Mercurial > dropbear
comparison sysoptions.h @ 1915:13cb8cc1b0e4
Remove twofish and remnants of blowfish
Twofish CTR was never enabled by default and CBC modes are
deprecated
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Wed, 30 Mar 2022 10:23:39 +0800 |
| parents | 6f265a35159a |
| children | 3f4cdf839a1a |
comparison
equal
deleted
inserted
replaced
| 1914:f978a15194ba | 1915:13cb8cc1b0e4 |
|---|---|
| 128 | 128 |
| 129 /* might be needed for compatibility with very old implementations */ | 129 /* might be needed for compatibility with very old implementations */ |
| 130 #ifndef DROPBEAR_MD5_HMAC | 130 #ifndef DROPBEAR_MD5_HMAC |
| 131 #define DROPBEAR_MD5_HMAC 0 | 131 #define DROPBEAR_MD5_HMAC 0 |
| 132 #endif | 132 #endif |
| 133 | |
| 134 /* Twofish counter mode is disabled by default because it | |
| 135 has not been tested for interoperability with other SSH implementations. | |
| 136 If you test it please contact the Dropbear author */ | |
| 137 #ifndef DROPBEAR_TWOFISH_CTR | |
| 138 #define DROPBEAR_TWOFISH_CTR 0 | |
| 139 #endif | |
| 140 | |
| 141 | 133 |
| 142 #define DROPBEAR_ECC ((DROPBEAR_ECDH) || (DROPBEAR_ECDSA)) | 134 #define DROPBEAR_ECC ((DROPBEAR_ECDH) || (DROPBEAR_ECDSA)) |
| 143 | 135 |
| 144 /* Debian doesn't define this in system headers */ | 136 /* Debian doesn't define this in system headers */ |
| 145 #if !defined(LTM_DESC) && (DROPBEAR_ECC) | 137 #if !defined(LTM_DESC) && (DROPBEAR_ECC) |
| 233 auth */ | 225 auth */ |
| 234 | 226 |
| 235 | 227 |
| 236 #define DROPBEAR_AES ((DROPBEAR_AES256) || (DROPBEAR_AES128)) | 228 #define DROPBEAR_AES ((DROPBEAR_AES256) || (DROPBEAR_AES128)) |
| 237 | 229 |
| 238 #define DROPBEAR_TWOFISH ((DROPBEAR_TWOFISH256) || (DROPBEAR_TWOFISH128)) | |
| 239 | |
| 240 #define DROPBEAR_AEAD_MODE ((DROPBEAR_CHACHA20POLY1305) || (DROPBEAR_ENABLE_GCM_MODE)) | 230 #define DROPBEAR_AEAD_MODE ((DROPBEAR_CHACHA20POLY1305) || (DROPBEAR_ENABLE_GCM_MODE)) |
| 241 | 231 |
| 242 #define DROPBEAR_CLI_ANYTCPFWD ((DROPBEAR_CLI_REMOTETCPFWD) || (DROPBEAR_CLI_LOCALTCPFWD)) | 232 #define DROPBEAR_CLI_ANYTCPFWD ((DROPBEAR_CLI_REMOTETCPFWD) || (DROPBEAR_CLI_LOCALTCPFWD)) |
| 243 | 233 |
| 244 #define DROPBEAR_TCP_ACCEPT ((DROPBEAR_CLI_LOCALTCPFWD) || (DROPBEAR_SVR_REMOTETCPFWD)) | 234 #define DROPBEAR_TCP_ACCEPT ((DROPBEAR_CLI_LOCALTCPFWD) || (DROPBEAR_SVR_REMOTETCPFWD)) |
| 278 | 268 |
| 279 #if (DROPBEAR_PLUGIN && !DROPBEAR_SVR_PUBKEY_AUTH) | 269 #if (DROPBEAR_PLUGIN && !DROPBEAR_SVR_PUBKEY_AUTH) |
| 280 #error "You must define DROPBEAR_SVR_PUBKEY_AUTH in order to use plugins" | 270 #error "You must define DROPBEAR_SVR_PUBKEY_AUTH in order to use plugins" |
| 281 #endif | 271 #endif |
| 282 | 272 |
| 283 #if !(DROPBEAR_AES128 || DROPBEAR_3DES || DROPBEAR_AES256 || DROPBEAR_BLOWFISH \ | 273 #if !(DROPBEAR_AES128 || DROPBEAR_3DES || DROPBEAR_AES256 || DROPBEAR_CHACHA20POLY1305) |
| 284 || DROPBEAR_TWOFISH256 || DROPBEAR_TWOFISH128 || DROPBEAR_CHACHA20POLY1305) | |
| 285 #error "At least one encryption algorithm must be enabled. AES128 is recommended." | 274 #error "At least one encryption algorithm must be enabled. AES128 is recommended." |
| 286 #endif | 275 #endif |
| 287 | 276 |
| 288 #if !(DROPBEAR_RSA || DROPBEAR_DSS || DROPBEAR_ECDSA || DROPBEAR_ED25519) | 277 #if !(DROPBEAR_RSA || DROPBEAR_DSS || DROPBEAR_ECDSA || DROPBEAR_ED25519) |
| 289 #error "At least one hostkey or public-key algorithm must be enabled; RSA is recommended." | 278 #error "At least one hostkey or public-key algorithm must be enabled; RSA is recommended." |