upstream commit

Reorder client proposal to prefer
 diffie-hellman-group-exchange-sha1 over diffie-hellman-group14-sha1.  ok djm@

Upstream-ID: 552c08d47347c3ee1a9a57d88441ab50abe17058

myproposal.h

@@ -1,4 +1,4 @@
-/* $OpenBSD: myproposal.h,v 1.43 2015/04/21 07:01:00 jsg Exp $ */
+/* $OpenBSD: myproposal.h,v 1.44 2015/05/27 23:51:10 dtucker Exp $ */
 
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@@ -83,14 +83,17 @@
 # else
 #  define KEX_CURVE25519_METHODS ""
 # endif
-#define KEX_SERVER_KEX \
+#define KEX_COMMON_KEX \
 	KEX_CURVE25519_METHODS \
 	KEX_ECDH_METHODS \
-	KEX_SHA256_METHODS \
+	KEX_SHA256_METHODS
-	"diffie-hellman-group14-sha1"
 
-#define KEX_CLIENT_KEX KEX_SERVER_KEX "," \
+#define KEX_SERVER_KEX KEX_COMMON_KEX "," \
+	"diffie-hellman-group14-sha1" \
+
+#define KEX_CLIENT_KEX KEX_COMMON_KEX "," \
 	"diffie-hellman-group-exchange-sha1," \
+	"diffie-hellman-group14-sha1," \
 	"diffie-hellman-group1-sha1"
 
 #define	KEX_DEFAULT_PK_ALG	\

ssh_config.5

@@ -33,8 +33,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh_config.5,v 1.208 2015/04/28 13:47:38 jmc Exp $
+.\" $OpenBSD: ssh_config.5,v 1.209 2015/05/27 23:51:10 dtucker Exp $
-.Dd $Mdocdate: April 28 2015 $
+.Dd $Mdocdate: May 27 2015 $
 .Dt SSH_CONFIG 5
 .Os
 .Sh NAME
@@ -975,8 +975,8 @@ The default is:
 curve25519-sha256@libssh.org,
 ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,
 diffie-hellman-group-exchange-sha256,
-diffie-hellman-group14-sha1,
 diffie-hellman-group-exchange-sha1,
+diffie-hellman-group14-sha1,
 diffie-hellman-group1-sha1
 .Ed
 .Pp