diff options
| author | Dag-Erling Smørgrav <des@FreeBSD.org> | 2011-02-17 11:47:40 +0000 |
|---|---|---|
| committer | Dag-Erling Smørgrav <des@FreeBSD.org> | 2011-02-17 11:47:40 +0000 |
| commit | 9f6de2d748109e4e479c9259468a79973631e7fc (patch) | |
| tree | 1d333e32031110bf9bfd5e15980adf8221240df8 /myproposal.h | |
| parent | 3a927e69c380468bb32766c99aa7caf86de401a4 (diff) | |
| download | src-9f6de2d748109e4e479c9259468a79973631e7fc.tar.gz src-9f6de2d748109e4e479c9259468a79973631e7fc.zip | |
Vendor import of OpenSSH 5.7p1vendor/openssh/5.7p1
Notes
Notes:
svn path=/vendor-crypto/openssh/dist/; revision=218767
svn path=/vendor-crypto/openssh/5.7p1/; revision=218768; tag=vendor/openssh/5.7p1
Diffstat (limited to 'myproposal.h')
| -rw-r--r-- | myproposal.h | 51 |
1 files changed, 37 insertions, 14 deletions
diff --git a/myproposal.h b/myproposal.h index 7bedfab0a935..2c43607a7bd6 100644 --- a/myproposal.h +++ b/myproposal.h @@ -1,4 +1,4 @@ -/* $OpenBSD: myproposal.h,v 1.25 2010/04/16 01:47:26 djm Exp $ */ +/* $OpenBSD: myproposal.h,v 1.27 2010/09/01 22:42:13 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -26,26 +26,49 @@ #include <openssl/opensslv.h> +#ifdef OPENSSL_HAS_ECC +# define KEX_ECDH_METHODS \ + "ecdh-sha2-nistp256," \ + "ecdh-sha2-nistp384," \ + "ecdh-sha2-nistp521," +# define HOSTKEY_ECDSA_CERT_METHODS \ + "ecdsa-sha2-nistp256-cert-v01@openssh.com," \ + "ecdsa-sha2-nistp384-cert-v01@openssh.com," \ + "ecdsa-sha2-nistp521-cert-v01@openssh.com," +# define HOSTKEY_ECDSA_METHODS \ + "ecdsa-sha2-nistp256," \ + "ecdsa-sha2-nistp384," \ + "ecdsa-sha2-nistp521," +#else +# define KEX_ECDH_METHODS +# define HOSTKEY_ECDSA_CERT_METHODS +# define HOSTKEY_ECDSA_METHODS +#endif + /* Old OpenSSL doesn't support what we need for DHGEX-sha256 */ -#if OPENSSL_VERSION_NUMBER < 0x00907000L -# define KEX_DEFAULT_KEX \ - "diffie-hellman-group-exchange-sha1," \ - "diffie-hellman-group14-sha1," \ - "diffie-hellman-group1-sha1" +#if OPENSSL_VERSION_NUMBER >= 0x00907000L +# define KEX_SHA256_METHODS \ + "diffie-hellman-group-exchange-sha256," #else -# define KEX_DEFAULT_KEX \ - "diffie-hellman-group-exchange-sha256," \ +# define KEX_SHA256_METHODS +#endif + +# define KEX_DEFAULT_KEX \ + KEX_ECDH_METHODS \ + KEX_SHA256_METHODS \ "diffie-hellman-group-exchange-sha1," \ "diffie-hellman-group14-sha1," \ "diffie-hellman-group1-sha1" -#endif #define KEX_DEFAULT_PK_ALG \ - "ssh-rsa-cert-v01@openssh.com," \ - "ssh-dss-cert-v01@openssh.com," \ - "ssh-rsa-cert-v00@openssh.com," \ - "ssh-dss-cert-v00@openssh.com," \ - "ssh-rsa,ssh-dss" + HOSTKEY_ECDSA_CERT_METHODS \ + "ssh-rsa-cert-v01@openssh.com," \ + "ssh-dss-cert-v01@openssh.com," \ + "ssh-rsa-cert-v00@openssh.com," \ + "ssh-dss-cert-v00@openssh.com," \ + HOSTKEY_ECDSA_METHODS \ + "ssh-rsa," \ + "ssh-dss" #define KEX_DEFAULT_ENCRYPT \ "aes128-ctr,aes192-ctr,aes256-ctr," \ |