[OpenWrt-Devel] [PATCH 2/4] openssl: disable srp

[Etienne Champetier]

HI
This patch serie is only suggestion,
except for disabling sslv2 (sslv3 is dead so sslv2 ...)

2014-10-22 21:50 GMT+02:00 Karl P <karlp at tweak.net.au>:

> Please no on this one?  SRP is great, and it's never going to be used if
> it keeps getting turned off.  If you're going to use openssl, you're
> already choosing the "big" package, can we keep it at least mostly
> featureful?
>
> I've been using TLS-PSK, but I'd rather use SRP.  (No, I'm not using it
> now)
>
>
>
> On 10/22/2014 07:28 PM, Etienne CHAMPETIER wrote:
>
>> this saves 10kb on libssl and 5kb on openssl-util
>>
>> Signed-off-by: Etienne CHAMPETIER <champetier.etienne at gmail.com>
>> ---
>>   package/libs/openssl/Makefile | 2 +-
>>   1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/package/libs/openssl/Makefile b/package/libs/openssl/
>> Makefile
>> index 707c314..5151707 100644
>> --- a/package/libs/openssl/Makefile
>> +++ b/package/libs/openssl/Makefile
>> @@ -89,7 +89,7 @@ endef
>>
>>   OPENSSL_NO_CIPHERS:= no-idea no-md2 no-mdc2 no-rc5 no-sha0 no-smime \
>>         no-aes192 no-camellia no-ans1 no-krb5
>> -OPENSSL_OPTIONS:= shared no-err no-hw zlib-dynamic no-sse2 no-ssl2
>> +OPENSSL_OPTIONS:= shared no-err no-hw zlib-dynamic no-sse2 no-ssl2 no-srp
>>
>>   ifdef CONFIG_OPENSSL_ENGINE_CRYPTO
>>     OPENSSL_OPTIONS += -DHAVE_CRYPTODEV
>>
>>  _______________________________________________
> openwrt-devel mailing list
> openwrt-devel at lists.openwrt.org
> https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.infradead.org/pipermail/openwrt-devel/attachments/20141023/0adc4892/attachment.htm>
-------------- next part --------------
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel