hsist
/
freifunkist-firmware
6
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity

dropbear: enable SHA256 HMACs

Browse Source 
The only HMACs currently available use MD5 and SHA1, both of which have known
weaknesses. We already compile in the SHA256 code since we use Curve25519
by default, so there's no significant size penalty to enabling this.

Signed-off-by: Joseph C. Sible <josephcsible@users.noreply.github.com>
master
Joseph C. Sible 8 years ago committed by Felix Fietkau
parent 2c416b1db0
commit 0bf85ef048
1 changed files with 2 additions and 3 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 5
      package/network/services/dropbear/patches/120-openwrt_options.patch

5
package/network/services/dropbear/patches/120-openwrt_options.patch
Unescape View File

@ -44,10 +44,9 @@
* which are not the standard form. */
#define DROPBEAR_SHA1_HMAC
-#define DROPBEAR_SHA1_96_HMAC
-#define DROPBEAR_SHA2_256_HMAC
-#define DROPBEAR_SHA2_512_HMAC
+/*#define DROPBEAR_SHA1_96_HMAC*/
+/*#define DROPBEAR_SHA2_256_HMAC*/
#define DROPBEAR_SHA2_256_HMAC
-#define DROPBEAR_SHA2_512_HMAC
+/*#define DROPBEAR_SHA2_512_HMAC*/
#define DROPBEAR_MD5_HMAC

Write Preview
Loading…
Cancel
Save