dropbear with external libtommath/libtomcrypt
Peter Korsgaard
peter at korsgaard.com
Thu Apr 28 15:31:09 AWST 2016
>>>>> "Matt" == Matt Johnston <matt at ucc.asn.au> writes:
Sorry for the slow response.
> Hi Peter,
> External libraries are fine - Debian has used them for a
> while.
Thanks. Where did you see Debian using it? Looking at
E.G. http://http.debian.net/debian/pool/main/d/dropbear/dropbear_2016.73-1.debian.tar.xz
I see they configure with --enable-bundled-libtom.
Checking here, a static build with external libtom* is unfortunately 25%
bigger (75K). Is that to be expected?
> The only security-important change is
> https://secure.ucc.asn.au/hg/dropbear/rev/a55b97f5a485 which
> I assume is already in buildroot.
Yes, indeed - Thanks.
> I've made a few small changes to clear memory or avoid
> memory allocations - those could go upstream to libtom at
> some point.
Ok.
--
Venlig hilsen,
Peter Korsgaard
More information about the Dropbear
mailing list