Conditionalize ECDH methods in CA algos.
When building against an OpenSSL configured without ECC, don't include those algos in CASignatureAlgorithms. ok djm@
This commit is contained in:
parent
5c8d14c512
commit
633703babf
|
@ -136,9 +136,7 @@
|
||||||
|
|
||||||
/* Not a KEX value, but here so all the algorithm defaults are together */
|
/* Not a KEX value, but here so all the algorithm defaults are together */
|
||||||
#define SSH_ALLOWED_CA_SIGALGS \
|
#define SSH_ALLOWED_CA_SIGALGS \
|
||||||
"ecdsa-sha2-nistp256," \
|
KEX_ECDH_METHODS \
|
||||||
"ecdsa-sha2-nistp384," \
|
|
||||||
"ecdsa-sha2-nistp521," \
|
|
||||||
"ssh-ed25519," \
|
"ssh-ed25519," \
|
||||||
"rsa-sha2-512," \
|
"rsa-sha2-512," \
|
||||||
"rsa-sha2-256," \
|
"rsa-sha2-256," \
|
||||||
|
|
Loading…
Reference in New Issue