[OE-core] [PATCH 0/2] Introduce a distro feature openssl-no-weak-ciphers
Kang Kai
Kai.Kang at windriver.com
Tue Jul 18 02:09:47 UTC 2017
On 2017年07月17日 21:20, Alexander Kanavin wrote:
> On 07/05/2017 10:58 AM, kai.kang at windriver.com wrote:
>
>> Introduce a distro feature openssl-no-weak-ciphers to make openssl
>> disable weak
>> ciphers support, including:
>>
>> * des
>> * ec
>> * ecdh
>> * ecdsa
>> * md2
>> * mdc2
>
> How are those handled in openssl 1.1? If they are disabled by default,
> then maybe the whole distro feature is not needed when 1.1 is in oe-core.
It depends on whether all the packages which depends on openssl in Yocto
have options to disable such weak ciphers. I am afraid it could not build
some packages if disable these weak ciphers by default.
Thanks,
Kai
>
> Alex
>
>
> Alex
>
--
Regards,
Neil | Kai Kang
More information about the Openembedded-core
mailing list