Package: libwolfssl-dev
Version: 4.4.0+dfsg-5
Severity: normal
Just using the library (as OpenSSL drop-in for licence compliance
in Debian terms) produces the following warning:
In file included from /usr/include/wolfssl/openssl/bn.h:33,
from /usr/include/wolfssl/openssl/rsa.h:28,
from core/utils.cpp:28:
/usr/include/wolfssl/wolfcrypt/settings.h:2060:14: warning: #warning "For
timing resistance / side-channel attack prevention consider using harden
options" [-Wcpp]
2060 | #warning "For timing resistance / side-channel attack
prevention consider using harden options"
| ^~~~~~~
Why is hardening not enabled?
-- System Information:
Debian Release: bullseye/sid
APT prefers unstable-debug
APT policy: (500, 'unstable-debug'), (500, 'oldstable-updates'), (500,
'buildd-unstable'), (500, 'unstable'), (500, 'oldstable'), (1,
'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 5.6.0-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=C.UTF-8
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/lksh
Init: sysvinit (via /sbin/init)
Versions of packages libwolfssl-dev depends on:
pn libwolfssl24 <none>
libwolfssl-dev recommends no packages.
libwolfssl-dev suggests no packages.
