The current sharing of myproposal[] between both client and server code

makes the previous diff highly unpallatable.  We want to go in that
direction for the server, but not for the client.  Sigh.
Brought up by naddy.

1 files changed, 20 insertions, 5 deletions

diff --git a/usr.bin/ssh/myproposal.h b/usr.bin/ssh/myproposal.h
index c1093eafb3d..aad64f48571 100644
--- a/usr.bin/ssh/myproposal.h
+++ b/usr.bin/ssh/myproposal.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: myproposal.h,v 1.36 2014/03/25 09:40:03 markus Exp $ */
+/* $OpenBSD: myproposal.h,v 1.37 2014/03/26 17:16:26 deraadt Exp $ */
 
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@@ -30,7 +30,9 @@
 	"ecdh-sha2-nistp384," \
 	"ecdh-sha2-nistp521," \
 	"diffie-hellman-group-exchange-sha256," \
-	"diffie-hellman-group14-sha1" \
+	"diffie-hellman-group-exchange-sha1," \
+	"diffie-hellman-group14-sha1," \
+	"diffie-hellman-group1-sha1"
 
 #define	KEX_DEFAULT_PK_ALG	\
 	"ecdsa-sha2-nistp256-cert-v01@openssh.com," \
@@ -50,18 +52,31 @@
 
 #define	KEX_DEFAULT_ENCRYPT \
 	"aes128-ctr,aes192-ctr,aes256-ctr," \
+	"arcfour256,arcfour128," \
 	"aes128-gcm@openssh.com,aes256-gcm@openssh.com," \
-	"chacha20-poly1305@openssh.com"
-
+	"chacha20-poly1305@openssh.com," \
+	"aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc," \
+	"aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se"
 #define	KEX_DEFAULT_MAC \
+	"hmac-md5-etm@openssh.com," \
+	"hmac-sha1-etm@openssh.com," \
 	"umac-64-etm@openssh.com," \
 	"umac-128-etm@openssh.com," \
 	"hmac-sha2-256-etm@openssh.com," \
 	"hmac-sha2-512-etm@openssh.com," \
+	"hmac-ripemd160-etm@openssh.com," \
+	"hmac-sha1-96-etm@openssh.com," \
+	"hmac-md5-96-etm@openssh.com," \
+	"hmac-md5," \
+	"hmac-sha1," \
 	"umac-64@openssh.com," \
 	"umac-128@openssh.com," \
 	"hmac-sha2-256," \
-	"hmac-sha2-512" \
+	"hmac-sha2-512," \
+	"hmac-ripemd160," \
+	"hmac-ripemd160@openssh.com," \
+	"hmac-sha1-96," \
+	"hmac-md5-96"
 
 #define	KEX_DEFAULT_COMP	"none,zlib@openssh.com,zlib"
 #define	KEX_DEFAULT_LANG	""