diff options
author | Darren Tucker <dtucker@zip.com.au> | 2013-11-09 18:39:25 +1100 |
---|---|---|
committer | Darren Tucker <dtucker@zip.com.au> | 2013-11-09 18:39:25 +1100 |
commit | 37bcef51b3d9d496caecea6394814d2f49a1357f (patch) | |
tree | c564402d96ca797f8b0248552ef78f4f9408ef8c /kex.c | |
parent | 6e2fe81f926d995bae4be4a6b5b3c88c1c525187 (diff) |
- (dtucker) [configure.ac kex.c key.c myproposal.h] Test for the presence of
NID_X9_62_prime256v1, NID_secp384r1 and NID_secp521r1 and test that the
latter actually works before using it. Fedora (at least) has NID_secp521r1
that doesn't work (see https://bugzilla.redhat.com/show_bug.cgi?id=1021897).
Diffstat (limited to 'kex.c')
-rw-r--r-- | kex.c | 2 |
1 files changed, 2 insertions, 0 deletions
@@ -78,7 +78,9 @@ static const struct kexalg kexalgs[] = { | |||
78 | #ifdef OPENSSL_HAS_ECC | 78 | #ifdef OPENSSL_HAS_ECC |
79 | { KEX_ECDH_SHA2_NISTP256, KEX_ECDH_SHA2, NID_X9_62_prime256v1, EVP_sha256 }, | 79 | { KEX_ECDH_SHA2_NISTP256, KEX_ECDH_SHA2, NID_X9_62_prime256v1, EVP_sha256 }, |
80 | { KEX_ECDH_SHA2_NISTP384, KEX_ECDH_SHA2, NID_secp384r1, EVP_sha384 }, | 80 | { KEX_ECDH_SHA2_NISTP384, KEX_ECDH_SHA2, NID_secp384r1, EVP_sha384 }, |
81 | # ifdef OPENSSL_HAS_NISTP521 | ||
81 | { KEX_ECDH_SHA2_NISTP521, KEX_ECDH_SHA2, NID_secp521r1, EVP_sha512 }, | 82 | { KEX_ECDH_SHA2_NISTP521, KEX_ECDH_SHA2, NID_secp521r1, EVP_sha512 }, |
83 | # endif | ||
82 | #endif | 84 | #endif |
83 | #ifdef HAVE_EVP_SHA256 | 85 | #ifdef HAVE_EVP_SHA256 |
84 | { KEX_CURVE25519_SHA256, KEX_C25519_SHA256, 0, EVP_sha256 }, | 86 | { KEX_CURVE25519_SHA256, KEX_C25519_SHA256, 0, EVP_sha256 }, |