From 0e8eeec8e75f6d0eaf33317376f773160018a9c7 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 2 May 2016 10:26:04 +0000 Subject: upstream commit add support for additional fixed DH groups from draft-ietf-curdle-ssh-kex-sha2-03 diffie-hellman-group14-sha256 (2K group) diffie-hellman-group16-sha512 (4K group) diffie-hellman-group18-sha512 (8K group) based on patch from Mark D. Baushke and Darren Tucker ok markus@ Upstream-ID: ac00406ada4f0dfec41585ca0839f039545bc46f --- ssh-keyscan.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'ssh-keyscan.c') diff --git a/ssh-keyscan.c b/ssh-keyscan.c index 7fe61e4e1..c30d54e62 100644 --- a/ssh-keyscan.c +++ b/ssh-keyscan.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keyscan.c,v 1.105 2016/02/15 09:47:49 dtucker Exp $ */ +/* $OpenBSD: ssh-keyscan.c,v 1.106 2016/05/02 10:26:04 djm Exp $ */ /* * Copyright 1995, 1996 by David Mazieres . * @@ -302,6 +302,9 @@ keygrab_ssh2(con *c) #ifdef WITH_OPENSSL c->c_ssh->kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client; c->c_ssh->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client; + c->c_ssh->kex->kex[KEX_DH_GRP14_SHA256] = kexdh_client; + c->c_ssh->kex->kex[KEX_DH_GRP16_SHA512] = kexdh_client; + c->c_ssh->kex->kex[KEX_DH_GRP18_SHA512] = kexdh_client; c->c_ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; c->c_ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; # ifdef OPENSSL_HAS_ECC -- cgit v1.2.3