go.crypto/ssh: never negotiate unsupported ciphers Fixes golang/go#4285. Adding a new cipher that is supported by the remote end, but not supported by our client causes that cipher to be considered a valid candidate. This fails later in setupKeys when there is no cipherModes configuration. In summary, unsupported ciphers cannot be willed into existence by adding them to the client config. This change enforces this. R=golang-dev, agl CC=golang-dev https://golang.org/cl/6780047

commit: 1582bf0781a894a66c3168ac9e7be32995bc1e73 [log] [tgz]
author: Dave Cheney <dave@cheney.net> Tue Oct 30 18:13:59 2012 +1100
committer: Dave Cheney <dave@cheney.net> Tue Oct 30 18:13:59 2012 +1100
tree: a4ca3e7fc07572b171160462e6de470d2025e008
parent: 2fccde5d00389df8edd4f660470ac8f105c6280e [diff] [blame]
diff --git a/ssh/cipher.go b/ssh/cipher.go
index 0646e1e..97e5d9b 100644
--- a/ssh/cipher.go
+++ b/ssh/cipher.go

@@ -74,6 +74,9 @@
 	"arcfour256", "arcfour128",
 }
 
+// cipherModes documents properties of supported ciphers. Ciphers not included
+// are not supported and will not be negotiated, even if explicitly requested in
+// ClientConfig.Crypto.Ciphers.
 var cipherModes = map[string]*cipherMode{
 	// Ciphers from RFC4344, which introduced many CTR-based ciphers. Algorithms
 	// are defined in the order specified in the RFC.
commit	1582bf0781a894a66c3168ac9e7be32995bc1e73	[log] [tgz]
author	Dave Cheney <dave@cheney.net>	Tue Oct 30 18:13:59 2012 +1100
committer	Dave Cheney <dave@cheney.net>	Tue Oct 30 18:13:59 2012 +1100
tree	a4ca3e7fc07572b171160462e6de470d2025e008
parent	2fccde5d00389df8edd4f660470ac8f105c6280e [diff] [blame]