From 8f23ed57b9b1a30f631ff96f29bd7aa6bd048a4e Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Thu, 22 Sep 2016 17:52:54 +0000 Subject: support plain curve25519-sha256 KEX algorithm now that it is approaching standardisation (same algorithm is currently supported as curve25519-sha256@libssh.org) --- usr.bin/ssh/kex.c | 3 ++- usr.bin/ssh/myproposal.h | 4 +++- 2 files changed, 5 insertions(+), 2 deletions(-) (limited to 'usr.bin') diff --git a/usr.bin/ssh/kex.c b/usr.bin/ssh/kex.c index 688f1fbe8a3..94c508de89d 100644 --- a/usr.bin/ssh/kex.c +++ b/usr.bin/ssh/kex.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kex.c,v 1.123 2016/09/21 19:53:12 djm Exp $ */ +/* $OpenBSD: kex.c,v 1.124 2016/09/22 17:52:53 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * @@ -90,6 +90,7 @@ static const struct kexalg kexalgs[] = { SSH_DIGEST_SHA512 }, #endif { KEX_CURVE25519_SHA256, KEX_C25519_SHA256, 0, SSH_DIGEST_SHA256 }, + { KEX_CURVE25519_SHA256_OLD, KEX_C25519_SHA256, 0, SSH_DIGEST_SHA256 }, { NULL, -1, -1, -1}, }; diff --git a/usr.bin/ssh/myproposal.h b/usr.bin/ssh/myproposal.h index acc393a7dee..fb369174e9b 100644 --- a/usr.bin/ssh/myproposal.h +++ b/usr.bin/ssh/myproposal.h @@ -1,4 +1,4 @@ -/* $OpenBSD: myproposal.h,v 1.52 2016/09/05 14:02:42 djm Exp $ */ +/* $OpenBSD: myproposal.h,v 1.53 2016/09/22 17:52:53 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -27,6 +27,7 @@ #ifdef WITH_OPENSSL #define KEX_COMMON_KEX \ + "curve25519-sha256," \ "curve25519-sha256@libssh.org," \ "ecdh-sha2-nistp256," \ "ecdh-sha2-nistp384," \ @@ -83,6 +84,7 @@ #else /* WITH_OPENSSL */ #define KEX_SERVER_KEX \ + "curve25519-sha256," \ "curve25519-sha256@libssh.org" #define KEX_DEFAULT_PK_ALG \ "ssh-ed25519-cert-v01@openssh.com," \ -- cgit v1.2.3