Problem: use of libsodium vs. tweetnacl is confused

It's unclear which we need and in the source code, conditional code treats tweetnacl as a subclass of libsodium, which is inaccurate. Solution: redesign the configure/cmake API for this: * tweetnacl is present by default and cannot be enabled * libsodium can be enabled using --with-libsodium, which replaces the built-in tweetnacl * CURVE encryption can be disabled entirely using --enable-curve=no The macros we define in platform.hpp are: ZMQ_HAVE_CURVE 1 // When CURVE is enabled HAVE_LIBSODIUM 1 // When we are using libsodium HAVE_TWEETNACL 1 // When we're using tweetnacl (default) As of this patch, the default build of libzmq always has CURVE security, and always uses tweetnacl.
2025-11-11 00:44:50 +01:00 · 2016-02-11 13:32:01 +01:00
parent 42ab88e486
commit b49a60410a
16 changed files with 610 additions and 610 deletions
--- a/src/curve_server.hpp
+++ b/src/curve_server.hpp
@@ -30,15 +30,17 @@
 #ifndef __ZMQ_CURVE_SERVER_HPP_INCLUDED__
 #define __ZMQ_CURVE_SERVER_HPP_INCLUDED__

+#ifdef ZMQ_HAVE_CURVE
+
 #include "platform.hpp"

-#ifdef HAVE_LIBSODIUM
-#ifdef HAVE_TWEETNACL
-#include "tweetnacl_base.h"
-#include "randombytes.h"
-#else
-#include "sodium.h"
+#if defined (HAVE_TWEETNACL)
+#   include "tweetnacl_base.h"
+#   include "randombytes.h"
+#elif defined (HAVE_LIBSODIUM)
+#   include "sodium.h"
 #endif
+
 #if crypto_box_NONCEBYTES != 24 \
 ||  crypto_box_PUBLICKEYBYTES != 32 \
 ||  crypto_box_SECRETKEYBYTES != 32 \
@@ -47,7 +49,7 @@
 ||  crypto_secretbox_NONCEBYTES != 24 \
 ||  crypto_secretbox_ZEROBYTES != 32 \
 ||  crypto_secretbox_BOXZEROBYTES != 16
-#error "libsodium not built properly"
+#   error "libsodium not built properly"
 #endif

 #include "mechanism.hpp"