restore mbed TSL 1.3.x compatibility

diff --git a/build-scripts/dist-recursor b/build-scripts/dist-recursor
index bedf8fddf8f51f092d1dd7cae5a1de05ee3ba28a..54d424b77bb9dfe57d961c25c7453dfd67325555 100755 (executable)
--- a/build-scripts/dist-recursor
+++ b/build-scripts/dist-recursor
@@ -31,7 +31,7 @@ INCLUDES="iputils.hh arguments.hh base64.hh zoneparser-tng.hh \
 rcpgenerator.hh lock.hh dnswriter.hh  dnsrecords.hh dnsparser.hh utility.hh \
 recursor_cache.hh rec_channel.hh qtype.hh misc.hh dns.hh syncres.hh \
 sstuff.hh mtasker.hh mtasker.cc lwres.hh logger.hh pdnsexception.hh \
-mplexer.hh pubsuffix.hh \
+mplexer.hh pubsuffix.hh mbedtlscompat.hh \
 dns_random.hh lua-pdns.hh lua-recursor.hh namespaces.hh \
 recpacketcache.hh base32.hh cachecleaner.hh json.hh version.hh \
 ws-recursor.hh ws-api.hh secpoll-recursor.hh \

diff --git a/pdns/Makefile.am b/pdns/Makefile.am
index 07bb26932ab14ecc8cc037aeb024f4c1d2017ba7..b1f94e0ffa850985e19e6e4f194d6725a8e24f95 100644 (file)
--- a/pdns/Makefile.am
+++ b/pdns/Makefile.am
@@ -163,6 +163,7 @@ pdns_server_SOURCES = \
        lua-auth.cc lua-auth.hh \
        lua-pdns.cc lua-iputils.cc \
        mastercommunicator.cc \
+       mbedtlscompat.hh \
        md5.hh \
        misc.cc misc.hh \
        nameserver.cc nameserver.hh \
@@ -279,6 +280,7 @@ pdnssec_SOURCES = \
        gss_context.cc gss_context.hh \
        json.cc \
        logger.cc \
+       mbedtlscompat.hh \
        misc.cc misc.hh \
        nsecrecords.cc \
        packetcache.cc \
@@ -482,6 +484,7 @@ sdig_SOURCES = \
        dnsrecords.cc \
        dnswriter.cc dnswriter.hh \
        logger.cc \
+       mbedtlscompat.hh \
        misc.cc misc.hh \
        nsecrecords.cc \
        qtype.cc \
@@ -505,6 +508,7 @@ calidns_SOURCES = \
        dnswriter.cc dnswriter.hh \
        iputils.cc \
        logger.cc \
+       mbedtlscompat.hh \
        misc.cc misc.hh \
        nsecrecords.cc \
        qtype.cc \
@@ -540,6 +544,7 @@ saxfr_SOURCES = \
        dnswriter.cc dnswriter.hh \
        gss_context.cc gss_context.hh \
        logger.cc \
+       mbedtlscompat.hh \
        misc.cc misc.hh \
        nsecrecords.cc \
        qtype.cc \
@@ -571,6 +576,7 @@ dnstcpbench_SOURCES = \
        dnstcpbench.cc \
        dnswriter.cc dnswriter.hh \
        logger.cc \
+       mbedtlscompat.hh \
        misc.cc misc.hh \
        nsecrecords.cc \
        qtype.cc \
@@ -602,6 +608,7 @@ dnsdist_SOURCES = \
        dolog.hh \
        iputils.cc \
        htmlfiles.h \
+       mbedtlscompat.hh \
        misc.cc misc.hh \
        qtype.cc \
        sholder.hh \
@@ -628,8 +635,9 @@ nsec3dig_SOURCES = \
        dnsrecords.cc \
        dnssecinfra.cc \
        dnswriter.cc dnswriter.hh \
-        gss_context.cc gss_context.hh \
+       gss_context.cc gss_context.hh \
        logger.cc \
+       mbedtlscompat.hh \
        misc.cc misc.hh \
        nsec3dig.cc \
        nsecrecords.cc \
@@ -662,6 +670,7 @@ toysdig_SOURCES = \
        dnswriter.cc dnswriter.hh \
        ednssubnet.cc ednssubnet.hh \
        logger.cc \
+       mbedtlscompat.hh \
        misc.cc misc.hh \
        nsecrecords.cc \
        qtype.cc \
@@ -689,6 +698,7 @@ tsig_tests_SOURCES = \
        dnswriter.cc dnswriter.hh \
        gss_context.cc gss_context.hh \
        logger.cc \
+       mbedtlscompat.hh \
        misc.cc misc.hh \
        nsecrecords.cc \
        qtype.cc \
@@ -720,6 +730,7 @@ speedtest_SOURCES = \
        dnsrecords.cc \
        dnswriter.cc dnswriter.hh \
        logger.cc \
+       mbedtlscompat.hh \
        misc.cc misc.hh \
        nsecrecords.cc \
        qtype.cc \
@@ -784,6 +795,7 @@ dnsscan_SOURCES = \
        dnsscan.cc \
        dnswriter.cc dnswriter.hh \
        logger.cc \
+       mbedtlscompat.hh \
        misc.cc \
        nsecrecords.cc \
        qtype.cc \
@@ -807,6 +819,7 @@ dnsreplay_SOURCES = \
        dnsreplay.cc \
        dnswriter.cc dnswriter.hh \
        logger.cc \
+       mbedtlscompat.hh \
        misc.cc \
        nsecrecords.cc \
        qtype.cc \
@@ -833,6 +846,7 @@ nproxy_SOURCES = \
        dnsrecords.cc \
        dnswriter.cc dnswriter.hh \
        logger.cc \
+       mbedtlscompat.hh \
        misc.cc \
        mplexer.hh \
        nproxy.cc \
@@ -863,6 +877,7 @@ notify_SOURCES = \
        dnsrecords.cc \
        dnswriter.cc dnswriter.hh \
        logger.cc \
+       mbedtlscompat.hh \
        misc.cc \
        notify.cc \
        nsecrecords.cc \
@@ -894,6 +909,7 @@ dnsscope_SOURCES = \
        dnsscope.cc \
        dnswriter.cc dnswriter.hh \
        logger.cc \
+       mbedtlscompat.hh \
        misc.cc \
        nsecrecords.cc \
        qtype.cc \
@@ -922,6 +938,7 @@ dnsgram_SOURCES = \
        dnsrecords.cc \
        dnswriter.cc dnswriter.hh \
        logger.cc \
+       mbedtlscompat.hh \
        misc.cc \
        nsecrecords.cc \
        qtype.cc \
@@ -944,6 +961,7 @@ dnsdemog_SOURCES = \
        dnsrecords.cc \
        dnswriter.cc dnswriter.hh \
        logger.cc \
+       mbedtlscompat.hh \
        misc.cc \
        nsecrecords.cc \
        qtype.cc \
@@ -1058,6 +1076,7 @@ pdns_recursor_SOURCES = \
        lua-pdns.cc lua-pdns.hh lua-iputils.cc \
        lua-recursor.cc lua-recursor.hh \
        lwres.cc lwres.hh \
+       mbedtlscompat.hh \
        misc.cc \
        mtasker.hh \
        nsecrecords.cc \

diff --git a/pdns/base64.cc b/pdns/base64.cc
index e901e9ab39e3b80a10ee97d79792ecda56d5e7b9..797b27790456ac1d7ca618f683574fd5f53e2141 100644 (file)
--- a/pdns/base64.cc
+++ b/pdns/base64.cc
@@ -3,7 +3,12 @@
 #endif
 #include "base64.hh"
 #include <boost/scoped_array.hpp>
+#ifdef HAVE_MBEDTLS2
 #include <mbedtls/base64.h>
+#else
+#include <polarssl/base64.h>
+#include "mbedtlscompat.hh"
+#endif
 
 int B64Decode(const std::string& src, std::string& dst)
 {

diff --git a/pdns/dns_random.cc b/pdns/dns_random.cc
index 8c00949496e76e2196545ab5d694764e01a0af99..b25b1a1c155a222dc336d2753b8ac3d742dae0be 100644 (file)
--- a/pdns/dns_random.cc
+++ b/pdns/dns_random.cc
@@ -1,7 +1,12 @@
 #ifdef HAVE_CONFIG_H
 #include "config.h"
 #endif
+#ifdef HAVE_MBEDTLS2
 #include <mbedtls/aes.h>
+#else
+#include <polarssl/aes.h>
+#include "mbedtlscompat.hh"
+#endif
 #include <iostream>
 #include <cstdlib>
 #include <cstring>

diff --git a/pdns/dnsdistdist/Makefile.am b/pdns/dnsdistdist/Makefile.am
index 4ac277eac9fc9d0155cba923b9469799cf7e2fc4..2b2ac8d335327854a121533b2fd73d5c10080d6d 100644 (file)
--- a/pdns/dnsdistdist/Makefile.am
+++ b/pdns/dnsdistdist/Makefile.am
@@ -39,6 +39,7 @@ dnsdist_SOURCES = \
        dnswriter.cc dnswriter.hh \
        dolog.hh \
        iputils.cc iputils.hh \
+       mbedtlscompat.hh \
        misc.cc misc.hh \
        htmlfiles.h \
        namespaces.hh \

diff --git a/pdns/dnssecinfra.cc b/pdns/dnssecinfra.cc
index 696a3788a7262d7df23e84d467c4f0cec15ac898..8246943f4688408e3a6c44867e0eeee06fc4e3de 100644 (file)
--- a/pdns/dnssecinfra.cc
+++ b/pdns/dnssecinfra.cc
@@ -12,10 +12,15 @@
 #include <boost/algorithm/string.hpp>
 #include "dnssecinfra.hh" 
 #include "dnsseckeeper.hh"
-#include <mbedtls/md5.h>
-#include <mbedtls/sha1.h>
+#ifdef HAVE_MBEDTLS2
 #include <mbedtls/md_internal.h>
 #include <mbedtls/md.h>
+#else
+#include <polarssl/md5.h>
+#include <polarssl/sha1.h>
+#include <polarssl/md.h>
+#include "mbedtlscompat.hh"
+#endif
 #include <boost/assign/std/vector.hpp> // for 'operator+=()'
 #include <boost/assign/list_inserter.hpp>
 #include "base64.hh"

diff --git a/pdns/mbedtlscompat.hh b/pdns/mbedtlscompat.hh
new file mode 100644 (file)
index 0000000..9ed9032
--- /dev/null
+++ b/pdns/mbedtlscompat.hh
@@ -0,0 +1,103 @@
+#define MBEDTLS_VERSION_STRING POLARSSL_VERSION_STRING
+
+#define MBEDTLS_MD_MAX_SIZE POLARSSL_MD_MAX_SIZE
+#define MBEDTLS_MD_MD5 POLARSSL_MD_MD5 
+#define MBEDTLS_MD_SHA1 POLARSSL_MD_SHA1
+#define MBEDTLS_MD_SHA224 POLARSSL_MD_SHA224 
+#define MBEDTLS_MD_SHA256 POLARSSL_MD_SHA256 
+#define MBEDTLS_MD_SHA384 POLARSSL_MD_SHA384 
+#define MBEDTLS_MD_SHA512 POLARSSL_MD_SHA512
+
+#define MBEDTLS_RSA_PKCS_V15 RSA_PKCS_V15
+#define MBEDTLS_RSA_PRIVATE RSA_PRIVATE
+#define MBEDTLS_RSA_PUBLIC RSA_PUBLIC
+
+
+// Types
+#define mbedtls_aes_context aes_context
+
+#define mbedtls_sha1_context sha1_context
+#define mbedtls_sha256_context sha256_context
+#define mbedtls_sha512_context sha512_context
+
+#ifdef POLARSSL_MD_H
+typedef md_info_t mbedtls_md_info_t;
+typedef md_type_t mbedtls_md_type_t;
+#endif
+
+#define mbedtls_entropy_context entropy_context
+
+#define mbedtls_ctr_drbg_context ctr_drbg_context
+
+#define mbedtls_rsa_context rsa_context
+
+#define mbedtls_mpi mpi
+
+
+// Functions macro
+#define mbedtls_aes_crypt_ctr aes_crypt_ctr
+#define mbedtls_aes_setkey_enc aes_setkey_enc
+
+#define mbedtls_sha1 sha1 
+#define mbedtls_sha1_starts sha1_starts
+#define mbedtls_sha1_update sha1_update
+#define mbedtls_sha1_finish sha1_finish 
+
+#define mbedtls_sha256 sha256
+#define mbedtls_sha256_starts sha256_starts
+#define mbedtls_sha256_update sha256_update
+#define mbedtls_sha256_finish sha256_finish 
+
+#define mbedtls_sha512 sha512
+#define mbedtls_sha512_starts sha512_starts
+#define mbedtls_sha512_update sha512_update
+#define mbedtls_sha512_finish sha512_finish 
+
+#define mbedtls_md_hmac md_hmac
+#define mbedtls_md_get_size md_get_size
+#define mbedtls_md_info_from_type md_info_from_type
+
+#define mbedtls_md5 md5
+
+#define mbedtls_mpi_init mpi_init
+#define mbedtls_mpi_size mpi_size
+#define mbedtls_mpi_free mpi_free
+
+#define mbedtls_entropy_init entropy_init
+#define mbedtls_entropy_func entropy_func
+
+#define mbedtls_ctr_drbg_init
+#define mbedtls_ctr_drbg_seed ctr_drbg_init
+#define mbedtls_ctr_drbg_random ctr_drbg_random
+
+#define mbedtls_rsa_init rsa_init
+#define mbedtls_rsa_gen_key rsa_gen_key
+#define mbedtls_rsa_pkcs1_sign rsa_pkcs1_sign
+#define mbedtls_rsa_pkcs1_verify rsa_pkcs1_verify
+
+#define mbedtls_mpi_copy mpi_copy
+#define mbedtls_mpi_cmp_mpi mpi_cmp_mpi
+#define mbedtls_mpi_bitlen mpi_msb
+#define mbedtls_mpi_write_binary mpi_write_binary
+#define mbedtls_mpi_read_binary mpi_read_binary
+
+
+// Functions
+#ifdef POLARSSL_BASE64_H
+#ifndef COMPAT_BASE64
+#define COMPAT_BASE64
+
+inline int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen, const unsigned char *src, size_t slen ) {
+  int ret = base64_decode( dst, &dlen, src, slen );
+  *olen = dlen;
+  return ret;
+}
+
+inline int mbedtls_base64_encode( unsigned char *dst, size_t dlen, size_t *olen, const unsigned char *src, size_t slen ) {
+  int ret = base64_encode( dst, &dlen, src, slen );
+  *olen = dlen;
+  return ret;
+}
+
+#endif
+#endif

diff --git a/pdns/mbedtlssigners.cc b/pdns/mbedtlssigners.cc
index 84c9b9464e4c8caf2c6a0353b2a19b4623379476..2dc101759c5f7125eead2bbf0dbef1b21363a1f5 100644 (file)
--- a/pdns/mbedtlssigners.cc
+++ b/pdns/mbedtlssigners.cc
@@ -1,13 +1,21 @@
 #ifdef HAVE_CONFIG_H
 #include "config.h"
 #endif
-#include <mbedtls/rsa.h>
-#include <mbedtls/base64.h>
-#include <sha.hh>
+#ifdef HAVE_MBEDTLS2
 #include <mbedtls/entropy.h>
 #include <mbedtls/ctr_drbg.h>
+#include <mbedtls/rsa.h>
+#include <mbedtls/base64.h>
+#else
+#include <polarssl/entropy.h>
+#include <polarssl/ctr_drbg.h>
+#include <polarssl/rsa.h>
+#include <polarssl/base64.h>
+#include "mbedtlscompat.hh"
+#endif
 #include <boost/assign/std/vector.hpp> // for 'operator+=()'
 #include <boost/foreach.hpp>
+#include "sha.hh"
 #include "dnssecinfra.hh"
 using namespace boost::assign;
 

diff --git a/pdns/md5.hh b/pdns/md5.hh
index aaad52f8bcf6acad4668545609eb1d833477c5e0..a193a2a3f377a78fc859f3cc0b65f534156b6507 100644 (file)
--- a/pdns/md5.hh
+++ b/pdns/md5.hh
@@ -3,7 +3,12 @@
 
 #include <string>
 #include <stdint.h>
+#ifdef HAVE_MBEDTLS2
 #include <mbedtls/md5.h>
+#else
+#include <polarssl/md5.h>
+#include "mbedtlscompat.hh"
+#endif
 
 inline std::string pdns_md5sum(const std::string& input)
 {

diff --git a/pdns/sha.hh b/pdns/sha.hh
index eff8e920a7b6f76b86fa3cc3878a6386911fdf58..0751f0cd9413b7ed1b6ad2744194653a826123f5 100644 (file)
--- a/pdns/sha.hh
+++ b/pdns/sha.hh
@@ -3,9 +3,16 @@
 
 #include <string>
 #include <stdint.h>
+#ifdef HAVE_MBEDTLS2
 #include <mbedtls/sha1.h>
 #include <mbedtls/sha256.h>
 #include <mbedtls/sha512.h>
+#else
+#include <polarssl/sha1.h>
+#include <polarssl/sha256.h>
+#include <polarssl/sha512.h>
+#include "mbedtlscompat.hh"
+#endif
 
 class SHA1Summer
 {

diff --git a/pdns/version.cc b/pdns/version.cc
index eb8f2366d14494d9741000647acfedd0994eca94..2c0359da6e971ba4ced5ba6a47eeaeee569c87ff 100644 (file)
--- a/pdns/version.cc
+++ b/pdns/version.cc
@@ -25,7 +25,12 @@
 #endif
 #include "logger.hh"
 #include "version.hh"
+#ifdef HAVE_MBEDTLS2
 #include <mbedtls/version.h>
+#else
+#include <polarssl/version.h>
+#include "mbedtlscompat.hh"
+#endif
 
 static ProductType productType;
 
@@ -115,7 +120,7 @@ void showBuildConfiguration()
   theL()<<Logger::Warning<<"Built-in modules: "<<PDNS_MODULES<<endl;
 #endif
 #ifndef MBEDTLS_SYSTEM
-  theL()<<Logger::Warning<<"Built-in mbed TLS: "<<POLARSSL_VERSION_STRING<<endl;
+  theL()<<Logger::Warning<<"Built-in mbed TLS: "<<MBEDTLS_VERSION_STRING<<endl;
 #endif
 #ifdef PDNS_CONFIG_ARGS
 #define double_escape(s) #s