libmbedtls: Support OpenSSH-compatible AES-GCM ciphers using mbedTLS

Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
author: Jakub Jelen <jjelen@redhat.com> 2018-10-04 15:21:36 +0200
committer: Andreas Schneider <asn@cryptomilk.org> 2018-10-09 13:05:38 +0200
commit: 72bd2fe1972673ca173cba635472d6e7ad5783d1 (patch)
tree: 2638bdacd54eab4db36b38ccb2004e1e8792b905 /src/kex.c
parent: a2120e168b70218a82617b630e2030ff126a21ec (diff)
download: libssh-72bd2fe1972673ca173cba635472d6e7ad5783d1.tar.gz
libssh-72bd2fe1972673ca173cba635472d6e7ad5783d1.tar.xz
libssh-72bd2fe1972673ca173cba635472d6e7ad5783d1.zip
1 files changed, 7 insertions, 1 deletions
diff --git a/src/kex.c b/src/kex.c
index 382d88fb..ae71f370 100644
--- a/src/kex.c
+++ b/src/kex.c
@@ -48,7 +48,13 @@
 
 #elif defined HAVE_LIBMBEDCRYPTO
 # define BLOWFISH "blowfish-cbc,"
-# define AES "aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,"
+# ifdef MBEDTLS_GCM_C
+#  define GCM "aes256-gcm@openssh.com,aes128-gcm@openssh.com,"
+# else
+#  define GCM ""
+# endif /* MBEDTLS_GCM_C */
+# define AES GCM "aes256-ctr,aes192-ctr,aes128-ctr," \
+             "aes256-cbc,aes192-cbc,aes128-cbc,"
 # define DES "3des-cbc"
 # define DES_SUPPORTED "3des-cbc"
author	Jakub Jelen <jjelen@redhat.com>	2018-10-04 15:21:36 +0200
committer	Andreas Schneider <asn@cryptomilk.org>	2018-10-09 13:05:38 +0200
commit	72bd2fe1972673ca173cba635472d6e7ad5783d1 (patch)
tree	2638bdacd54eab4db36b38ccb2004e1e8792b905 /src/kex.c
parent	a2120e168b70218a82617b630e2030ff126a21ec (diff)
download	libssh-72bd2fe1972673ca173cba635472d6e7ad5783d1.tar.gz libssh-72bd2fe1972673ca173cba635472d6e7ad5783d1.tar.xz libssh-72bd2fe1972673ca173cba635472d6e7ad5783d1.zip