diff options
author | Damien Miller <djm@mindrot.org> | 2014-04-20 13:17:20 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2014-04-20 13:17:20 +1000 |
commit | 9235a030ad1b16903fb495d81544e0f7c7449523 (patch) | |
tree | 3cb61622daa8f3b0caf0e53fd8bfab5534def35e /sshconnect2.c | |
parent | 6e1777f592f15f4559728c78204617537b1ac076 (diff) |
Three commits in one (since they touch the same heavily-diverged file
repeatedly):
- markus@cvs.openbsd.org 2014/03/25 09:40:03
[myproposal.h]
trimm default proposals.
This commit removes the weaker pre-SHA2 hashes, the broken ciphers
(arcfour), and the broken modes (CBC) from the default configuration
(the patch only changes the default, all the modes are still available
for the config files).
ok djm@, reminded by tedu@ & naddy@ and discussed with many
- deraadt@cvs.openbsd.org 2014/03/26 17:16:26
[myproposal.h]
The current sharing of myproposal[] between both client and server code
makes the previous diff highly unpallatable. We want to go in that
direction for the server, but not for the client. Sigh.
Brought up by naddy.
- markus@cvs.openbsd.org 2014/03/27 23:01:27
[myproposal.h ssh-keyscan.c sshconnect2.c sshd.c]
disable weak proposals in sshd, but keep them in ssh; ok djm@
Diffstat (limited to 'sshconnect2.c')
-rw-r--r-- | sshconnect2.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/sshconnect2.c b/sshconnect2.c index 7f4ff4189..f123194b0 100644 --- a/sshconnect2.c +++ b/sshconnect2.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshconnect2.c,v 1.204 2014/02/02 03:44:32 djm Exp $ */ | 1 | /* $OpenBSD: sshconnect2.c,v 1.205 2014/03/27 23:01:27 markus Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * Copyright (c) 2008 Damien Miller. All rights reserved. | 4 | * Copyright (c) 2008 Damien Miller. All rights reserved. |
@@ -156,6 +156,7 @@ order_hostkeyalgs(char *host, struct sockaddr *hostaddr, u_short port) | |||
156 | void | 156 | void |
157 | ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port) | 157 | ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port) |
158 | { | 158 | { |
159 | char *myproposal[PROPOSAL_MAX] = { KEX_CLIENT }; | ||
159 | Kex *kex; | 160 | Kex *kex; |
160 | 161 | ||
161 | xxx_host = host; | 162 | xxx_host = host; |