|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
dropbear 2018.76 changes say:
Custom configuration is now specified in localoptions.h rather than options.h
Available options and defaults can be seen in default_options.h
To migrate your configuration, compare your customised options.h against the
upstream options.h from your relevant version. Any customised options should
be put in localoptions.h in the build directory.
Following is such a comparison as recommended above:
--- dropbear-2014.65/options.h 2014-08-08 09:40:47.000000000 -0400
+++ options.h 2014-10-18 10:32:18.671773903 -0400
@@ -41,7 +41,7 @@
* Both of these flags can be defined at once, don't compile without at least
* one of them. */
#define NON_INETD_MODE
-#define INETD_MODE
+/*#define INETD_MODE*/
/* Setting this disables the fast exptmod bignum code. It saves ~5kB, but is
* perhaps 20% slower for pubkey operations (it is probably worth experimenting
@@ -55,7 +55,7 @@
#define DROPBEAR_SMALL_CODE
/* Enable X11 Forwarding - server only */
-#define ENABLE_X11FWD
+/*#define ENABLE_X11FWD*/
/* Enable TCP Fowarding */
/* 'Local' is "-L" style (client listening port forwarded via server)
@@ -81,7 +81,7 @@
/* Enable "Netcat mode" option. This will forward standard input/output
* to a remote TCP-forwarded connection */
-#define ENABLE_CLI_NETCAT
+/*#define ENABLE_CLI_NETCAT*/
/* Whether to support "-c" and "-m" flags to choose ciphers/MACs at runtime */
#define ENABLE_USER_ALGO_LIST
@@ -95,8 +95,8 @@
#define DROPBEAR_AES256
/* Compiling in Blowfish will add ~6kB to runtime heap memory usage */
/*#define DROPBEAR_BLOWFISH*/
-#define DROPBEAR_TWOFISH256
-#define DROPBEAR_TWOFISH128
+/*#define DROPBEAR_TWOFISH256*/
+/*#define DROPBEAR_TWOFISH128*/
/* Enable "Counter Mode" for ciphers. This is more secure than normal
* CBC mode against certain attacks. This adds around 1kB to binary
@@ -264,14 +264,14 @@
/* The command to invoke for xauth when using X11 forwarding.
* "-q" for quiet */
#ifndef XAUTH_COMMAND
-#define XAUTH_COMMAND "/usr/bin/xauth -q"
+/*#define XAUTH_COMMAND "/usr/bin/xauth -q"*/
#endif
/* if you want to enable running an sftp server (such as the one included with
* OpenSSH), set the path below. If the path isn't defined, sftp will not
* be enabled */
#ifndef SFTPSERVER_PATH
-#define SFTPSERVER_PATH "/usr/libexec/sftp-server"
+/*#define SFTPSERVER_PATH "/usr/libexec/sftp-server"*/
#endif
/* This is used by the scp binary when used as a client binary. If you're
|