upstream commit

Don't offer CBC ciphers by default in the client. ok markus@ Upstream-ID: 94c9ce8d0d1a085052e11c7f3307950fdc0901ef
2017-05-07 23:13:42 +00:00 · 2017-05-07 23:13:42 +00:00 · 70c1218fc4
parent acaf34fd82
commit 70c1218fc4
1 changed files with 2 additions and 3 deletions
--- a/myproposal.h
+++ b/myproposal.h
@ -1,4 +1,4 @@
-/* $OpenBSD: myproposal.h,v 1.54 2016/09/28 16:33:07 djm Exp $ */
+/* $OpenBSD: myproposal.h,v 1.55 2017/05/07 23:13:42 djm Exp $ */

 /*
 * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@ -121,8 +121,7 @@
 	"aes128-ctr,aes192-ctr,aes256-ctr" \
 	AESGCM_CIPHER_MODES

-#define KEX_CLIENT_ENCRYPT KEX_SERVER_ENCRYPT "," \
-	"aes128-cbc,aes192-cbc,aes256-cbc"
+#define KEX_CLIENT_ENCRYPT KEX_SERVER_ENCRYPT

 #define KEX_SERVER_MAC \
 	"umac-64-etm@openssh.com," \