ClearML/dropbear
1
0
Fork 0
mirror of https://github.com/clearml/dropbear synced 2025-03-03 18:52:00 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

missed regenerating

Browse Source
This commit is contained in:
Matt Johnston 2018-02-18 23:48:24 +08:00
parent f2d86ae7d3
commit 8fdaf0268d
1 changed files with 27 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

68
default_options.h
View File

@ -16,9 +16,9 @@ Local customisation should be added to localoptions.h which is
used if it exists. Options defined there will override any options in this used if it exists. Options defined there will override any options in this
file. file.
Options can also be defined with -DDROPBEAR_XXX in Makefile CFLAGS Options can also be defined with -DDROPBEAR_XXX=[0,1] in Makefile CFLAGS
IMPORTANT: Many options will require "make clean" after changes */ IMPORTANT: Some options will require "make clean" after changes */
#ifndef DROPBEAR_DEFPORT #ifndef DROPBEAR_DEFPORT
#define DROPBEAR_DEFPORT "22" #define DROPBEAR_DEFPORT "22"
@ -64,9 +64,9 @@ IMPORTANT: Many options will require "make clean" after changes */
#endif #endif
/* Set this if you want to use the DROPBEAR_SMALL_CODE option. This can save /* Set this if you want to use the DROPBEAR_SMALL_CODE option. This can save
several kB in binary size however will make the symmetrical ciphers and hashes * several kB in binary size however will make the symmetrical ciphers and hashes
slower, perhaps by 50%. Recommended for small systems that aren't doing * slower, perhaps by 50%. Recommended for small systems that aren't doing
much traffic. */ * much traffic. */
#ifndef DROPBEAR_SMALL_CODE #ifndef DROPBEAR_SMALL_CODE
#define DROPBEAR_SMALL_CODE 1 #define DROPBEAR_SMALL_CODE 1
#endif #endif
@ -79,7 +79,6 @@ much traffic. */
/* Enable TCP Fowarding */ /* Enable TCP Fowarding */
/* 'Local' is "-L" style (client listening port forwarded via server) /* 'Local' is "-L" style (client listening port forwarded via server)
* 'Remote' is "-R" style (server listening port forwarded via client) */ * 'Remote' is "-R" style (server listening port forwarded via client) */
#ifndef DROPBEAR_CLI_LOCALTCPFWD #ifndef DROPBEAR_CLI_LOCALTCPFWD
#define DROPBEAR_CLI_LOCALTCPFWD 1 #define DROPBEAR_CLI_LOCALTCPFWD 1
#endif #endif
@ -137,10 +136,10 @@ much traffic. */
#define DROPBEAR_AES256 1 #define DROPBEAR_AES256 1
#endif #endif
#ifndef DROPBEAR_TWOFISH256 #ifndef DROPBEAR_TWOFISH256
#define DROPBEAR_TWOFISH256 1 #define DROPBEAR_TWOFISH256 0
#endif #endif
#ifndef DROPBEAR_TWOFISH128 #ifndef DROPBEAR_TWOFISH128
#define DROPBEAR_TWOFISH128 1 #define DROPBEAR_TWOFISH128 0
#endif #endif
/* Compiling in Blowfish will add ~6kB to runtime heap memory usage */ /* Compiling in Blowfish will add ~6kB to runtime heap memory usage */
#ifndef DROPBEAR_BLOWFISH #ifndef DROPBEAR_BLOWFISH
@ -160,13 +159,6 @@ much traffic. */
#define DROPBEAR_ENABLE_CTR_MODE 1 #define DROPBEAR_ENABLE_CTR_MODE 1
#endif #endif
/* Twofish counter mode is disabled by default because it
has not been tested for interoperability with other SSH implementations.
If you test it please contact the Dropbear author */
#ifndef DROPBEAR_TWOFISH_CTR
#define DROPBEAR_TWOFISH_CTR 0
#endif
/* Message integrity. sha2-256 is recommended as a default, /* Message integrity. sha2-256 is recommended as a default,
sha1 for compatibility */ sha1 for compatibility */
#ifndef DROPBEAR_SHA1_HMAC #ifndef DROPBEAR_SHA1_HMAC
@ -178,15 +170,6 @@ If you test it please contact the Dropbear author */
#ifndef DROPBEAR_SHA2_256_HMAC #ifndef DROPBEAR_SHA2_256_HMAC
#define DROPBEAR_SHA2_256_HMAC 1 #define DROPBEAR_SHA2_256_HMAC 1
#endif #endif
/* Default is to include it if sha512 is being compiled in for ECDSA */
#ifndef DROPBEAR_SHA2_512_HMAC
#define DROPBEAR_SHA2_512_HMAC (DROPBEAR_ECDSA)
#endif
/* XXX needed for fingerprints */
#ifndef DROPBEAR_MD5_HMAC
#define DROPBEAR_MD5_HMAC 0
#endif
/* Hostkey/public key algorithms - at least one required, these are used /* Hostkey/public key algorithms - at least one required, these are used
* for hostkey as well as for verifying signatures with pubkey auth. * for hostkey as well as for verifying signatures with pubkey auth.
@ -222,29 +205,26 @@ If you test it please contact the Dropbear author */
#define DROPBEAR_DELAY_HOSTKEY 1 #define DROPBEAR_DELAY_HOSTKEY 1
#endif #endif
/* Enable Curve25519 for key exchange. This is another elliptic
* curve method with good security properties. Increases binary size
* by ~8kB on x86-64 */
#ifndef DROPBEAR_CURVE25519
#define DROPBEAR_CURVE25519 1
#endif
/* Enable elliptic curve Diffie Hellman key exchange, see note about
* ECDSA above */
#ifndef DROPBEAR_ECDH
#define DROPBEAR_ECDH 1
#endif
/* Key exchange algorithm. /* Key exchange algorithm.
* group14_sha1 - 2048 bit, sha1 * group14_sha1 - 2048 bit, sha1
* group14_sha256 - 2048 bit, sha2-256 * group14_sha256 - 2048 bit, sha2-256
* group16 - 4096 bit, sha2-512 * group16 - 4096 bit, sha2-512
* group1 - 1024 bit, sha1 * group1 - 1024 bit, sha1
* curve25519 - elliptic curve DH
* ecdh - NIST elliptic curve DH (256, 384, 521)
* *
* group14 is supported by most implementations.
* group16 provides a greater strength level but is slower and increases binary size
* group1 is too small for security though is necessary if you need * group1 is too small for security though is necessary if you need
compatibility with some implementations such as Dropbear versions < 0.53 compatibility with some implementations such as Dropbear versions < 0.53
* group14 is supported by most implementations.
* group16 provides a greater strength level but is slower and increases binary size
* curve25519 and ecdh algorithms are faster than non-elliptic curve methods
* curve25519 increases binary size by ~8kB on x86-64
* including either ECDH or ECDSA increases binary size by ~30kB on x86-64
* Small systems should generally include either curve25519 or ecdh for performance.
* curve25519 is less widely supported but is faster
*/ */
#ifndef DROPBEAR_DH_GROUP1 #ifndef DROPBEAR_DH_GROUP1
#define DROPBEAR_DH_GROUP1 1 #define DROPBEAR_DH_GROUP1 1
@ -258,6 +238,12 @@ If you test it please contact the Dropbear author */
#ifndef DROPBEAR_DH_GROUP16 #ifndef DROPBEAR_DH_GROUP16
#define DROPBEAR_DH_GROUP16 0 #define DROPBEAR_DH_GROUP16 0
#endif #endif
#ifndef DROPBEAR_CURVE25519
#define DROPBEAR_CURVE25519 1
#endif
#ifndef DROPBEAR_ECDH
#define DROPBEAR_ECDH 1
#endif
/* Control the memory/performance/compression tradeoff for zlib. /* Control the memory/performance/compression tradeoff for zlib.
* Set windowBits=8 for least memory usage, see your system's * Set windowBits=8 for least memory usage, see your system's
@ -279,8 +265,6 @@ If you test it please contact the Dropbear author */
#ifndef DO_MOTD #ifndef DO_MOTD
#define DO_MOTD 0 #define DO_MOTD 0
#endif #endif
/* The MOTD file path */
#ifndef MOTD_FILENAME #ifndef MOTD_FILENAME
#define MOTD_FILENAME "/etc/motd" #define MOTD_FILENAME "/etc/motd"
#endif #endif
@ -344,7 +328,9 @@ Homedir is prepended unless path begins with / */
/* Save a network roundtrip by sendng a real auth request immediately after /* Save a network roundtrip by sendng a real auth request immediately after
* sending a query for the available methods. This is not yet enabled by default * sending a query for the available methods. This is not yet enabled by default
since it could cause problems with non-compliant servers */ since it could cause problems with non-compliant servers */
#define DROPBEAR_CLI_IMMEDIATE_AUTH 0 #ifndef DROPBEAR_CLI_IMMEDIATE_AUTH
#define DROPBEAR_CLI_IMMEDIATE_AUTH 0
#endif
/* Set this to use PRNGD or EGD instead of /dev/urandom */ /* Set this to use PRNGD or EGD instead of /dev/urandom */
#ifndef DROPBEAR_USE_PRNGD #ifndef DROPBEAR_USE_PRNGD