diff options
author | Denys Vlasenko | 2018-12-10 16:14:58 +0100 |
---|---|---|
committer | Denys Vlasenko | 2018-12-10 16:14:58 +0100 |
commit | 71fa5b0a4c3cce55460de2f6d49e3a4a63f1b933 (patch) | |
tree | b3fd3e6b7ab5315852d9530f2e930159ea860852 /networking/Config.src | |
parent | dafbc2cdb8825ed36a25f9a6275d5226f35d3bd3 (diff) | |
download | busybox-71fa5b0a4c3cce55460de2f6d49e3a4a63f1b933.zip busybox-71fa5b0a4c3cce55460de2f6d49e3a4a63f1b933.tar.gz |
tls: introduce FEATURE_TLS_SHA1 to make SHA1 code optional
When disabled:
function old new delta
xwrite_encrypted 580 579 -1
prf_hmac_sha256 222 217 -5
hmac_begin 158 149 -9
static.ciphers 32 20 -12
tls_handshake 2115 2095 -20
hmac 87 61 -26
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 0/6 up/down: 0/-73) Total: -73 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Diffstat (limited to 'networking/Config.src')
-rw-r--r-- | networking/Config.src | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/networking/Config.src b/networking/Config.src index 2ce5287..04d644b 100644 --- a/networking/Config.src +++ b/networking/Config.src @@ -46,6 +46,17 @@ config VERBOSE_RESOLUTION_ERRORS "can't resolve 'hostname.com'" and want to know more. This may increase size of your executable a bit. +config FEATURE_TLS_SHA1 + bool "In TLS code, support ciphers which use deprecated SHA1" + depends on TLS + default n + help + Selecting this option increases interoperability with very old + servers, but slightly increases code size. + + Most TLS servers support SHA256 today (2018), since SHA1 is + considered possibly insecure (although not yet definitely broken). + INSERT source networking/udhcp/Config.in |