upstream: Remove unsupported algorithms from list of defaults at run

time and remove ifdef and distinct settings for OPENSSL=no case.

This will make things much simpler for -portable where the exact set
of algos depends on the configuration of both OpenSSH and the libcrypto
it's linked against (if any).  ok djm@

OpenBSD-Commit-ID: e0116d0183dcafc7a9c40ba5fe9127805c5dfdd2

6 files changed, 92 insertions, 162 deletions

diff --git a/clientloop.c b/clientloop.c
index 8f0332df4..4acf2806d 100644
--- a/clientloop.c
+++ b/clientloop.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: clientloop.c,v 1.330 2019/12/21 02:19:13 djm Exp $ */
+/* $OpenBSD: clientloop.c,v 1.331 2020/01/23 02:46:49 dtucker Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -2046,8 +2046,7 @@ static int
 key_accepted_by_hostkeyalgs(const struct sshkey *key)
 {
         const char *ktype = sshkey_ssh_name(key);
-        const char *hostkeyalgs = options.hostkeyalgorithms != NULL ?
-            options.hostkeyalgorithms : KEX_DEFAULT_PK_ALG;
+        const char *hostkeyalgs = options.hostkeyalgorithms;
 
         if (key == NULL || key->type == KEY_UNSPEC)
                 return 0;
diff --git a/myproposal.h b/myproposal.h
index 145704f49..dd2499d66 100644
--- a/myproposal.h
+++ b/myproposal.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: myproposal.h,v 1.65 2020/01/22 04:58:23 tedu Exp $ */
+/* $OpenBSD: myproposal.h,v 1.66 2020/01/23 02:46:49 dtucker Exp $ */
 
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@@ -24,110 +24,47 @@
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
-#ifdef WITH_OPENSSL
-#include <openssl/opensslv.h>
-#endif
-
-/* conditional algorithm support */
-
-#ifdef OPENSSL_HAS_ECC
-# ifdef OPENSSL_HAS_NISTP521
-#  define KEX_ECDH_METHODS \
+#define KEX_SERVER_KEX  \
+        "curve25519-sha256," \
+        "curve25519-sha256@libssh.org," \
         "ecdh-sha2-nistp256," \
         "ecdh-sha2-nistp384," \
-        "ecdh-sha2-nistp521,"
-#  define HOSTKEY_ECDSA_CERT_METHODS \
-        "ecdsa-sha2-nistp256-cert-v01@openssh.com," \
-        "ecdsa-sha2-nistp384-cert-v01@openssh.com," \
-        "ecdsa-sha2-nistp521-cert-v01@openssh.com," \
-        "sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,"
-#  define HOSTKEY_ECDSA_METHODS \
-        "ecdsa-sha2-nistp256," \
-        "ecdsa-sha2-nistp384," \
-        "ecdsa-sha2-nistp521," \
-        "sk-ecdsa-sha2-nistp256@openssh.com,"
-# else /* OPENSSL_HAS_NISTP521 */
-#  define KEX_ECDH_METHODS \
-        "ecdh-sha2-nistp256," \
-        "ecdh-sha2-nistp384,"
-#  define HOSTKEY_ECDSA_CERT_METHODS \
-        "ecdsa-sha2-nistp256-cert-v01@openssh.com," \
-        "ecdsa-sha2-nistp384-cert-v01@openssh.com," \
-        "sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,"
-#  define HOSTKEY_ECDSA_METHODS \
-        "ecdsa-sha2-nistp256," \
-        "ecdsa-sha2-nistp384," \
-        "sk-ecdsa-sha2-nistp256@openssh.com,"
-# endif /* OPENSSL_HAS_NISTP521 */
-#else /* OPENSSL_HAS_ECC */
-# define KEX_ECDH_METHODS
-# define HOSTKEY_ECDSA_CERT_METHODS
-# define HOSTKEY_ECDSA_METHODS
-#endif /* OPENSSL_HAS_ECC */
-
-#ifdef OPENSSL_HAVE_EVPGCM
-# define AESGCM_CIPHER_MODES \
-        ",aes128-gcm@openssh.com,aes256-gcm@openssh.com"
-#else
-# define AESGCM_CIPHER_MODES
-#endif
-
-#ifdef HAVE_EVP_SHA256
-# define KEX_SHA2_METHODS \
+        "ecdh-sha2-nistp521," \
         "diffie-hellman-group-exchange-sha256," \
         "diffie-hellman-group16-sha512," \
-        "diffie-hellman-group18-sha512,"
-# define KEX_SHA2_GROUP14 \
-        "diffie-hellman-group14-sha256,"
-#define SHA2_HMAC_MODES \
-        "hmac-sha2-256," \
-        "hmac-sha2-512,"
-#else
-# define KEX_SHA2_METHODS
-# define KEX_SHA2_GROUP14
-# define SHA2_HMAC_MODES
-#endif
-
-#ifdef WITH_OPENSSL
-# ifdef HAVE_EVP_SHA256
-#  define KEX_CURVE25519_METHODS \
-        "curve25519-sha256," \
-        "curve25519-sha256@libssh.org,"
-# else
-#  define KEX_CURVE25519_METHODS ""
-# endif
-#define KEX_SERVER_KEX \
-        KEX_CURVE25519_METHODS \
-        KEX_ECDH_METHODS \
-        KEX_SHA2_METHODS \
-        KEX_SHA2_GROUP14
+        "diffie-hellman-group18-sha512," \
+        "diffie-hellman-group14-sha256"
 
 #define KEX_CLIENT_KEX KEX_SERVER_KEX
 
 #define KEX_DEFAULT_PK_ALG      \
-        HOSTKEY_ECDSA_CERT_METHODS \
+        "ecdsa-sha2-nistp256-cert-v01@openssh.com," \
+        "ecdsa-sha2-nistp384-cert-v01@openssh.com," \
+        "ecdsa-sha2-nistp521-cert-v01@openssh.com," \
+        "sk-ecdsa-sha2-nistp256-cert-v01@openssh.com," \
         "ssh-ed25519-cert-v01@openssh.com," \
         "sk-ssh-ed25519-cert-v01@openssh.com," \
         "rsa-sha2-512-cert-v01@openssh.com," \
         "rsa-sha2-256-cert-v01@openssh.com," \
         "ssh-rsa-cert-v01@openssh.com," \
-        HOSTKEY_ECDSA_METHODS \
+        "ecdsa-sha2-nistp256," \
+        "ecdsa-sha2-nistp384," \
+        "ecdsa-sha2-nistp521," \
+        "sk-ecdsa-sha2-nistp256@openssh.com," \
         "ssh-ed25519," \
         "sk-ssh-ed25519@openssh.com," \
         "rsa-sha2-512," \
         "rsa-sha2-256," \
         "ssh-rsa"
 
-/* the actual algorithms */
-
-#define KEX_SERVER_ENCRYPT \
+#define KEX_SERVER_ENCRYPT \
         "chacha20-poly1305@openssh.com," \
-        "aes128-ctr,aes192-ctr,aes256-ctr" \
-        AESGCM_CIPHER_MODES
+        "aes128-ctr,aes192-ctr,aes256-ctr," \
+        "aes128-gcm@openssh.com,aes256-gcm@openssh.com"
 
 #define KEX_CLIENT_ENCRYPT KEX_SERVER_ENCRYPT
 
-#define KEX_SERVER_MAC \
+#define KEX_SERVER_MAC \
         "umac-64-etm@openssh.com," \
         "umac-128-etm@openssh.com," \
         "hmac-sha2-256-etm@openssh.com," \
@@ -143,44 +80,16 @@
 
 /* Not a KEX value, but here so all the algorithm defaults are together */
 #define SSH_ALLOWED_CA_SIGALGS  \
-        HOSTKEY_ECDSA_METHODS \
+        "ecdsa-sha2-nistp256," \
+        "ecdsa-sha2-nistp384," \
+        "ecdsa-sha2-nistp521," \
+        "sk-ecdsa-sha2-nistp256@openssh.com," \
         "ssh-ed25519," \
         "sk-ssh-ed25519@openssh.com," \
         "rsa-sha2-512," \
         "rsa-sha2-256," \
         "ssh-rsa"
 
-#else /* WITH_OPENSSL */
-
-#define KEX_SERVER_KEX          \
-        "curve25519-sha256," \
-        "curve25519-sha256@libssh.org"
-#define KEX_DEFAULT_PK_ALG      \
-        "ssh-ed25519-cert-v01@openssh.com," \
-        "ssh-ed25519"
-#define KEX_SERVER_ENCRYPT \
-        "chacha20-poly1305@openssh.com," \
-        "aes128-ctr,aes192-ctr,aes256-ctr"
-#define KEX_SERVER_MAC \
-        "umac-64-etm@openssh.com," \
-        "umac-128-etm@openssh.com," \
-        "hmac-sha2-256-etm@openssh.com," \
-        "hmac-sha2-512-etm@openssh.com," \
-        "hmac-sha1-etm@openssh.com," \
-        "umac-64@openssh.com," \
-        "umac-128@openssh.com," \
-        "hmac-sha2-256," \
-        "hmac-sha2-512," \
-        "hmac-sha1"
-
-#define KEX_CLIENT_KEX KEX_SERVER_KEX
-#define KEX_CLIENT_ENCRYPT KEX_SERVER_ENCRYPT
-#define KEX_CLIENT_MAC KEX_SERVER_MAC
-
-#define SSH_ALLOWED_CA_SIGALGS  "ssh-ed25519,sk-ssh-ed25519@openssh.com"
-
-#endif /* WITH_OPENSSL */
-
 #define KEX_DEFAULT_COMP        "none,zlib@openssh.com"
 #define KEX_DEFAULT_LANG        ""
 
@@ -207,4 +116,3 @@
         KEX_DEFAULT_COMP, \
         KEX_DEFAULT_LANG, \
         KEX_DEFAULT_LANG
-
diff --git a/readconf.c b/readconf.c
index cb3ae6dc7..ff551c856 100644
--- a/readconf.c
+++ b/readconf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.c,v 1.319 2019/12/21 02:19:13 djm Exp $ */
+/* $OpenBSD: readconf.c,v 1.320 2020/01/23 02:46:49 dtucker Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -314,6 +314,16 @@ static struct {
         { NULL, oBadOption }
 };
 
+static char *kex_default_pk_alg_filtered;
+
+const char *
+kex_default_pk_alg(void)
+{
+        if (kex_default_pk_alg_filtered == NULL)
+                fatal("kex_default_pk_alg not initialized.");
+        return kex_default_pk_alg_filtered;
+}
+
 /*
  * Adds a local TCP/IP port forward to options.  Never returns if there is an
  * error.
@@ -2003,6 +2013,7 @@ void
 fill_default_options(Options * options)
 {
         char *all_cipher, *all_mac, *all_kex, *all_key, *all_sig;
+        char *def_cipher, *def_mac, *def_kex, *def_key, *def_sig;
         int r;
 
         if (options->forward_agent == -1)
@@ -2167,24 +2178,35 @@ fill_default_options(Options * options)
         all_kex = kex_alg_list(',');
         all_key = sshkey_alg_list(0, 0, 1, ',');
         all_sig = sshkey_alg_list(0, 1, 1, ',');
+        /* remove unsupported algos from default lists */
+        def_cipher = match_filter_whitelist(KEX_CLIENT_ENCRYPT, all_cipher);
+        def_mac = match_filter_whitelist(KEX_CLIENT_MAC, all_mac);
+        def_kex = match_filter_whitelist(KEX_CLIENT_KEX, all_kex);
+        def_key = match_filter_whitelist(KEX_DEFAULT_PK_ALG, all_key);
+        def_sig = match_filter_whitelist(SSH_ALLOWED_CA_SIGALGS, all_sig);
 #define ASSEMBLE(what, defaults, all) \
         do { \
                 if ((r = kex_assemble_names(&options->what, \
                     defaults, all)) != 0) \
                         fatal("%s: %s: %s", __func__, #what, ssh_err(r)); \
         } while (0)
-        ASSEMBLE(ciphers, KEX_CLIENT_ENCRYPT, all_cipher);
-        ASSEMBLE(macs, KEX_CLIENT_MAC, all_mac);
-        ASSEMBLE(kex_algorithms, KEX_CLIENT_KEX, all_kex);
-        ASSEMBLE(hostbased_key_types, KEX_DEFAULT_PK_ALG, all_key);
-        ASSEMBLE(pubkey_key_types, KEX_DEFAULT_PK_ALG, all_key);
-        ASSEMBLE(ca_sign_algorithms, SSH_ALLOWED_CA_SIGALGS, all_sig);
+        ASSEMBLE(ciphers, def_cipher, all_cipher);
+        ASSEMBLE(macs, def_mac, all_mac);
+        ASSEMBLE(kex_algorithms, def_kex, all_kex);
+        ASSEMBLE(hostbased_key_types, def_key, all_key);
+        ASSEMBLE(pubkey_key_types, def_key, all_key);
+        ASSEMBLE(ca_sign_algorithms, def_sig, all_sig);
 #undef ASSEMBLE
         free(all_cipher);
         free(all_mac);
         free(all_kex);
         free(all_key);
         free(all_sig);
+        free(def_cipher);
+        free(def_mac);
+        free(def_kex);
+        kex_default_pk_alg_filtered = def_key; /* save for later use */
+        free(def_sig);
 
 #define CLEAR_ON_NONE(v) \
         do { \
@@ -2634,14 +2656,7 @@ void
 dump_client_config(Options *o, const char *host)
 {
         int i;
-        char buf[8], *all_key;
-
-        /* This is normally prepared in ssh_kex2 */
-        all_key = sshkey_alg_list(0, 0, 1, ',');
-        if (kex_assemble_names( &o->hostkeyalgorithms,
-            KEX_DEFAULT_PK_ALG, all_key) != 0)
-                fatal("%s: kex_assemble_names failed", __func__);
-        free(all_key);
+        char buf[8];
 
         /* Most interesting options first: user, host, port */
         dump_cfg_string(oUser, o->user);
@@ -2698,7 +2713,7 @@ dump_client_config(Options *o, const char *host)
         /* String options */
         dump_cfg_string(oBindAddress, o->bind_address);
         dump_cfg_string(oBindInterface, o->bind_interface);
-        dump_cfg_string(oCiphers, o->ciphers ? o->ciphers : KEX_CLIENT_ENCRYPT);
+        dump_cfg_string(oCiphers, o->ciphers);
         dump_cfg_string(oControlPath, o->control_path);
         dump_cfg_string(oHostKeyAlgorithms, o->hostkeyalgorithms);
         dump_cfg_string(oHostKeyAlias, o->host_key_alias);
@@ -2706,12 +2721,12 @@ dump_client_config(Options *o, const char *host)
         dump_cfg_string(oIdentityAgent, o->identity_agent);
         dump_cfg_string(oIgnoreUnknown, o->ignored_unknown);
         dump_cfg_string(oKbdInteractiveDevices, o->kbd_interactive_devices);
-        dump_cfg_string(oKexAlgorithms, o->kex_algorithms ? o->kex_algorithms : KEX_CLIENT_KEX);
-        dump_cfg_string(oCASignatureAlgorithms, o->ca_sign_algorithms ? o->ca_sign_algorithms : SSH_ALLOWED_CA_SIGALGS);
+        dump_cfg_string(oKexAlgorithms, o->kex_algorithms);
+        dump_cfg_string(oCASignatureAlgorithms, o->ca_sign_algorithms);
         dump_cfg_string(oLocalCommand, o->local_command);
         dump_cfg_string(oRemoteCommand, o->remote_command);
         dump_cfg_string(oLogLevel, log_level_name(o->log_level));
-        dump_cfg_string(oMacs, o->macs ? o->macs : KEX_CLIENT_MAC);
+        dump_cfg_string(oMacs, o->macs);
 #ifdef ENABLE_PKCS11
         dump_cfg_string(oPKCS11Provider, o->pkcs11_provider);
 #endif
diff --git a/readconf.h b/readconf.h
index dcecfc54a..feedb3d20 100644
--- a/readconf.h
+++ b/readconf.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.h,v 1.131 2019/12/21 02:19:13 djm Exp $ */
+/* $OpenBSD: readconf.h,v 1.132 2020/01/23 02:46:49 dtucker Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -199,6 +199,7 @@ typedef struct {
 #define SSH_STRICT_HOSTKEY_YES  2
 #define SSH_STRICT_HOSTKEY_ASK  3
 
+const char *kex_default_pk_alg(void);
 void     initialize_options(Options *);
 void     fill_default_options(Options *);
 void     fill_default_options_for_canonicalization(Options *);
diff --git a/servconf.c b/servconf.c
index 09e9df8bd..1a4c49907 100644
--- a/servconf.c
+++ b/servconf.c
@@ -1,5 +1,5 @@
 
-/* $OpenBSD: servconf.c,v 1.357 2019/12/15 20:59:23 djm Exp $ */
+/* $OpenBSD: servconf.c,v 1.358 2020/01/23 02:46:49 dtucker Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
  *                    All rights reserved
@@ -195,6 +195,7 @@ static void
 assemble_algorithms(ServerOptions *o)
 {
         char *all_cipher, *all_mac, *all_kex, *all_key, *all_sig;
+        char *def_cipher, *def_mac, *def_kex, *def_key, *def_sig;
         int r;
 
         all_cipher = cipher_alg_list(',', 0);
@@ -202,24 +203,35 @@ assemble_algorithms(ServerOptions *o)
         all_kex = kex_alg_list(',');
         all_key = sshkey_alg_list(0, 0, 1, ',');
         all_sig = sshkey_alg_list(0, 1, 1, ',');
+        /* remove unsupported algos from default lists */
+        def_cipher = match_filter_whitelist(KEX_SERVER_ENCRYPT, all_cipher);
+        def_mac = match_filter_whitelist(KEX_SERVER_MAC, all_mac);
+        def_kex = match_filter_whitelist(KEX_SERVER_KEX, all_kex);
+        def_key = match_filter_whitelist(KEX_DEFAULT_PK_ALG, all_key);
+        def_sig = match_filter_whitelist(SSH_ALLOWED_CA_SIGALGS, all_sig);
 #define ASSEMBLE(what, defaults, all) \
         do { \
                 if ((r = kex_assemble_names(&o->what, defaults, all)) != 0) \
                         fatal("%s: %s: %s", __func__, #what, ssh_err(r)); \
         } while (0)
-        ASSEMBLE(ciphers, KEX_SERVER_ENCRYPT, all_cipher);
-        ASSEMBLE(macs, KEX_SERVER_MAC, all_mac);
-        ASSEMBLE(kex_algorithms, KEX_SERVER_KEX, all_kex);
-        ASSEMBLE(hostkeyalgorithms, KEX_DEFAULT_PK_ALG, all_key);
-        ASSEMBLE(hostbased_key_types, KEX_DEFAULT_PK_ALG, all_key);
-        ASSEMBLE(pubkey_key_types, KEX_DEFAULT_PK_ALG, all_key);
-        ASSEMBLE(ca_sign_algorithms, SSH_ALLOWED_CA_SIGALGS, all_sig);
+        ASSEMBLE(ciphers, def_cipher, all_cipher);
+        ASSEMBLE(macs, def_mac, all_mac);
+        ASSEMBLE(kex_algorithms, def_kex, all_kex);
+        ASSEMBLE(hostkeyalgorithms, def_key, all_key);
+        ASSEMBLE(hostbased_key_types, def_key, all_key);
+        ASSEMBLE(pubkey_key_types, def_key, all_key);
+        ASSEMBLE(ca_sign_algorithms, def_sig, all_sig);
 #undef ASSEMBLE
         free(all_cipher);
         free(all_mac);
         free(all_kex);
         free(all_key);
         free(all_sig);
+        free(def_cipher);
+        free(def_mac);
+        free(def_kex);
+        free(def_key);
+        free(def_sig);
 }
 
 static void
@@ -2660,8 +2672,8 @@ dump_config(ServerOptions *o)
         /* string arguments */
         dump_cfg_string(sPidFile, o->pid_file);
         dump_cfg_string(sXAuthLocation, o->xauth_location);
-        dump_cfg_string(sCiphers, o->ciphers ? o->ciphers : KEX_SERVER_ENCRYPT);
-        dump_cfg_string(sMacs, o->macs ? o->macs : KEX_SERVER_MAC);
+        dump_cfg_string(sCiphers, o->ciphers);
+        dump_cfg_string(sMacs, o->macs);
         dump_cfg_string(sBanner, o->banner);
         dump_cfg_string(sForceCommand, o->adm_forced_command);
         dump_cfg_string(sChrootDirectory, o->chroot_directory);
@@ -2677,16 +2689,11 @@ dump_config(ServerOptions *o)
         dump_cfg_string(sAuthorizedPrincipalsCommand, o->authorized_principals_command);
         dump_cfg_string(sAuthorizedPrincipalsCommandUser, o->authorized_principals_command_user);
         dump_cfg_string(sHostKeyAgent, o->host_key_agent);
-        dump_cfg_string(sKexAlgorithms,
-            o->kex_algorithms ? o->kex_algorithms : KEX_SERVER_KEX);
-        dump_cfg_string(sCASignatureAlgorithms, o->ca_sign_algorithms ?
-            o->ca_sign_algorithms : SSH_ALLOWED_CA_SIGALGS);
-        dump_cfg_string(sHostbasedAcceptedKeyTypes, o->hostbased_key_types ?
-            o->hostbased_key_types : KEX_DEFAULT_PK_ALG);
-        dump_cfg_string(sHostKeyAlgorithms, o->hostkeyalgorithms ?
-            o->hostkeyalgorithms : KEX_DEFAULT_PK_ALG);
-        dump_cfg_string(sPubkeyAcceptedKeyTypes, o->pubkey_key_types ?
-            o->pubkey_key_types : KEX_DEFAULT_PK_ALG);
+        dump_cfg_string(sKexAlgorithms, o->kex_algorithms);
+        dump_cfg_string(sCASignatureAlgorithms, o->ca_sign_algorithms);
+        dump_cfg_string(sHostbasedAcceptedKeyTypes, o->hostbased_key_types);
+        dump_cfg_string(sHostKeyAlgorithms, o->hostkeyalgorithms);
+        dump_cfg_string(sPubkeyAcceptedKeyTypes, o->pubkey_key_types);
         dump_cfg_string(sRDomain, o->routing_domain);
 
         /* string arguments requiring a lookup */
diff --git a/sshconnect2.c b/sshconnect2.c
index 6f9ee42cd..7f52cc55e 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect2.c,v 1.315 2020/01/21 05:56:27 djm Exp $ */
+/* $OpenBSD: sshconnect2.c,v 1.316 2020/01/23 02:46:49 dtucker Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  * Copyright (c) 2008 Damien Miller.  All rights reserved.
@@ -119,7 +119,7 @@ order_hostkeyalgs(char *host, struct sockaddr *hostaddr, u_short port)
         for (i = 0; i < options.num_system_hostfiles; i++)
                 load_hostkeys(hostkeys, hostname, options.system_hostfiles[i]);
 
-        oavail = avail = xstrdup(KEX_DEFAULT_PK_ALG);
+        oavail = avail = xstrdup(kex_default_pk_alg());
         maxlen = strlen(avail) + 1;
         first = xmalloc(maxlen);
         last = xmalloc(maxlen);
@@ -181,14 +181,14 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port)
         if (options.hostkeyalgorithms != NULL) {
                 all_key = sshkey_alg_list(0, 0, 1, ',');
                 if (kex_assemble_names(&options.hostkeyalgorithms,
-                    KEX_DEFAULT_PK_ALG, all_key) != 0)
+                    kex_default_pk_alg(), all_key) != 0)
                         fatal("%s: kex_assemble_namelist", __func__);
                 free(all_key);
                 myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] =
                     compat_pkalg_proposal(options.hostkeyalgorithms);
         } else {
                 /* Enforce default */
-                options.hostkeyalgorithms = xstrdup(KEX_DEFAULT_PK_ALG);
+                options.hostkeyalgorithms = xstrdup(kex_default_pk_alg());
                 /* Prefer algorithms that we already have keys for */
                 myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] =
                     compat_pkalg_proposal(