diff options
| author | Joseph C. Sible <josephcsible@users.noreply.github.com> | 2017-02-02 01:51:51 -0500 |
|---|---|---|
| committer | Felix Fietkau <nbd@nbd.name> | 2017-02-10 11:05:57 +0100 |
| commit | 0bf85ef04806e0fd5a6f78ac9f6a32aabb1e7fdc (patch) | |
| tree | e7cd7b420cd179bced92317bb54b6e61a3fb19d7 | |
| parent | 2c416b1db09af5d401653c6479a53430fdc81f21 (diff) | |
| download | upstream-0bf85ef04806e0fd5a6f78ac9f6a32aabb1e7fdc.tar.gz upstream-0bf85ef04806e0fd5a6f78ac9f6a32aabb1e7fdc.tar.bz2 upstream-0bf85ef04806e0fd5a6f78ac9f6a32aabb1e7fdc.zip | |
dropbear: enable SHA256 HMACs
The only HMACs currently available use MD5 and SHA1, both of which have known
weaknesses. We already compile in the SHA256 code since we use Curve25519
by default, so there's no significant size penalty to enabling this.
Signed-off-by: Joseph C. Sible <josephcsible@users.noreply.github.com>
| -rw-r--r-- | package/network/services/dropbear/patches/120-openwrt_options.patch | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/package/network/services/dropbear/patches/120-openwrt_options.patch b/package/network/services/dropbear/patches/120-openwrt_options.patch index f16aaf001e..b49a95ce93 100644 --- a/package/network/services/dropbear/patches/120-openwrt_options.patch +++ b/package/network/services/dropbear/patches/120-openwrt_options.patch @@ -44,10 +44,9 @@ * which are not the standard form. */ #define DROPBEAR_SHA1_HMAC -#define DROPBEAR_SHA1_96_HMAC --#define DROPBEAR_SHA2_256_HMAC --#define DROPBEAR_SHA2_512_HMAC +/*#define DROPBEAR_SHA1_96_HMAC*/ -+/*#define DROPBEAR_SHA2_256_HMAC*/ + #define DROPBEAR_SHA2_256_HMAC +-#define DROPBEAR_SHA2_512_HMAC +/*#define DROPBEAR_SHA2_512_HMAC*/ #define DROPBEAR_MD5_HMAC |