OpenWrt – Diff between revs 2 and 3
?pathlinks?
Rev 2 | Rev 3 | |||
---|---|---|---|---|
Line 1... | Line 1... | |||
1 | --- a/include/mbedtls/config.h |
1 | --- a/include/mbedtls/config.h |
|
2 | +++ b/include/mbedtls/config.h |
2 | +++ b/include/mbedtls/config.h |
|
3 | @@ -599,14 +599,14 @@ |
3 | @@ -548,14 +548,14 @@ |
|
4 | * |
4 | * |
|
5 | * Enable Output Feedback mode (OFB) for symmetric ciphers. |
5 | * Enable Output Feedback mode (OFB) for symmetric ciphers. |
|
6 | */ |
6 | */ |
|
7 | -#define MBEDTLS_CIPHER_MODE_OFB |
7 | -#define MBEDTLS_CIPHER_MODE_OFB |
|
8 | +//#define MBEDTLS_CIPHER_MODE_OFB |
8 | +//#define MBEDTLS_CIPHER_MODE_OFB |
|
Line 15... | Line 15... | |||
15 | -#define MBEDTLS_CIPHER_MODE_XTS |
15 | -#define MBEDTLS_CIPHER_MODE_XTS |
|
16 | +//#define MBEDTLS_CIPHER_MODE_XTS |
16 | +//#define MBEDTLS_CIPHER_MODE_XTS |
|
Line 17... | Line 17... | |||
17 | |
17 | |
|
18 | /** |
18 | /** |
|
19 | * \def MBEDTLS_CIPHER_NULL_CIPHER |
19 | * \def MBEDTLS_CIPHER_NULL_CIPHER |
|
20 | @@ -696,19 +696,19 @@ |
20 | @@ -645,19 +645,19 @@ |
|
21 | * |
21 | * |
|
22 | * Comment macros to disable the curve and functions for it |
22 | * Comment macros to disable the curve and functions for it |
|
23 | */ |
23 | */ |
|
24 | -#define MBEDTLS_ECP_DP_SECP192R1_ENABLED |
24 | -#define MBEDTLS_ECP_DP_SECP192R1_ENABLED |
|
Line 44... | Line 44... | |||
44 | -#define MBEDTLS_ECP_DP_CURVE448_ENABLED |
44 | -#define MBEDTLS_ECP_DP_CURVE448_ENABLED |
|
45 | +//#define MBEDTLS_ECP_DP_CURVE448_ENABLED |
45 | +//#define MBEDTLS_ECP_DP_CURVE448_ENABLED |
|
Line 46... | Line 46... | |||
46 | |
46 | |
|
47 | /** |
47 | /** |
|
48 | * \def MBEDTLS_ECP_NIST_OPTIM |
48 | * \def MBEDTLS_ECP_NIST_OPTIM |
|
- | 49 | @@ -682,7 +682,7 @@ |
||
- | 50 | * |
||
- | 51 | * Comment this macro to disable deterministic ECDSA. |
||
- | 52 | */ |
||
- | 53 | -#define MBEDTLS_ECDSA_DETERMINISTIC |
||
- | 54 | +//#define MBEDTLS_ECDSA_DETERMINISTIC |
||
- | 55 | |
||
- | 56 | /** |
||
- | 57 | * \def MBEDTLS_KEY_EXCHANGE_PSK_ENABLED |
||
49 | @@ -810,7 +810,7 @@ |
58 | @@ -735,7 +735,7 @@ |
|
50 | * See dhm.h for more details. |
59 | * See dhm.h for more details. |
|
51 | * |
60 | * |
|
52 | */ |
61 | */ |
|
53 | -#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED |
62 | -#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED |
|
Line 54... | Line 63... | |||
54 | +//#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED |
63 | +//#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED |
|
55 | |
64 | |
|
56 | /** |
65 | /** |
|
57 | * \def MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED |
66 | * \def MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED |
|
58 | @@ -830,7 +830,7 @@ |
67 | @@ -755,7 +755,7 @@ |
|
59 | * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA |
68 | * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA |
|
60 | * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA |
69 | * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA |
|
61 | */ |
70 | */ |
|
Line 62... | Line 71... | |||
62 | -#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED |
71 | -#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED |
|
63 | +//#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED |
72 | +//#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED |
|
64 | |
73 | |
|
65 | /** |
74 | /** |
|
66 | * \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED |
75 | * \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED |
|
67 | @@ -855,7 +855,7 @@ |
76 | @@ -780,7 +780,7 @@ |
|
68 | * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA |
77 | * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA |
|
69 | * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA |
78 | * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA |
|
Line 70... | Line 79... | |||
70 | */ |
79 | */ |
|
71 | -#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED |
80 | -#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED |
|
72 | +//#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED |
81 | +//#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED |
|
73 | |
82 | |
|
74 | /** |
83 | /** |
|
75 | * \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED |
84 | * \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED |
|
76 | @@ -989,7 +989,7 @@ |
85 | @@ -914,7 +914,7 @@ |
|
77 | * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 |
86 | * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 |
|
Line 78... | Line 87... | |||
78 | * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 |
87 | * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 |
|
79 | */ |
88 | */ |
|
80 | -#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED |
89 | -#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED |
|
81 | +//#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED |
90 | +//#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED |
|
82 | |
91 | |
|
83 | /** |
92 | /** |
|
84 | * \def MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED |
93 | * \def MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED |
|
85 | @@ -1013,7 +1013,7 @@ |
94 | @@ -938,7 +938,7 @@ |
|
Line 86... | Line 95... | |||
86 | * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 |
95 | * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 |
|
87 | * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 |
96 | * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 |
|
88 | */ |
97 | */ |
|
89 | -#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED |
98 | -#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED |
|
90 | +//#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED |
99 | +//#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED |
|
91 | |
100 | |
|
92 | /** |
101 | /** |
|
93 | * \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED |
102 | * \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED |
|
Line 94... | Line 103... | |||
94 | @@ -1117,7 +1117,7 @@ |
103 | @@ -1042,7 +1042,7 @@ |
|
95 | * This option is only useful if both MBEDTLS_SHA256_C and |
104 | * This option is only useful if both MBEDTLS_SHA256_C and |
|
96 | * MBEDTLS_SHA512_C are defined. Otherwise the available hash module is used. |
105 | * MBEDTLS_SHA512_C are defined. Otherwise the available hash module is used. |
|
97 | */ |
106 | */ |
|
98 | -//#define MBEDTLS_ENTROPY_FORCE_SHA256 |
107 | -//#define MBEDTLS_ENTROPY_FORCE_SHA256 |
|
99 | +#define MBEDTLS_ENTROPY_FORCE_SHA256 |
108 | +#define MBEDTLS_ENTROPY_FORCE_SHA256 |
|
100 | |
109 | |
|
101 | /** |
110 | /** |
|
Line 115... | Line 124... | |||
115 | -#define MBEDTLS_SELF_TEST |
124 | -#define MBEDTLS_SELF_TEST |
|
116 | +//#define MBEDTLS_SELF_TEST |
125 | +//#define MBEDTLS_SELF_TEST |
|
Line 117... | Line 126... | |||
117 | |
126 | |
|
118 | /** |
127 | /** |
|
119 | * \def MBEDTLS_SHA256_SMALLER |
128 | * \def MBEDTLS_SHA256_SMALLER |
|
- | 129 | @@ -1160,7 +1160,7 @@ |
||
- | 130 | * |
||
- | 131 | * Uncomment to enable the smaller implementation of SHA256. |
||
- | 132 | */ |
||
- | 133 | -//#define MBEDTLS_SHA256_SMALLER |
||
- | 134 | +#define MBEDTLS_SHA256_SMALLER |
||
- | 135 | |
||
- | 136 | /** |
||
- | 137 | * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES |
||
120 | @@ -1373,7 +1373,7 @@ |
138 | @@ -1298,7 +1298,7 @@ |
|
121 | * configuration of this extension). |
139 | * configuration of this extension). |
|
122 | * |
140 | * |
|
123 | */ |
141 | */ |
|
124 | -#define MBEDTLS_SSL_RENEGOTIATION |
142 | -#define MBEDTLS_SSL_RENEGOTIATION |
|
Line 125... | Line 143... | |||
125 | +//#define MBEDTLS_SSL_RENEGOTIATION |
143 | +//#define MBEDTLS_SSL_RENEGOTIATION |
|
126 | |
144 | |
|
127 | /** |
145 | /** |
|
128 | * \def MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO |
146 | * \def MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO |
|
129 | @@ -1548,7 +1548,7 @@ |
147 | @@ -1473,7 +1473,7 @@ |
|
130 | * |
148 | * |
|
131 | * Comment this macro to disable support for SSL session tickets |
149 | * Comment this macro to disable support for SSL session tickets |
|
132 | */ |
150 | */ |
|
Line 133... | Line 151... | |||
133 | -#define MBEDTLS_SSL_SESSION_TICKETS |
151 | -#define MBEDTLS_SSL_SESSION_TICKETS |
|
134 | +//#define MBEDTLS_SSL_SESSION_TICKETS |
152 | +//#define MBEDTLS_SSL_SESSION_TICKETS |
|
135 | |
153 | |
|
136 | /** |
154 | /** |
|
137 | * \def MBEDTLS_SSL_EXPORT_KEYS |
155 | * \def MBEDTLS_SSL_EXPORT_KEYS |
|
138 | @@ -1578,7 +1578,7 @@ |
156 | @@ -1503,7 +1503,7 @@ |
|
139 | * |
157 | * |
|
140 | * Comment this macro to disable support for truncated HMAC in SSL |
158 | * Comment this macro to disable support for truncated HMAC in SSL |
|
Line 141... | Line 159... | |||
141 | */ |
159 | */ |
|
142 | -#define MBEDTLS_SSL_TRUNCATED_HMAC |
160 | -#define MBEDTLS_SSL_TRUNCATED_HMAC |
|
143 | +//#define MBEDTLS_SSL_TRUNCATED_HMAC |
161 | +//#define MBEDTLS_SSL_TRUNCATED_HMAC |
|
144 | |
162 | |
|
145 | /** |
163 | /** |
|
146 | * \def MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT |
164 | * \def MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT |
|
147 | @@ -1637,7 +1637,7 @@ |
165 | @@ -1562,7 +1562,7 @@ |
|
148 | * |
166 | * |
|
Line 149... | Line 167... | |||
149 | * Comment this to disable run-time checking and save ROM space |
167 | * Comment this to disable run-time checking and save ROM space |
|
150 | */ |
168 | */ |
|
151 | -#define MBEDTLS_VERSION_FEATURES |
169 | -#define MBEDTLS_VERSION_FEATURES |
|
152 | +//#define MBEDTLS_VERSION_FEATURES |
170 | +//#define MBEDTLS_VERSION_FEATURES |
|
153 | |
171 | |
|
154 | /** |
172 | /** |
|
155 | * \def MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 |
173 | * \def MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 |
|
156 | @@ -1967,7 +1967,7 @@ |
174 | @@ -1892,7 +1892,7 @@ |
|
Line 157... | Line 175... | |||
157 | * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 |
175 | * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 |
|
158 | * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 |
176 | * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 |
|
159 | */ |
177 | */ |
|
160 | -#define MBEDTLS_CAMELLIA_C |
178 | -#define MBEDTLS_CAMELLIA_C |
|
161 | +//#define MBEDTLS_CAMELLIA_C |
179 | +//#define MBEDTLS_CAMELLIA_C |
|
162 | |
180 | |
|
163 | /** |
181 | /** |
|
164 | * \def MBEDTLS_ARIA_C |
182 | * \def MBEDTLS_ARIA_C |
|
Line 165... | Line 183... | |||
165 | @@ -2033,7 +2033,7 @@ |
183 | @@ -1958,7 +1958,7 @@ |
|
166 | * This module enables the AES-CCM ciphersuites, if other requisites are |
184 | * This module enables the AES-CCM ciphersuites, if other requisites are |
|
167 | * enabled as well. |
185 | * enabled as well. |
|
168 | */ |
186 | */ |
|
169 | -#define MBEDTLS_CCM_C |
187 | -#define MBEDTLS_CCM_C |
|
170 | +//#define MBEDTLS_CCM_C |
188 | +//#define MBEDTLS_CCM_C |
|
171 | |
189 | |
|
172 | /** |
190 | /** |
|
Line 173... | Line 191... | |||
173 | * \def MBEDTLS_CERTS_C |
191 | * \def MBEDTLS_CERTS_C |
|
174 | @@ -2045,7 +2045,7 @@ |
192 | @@ -1970,7 +1970,7 @@ |
|
- | 193 | * |
||
- | 194 | * This module is used for testing (ssl_client/server). |
||
- | 195 | */ |
||
- | 196 | -#define MBEDTLS_CERTS_C |
||
- | 197 | +//#define MBEDTLS_CERTS_C |
||
- | 198 | |
||
- | 199 | /** |
||
- | 200 | * \def MBEDTLS_CHACHA20_C |
||
- | 201 | @@ -1979,7 +1979,7 @@ |
||
- | 202 | * |
||
- | 203 | * Module: library/chacha20.c |
||
- | 204 | */ |
||
- | 205 | -#define MBEDTLS_CHACHA20_C |
||
- | 206 | +//#define MBEDTLS_CHACHA20_C |
||
- | 207 | |
||
- | 208 | /** |
||
- | 209 | * \def MBEDTLS_CHACHAPOLY_C |
||
- | 210 | @@ -1990,7 +1990,7 @@ |
||
175 | * |
211 | * |
|
- | 212 | * This module requires: MBEDTLS_CHACHA20_C, MBEDTLS_POLY1305_C |
||
- | 213 | */ |
||
- | 214 | -#define MBEDTLS_CHACHAPOLY_C |
||
- | 215 | +//#define MBEDTLS_CHACHAPOLY_C |
||
- | 216 | |
||
- | 217 | /** |
||
- | 218 | * \def MBEDTLS_CIPHER_C |
||
- | 219 | @@ -2043,7 +2043,7 @@ |
||
- | 220 | * |
||
176 | * This module is used for testing (ssl_client/server). |
221 | * This module provides debugging functions. |
|
177 | */ |
222 | */ |
|
178 | -#define MBEDTLS_CERTS_C |
223 | -#define MBEDTLS_DEBUG_C |
|
179 | +//#define MBEDTLS_CERTS_C |
224 | +//#define MBEDTLS_DEBUG_C |
|
180 | |
225 | |
|
Line 181... | Line 226... | |||
181 | /** |
226 | /** |
|
182 | * \def MBEDTLS_CHACHA20_C |
227 | * \def MBEDTLS_DES_C |
|
183 | @@ -2149,7 +2149,7 @@ |
228 | @@ -2072,7 +2072,7 @@ |
|
184 | * \warning DES is considered a weak cipher and its use constitutes a |
229 | * \warning DES is considered a weak cipher and its use constitutes a |
|
185 | * security risk. We recommend considering stronger ciphers instead. |
230 | * security risk. We recommend considering stronger ciphers instead. |
|
186 | */ |
231 | */ |
|
187 | -#define MBEDTLS_DES_C |
232 | -#define MBEDTLS_DES_C |
|
188 | +//#define MBEDTLS_DES_C |
233 | +//#define MBEDTLS_DES_C |
|
Line 189... | Line 234... | |||
189 | |
234 | |
|
190 | /** |
235 | /** |
|
191 | * \def MBEDTLS_DHM_C |
236 | * \def MBEDTLS_DHM_C |
|
- | 237 | @@ -2235,7 +2235,7 @@ |
||
- | 238 | * This module adds support for the Hashed Message Authentication Code |
||
- | 239 | * (HMAC)-based key derivation function (HKDF). |
||
- | 240 | */ |
||
- | 241 | -#define MBEDTLS_HKDF_C |
||
- | 242 | +//#define MBEDTLS_HKDF_C |
||
- | 243 | |
||
- | 244 | /** |
||
- | 245 | * \def MBEDTLS_HMAC_DRBG_C |
||
192 | @@ -2312,7 +2312,7 @@ |
246 | @@ -2249,7 +2249,7 @@ |
|
193 | * This module adds support for the Hashed Message Authentication Code |
247 | * |
|
194 | * (HMAC)-based key derivation function (HKDF). |
248 | * Uncomment to enable the HMAC_DRBG random number geerator. |
|
195 | */ |
249 | */ |
|
196 | -#define MBEDTLS_HKDF_C |
250 | -#define MBEDTLS_HMAC_DRBG_C |
|
Line 197... | Line 251... | |||
197 | +//#define MBEDTLS_HKDF_C |
251 | +//#define MBEDTLS_HMAC_DRBG_C |
|
198 | |
252 | |
|
199 | /** |
253 | /** |
|
- | 254 | * \def MBEDTLS_NIST_KW_C |
||
- | 255 | @@ -2545,7 +2545,7 @@ |
||
- | 256 | * |
||
- | 257 | * This module enables abstraction of common (libc) functions. |
||
- | 258 | */ |
||
- | 259 | -#define MBEDTLS_PLATFORM_C |
||
- | 260 | +//#define MBEDTLS_PLATFORM_C |
||
- | 261 | |
||
- | 262 | /** |
||
200 | * \def MBEDTLS_HMAC_DRBG_C |
263 | * \def MBEDTLS_POLY1305_C |
|
201 | @@ -2622,7 +2622,7 @@ |
264 | @@ -2555,7 +2555,7 @@ |
|
202 | * |
265 | * Module: library/poly1305.c |
|
203 | * This module enables abstraction of common (libc) functions. |
266 | * Caller: library/chachapoly.c |
|
204 | */ |
267 | */ |
|
Line 205... | Line 268... | |||
205 | -#define MBEDTLS_PLATFORM_C |
268 | -#define MBEDTLS_POLY1305_C |
|
206 | +//#define MBEDTLS_PLATFORM_C |
269 | +//#define MBEDTLS_POLY1305_C |
|
207 | |
270 | |
|
208 | /** |
271 | /** |
|
209 | * \def MBEDTLS_POLY1305_C |
272 | * \def MBEDTLS_RIPEMD160_C |
|
210 | @@ -2643,7 +2643,7 @@ |
273 | @@ -2566,7 +2566,7 @@ |
|
211 | * Caller: library/md.c |
274 | * Caller: library/md.c |
|
212 | * |
275 | * |
|
Line 213... | Line 276... | |||
213 | */ |
276 | */ |
|
214 | -#define MBEDTLS_RIPEMD160_C |
277 | -#define MBEDTLS_RIPEMD160_C |
|
215 | +//#define MBEDTLS_RIPEMD160_C |
278 | +//#define MBEDTLS_RIPEMD160_C |
|
216 | |
279 | |
|
217 | /** |
280 | /** |
|
218 | * \def MBEDTLS_RSA_C |
281 | * \def MBEDTLS_RSA_C |
|
219 | @@ -2750,7 +2750,7 @@ |
282 | @@ -2673,7 +2673,7 @@ |
|
220 | * |
283 | * |
|
Line 221... | Line 284... | |||
221 | * Requires: MBEDTLS_CIPHER_C |
284 | * Requires: MBEDTLS_CIPHER_C |
|
222 | */ |
285 | */ |
|
223 | -#define MBEDTLS_SSL_TICKET_C |
286 | -#define MBEDTLS_SSL_TICKET_C |
|
224 | +//#define MBEDTLS_SSL_TICKET_C |
287 | +//#define MBEDTLS_SSL_TICKET_C |
|
225 | |
288 | |
|
226 | /** |
289 | /** |
|
227 | * \def MBEDTLS_SSL_CLI_C |
290 | * \def MBEDTLS_SSL_CLI_C |
|
228 | @@ -2850,7 +2850,7 @@ |
291 | @@ -2773,7 +2773,7 @@ |