From: Francis Dupont Date: Tue, 5 May 2026 12:54:32 +0000 (+0200) Subject: [#4413] Updated Botan doc X-Git-Url: http://git.ipfire.org/gitweb/?a=commitdiff_plain;h=310c66a993e8d76006e3a489d55c221f2c6091ba;p=thirdparty%2Fkea.git [#4413] Updated Botan doc --- diff --git a/doc/sphinx/arm/install.rst b/doc/sphinx/arm/install.rst index a205a45daf..96184d9cb8 100644 --- a/doc/sphinx/arm/install.rst +++ b/doc/sphinx/arm/install.rst @@ -159,7 +159,7 @@ the system: - Boost C++ libraries (https://www.boost.org/) (at least version 1.66). On versions before 1.69 the Boost system library must also be installed. -- OpenSSL (at least version 1.0.2) or Botan (at least version 2). +- OpenSSL (at least version 1.0.2) or Botan (at least version 3.4.0). OpenSSL version 1.1.1 or later is strongly recommended. - log4cplus (at least version 1.0.3) development include headers. @@ -319,14 +319,12 @@ Some commonly used options are: :iscman:`kea-netconf`. - ``-D crypto=botan`` - Specify the name of the Botan pkg-config library e.g. ``botan-2`` - to build with Botan for cryptographic functions. It is preferable - to use OpenSSL (see below). + Use the Botan cryptographic library instead of OpenSSL. + Meson searches the 'botan-3' and 'botan' pkg-config library. - ``--D crypto=openssl`` - Use the OpenSSL cryptographic library instead of Botan. By default - Meson searches for a valid Botan installation; if one is not - found, Kea searches for OpenSSL. Normally this is not necessary. + Use the OpenSSL cryptographic library. By default the value of + the 'crypto' option is 'openssl'. .. note:: diff --git a/doc/sphinx/arm/security.rst b/doc/sphinx/arm/security.rst index 0ca46b4abf..1cce2cfc3c 100644 --- a/doc/sphinx/arm/security.rst +++ b/doc/sphinx/arm/security.rst @@ -76,9 +76,9 @@ that must be used: - LibreSSL 3.2.4 has been tested. LibreSSL shares the OpenSSL 1.0.2 API, so it should work, but is not supported. -- Botan 1.x versions are obsolete and must not be used. +- Botan 1.x and 2.x versions are obsolete and must not be used. -- Botan versions 2.14.0 and later have been tested and are supported. Kea TLS +- Botan versions 3.4.0 and later have been tested and are supported. Kea TLS support requires the four Asio header files which are included in Botan packages and which are installed only if Botan is configured with the ``--with-boost`` option. @@ -92,7 +92,7 @@ that must be used: directory, but this should be a last-resort procedure. Without these header files, or with a Botan version prior - to 2.14.0, Kea cannot build as the TLS/HTTPS support is considered + to 3.4.0, Kea cannot build as the TLS/HTTPS support is considered essential for security. - Very old Boost versions provide SSL support (based on OpenSSL)