- djm@cvs.openbsd.org 2013/11/21 00:45:44

     [Makefile.in PROTOCOL PROTOCOL.chacha20poly1305 authfile.c chacha.c]
     [chacha.h cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h]
     [dh.c myproposal.h packet.c poly1305.c poly1305.h servconf.c ssh.1]
     [ssh.c ssh_config.5 sshd_config.5] Add a new protocol 2 transport
     cipher "chacha20-poly1305@openssh.com" that combines Daniel
     Bernstein's ChaCha20 stream cipher and Poly1305 MAC to build an
     authenticated encryption mode.

     Inspired by and similar to Adam Langley's proposal for TLS:
     http://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-03
     but differs in layout used for the MAC calculation and the use of a
     second ChaCha20 instance to separately encrypt packet lengths.
     Details are in the PROTOCOL.chacha20poly1305 file.

     Feedback markus@, naddy@; manpage bits Loganden Velvindron @ AfriNIC
     ok markus@ naddy@

1 files changed, 4 insertions, 2 deletions

diff --git a/ssh.c b/ssh.c
index e2c43634a..58becd708 100644
--- a/ssh.c
+++ b/ssh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.c,v 1.392 2013/11/07 11:58:27 dtucker Exp $ */
+/* $OpenBSD: ssh.c,v 1.393 2013/11/21 00:45:44 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -520,7 +520,9 @@ main(int ac, char **av)
                 case 'Q':       /* deprecated */
                         cp = NULL;
                         if (strcasecmp(optarg, "cipher") == 0)
-                                cp = cipher_alg_list('\n');
+                                cp = cipher_alg_list('\n', 0);
+                        else if (strcasecmp(optarg, "cipher-auth") == 0)
+                                cp = cipher_alg_list('\n', 1);
                         else if (strcasecmp(optarg, "mac") == 0)
                                 cp = mac_alg_list('\n');
                         else if (strcasecmp(optarg, "kex") == 0)