diff --git a/doc/sphinx/arm/security.rst b/doc/sphinx/arm/security.rst index d729455fd7..8ceb4f12ec 100644 --- a/doc/sphinx/arm/security.rst +++ b/doc/sphinx/arm/security.rst @@ -76,7 +76,7 @@ that must be used: Without these header files, or with a Botan version prior to 2.14.0, Kea cannot build as the TLS/HTTPS support is considered - as essential for security. + essential for security. - Very old Boost versions provide SSL support (based on OpenSSL) without offering a choice of the TLS version; Kea can still use them, diff --git a/src/lib/asiolink/botan_tls.cc b/src/lib/asiolink/botan_tls.cc index b95485ccc3..0ec0ed5fdb 100644 --- a/src/lib/asiolink/botan_tls.cc +++ b/src/lib/asiolink/botan_tls.cc @@ -182,7 +182,6 @@ class KeaPolicy : public Botan::TLS::Default_Policy { static const std::vector AllowedSignatureMethodsECDSA; }; - // Kea session manager. using KeaSessionManager = Botan::TLS::Session_Manager_Noop; diff --git a/src/lib/asiolink/botan_tls.h b/src/lib/asiolink/botan_tls.h index 6004672336..8dc9e40b37 100644 --- a/src/lib/asiolink/botan_tls.h +++ b/src/lib/asiolink/botan_tls.h @@ -43,7 +43,7 @@ class TlsContext : public TlsContextBase { /// @brief Destructor. /// - /// @note The destructor can't be defined here because a unique + /// @note The destructor can't be defined here because a unique /// pointer to an incomplete type is used. virtual ~TlsContext(); diff --git a/src/lib/cryptolink/botan_hmac.cc b/src/lib/cryptolink/botan_hmac.cc index 14cb00f7e2..fc4f773a80 100644 --- a/src/lib/cryptolink/botan_hmac.cc +++ b/src/lib/cryptolink/botan_hmac.cc @@ -66,8 +66,6 @@ class HMACImpl { isc_throw(LibraryError, "Botan error: " << exc.what()); } - // If the key length is larger than the block size, we hash the - // key itself first. try { // Botan 1.8 considers len 0 a bad key. 1.9 does not, // but we won't accept it anyway, and fail early diff --git a/src/lib/http/tests/tls_client_unittests.cc b/src/lib/http/tests/tls_client_unittests.cc index b0e0d659e6..b19ebe0724 100644 --- a/src/lib/http/tests/tls_client_unittests.cc +++ b/src/lib/http/tests/tls_client_unittests.cc @@ -37,7 +37,8 @@ #include #ifdef WITH_BOTAN -#define DISABLE_SOME_TESTS +// All tests work with last Botan versions so commenting this. +// #define DISABLE_SOME_TESTS #endif #ifdef WITH_OPENSSL #if !defined(LIBRESSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER < 0x10100000L)