rgw/rgw_rest.cc \
rgw/rgw_common.cc
libradosgw_a_CFLAGS = ${AM_CFLAGS}
-libradosgw_a_CXXFLAGS = ${AM_CXXFLAGS}
+libradosgw_a_CXXFLAGS = ${CRYPTO_CXXFLAGS} ${AM_CXXFLAGS}
+libradosgw_a_LDFLAGS = ${CRYPTO_LDFLAGS} ${AM_LDFLAGS}
# lib_LTLIBRARIES += libradosgw.a
radosgw_SOURCES = rgw/rgw_main.cc
radosgw_LDADD = libradosgw.a librados.a libcrush.a -lfcgi -lexpat -lpthread -lm $(CRYPTO_LIBS) $(EXTRALIBS)
-radosgw_CXXFLAGS = ${AM_CXXFLAGS}
+radosgw_CXXFLAGS = ${CRYPTO_CXXFLAGS} ${AM_CXXFLAGS}
radosgw_admin_SOURCES = rgw/rgw_admin.cc
+radosgw_admin_CXXFLAGS = ${CRYPTO_CXXFLAGS} ${AM_CXXFLAGS}
radosgw_admin_LDADD = libradosgw.a librados.a libcrush.a -lfcgi -lexpat -lpthread -lm $(CRYPTO_LIBS) $(EXTRALIBS)
bin_PROGRAMS += radosgw radosgw_admin
endif
unittest_ceph_crypto_SOURCES = test/ceph_crypto.cc
unittest_ceph_crypto_LDFLAGS = ${CRYPTO_LDFLAGS} ${AM_LDFLAGS}
-unittest_ceph_crypto_LDADD = ${CRYPTO_LIBS} \
+unittest_ceph_crypto_LDADD = libcommon.a ${CRYPTO_LIBS} \
${UNITTEST_LDADD}
unittest_ceph_crypto_CXXFLAGS = ${CRYPTO_CXXFLAGS} ${AM_CXXFLAGS} ${UNITTEST_CXXFLAGS}
check_PROGRAMS += unittest_ceph_crypto
common/debug.cc \
common/version.cc \
common/hex.cc \
- common/entity_name.cc
+ common/entity_name.cc \
+ common/ceph_crypto.cc
if WITH_PROFILER
libcommon_files += perfglue/cpu_profiler.cc
}
}
#elif USE_NSS
-# error "TODO NSS support for md5"
+// you *must* use CRYPTO_CXXFLAGS in Makefile.am for including this include
+# include <nss.h>
+# include <pk11pub.h>
+
+// NSS thinks a lot of fairly fundamental operations might potentially
+// fail, because it has been written to support e.g. smartcards doing all
+// the crypto operations. We don't want to contaminate too much code
+// with error checking, and just say these really should never fail.
+// This assert MUST NOT be compiled out, even on non-debug builds.
+# include "assert.h"
+
+// ugly bit of CryptoPP that we have to emulate here :(
+typedef unsigned char byte;
+
+namespace ceph {
+ namespace crypto {
+ void init();
+
+ class MD5 {
+ private:
+ PK11Context *ctx;
+ public:
+ static const int DIGESTSIZE = 16;
+ MD5 () {
+ ctx = PK11_CreateDigestContext(SEC_OID_MD5);
+ assert(ctx);
+ Restart();
+ }
+ ~MD5 () {
+ PK11_DestroyContext(ctx, PR_TRUE);
+ }
+ void Restart() {
+ SECStatus s;
+ s = PK11_DigestBegin(ctx);
+ assert(s == SECSuccess);
+ }
+ void Update (const byte *input, size_t length) {
+ SECStatus s;
+ s = PK11_DigestOp(ctx, input, length);
+ assert(s == SECSuccess);
+ }
+ void Final (byte *digest) {
+ SECStatus s;
+ unsigned int dummy;
+ s = PK11_DigestFinal(ctx, digest, &dummy, DIGESTSIZE);
+ assert(s == SECSuccess);
+ assert(dummy == (unsigned int)DIGESTSIZE);
+ Restart();
+ }
+ };
+ }
+}
#else
# error "No supported crypto implementation found."
#endif
projects / ceph.git / commitdiff