diff options
author | Markus Friedl <markus@cvs.openbsd.org> | 2000-11-25 16:42:54 +0000 |
---|---|---|
committer | Markus Friedl <markus@cvs.openbsd.org> | 2000-11-25 16:42:54 +0000 |
commit | ebc1e85233fbc05976bc7c65b929dd5b42125279 (patch) | |
tree | 6eddc860419dcfc6e10d1fe0ee04c4ef781827ba | |
parent | c2e8cac79b80c1a0685e586a78332a71a41ebdb4 (diff) |
reorder check for illegal ciphers, bugreport from espie@
-rw-r--r-- | usr.bin/ssh/sshconnect1.c | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/usr.bin/ssh/sshconnect1.c b/usr.bin/ssh/sshconnect1.c index 32fcdc633c0..70932971338 100644 --- a/usr.bin/ssh/sshconnect1.c +++ b/usr.bin/ssh/sshconnect1.c @@ -13,7 +13,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshconnect1.c,v 1.10 2000/11/23 21:03:47 markus Exp $"); +RCSID("$OpenBSD: sshconnect1.c,v 1.11 2000/11/25 16:42:53 markus Exp $"); #include <openssl/bn.h> #include <openssl/dsa.h> @@ -833,14 +833,14 @@ ssh_kex(char *host, struct sockaddr *hostaddr) RSA_free(public_key); RSA_free(host_key); - if (options.cipher == SSH_CIPHER_ILLEGAL || + if (options.cipher == SSH_CIPHER_NOT_SET) { + if (cipher_mask_ssh1(1) & supported_ciphers & (1 << ssh_cipher_default)) + options.cipher = ssh_cipher_default; + } else if (options.cipher == SSH_CIPHER_ILLEGAL || !(cipher_mask_ssh1(1) & (1 << options.cipher))) { log("No valid SSH1 cipher, using %.100s instead.", cipher_name(ssh_cipher_default)); options.cipher = ssh_cipher_default; - } else if (options.cipher == SSH_CIPHER_NOT_SET) { - if (cipher_mask_ssh1(1) & supported_ciphers & (1 << ssh_cipher_default)) - options.cipher = ssh_cipher_default; } /* Check that the selected cipher is supported. */ if (!(supported_ciphers & (1 << options.cipher))) |