package/mbedtls: fix zlib support
commitc1a77961c1aca6cd50e3ad44b5b39350f1070286
authorJörg Krause <joerg.krause@embedded.rocks>
Sun, 29 Jan 2017 21:15:11 +0000 (29 22:15 +0100)
committerThomas Petazzoni <thomas.petazzoni@free-electrons.com>
Mon, 6 Feb 2017 12:53:01 +0000 (6 13:53 +0100)
treed7aff59fbe228f19ee9f060a887decfcac0bc601
parent412e6c80ad56181546f29f2add405fa595116271
package/mbedtls: fix zlib support

To enable compression support using zlib it is necessary to uncomment
the define for MBEDTLS_ZLIB_SUPPORT in config.h [1].

Note, that enabling TLS compression may make mbedTLS vulnerable to the
CRIME attack [1]. It should not be enabled unless is is sure CRIME and
similar attacks are not applicable to the particulare situation.

As zlib is probably enabled in most systems, maybe it is best to make
the compression support a user choice and add the warning from [1]?

[1] https://tls.mbed.org/kb/how-to/deflate-compression-in-ssl-tls

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
package/mbedtls/mbedtls.mk