subject:"\[OpenWrt\-Devel\] \[PATCH 1\/4\] openssl\: disable sslv2, add an option to enable sslv3"

Re: [OpenWrt-Devel] [PATCH 1/4] openssl: disable sslv2, add an option to enable sslv3

2014-10-30 Thread Steven Barth

Merged with some modifications.
Thanks.
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel

[OpenWrt-Devel] [PATCH 1/4] openssl: disable sslv2, add an option to enable sslv3

2014-10-22 Thread Etienne CHAMPETIER

disabling sslv2 save 10kb, disabling sslv3 save 1kb more
for now leave sslv3 enable by default

Signed-off-by: Etienne CHAMPETIER champetier.etie...@gmail.com
---
 package/libs/openssl/Config.in |  5 +
 package/libs/openssl/Makefile  | 14 +++---
 2 files changed, 16 insertions(+), 3 deletions(-)

diff --git a/package/libs/openssl/Config.in b/package/libs/openssl/Config.in
index 34eff28..3008eab 100644
--- a/package/libs/openssl/Config.in
+++ b/package/libs/openssl/Config.in
@@ -11,6 +11,11 @@ config OPENSSL_WITH_EC2M
 depends on OPENSSL_WITH_EC
 prompt Enable ec2m support
 
+config OPENSSL_WITH_SSL3
+   bool
+   default y
+   prompt Enable sslv3 support
+
 config OPENSSL_ENGINE_CRYPTO
bool
prompt Crypto acceleration support
diff --git a/package/libs/openssl/Makefile b/package/libs/openssl/Makefile
index b51808b..707c314 100644
--- a/package/libs/openssl/Makefile
+++ b/package/libs/openssl/Makefile
@@ -23,8 +23,12 @@ PKG_MD5SUM:=f7175c9cd3c39bb1907ac8bba9df8ed3
 PKG_LICENSE:=SSLEAY OPENSSL
 PKG_LICENSE_FILES:=LICENSE
 PKG_BUILD_DEPENDS:=ocf-crypto-headers
-PKG_CONFIG_DEPENDS:=CONFIG_OPENSSL_ENGINE_CRYPTO CONFIG_OPENSSL_ENGINE_DIGEST \
-   CONFIG_OPENSSL_WITH_EC CONFIG_OPENSSL_WITH_EC2M
+PKG_CONFIG_DEPENDS:= \
+   CONFIG_OPENSSL_ENGINE_CRYPTO \
+   CONFIG_OPENSSL_ENGINE_DIGEST \
+   CONFIG_OPENSSL_WITH_EC \
+   CONFIG_OPENSSL_WITH_EC2M \
+   CONFIG_OPENSSL_WITH_SSL3
 
 include $(INCLUDE_DIR)/package.mk
 
@@ -85,7 +89,7 @@ endef
 
 OPENSSL_NO_CIPHERS:= no-idea no-md2 no-mdc2 no-rc5 no-sha0 no-smime \
no-aes192 no-camellia no-ans1 no-krb5
-OPENSSL_OPTIONS:= shared no-err no-hw zlib-dynamic no-sse2
+OPENSSL_OPTIONS:= shared no-err no-hw zlib-dynamic no-sse2 no-ssl2
 
 ifdef CONFIG_OPENSSL_ENGINE_CRYPTO
   OPENSSL_OPTIONS += -DHAVE_CRYPTODEV
@@ -104,6 +108,10 @@ ifndef CONFIG_OPENSSL_WITH_EC2M
   OPENSSL_OPTIONS += no-ec2m
 endif
 
+ifndef CONFIG_OPENSSL_WITH_SSL3
+  OPENSSL_OPTIONS += no-ssl3
+endif
+
 ifeq ($(CONFIG_x86_64),y)
   OPENSSL_TARGET:=linux-x86_64
   OPENSSL_MAKEFLAGS += LIBDIR=lib
-- 
1.9.3
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel

Re: [OpenWrt-Devel] [PATCH 1/4] openssl: disable sslv2, add an option to enable sslv3

2014-10-22 Thread Etienne Champetier

2014-10-22 21:28 GMT+02:00 Etienne CHAMPETIER champetier.etie...@gmail.com
:

 disabling sslv2 save 10kb, disabling sslv3 save 1kb more
 for now leave sslv3 enable by default

 Signed-off-by: Etienne CHAMPETIER champetier.etie...@gmail.com
 ---
  package/libs/openssl/Config.in |  5 +
  package/libs/openssl/Makefile  | 14 +++---
  2 files changed, 16 insertions(+), 3 deletions(-)

 ...


Forgot to say, it's only compile tested
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel

Re: [OpenWrt-Devel] [PATCH 1/4] openssl: disable sslv2, add an option to enable sslv3

[OpenWrt-Devel] [PATCH 1/4] openssl: disable sslv2, add an option to enable sslv3

Re: [OpenWrt-Devel] [PATCH 1/4] openssl: disable sslv2, add an option to enable sslv3

3 matches

Site Navigation

Mail list logo

Footer information