mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-25 13:05:41 +00:00
Disable MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE in default config.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
This commit is contained in:
parent
b3d344c225
commit
7d13539d1b
|
@ -4,3 +4,7 @@ Removals
|
|||
signing. It was intended to facilitate the transition in environments
|
||||
with SHA-1 certificates. SHA-1 is considered a weak message digest and
|
||||
its use constitutes a security risk.
|
||||
|
||||
Changes
|
||||
* Set config option MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE to be
|
||||
disabled by default.
|
||||
|
|
|
@ -3912,7 +3912,7 @@
|
|||
* on it, and considering stronger message digests instead.
|
||||
*
|
||||
*/
|
||||
#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE
|
||||
//#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE
|
||||
|
||||
/**
|
||||
* Uncomment the macro to let mbed TLS use your alternate implementation of
|
||||
|
|
Loading…
Reference in a new issue