upstream: use KEM API for vanilla DH KEX
from markus@ ok djm@
OpenBSD-Commit-ID: af56466426b08a8be275412ae2743319e3d277c9
diff --git a/sshd.c b/sshd.c
index 665b22b..eb92785 100644
--- a/sshd.c
+++ b/sshd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshd.c,v 1.529 2019/01/21 10:24:09 djm Exp $ */
+/* $OpenBSD: sshd.c,v 1.530 2019/01/21 10:28:02 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -2207,11 +2207,11 @@
fatal("kex_setup: %s", ssh_err(r));
kex = ssh->kex;
#ifdef WITH_OPENSSL
- kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
- kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
- kex->kex[KEX_DH_GRP14_SHA256] = kexdh_server;
- kex->kex[KEX_DH_GRP16_SHA512] = kexdh_server;
- kex->kex[KEX_DH_GRP18_SHA512] = kexdh_server;
+ kex->kex[KEX_DH_GRP1_SHA1] = kex_kem_server;
+ kex->kex[KEX_DH_GRP14_SHA1] = kex_kem_server;
+ kex->kex[KEX_DH_GRP14_SHA256] = kex_kem_server;
+ kex->kex[KEX_DH_GRP16_SHA512] = kex_kem_server;
+ kex->kex[KEX_DH_GRP18_SHA512] = kex_kem_server;
kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
# ifdef OPENSSL_HAS_ECC