diff options
author | Darren Tucker <dtucker@dtucker.net> | 2019-05-17 10:50:29 +1000 |
---|---|---|
committer | Darren Tucker <dtucker@dtucker.net> | 2019-05-17 10:50:29 +1000 |
commit | 633703babf8d9a88da85f23b800e1b88dec7cdbd (patch) | |
tree | d205b024d8f8b2394136d9dce14accdbd3c796b7 /myproposal.h | |
parent | 5c8d14c512f5d413095b22bdba08a6bb990f1e97 (diff) |
Conditionalize ECDH methods in CA algos.
When building against an OpenSSL configured without ECC, don't include
those algos in CASignatureAlgorithms. ok djm@
Diffstat (limited to 'myproposal.h')
-rw-r--r-- | myproposal.h | 4 |
1 files changed, 1 insertions, 3 deletions
diff --git a/myproposal.h b/myproposal.h index f16729876..9205fb343 100644 --- a/myproposal.h +++ b/myproposal.h | |||
@@ -136,9 +136,7 @@ | |||
136 | 136 | ||
137 | /* Not a KEX value, but here so all the algorithm defaults are together */ | 137 | /* Not a KEX value, but here so all the algorithm defaults are together */ |
138 | #define SSH_ALLOWED_CA_SIGALGS \ | 138 | #define SSH_ALLOWED_CA_SIGALGS \ |
139 | "ecdsa-sha2-nistp256," \ | 139 | KEX_ECDH_METHODS \ |
140 | "ecdsa-sha2-nistp384," \ | ||
141 | "ecdsa-sha2-nistp521," \ | ||
142 | "ssh-ed25519," \ | 140 | "ssh-ed25519," \ |
143 | "rsa-sha2-512," \ | 141 | "rsa-sha2-512," \ |
144 | "rsa-sha2-256," \ | 142 | "rsa-sha2-256," \ |