Mercurial > dropbear
comparison sysoptions.h @ 1831:0a3d02c66bf6
Comment on reason for DROPBEAR_MAX_PASSWORD_LEN limit
| author | Matt Johnston <matt@codeconstruct.com.au> |
|---|---|
| date | Tue, 12 Oct 2021 21:29:25 +0800 |
| parents | 4b984c42372d |
| children | a974a80f5f44 |
comparison
equal
deleted
inserted
replaced
| 1830:c32976db772f | 1831:0a3d02c66bf6 |
|---|---|
| 84 #define DROPBEAR_NGROUP_MAX 1024 | 84 #define DROPBEAR_NGROUP_MAX 1024 |
| 85 | 85 |
| 86 /* Required for pubkey auth */ | 86 /* Required for pubkey auth */ |
| 87 #define DROPBEAR_SIGNKEY_VERIFY ((DROPBEAR_SVR_PUBKEY_AUTH) || (DROPBEAR_CLIENT)) | 87 #define DROPBEAR_SIGNKEY_VERIFY ((DROPBEAR_SVR_PUBKEY_AUTH) || (DROPBEAR_CLIENT)) |
| 88 | 88 |
| 89 /* crypt(password) must take less time than the auth failure delay | |
| 90 (250ms set in svr-auth.c). On Linux the delay depends on | |
| 91 password length, 100 characters here was empirically derived. | |
| 92 | |
| 93 If a longer password is allowed Dropbear cannot compensate | |
| 94 for the crypt time which will expose which usernames exist */ | |
| 89 #define DROPBEAR_MAX_PASSWORD_LEN 100 | 95 #define DROPBEAR_MAX_PASSWORD_LEN 100 |
| 90 | 96 |
| 91 #define SHA1_HASH_SIZE 20 | 97 #define SHA1_HASH_SIZE 20 |
| 92 #define MD5_HASH_SIZE 16 | 98 #define MD5_HASH_SIZE 16 |
| 93 #define MAX_HASH_SIZE 64 /* sha512 */ | 99 #define MAX_HASH_SIZE 64 /* sha512 */ |