
-\r
- free(clientAddressString);\r
- }\r
- cc++;\r
- }\r
- }\r
-}\r
-void Sharedmemory_alivetick(void)\r
-{\r
- shmptr->alive++;\r
-}\r
-\r
-void Sharedmemory_deinit(void)\r
-{\r
- close( shm_fd );\r
- shm_unlink( shm_file_name );\r
- shmptr->umurmurd_pid = 0;\r
-}\r
+#include "sharedmemory.h"
+
+int shm_fd;
+shm_t *shmptr = NULL;
+char shm_file_name[128];
+
+void Sharedmemory_init( int bindport, int bindport6 )
+{
+
+ int server_max_clients = getIntConf(MAX_CLIENTS);
+ int shmtotal_size = sizeof( shm_t ) + (sizeof( shmclient_t ) * server_max_clients);
+
+ if( !bindport )
+ {
+ bindport = getIntConf(BINDPORT);
+ }
+
+ sprintf( shm_file_name, "/umurmurd:%i", bindport );
+ Log_info("SHM_API: shm_fd=\"%s\"", shm_file_name );
+
+ shm_fd = shm_open( shm_file_name, O_CREAT | O_RDWR, 0660 );
+ if(shm_fd == -1)
+ {
+ Log_fatal( "SHM_API: Open failed:%s\n", strerror(errno));
+ exit(EXIT_FAILURE);
+ }
+
+ if( ftruncate( shm_fd, shmtotal_size ) == -1 )
+ {
+ Sharedmemory_deinit();
+ Log_fatal( "SHM_API: ftruncate : %s\n", strerror(errno));
+ exit(EXIT_FAILURE);
+ }
+
+ shmptr = mmap( 0, shmtotal_size, PROT_READ | PROT_WRITE, MAP_SHARED, shm_fd, 0 );
+ if (shmptr == MAP_FAILED)
+ {
+ Log_fatal( "SHM_API: mmap failed : %s\n", strerror(errno));
+ exit(EXIT_FAILURE);
+ }
+
+ memset( shmptr, 0, shmtotal_size );
+
+ shmptr->umurmurd_pid = getpid();
+ shmptr->server_max_clients = server_max_clients;
+ shmptr->shmtotal_size = shmtotal_size;
+ shmptr->shmclient_size = sizeof( shmclient_t ) * shmptr->server_max_clients;
+
+}
+
+void Sharedmemory_update(void)
+{
+
+ uint64_t now;
+ unsigned int cc = 0;
+ client_t *client_itr = NULL;
+
+ memset( &shmptr->client[0], 0, shmptr->shmclient_size );
+ shmptr->clientcount = Client_count();
+
+ if( shmptr->clientcount )
+ {
+ Timer_init( &now );
+ while( Client_iterate(&client_itr) != NULL )
+ {
+ if( client_itr->authenticated && !client_itr->shutdown_wait )
+ {
+ channel_t *channel = client_itr->channel;
+
+ char* clientAddressString = Util_clientAddressToString( client_itr );
+
+ strncpy( shmptr->client[cc].username, client_itr->username, 120 );
+ strncpy( shmptr->client[cc].ipaddress, clientAddressString, INET6_ADDRSTRLEN - 1 );
+ strncpy( shmptr->client[cc].channel, channel->name, 120 );
+
+ strncpy( shmptr->client[cc].os, client_itr->os, 120 );
+ strncpy( shmptr->client[cc].release, client_itr->release, 120 );
+ strncpy( shmptr->client[cc].os_version, client_itr->os_version, 120 );
+
+ shmptr->client[cc].tcp_port = Util_clientAddressToPortTCP( client_itr );
+ shmptr->client[cc].udp_port = Util_clientAddressToPortUDP( client_itr );
+
+ shmptr->client[cc].online_secs = ( now - client_itr->connectTime ) / 1000000LL;
+ shmptr->client[cc].idle_secs = ( now - client_itr->idleTime ) / 1000000LL;
+
+ shmptr->client[cc].bUDP = client_itr->bUDP;
+ shmptr->client[cc].deaf = client_itr->deaf;
+ shmptr->client[cc].mute = client_itr->mute;
+ shmptr->client[cc].bOpus = client_itr->bOpus;
+ shmptr->client[cc].self_deaf = client_itr->self_deaf;
+ shmptr->client[cc].self_mute = client_itr->self_mute;
+ shmptr->client[cc].recording = client_itr->recording;
+ shmptr->client[cc].authenticated = client_itr->authenticated;
+
+ shmptr->client[cc].availableBandwidth = client_itr->availableBandwidth;
+
+ shmptr->client[cc].UDPPingAvg = client_itr->UDPPingAvg;
+ shmptr->client[cc].UDPPingVar = client_itr->UDPPingVar;
+ shmptr->client[cc].TCPPingAvg = client_itr->TCPPingAvg;
+ shmptr->client[cc].TCPPingVar = client_itr->TCPPingVar;
+
+ shmptr->client[cc].isAdmin = client_itr->isAdmin;
+ shmptr->client[cc].isSuppressed = client_itr->isSuppressed;
+
+ shmptr->client[cc].UDPPackets = client_itr->UDPPackets;
+ shmptr->client[cc].TCPPackets = client_itr->TCPPackets;
+
+ free(clientAddressString);
+ }
+ cc++;
+ }
+ }
+}
+void Sharedmemory_alivetick(void)
+{
+ shmptr->alive++;
+}
+
+void Sharedmemory_deinit(void)
+{
+ close( shm_fd );
+ shm_unlink( shm_file_name );
+ shmptr->umurmurd_pid = 0;
+}
-#ifndef SHAREDMEMORY_H_777736932196\r
-#define SHAREDMEMORY_H_777736932196\r
-\r
-#include <stdlib.h>\r
-#include <string.h>\r
-\r
-#include <fcntl.h> /* For O_* constants */ \r
-#include <unistd.h>\r
-#include <sys/mman.h>\r
-\r
-#include <netinet/in.h>\r
-#include "util.h"\r
-#include "conf.h" \r
-#include "client.h"\r
-#include "channel.h"\r
-#include "sharedmemory_struct.h" \r
-\r
-void Sharedmemory_init( int bindport, int bindport6 );\r
-void Sharedmemory_update(void);\r
-void Sharedmemory_alivetick(void);\r
-void Sharedmemory_deinit(void);\r
-\r
-#endif // SHAREDMEMORY_H_777736932196
\ No newline at end of file
+#ifndef SHAREDMEMORY_H_777736932196
+#define SHAREDMEMORY_H_777736932196
+
+#include <stdlib.h>
+#include <string.h>
+
+#include <fcntl.h> /* For O_* constants */
+#include <unistd.h>
+#include <sys/mman.h>
+
+#include <netinet/in.h>
+#include "util.h"
+#include "conf.h"
+#include "client.h"
+#include "channel.h"
+#include "sharedmemory_struct.h"
+
+void Sharedmemory_init( int bindport, int bindport6 );
+void Sharedmemory_update(void);
+void Sharedmemory_alivetick(void);
+void Sharedmemory_deinit(void);
+
+#endif // SHAREDMEMORY_H_777736932196
-#include <arpa/inet.h>\r
-#include <stdint.h>\r
-#include "types.h"\r
-\r
-typedef struct\r
-{\r
-\r
- char username[121];\r
- char ipaddress[INET6_ADDRSTRLEN];\r
- char channel[121];\r
- char os[121], release[121], os_version[121];\r
- int tcp_port, udp_port;\r
- bool_t bUDP, authenticated, deaf, mute, self_deaf, self_mute, recording, bOpus;\r
- int availableBandwidth;\r
- uint32_t online_secs, idle_secs;\r
- bool_t isAdmin;\r
- bool_t isSuppressed;\r
- float UDPPingAvg, UDPPingVar, TCPPingAvg, TCPPingVar;\r
- uint32_t UDPPackets, TCPPackets;\r
-\r
-}shmclient_t;\r
-\r
-typedef struct\r
-{\r
-\r
- int shmtotal_size, shmclient_size;\r
- int clientcount, server_max_clients;\r
- unsigned int umurmurd_pid;\r
- uint8_t alive;\r
- shmclient_t client[];\r
-\r
-}shm_t;\r
+#include <arpa/inet.h>
+#include <stdint.h>
+#include "types.h"
+
+typedef struct
+{
+
+ char username[121];
+ char ipaddress[INET6_ADDRSTRLEN];
+ char channel[121];
+ char os[121], release[121], os_version[121];
+ int tcp_port, udp_port;
+ bool_t bUDP, authenticated, deaf, mute, self_deaf, self_mute, recording, bOpus;
+ int availableBandwidth;
+ uint32_t online_secs, idle_secs;
+ bool_t isAdmin;
+ bool_t isSuppressed;
+ float UDPPingAvg, UDPPingVar, TCPPingAvg, TCPPingVar;
+ uint32_t UDPPackets, TCPPackets;
+
+} shmclient_t;
+
+typedef struct
+{
+
+ int shmtotal_size, shmclient_size;
+ int clientcount, server_max_clients;
+ unsigned int umurmurd_pid;
+ uint8_t alive;
+ shmclient_t client[];
+
+} shm_t;
static void SSL_initializeCert() {
- char *crt, *key, *pass;
+ char *crt = (char *)getStrConf(CERTIFICATE);
+ char *key = (char *)getStrConf(KEY);
- crt = (char *)getStrConf(CERTIFICATE);
- key = (char *)getStrConf(KEY);
- pass = (char *)getStrConf(PASSPHRASE);
+ if (context) {
+ bool did_load_cert = SSL_CTX_use_certificate_chain_file(context, crt);
+ rsa = SSL_readprivatekey(key);
- x509 = SSL_readcert(crt);
- rsa = SSL_readprivatekey(key);
- if (rsa != NULL) {
- pkey = EVP_PKEY_new();
- EVP_PKEY_assign_RSA(pkey, rsa);
- }
-
-
-#if 0
- /* Later ... */
- if (key && !x509) {
- qscCert = QSslCertificate(key);
- if (! qscCert.isNull()) {
- logthis("Using certificate from key.");
- }
- }
-
- if (! qscCert.isNull()) {
- QSsl::KeyAlgorithm alg = qscCert.publicKey().algorithm();
- /* Fetch algorith from cert */
- if (! key.isEmpty()) {
- /* get key */
- qskKey = QSslKey(key, alg, QSsl::Pem, QSsl::PrivateKey, pass);
- if (qskKey.isNull()) {
- logthis("Failed to parse key.");
- }
- }
+ if (!rsa || !did_load_cert) {
+ Log_info("Generating new server certificate.");
- if (! crt.isEmpty() && qskKey.isNull()) {
- /* get key from certificate */
- qskKey = QSslKey(crt, alg, QSsl::Pem, QSsl::PrivateKey, pass);
- if (! qskKey.isNull()) {
- logthis("Using key from certificate.");
- }
- }
- }
-#endif
+ CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
- if (!rsa || !x509) {
- Log_info("Generating new server certificate.");
+ x509 = X509_new();
+ pkey = EVP_PKEY_new();
+ rsa = RSA_generate_key(4096,RSA_F4,NULL,NULL);
+ EVP_PKEY_assign_RSA(pkey, rsa);
+ X509_set_version(x509, 2);
+ ASN1_INTEGER_set(X509_get_serialNumber(x509),1);
+ X509_gmtime_adj(X509_get_notBefore(x509),0);
+ X509_gmtime_adj(X509_get_notAfter(x509),60*60*24*365);
+ X509_set_pubkey(x509, pkey);
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+ X509_NAME *name=X509_get_subject_name(x509);
- x509 = X509_new();
- pkey = EVP_PKEY_new();
- rsa = RSA_generate_key(1024,RSA_F4,NULL,NULL);
- EVP_PKEY_assign_RSA(pkey, rsa);
+ X509_NAME_add_entry_by_txt(name, "CN", MBSTRING_ASC, (const uint8_t *)"Murmur Autogenerated Certificate v2", -1, -1, 0);
+ X509_set_issuer_name(x509, name);
+ SSL_add_ext(x509, NID_basic_constraints, "critical,CA:FALSE");
+ SSL_add_ext(x509, NID_ext_key_usage, "serverAuth,clientAuth");
+ SSL_add_ext(x509, NID_subject_key_identifier, "hash");
+ SSL_add_ext(x509, NID_netscape_comment, "Generated from umurmur");
- X509_set_version(x509, 2);
- ASN1_INTEGER_set(X509_get_serialNumber(x509),1);
- X509_gmtime_adj(X509_get_notBefore(x509),0);
- X509_gmtime_adj(X509_get_notAfter(x509),60*60*24*365);
- X509_set_pubkey(x509, pkey);
+ X509_sign(x509, pkey, EVP_md5());
- X509_NAME *name=X509_get_subject_name(x509);
+ SSL_writecert(crt, x509);
+ SSL_writekey(key, rsa);
- X509_NAME_add_entry_by_txt(name, "CN", MBSTRING_ASC, (const uint8_t *)"Murmur Autogenerated Certificate v2", -1, -1, 0);
- X509_set_issuer_name(x509, name);
- SSL_add_ext(x509, NID_basic_constraints, "critical,CA:FALSE");
- SSL_add_ext(x509, NID_ext_key_usage, "serverAuth,clientAuth");
- SSL_add_ext(x509, NID_subject_key_identifier, "hash");
- SSL_add_ext(x509, NID_netscape_comment, "Generated from umurmur");
+ SSL_CTX_use_certificate(context, x509);
+ } else {
+ pkey = EVP_PKEY_new();
+ EVP_PKEY_assign_RSA(pkey, rsa);
+ }
- X509_sign(x509, pkey, EVP_md5());
+ SSL_CTX_use_PrivateKey(context, pkey);
- SSL_writecert(crt, x509);
- SSL_writekey(key, rsa);
+ } else {
+ Log_fatal("Failed to initialize TLS context.");
}
}
void SSLi_init(void)
{
- SSL_METHOD *method;
SSL *ssl;
int i, offset = 0, cipherstringlen = 0;
STACK_OF(SSL_CIPHER) *cipherlist = NULL, *cipherlist_new = NULL;
SSL_CIPHER *cipher;
- char *cipherstring, tempstring[128];
+ char *cipherstring;
SSL_library_init();
- OpenSSL_add_all_algorithms(); /* load & register all cryptos, etc. */
- SSL_load_error_strings(); /* load all error messages */
- ERR_load_crypto_strings(); /* load all error messages */
- method = SSLv23_server_method(); /* create new server-method instance */
- context = SSL_CTX_new(method); /* create new context from method */
+ OpenSSL_add_all_algorithms();
+ SSL_load_error_strings();
+ ERR_load_crypto_strings();
+
+ context = SSL_CTX_new(SSLv23_server_method());
if (context == NULL)
{
ERR_print_errors_fp(stderr);
}
SSL_initializeCert();
- if (SSL_CTX_use_certificate(context, x509) <= 0)
- Log_fatal("Failed to initialize cert");
- if (SSL_CTX_use_PrivateKey(context, pkey) <= 0) {
- ERR_print_errors_fp(stderr);
- Log_fatal("Failed to initialize private key");
- }
/* Set cipher list */
ssl = SSL_new(context);
#ifndef VERSION_H_989876
#define VERSION_H_989876
-#define UMURMUR_VERSION "0.2.16"
+#define UMURMUR_VERSION "0.2.16a"
#define UMURMUR_CODENAME "Agrajag"
#endif