diff options
author | Tim Rice <tim@multitalents.net> | 2006-03-15 20:17:05 -0800 |
---|---|---|
committer | Tim Rice <tim@multitalents.net> | 2006-03-15 20:17:05 -0800 |
commit | 425a6886f99235e61faf8ea67c8f573f188eb2b2 (patch) | |
tree | 5351bc87a8e9cdc499b20b698cdbc8beb8d4ba59 /myproposal.h | |
parent | c495301bf8cd3a05512e702af212631abab52b88 (diff) |
- (tim) [kex.c myproposal.h md-sha256.c openbsd-compat/sha2.c,h] Disable
sha256 when openssl < 0.9.7. Patch from djm@. Corrections/testing by me.
Diffstat (limited to 'myproposal.h')
-rw-r--r-- | myproposal.h | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/myproposal.h b/myproposal.h index cc94a8ed2..43c540209 100644 --- a/myproposal.h +++ b/myproposal.h | |||
@@ -23,11 +23,23 @@ | |||
23 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 23 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
24 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 24 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
25 | */ | 25 | */ |
26 | #define KEX_DEFAULT_KEX \ | 26 | |
27 | #include <openssl/opensslv.h> | ||
28 | |||
29 | /* Old OpenSSL doesn't support what we need for DHGEX-sha256 */ | ||
30 | #if OPENSSL_VERSION_NUMBER < 0x00907000L | ||
31 | # define KEX_DEFAULT_KEX \ | ||
32 | "diffie-hellman-group-exchange-sha1," \ | ||
33 | "diffie-hellman-group14-sha1," \ | ||
34 | "diffie-hellman-group1-sha1" | ||
35 | #else | ||
36 | # define KEX_DEFAULT_KEX \ | ||
27 | "diffie-hellman-group-exchange-sha256," \ | 37 | "diffie-hellman-group-exchange-sha256," \ |
28 | "diffie-hellman-group-exchange-sha1," \ | 38 | "diffie-hellman-group-exchange-sha1," \ |
29 | "diffie-hellman-group14-sha1," \ | 39 | "diffie-hellman-group14-sha1," \ |
30 | "diffie-hellman-group1-sha1" | 40 | "diffie-hellman-group1-sha1" |
41 | #endif | ||
42 | |||
31 | #define KEX_DEFAULT_PK_ALG "ssh-rsa,ssh-dss" | 43 | #define KEX_DEFAULT_PK_ALG "ssh-rsa,ssh-dss" |
32 | #define KEX_DEFAULT_ENCRYPT \ | 44 | #define KEX_DEFAULT_ENCRYPT \ |
33 | "aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc," \ | 45 | "aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc," \ |