NTLM is an old authentication protocol depending on DES and MD4 and
its creator, Microsoft, discourage its use since 2010, because it is
weak and vulnerable to many attacks.
libgit2 has support for NTLM and it is enabled by default if openssl
is used, however, since commit
a83d41867c8d ("package/libopenssl: add
option to enable some features"), support for DES and MD4 can be
disabled in openssl.
Since openssl is an optional dependency to libgit2 and getting rid of
NTLM is a goal in itself for many windows administrators, disable NTLM
by default.
Fixes: http://autobuild.buildroot.net/results/efb4ce2174cb6944558e895ce852182ba2738a70
Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
-DUSE_ICONV=ON \
-DREGEX_BACKEND=regcomp \
-DUSE_HTTP_PARSER=system \
+ -DUSE_NTLMCLIENT=OFF \
-DTHREADSAFE=$(if $(BR2_TOOLCHAIN_HAS_THREADS),ON,OFF)
LIBGIT2_DEPENDENCIES = zlib libhttpparser
projects / buildroot.git / commitdiff