From: Christian Hofstaedtler Date: Sat, 2 Jan 2016 21:00:59 +0000 (+0100) Subject: Add --without-mbedtls X-Git-Tag: dnsdist-1.0.0-alpha2~61^2~7 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=e12ba08e33549c033ae23c06ca281e1cde0b9169;p=pdns Add --without-mbedtls Will require openssl though. --- diff --git a/m4/pdns_with_system_mbedtls.m4 b/m4/pdns_with_system_mbedtls.m4 index 92119e7a5..6cc058d3a 100644 --- a/m4/pdns_with_system_mbedtls.m4 +++ b/m4/pdns_with_system_mbedtls.m4 @@ -1,63 +1,88 @@ AC_DEFUN([PDNS_WITH_SYSTEM_MBEDTLS],[ + AC_ARG_WITH([mbedtls], + [AS_HELP_STRING([--with-mbedtls], [use mbed TLS @<:@default=yes@:>@])] + ) AC_ARG_WITH([system-mbedtls], - [AS_HELP_STRING([--with-system-mbedtls], [use system mbedt TLS @<:@default=no@:>@])], + [AS_HELP_STRING([--with-system-mbedtls], [use system mbed TLS @<:@default=no@:>@])], [], [with_system_mbedtls=no], ) - MBEDTLS_SUBDIR=mbedtls - MBEDTLS_CFLAGS=-I\$\(top_srcdir\)/ext/$MBEDTLS_SUBDIR/include/ - MBEDTLS_LIBS="-L\$(top_builddir)/ext/$MBEDTLS_SUBDIR/library/ -lmbedtls" - - AS_IF([test "x$with_system_mbedtls" = "xyes"],[ - OLD_LIBS=$LIBS - LIBS="" - AC_SEARCH_LIBS([mbedtls_sha1], [mbedcrypto],[ - MBEDTLS_LIBS=$LIBS - have_system_mbedtls=yes - have_mbedtls_v2=yes - ],[ - have_mbedtls_v2=no - AC_SEARCH_LIBS([sha1_hmac], [mbedtls polarssl],[ + AC_MSG_CHECKING([if we should build with mbedtls]) + AS_IF([test "x$with_mbedtls" != "xno"],[ + AC_MSG_RESULT([yes]) + have_mbedtls=yes + MBEDTLS_SUBDIR=mbedtls + MBEDTLS_CFLAGS=-I\$\(top_srcdir\)/ext/$MBEDTLS_SUBDIR/include/ + MBEDTLS_LIBS="-L\$(top_builddir)/ext/$MBEDTLS_SUBDIR/library/ -lmbedtls" + AS_IF([test "x$with_system_mbedtls" = "xyes"],[ + OLD_LIBS=$LIBS + LIBS="" + AC_SEARCH_LIBS([mbedtls_sha1], [mbedcrypto],[ MBEDTLS_LIBS=$LIBS - AC_MSG_CHECKING([for mbed TLS/PolarSSL version >= 1.3.0]) - AC_COMPILE_IFELSE([ - AC_LANG_PROGRAM( - [[#include ]], - [[ - #if POLARSSL_VERSION_NUMBER < 0x01030000 - #error invalid version - #endif - ]] - )], - [have_system_mbedtls=yes], + have_system_mbedtls=yes + have_mbedtls_v2=yes + ],[ + have_mbedtls_v2=no + AC_SEARCH_LIBS([sha1_hmac], [mbedtls polarssl],[ + MBEDTLS_LIBS=$LIBS + AC_MSG_CHECKING([for mbed TLS/PolarSSL version >= 1.3.0]) + AC_COMPILE_IFELSE([ + AC_LANG_PROGRAM( + [[#include ]], + [[ + #if POLARSSL_VERSION_NUMBER < 0x01030000 + #error invalid version + #endif + ]] + )], + [have_system_mbedtls=yes], + [have_system_mbedtls=no] + ) + AC_MSG_RESULT([$have_system_mbedtls]) + ], [have_system_mbedtls=no] ) - AC_MSG_RESULT([$have_system_mbedtls]) - ], - [have_system_mbedtls=no] - ) + ]) + LIBS=$OLD_LIBS + ],[ + have_system_mbedtls=no + have_mbedtls_v2=yes + ]) + + AS_IF([test "x$have_system_mbedtls" = "xyes"],[ + MBEDTLS_CFLAGS= + MBEDTLS_SUBDIR= + AC_DEFINE([MBEDTLS_SYSTEM], [1], [Defined if system mbed TLS is used]) + ],[ + AS_IF([test "x$with_system_mbedtls" = "xyes"],[ + AC_MSG_ERROR([use of system mbed TLS requested but not found]) + ]) ]) - LIBS=$OLD_LIBS ],[ + AC_MSG_RESULT([no]) have_system_mbedtls=no - have_mbedtls_v2=yes - ]) - - AS_IF([test "x$have_system_mbedtls" = "xyes"],[ - MBEDTLS_CFLAGS= + have_mbedtls_v2=no + have_mbedtls=no MBEDTLS_SUBDIR= - AC_DEFINE([MBEDTLS_SYSTEM], [1], [Defined if system mbed TLS is used]) - ],[ + MBEDTLS_CFLAGS= + MBEDTLS_LIBS= AS_IF([test "x$with_system_mbedtls" = "xyes"],[ - AC_MSG_ERROR([use of system mbedtls requested but not found])] - )] - ) + AC_MSG_ERROR([use of system mbed TLS requested but mbed TLS disabled]) + ]) + ]) AS_IF([test "x$have_mbedtls_v2" = "xyes"],[ AC_DEFINE([HAVE_MBEDTLS2], [1], [Defined if mbed TLS version 2.x.x is used]) ]) + AS_IF([test "x$have_mbedtls" = "xyes"],[ + AC_DEFINE([HAVE_MBEDTLS], [1], [Defined if mbed TLS is used]) + AM_CONDITIONAL([MBEDTLS], [true]) + ],[ + AM_CONDITIONAL([MBEDTLS], [false]) + ]) + AC_SUBST(MBEDTLS_CFLAGS) AC_SUBST(MBEDTLS_LIBS) AC_SUBST(MBEDTLS_SUBDIR) diff --git a/modules/remotebackend/Makefile.am b/modules/remotebackend/Makefile.am index 8338e72d8..ab7386105 100644 --- a/modules/remotebackend/Makefile.am +++ b/modules/remotebackend/Makefile.am @@ -2,6 +2,7 @@ AM_CPPFLAGS += \ -I$(top_srcdir)/ext/rapidjson/include \ $(YAHTTP_CFLAGS) \ $(MBEDTLS_CFLAGS) \ + $(OPENSSL_CFLAGS) \ $(LIBZMQ_CFLAGS) AM_LDFLAGS = $(THREADFLAGS) @@ -129,6 +130,7 @@ libtestremotebackend_la_CPPFLAGS = $(AM_CPPFLAGS) libtestremotebackend_la_LIBADD = \ $(YAHTTP_LIBS) \ $(MBEDTLS_LIBS) \ + $(OPENSSL_LIBS) \ $(BOOST_UNIT_TEST_FRAMEWORK_LIBS) \ $(BOOST_SERIALIZATION_LIBS) \ $(BOOST_PROGRAM_OPTIONS_LIBS) \ diff --git a/pdns/Makefile.am b/pdns/Makefile.am index c8451d1a0..2fae51392 100644 --- a/pdns/Makefile.am +++ b/pdns/Makefile.am @@ -162,7 +162,6 @@ pdns_server_SOURCES = \ lua-auth.cc lua-auth.hh \ lua-pdns.cc lua-pdns.hh lua-iputils.cc \ mastercommunicator.cc \ - mbedtlscompat.hh \ md5.hh \ misc.cc misc.hh \ nameserver.cc nameserver.hh \ @@ -171,7 +170,6 @@ pdns_server_SOURCES = \ packetcache.cc packetcache.hh \ packethandler.cc packethandler.hh \ pdnsexception.hh \ - mbedtlssigners.cc \ qtype.cc qtype.hh \ randomhelper.cc \ rcpgenerator.cc \ @@ -206,7 +204,6 @@ pdns_server_LDADD = \ @moduleobjects@ \ @modulelibs@ \ $(LIBDL) \ - $(MBEDTLS_LIBS) \ $(YAHTTP_LIBS) \ $(JSON11_LIBS) @@ -225,6 +222,11 @@ pdns_server_SOURCES += sodiumsigners.cc pdns_server_LDADD += $(LIBSODIUM_LIBS) endif +if MBEDTLS +pdns_server_SOURCES += mbedtlssigners.cc mbedtlscompat.hh +pdns_server_LDADD += $(MBEDTLS_LIBS) +endif + if OPENSSL pdns_server_SOURCES += opensslsigners.cc opensslsigners.hh pdns_server_LDFLAGS += $(OPENSSL_LDFLAGS) @@ -280,12 +282,10 @@ pdnsutil_SOURCES = \ iputils.cc iputils.hh \ json.cc \ logger.cc \ - mbedtlscompat.hh \ misc.cc misc.hh \ nsecrecords.cc \ packetcache.cc \ pdnsutil.cc \ - mbedtlssigners.cc \ qtype.cc \ randomhelper.cc \ rcpgenerator.cc rcpgenerator.hh \ @@ -307,7 +307,6 @@ pdnsutil_LDADD = \ @moduleobjects@ \ @modulelibs@ \ $(LIBDL) \ - $(MBEDTLS_LIBS) \ $(BOOST_PROGRAM_OPTIONS_LIBS) \ $(YAHTTP_LIBS) \ $(JSON11_LIBS) @@ -327,6 +326,11 @@ pdnsutil_SOURCES += sodiumsigners.cc pdnsutil_LDADD += $(LIBSODIUM_LIBS) endif +if MBEDTLS +pdnsutil_SOURCES += mbedtlssigners.cc mbedtlscompat.hh +pdnsutil_LDADD += $(MBEDTLS_LIBS) +endif + if OPENSSL pdnsutil_SOURCES += opensslsigners.cc opensslsigners.hh pdnsutil_LDFLAGS += $(OPENSSL_LDFLAGS) @@ -378,7 +382,8 @@ zone2sql_SOURCES = \ zone2sql.cc \ zoneparser-tng.cc -zone2sql_LDADD = $(MBEDTLS_LIBS) $(JSON11_LIBS) +zone2sql_LDADD = $(MBEDTLS_LIBS) $(OPENSSL_LIBS) $(JSON11_LIBS) +zone2sql_LDFLAGS = $(AM_LDFLAGS) $(OPENSSL_LDFLAGS) zone2json_SOURCES = \ arguments.cc \ @@ -404,7 +409,8 @@ zone2json_SOURCES = \ zone2json.cc \ zoneparser-tng.cc -zone2json_LDADD = $(MBEDTLS_LIBS) $(JSON11_LIBS) +zone2json_LDADD = $(MBEDTLS_LIBS) $(OPENSSL_LIBS) $(JSON11_LIBS) +zone2json_LDFLAGS = $(AM_LDFLAGS) $(OPENSSL_LDFLAGS) # pkglib_LTLIBRARIES = iputils.la # iputils_la_SOURCES = lua-iputils.cc @@ -439,7 +445,8 @@ zone2ldap_SOURCES = \ zone2ldap.cc \ zoneparser-tng.cc -zone2ldap_LDADD = $(MBEDTLS_LIBS) +zone2ldap_LDADD = $(MBEDTLS_LIBS) $(OPENSSL_LIBS) +zone2ldap_LDFLAGS = $(AM_LDFLAGS) $(OPENSSL_LDFLAGS) sdig_SOURCES = \ base32.cc \ @@ -463,7 +470,8 @@ sdig_SOURCES = \ statbag.cc \ unix_utility.cc -sdig_LDADD = $(MBEDTLS_LIBS) +sdig_LDADD = $(MBEDTLS_LIBS) $(OPENSSL_LIBS) +sdig_LDFLAGS = $(AM_LDFLAGS) $(OPENSSL_LDFLAGS) calidns_SOURCES = \ base32.cc \ @@ -486,8 +494,8 @@ calidns_SOURCES = \ statbag.cc \ unix_utility.cc -calidns_LDADD = $(MBEDTLS_LIBS) -calidns_LDFLAGS=$(THREADFLAGS) +calidns_LDADD = $(MBEDTLS_LIBS) $(OPENSSL_LIBS) +calidns_LDFLAGS = $(AM_LDFLAGS) $(THREADFLAGS) $(OPENSSL_LDFLAGS) dumresp_SOURCES = \ dnslabeltext.cc \ @@ -531,7 +539,8 @@ saxfr_SOURCES = \ statbag.cc \ unix_utility.cc -saxfr_LDADD = $(MBEDTLS_LIBS) +saxfr_LDADD = $(MBEDTLS_LIBS) $(OPENSSL_LIBS) +saxfr_LDFLAGS = $(AM_LDFLAGS) $(OPENSSL_LDFLAGS) if PKCS11 saxfr_SOURCES += pkcs11signers.cc pkcs11signers.hh @@ -570,7 +579,8 @@ ixplore_SOURCES = \ statbag.cc \ unix_utility.cc zoneparser-tng.cc -ixplore_LDADD = $(MBEDTLS_LIBS) +ixplore_LDADD = $(MBEDTLS_LIBS) $(OPENSSL_LIBS) +ixplore_LDFLAGS = $(AM_LDFLAGS) $(OPENSSL_LDFLAGS) if PKCS11 ixplore_SOURCES += pkcs11signers.cc pkcs11signers.hh @@ -604,10 +614,12 @@ dnstcpbench_SOURCES = \ dnstcpbench_LDFLAGS = \ $(AM_LDFLAGS) \ + $(OPENSSL_LDFLAGS) \ $(BOOST_PROGRAM_OPTIONS_LDFLAGS) dnstcpbench_LDADD = \ $(MBEDTLS_LIBS) \ + $(OPENSSL_LIBS) \ $(BOOST_PROGRAM_OPTIONS_LIBS) nsec3dig_SOURCES = \ @@ -632,7 +644,8 @@ nsec3dig_SOURCES = \ statbag.cc \ unix_utility.cc -nsec3dig_LDADD = $(MBEDTLS_LIBS) +nsec3dig_LDADD = $(MBEDTLS_LIBS) $(OPENSSL_LIBS) +nsec3dig_LDFLAGS = $(AM_LDFLAGS) $(OPENSSL_LDFLAGS) if PKCS11 nsec3dig_SOURCES += pkcs11signers.cc pkcs11signers.hh @@ -657,7 +670,6 @@ toysdig_SOURCES = \ gss_context.cc gss_context.hh \ logger.cc \ mbedtlscompat.hh \ - mbedtlssigners.cc \ misc.cc misc.hh \ nsecrecords.cc \ qtype.cc \ @@ -671,7 +683,9 @@ toysdig_SOURCES = \ validate.cc validate.hh -toysdig_LDADD = $(MBEDTLS_LIBS) +toysdig_LDFLAGS = $(AM_LDFLAGS) +toysdig_LDADD = + if GSS_TSIG toysdig_LDADD += $(GSS_LIBS) endif @@ -686,6 +700,17 @@ toysdig_SOURCES += pkcs11signers.cc pkcs11signers.hh toysdig_LDADD += $(P11KIT1_LIBS) endif +if MBEDTLS +toysdig_SOURCES += mbedtlssigners.cc mbedtlscompat.hh +toysdig_LDADD += $(MBEDTLS_LIBS) +endif + +if OPENSSL +toysdig_SOURCES += opensslsigners.cc opensslsigners.hh +toysdig_LDADD += $(OPENSSL_LIBS) +toysdig_LDFLAGS += $(OPENSSL_LDFLAGS) +endif + tsig_tests_SOURCES = \ arguments.cc \ @@ -714,7 +739,8 @@ tsig_tests_SOURCES = \ tsig-tests.cc \ unix_utility.cc -tsig_tests_LDADD = $(MBEDTLS_LIBS) +tsig_tests_LDADD = $(MBEDTLS_LIBS) $(OPENSSL_LIBS) +tsig_tests_LDFLAGS = $(AM_LDFLAGS) $(OPENSSL_LDFLAGS) if PKCS11 tsig_tests_SOURCES += pkcs11signers.cc pkcs11signers.hh @@ -724,6 +750,7 @@ endif if GSS_TSIG tsig_tests_LDADD += $(GSS_LIBS) endif + speedtest_SOURCES = \ base32.cc \ base64.cc base64.hh \ @@ -743,7 +770,8 @@ speedtest_SOURCES = \ statbag.cc \ unix_utility.cc -speedtest_LDADD = $(MBEDTLS_LIBS) \ +speedtest_LDFLAGS = $(AM_LDFLAGS) $(OPENSSL_LDFLAGS) +speedtest_LDADD = $(MBEDTLS_LIBS) $(OPENSSL_LIBS) \ $(RT_LIBS) dnswasher_SOURCES = \ @@ -780,10 +808,12 @@ dnsbulktest_SOURCES = \ dnsbulktest_LDFLAGS = \ $(AM_LDFLAGS) \ + $(OPENSSL_LDFLAGS) \ $(BOOST_PROGRAM_OPTIONS_LDFLAGS) dnsbulktest_LDADD = \ $(MBEDTLS_LIBS) \ + $(OPENSSL_LIBS) \ $(BOOST_PROGRAM_OPTIONS_LIBS) dnsscan_SOURCES = \ @@ -808,7 +838,11 @@ dnsscan_SOURCES = \ unix_utility.cc \ utility.hh -dnsscan_LDADD = $(MBEDTLS_LIBS) +dnsscan_LDFLAGS = \ + $(AM_LDFLAGS) \ + $(OPENSSL_LDFLAGS) + +dnsscan_LDADD = $(MBEDTLS_LIBS) $(OPENSSL_LIBS) dnsreplay_SOURCES = \ anadns.hh \ @@ -834,10 +868,12 @@ dnsreplay_SOURCES = \ dnsreplay_LDFLAGS = \ $(AM_LDFLAGS) \ + $(OPENSSL_LDFLAGS) \ $(BOOST_PROGRAM_OPTIONS_LDFLAGS) dnsreplay_LDADD = \ $(MBEDTLS_LIBS) \ + $(OPENSSL_LIBS) \ $(BOOST_PROGRAM_OPTIONS_LIBS) nproxy_SOURCES = \ @@ -863,10 +899,12 @@ nproxy_SOURCES = \ nproxy_LDFLAGS = \ $(AM_LDFLAGS) \ + $(OPENSSL_LDFLAGS) \ $(BOOST_PROGRAM_OPTIONS_LDFLAGS) nproxy_LDADD = \ $(MBEDTLS_LIBS) \ + $(OPENSSL_LIBS) \ $(BOOST_PROGRAM_OPTIONS_LIBS) notify_SOURCES = \ @@ -893,10 +931,12 @@ notify_SOURCES = \ notify_LDFLAGS = \ $(AM_LDFLAGS) \ + $(OPENSSL_LDFLAGS) \ $(BOOST_PROGRAM_OPTIONS_LDFLAGS) notify_LDADD = \ $(MBEDTLS_LIBS) \ + $(OPENSSL_LIBS) \ $(BOOST_PROGRAM_OPTIONS_LIBS) dnsscope_SOURCES = \ @@ -924,10 +964,12 @@ dnsscope_SOURCES = \ dnsscope_LDFLAGS = \ $(AM_LDFLAGS) \ + $(OPENSSL_LDFLAGS) \ $(BOOST_PROGRAM_OPTIONS_LDFLAGS) dnsscope_LDADD = \ $(MBEDTLS_LIBS) \ + $(OPENSSL_LIBS) \ $(BOOST_PROGRAM_OPTIONS_LIBS) dnsgram_SOURCES = \ @@ -951,7 +993,13 @@ dnsgram_SOURCES = \ unix_utility.cc \ utility.hh -dnsgram_LDADD = $(MBEDTLS_LIBS) +dnsgram_LDFLAGS = \ + $(AM_LDFLAGS) \ + $(OPENSSL_LDFLAGS) + +dnsgram_LDADD = \ + $(MBEDTLS_LIBS) \ + $(OPENSSL_LIBS) dnsdemog_SOURCES = \ base32.cc \ @@ -974,7 +1022,13 @@ dnsdemog_SOURCES = \ unix_utility.cc \ utility.hh -dnsdemog_LDADD = $(MBEDTLS_LIBS) +dnsdemog_LDFLAGS = \ + $(AM_LDFLAGS) \ + $(OPENSSL_LDFLAGS) + +dnsdemog_LDADD = \ + $(MBEDTLS_LIBS) \ + $(OPENSSL_LIBS) rec_control_SOURCES = \ arguments.cc arguments.hh \ @@ -1046,10 +1100,12 @@ testrunner_SOURCES = \ testrunner_LDFLAGS = \ $(AM_LDFLAGS) \ + $(OPENSSL_LDFLAGS) \ $(BOOST_UNIT_TEST_FRAMEWORK_LDFLAGS) testrunner_LDADD = \ $(MBEDTLS_LIBS) \ + $(OPENSSL_LIBS) \ $(BOOST_UNIT_TEST_FRAMEWORK_LIBS) \ $(RT_LIBS) \ $(LIBDL) @@ -1082,7 +1138,6 @@ pdns_recursor_SOURCES = \ lua-recursor4.cc lua-recursor4.hh \ lwres.cc lwres.hh \ mbedtlscompat.hh \ - mbedtlssigners.cc \ misc.cc \ mtasker.hh \ nsecrecords.cc \ @@ -1118,10 +1173,11 @@ pdns_recursor_SOURCES = \ zoneparser-tng.cc zoneparser-tng.hh pdns_recursor_LDADD = \ - $(MBEDTLS_LIBS) \ $(YAHTTP_LIBS) \ $(JSON11_LIBS) +pdns_recursor_LDFLAGS = $(AM_LDFLAGS) + if PKCS11 pdns_recursor_SOURCES += pkcs11signers.cc pkcs11signers.hh pdns_recursor_LDADD += $(P11KIT1_LIBS) @@ -1132,8 +1188,16 @@ pdns_recursor_SOURCES += botan110signers.cc botansigners.cc pdns_recursor_LDADD += $(BOTAN110_LIBS) endif +if MBEDTLS +pdns_recursor_SOURCES += mbedtlssigners.cc mbedtlscompat.hh +pdns_recursor_LDADD += $(MBEDTLS_LIBS) +endif -pdns_recursor_LDFLAGS = $(AM_LDFLAGS) +if OPENSSL +pdns_recursor_SOURCES += opensslsigners.cc opensslsigners.hh +pdns_recursor_LDADD += $(OPENSSL_LIBS) +pdns_recursor_LDFLAGS += $(OPENSSL_LDFLAGS) +endif if MALLOC_TRACE pdns_recursor_SOURCES += malloctrace.cc malloctrace.hh @@ -1209,14 +1273,16 @@ nodist_dnsdist_SOURCES = \ ../ext/json11/json11.cpp dnsdist_LDFLAGS = \ - $(AM_LDFLAGS) + $(AM_LDFLAGS) \ + $(OPENSSL_LDFLAGS) dnsdist_LDADD = \ $(LUA_LIBS) \ $(LIBEDIT_LIBS) \ $(RT_LIBS) \ $(YAHTTP_LIBS) \ - $(LIBSODIUM_LIBS) + $(LIBSODIUM_LIBS) \ + $(OPENSSL_LIBS) htmlfiles.h: $(srcdir)/dnsdistdist/html/* $(srcdir)/dnsdistdist/incfiles $(srcdir)/dnsdistdist > $@ diff --git a/pdns/version.cc b/pdns/version.cc index 8bec1d5bc..4fe07c19e 100644 --- a/pdns/version.cc +++ b/pdns/version.cc @@ -27,7 +27,7 @@ #include "version.hh" #ifdef HAVE_MBEDTLS2 #include -#else +#elif defined(HAVE_MBEDTLS) #include #include "mbedtlscompat.hh" #endif @@ -99,6 +99,9 @@ void showBuildConfiguration() #ifdef HAVE_LIBSODIUM "sodium " << #endif +#ifdef HAVE_MBEDTLS + "mbedtls " << +#endif #ifdef HAVE_OPENSSL "openssl " << #endif @@ -119,7 +122,7 @@ void showBuildConfiguration() // Auth only theL()<