diff options
Diffstat (limited to 'package/network/services/dropbear/patches/120-openwrt_options.patch')
| -rw-r--r-- | package/network/services/dropbear/patches/120-openwrt_options.patch | 25 |
1 files changed, 9 insertions, 16 deletions
diff --git a/package/network/services/dropbear/patches/120-openwrt_options.patch b/package/network/services/dropbear/patches/120-openwrt_options.patch index 1b5c5cb1e8..48dae73b1f 100644 --- a/package/network/services/dropbear/patches/120-openwrt_options.patch +++ b/package/network/services/dropbear/patches/120-openwrt_options.patch @@ -18,27 +18,20 @@ /* Whether to support "-c" and "-m" flags to choose ciphers/MACs at runtime */ #define ENABLE_USER_ALGO_LIST -@@ -95,8 +95,8 @@ much traffic. */ - #define DROPBEAR_AES256 - /* Compiling in Blowfish will add ~6kB to runtime heap memory usage */ - /*#define DROPBEAR_BLOWFISH*/ --#define DROPBEAR_TWOFISH256 --#define DROPBEAR_TWOFISH128 -+/*#define DROPBEAR_TWOFISH256 -+#define DROPBEAR_TWOFISH128*/ - - /* Enable "Counter Mode" for ciphers. This is more secure than normal - * CBC mode against certain attacks. This adds around 1kB to binary -@@ -122,7 +122,7 @@ much traffic. */ +@@ -126,9 +126,9 @@ much traffic. */ * If you disable MD5, Dropbear will fall back to SHA1 fingerprints, * which are not the standard form. */ #define DROPBEAR_SHA1_HMAC -#define DROPBEAR_SHA1_96_HMAC +-#define DROPBEAR_SHA2_256_HMAC +-#define DROPBEAR_SHA2_512_HMAC +/*#define DROPBEAR_SHA1_96_HMAC*/ - /*#define DROPBEAR_SHA2_256_HMAC*/ - /*#define DROPBEAR_SHA2_512_HMAC*/ ++/*#define DROPBEAR_SHA2_256_HMAC*/ ++/*#define DROPBEAR_SHA2_512_HMAC*/ #define DROPBEAR_MD5_HMAC -@@ -175,7 +175,7 @@ much traffic. */ + + /* You can also disable integrity. Don't bother disabling this if you're +@@ -184,7 +184,7 @@ much traffic. */ /* Whether to print the message of the day (MOTD). This doesn't add much code * size */ @@ -47,7 +40,7 @@ /* The MOTD file path */ #ifndef MOTD_FILENAME -@@ -213,7 +213,7 @@ much traffic. */ +@@ -226,7 +226,7 @@ much traffic. */ * note that it will be provided for all "hidden" client-interactive * style prompts - if you want something more sophisticated, use * SSH_ASKPASS instead. Comment out this var to remove this functionality.*/ |