Mercurial > dropbear
comparison default_options.h.in @ 1455:4afde04f0607 fuzz
merge up to date
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Tue, 23 Jan 2018 22:46:07 +0800 |
| parents | a3a96dbf9a58 |
| children | abbdeca6f1bd |
comparison
equal
deleted
inserted
replaced
| 1450:5b25d86b865b | 1455:4afde04f0607 |
|---|---|
| 8 | 8 |
| 9 Local customisation should be added to localoptions.h which is | 9 Local customisation should be added to localoptions.h which is |
| 10 used if it exists. Options defined there will override any options in this | 10 used if it exists. Options defined there will override any options in this |
| 11 file (#ifndef guards added by ifndef_wrapper.sh). | 11 file (#ifndef guards added by ifndef_wrapper.sh). |
| 12 | 12 |
| 13 Options can also be defined with -DDROPBEAR_XXX Makefile CFLAGS | 13 Options can also be defined with -DDROPBEAR_XXX in Makefile CFLAGS |
| 14 | 14 |
| 15 IMPORTANT: Many options will require "make clean" after changes */ | 15 IMPORTANT: Many options will require "make clean" after changes */ |
| 16 | 16 |
| 17 #define DROPBEAR_DEFPORT "22" | 17 #define DROPBEAR_DEFPORT "22" |
| 18 | 18 |
| 127 #define DROPBEAR_DSS 1 | 127 #define DROPBEAR_DSS 1 |
| 128 /* ECDSA is significantly faster than RSA or DSS. Compiling in ECC | 128 /* ECDSA is significantly faster than RSA or DSS. Compiling in ECC |
| 129 * code (either ECDSA or ECDH) increases binary size - around 30kB | 129 * code (either ECDSA or ECDH) increases binary size - around 30kB |
| 130 * on x86-64 */ | 130 * on x86-64 */ |
| 131 #define DROPBEAR_ECDSA 1 | 131 #define DROPBEAR_ECDSA 1 |
| 132 | |
| 133 /* RSA must be >=1024 */ | |
| 134 #define DROPBEAR_DEFAULT_RSA_SIZE 2048 | |
| 135 /* DSS is always 1024 */ | |
| 136 /* ECDSA defaults to largest size configured, usually 521 */ | |
| 132 | 137 |
| 133 /* Add runtime flag "-R" to generate hostkeys as-needed when the first | 138 /* Add runtime flag "-R" to generate hostkeys as-needed when the first |
| 134 connection using that key type occurs. | 139 connection using that key type occurs. |
| 135 This avoids the need to otherwise run "dropbearkey" and avoids some problems | 140 This avoids the need to otherwise run "dropbearkey" and avoids some problems |
| 136 with badly seeded /dev/urandom when systems first boot. */ | 141 with badly seeded /dev/urandom when systems first boot. */ |
| 251 | 256 |
| 252 /* And then a global limit to avoid chewing memory if connections | 257 /* And then a global limit to avoid chewing memory if connections |
| 253 * come from many IPs */ | 258 * come from many IPs */ |
| 254 #define MAX_UNAUTH_CLIENTS 30 | 259 #define MAX_UNAUTH_CLIENTS 30 |
| 255 | 260 |
| 256 /* Maximum number of failed authentication tries (server option) */ | 261 /* Default maximum number of failed authentication tries (server option) */ |
| 262 /* -T server option overrides */ | |
| 257 #define MAX_AUTH_TRIES 10 | 263 #define MAX_AUTH_TRIES 10 |
| 258 | 264 |
| 259 /* The default file to store the daemon's process ID, for shutdown | 265 /* The default file to store the daemon's process ID, for shutdown |
| 260 scripts etc. This can be overridden with the -P flag */ | 266 scripts etc. This can be overridden with the -P flag */ |
| 261 #define DROPBEAR_PIDFILE "/var/run/dropbear.pid" | 267 #define DROPBEAR_PIDFILE "/var/run/dropbear.pid" |