summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMarkus Friedl <markus@cvs.openbsd.org>2000-11-25 16:42:54 +0000
committerMarkus Friedl <markus@cvs.openbsd.org>2000-11-25 16:42:54 +0000
commitebc1e85233fbc05976bc7c65b929dd5b42125279 (patch)
tree6eddc860419dcfc6e10d1fe0ee04c4ef781827ba
parentc2e8cac79b80c1a0685e586a78332a71a41ebdb4 (diff)
reorder check for illegal ciphers, bugreport from espie@
-rw-r--r--usr.bin/ssh/sshconnect1.c10
1 files changed, 5 insertions, 5 deletions
diff --git a/usr.bin/ssh/sshconnect1.c b/usr.bin/ssh/sshconnect1.c
index 32fcdc633c0..70932971338 100644
--- a/usr.bin/ssh/sshconnect1.c
+++ b/usr.bin/ssh/sshconnect1.c
@@ -13,7 +13,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: sshconnect1.c,v 1.10 2000/11/23 21:03:47 markus Exp $");
+RCSID("$OpenBSD: sshconnect1.c,v 1.11 2000/11/25 16:42:53 markus Exp $");
#include <openssl/bn.h>
#include <openssl/dsa.h>
@@ -833,14 +833,14 @@ ssh_kex(char *host, struct sockaddr *hostaddr)
RSA_free(public_key);
RSA_free(host_key);
- if (options.cipher == SSH_CIPHER_ILLEGAL ||
+ if (options.cipher == SSH_CIPHER_NOT_SET) {
+ if (cipher_mask_ssh1(1) & supported_ciphers & (1 << ssh_cipher_default))
+ options.cipher = ssh_cipher_default;
+ } else if (options.cipher == SSH_CIPHER_ILLEGAL ||
!(cipher_mask_ssh1(1) & (1 << options.cipher))) {
log("No valid SSH1 cipher, using %.100s instead.",
cipher_name(ssh_cipher_default));
options.cipher = ssh_cipher_default;
- } else if (options.cipher == SSH_CIPHER_NOT_SET) {
- if (cipher_mask_ssh1(1) & supported_ciphers & (1 << ssh_cipher_default))
- options.cipher = ssh_cipher_default;
}
/* Check that the selected cipher is supported. */
if (!(supported_ciphers & (1 << options.cipher)))