Fix "-c none" so that it allows aes during authentication

Default for options.h shouldn't allow "none"

2 files changed, 9 insertions, 5 deletions

diff --git a/common-runopts.c b/common-runopts.c
index 32e475e..9c2d5d5 100644
--- a/common-runopts.c
+++ b/common-runopts.c
@@ -75,6 +75,12 @@ parse_ciphers_macs()
 			dropbear_exit(".");
 		}
 
+		if (strcmp(opts.cipher_list, "none") == 0)
+		{
+			/* Encryption is required during authentication */
+			opts.cipher_list = "none,aes128-ctr";
+		}
+
 		if (check_user_algos(opts.cipher_list, sshciphers, "cipher") == 0)
 		{
 			dropbear_exit("No valid ciphers specified for '-c'");
diff --git a/options.h b/options.h
index cfb6172..c52d6c2 100644
--- a/options.h
+++ b/options.h
@@ -104,7 +104,7 @@ much traffic. */
  * this could be safe security-wise, though make sure you know what
  * you're doing. Anyone can see everything that goes over the wire, so
  * the only safe auth method is public key. */
-#define DROPBEAR_NONE_CIPHER
+/* #define DROPBEAR_NONE_CIPHER */
 
 /* Message Integrity - at least one required.
  * Protocol RFC requires sha1 and recommends sha1-96.
@@ -126,10 +126,8 @@ much traffic. */
 
 /* You can also disable integrity. Don't bother disabling this if you're
  * still using a cipher, it's relatively cheap. If you disable this it's dead
- * simple to run arbitrary commands on the remote host. Beware.
- * Note again, for the client you will have to disable other hashes above
- * to use this. */
-#define DROPBEAR_NONE_INTEGRITY
+ * simple to run arbitrary commands on the remote host. Beware. */
+/* #define DROPBEAR_NONE_INTEGRITY */
 
 /* Hostkey/public key algorithms - at least one required, these are used
  * for hostkey as well as for verifying signatures with pubkey auth.