update go gitv0.10.6

author: Jesse Duffield <jessedduffield@gmail.com> 2019-11-13 22:28:41 +1100
committer: Jesse Duffield <jessedduffield@gmail.com> 2019-11-14 09:41:56 +1100
commit: 30aed94aa8451911fc1c5ba1e52ff28b180a8d31 (patch)
tree: b8d68cfe129a94b42077aa2f912da519bfc95e8c /vendor/golang.org/x/crypto/ssh/common.go
parent: 3b1d705473494cca9894ec051d9d928c0c8926c7 (diff)
1 files changed, 9 insertions, 1 deletions
diff --git a/vendor/golang.org/x/crypto/ssh/common.go b/vendor/golang.org/x/crypto/ssh/common.go
index e55fe0ad6..290382d05 100644
--- a/vendor/golang.org/x/crypto/ssh/common.go
+++ b/vendor/golang.org/x/crypto/ssh/common.go
@@ -58,6 +58,14 @@ var serverForbiddenKexAlgos = map[string]struct{}{
 	kexAlgoDHGEXSHA256: {}, // server half implementation is only minimal to satisfy the automated tests
 }
 
+// preferredKexAlgos specifies the default preference for key-exchange algorithms
+// in preference order.
+var preferredKexAlgos = []string{
+	kexAlgoCurve25519SHA256,
+	kexAlgoECDH256, kexAlgoECDH384, kexAlgoECDH521,
+	kexAlgoDH14SHA1,
+}
+
 // supportedHostKeyAlgos specifies the supported host-key algorithms (i.e. methods
 // of authenticating servers) in preference order.
 var supportedHostKeyAlgos = []string{
@@ -246,7 +254,7 @@ func (c *Config) SetDefaults() {
 	c.Ciphers = ciphers
 
 	if c.KeyExchanges == nil {
-		c.KeyExchanges = supportedKexAlgos
+		c.KeyExchanges = preferredKexAlgos
 	}
 
 	if c.MACs == nil {
author	Jesse Duffield <jessedduffield@gmail.com>	2019-11-13 22:28:41 +1100
committer	Jesse Duffield <jessedduffield@gmail.com>	2019-11-14 09:41:56 +1100
commit	30aed94aa8451911fc1c5ba1e52ff28b180a8d31 (patch)
tree	b8d68cfe129a94b42077aa2f912da519bfc95e8c /vendor/golang.org/x/crypto/ssh/common.go
parent	3b1d705473494cca9894ec051d9d928c0c8926c7 (diff)