diff options
Diffstat (limited to 'myproposal.h')
| -rw-r--r-- | myproposal.h | 51 |
1 files changed, 37 insertions, 14 deletions
diff --git a/myproposal.h b/myproposal.h index 7bedfab0a..2c43607a7 100644 --- a/myproposal.h +++ b/myproposal.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: myproposal.h,v 1.25 2010/04/16 01:47:26 djm Exp $ */ | 1 | /* $OpenBSD: myproposal.h,v 1.27 2010/09/01 22:42:13 djm Exp $ */ |
| 2 | 2 | ||
| 3 | /* | 3 | /* |
| 4 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
| @@ -26,26 +26,49 @@ | |||
| 26 | 26 | ||
| 27 | #include <openssl/opensslv.h> | 27 | #include <openssl/opensslv.h> |
| 28 | 28 | ||
| 29 | #ifdef OPENSSL_HAS_ECC | ||
| 30 | # define KEX_ECDH_METHODS \ | ||
| 31 | "ecdh-sha2-nistp256," \ | ||
| 32 | "ecdh-sha2-nistp384," \ | ||
| 33 | "ecdh-sha2-nistp521," | ||
| 34 | # define HOSTKEY_ECDSA_CERT_METHODS \ | ||
| 35 | "ecdsa-sha2-nistp256-cert-v01@openssh.com," \ | ||
| 36 | "ecdsa-sha2-nistp384-cert-v01@openssh.com," \ | ||
| 37 | "ecdsa-sha2-nistp521-cert-v01@openssh.com," | ||
| 38 | # define HOSTKEY_ECDSA_METHODS \ | ||
| 39 | "ecdsa-sha2-nistp256," \ | ||
| 40 | "ecdsa-sha2-nistp384," \ | ||
| 41 | "ecdsa-sha2-nistp521," | ||
| 42 | #else | ||
| 43 | # define KEX_ECDH_METHODS | ||
| 44 | # define HOSTKEY_ECDSA_CERT_METHODS | ||
| 45 | # define HOSTKEY_ECDSA_METHODS | ||
| 46 | #endif | ||
| 47 | |||
| 29 | /* Old OpenSSL doesn't support what we need for DHGEX-sha256 */ | 48 | /* Old OpenSSL doesn't support what we need for DHGEX-sha256 */ |
| 30 | #if OPENSSL_VERSION_NUMBER < 0x00907000L | 49 | #if OPENSSL_VERSION_NUMBER >= 0x00907000L |
| 31 | # define KEX_DEFAULT_KEX \ | 50 | # define KEX_SHA256_METHODS \ |
| 32 | "diffie-hellman-group-exchange-sha1," \ | 51 | "diffie-hellman-group-exchange-sha256," |
| 33 | "diffie-hellman-group14-sha1," \ | ||
| 34 | "diffie-hellman-group1-sha1" | ||
| 35 | #else | 52 | #else |
| 36 | # define KEX_DEFAULT_KEX \ | 53 | # define KEX_SHA256_METHODS |
| 37 | "diffie-hellman-group-exchange-sha256," \ | 54 | #endif |
| 55 | |||
| 56 | # define KEX_DEFAULT_KEX \ | ||
| 57 | KEX_ECDH_METHODS \ | ||
| 58 | KEX_SHA256_METHODS \ | ||
| 38 | "diffie-hellman-group-exchange-sha1," \ | 59 | "diffie-hellman-group-exchange-sha1," \ |
| 39 | "diffie-hellman-group14-sha1," \ | 60 | "diffie-hellman-group14-sha1," \ |
| 40 | "diffie-hellman-group1-sha1" | 61 | "diffie-hellman-group1-sha1" |
| 41 | #endif | ||
| 42 | 62 | ||
| 43 | #define KEX_DEFAULT_PK_ALG \ | 63 | #define KEX_DEFAULT_PK_ALG \ |
| 44 | "ssh-rsa-cert-v01@openssh.com," \ | 64 | HOSTKEY_ECDSA_CERT_METHODS \ |
| 45 | "ssh-dss-cert-v01@openssh.com," \ | 65 | "ssh-rsa-cert-v01@openssh.com," \ |
| 46 | "ssh-rsa-cert-v00@openssh.com," \ | 66 | "ssh-dss-cert-v01@openssh.com," \ |
| 47 | "ssh-dss-cert-v00@openssh.com," \ | 67 | "ssh-rsa-cert-v00@openssh.com," \ |
| 48 | "ssh-rsa,ssh-dss" | 68 | "ssh-dss-cert-v00@openssh.com," \ |
| 69 | HOSTKEY_ECDSA_METHODS \ | ||
| 70 | "ssh-rsa," \ | ||
| 71 | "ssh-dss" | ||
| 49 | 72 | ||
| 50 | #define KEX_DEFAULT_ENCRYPT \ | 73 | #define KEX_DEFAULT_ENCRYPT \ |
| 51 | "aes128-ctr,aes192-ctr,aes256-ctr," \ | 74 | "aes128-ctr,aes192-ctr,aes256-ctr," \ |