[patch 1/2] use chacha20 from openssl (1.1.0+) when possible

Damien Miller djm at mindrot.org
Thu Jan 23 11:57:26 AEDT 2020


On Thu, 16 Jan 2020, Jakub Jelen wrote:

> > Thanks for this - it seems to work okay with OpenSSL when patched to
> > -current, but when I adapt it for OpenBSD/LibreSSL the encryption is
> > broken and the connection fails right after KEX.

I've worked with the LibreSSL developers and they should land a fix
for EVP_chacha20 soon. Hopefully this will happen soon enough to get
this committed before the looming OpenSSH release.

-d


More information about the openssh-unix-dev mailing list