Added hooks and code to build and link to NaCl static library

(static is always the safer option for crypto libraries to avoid nasty run-time suprises)
2025-01-29 15:43:56 +00:00 · 2011-10-17 08:11:05 +10:30 · 2011-10-17 08:11:05 +10:30 · f55a6525a2
commit f55a6525a2
parent 6ad98c6128
4 changed files with 107 additions and 7 deletions
--- a/11
+++ b/11
@ -9,18 +9,17 @@ OBJS=	dna.o server.o client.o peers.o ciphers.o responses.o packetformats.o data
 	overlay_packetformats.o overlay_abbreviations.o overlay_advertise.o

 HDRS=	Makefile mphlr.h
-#LDFLAGS=	-L/Developer/SDKs/MacOSX10.6.sdk/usr/lib
-#CFLAGS=	-I/Developer/SDKs/MacOSX10.6.sdk/usr/include
-#LDFLAGS= -L/opt/local/lib -lefence
-DEFS=	-DPACKAGE_NAME=\"\" -DPACKAGE_TARNAME=\"\" -DPACKAGE_VERSION=\"\" -DPACKAGE_STRING=\"\" -DPACKAGE_BUGREPORT=\"\" -DPACKAGE_URL=\"\" -DHAVE_LIBC=1 -DSTDC_HEADERS=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_SYS_STAT_H=1 -DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1 -DHAVE_MEMORY_H=1 -DHAVE_STRINGS_H=1 -DHAVE_INTTYPES_H=1 -DHAVE_STDINT_H=1 -DHAVE_UNISTD_H=1 -DHAVE_STDIO_H=1 -DHAVE_ERRNO_H=1 -DHAVE_STDLIB_H=1 -DHAVE_STRINGS_H=1 -DHAVE_UNISTD_H=1 -DHAVE_STRING_H=1 -DHAVE_ARPA_INET_H=1 -DHAVE_SYS_SOCKET_H=1 -DHAVE_SYS_MMAN_H=1 -DHAVE_SYS_TIME_H=1 -DHAVE_POLL_H=1 -DHAVE_NETDB_H=1 -DHAVE_NETINET_IN_H=1 -DHAVE_IFADDRS_H=1
+LDFLAGS=	 ./nacl-source/nacl-20110221/build/ServalMBP2/lib/amd64/libnacl.a
+CFLAGS=	-g -O2
+DEFS=	-DPACKAGE_NAME=\"\" -DPACKAGE_TARNAME=\"\" -DPACKAGE_VERSION=\"\" -DPACKAGE_STRING=\"\" -DPACKAGE_BUGREPORT=\"\" -DHAVE_LIBC=1 -DSTDC_HEADERS=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_SYS_STAT_H=1 -DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1 -DHAVE_MEMORY_H=1 -DHAVE_STRINGS_H=1 -DHAVE_INTTYPES_H=1 -DHAVE_STDINT_H=1 -DHAVE_UNISTD_H=1 -DHAVE_STDIO_H=1 -DHAVE_ERRNO_H=1 -DHAVE_STDLIB_H=1 -DHAVE_STRINGS_H=1 -DHAVE_UNISTD_H=1 -DHAVE_STRING_H=1 -DHAVE_ARPA_INET_H=1 -DHAVE_SYS_SOCKET_H=1 -DHAVE_SYS_MMAN_H=1 -DHAVE_SYS_TIME_H=1 -DHAVE_POLL_H=1 -DHAVE_NETDB_H=1 -DHAVE_NET_IF_H=1 -DHAVE_NETINET_IN_H=1 -DHAVE_IFADDRS_H=1 -DHAVE_NET_ROUTE_H=1

 all:	serval.c dna

 %.o:	%.c $(HDRS)
-	$(CC) $(CFLAGS) $(DEFS) -g -Wall -c $<
+	$(CC) $(CFLAGS) $(DEFS) -Os -g -Wall -c $<

 dna:	$(OBJS)
-	$(CC) $(CFLAGS) -g -Wall -o dna $(OBJS) $(LDFLAGS)
+	$(CC) $(CFLAGS) -Os -g -Wall -o dna $(OBJS) $(LDFLAGS)

 serval.c:	$(SRCS) $(HDRS)
 	cat mphlr.h > serval.c
--- a/configure.in
+++ b/configure.in
@ -6,7 +6,13 @@ AC_PROG_CC

 AC_CHECK_LIB(c,srandomdev)

-AC_CHECK_HEADERS(stdio.h errno.h stdlib.h strings.h unistd.h string.h arpa/inet.h sys/socket.h sys/mman.h sys/time.h poll.h netdb.h linux/if.h linux/netlink.h linux/rtnetlink.h net/if.h netinet/in.h ifaddrs.h)
+AC_CHECK_HEADERS(stdio.h errno.h stdlib.h strings.h unistd.h string.h arpa/inet.h sys/socket.h sys/mman.h sys/time.h poll.h netdb.h linux/if.h linux/netlink.h linux/rtnetlink.h net/if.h netinet/in.h ifaddrs.h net/route.h)
+
+echo "Fetching and building NaCl if required."
+echo "(this can take HOURS to build depending on your architecture,"
+echo " but fortunately it only needs to happen once.)"
+./nacl-gcc-prep
+LDFLAGS="$LDFLAGS "`cat naclbuilddir.txt`"/libnacl.a"

 AC_CHECK_LIB(nsl,callrpc,[LDFLAGS="$LDFLAGS -lnsl"])
 AC_CHECK_LIB(socket,socket,[LDFLAGS="$LDFLAGS -lsocket"])
--- a/mphlr.h
+++ b/mphlr.h
@ -29,6 +29,12 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 #include "win32/win32.h"
 #else
 #include <unistd.h>
+#ifdef HAVE_SYS_SOCKET_H
+#include <sys/socket.h>
+#endif
+#ifdef HAVE_NET_ROUTE_H
+     #include <net/route.h>
+#endif
 #ifdef HAVE_NET_IF_H
 #include <net/if.h>
 #endif
@ -845,3 +851,5 @@ extern overlay_node **overlay_nodes;

 int overlay_route_saw_advertisements(int i,overlay_frame *f, long long now);
 int overlay_route_please_advertise(overlay_node *n);
+
+#include "nacl.h"
--- a/87
+++ b/87
@ -0,0 +1,87 @@
+# Fetch latest version of source as recommended by nacl installation page
+if [ ! -e nacl-source.tar.bz2 ]; then
+   `wget -q -O - http://nacl.cr.yp.to/install.html | grep wget | sed -e 's/^ *//g' -e 's/^wget /wget -q -O nacl-source.tar.bz2 /'`
+fi
+
+# Extract tarball
+mkdir -p  nacl-source
+
+arlist=`find . -name libnacl.a`
+arcount=`echo $arlist | wc -l`
+if [ $arcount -eq 0 ]; then
+   cd nacl-source
+   bzip2 -d  ../nacl-source.tar | tar xvf -
+   nacldir=`echo *`
+   cd ${nacldir}
+
+   ./do
+
+   cd ..
+fi
+
+# Test which one works for us
+include=`find . -name crypto_box.h | head -1`
+cat <<EOF >test.c
+#include <stdio.h>
+#include "${include}"
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <unistd.h>
+
+/* it's really stupid that there isn't a syscall for this */
+
+static int fd = -1;
+
+void randombytes(unsigned char *x,unsigned long long xlen)
+{
+  int i;
+
+  if (fd == -1) {
+    for (;;) {
+      fd = open("/dev/urandom",O_RDONLY);
+      if (fd != -1) break;
+      sleep(1);
+    }
+  }
+
+  while (xlen > 0) {
+    if (xlen < 1048576) i = xlen; else i = 1048576;
+
+    i = read(fd,x,i);
+    if (i < 1) {
+      sleep(1);
+      continue;
+    }
+
+    x += i;
+    xlen -= i;
+  }
+}
+     
+     unsigned char pk[crypto_box_PUBLICKEYBYTES];
+     unsigned char sk[crypto_box_SECRETKEYBYTES];
+
+int main(int argc,char **argv) {
+
+     crypto_box_keypair(pk,sk);
+printf("The compilation worked.\n");
+}
+EOF
+for ar in $arlist
+do
+if [ -e test ]; then
+  rm test
+fi
+gcc -o test test.c $ar >/dev/null 2>&1
+if [ -e test ]; then
+  naclbuilddir=`echo $ar | sed -e s,/libnacl.a,,`
+  echo "${naclbuilddir}" > naclbuilddir.txt
+fi
+done
+if [ -e test ]; then
+  rm test
+fi
+
+includedir=`cat naclbuilddir.txt | sed s,/lib/,/include/,`
+ls -1 ${includedir} | sed -e 's,^,#include "'"${includedir}"'/,' -e 's,$,",' > nacl.h