@@ -20,7 +20,7 @@
if !WIN32
test_scripts = t_client.sh t_lpback.sh t_cltsrv.sh t_server_null.sh
-check_PROGRAMS = ntlm_support
+check_PROGRAMS = ntlm_support crypto_support
if HAVE_SITNL
test_scripts += t_net.sh
endif
@@ -57,3 +57,15 @@
$(top_srcdir)/src/openvpn/otime.c \
$(top_srcdir)/src/openvpn/packet_id.c \
$(top_srcdir)/src/openvpn/platform.c
+
+crypto_support_CFLAGS = -I$(top_srcdir)/src/openvpn -I$(top_srcdir)/src/compat -I$(top_srcdir)/tests/unit_tests/openvpn -DNO_CMOCKA @TEST_CFLAGS@
+crypto_support_LDFLAGS = @TEST_LDFLAGS@ -L$(top_srcdir)/src/openvpn $(OPTIONAL_CRYPTO_LIBS)
+crypto_support_SOURCES = crypto_support.c \
+ unit_tests/openvpn/mock_msg.c unit_tests/openvpn/mock_msg.h \
+ $(top_srcdir)/src/openvpn/buffer.c \
+ $(top_srcdir)/src/openvpn/crypto.c \
+ $(top_srcdir)/src/openvpn/crypto_openssl.c \
+ $(top_srcdir)/src/openvpn/crypto_mbedtls.c \
+ $(top_srcdir)/src/openvpn/otime.c \
+ $(top_srcdir)/src/openvpn/packet_id.c \
+ $(top_srcdir)/src/openvpn/platform.c
new file mode 100644
@@ -0,0 +1,60 @@
+/*
+ * OpenVPN -- An application to securely tunnel IP networks
+ * over a single UDP port, with support for SSL/TLS-based
+ * session authentication and key exchange,
+ * packet encryption, packet authentication, and
+ * packet compression.
+ *
+ * Copyright (C) 2023-2024 OpenVPN Inc <sales@openvpn.net>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include "config.h"
+#endif
+
+#include "syshead.h"
+
+#include "crypto.h"
+#include "error.h"
+
+#include <string.h>
+
+int
+main(int argc, char *argv[])
+{
+#if defined(ENABLE_CRYPTO_OPENSSL)
+ crypto_load_provider("legacy");
+ crypto_load_provider("default");
+#endif
+ if (argc <= 2)
+ {
+ msg(M_FATAL, "Usage: ./crypto_support (cipher|digest) <name>");
+ }
+ if (strcmp(argv[1], "digest") == 0)
+ {
+ if (!md_valid(argv[2]))
+ {
+ msg(M_FATAL, "digest %s not supported", argv[2]);
+ }
+ }
+ else if (strcmp(argv[1], "cipher") == 0)
+ {
+ if (!cipher_valid(argv[2]))
+ {
+ msg(M_FATAL, "cipher %s not supported", argv[2]);
+ }
+ }
+}
Attention is currently required from: plaisthos. Hello plaisthos, I'd like you to do a code review. Please visit http://gerrit.openvpn.net/c/openvpn/+/752?usp=email to review the following change. Change subject: tests: Allow to test for arbitrary ciphers and digests ...................................................................... tests: Allow to test for arbitrary ciphers and digests Add program crypto_support that is more generic than ntlm_support. First intended usage is to test for availability of BF-CBC in t_client.sh. Change-Id: I6fe225db807626a79a160132ee05897554695597 Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com> --- M tests/Makefile.am A tests/crypto_support.c 2 files changed, 73 insertions(+), 1 deletion(-) git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/52/752/1