myproposal.h revision 162856 
1/* $OpenBSD: myproposal.h,v 1.21 2006/03/25 22:22:43 djm Exp $ */
2/* $FreeBSD: head/crypto/openssh/myproposal.h 162856 2006-09-30 13:38:06Z des $ */
3
4/*
5 * Copyright (c) 2000 Markus Friedl.  All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 *    notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 *    notice, this list of conditions and the following disclaimer in the
14 *    documentation and/or other materials provided with the distribution.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
17 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
18 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
19 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
20 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
21 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
22 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
23 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
25 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 */
27
28#include <openssl/opensslv.h>
29
30/* Old OpenSSL doesn't support what we need for DHGEX-sha256 */
31#if OPENSSL_VERSION_NUMBER < 0x00907000L
32# define KEX_DEFAULT_KEX		\
33	"diffie-hellman-group-exchange-sha1," \
34	"diffie-hellman-group14-sha1," \
35	"diffie-hellman-group1-sha1"
36#else
37# define KEX_DEFAULT_KEX		\
38	"diffie-hellman-group-exchange-sha256," \
39	"diffie-hellman-group-exchange-sha1," \
40	"diffie-hellman-group14-sha1," \
41	"diffie-hellman-group1-sha1"
42#endif
43
44#define	KEX_DEFAULT_PK_ALG	"ssh-dss,ssh-rsa"
45#define	KEX_DEFAULT_ENCRYPT \
46	"aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc," \
47	"arcfour128,arcfour256,arcfour," \
48	"aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se," \
49	"aes128-ctr,aes192-ctr,aes256-ctr"
50#define	KEX_DEFAULT_MAC \
51	"hmac-md5,hmac-sha1,hmac-ripemd160," \
52	"hmac-ripemd160@openssh.com," \
53	"hmac-sha1-96,hmac-md5-96"
54#define	KEX_DEFAULT_COMP	"none,zlib@openssh.com,zlib"
55#define	KEX_DEFAULT_LANG	""
56
57
58static char *myproposal[PROPOSAL_MAX] = {
59	KEX_DEFAULT_KEX,
60	KEX_DEFAULT_PK_ALG,
61	KEX_DEFAULT_ENCRYPT,
62	KEX_DEFAULT_ENCRYPT,
63	KEX_DEFAULT_MAC,
64	KEX_DEFAULT_MAC,
65	KEX_DEFAULT_COMP,
66	KEX_DEFAULT_COMP,
67	KEX_DEFAULT_LANG,
68	KEX_DEFAULT_LANG
69};
70