diff options
| author |   djm <djm@openbsd.org> | 2019-01-21 10:28:01 +0000 |
|---|---|---|
| committer | djm <djm@openbsd.org> | 2019-01-21 10:28:01 +0000 |
| commit | c9e07d34dcfd5edeb76d57cbf388f4c7b536ff72 (patch) | |
| tree | 793a9d626211e4aaabf35ba0fdbf84c265030b65 /usr.bin/ssh/ssh_api.c | |
| parent | Correct some rwstate handling that I broke when refactoring. (diff) | |
| download | wireguard-openbsd-c9e07d34dcfd5edeb76d57cbf388f4c7b536ff72.tar.xz wireguard-openbsd-c9e07d34dcfd5edeb76d57cbf388f4c7b536ff72.zip | |
use KEM API for vanilla DH KEX
from markus@ ok djm@
Diffstat (limited to 'usr.bin/ssh/ssh_api.c')
| -rw-r--r-- | usr.bin/ssh/ssh_api.c | 22 |
1 files changed, 11 insertions, 11 deletions
diff --git a/usr.bin/ssh/ssh_api.c b/usr.bin/ssh/ssh_api.c index 26645eeaa84..c5e4ec9626a 100644 --- a/usr.bin/ssh/ssh_api.c +++ b/usr.bin/ssh/ssh_api.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh_api.c,v 1.12 2019/01/21 10:24:09 djm Exp $ */ +/* $OpenBSD: ssh_api.c,v 1.13 2019/01/21 10:28:02 djm Exp $ */ /* * Copyright (c) 2012 Markus Friedl. All rights reserved. * @@ -95,11 +95,11 @@ ssh_init(struct ssh **sshp, int is_server, struct kex_params *kex_params) ssh->kex->server = is_server; if (is_server) { #ifdef WITH_OPENSSL - ssh->kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; - ssh->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; - ssh->kex->kex[KEX_DH_GRP14_SHA256] = kexdh_server; - ssh->kex->kex[KEX_DH_GRP16_SHA512] = kexdh_server; - ssh->kex->kex[KEX_DH_GRP18_SHA512] = kexdh_server; + ssh->kex->kex[KEX_DH_GRP1_SHA1] = kex_kem_server; + ssh->kex->kex[KEX_DH_GRP14_SHA1] = kex_kem_server; + ssh->kex->kex[KEX_DH_GRP14_SHA256] = kex_kem_server; + ssh->kex->kex[KEX_DH_GRP16_SHA512] = kex_kem_server; + ssh->kex->kex[KEX_DH_GRP18_SHA512] = kex_kem_server; ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; ssh->kex->kex[KEX_ECDH_SHA2] = kexecdh_server; @@ -111,11 +111,11 @@ ssh_init(struct ssh **sshp, int is_server, struct kex_params *kex_params) ssh->kex->sign=&_ssh_host_key_sign; } else { #ifdef WITH_OPENSSL - ssh->kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client; - ssh->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client; - ssh->kex->kex[KEX_DH_GRP14_SHA256] = kexdh_client; - ssh->kex->kex[KEX_DH_GRP16_SHA512] = kexdh_client; - ssh->kex->kex[KEX_DH_GRP18_SHA512] = kexdh_client; + ssh->kex->kex[KEX_DH_GRP1_SHA1] = kex_kem_client; + ssh->kex->kex[KEX_DH_GRP14_SHA1] = kex_kem_client; + ssh->kex->kex[KEX_DH_GRP14_SHA256] = kex_kem_client; + ssh->kex->kex[KEX_DH_GRP16_SHA512] = kex_kem_client; + ssh->kex->kex[KEX_DH_GRP18_SHA512] = kex_kem_client; ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; ssh->kex->kex[KEX_ECDH_SHA2] = kexecdh_client; |