initialize libsodium and tweetnacl

src/curve_client.cpp

@@ -33,11 +33,21 @@
 
 zmq::curve_client_t::curve_client_t (const options_t &options_) :
     mechanism_t (options_),
-    state (send_hello)
+    state (send_hello),
+    sync()
 {
     memcpy (public_key, options_.curve_public_key, crypto_box_PUBLICKEYBYTES);
     memcpy (secret_key, options_.curve_secret_key, crypto_box_SECRETKEYBYTES);
     memcpy (server_key, options_.curve_server_key, crypto_box_PUBLICKEYBYTES);
+    scoped_lock_t lock (sync);
+#if defined(HAVE_TWEETNACL)
+    // allow opening of /dev/urandom
+    unsigned char tmpbytes[4];
+    randombytes(tmpbytes, 4);
+#else
+    const int si = sodium_init();
+    zmq_assert (is == 0);
+#endif
 
     //  Generate short-term key pair
     const int rc = crypto_box_keypair (cn_public, cn_secret);
@@ -318,7 +328,7 @@ int zmq::curve_client_t::produce_initiate (msg_t *msg_)
 
     //  Create Box [C + vouch + metadata](C'->S')
     memset (initiate_plaintext, 0, crypto_box_ZEROBYTES);
-    memcpy (initiate_plaintext + crypto_box_ZEROBYTES, 
+    memcpy (initiate_plaintext + crypto_box_ZEROBYTES,
             public_key, 32);
     memcpy (initiate_plaintext + crypto_box_ZEROBYTES + 32,
             vouch_nonce + 8, 16);

src/curve_client.hpp

@@ -21,6 +21,7 @@
 #define __ZMQ_CURVE_CLIENT_HPP_INCLUDED__
 
 #include "platform.hpp"
+#include "mutex.hpp"
 
 #ifdef HAVE_LIBSODIUM
 #ifdef HAVE_TWEETNACL
@@ -105,6 +106,7 @@ namespace zmq
         int process_welcome (msg_t *msg_);
         int produce_initiate (msg_t *msg_);
         int process_ready (msg_t *msg_);
+        mutex_t sync;
     };
 
 }

src/curve_server.cpp

@@ -39,10 +39,20 @@ zmq::curve_server_t::curve_server_t (session_base_t *session_,
     peer_address (peer_address_),
     state (expect_hello),
     expecting_zap_reply (false),
-    cn_nonce (1)
+    cn_nonce (1),
+    sync()
 {
     //  Fetch our secret key from socket options
     memcpy (secret_key, options_.curve_secret_key, crypto_box_SECRETKEYBYTES);
+    scoped_lock_t lock (sync);
+#if defined(HAVE_TWEETNACL)
+    // allow opening of /dev/urandom
+    unsigned char tmpbytes[4];
+    randombytes(tmpbytes, 4);
+#else
+    const int si = sodium_init();
+    zmq_assert (is == 0);
+#endif
 
     //  Generate short-term key pair
     const int rc = crypto_box_keypair (cn_public, cn_secret);

src/curve_server.hpp

@@ -115,6 +115,7 @@ namespace zmq
 
         void send_zap_request (const uint8_t *key);
         int receive_and_process_zap_reply ();
+        mutex_t sync;
     };
 
 }