diff options
| author | Darren Tucker <dtucker@zip.com.au> | 2013-11-09 18:39:25 +1100 |
|---|---|---|
| committer | Darren Tucker <dtucker@zip.com.au> | 2013-11-09 18:39:25 +1100 |
| commit | 37bcef51b3d9d496caecea6394814d2f49a1357f (patch) | |
| tree | c564402d96ca797f8b0248552ef78f4f9408ef8c /kex.c | |
| parent | 6e2fe81f926d995bae4be4a6b5b3c88c1c525187 (diff) | |
| download | openssh-git-37bcef51b3d9d496caecea6394814d2f49a1357f.tar.gz | |
- (dtucker) [configure.ac kex.c key.c myproposal.h] Test for the presence of
NID_X9_62_prime256v1, NID_secp384r1 and NID_secp521r1 and test that the
latter actually works before using it. Fedora (at least) has NID_secp521r1
that doesn't work (see https://bugzilla.redhat.com/show_bug.cgi?id=1021897).
Diffstat (limited to 'kex.c')
| -rw-r--r-- | kex.c | 2 |
1 files changed, 2 insertions, 0 deletions
@@ -78,7 +78,9 @@ static const struct kexalg kexalgs[] = { #ifdef OPENSSL_HAS_ECC { KEX_ECDH_SHA2_NISTP256, KEX_ECDH_SHA2, NID_X9_62_prime256v1, EVP_sha256 }, { KEX_ECDH_SHA2_NISTP384, KEX_ECDH_SHA2, NID_secp384r1, EVP_sha384 }, +# ifdef OPENSSL_HAS_NISTP521 { KEX_ECDH_SHA2_NISTP521, KEX_ECDH_SHA2, NID_secp521r1, EVP_sha512 }, +# endif #endif #ifdef HAVE_EVP_SHA256 { KEX_CURVE25519_SHA256, KEX_C25519_SHA256, 0, EVP_sha256 }, |