From 6cbb23a819fc92099b7c23b1d17a63af76b378b6 Mon Sep 17 00:00:00 2001
From: Matt Johnston <matt@ucc.asn.au>
Date: Fri, 23 Jan 2015 22:37:14 +0800
Subject: Add config option to disable cbc. Disable twofish by default

---
 options.h | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

(limited to 'options.h')

diff --git a/options.h b/options.h
index c96709c..213ba04 100644
--- a/options.h
+++ b/options.h
@@ -95,8 +95,12 @@ much traffic. */
 #define DROPBEAR_AES256
 /* Compiling in Blowfish will add ~6kB to runtime heap memory usage */
 /*#define DROPBEAR_BLOWFISH*/
-#define DROPBEAR_TWOFISH256
-#define DROPBEAR_TWOFISH128
+/*#define DROPBEAR_TWOFISH256*/
+/*#define DROPBEAR_TWOFISH128*/
+
+/* Enable CBC mode for ciphers. This has security issues though
+ * is the most compatible with older SSH implementations */
+#define DROPBEAR_ENABLE_CBC_MODE
 
 /* Enable "Counter Mode" for ciphers. This is more secure than normal
  * CBC mode against certain attacks. This adds around 1kB to binary 
-- 
cgit v1.2.3