From 41e8704b484652cf5bbb2b7ecc27feedc3cf0ae1 Mon Sep 17 00:00:00 2001 From: Tim Ruffing Date: Tue, 19 Oct 2021 14:03:01 +0200 Subject: [PATCH] build: Enable some modules by default We don't enable the ECDSA recovery module, because we don't recommend ECDSA recovery for new protocols. In particular, the recovery API is prone to misuse: It invites the caller to forget to check the public key (and the verification function always returns 1). In general, we also don't recommend ordinary ECDSA for new protocols. But disabling the ECDSA functions is not possible because they're not in a module, and let's be honest: disabling ECDSA would mean to ignore reality blatantly. --- configure.ac | 12 ++++++------ doc/CHANGELOG.md | 3 +++ 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/configure.ac b/configure.ac index 1a8eb0d1c0..831cf27ebd 100644 --- a/configure.ac +++ b/configure.ac @@ -155,20 +155,20 @@ AC_ARG_ENABLE(examples, [SECP_SET_DEFAULT([enable_examples], [no], [yes])]) AC_ARG_ENABLE(module_ecdh, - AS_HELP_STRING([--enable-module-ecdh],[enable ECDH module [default=no]]), [], - [SECP_SET_DEFAULT([enable_module_ecdh], [no], [yes])]) + AS_HELP_STRING([--enable-module-ecdh],[enable ECDH module [default=yes]]), [], + [SECP_SET_DEFAULT([enable_module_ecdh], [yes], [yes])]) AC_ARG_ENABLE(module_recovery, AS_HELP_STRING([--enable-module-recovery],[enable ECDSA pubkey recovery module [default=no]]), [], [SECP_SET_DEFAULT([enable_module_recovery], [no], [yes])]) AC_ARG_ENABLE(module_extrakeys, - AS_HELP_STRING([--enable-module-extrakeys],[enable extrakeys module [default=no]]), [], - [SECP_SET_DEFAULT([enable_module_extrakeys], [no], [yes])]) + AS_HELP_STRING([--enable-module-extrakeys],[enable extrakeys module [default=yes]]), [], + [SECP_SET_DEFAULT([enable_module_extrakeys], [yes], [yes])]) AC_ARG_ENABLE(module_schnorrsig, - AS_HELP_STRING([--enable-module-schnorrsig],[enable schnorrsig module [default=no]]), [], - [SECP_SET_DEFAULT([enable_module_schnorrsig], [no], [yes])]) + AS_HELP_STRING([--enable-module-schnorrsig],[enable schnorrsig module [default=yes]]), [], + [SECP_SET_DEFAULT([enable_module_schnorrsig], [yes], [yes])]) AC_ARG_ENABLE(external_default_callbacks, AS_HELP_STRING([--enable-external-default-callbacks],[enable external default callback functions [default=no]]), [], diff --git a/doc/CHANGELOG.md b/doc/CHANGELOG.md index 3c4c2e4583..08c42a2cab 100644 --- a/doc/CHANGELOG.md +++ b/doc/CHANGELOG.md @@ -6,6 +6,9 @@ Each change falls into one of the following categories: Added, Changed, Deprecat ## [Unreleased] +### Changed + - Enable modules schnorrsig, extrakeys and ECDH by default in ./configure + ## [MAJOR.MINOR.PATCH] - YYYY-MM-DD ### Added/Changed/Deprecated/Removed/Fixed/Security