aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorAris Adamantiadis <aris@0xbadc0de.be>2015-01-24 18:19:57 +0100
committerAndreas Schneider <asn@cryptomilk.org>2015-01-26 08:57:06 +0100
commit7febad58211115cb03670173f907545bb9a9a78a (patch)
treead5c14da8b5092020e32470b02379a157cfd9efe /src
parentb235c380f29b22ab08421dd18e225acdaa21c555 (diff)
downloadlibssh-7febad58211115cb03670173f907545bb9a9a78a.tar.gz
libssh-7febad58211115cb03670173f907545bb9a9a78a.tar.xz
libssh-7febad58211115cb03670173f907545bb9a9a78a.zip
kex: disable des-cbc-ssh1 by default
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Diffstat (limited to 'src')
-rw-r--r--src/kex.c10
1 files changed, 6 insertions, 4 deletions
diff --git a/src/kex.c b/src/kex.c
index 695929e2..059ef157 100644
--- a/src/kex.c
+++ b/src/kex.c
@@ -40,7 +40,8 @@
#ifdef HAVE_LIBGCRYPT
# define BLOWFISH "blowfish-cbc,"
# define AES "aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,"
-# define DES "3des-cbc,des-cbc-ssh1"
+# define DES "3des-cbc"
+# define DES_SUPPORTED "3des-cbc,des-cbc-ssh1"
#elif defined(HAVE_LIBCRYPTO)
# ifdef HAVE_OPENSSL_BLOWFISH_H
# define BLOWFISH "blowfish-cbc,"
@@ -56,7 +57,8 @@
# else
# define AES ""
# endif
-# define DES "3des-cbc,des-cbc-ssh1"
+# define DES "3des-cbc"
+# define DES_SUPPORTED "3des-cbc,des-cbc-ssh1"
#endif
#ifdef WITH_ZLIB
@@ -101,8 +103,8 @@ static const char *default_methods[] = {
static const char *supported_methods[] = {
KEY_EXCHANGE,
HOSTKEYS,
- AES BLOWFISH DES,
- AES BLOWFISH DES,
+ AES BLOWFISH DES_SUPPORTED,
+ AES BLOWFISH DES_SUPPORTED,
"hmac-sha1,hmac-sha2-256,hmac-sha2-512",
"hmac-sha1,hmac-sha2-256,hmac-sha2-512",
ZLIB,