summaryrefslogtreecommitdiff
path: root/myproposal.h
diff options
context:
space:
mode:
authorDarren Tucker <dtucker@dtucker.net>2019-05-17 10:50:29 +1000
committerDarren Tucker <dtucker@dtucker.net>2019-05-17 10:50:29 +1000
commit633703babf8d9a88da85f23b800e1b88dec7cdbd (patch)
treed205b024d8f8b2394136d9dce14accdbd3c796b7 /myproposal.h
parent5c8d14c512f5d413095b22bdba08a6bb990f1e97 (diff)
Conditionalize ECDH methods in CA algos.
When building against an OpenSSL configured without ECC, don't include those algos in CASignatureAlgorithms. ok djm@
Diffstat (limited to 'myproposal.h')
-rw-r--r--myproposal.h4
1 files changed, 1 insertions, 3 deletions
diff --git a/myproposal.h b/myproposal.h
index f1672987..9205fb34 100644
--- a/myproposal.h
+++ b/myproposal.h
@@ -136,9 +136,7 @@
/* Not a KEX value, but here so all the algorithm defaults are together */
#define SSH_ALLOWED_CA_SIGALGS \
- "ecdsa-sha2-nistp256," \
- "ecdsa-sha2-nistp384," \
- "ecdsa-sha2-nistp521," \
+ KEX_ECDH_METHODS \
"ssh-ed25519," \
"rsa-sha2-512," \
"rsa-sha2-256," \