[source] dropbear: enable SHA256 HMACs
LEDE Commits
lede-commits at lists.infradead.org
Fri Feb 17 03:32:57 PST 2017
stintel pushed a commit to source.git, branch lede-17.01:
https://git.lede-project.org/f5274363644852f7064adb7e654e3f41c640b106
commit f5274363644852f7064adb7e654e3f41c640b106
Author: Joseph C. Sible <josephcsible at users.noreply.github.com>
AuthorDate: Thu Feb 2 01:51:51 2017 -0500
dropbear: enable SHA256 HMACs
The only HMACs currently available use MD5 and SHA1, both of which have known
weaknesses. We already compile in the SHA256 code since we use Curve25519
by default, so there's no significant size penalty to enabling this.
Signed-off-by: Joseph C. Sible <josephcsible at users.noreply.github.com>
(cherry picked from commit 0bf85ef04806e0fd5a6f78ac9f6a32aabb1e7fdc)
---
package/network/services/dropbear/patches/120-openwrt_options.patch | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/package/network/services/dropbear/patches/120-openwrt_options.patch b/package/network/services/dropbear/patches/120-openwrt_options.patch
index f16aaf0..b49a95c 100644
--- a/package/network/services/dropbear/patches/120-openwrt_options.patch
+++ b/package/network/services/dropbear/patches/120-openwrt_options.patch
@@ -44,10 +44,9 @@
* which are not the standard form. */
#define DROPBEAR_SHA1_HMAC
-#define DROPBEAR_SHA1_96_HMAC
--#define DROPBEAR_SHA2_256_HMAC
--#define DROPBEAR_SHA2_512_HMAC
+/*#define DROPBEAR_SHA1_96_HMAC*/
-+/*#define DROPBEAR_SHA2_256_HMAC*/
+ #define DROPBEAR_SHA2_256_HMAC
+-#define DROPBEAR_SHA2_512_HMAC
+/*#define DROPBEAR_SHA2_512_HMAC*/
#define DROPBEAR_MD5_HMAC
More information about the lede-commits
mailing list