From 2cdfa1fff3b06bc7e41bc29e142319fe5d491de4 Mon Sep 17 00:00:00 2001
From: Frank <soundart@gmx.net>
Date: Thu, 8 May 2014 23:43:16 +0200
Subject: [PATCH 1/4] initialize libsodium and tweetnacl

---
 src/curve_client.cpp | 14 ++++++++++++--
 src/curve_client.hpp |  2 ++
 src/curve_server.cpp | 12 +++++++++++-
 src/curve_server.hpp |  1 +
 4 files changed, 26 insertions(+), 3 deletions(-)

diff --git a/src/curve_client.cpp b/src/curve_client.cpp
index 71db2de5..aeca61d0 100644
--- a/src/curve_client.cpp
+++ b/src/curve_client.cpp
@@ -33,11 +33,21 @@
 
 zmq::curve_client_t::curve_client_t (const options_t &options_) :
     mechanism_t (options_),
-    state (send_hello)
+    state (send_hello),
+    sync()
 {
     memcpy (public_key, options_.curve_public_key, crypto_box_PUBLICKEYBYTES);
     memcpy (secret_key, options_.curve_secret_key, crypto_box_SECRETKEYBYTES);
     memcpy (server_key, options_.curve_server_key, crypto_box_PUBLICKEYBYTES);
+    scoped_lock_t lock (sync);
+#if defined(HAVE_TWEETNACL)
+    // allow opening of /dev/urandom
+    unsigned char tmpbytes[4];
+    randombytes(tmpbytes, 4);
+#else
+    const int si = sodium_init();
+    zmq_assert (is == 0);
+#endif
 
     //  Generate short-term key pair
     const int rc = crypto_box_keypair (cn_public, cn_secret);
@@ -318,7 +328,7 @@ int zmq::curve_client_t::produce_initiate (msg_t *msg_)
 
     //  Create Box [C + vouch + metadata](C'->S')
     memset (initiate_plaintext, 0, crypto_box_ZEROBYTES);
-    memcpy (initiate_plaintext + crypto_box_ZEROBYTES, 
+    memcpy (initiate_plaintext + crypto_box_ZEROBYTES,
             public_key, 32);
     memcpy (initiate_plaintext + crypto_box_ZEROBYTES + 32,
             vouch_nonce + 8, 16);
diff --git a/src/curve_client.hpp b/src/curve_client.hpp
index 05f81291..45f47026 100644
--- a/src/curve_client.hpp
+++ b/src/curve_client.hpp
@@ -21,6 +21,7 @@
 #define __ZMQ_CURVE_CLIENT_HPP_INCLUDED__
 
 #include "platform.hpp"
+#include "mutex.hpp"
 
 #ifdef HAVE_LIBSODIUM
 #ifdef HAVE_TWEETNACL
@@ -105,6 +106,7 @@ namespace zmq
         int process_welcome (msg_t *msg_);
         int produce_initiate (msg_t *msg_);
         int process_ready (msg_t *msg_);
+        mutex_t sync;
     };
 
 }
diff --git a/src/curve_server.cpp b/src/curve_server.cpp
index 15196b90..3226623b 100644
--- a/src/curve_server.cpp
+++ b/src/curve_server.cpp
@@ -39,10 +39,20 @@ zmq::curve_server_t::curve_server_t (session_base_t *session_,
     peer_address (peer_address_),
     state (expect_hello),
     expecting_zap_reply (false),
-    cn_nonce (1)
+    cn_nonce (1),
+    sync()
 {
     //  Fetch our secret key from socket options
     memcpy (secret_key, options_.curve_secret_key, crypto_box_SECRETKEYBYTES);
+    scoped_lock_t lock (sync);
+#if defined(HAVE_TWEETNACL)
+    // allow opening of /dev/urandom
+    unsigned char tmpbytes[4];
+    randombytes(tmpbytes, 4);
+#else
+    const int si = sodium_init();
+    zmq_assert (is == 0);
+#endif
 
     //  Generate short-term key pair
     const int rc = crypto_box_keypair (cn_public, cn_secret);
diff --git a/src/curve_server.hpp b/src/curve_server.hpp
index 261720c8..8faae6a3 100644
--- a/src/curve_server.hpp
+++ b/src/curve_server.hpp
@@ -115,6 +115,7 @@ namespace zmq
 
         void send_zap_request (const uint8_t *key);
         int receive_and_process_zap_reply ();
+        mutex_t sync;
     };
 
 }

From 05ab9a848fca741202456f8b118f13b3d34f7a8a Mon Sep 17 00:00:00 2001
From: Frank <soundart@gmx.net>
Date: Thu, 8 May 2014 23:51:34 +0200
Subject: [PATCH 2/4] find libsodium with cmake

---
 CMakeLists.txt       | 4 +++-
 src/curve_client.cpp | 2 +-
 src/curve_server.cpp | 2 +-
 3 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/CMakeLists.txt b/CMakeLists.txt
index ee7e070f..5a627c07 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -29,6 +29,8 @@ if(WITH_TWEETNACL)
   else()
     list(APPEND TWEETNACL_SOURCES tweetnacl/contrib/randombytes/devurandom.c)
   endif()
+else()
+  find_library(SODIUM_FOUND sodium)
 endif()
 
 
@@ -610,7 +612,7 @@ else()
     endif()
 endif()
 
-target_link_libraries(libzmq ${CMAKE_THREAD_LIBS_INIT})
+target_link_libraries(libzmq ${SODIUM_LIBRARY} ${CMAKE_THREAD_LIBS_INIT})
 if(HAVE_WS2_32)
   target_link_libraries(libzmq ws2_32)
 elseif(HAVE_WS2)
diff --git a/src/curve_client.cpp b/src/curve_client.cpp
index aeca61d0..3b921064 100644
--- a/src/curve_client.cpp
+++ b/src/curve_client.cpp
@@ -46,7 +46,7 @@ zmq::curve_client_t::curve_client_t (const options_t &options_) :
     randombytes(tmpbytes, 4);
 #else
     const int si = sodium_init();
-    zmq_assert (is == 0);
+    zmq_assert (si == 0);
 #endif
 
     //  Generate short-term key pair
diff --git a/src/curve_server.cpp b/src/curve_server.cpp
index 3226623b..be717adf 100644
--- a/src/curve_server.cpp
+++ b/src/curve_server.cpp
@@ -51,7 +51,7 @@ zmq::curve_server_t::curve_server_t (session_base_t *session_,
     randombytes(tmpbytes, 4);
 #else
     const int si = sodium_init();
-    zmq_assert (is == 0);
+    zmq_assert (si == 0);
 #endif
 
     //  Generate short-term key pair

From 8962b7de45e8b9c99f4aa1073e3cb4b5ad17c3ca Mon Sep 17 00:00:00 2001
From: Frank <soundart@gmx.net>
Date: Fri, 9 May 2014 00:03:45 +0200
Subject: [PATCH 3/4] removed return code check for now, got -1 in
 test_security_curve.

---
 src/curve_client.cpp | 4 ++--
 src/curve_server.cpp | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/curve_client.cpp b/src/curve_client.cpp
index 3b921064..8c8a6d7a 100644
--- a/src/curve_client.cpp
+++ b/src/curve_client.cpp
@@ -45,8 +45,8 @@ zmq::curve_client_t::curve_client_t (const options_t &options_) :
     unsigned char tmpbytes[4];
     randombytes(tmpbytes, 4);
 #else
-    const int si = sodium_init();
-    zmq_assert (si == 0);
+	// todo check return code
+    sodium_init();
 #endif
 
     //  Generate short-term key pair
diff --git a/src/curve_server.cpp b/src/curve_server.cpp
index be717adf..49e04de5 100644
--- a/src/curve_server.cpp
+++ b/src/curve_server.cpp
@@ -50,8 +50,8 @@ zmq::curve_server_t::curve_server_t (session_base_t *session_,
     unsigned char tmpbytes[4];
     randombytes(tmpbytes, 4);
 #else
-    const int si = sodium_init();
-    zmq_assert (si == 0);
+	// todo check return code
+    sodium_init();
 #endif
 
     //  Generate short-term key pair

From b846f3075ce5c3abf94cf4e605573ada0c0046d8 Mon Sep 17 00:00:00 2001
From: Frank <soundart@gmx.net>
Date: Fri, 9 May 2014 00:07:02 +0200
Subject: [PATCH 4/4] ws

---
 src/curve_client.cpp | 2 +-
 src/curve_server.cpp | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/curve_client.cpp b/src/curve_client.cpp
index 8c8a6d7a..cdaefec1 100644
--- a/src/curve_client.cpp
+++ b/src/curve_client.cpp
@@ -45,7 +45,7 @@ zmq::curve_client_t::curve_client_t (const options_t &options_) :
     unsigned char tmpbytes[4];
     randombytes(tmpbytes, 4);
 #else
-	// todo check return code
+    // todo check return code
     sodium_init();
 #endif
 
diff --git a/src/curve_server.cpp b/src/curve_server.cpp
index 49e04de5..cb48c7d0 100644
--- a/src/curve_server.cpp
+++ b/src/curve_server.cpp
@@ -50,7 +50,7 @@ zmq::curve_server_t::curve_server_t (session_base_t *session_,
     unsigned char tmpbytes[4];
     randombytes(tmpbytes, 4);
 #else
-	// todo check return code
+    // todo check return code
     sodium_init();
 #endif