Mercurial > dropbear
diff sysoptions.h @ 1248:739b3909c499
Get rid of group15, move group16 to sha512.
New groups are disabled by default pending
draft-ietf-curdle-ssh-kex-sha2-02 being finalised
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Sat, 12 Mar 2016 16:21:13 +0800 |
parents | 2c23d72e06b2 |
children | 309e1c4a8768 |
line wrap: on
line diff
--- a/sysoptions.h Thu Mar 10 21:37:35 2016 +0800 +++ b/sysoptions.h Sat Mar 12 16:21:13 2016 +0800 @@ -113,20 +113,25 @@ #define RSA_BLINDING /* hashes which will be linked and registered */ -#if defined(DROPBEAR_SHA2_256_HMAC) || defined(DROPBEAR_ECC_256) || defined(DROPBEAR_CURVE25519) +#if defined(DROPBEAR_SHA2_256_HMAC) || defined(DROPBEAR_ECC_256) || defined(DROPBEAR_CURVE25519) || DROPBEAR_DH_GROUP14 #define DROPBEAR_SHA256 #endif #if defined(DROPBEAR_ECC_384) #define DROPBEAR_SHA384 #endif /* LTC SHA384 depends on SHA512 */ -#if defined(DROPBEAR_SHA2_512_HMAC) || defined(DROPBEAR_ECC_521) || defined(DROPBEAR_ECC_384) +#if defined(DROPBEAR_SHA2_512_HMAC) || defined(DROPBEAR_ECC_521) || defined(DROPBEAR_ECC_384) || DROPBEAR_DH_GROUP16 #define DROPBEAR_SHA512 #endif #if defined(DROPBEAR_MD5_HMAC) #define DROPBEAR_MD5 #endif +/* These are disabled in Dropbear 2016.73 by default since the spec + draft-ietf-curdle-ssh-kex-sha2-02 is under development. */ +#define DROPBEAR_DH_GROUP14_256 0 +#define DROPBEAR_DH_GROUP16 0 + /* roughly 2x 521 bits */ #define MAX_ECC_SIZE 140