diff options
author | djm@openbsd.org <djm@openbsd.org> | 2016-05-02 10:26:04 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2016-05-02 20:39:32 +1000 |
commit | 0e8eeec8e75f6d0eaf33317376f773160018a9c7 (patch) | |
tree | 1fe3e4d977c9df10597c2a5dec1b6b0a8ab8afbe /ssh_api.c | |
parent | 57464e3934ba53ad8590ee3ccd840f693407fc1e (diff) |
upstream commit
add support for additional fixed DH groups from
draft-ietf-curdle-ssh-kex-sha2-03
diffie-hellman-group14-sha256 (2K group)
diffie-hellman-group16-sha512 (4K group)
diffie-hellman-group18-sha512 (8K group)
based on patch from Mark D. Baushke and Darren Tucker
ok markus@
Upstream-ID: ac00406ada4f0dfec41585ca0839f039545bc46f
Diffstat (limited to 'ssh_api.c')
-rw-r--r-- | ssh_api.c | 8 |
1 files changed, 7 insertions, 1 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh_api.c,v 1.5 2015/12/04 16:41:28 markus Exp $ */ | 1 | /* $OpenBSD: ssh_api.c,v 1.6 2016/05/02 10:26:04 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2012 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2012 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -103,6 +103,9 @@ ssh_init(struct ssh **sshp, int is_server, struct kex_params *kex_params) | |||
103 | #ifdef WITH_OPENSSL | 103 | #ifdef WITH_OPENSSL |
104 | ssh->kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; | 104 | ssh->kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; |
105 | ssh->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; | 105 | ssh->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; |
106 | ssh->kex->kex[KEX_DH_GRP14_SHA256] = kexdh_server; | ||
107 | ssh->kex->kex[KEX_DH_GRP16_SHA512] = kexdh_server; | ||
108 | ssh->kex->kex[KEX_DH_GRP18_SHA512] = kexdh_server; | ||
106 | ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; | 109 | ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; |
107 | ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; | 110 | ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; |
108 | # ifdef OPENSSL_HAS_ECC | 111 | # ifdef OPENSSL_HAS_ECC |
@@ -117,6 +120,9 @@ ssh_init(struct ssh **sshp, int is_server, struct kex_params *kex_params) | |||
117 | #ifdef WITH_OPENSSL | 120 | #ifdef WITH_OPENSSL |
118 | ssh->kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client; | 121 | ssh->kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client; |
119 | ssh->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client; | 122 | ssh->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client; |
123 | ssh->kex->kex[KEX_DH_GRP14_SHA256] = kexdh_client; | ||
124 | ssh->kex->kex[KEX_DH_GRP16_SHA512] = kexdh_client; | ||
125 | ssh->kex->kex[KEX_DH_GRP18_SHA512] = kexdh_client; | ||
120 | ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; | 126 | ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; |
121 | ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; | 127 | ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; |
122 | # ifdef OPENSSL_HAS_ECC | 128 | # ifdef OPENSSL_HAS_ECC |