summaryrefslogtreecommitdiff
path: root/sshconnect1.c
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2000-11-29 12:18:44 +1100
committerDamien Miller <djm@mindrot.org>2000-11-29 12:18:44 +1100
commite39cacc5793b19e74319b3c33c5e3b9fed0c18ff (patch)
treefdfe9c87a8fb716af0d235105e04580a24261011 /sshconnect1.c
parent3f62abaee876bb4ef7450799cdee1081297aae51 (diff)
- (djm) OpenBSD CVS updates:
- provos@cvs.openbsd.org 2000/11/22 08:38:31 [sshd.8] talk about /etc/primes, okay markus@ - markus@cvs.openbsd.org 2000/11/23 14:03:48 [ssh.c sshconnect1.c sshconnect2.c] complain about invalid ciphers for ssh1/ssh2, fall back to reasonable defaults - markus@cvs.openbsd.org 2000/11/25 09:42:53 [sshconnect1.c] reorder check for illegal ciphers, bugreport from espie@ - markus@cvs.openbsd.org 2000/11/25 10:19:34 [ssh-keygen.c ssh.h] print keytype when generating a key. reasonable defaults for RSA1/RSA/DSA keys.
Diffstat (limited to 'sshconnect1.c')
-rw-r--r--sshconnect1.c11
1 files changed, 6 insertions, 5 deletions
diff --git a/sshconnect1.c b/sshconnect1.c
index 227e10b4..70932971 100644
--- a/sshconnect1.c
+++ b/sshconnect1.c
@@ -13,7 +13,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: sshconnect1.c,v 1.9 2000/11/12 19:50:38 markus Exp $");
+RCSID("$OpenBSD: sshconnect1.c,v 1.11 2000/11/25 16:42:53 markus Exp $");
#include <openssl/bn.h>
#include <openssl/dsa.h>
@@ -833,13 +833,14 @@ ssh_kex(char *host, struct sockaddr *hostaddr)
RSA_free(public_key);
RSA_free(host_key);
- if (options.cipher == SSH_CIPHER_ILLEGAL) {
+ if (options.cipher == SSH_CIPHER_NOT_SET) {
+ if (cipher_mask_ssh1(1) & supported_ciphers & (1 << ssh_cipher_default))
+ options.cipher = ssh_cipher_default;
+ } else if (options.cipher == SSH_CIPHER_ILLEGAL ||
+ !(cipher_mask_ssh1(1) & (1 << options.cipher))) {
log("No valid SSH1 cipher, using %.100s instead.",
cipher_name(ssh_cipher_default));
options.cipher = ssh_cipher_default;
- } else if (options.cipher == SSH_CIPHER_NOT_SET) {
- if (cipher_mask_ssh1(1) & supported_ciphers & (1 << ssh_cipher_default))
- options.cipher = ssh_cipher_default;
}
/* Check that the selected cipher is supported. */
if (!(supported_ciphers & (1 << options.cipher)))