Define new default plugins

diff --git a/configure.ac b/configure.ac
index 81906acfc5afca7bae9d0ac907f1cd7bc5cd7551..b91c3954e8061f223f3d644ef0773490a23dc033 100644 (file)
--- a/configure.ac
+++ b/configure.ac
@@ -132,7 +132,7 @@ AC_SUBST(ipsec_script_upper, [`echo -n "$ipsec_script" | tr a-z A-Z`])
 m4_include(m4/macros/enable-disable.m4)
 
 # crypto plugins
-ARG_DISBL_SET([aes],            [disable AES software implementation plugin.])
+ARG_ENABL_SET([aes],            [enable AES software implementation plugin.])
 ARG_ENABL_SET([af-alg],         [enable AF_ALG crypto interface to Linux Crypto API.])
 ARG_ENABL_SET([blowfish],       [enable Blowfish software implementation plugin.])
 ARG_ENABL_SET([botan],          [enables the Botan crypto plugin.])
@@ -140,29 +140,29 @@ ARG_ENABL_SET([ccm],            [enables the CCM AEAD wrapper crypto plugin.])
 ARG_ENABL_SET([chapoly],        [enables the ChaCha20/Poly1305 AEAD plugin.])
 ARG_DISBL_SET([cmac],           [disable CMAC crypto implementation plugin.])
 ARG_ENABL_SET([ctr],            [enables the Counter Mode wrapper crypto plugin.])
-ARG_DISBL_SET([des],            [disable DES/3DES software implementation plugin.])
+ARG_ENABL_SET([des],            [enable DES/3DES software implementation plugin.])
 ARG_DISBL_SET([drbg],           [disable the NIST Deterministic Random Bit Generator plugin.])
-ARG_DISBL_SET([fips-prf],       [disable FIPS PRF software implementation plugin.])
-ARG_DISBL_SET([gcm],            [disable the GCM AEAD wrapper crypto plugin.])
+ARG_ENABL_SET([fips-prf],       [enable FIPS PRF software implementation plugin.])
+ARG_ENABL_SET([gcm],            [enable the GCM AEAD wrapper crypto plugin.])
 ARG_ENABL_SET([gcrypt],         [enables the libgcrypt plugin.])
-ARG_DISBL_SET([gmp],            [disable GNU MP (libgmp) based crypto implementation plugin.])
-ARG_DISBL_SET([curve25519],     [disable Curve25519 Diffie-Hellman plugin.])
-ARG_DISBL_SET([hmac],           [disable HMAC crypto implementation plugin.])
+ARG_ENABL_SET([gmp],            [enable GNU MP (libgmp) based crypto implementation plugin.])
+ARG_ENABL_SET([curve25519],     [enable Curve25519 Diffie-Hellman plugin.])
+ARG_ENABL_SET([hmac],           [enable HMAC crypto implementation plugin.])
 ARG_DISBL_SET([kdf],            [disable KDF (prf+) implementation plugin.])
 ARG_ENABL_SET([md4],            [enable MD4 software implementation plugin.])
-ARG_DISBL_SET([md5],            [disable MD5 software implementation plugin.])
+ARG_ENABL_SET([md5],            [enable MD5 software implementation plugin.])
 ARG_ENABL_SET([mgf1],           [enable the MGF1 software implementation plugin.])
 ARG_ENABL_SET([ml],             [enable Module-Lattice-based crypto (ML-KEM) plugin.])
 ARG_DISBL_SET([nonce],          [disable nonce generation plugin.])
-ARG_ENABL_SET([openssl],        [enables the OpenSSL crypto plugin.])
+ARG_DISBL_SET([openssl],        [disable the OpenSSL crypto plugin.])
 ARG_ENABL_SET([wolfssl],        [enables the wolfSSL crypto plugin.])
 ARG_ENABL_SET([padlock],        [enables VIA Padlock crypto plugin.])
 ARG_DISBL_SET([random],         [disable RNG implementation on top of /dev/(u)random.])
-ARG_DISBL_SET([rc2],            [disable RC2 software implementation plugin.])
+ARG_ENABL_SET([rc2],            [enable RC2 software implementation plugin.])
 ARG_ENABL_SET([rdrand],         [enable Intel RDRAND random generator plugin.])
 ARG_ENABL_SET([aesni],          [enable Intel AES-NI crypto plugin.])
-ARG_DISBL_SET([sha1],           [disable SHA1 software implementation plugin.])
-ARG_DISBL_SET([sha2],           [disable SHA256/SHA384/SHA512 software implementation plugin.])
+ARG_ENABL_SET([sha1],           [enable SHA1 software implementation plugin.])
+ARG_ENABL_SET([sha2],           [enable SHA256/SHA384/SHA512 software implementation plugin.])
 ARG_ENABL_SET([sha3],           [enable SHA3_224/SHA3_256/SHA3_384/SHA3_512 software implementation plugin.])
 ARG_DISBL_SET([xcbc],           [disable xcbc crypto implementation plugin.])
 # encoding/decoding plugins
@@ -172,7 +172,7 @@ ARG_DISBL_SET([pgp],            [disable PGP key decoding plugin.])
 ARG_DISBL_SET([pkcs1],          [disable PKCS1 key decoding plugin.])
 ARG_DISBL_SET([pkcs7],          [disable PKCS7 container support plugin.])
 ARG_DISBL_SET([pkcs8],          [disable PKCS8 private key decoding plugin.])
-ARG_DISBL_SET([pkcs12],         [disable PKCS12 container support plugin.])
+ARG_ENABL_SET([pkcs12],         [enable PKCS12 container support plugin.])
 ARG_DISBL_SET([pubkey],         [disable RAW public key support plugin.])
 ARG_DISBL_SET([sshkey],         [disable SSH key decoding plugin.])
 ARG_DISBL_SET([x509],           [disable X509 certificate implementation plugin.])
@@ -235,7 +235,7 @@ ARG_DISBL_SET([socket-default], [disable default socket implementation for charo
 ARG_ENABL_SET([socket-dynamic], [enable dynamic socket implementation for charon])
 ARG_ENABL_SET([socket-win],     [enable Winsock2 based socket implementation for charon])
 # configuration/control plugins
-ARG_DISBL_SET([stroke],         [disable charons stroke configuration backend.])
+ARG_ENABL_SET([stroke],         [enable the stroke configuration backend.])
 ARG_ENABL_SET([smp],            [enable SMP configuration and control interface. Requires libxml.])
 ARG_ENABL_SET([sql],            [enable SQL database configuration backend.])
 ARG_ENABL_SET([uci],            [enable OpenWRT UCI configuration plugin.])
@@ -468,6 +468,10 @@ if test x$fips_prf = xtrue; then
        fi
 fi
 
+if test x$pkcs12 = xtrue; then
+       rc2=true;
+fi
+
 if test x$swanctl = xtrue; then
        vici=true
 fi

diff --git a/scripts/test.sh b/scripts/test.sh
index 9125fb0c23166747eb58e6c9c64bf65e43eb1e8c..eac736205c818793308fc99f8805097221633ec9 100755 (executable)
--- a/scripts/test.sh
+++ b/scripts/test.sh
@@ -214,6 +214,9 @@ case "$TEST" in
 default)
        # should be the default, but lets make sure
        CONFIG="--with-printf-hooks=glibc"
+       if system_uses_openssl3; then
+               prepare_system_openssl $1
+       fi
        ;;
 openssl*)
        CONFIG="--disable-defaults --enable-pki --enable-openssl --enable-pem --enable-drbg"
@@ -253,6 +256,9 @@ wolfssl)
        ;;
 printf-builtin)
        CONFIG="--with-printf-hooks=builtin"
+       if system_uses_openssl3; then
+               prepare_system_openssl $1
+       fi
        ;;
 all|alpine|codeql|coverage|sonarcloud|no-dbg)
        if [ "$TEST" = "sonarcloud" ]; then

diff --git a/testing/scripts/recipes/013_strongswan.mk b/testing/scripts/recipes/013_strongswan.mk
index bae143e3720fbc2e5c045e2d9f3b8ae6705b5c65..acc4ded813ddd203d64e6f1b0c1b50d49522833a 100644 (file)
--- a/testing/scripts/recipes/013_strongswan.mk
+++ b/testing/scripts/recipes/013_strongswan.mk
@@ -64,7 +64,6 @@ CONFIG_OPTS = \
        --enable-attr-sql \
        --enable-mediation \
        --enable-botan \
-       --enable-openssl \
        --enable-blowfish \
        --enable-kernel-pfkey \
        --enable-integrity-test \
@@ -82,14 +81,14 @@ CONFIG_OPTS = \
        --enable-ctr \
        --enable-ccm \
        --enable-gcm \
-       --enable-cmac \
+       --enable-hmac \
        --enable-chapoly \
        --enable-ha \
        --enable-af-alg \
        --enable-whitelist \
        --enable-xauth-generic \
        --enable-xauth-eap \
-       --enable-pkcs8 \
+       --enable-pkcs12 \
        --enable-unity \
        --enable-unbound \
        --enable-ipseckey \
@@ -98,9 +97,17 @@ CONFIG_OPTS = \
        --enable-cmd \
        --enable-libipsec \
        --enable-kernel-libipsec \
+       --enable-stroke \
        --enable-tkm \
        --enable-lookip \
+       --enable-des \
+       --enable-aes \
+       --enable-md5 \
+       --enable-sha1 \
+       --enable-sha2 \
        --enable-sha3 \
+       --enable-gmp \
+       --enable-curve25519 \
        --enable-systemd \
        --enable-counters \
        --enable-save-keys \