package/mbedtls: make compression support a config option - buildroot

diff options

author	Jörg Krause <joerg.krause@embedded.rocks>	2017-02-06 21:01:23 +0100
committer	Peter Korsgaard <peter@korsgaard.com>	2017-02-06 22:20:32 +0100
commit	896ae3f9616d124c934f09d14de8cdc61ef0cec4 (patch)
tree	4d5903ca7fc0bd4ae2793c3588aff51a9312f551 /package/python-pyqt5/python-pyqt5.mk
parent	3baf8217ed760f75ff5eb224a9711ec48a36ac02 (diff)
download	buildroot-896ae3f9616d124c934f09d14de8cdc61ef0cec4.tar.gz buildroot-896ae3f9616d124c934f09d14de8cdc61ef0cec4.zip

package/mbedtls: make compression support a config option

Enabling TLS compression may make mbedTLS vulnerable to the CRIME attack [1]. It should not be enabled unless is is sure CRIME and similar attacks are not applicable to the particulare situation. As zlib is probably enabled in most systems, the user might end up with a vulnerable system without knowing. So, instead of enabling compression support if the zlib package is available, we make the compression support a config option. This way, the user has to explicitly enable compression support and is warned by the help text about the risk. [1] https://tls.mbed.org/kb/how-to/deflate-compression-in-ssl-tls Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

Diffstat (limited to 'package/python-pyqt5/python-pyqt5.mk')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: