diff options
| author | Matt Johnston <matt@ucc.asn.au> | 2018-02-18 22:27:51 +0800 |
|---|---|---|
| committer | Matt Johnston <matt@ucc.asn.au> | 2018-02-18 22:27:51 +0800 |
| commit | 96d791ea7a93c4d56ea2bd0eaa42b0f22977e8fc (patch) | |
| tree | 3aa265e2f0487c7149e274a6ac6e17ac447d1230 /sysoptions.h | |
| parent | 3994429bab8a7a8108e8ccbcdf720fef687f4883 (diff) | |
| download | dropbear-96d791ea7a93c4d56ea2bd0eaa42b0f22977e8fc.tar.gz | |
clean up some default options
- move hmac-sha2-512, hmac-md5, twofish_ctr to sysoptions.h, off by default
- try and improve text for KEX methods
Diffstat (limited to 'sysoptions.h')
| -rw-r--r-- | sysoptions.h | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/sysoptions.h b/sysoptions.h index b081ffc..ba4b4ca 100644 --- a/sysoptions.h +++ b/sysoptions.h @@ -99,6 +99,23 @@ #define MAX_MAC_LEN 20 #endif +/* sha2-512 is not necessary unless unforseen problems arise with sha2-256 */ +#ifndef DROPBEAR_SHA2_512_HMAC +#define DROPBEAR_SHA2_512_HMAC 0 +#endif + +/* might be needed for compatibility with very old implementations */ +#ifndef DROPBEAR_MD5_HMAC +#define DROPBEAR_MD5_HMAC 0 +#endif + +/* Twofish counter mode is disabled by default because it +has not been tested for interoperability with other SSH implementations. +If you test it please contact the Dropbear author */ +#ifndef DROPBEAR_TWOFISH_CTR +#define DROPBEAR_TWOFISH_CTR 0 +#endif + #define DROPBEAR_ECC ((DROPBEAR_ECDH) || (DROPBEAR_ECDSA)) |