| Message ID | 20260211184917.1045939-2-colinmca242@gmail.com |
|---|---|
| State | New |
| Headers | show |
| Series | Disable OpenSSL and Python3-cryptography legacy features by default | expand |
diff --git a/meta/recipes-connectivity/openssl/openssl_3.5.5.bb b/meta/recipes-connectivity/openssl/openssl_3.5.5.bb index c0d02b617b..6b9ccef0b5 100644 --- a/meta/recipes-connectivity/openssl/openssl_3.5.5.bb +++ b/meta/recipes-connectivity/openssl/openssl_3.5.5.bb @@ -29,8 +29,8 @@ PACKAGECONFIG:class-native = "" PACKAGECONFIG:class-nativesdk = "" PACKAGECONFIG[cryptodev-linux] = "enable-devcryptoeng,disable-devcryptoeng,cryptodev-linux,,cryptodev-module" -PACKAGECONFIG[no-tls1] = "no-tls1" -PACKAGECONFIG[no-tls1_1] = "no-tls1_1" +PACKAGECONFIG[tls1] = ",no-tls1" +PACKAGECONFIG[tls1_1] = ",no-tls1_1" PACKAGECONFIG[manpages] = "" PACKAGECONFIG[fips] = "enable-fips"
TLS 1 and TLS 1.1 have been deprecated by the IETF since 2021. Disables support by default in packageconfig, requiring users to explicitly opt-in for these deprecated protocols. Signed-off-by: Colin Pinnell McAllister <colinmca242@gmail.com> --- meta/recipes-connectivity/openssl/openssl_3.5.5.bb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)