- (djm) OpenBSD CVS updates:
- provos@cvs.openbsd.org 2000/11/22 08:38:31
[sshd.8]
talk about /etc/primes, okay markus@
- markus@cvs.openbsd.org 2000/11/23 14:03:48
[ssh.c sshconnect1.c sshconnect2.c]
complain about invalid ciphers for ssh1/ssh2, fall back to reasonable
defaults
- markus@cvs.openbsd.org 2000/11/25 09:42:53
[sshconnect1.c]
reorder check for illegal ciphers, bugreport from espie@
- markus@cvs.openbsd.org 2000/11/25 10:19:34
[ssh-keygen.c ssh.h]
print keytype when generating a key.
reasonable defaults for RSA1/RSA/DSA keys.
diff --git a/sshconnect2.c b/sshconnect2.c
index bb4774a..69d9c49 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -23,7 +23,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: sshconnect2.c,v 1.28 2000/11/12 19:50:38 markus Exp $");
+RCSID("$OpenBSD: sshconnect2.c,v 1.29 2000/11/23 21:03:47 markus Exp $");
#include <openssl/bn.h>
#include <openssl/rsa.h>
@@ -74,14 +74,9 @@
Buffer *client_kexinit, *server_kexinit;
char *sprop[PROPOSAL_MAX];
- if (options.ciphers == NULL) {
- if (options.cipher == SSH_CIPHER_3DES) {
- options.ciphers = "3des-cbc";
- } else if (options.cipher == SSH_CIPHER_BLOWFISH) {
- options.ciphers = "blowfish-cbc";
- } else if (options.cipher == SSH_CIPHER_DES) {
- fatal("cipher DES not supported for protocol version 2");
- }
+ if (options.ciphers == (char *)-1) {
+ log("No valid ciphers for protocol version 2 given, using defaults.");
+ options.ciphers = NULL;
}
if (options.ciphers != NULL) {
myproposal[PROPOSAL_ENC_ALGS_CTOS] =