diff options
author | Anderson Toshiyuki Sasaki <ansasaki@redhat.com> | 2019-05-22 18:33:14 +0200 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2019-06-12 11:13:52 +0200 |
commit | 54d76098edda33a2b526e8eae069992abc470bb6 (patch) | |
tree | afeaf652d3afc1e939f99da366d97da5b937ef61 /include | |
parent | 56041dc7840ade64b16c9c299bd64504daa79599 (diff) | |
download | libssh-54d76098edda33a2b526e8eae069992abc470bb6.tar.gz libssh-54d76098edda33a2b526e8eae069992abc470bb6.tar.xz libssh-54d76098edda33a2b526e8eae069992abc470bb6.zip |
kex, pki, server, options: Filter algorithms in FIPS mode
When in FIPS mode, filter the algorithms to enable only the allowed
ones. If any algorithm is explicitly set through options or
configuration file, they are kept.
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Diffstat (limited to 'include')
-rw-r--r-- | include/libssh/kex.h | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/include/libssh/kex.h b/include/libssh/kex.h index 19a67c81..3a1f4a6f 100644 --- a/include/libssh/kex.h +++ b/include/libssh/kex.h @@ -39,11 +39,13 @@ int ssh_set_client_kex(ssh_session session); int ssh_kex_select_methods(ssh_session session); int ssh_verify_existing_algo(enum ssh_kex_types_e algo, const char *name); char *ssh_keep_known_algos(enum ssh_kex_types_e algo, const char *list); +char *ssh_keep_fips_algos(enum ssh_kex_types_e algo, const char *list); char **ssh_space_tokenize(const char *chain); int ssh_get_kex1(ssh_session session); char *ssh_find_matching(const char *in_d, const char *what_d); const char *ssh_kex_get_supported_method(uint32_t algo); const char *ssh_kex_get_default_methods(uint32_t algo); +const char *ssh_kex_get_fips_methods(uint32_t algo); const char *ssh_kex_get_description(uint32_t algo); char *ssh_client_select_hostkeys(ssh_session session); int ssh_send_rekex(ssh_session session); |