package/network/services/dropbear/patches/120-openwrt_options.patch

   1 --- a/options.h
   2 +++ b/options.h
   3 @@ -41,7 +41,7 @@
   4   * Both of these flags can be defined at once, don't compile without at least
   5   * one of them. */
   6  #define NON_INETD_MODE
   7 -#define INETD_MODE
   8 +/*#define INETD_MODE*/
   9
  10  /* Setting this disables the fast exptmod bignum code. It saves ~5kB, but is
  11   * perhaps 20% slower for pubkey operations (it is probably worth experimenting
  12 @@ -81,7 +81,7 @@ much traffic. */
  13
  14  /* Enable "Netcat mode" option. This will forward standard input/output
  15   * to a remote TCP-forwarded connection */
  16 -#define ENABLE_CLI_NETCAT
  17 +/*#define ENABLE_CLI_NETCAT*/
  18
  19  /* Whether to support "-c" and "-m" flags to choose ciphers/MACs at runtime */
  20  #define ENABLE_USER_ALGO_LIST
  21 @@ -91,16 +91,16 @@ much traffic. */
  22   * Including multiple keysize variants the same cipher
  23   * (eg AES256 as well as AES128) will result in a minimal size increase.*/
  24  #define DROPBEAR_AES128
  25 -#define DROPBEAR_3DES
  26 +/*#define DROPBEAR_3DES*/
  27  #define DROPBEAR_AES256
  28  /* Compiling in Blowfish will add ~6kB to runtime heap memory usage */
  29  /*#define DROPBEAR_BLOWFISH*/
  30 -#define DROPBEAR_TWOFISH256
  31 -#define DROPBEAR_TWOFISH128
  32 +/*#define DROPBEAR_TWOFISH256*/
  33 +/*#define DROPBEAR_TWOFISH128*/
  34
  35  /* Enable CBC mode for ciphers. This has security issues though
  36   * is the most compatible with older SSH implementations */
  37 -#define DROPBEAR_ENABLE_CBC_MODE
  38 +/*#define DROPBEAR_ENABLE_CBC_MODE*/
  39
  40  /* Enable "Counter Mode" for ciphers. This is more secure than normal
  41   * CBC mode against certain attacks. It is recommended for security
  42 @@ -131,10 +131,10 @@ If you test it please contact the Dropbe
  43   * If you disable MD5, Dropbear will fall back to SHA1 fingerprints,
  44   * which are not the standard form. */
  45  #define DROPBEAR_SHA1_HMAC
  46 -#define DROPBEAR_SHA1_96_HMAC
  47 +/*#define DROPBEAR_SHA1_96_HMAC*/
  48  #define DROPBEAR_SHA2_256_HMAC
  49 -#define DROPBEAR_SHA2_512_HMAC
  50 -#define DROPBEAR_MD5_HMAC
  51 +/*#define DROPBEAR_SHA2_512_HMAC*/
  52 +/*#define DROPBEAR_MD5_HMAC*/
  53
  54  /* You can also disable integrity. Don't bother disabling this if you're
  55   * still using a cipher, it's relatively cheap. If you disable this it's dead
  56 @@ -146,7 +146,7 @@ If you test it please contact the Dropbe
  57   * Removing either of these won't save very much space.
  58   * SSH2 RFC Draft requires dss, recommends rsa */
  59  #define DROPBEAR_RSA
  60 -#define DROPBEAR_DSS
  61 +/*#define DROPBEAR_DSS*/
  62  /* ECDSA is significantly faster than RSA or DSS. Compiling in ECC
  63   * code (either ECDSA or ECDH) increases binary size - around 30kB
  64   * on x86-64 */
  65 @@ -194,7 +194,7 @@ If you test it please contact the Dropbe
  66
  67  /* Whether to print the message of the day (MOTD). This doesn't add much code
  68   * size */
  69 -#define DO_MOTD
  70 +/*#define DO_MOTD*/
  71
  72  /* The MOTD file path */
  73  #ifndef MOTD_FILENAME
  74 @@ -242,7 +242,7 @@ Homedir is prepended unless path begins
  75   * note that it will be provided for all "hidden" client-interactive
  76   * style prompts - if you want something more sophisticated, use
  77   * SSH_ASKPASS instead. Comment out this var to remove this functionality.*/
  78 -#define DROPBEAR_PASSWORD_ENV "DROPBEAR_PASSWORD"
  79 +/*#define DROPBEAR_PASSWORD_ENV "DROPBEAR_PASSWORD"*/
  80
  81  /* Define this (as well as ENABLE_CLI_PASSWORD_AUTH) to allow the use of
  82   * a helper program for the ssh client. The helper program should be