aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJakub Jelen <jjelen@redhat.com>2020-07-15 21:09:40 +0200
committerAndreas Schneider <asn@cryptomilk.org>2020-07-16 12:01:04 +0200
commit90e56df74e308c468796fb3a818f0e7f95687efb (patch)
tree4a30dc96675ba03718305f29a9edd0c570f614ab
parent906cc7e7e95047981677a43743cb7c4aa2bb3aab (diff)
downloadlibssh-90e56df74e308c468796fb3a818f0e7f95687efb.tar.gz
libssh-90e56df74e308c468796fb3a818f0e7f95687efb.tar.xz
libssh-90e56df74e308c468796fb3a818f0e7f95687efb.zip
Disable *-cbc ciphers by default
OpenSSH disabled them in 2014 and 2017 for servers and clients so its our turn to follow the suit. Fixes T236 Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
-rw-r--r--src/kex.c23
1 files changed, 13 insertions, 10 deletions
diff --git a/src/kex.c b/src/kex.c
index dc9d5097..c2c59de2 100644
--- a/src/kex.c
+++ b/src/kex.c
@@ -57,8 +57,8 @@
#ifdef HAVE_LIBGCRYPT
# define AES "aes256-gcm@openssh.com,aes128-gcm@openssh.com," \
- "aes256-ctr,aes192-ctr,aes128-ctr," \
- "aes256-cbc,aes192-cbc,aes128-cbc,"
+ "aes256-ctr,aes192-ctr,aes128-ctr,"
+# define AES_CBC "aes256-cbc,aes192-cbc,aes128-cbc,"
# define DES "3des-cbc"
# define DES_SUPPORTED "3des-cbc"
@@ -68,8 +68,8 @@
# else
# define GCM ""
# endif /* MBEDTLS_GCM_C */
-# define AES GCM "aes256-ctr,aes192-ctr,aes128-ctr," \
- "aes256-cbc,aes192-cbc,aes128-cbc,"
+# define AES GCM "aes256-ctr,aes192-ctr,aes128-ctr,"
+# define AES_CBC "aes256-cbc,aes192-cbc,aes128-cbc,"
# define DES "3des-cbc"
# define DES_SUPPORTED "3des-cbc"
@@ -81,12 +81,15 @@
# define GCM ""
# endif /* HAVE_OPENSSL_EVP_AES_GCM */
# ifdef BROKEN_AES_CTR
-# define AES GCM "aes256-cbc,aes192-cbc,aes128-cbc,"
+# define AES GCM
+# define AES_CBC "aes256-cbc,aes192-cbc,aes128-cbc,"
# else /* BROKEN_AES_CTR */
-# define AES GCM "aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,"
+# define AES GCM "aes256-ctr,aes192-ctr,aes128-ctr,"
+# define AES_CBC "aes256-cbc,aes192-cbc,aes128-cbc,"
# endif /* BROKEN_AES_CTR */
# else /* HAVE_OPENSSL_AES_H */
# define AES ""
+# define AES_CBC ""
# endif /* HAVE_OPENSSL_AES_H */
# define DES "3des-cbc"
@@ -230,8 +233,8 @@ static const char *fips_methods[] = {
static const char *default_methods[] = {
KEY_EXCHANGE,
DEFAULT_PUBLIC_KEY_ALGORITHMS,
- CHACHA20 AES BLOWFISH DES,
- CHACHA20 AES BLOWFISH DES,
+ CHACHA20 AES DES,
+ CHACHA20 AES DES,
"hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1",
"hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1",
"none",
@@ -245,8 +248,8 @@ static const char *default_methods[] = {
static const char *supported_methods[] = {
KEY_EXCHANGE_SUPPORTED,
PUBLIC_KEY_ALGORITHMS,
- CHACHA20 AES BLOWFISH DES_SUPPORTED NONE,
- CHACHA20 AES BLOWFISH DES_SUPPORTED NONE,
+ CHACHA20 AES AES_CBC BLOWFISH DES_SUPPORTED NONE,
+ CHACHA20 AES AES_CBC BLOWFISH DES_SUPPORTED NONE,
"hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1" NONE,
"hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1" NONE,
ZLIB,