gcrypt: Bugfix for very slow ecdh

Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
author: Aris Adamantiadis <aris@0xbadc0de.be> 2018-10-29 17:31:23 +0100
committer: Andreas Schneider <asn@cryptomilk.org> 2018-11-21 16:53:40 +0100
commit: 9546b20dec8ebe1896fb5a5c6ed6b7d5f9dc8b0c (patch)
tree: 58942ed4b0ec7507a184c91b6abf73cf89027710 /src/ecdh_gcrypt.c
parent: b227c12ad2779900cc7caf6c4850b2290e599b3a (diff)
download: libssh-9546b20dec8ebe1896fb5a5c6ed6b7d5f9dc8b0c.tar.gz
libssh-9546b20dec8ebe1896fb5a5c6ed6b7d5f9dc8b0c.tar.xz
libssh-9546b20dec8ebe1896fb5a5c6ed6b7d5f9dc8b0c.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/src/ecdh_gcrypt.c b/src/ecdh_gcrypt.c
index 7bbccc25..e43cacea 100644
--- a/src/ecdh_gcrypt.c
+++ b/src/ecdh_gcrypt.c
@@ -286,7 +286,7 @@ int ssh_server_ecdh_init(ssh_session session, ssh_buffer packet) {
     session->next_crypto->ecdh_client_pubkey = q_c_string;
 
     /* Build server's keypair */
-    err = gcry_sexp_build(&param, NULL, "(genkey(ecdh(curve %s)))",
+    err = gcry_sexp_build(&param, NULL, "(genkey(ecdh(curve %s) (flags transient-key)))",
                           curve);
     if (err) {
         goto out;
author	Aris Adamantiadis <aris@0xbadc0de.be>	2018-10-29 17:31:23 +0100
committer	Andreas Schneider <asn@cryptomilk.org>	2018-11-21 16:53:40 +0100
commit	9546b20dec8ebe1896fb5a5c6ed6b7d5f9dc8b0c (patch)
tree	58942ed4b0ec7507a184c91b6abf73cf89027710 /src/ecdh_gcrypt.c
parent	b227c12ad2779900cc7caf6c4850b2290e599b3a (diff)
download	libssh-9546b20dec8ebe1896fb5a5c6ed6b7d5f9dc8b0c.tar.gz libssh-9546b20dec8ebe1896fb5a5c6ed6b7d5f9dc8b0c.tar.xz libssh-9546b20dec8ebe1896fb5a5c6ed6b7d5f9dc8b0c.zip