Support of elliptic curves in openssl

Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware
Author Message
fseka
DD-WRT User


Joined: 02 Dec 2009
Posts: 75

PostPosted: Thu Oct 08, 2015 7:10    Post subject: Support of elliptic curves in openssl Reply with quote
Hi,

looking into the sources, I've seen that openssl is compiled with the no-ec directive.
That means the drop of the elliptic curves support?

Is there a reason for that?

Why not enabling the support of EC for powerfull devices like the Netgear r7000?

Many thanks in advance and kind regards

--
fSeka

_________________
E3000 running DD-WRT v24-sp2(Build 14929) mega
Netgear R7000 running DD-WRT v3.0-r27858)
Sponsor
zip
DD-WRT User


Joined: 29 Sep 2006
Posts: 93

PostPosted: Fri Oct 09, 2015 16:10    Post subject: Reply with quote
I am interested in this also. A router like the R7000 should be able to handle this.
_________________
-----------------------------------
Netgear R7000
fseka
DD-WRT User


Joined: 02 Dec 2009
Posts: 75

PostPosted: Mon Oct 12, 2015 7:22    Post subject: Reply with quote
Hi,

the reason why I need the support of EC is the following:
pound on dd-wrt is really outdated (2.6 from 2013), so I decided to compile the newest version (2.7) by myself.
But pound relies on openssl and the version of openssl in dd-wrt is compiled without EC support.
So I had to compile pound with openssl as non shared library and I ended up with a 2.7M pound binary Smile

regards,
fSeka

_________________
E3000 running DD-WRT v24-sp2(Build 14929) mega
Netgear R7000 running DD-WRT v3.0-r27858)
qGUBcZWwBHb1
DD-WRT Novice


Joined: 27 Jan 2015
Posts: 32

PostPosted: Mon Oct 12, 2015 22:29    Post subject: Reply with quote
I agree that this can be upgraded with some fairly easy config changes. I've been looking at this recently and the default config is pretty dismal.

I've PM'd Kong about this but have not seen a reply.

But please do consider updating the SSL configs including cipher configs.


testssl.sh is a pretty useful tool for testing the config. I'm also willing to help if necessary.
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum