[openssh-commits] [openssh] 01/02: Conditionalize ECDH methods in CA algos.
git+noreply at mindrot.org
git+noreply at mindrot.org
Fri May 17 10:57:56 AEST 2019
This is an automated email from the git hooks/post-receive script.
dtucker pushed a commit to branch master
in repository openssh.
commit 633703babf8d9a88da85f23b800e1b88dec7cdbd
Author: Darren Tucker <dtucker at dtucker.net>
Date: Fri May 17 10:50:29 2019 +1000
Conditionalize ECDH methods in CA algos.
When building against an OpenSSL configured without ECC, don't include
those algos in CASignatureAlgorithms. ok djm@
---
myproposal.h | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/myproposal.h b/myproposal.h
index f1672987..9205fb34 100644
--- a/myproposal.h
+++ b/myproposal.h
@@ -136,9 +136,7 @@
/* Not a KEX value, but here so all the algorithm defaults are together */
#define SSH_ALLOWED_CA_SIGALGS \
- "ecdsa-sha2-nistp256," \
- "ecdsa-sha2-nistp384," \
- "ecdsa-sha2-nistp521," \
+ KEX_ECDH_METHODS \
"ssh-ed25519," \
"rsa-sha2-512," \
"rsa-sha2-256," \
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list