Remove option to disable crypto engine

With this patch we remove the possibility to disable the crypto engine
(ENABLE_CRYPTO define) at configuration time.

[--disable-crypto has been removed from .travis.yml too]

Signed-off-by: Antonio Quartulli <a@unstable.cc>
Acked-by: Steffan Karger <steffan.karger@fox-it.com>
Message-Id: <20171203124952.15220-1-a@unstable.cc>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg15979.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>

diff --git a/.travis.yml b/.travis.yml
index 366e6599079fd4f4a96741405976ae9b09654e4a..1f669b304cbd48c24c8bdfdbfc4e99f75627fb61 100644 (file)
--- a/.travis.yml
+++ b/.travis.yml
@@ -59,10 +59,7 @@ matrix:
     - env: SSLLIB="openssl" CHOST=i686-w64-mingw32
       os: linux
       compiler: ": Win32 build only"
-    - env: SSLLIB="openssl" EXTRA_CONFIG="--disable-crypto" EXTRA_SCRIPT="make distcheck"
-      os: linux
-      compiler: clang
-    - env: SSLLIB="openssl" EXTRA_CONFIG="--disable-lzo"
+    - env: SSLLIB="openssl" EXTRA_CONFIG="--disable-lzo" EXTRA_SCRIPT="make distcheck"
       os: linux
       compiler: clang
     - env: SSLLIB="openssl" EXTRA_CONFIG="--enable-small"

diff --git a/config-msvc.h b/config-msvc.h
index 0bb153dfc14028ced593e47af92ecaf18ca68ef9..8be9195f08fb3344718e633bdb87f66a2d05fd37 100644 (file)
--- a/config-msvc.h
+++ b/config-msvc.h
@@ -4,7 +4,6 @@
 
 #define ENABLE_DEF_AUTH 1
 #define ENABLE_PF 1
-#define ENABLE_CRYPTO 1
 #define ENABLE_CRYPTO_OPENSSL 1
 #define ENABLE_DEBUG 1
 #define ENABLE_EUREPHIA 1

diff --git a/configure.ac b/configure.ac
index acfddb221da86745b9281eed7f01771e2d319b95..b4fd1b3f8ad242e865e134568e5a88c6b1c27cf7 100644 (file)
--- a/configure.ac
+++ b/configure.ac
@@ -77,13 +77,6 @@ AC_ARG_ENABLE(comp-stub,
        [enable_comp_stub="no"]
 )
 
-AC_ARG_ENABLE(
-       [crypto],
-       [AS_HELP_STRING([--disable-crypto], [disable crypto support @<:@default=yes@:>@])],
-       ,
-       [enable_crypto="yes"]
-)
-
 AC_ARG_ENABLE(
        [ofb-cfb],
        [AS_HELP_STRING([--disable-ofb-cfb], [disable support for OFB and CFB cipher modes @<:@default=yes@:>@])],
@@ -843,7 +836,7 @@ PKG_CHECK_MODULES(
        []
 )
 
-if test "${enable_crypto}" = "yes" -a "${with_crypto_library}" = "openssl"; then
+if test "${with_crypto_library}" = "openssl"; then
        AC_ARG_VAR([OPENSSL_CFLAGS], [C compiler flags for OpenSSL])
        AC_ARG_VAR([OPENSSL_LIBS], [linker flags for OpenSSL])
 
@@ -958,11 +951,10 @@ if test "${enable_crypto}" = "yes" -a "${with_crypto_library}" = "openssl"; then
        CFLAGS="${saved_CFLAGS}"
        LIBS="${saved_LIBS}"
 
-       have_crypto="yes"
        AC_DEFINE([ENABLE_CRYPTO_OPENSSL], [1], [Use OpenSSL library])
        CRYPTO_CFLAGS="${OPENSSL_CFLAGS}"
        CRYPTO_LIBS="${OPENSSL_LIBS}"
-elif test "${enable_crypto}" = "yes" -a "${with_crypto_library}" = "mbedtls"; then
+elif test "${with_crypto_library}" = "mbedtls"; then
        AC_ARG_VAR([MBEDTLS_CFLAGS], [C compiler flags for mbedtls])
        AC_ARG_VAR([MBEDTLS_LIBS], [linker flags for mbedtls])
 
@@ -1041,11 +1033,10 @@ elif test "${enable_crypto}" = "yes" -a "${with_crypto_library}" = "mbedtls"; th
 
        CFLAGS="${saved_CFLAGS}"
        LIBS="${saved_LIBS}"
-       have_crypto="yes"
        AC_DEFINE([ENABLE_CRYPTO_MBEDTLS], [1], [Use mbed TLS library])
        CRYPTO_CFLAGS="${MBEDTLS_CFLAGS}"
        CRYPTO_LIBS="${MBEDTLS_LIBS}"
-elif test "${enable_crypto}" = "yes"; then
+else
        AC_MSG_ERROR([Invalid crypto library: ${with_crypto_library}])
 fi
 
@@ -1245,14 +1236,10 @@ test "${enable_def_auth}" = "yes" && AC_DEFINE([ENABLE_DEF_AUTH], [1], [Enable d
 test "${enable_pf}" = "yes" && AC_DEFINE([ENABLE_PF], [1], [Enable internal packet filter])
 test "${enable_strict_options}" = "yes" && AC_DEFINE([ENABLE_STRICT_OPTIONS_CHECK], [1], [Enable strict options check between peers])
 
-if test "${enable_crypto}" = "yes"; then
-       test "${have_crypto}" != "yes" && AC_MSG_ERROR([${with_crypto_library} crypto is required but missing])
-       test "${enable_crypto_ofb_cfb}" = "yes" && AC_DEFINE([ENABLE_OFB_CFB_MODE], [1], [Enable OFB and CFB cipher modes])
-       test "${have_crypto_aead_modes}" = "yes" && AC_DEFINE([HAVE_AEAD_CIPHER_MODES], [1], [Use crypto library])
-       OPTIONAL_CRYPTO_CFLAGS="${OPTIONAL_CRYPTO_CFLAGS} ${CRYPTO_CFLAGS}"
-       OPTIONAL_CRYPTO_LIBS="${OPTIONAL_CRYPTO_LIBS} ${CRYPTO_LIBS}"
-       AC_DEFINE([ENABLE_CRYPTO], [1], [Enable crypto library])
-fi
+test "${enable_crypto_ofb_cfb}" = "yes" && AC_DEFINE([ENABLE_OFB_CFB_MODE], [1], [Enable OFB and CFB cipher modes])
+test "${have_crypto_aead_modes}" = "yes" && AC_DEFINE([HAVE_AEAD_CIPHER_MODES], [1], [Use crypto library])
+OPTIONAL_CRYPTO_CFLAGS="${OPTIONAL_CRYPTO_CFLAGS} ${CRYPTO_CFLAGS}"
+OPTIONAL_CRYPTO_LIBS="${OPTIONAL_CRYPTO_LIBS} ${CRYPTO_LIBS}"
 
 if test "${enable_plugins}" = "yes"; then
        OPTIONAL_DL_LIBS="${DL_LIBS}"
@@ -1292,7 +1279,6 @@ fi
 
 if test "${enable_pkcs11}" = "yes"; then
        test "${have_pkcs11_helper}" != "yes" && AC_MSG_ERROR([PKCS11 enabled but libpkcs11-helper is missing])
-       test "${enable_crypto}" != "yes" && AC_MSG_ERROR([PKCS11 can be enabled only if crypto is enabled])
        OPTIONAL_PKCS11_HELPER_CFLAGS="${PKCS11_HELPER_CFLAGS}"
        OPTIONAL_PKCS11_HELPER_LIBS="${PKCS11_HELPER_LIBS}"
        AC_DEFINE([ENABLE_PKCS11], [1], [Enable PKCS11])
@@ -1372,7 +1358,6 @@ AM_CONDITIONAL([WIN32], [test "${WIN32}" = "yes"])
 AM_CONDITIONAL([GIT_CHECKOUT], [test "${GIT_CHECKOUT}" = "yes"])
 AM_CONDITIONAL([ENABLE_PLUGIN_AUTH_PAM], [test "${enable_plugin_auth_pam}" = "yes"])
 AM_CONDITIONAL([ENABLE_PLUGIN_DOWN_ROOT], [test "${enable_plugin_down_root}" = "yes"])
-AM_CONDITIONAL([ENABLE_CRYPTO], [test "${enable_crypto}" = "yes"])
 AM_CONDITIONAL([HAVE_LD_WRAP_SUPPORT], [test "${have_ld_wrap_support}" = "yes"])
 
 sampledir="\$(docdir)/sample"

diff --git a/doc/doxygen/openvpn.doxyfile.in b/doc/doxygen/openvpn.doxyfile.in
index bb56fff4a176aeb782b1168a130fa674b373904e..d9e9ed08b2e1a8f05711a9faf8007ffe2970ccb6 100644 (file)
--- a/doc/doxygen/openvpn.doxyfile.in
+++ b/doc/doxygen/openvpn.doxyfile.in
@@ -235,7 +235,7 @@ EXPAND_ONLY_PREDEF     = NO
 SEARCH_INCLUDES        = YES
 INCLUDE_PATH           =
 INCLUDE_FILE_PATTERNS  =
-PREDEFINED             = _WIN32 NTLM USE_LZO ENABLE_FRAGMENT P2MP P2MP_SERVER ENABLE_CRYPTO ENABLE_CRYPTO_OPENSSL ENABLE_PLUGIN ENABLE_MANAGEMENT ENABLE_OCC HAVE_GETTIMEOFDAY
+PREDEFINED             = _WIN32 NTLM USE_LZO ENABLE_FRAGMENT P2MP P2MP_SERVER ENABLE_CRYPTO_OPENSSL ENABLE_PLUGIN ENABLE_MANAGEMENT ENABLE_OCC HAVE_GETTIMEOFDAY
 EXPAND_AS_DEFINED      =
 SKIP_FUNCTION_MACROS   = YES
 #---------------------------------------------------------------------------

diff --git a/sample/sample-plugins/keying-material-exporter-demo/keyingmaterialexporter.c b/sample/sample-plugins/keying-material-exporter-demo/keyingmaterialexporter.c
index c4839077b26195894cb759ae1ccd4b53cebd8e3f..8ee78c5376c6429a20d07be042f937278a39bb8a 100644 (file)
--- a/sample/sample-plugins/keying-material-exporter-demo/keyingmaterialexporter.c
+++ b/sample/sample-plugins/keying-material-exporter-demo/keyingmaterialexporter.c
@@ -27,8 +27,6 @@
  * See the README file for build instructions.
  */
 
-#define ENABLE_CRYPTO
-
 #include <stdio.h>
 #include <string.h>
 #include <stdlib.h>

diff --git a/sample/sample-plugins/log/log_v3.c b/sample/sample-plugins/log/log_v3.c
index 98d80d95aa864f43df9e14577f777517ecd42276..3ff802907496c26132c6ab845746c13ce4957529 100644 (file)
--- a/sample/sample-plugins/log/log_v3.c
+++ b/sample/sample-plugins/log/log_v3.c
@@ -35,8 +35,6 @@
 #include <string.h>
 #include <stdlib.h>
 
-#define ENABLE_CRYPTO
-
 #include "openvpn-plugin.h"
 
 /*

diff --git a/tests/Makefile.am b/tests/Makefile.am
index 0795680c222751e88efcdd706a1e04f549776aa8..53313de4bfc047bd53e0564f929bf876cf2399a8 100644 (file)
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -15,9 +15,7 @@ MAINTAINERCLEANFILES = \
 SUBDIRS = unit_tests
 
 test_scripts = t_client.sh
-if ENABLE_CRYPTO
 test_scripts += t_lpback.sh t_cltsrv.sh
-endif
 
 TESTS_ENVIRONMENT = top_srcdir="$(top_srcdir)"
 TESTS = $(test_scripts)