/**
* collectd - src/network.c
- * Copyright (C) 2005-2009 Florian octo Forster
+ * Copyright (C) 2005-2013 Florian octo Forster
* Copyright (C) 2009 Aman Gupta
*
* This program is free software; you can redistribute it and/or modify it
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*
* Authors:
- * Florian octo Forster <octo at verplant.org>
+ * Florian octo Forster <octo at collectd.org>
* Aman Gupta <aman at tmm1.net>
**/
*/
# pragma GCC diagnostic ignored "-Wdeprecated-declarations"
# endif
+/* FreeBSD's copy of libgcrypt extends the existing GCRYPT_NO_DEPRECATED
+ * to properly hide all deprecated functionality.
+ * http://svnweb.freebsd.org/ports/head/security/libgcrypt/files/patch-src__gcrypt.h.in
+ */
+# define GCRYPT_NO_DEPRECATED
# include <gcrypt.h>
# if defined __APPLE__
/* Re enable deprecation warnings */
} /* }}} int network_dispatch_notification */
#if HAVE_LIBGCRYPT
+static void network_init_gcrypt (void) /* {{{ */
+{
+ /* http://lists.gnupg.org/pipermail/gcrypt-devel/2003-August/000458.html
+ * Because you can't know in a library whether another library has
+ * already initialized the library */
+ if (gcry_control (GCRYCTL_ANY_INITIALIZATION_P))
+ return;
+
+ /* http://www.gnupg.org/documentation/manuals/gcrypt/Multi_002dThreading.html
+ * To ensure thread-safety, it's important to set GCRYCTL_SET_THREAD_CBS
+ * *before* initalizing Libgcrypt with gcry_check_version(), which itself must
+ * be called before any other gcry_* function. GCRYCTL_ANY_INITIALIZATION_P
+ * above doesn't count, as it doesn't implicitly initalize Libgcrypt.
+ *
+ * tl;dr: keep all these gry_* statements in this exact order please. */
+ gcry_control (GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread);
+ gcry_check_version (NULL);
+ gcry_control (GCRYCTL_INIT_SECMEM, 32768);
+ gcry_control (GCRYCTL_INITIALIZATION_FINISHED);
+} /* }}} void network_init_gcrypt */
+
static gcry_cipher_hd_t network_get_aes256_cypher (sockent_t *se, /* {{{ */
const void *iv, size_t iv_size, const char *username)
{
{
if (se->data.client.security_level > SECURITY_LEVEL_NONE)
{
+ network_init_gcrypt ();
+
if ((se->data.client.username == NULL)
|| (se->data.client.password == NULL))
{
{
if (se->data.server.security_level > SECURITY_LEVEL_NONE)
{
+ network_init_gcrypt ();
+
if (se->data.server.auth_file == NULL)
{
ERROR ("network plugin: Server socket with "
have_init = true;
#if HAVE_LIBGCRYPT
- gcry_control (GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread);
- gcry_control (GCRYCTL_INIT_SECMEM, 32768, 0);
- gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
+ network_init_gcrypt ();
#endif
if (network_config_stats != 0)