Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / openbmc / 5b9ede0403237c7dace972affa65cf64a1aadd0e / . / meta-phosphor / recipes-core / dropbear / dropbear / options.patch
blob: 52122439401aa3000b0c6f2ddbcec5d90928fdb0 [file] [log] [blame]
Joseph Reynoldsa12245d2018-09-26 16:31:39 -0500[diff] [blame]1diff --git a/options.h b/options.h
Joseph Reynolds1597b922018-10-09 14:53:15 -0500[diff] [blame]2index 0c51bb1..3df2d67 100644
Joseph Reynoldsa12245d2018-09-26 16:31:39 -0500[diff] [blame]3--- a/options.h
4+++ b/options.h
Joseph Reynolds1597b922018-10-09 14:53:15 -0500[diff] [blame]5@@ -95,12 +95,12 @@ much traffic. */
Joseph Reynoldsa12245d2018-09-26 16:31:39 -0500[diff] [blame]6 #define DROPBEAR_AES256
7 /* Compiling in Blowfish will add ~6kB to runtime heap memory usage */
8 /*#define DROPBEAR_BLOWFISH*/
9-#define DROPBEAR_TWOFISH256
10-#define DROPBEAR_TWOFISH128
Joseph Reynolds1597b922018-10-09 14:53:15 -0500[diff] [blame]11+/*#define DROPBEAR_TWOFISH256*/
12+/*#define DROPBEAR_TWOFISH128*/
Joseph Reynoldsa12245d2018-09-26 16:31:39 -0500[diff] [blame]13
14 /* Enable CBC mode for ciphers. This has security issues though
15 * is the most compatible with older SSH implementations */
16-#define DROPBEAR_ENABLE_CBC_MODE
Joseph Reynolds1597b922018-10-09 14:53:15 -0500[diff] [blame]17+/*#define DROPBEAR_ENABLE_CBC_MODE*/
Joseph Reynoldsa12245d2018-09-26 16:31:39 -0500[diff] [blame]18
19 /* Enable "Counter Mode" for ciphers. This is more secure than normal
20 * CBC mode against certain attacks. It is recommended for security
Joseph Reynolds1597b922018-10-09 14:53:15 -0500[diff] [blame]21@@ -131,10 +131,10 @@ If you test it please contact the Dropbear author */
Joseph Reynoldsa12245d2018-09-26 16:31:39 -0500[diff] [blame]22 * If you disable MD5, Dropbear will fall back to SHA1 fingerprints,
23 * which are not the standard form. */
Joseph Reynolds1597b922018-10-09 14:53:15 -0500[diff] [blame]24 #define DROPBEAR_SHA1_HMAC
Joseph Reynoldsa12245d2018-09-26 16:31:39 -0500[diff] [blame]25-#define DROPBEAR_SHA1_96_HMAC
Joseph Reynolds1597b922018-10-09 14:53:15 -0500[diff] [blame]26+/*#define DROPBEAR_SHA1_96_HMAC*/
Joseph Reynoldsa12245d2018-09-26 16:31:39 -0500[diff] [blame]27 #define DROPBEAR_SHA2_256_HMAC
28 #define DROPBEAR_SHA2_512_HMAC
Joseph Reynolds1597b922018-10-09 14:53:15 -0500[diff] [blame]29-#define DROPBEAR_MD5_HMAC
30+/*#define DROPBEAR_MD5_HMAC*/
31
32 /* You can also disable integrity. Don't bother disabling this if you're
33 * still using a cipher, it's relatively cheap. If you disable this it's dead