summaryrefslogtreecommitdiff
path: root/bufec.c
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2010-09-10 11:23:34 +1000
committerDamien Miller <djm@mindrot.org>2010-09-10 11:23:34 +1000
commit041ab7c1e7d6514ed84a539a767f79ffb356e807 (patch)
treec6528487bfc1cfa824655e48ef884b2c268c8588 /bufec.c
parent3796ab47d3f68f69512c360f178b77bf0fb12b4f (diff)
- djm@cvs.openbsd.org 2010/09/09 10:45:45
[kex.c kex.h kexecdh.c key.c key.h monitor.c ssh-ecdsa.c] ECDH/ECDSA compliance fix: these methods vary the hash function they use (SHA256/384/512) depending on the length of the curve in use. The previous code incorrectly used SHA256 in all cases. This fix will cause authentication failure when using 384 or 521-bit curve keys if one peer hasn't been upgraded and the other has. (256-bit curve keys work ok). In particular you may need to specify HostkeyAlgorithms when connecting to a server that has not been upgraded from an upgraded client. ok naddy@
Diffstat (limited to 'bufec.c')
0 files changed, 0 insertions, 0 deletions