Conditionalize ECDH methods in CA algos.

When building against an OpenSSL configured without ECC, don't include those algos in CASignatureAlgorithms. ok djm@
anezjonathan · May 17, 2019 · 633703b · 633703b
1 parent 5c8d14c
commit 633703b
Showing 1 changed file with 1 addition and 3 deletions.
diff --git a/myproposal.h b/myproposal.h
@@ -136,9 +136,7 @@
 
 /* Not a KEX value, but here so all the algorithm defaults are together */
 #define	SSH_ALLOWED_CA_SIGALGS	\
-	"ecdsa-sha2-nistp256," \
-	"ecdsa-sha2-nistp384," \
-	"ecdsa-sha2-nistp521," \
+	KEX_ECDH_METHODS \
 	"ssh-ed25519," \
 	"rsa-sha2-512," \
 	"rsa-sha2-256," \