1
1

kex: The public key algorithms are no longer only host keys

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Этот коммит содержится в:
Jakub Jelen 2018-07-02 10:50:28 +02:00 коммит произвёл Andreas Schneider
родитель ebb01549d0
Коммит 9ca6127b91

Просмотреть файл

@ -86,12 +86,12 @@
#ifdef HAVE_ECDH #ifdef HAVE_ECDH
#define ECDH "ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521," #define ECDH "ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,"
#define HOSTKEYS "ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa,rsa-sha2-512,rsa-sha2-256,ssh-dss" #define PUBLIC_KEY_ALGORITHMS "ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa,rsa-sha2-512,rsa-sha2-256,ssh-dss"
#else #else
#ifdef HAVE_DSA #ifdef HAVE_DSA
#define HOSTKEYS "ssh-ed25519,ssh-rsa,rsa-sha2-512,rsa-sha2-256,ssh-dss" #define PUBLIC_KEY_ALGORITHMS "ssh-ed25519,ssh-rsa,rsa-sha2-512,rsa-sha2-256,ssh-dss"
#else #else
#define HOSTKEYS "ssh-ed25519,ssh-rsa,rsa-sha2-512,rsa-sha2-256" #define PUBLIC_KEY_ALGORITHMS "ssh-ed25519,ssh-rsa,rsa-sha2-512,rsa-sha2-256"
#endif #endif
#define ECDH "" #define ECDH ""
#endif #endif
@ -107,7 +107,7 @@
/* NOTE: This is a fixed API and the index is defined by ssh_kex_types_e */ /* NOTE: This is a fixed API and the index is defined by ssh_kex_types_e */
static const char *default_methods[] = { static const char *default_methods[] = {
KEY_EXCHANGE, KEY_EXCHANGE,
HOSTKEYS, PUBLIC_KEY_ALGORITHMS,
AES BLOWFISH DES, AES BLOWFISH DES,
AES BLOWFISH DES, AES BLOWFISH DES,
"hmac-sha2-256,hmac-sha2-512,hmac-sha1", "hmac-sha2-256,hmac-sha2-512,hmac-sha1",
@ -122,7 +122,7 @@ static const char *default_methods[] = {
/* NOTE: This is a fixed API and the index is defined by ssh_kex_types_e */ /* NOTE: This is a fixed API and the index is defined by ssh_kex_types_e */
static const char *supported_methods[] = { static const char *supported_methods[] = {
KEY_EXCHANGE, KEY_EXCHANGE,
HOSTKEYS, PUBLIC_KEY_ALGORITHMS,
CHACHA20 AES BLOWFISH DES_SUPPORTED, CHACHA20 AES BLOWFISH DES_SUPPORTED,
CHACHA20 AES BLOWFISH DES_SUPPORTED, CHACHA20 AES BLOWFISH DES_SUPPORTED,
"hmac-sha2-256,hmac-sha2-512,hmac-sha1", "hmac-sha2-256,hmac-sha2-512,hmac-sha1",