Mercurial > dropbear
comparison sysoptions.h @ 1915:13cb8cc1b0e4
Remove twofish and remnants of blowfish
Twofish CTR was never enabled by default and CBC modes are
deprecated
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Wed, 30 Mar 2022 10:23:39 +0800 |
parents | 6f265a35159a |
children | 3f4cdf839a1a |
comparison
equal
deleted
inserted
replaced
1914:f978a15194ba | 1915:13cb8cc1b0e4 |
---|---|
128 | 128 |
129 /* might be needed for compatibility with very old implementations */ | 129 /* might be needed for compatibility with very old implementations */ |
130 #ifndef DROPBEAR_MD5_HMAC | 130 #ifndef DROPBEAR_MD5_HMAC |
131 #define DROPBEAR_MD5_HMAC 0 | 131 #define DROPBEAR_MD5_HMAC 0 |
132 #endif | 132 #endif |
133 | |
134 /* Twofish counter mode is disabled by default because it | |
135 has not been tested for interoperability with other SSH implementations. | |
136 If you test it please contact the Dropbear author */ | |
137 #ifndef DROPBEAR_TWOFISH_CTR | |
138 #define DROPBEAR_TWOFISH_CTR 0 | |
139 #endif | |
140 | |
141 | 133 |
142 #define DROPBEAR_ECC ((DROPBEAR_ECDH) || (DROPBEAR_ECDSA)) | 134 #define DROPBEAR_ECC ((DROPBEAR_ECDH) || (DROPBEAR_ECDSA)) |
143 | 135 |
144 /* Debian doesn't define this in system headers */ | 136 /* Debian doesn't define this in system headers */ |
145 #if !defined(LTM_DESC) && (DROPBEAR_ECC) | 137 #if !defined(LTM_DESC) && (DROPBEAR_ECC) |
233 auth */ | 225 auth */ |
234 | 226 |
235 | 227 |
236 #define DROPBEAR_AES ((DROPBEAR_AES256) || (DROPBEAR_AES128)) | 228 #define DROPBEAR_AES ((DROPBEAR_AES256) || (DROPBEAR_AES128)) |
237 | 229 |
238 #define DROPBEAR_TWOFISH ((DROPBEAR_TWOFISH256) || (DROPBEAR_TWOFISH128)) | |
239 | |
240 #define DROPBEAR_AEAD_MODE ((DROPBEAR_CHACHA20POLY1305) || (DROPBEAR_ENABLE_GCM_MODE)) | 230 #define DROPBEAR_AEAD_MODE ((DROPBEAR_CHACHA20POLY1305) || (DROPBEAR_ENABLE_GCM_MODE)) |
241 | 231 |
242 #define DROPBEAR_CLI_ANYTCPFWD ((DROPBEAR_CLI_REMOTETCPFWD) || (DROPBEAR_CLI_LOCALTCPFWD)) | 232 #define DROPBEAR_CLI_ANYTCPFWD ((DROPBEAR_CLI_REMOTETCPFWD) || (DROPBEAR_CLI_LOCALTCPFWD)) |
243 | 233 |
244 #define DROPBEAR_TCP_ACCEPT ((DROPBEAR_CLI_LOCALTCPFWD) || (DROPBEAR_SVR_REMOTETCPFWD)) | 234 #define DROPBEAR_TCP_ACCEPT ((DROPBEAR_CLI_LOCALTCPFWD) || (DROPBEAR_SVR_REMOTETCPFWD)) |
278 | 268 |
279 #if (DROPBEAR_PLUGIN && !DROPBEAR_SVR_PUBKEY_AUTH) | 269 #if (DROPBEAR_PLUGIN && !DROPBEAR_SVR_PUBKEY_AUTH) |
280 #error "You must define DROPBEAR_SVR_PUBKEY_AUTH in order to use plugins" | 270 #error "You must define DROPBEAR_SVR_PUBKEY_AUTH in order to use plugins" |
281 #endif | 271 #endif |
282 | 272 |
283 #if !(DROPBEAR_AES128 || DROPBEAR_3DES || DROPBEAR_AES256 || DROPBEAR_BLOWFISH \ | 273 #if !(DROPBEAR_AES128 || DROPBEAR_3DES || DROPBEAR_AES256 || DROPBEAR_CHACHA20POLY1305) |
284 || DROPBEAR_TWOFISH256 || DROPBEAR_TWOFISH128 || DROPBEAR_CHACHA20POLY1305) | |
285 #error "At least one encryption algorithm must be enabled. AES128 is recommended." | 274 #error "At least one encryption algorithm must be enabled. AES128 is recommended." |
286 #endif | 275 #endif |
287 | 276 |
288 #if !(DROPBEAR_RSA || DROPBEAR_DSS || DROPBEAR_ECDSA || DROPBEAR_ED25519) | 277 #if !(DROPBEAR_RSA || DROPBEAR_DSS || DROPBEAR_ECDSA || DROPBEAR_ED25519) |
289 #error "At least one hostkey or public-key algorithm must be enabled; RSA is recommended." | 278 #error "At least one hostkey or public-key algorithm must be enabled; RSA is recommended." |