- (djm) OpenBSD CVS updates:

- provos@cvs.openbsd.org 2000/11/22 08:38:31 [sshd.8] talk about /etc/primes, okay markus@ - markus@cvs.openbsd.org 2000/11/23 14:03:48 [ssh.c sshconnect1.c sshconnect2.c] complain about invalid ciphers for ssh1/ssh2, fall back to reasonable defaults - markus@cvs.openbsd.org 2000/11/25 09:42:53 [sshconnect1.c] reorder check for illegal ciphers, bugreport from espie@ - markus@cvs.openbsd.org 2000/11/25 10:19:34 [ssh-keygen.c ssh.h] print keytype when generating a key. reasonable defaults for RSA1/RSA/DSA keys.
author: Damien Miller <djm@mindrot.org> 2000-11-29 02:18:44 +0100
committer: Damien Miller <djm@mindrot.org> 2000-11-29 02:18:44 +0100
commit: e39cacc5793b19e74319b3c33c5e3b9fed0c18ff (patch)
tree: fdfe9c87a8fb716af0d235105e04580a24261011 /sshconnect1.c
parent: - (djm) bsd-rresvport.c bzero -> memset (diff)
download: openssh-e39cacc5793b19e74319b3c33c5e3b9fed0c18ff.tar.xz
openssh-e39cacc5793b19e74319b3c33c5e3b9fed0c18ff.zip
1 files changed, 6 insertions, 5 deletions
diff --git a/sshconnect1.c b/sshconnect1.c
index 227e10b4b..709329713 100644
--- a/sshconnect1.c
+++ b/sshconnect1.c
@@ -13,7 +13,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect1.c,v 1.9 2000/11/12 19:50:38 markus Exp $");
+RCSID("$OpenBSD: sshconnect1.c,v 1.11 2000/11/25 16:42:53 markus Exp $");
 
 #include <openssl/bn.h>
 #include <openssl/dsa.h>
@@ -833,13 +833,14 @@ ssh_kex(char *host, struct sockaddr *hostaddr)
 	RSA_free(public_key);
 	RSA_free(host_key);
 
-	if (options.cipher == SSH_CIPHER_ILLEGAL) {
+	if (options.cipher == SSH_CIPHER_NOT_SET) {
+		if (cipher_mask_ssh1(1) & supported_ciphers & (1 << ssh_cipher_default))
+			options.cipher = ssh_cipher_default;
+	} else if (options.cipher == SSH_CIPHER_ILLEGAL ||
+	    !(cipher_mask_ssh1(1) & (1 << options.cipher))) {
 		log("No valid SSH1 cipher, using %.100s instead.",
 		    cipher_name(ssh_cipher_default));
 		options.cipher = ssh_cipher_default;
-	} else if (options.cipher == SSH_CIPHER_NOT_SET) {
-		if (cipher_mask_ssh1(1) & supported_ciphers & (1 << ssh_cipher_default))
-			options.cipher = ssh_cipher_default;
 	}
 	/* Check that the selected cipher is supported. */
 	if (!(supported_ciphers & (1 << options.cipher)))
author	Damien Miller <djm@mindrot.org>	2000-11-29 02:18:44 +0100
committer	Damien Miller <djm@mindrot.org>	2000-11-29 02:18:44 +0100
commit	e39cacc5793b19e74319b3c33c5e3b9fed0c18ff (patch)
tree	fdfe9c87a8fb716af0d235105e04580a24261011 /sshconnect1.c
parent	- (djm) bsd-rresvport.c bzero -> memset (diff)
download	openssh-e39cacc5793b19e74319b3c33c5e3b9fed0c18ff.tar.xz openssh-e39cacc5793b19e74319b3c33c5e3b9fed0c18ff.zip