[Buildroot] [PATCH] package/dropbear: bump to version 2020.79
peter at korsgaard.com
Tue Jun 23 06:19:25 UTC 2020
>>>>> "Alexander" == Alexander Dahl <post at lespocky.de> writes:
> Hei hei,
> On Mon, Jun 22, 2020 at 11:07:36AM +0200, Peter Korsgaard wrote:
>> >>>>> "Francois" == Francois Perrad <fperrad at gmail.com> writes:
>> > CBC ciphers, 3DES and hmac-sha1-96 are now disabled by default.
>> Do we expect that to cause compatibility issues?
> I just looked in package/dropbear/dropbear.mk and those options are
> explicitly disabled if DROPBEAR_DISABLE_LEGACY_CRYPTO is set. From a
You mean NOT set (ifndef).
> quick glance I would say now there's no possibility to activate those
Indeed. Presumably we need to handle the case where the option is set to
ensure you end up with the configuration as described in the help text:
Enable legacy and possibly insecure algorithms:
SHA1-96 message integrity
CBC encryption mode
DSA public keys
Diffie-Hellman Group1 key exchange
Bye, Peter Korsgaard
More information about the buildroot