diff --git a/CMakeLists.txt b/CMakeLists.txt index 82ae981f4..431e4a3c5 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -212,6 +212,7 @@ if (encryption) FIND_PACKAGE(OpenSSL REQUIRED) endif() add_definitions(-DTORRENT_USE_OPENSSL) + add_definitions(-DTORRENT_USE_LIBCRYPTO) include_directories(${OPENSSL_INCLUDE_DIR}) else() add_definitions(-DTORRENT_DISABLE_ENCRYPTION) diff --git a/ChangeLog b/ChangeLog index fe56c4592..7f4747ec9 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,4 @@ + * separated ssl and crypto options in build * remove lazy-bitfield feature * simplified suggest-read-cache feature to not depend on disk threads * removed option to disable contiguous receive buffers diff --git a/Jamfile b/Jamfile index ab0eac3d1..11a449da2 100644 --- a/Jamfile +++ b/Jamfile @@ -56,16 +56,24 @@ rule linking ( properties * ) { local result ; + # ssl=openssl => crypto=libcrypto + # this match the previous behavior + if openssl in $(properties) + && ! libcrypto in $(properties) + { + ECHO "with ssl=openssl the value for crypto must be libcrypto" ; + result += no ; + } + # openssl libraries, if enabled - if openssl in $(properties) + if openssl in $(properties) { # exclude gcc from a regular windows build to make mingw # link against the regular unix library name if windows in $(properties) - && ! gcc in $(properties) + && ! gcc in $(properties) { result += ssleay32 - libeay32 advapi32 user32 shell32 @@ -74,7 +82,28 @@ rule linking ( properties * ) } else { - result += crypto ssl ; + result += ssl ; + } + } + + if libcrypto in $(properties) + { + # exclude gcc from a regular windows build to make mingw + # link against the regular unix library name + if windows in $(properties) + && ! gcc in $(properties) + { + # it should be possible to cleanup this list, but this is safe for now + result += libeay32 + advapi32 + user32 + shell32 + gdi32 + ; + } + else + { + result += crypto ; } } @@ -95,7 +124,7 @@ rule linking ( properties * ) } # gcrypt libraries, if enabled - if gcrypt in $(properties) + if libgcrypt in $(properties) { # on mac os x, adding the /opt/local/include path # would include openssl headers incompatible with @@ -455,9 +484,12 @@ feature.compose off : TORRENT_DISABLE_ENCRYPTION ; feature mutable-torrents : on off : composite propagated link-incompatible ; feature.compose off : TORRENT_DISABLE_MUTABLE_TORRENTS ; -feature crypto : built-in openssl gcrypt : composite propagated ; -feature.compose openssl : TORRENT_USE_OPENSSL OPENSSL_NO_SSL2 ; -feature.compose gcrypt : TORRENT_USE_GCRYPT ; +feature crypto : built-in libcrypto libgcrypt : composite propagated ; +feature.compose libcrypto : TORRENT_USE_LIBCRYPTO ; +feature.compose libgcrypt : TORRENT_USE_LIBGCRYPT ; + +feature ssl : off openssl : composite propagated ; +feature.compose openssl : TORRENT_USE_OPENSSL OPENSSL_NO_SSL2 ; feature character-set : unicode ansi : composite propagated link-incompatible ; feature.compose unicode : _UNICODE UNICODE ; @@ -494,7 +526,7 @@ variant test_release : release off ; variant test_debug : debug - : openssl on on + : openssl libcrypto on on debug full shared on on multi on diff --git a/configure.ac b/configure.ac index cb023505e..c0bf48edb 100644 --- a/configure.ac +++ b/configure.ac @@ -386,7 +386,7 @@ AS_CASE(["$ARG_ENABLE_ENCRYPTION"], AX_CHECK_OPENSSL([ AC_DEFINE([TORRENT_USE_OPENSSL],[1],[Define to use OpenSSL support.]) - COMPILETIME_OPTIONS="$COMPILETIME_OPTIONS -DTORRENT_USE_OPENSSL " + COMPILETIME_OPTIONS="$COMPILETIME_OPTIONS -DTORRENT_USE_OPENSSL -DTORRENT_USE_LIBCRYPTO " ], [ AC_MSG_ERROR([OpenSSL library not found. Try using --with-openssl=DIR or disabling encryption at all.]) ]) diff --git a/docs/building.rst b/docs/building.rst index 38fe72b54..bdf327252 100644 --- a/docs/building.rst +++ b/docs/building.rst @@ -277,11 +277,18 @@ Build features: | | * ``off`` - mutable torrents are not supported. | +--------------------------+----------------------------------------------------+ | ``crypto`` | * ``built-in`` - (default) uses built-in SHA-1 | -| | implementation. | -| | * ``openssl`` - links against openssl and | -| | libcrypto to use for SHA-1 hashing. | -| | * ``gcrypt`` - links against libgcrypt to use for | -| | SHA-1 hashing. | +| | implementation. In macOS/iOS it uses | +| | CommonCrypto SHA-1 implementation. | +| | * ``libcrypto`` - links against libcrypto | +| | to use the SHA-1 implementation. | +| | * ``libgcrypt`` - links against libgcrypt | +| | to use the SHA-1 implementation. | ++--------------------------+----------------------------------------------------+ +| ``ssl`` | * ``off`` - (default) disable torrents over ssl | +| | feature. | +| | * ``openssl`` - links against openssl to enable | +| | torrents over ssl feature. Requires | +| | the option crypto=libcrypto. | +--------------------------+----------------------------------------------------+ | ``allocator`` | * ``pool`` - default, uses pool allocators for | | | send buffers. | @@ -566,8 +573,8 @@ defines you can use to control the build. | | encrypted supported by clients such as | | | uTorrent, Azureus and KTorrent. | | | If this is not defined, either | -| | ``TORRENT_USE_OPENSSL`` or | -| | ``TORRENT_USE_GCRYPT`` must be defined. | +| | ``TORRENT_USE_LIBCRYPTO`` or | +| | ``TORRENT_USE_LIBGCRYPT`` must be defined. | +----------------------------------------+-------------------------------------------------+ | ``TORRENT_DISABLE_EXTENSIONS`` | When defined, libtorrent plugin support is | | | disabled along with support for the extension | diff --git a/include/libtorrent/config.hpp b/include/libtorrent/config.hpp index 013654397..c812a8d9f 100644 --- a/include/libtorrent/config.hpp +++ b/include/libtorrent/config.hpp @@ -136,7 +136,7 @@ POSSIBILITY OF SUCH DAMAGE. #if MAC_OS_X_VERSION_MIN_REQUIRED >= 1070 // on OSX, use the built-in common crypto for built-in -# if !defined TORRENT_USE_OPENSSL && !defined TORRENT_USE_GCRYPT +# if !defined TORRENT_USE_LIBCRYPTO && !defined TORRENT_USE_LIBGCRYPT # define TORRENT_USE_COMMONCRYPTO 1 # endif // TORRENT_USE_OPENSSL #endif // MAC_OS_X_VERSION_MIN_REQUIRED diff --git a/include/libtorrent/hasher.hpp b/include/libtorrent/hasher.hpp index fd18f6892..78a29e1ac 100644 --- a/include/libtorrent/hasher.hpp +++ b/include/libtorrent/hasher.hpp @@ -39,14 +39,14 @@ POSSIBILITY OF SUCH DAMAGE. #include -#ifdef TORRENT_USE_GCRYPT +#ifdef TORRENT_USE_LIBGCRYPT #include #elif TORRENT_USE_COMMONCRYPTO #include -#elif defined TORRENT_USE_OPENSSL +#elif defined TORRENT_USE_LIBCRYPTO extern "C" { @@ -85,7 +85,7 @@ namespace libtorrent // ``update(data, len)``. hasher(const char* data, int len); -#ifdef TORRENT_USE_GCRYPT +#ifdef TORRENT_USE_LIBGCRYPT hasher(hasher const& h); hasher& operator=(hasher const& h); #endif @@ -105,11 +105,11 @@ namespace libtorrent private: -#ifdef TORRENT_USE_GCRYPT +#ifdef TORRENT_USE_LIBGCRYPT gcry_md_hd_t m_context; #elif TORRENT_USE_COMMONCRYPTO CC_SHA1_CTX m_context; -#elif defined TORRENT_USE_OPENSSL +#elif defined TORRENT_USE_LIBCRYPTO SHA_CTX m_context; #else sha_ctx m_context; diff --git a/include/libtorrent/settings_pack.hpp b/include/libtorrent/settings_pack.hpp index 2a8cfc5ac..0fb6751f3 100644 --- a/include/libtorrent/settings_pack.hpp +++ b/include/libtorrent/settings_pack.hpp @@ -190,7 +190,7 @@ namespace libtorrent // see proxy_type. proxy_hostname, - // when using a proxy, these are the credentials (if any) to use whne + // when using a proxy, these are the credentials (if any) to use when // connecting to it. see proxy_type proxy_username, proxy_password, diff --git a/src/hasher.cpp b/src/hasher.cpp index 17b810dc3..904740be0 100644 --- a/src/hasher.cpp +++ b/src/hasher.cpp @@ -31,17 +31,16 @@ POSSIBILITY OF SUCH DAMAGE. */ #include "libtorrent/hasher.hpp" -#include "libtorrent/sha1.hpp" namespace libtorrent { hasher::hasher() { -#ifdef TORRENT_USE_GCRYPT +#ifdef TORRENT_USE_LIBGCRYPT gcry_md_open(&m_context, GCRY_MD_SHA1, 0); #elif TORRENT_USE_COMMONCRYPTO CC_SHA1_Init(&m_context); -#elif defined TORRENT_USE_OPENSSL +#elif defined TORRENT_USE_LIBCRYPTO SHA1_Init(&m_context); #else SHA1_init(&m_context); @@ -52,13 +51,13 @@ namespace libtorrent { TORRENT_ASSERT(data != 0); TORRENT_ASSERT(len > 0); -#ifdef TORRENT_USE_GCRYPT +#ifdef TORRENT_USE_LIBGCRYPT gcry_md_open(&m_context, GCRY_MD_SHA1, 0); gcry_md_write(m_context, data, len); #elif TORRENT_USE_COMMONCRYPTO CC_SHA1_Init(&m_context); CC_SHA1_Update(&m_context, reinterpret_cast(data), len); -#elif defined TORRENT_USE_OPENSSL +#elif defined TORRENT_USE_LIBCRYPTO SHA1_Init(&m_context); SHA1_Update(&m_context, reinterpret_cast(data), len); #else @@ -67,7 +66,7 @@ namespace libtorrent #endif } -#ifdef TORRENT_USE_GCRYPT +#ifdef TORRENT_USE_LIBGCRYPT hasher::hasher(hasher const& h) { gcry_md_copy(&m_context, h.m_context); @@ -85,11 +84,11 @@ namespace libtorrent { TORRENT_ASSERT(data != 0); TORRENT_ASSERT(len > 0); -#ifdef TORRENT_USE_GCRYPT +#ifdef TORRENT_USE_LIBGCRYPT gcry_md_write(m_context, data, len); #elif TORRENT_USE_COMMONCRYPTO CC_SHA1_Update(&m_context, reinterpret_cast(data), len); -#elif defined TORRENT_USE_OPENSSL +#elif defined TORRENT_USE_LIBCRYPTO SHA1_Update(&m_context, reinterpret_cast(data), len); #else SHA1_update(&m_context, reinterpret_cast(data), len); @@ -100,12 +99,12 @@ namespace libtorrent sha1_hash hasher::final() { sha1_hash digest; -#ifdef TORRENT_USE_GCRYPT +#ifdef TORRENT_USE_LIBGCRYPT gcry_md_final(m_context); digest.assign((const char*)gcry_md_read(m_context, 0)); #elif TORRENT_USE_COMMONCRYPTO CC_SHA1_Final(digest.begin(), &m_context); -#elif defined TORRENT_USE_OPENSSL +#elif defined TORRENT_USE_LIBCRYPTO SHA1_Final(digest.begin(), &m_context); #else SHA1_final(digest.begin(), &m_context); @@ -115,11 +114,11 @@ namespace libtorrent void hasher::reset() { -#ifdef TORRENT_USE_GCRYPT +#ifdef TORRENT_USE_LIBGCRYPT gcry_md_reset(m_context); #elif TORRENT_USE_COMMONCRYPTO CC_SHA1_Init(&m_context); -#elif defined TORRENT_USE_OPENSSL +#elif defined TORRENT_USE_LIBCRYPTO SHA1_Init(&m_context); #else SHA1_init(&m_context); @@ -128,7 +127,7 @@ namespace libtorrent hasher::~hasher() { -#ifdef TORRENT_USE_GCRYPT +#ifdef TORRENT_USE_LIBGCRYPT gcry_md_close(m_context); #endif } diff --git a/src/session_impl.cpp b/src/session_impl.cpp index 21e59e9e8..4385e6df4 100644 --- a/src/session_impl.cpp +++ b/src/session_impl.cpp @@ -124,7 +124,7 @@ const rlim_t rlim_infinity = RLIM_INFINITY; #endif // TORRENT_DISABLE_LOGGING -#ifdef TORRENT_USE_GCRYPT +#ifdef TORRENT_USE_LIBGCRYPT extern "C" { GCRY_THREAD_OPTION_PTHREAD_IMPL; @@ -146,7 +146,7 @@ namespace } gcrypt_global_constructor; } -#endif // TORRENT_USE_GCRYPT +#endif // TORRENT_USE_LIBGCRYPT #ifdef TORRENT_USE_OPENSSL @@ -1840,6 +1840,24 @@ namespace aux { int const port = m_listen_interfaces[i].port; bool const ssl = m_listen_interfaces[i].ssl; +#ifndef TORRENT_USE_OPENSSL + if (ssl) + { +#ifndef TORRENT_DISABLE_LOGGING + session_log("attempted to listen ssl with no library support on device: \"%s\"" + , device.c_str()); +#endif + if (m_alerts.should_post()) + { + m_alerts.emplace_alert(device + , listen_failed_alert::open + , boost::asio::error::operation_not_supported + , listen_failed_alert::tcp_ssl); + } + continue; + } +#endif + // now we have a device to bind to. This device may actually just be an // IP address or a device name. In case it's a device name, we want to // (potentially) end up binding a socket for each IP address associated