From 7131c7d40d4f5bd32b16031e884153548eee133f Mon Sep 17 00:00:00 2001
From: spacetourist <guy.callum@gmail.com>
Date: Sat, 21 Oct 2017 14:13:41 +0100
Subject: Configurable SSH cipher suite (#913)

* Configurable SSH cipher suite

* Update configuration file comment

* Add default in settings loading code

* Fix fmt and log messsage

* Remove default from code as this could probably might not be good idea
---
 modules/setting/setting.go | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'modules/setting')

diff --git a/modules/setting/setting.go b/modules/setting/setting.go
index 0bd73b8cba..0be95daadd 100644
--- a/modules/setting/setting.go
+++ b/modules/setting/setting.go
@@ -96,6 +96,7 @@ var (
 		ListenHost           string         `ini:"SSH_LISTEN_HOST"`
 		ListenPort           int            `ini:"SSH_LISTEN_PORT"`
 		RootPath             string         `ini:"SSH_ROOT_PATH"`
+		ServerCiphers        []string       `ini:"SSH_SERVER_CIPHERS"`
 		KeyTestPath          string         `ini:"SSH_KEY_TEST_PATH"`
 		KeygenPath           string         `ini:"SSH_KEYGEN_PATH"`
 		AuthorizedKeysBackup bool           `ini:"SSH_AUTHORIZED_KEYS_BACKUP"`
@@ -708,6 +709,7 @@ func NewContext() {
 		SSH.Domain = Domain
 	}
 	SSH.RootPath = path.Join(homeDir, ".ssh")
+	SSH.ServerCiphers = sec.Key("SSH_SERVER_CIPHERS").Strings(",")
 	SSH.KeyTestPath = os.TempDir()
 	if err = Cfg.Section("server").MapTo(&SSH); err != nil {
 		log.Fatal(4, "Failed to map SSH settings: %v", err)
-- 
cgit v1.2.3