Add config option to disable cbc. Disable twofish by default

2025-06-26 18:17:32 +00:00 · 2015-01-23 22:37:14 +08:00
parent 5c57a31184
commit 6cbb23a819
2 changed files with 13 additions and 4 deletions
--- a/options.h
+++ b/options.h
@@ -95,8 +95,12 @@ much traffic. */
 #define DROPBEAR_AES256
 /* Compiling in Blowfish will add ~6kB to runtime heap memory usage */
 /*#define DROPBEAR_BLOWFISH*/
-#define DROPBEAR_TWOFISH256
-#define DROPBEAR_TWOFISH128
+/*#define DROPBEAR_TWOFISH256*/
+/*#define DROPBEAR_TWOFISH128*/
+
+/* Enable CBC mode for ciphers. This has security issues though
+ * is the most compatible with older SSH implementations */
+#define DROPBEAR_ENABLE_CBC_MODE

 /* Enable "Counter Mode" for ciphers. This is more secure than normal
 * CBC mode against certain attacks. This adds around 1kB to binary