- (tim) [kex.c myproposal.h md-sha256.c openbsd-compat/sha2.c,h] Disable

sha256 when openssl < 0.9.7. Patch from djm@. Corrections/testing by me.
author: Tim Rice <tim@multitalents.net> 2006-03-15 20:17:05 -0800
committer: Tim Rice <tim@multitalents.net> 2006-03-15 20:17:05 -0800
commit: 425a6886f99235e61faf8ea67c8f573f188eb2b2 (patch)
tree: 5351bc87a8e9cdc499b20b698cdbc8beb8d4ba59 /myproposal.h
parent: c495301bf8cd3a05512e702af212631abab52b88 (diff)
1 files changed, 13 insertions, 1 deletions
diff --git a/myproposal.h b/myproposal.h
index cc94a8ed2..43c540209 100644
--- a/myproposal.h
+++ b/myproposal.h
@@ -23,11 +23,23 @@
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */
-#define KEX_DEFAULT_KEX         \
+#include <openssl/opensslv.h>
+/* Old OpenSSL doesn't support what we need for DHGEX-sha256 */
+#if OPENSSL_VERSION_NUMBER < 0x00907000L
+# define KEX_DEFAULT_KEX                \
+        "diffie-hellman-group-exchange-sha1," \
+        "diffie-hellman-group14-sha1," \
+        "diffie-hellman-group1-sha1"
+#else
+# define KEX_DEFAULT_KEX                \
        "diffie-hellman-group-exchange-sha256," \
        "diffie-hellman-group-exchange-sha1," \
        "diffie-hellman-group14-sha1," \
        "diffie-hellman-group1-sha1"
+#endif
 #define KEX_DEFAULT_PK_ALG      "ssh-rsa,ssh-dss"
 #define KEX_DEFAULT_ENCRYPT \
        "aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc," \
author	Tim Rice <tim@multitalents.net>	2006-03-15 20:17:05 -0800
committer	Tim Rice <tim@multitalents.net>	2006-03-15 20:17:05 -0800
commit	425a6886f99235e61faf8ea67c8f573f188eb2b2 (patch)
tree	5351bc87a8e9cdc499b20b698cdbc8beb8d4ba59 /myproposal.h
parent	c495301bf8cd3a05512e702af212631abab52b88 (diff)

diff --git a/myproposal.h b/myproposal.h index cc94a8ed2..43c540209 100644 --- a/myproposal.h +++ b/myproposal.h
@@ -23,11 +23,23 @@
23	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	23	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24	* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	24	* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25	*/	25	*/
26	#define KEX_DEFAULT_KEX \	26
		27	#include <openssl/opensslv.h>
		28
		29	/* Old OpenSSL doesn't support what we need for DHGEX-sha256 */
		30	#if OPENSSL_VERSION_NUMBER < 0x00907000L
		31	# define KEX_DEFAULT_KEX \
		32	"diffie-hellman-group-exchange-sha1," \
		33	"diffie-hellman-group14-sha1," \
		34	"diffie-hellman-group1-sha1"
		35	#else
		36	# define KEX_DEFAULT_KEX \
27	"diffie-hellman-group-exchange-sha256," \	37	"diffie-hellman-group-exchange-sha256," \
28	"diffie-hellman-group-exchange-sha1," \	38	"diffie-hellman-group-exchange-sha1," \
29	"diffie-hellman-group14-sha1," \	39	"diffie-hellman-group14-sha1," \
30	"diffie-hellman-group1-sha1"	40	"diffie-hellman-group1-sha1"
		41	#endif
		42
31	#define KEX_DEFAULT_PK_ALG "ssh-rsa,ssh-dss"	43	#define KEX_DEFAULT_PK_ALG "ssh-rsa,ssh-dss"
32	#define KEX_DEFAULT_ENCRYPT \	44	#define KEX_DEFAULT_ENCRYPT \
33	"aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc," \	45	"aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc," \