From 5f682ca276db01537a2e327ae06ffcf8dfb66161 Mon Sep 17 00:00:00 2001 From: Julien BLACHE Date: Wed, 1 Apr 2009 17:45:27 +0200 Subject: [PATCH] Remove unused SSL support Unused, and anyway OpenSSL is not compatible with the GPL. --- configure.in | 33 -------- src/Makefile.am | 2 +- src/ssl.c | 202 ------------------------------------------------ src/ssl.h | 34 -------- src/webserver.h | 4 - 5 files changed, 1 insertion(+), 274 deletions(-) delete mode 100644 src/ssl.c delete mode 100644 src/ssl.h diff --git a/configure.in b/configure.in index 9f9ad2c0..e5577c5d 100644 --- a/configure.in +++ b/configure.in @@ -40,7 +40,6 @@ AC_DEFINE_UNQUOTED(CONFFILE,"${CONFFILE}",Where the config file is) use_ffmpeg=true; use_upnp=false; -use_ssl=false use_iconv=true STATIC_LIBS=no @@ -80,15 +79,11 @@ AC_ARG_ENABLE(ffmpeg, AC_HELP_STRING([--disable-ffmpeg], [Disable ffmpeg transco AC_ARG_ENABLE(upnp, AC_HELP_STRING([--enable-upnp], [Enable upnp support]), CPPFLAGS="${CPPFLAGS} -DUPNP"; use_upnp=true;) -AC_ARG_ENABLE(ssl, AC_HELP_STRING([--enable-ssl], [Enable SSL support in web server]), - CPPFLAGS="${CPPFLAGS} -DUSE_SSL"; use_ssl=true; ) - AM_CONDITIONAL(COND_OGGVORBIS, test x$use_oggvorbis = xtrue) AM_CONDITIONAL(COND_FLAC, test x$use_flac = xtrue) AM_CONDITIONAL(COND_MUSEPACK, test x$use_musepack = xtrue) AM_CONDITIONAL(COND_FFMPEG,test x$use_ffmpeg = xtrue) AM_CONDITIONAL(COND_UPNP,test x$use_upnp = xtrue) -AM_CONDITIONAL(COND_SSL,test x$use_ssl = xtrue) #AM_CONDITIONAL(COND_NEED_STRCASESTR,false) #AM_CONDITIONAL(COND_NEED_STRSEP,false) @@ -115,22 +110,6 @@ AC_ARG_WITH(static-libs, fi ]) -AC_ARG_WITH(ssl-includes, - [--with-ssl-includes[[=DIR]] use ssl include files in DIR],[ - if test "$withval" != "no" -a "$withval" != "yes"; then - Z_DIR=$withval - CPPFLAGS="${CPPFLAGS} -I$withval" - fi -]) - -AC_ARG_WITH(ssl-libs, - [--with-ssl-libs[[=DIR]] use ssl lib files in DIR],[ - if test "$withval" != "no" -a "$withval" != "yes"; then - Z_DIR=$withval - LDFLAGS="${LDFLAGS} -L$withval -R$withval" - fi -]) - AC_ARG_WITH(id3tag, [--with-id3tag[[=DIR]] use id3tag in DIR],[ if test "$withval" != "no" -a "$withval" != "yes"; then @@ -160,18 +139,6 @@ else fi CFLAGS=$oldcflags -if test x$use_ssl = xtrue; then - AC_CHECK_HEADERS(openssl/ssl.h,, [ - AC_MSG_ERROR([ssl.h not found... Must have ssl headers installed])]) - AC_CHECK_LIB(ssl,SSL_library_init,,echo "Must have openssl libraries installed";exit) - - if test x"$STATIC_LIBS" != x"no"; then - LIBS="${LIBS} ${STATIC_LIBS}/libssl.a ${STATIC_LIBS}/libcrypto.a" - else - LIBS="${LIBS} -lssl -lcrypto" - fi -fi - if test x$use_oggvorbis = xtrue; then AC_CHECK_HEADERS(ogg/ogg.h,, [ AC_MSG_ERROR([ogg/ogg.h not found... Must have libogg installed for Ogg/Vorbis support])]) diff --git a/src/Makefile.am b/src/Makefile.am index a1535133..1c1129b8 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -35,7 +35,7 @@ mt_daapd_SOURCES = main.c daapd.h rend.h webserver.c \ smart-parser.c smart-parser.h xml-rpc.c xml-rpc.h \ os.h ll.c ll.h conf.c conf.h compat.c compat.h util.c util.h \ os-unix.h os-unix.c os.h plugin.c plugin.h db-sql-updates.c \ - ssl.h io.h io.c io-errors.h io-plugin.h \ + io.h io.c io-errors.h io-plugin.h \ bsd-snprintf.c bsd-snprintf.h \ rend-avahi.c \ db-sql.c db-sql.h db-sql-sqlite3.c db-sql-sqlite3.h\ diff --git a/src/ssl.c b/src/ssl.c deleted file mode 100644 index 3bef2672..00000000 --- a/src/ssl.c +++ /dev/null @@ -1,202 +0,0 @@ -/* - * $Id: $ - * SSL Routines - * - * Copyright (C) 2006 Ron Pedde (rpedde@users.sourceforge.net) - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include -#include - -#include "daapd.h" -#include "err.h" -#include "webserver.h" -#include "wsprivate.h" - -/* Globals */ -static SSL_CTX *ws_ssl_ctx = NULL; -static char *ws_ssl_pass = NULL; - -/* Forwards */ -static void ws_ssl_print_error(int loglevel); -static int ws_ssl_pw_cb(char *buffer, int num, int rwflag, void *userdata); - -/* - * password callback for the passphrase on the priv key - */ -static int ws_ssl_pw_cb(char *buff, int num, int rwflag, void *userdata) { - if(num < strlen(ws_ssl_pass) + 1) - return 0; - - strcpy(buff,ws_ssl_pass); - return (int) strlen(ws_ssl_pass); -} - -/* - * initialize ssl library - */ -int ws_ssl_init(char *keyfile, char *cert, char *password) { - SSL_METHOD *meth; - - if(ws_ssl_ctx) { - return TRUE; - } - - SSL_library_init(); - SSL_load_error_strings(); - - /* Create our context*/ - meth=SSLv23_method(); - ws_ssl_ctx=SSL_CTX_new(meth); - - /* Load our keys and certificates*/ - if(!(SSL_CTX_use_certificate_chain_file(ws_ssl_ctx,cert))) { - DPRINTF(E_LOG,L_WS,"Can't read certificate file; ssl disabled\n"); - return FALSE; - } - - ws_ssl_pass=password; - SSL_CTX_set_default_passwd_cb(ws_ssl_ctx,ws_ssl_pw_cb); - if(!(SSL_CTX_use_PrivateKey_file(ws_ssl_ctx,keyfile,SSL_FILETYPE_PEM))) { - DPRINTF(E_LOG,L_WS,"Can't read key file; ssl disabled\n"); - return FALSE; - } - - return TRUE; -} - - -/* - * finish the ssl stuff - */ -void ws_ssl_deinit(void) { - if(ws_ssl_ctx) - SSL_CTX_free(ws_ssl_ctx); -} - -/* - * this gets called immediately after an accept from the - * underlying socket. - * - * @returns 1 if handshake completed, 0 if the connection was terminated, - * but normally, and -1 if there was an error - */ -int ws_ssl_sock_init(WS_CONNINFO *pwsc, int fd) { - SSL *pssl; - int err; - - if(pwsc->secure) { - if(!pwsc->secure_storage) { - pssl = SSL_new(ws_ssl_ctx); - pwsc->secure_storage = pssl; - } - pssl = (SSL*) pwsc->secure_storage; - SSL_set_fd(pssl,pwsc->fd); - err = SSL_accept(pssl); - - if(err == -1) { - ws_ssl_print_error(E_LOG); - } - - return err; - } else { - return 1; - } -} - -/* - * print any error associated with this thread - */ -void ws_ssl_print_error(int loglevel) { - unsigned long err; - char buffer[120]; - - while((err = ERR_get_error())) { - ERR_error_string(err,buffer); - DPRINTF(E_LOG,loglevel,"%s\n",buffer); - } -} - -/* - * write to ssl sock - */ - - -/* - * - */ -void ws_ssl_shutdown(WS_CONNINFO *pwsc) { - SSL *pssl; - - if((pwsc->secure) && (!pwsc->secure_storage)) { - pssl = (SSL*)pwsc->secure_storage; - SSL_shutdown(pssl); - SSL_free(pssl); - pwsc->secure_storage = NULL; - } - ws_socket_shutdown(pwsc); -} - - -/* - * - */ -int ws_ssl_read(WS_CONNINFO *pwsc, unsigned char *buffer, int len) { - SSL *pssl; - int result; - - if((pwsc->secure) && (!pwsc->secure_storage)) { - pssl = (SSL*)pwsc->secure_storage; - result = SSL_read(pssl, buffer, len); - if(len <= 0) - ws_ssl_print_error(E_LOG); - } else { - result = ws_socket_read(pwsc, buffer, len); - } - - return result; -} - -int ws_ssl_write(WS_CONNINFO *pwsc, unsigned char *buffer, int len) { - SSL *pssl; - int result; - - if((pwsc->secure) && (!pwsc->secure_storage)) { - pssl = (SSL*)pwsc->secure_storage; - result = SSL_write(pssl, buffer, len); - if(len <= 0) - ws_ssl_print_error(E_LOG); - } else { - result = ws_socket_write(pwsc, buffer, len); - } - - return result; -} - diff --git a/src/ssl.h b/src/ssl.h deleted file mode 100644 index e6c587a4..00000000 --- a/src/ssl.h +++ /dev/null @@ -1,34 +0,0 @@ -/* - * $Id: $ - * SSL Routines - * - * Copyright (C) 2006 Ron Pedde (rpedde@users.sourceforge.net) - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - -#ifndef _SSL_H_ -#define _SSL_H_ - -#ifdef USE_SSL - -extern int ws_ssl_init(char *keyfile, char *cert, char *password); -extern void ws_ssl_deinit(void); -extern int ws_ssl_write(WS_CONNINFO *pwsc, unsigned char *buffer, int len); -extern int ws_ssl_read(WS_CONNINFO *pwsc, unsigned char *buffer, int len); -extern void ws_ssl_shutdown(WS_CONNINFO *pwsc); - -#endif /* SSL */ -#endif /* _SSL_H_ */ diff --git a/src/webserver.h b/src/webserver.h index f2770669..f792cead 100644 --- a/src/webserver.h +++ b/src/webserver.h @@ -60,11 +60,7 @@ typedef void* WSTHREADENUM; typedef struct tag_wsconfig { char *web_root; char *id; - char *ssl_cert; - char *ssl_key; - char *ssl_pw; unsigned short port; - unsigned short ssl_port; } WSCONFIG; typedef struct tag_arglist {