From ed3a3c4dd44efb92a1897baa4e07aa685227cddd Mon Sep 17 00:00:00 2001 From: cinap_lenrek Date: Mon, 27 May 2019 02:11:16 +0200 Subject: ssh: work around github.com's broken cipher negotiation code (thanks Ori_B) key exchange with git@github.com fails as they appear to try to negotiate a mac algorithm even tho we use an AEAD cipher which does not use a mac algorithm. the work around is to supply a dummy mac algorithm that they can negotiate to make them happy. --- sys/src/cmd/ssh.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/src/cmd/ssh.c b/sys/src/cmd/ssh.c index 2d23be1d3..239a4f542 100644 --- a/sys/src/cmd/ssh.c +++ b/sys/src/cmd/ssh.c @@ -489,7 +489,7 @@ kex(int gotkexinit) static char kexalgs[] = "curve25519-sha256,curve25519-sha256@libssh.org"; static char cipheralgs[] = "chacha20-poly1305@openssh.com"; static char zipalgs[] = "none"; - static char macalgs[] = ""; + static char macalgs[] = "hmac-sha1"; /* work around for github.com */ static char langs[] = ""; uchar cookie[16], x[32], yc[32], z[32], k[32+1], h[SHA2_256dlen], *ys, *ks, *sig; -- cgit v1.2.3