87118ef4ba9432435b89584f08a45f605c33b64a
[openwrt/openwrt.git] / package / network / services / dropbear / patches / 120-openwrt_options.patch
1 --- a/options.h
2 +++ b/options.h
3 @@ -41,7 +41,7 @@
4 * Both of these flags can be defined at once, don't compile without at least
5 * one of them. */
6 #define NON_INETD_MODE
7 -#define INETD_MODE
8 +/*#define INETD_MODE*/
9
10 /* Setting this disables the fast exptmod bignum code. It saves ~5kB, but is
11 * perhaps 20% slower for pubkey operations (it is probably worth experimenting
12 @@ -81,7 +81,7 @@ much traffic. */
13
14 /* Enable "Netcat mode" option. This will forward standard input/output
15 * to a remote TCP-forwarded connection */
16 -#define ENABLE_CLI_NETCAT
17 +/*#define ENABLE_CLI_NETCAT*/
18
19 /* Whether to support "-c" and "-m" flags to choose ciphers/MACs at runtime */
20 #define ENABLE_USER_ALGO_LIST
21 @@ -91,16 +91,16 @@ much traffic. */
22 * Including multiple keysize variants the same cipher
23 * (eg AES256 as well as AES128) will result in a minimal size increase.*/
24 #define DROPBEAR_AES128
25 -#define DROPBEAR_3DES
26 +/*#define DROPBEAR_3DES*/
27 #define DROPBEAR_AES256
28 /* Compiling in Blowfish will add ~6kB to runtime heap memory usage */
29 /*#define DROPBEAR_BLOWFISH*/
30 -#define DROPBEAR_TWOFISH256
31 -#define DROPBEAR_TWOFISH128
32 +/*#define DROPBEAR_TWOFISH256*/
33 +/*#define DROPBEAR_TWOFISH128*/
34
35 /* Enable CBC mode for ciphers. This has security issues though
36 * is the most compatible with older SSH implementations */
37 -#define DROPBEAR_ENABLE_CBC_MODE
38 +/*#define DROPBEAR_ENABLE_CBC_MODE*/
39
40 /* Enable "Counter Mode" for ciphers. This is more secure than normal
41 * CBC mode against certain attacks. It is recommended for security
42 @@ -131,9 +131,9 @@ If you test it please contact the Dropbe
43 * If you disable MD5, Dropbear will fall back to SHA1 fingerprints,
44 * which are not the standard form. */
45 #define DROPBEAR_SHA1_HMAC
46 -#define DROPBEAR_SHA1_96_HMAC
47 -#define DROPBEAR_SHA2_256_HMAC
48 -#define DROPBEAR_SHA2_512_HMAC
49 +/*#define DROPBEAR_SHA1_96_HMAC*/
50 +/*#define DROPBEAR_SHA2_256_HMAC*/
51 +/*#define DROPBEAR_SHA2_512_HMAC*/
52 #define DROPBEAR_MD5_HMAC
53
54 /* You can also disable integrity. Don't bother disabling this if you're
55 @@ -146,7 +146,7 @@ If you test it please contact the Dropbe
56 * Removing either of these won't save very much space.
57 * SSH2 RFC Draft requires dss, recommends rsa */
58 #define DROPBEAR_RSA
59 -#define DROPBEAR_DSS
60 +/*#define DROPBEAR_DSS*/
61 /* ECDSA is significantly faster than RSA or DSS. Compiling in ECC
62 * code (either ECDSA or ECDH) increases binary size - around 30kB
63 * on x86-64 */
64 @@ -189,7 +189,7 @@ If you test it please contact the Dropbe
65
66 /* Whether to print the message of the day (MOTD). This doesn't add much code
67 * size */
68 -#define DO_MOTD
69 +/*#define DO_MOTD*/
70
71 /* The MOTD file path */
72 #ifndef MOTD_FILENAME
73 @@ -231,7 +231,7 @@ Homedir is prepended unless path begins
74 * note that it will be provided for all "hidden" client-interactive
75 * style prompts - if you want something more sophisticated, use
76 * SSH_ASKPASS instead. Comment out this var to remove this functionality.*/
77 -#define DROPBEAR_PASSWORD_ENV "DROPBEAR_PASSWORD"
78 +/*#define DROPBEAR_PASSWORD_ENV "DROPBEAR_PASSWORD"*/
79
80 /* Define this (as well as ENABLE_CLI_PASSWORD_AUTH) to allow the use of
81 * a helper program for the ssh client. The helper program should be