+ /*
+ * The 'Connection/SSH/Host keys' panel.
+ */
+ if (protcfginfo != 1 && protcfginfo != -1) {
+ ctrl_settitle(b, "Connection/SSH/Host keys",
+ "Options controlling SSH host keys");
+
+ s = ctrl_getset(b, "Connection/SSH/Host keys", "main",
+ "Host key algorithm preference");
+ c = ctrl_draglist(s, "Algorithm selection policy:", 's',
+ HELPCTX(ssh_hklist),
+ hklist_handler, P(NULL));
+ c->listbox.height = 5;
+ }
+
+ /*
+ * Manual host key configuration is irrelevant mid-session,
+ * as we enforce that the host key for rekeys is the
+ * same as that used at the start of the session.
+ */
+ if (!midsession) {
+ s = ctrl_getset(b, "Connection/SSH/Host keys", "hostkeys",
+ "Manually configure host keys for this connection");
+
+ ctrl_columns(s, 2, 75, 25);
+ c = ctrl_text(s, "Host keys or fingerprints to accept:",
+ HELPCTX(ssh_kex_manual_hostkeys));
+ c->generic.column = 0;
+ /* You want to select from the list, _then_ hit Remove. So
+ * tab order should be that way round. */
+ mh = (struct manual_hostkey_data *)
+ ctrl_alloc(b,sizeof(struct manual_hostkey_data));
+ mh->rembutton = ctrl_pushbutton(s, "Remove", 'r',
+ HELPCTX(ssh_kex_manual_hostkeys),
+ manual_hostkey_handler, P(mh));
+ mh->rembutton->generic.column = 1;
+ mh->rembutton->generic.tabdelay = 1;
+ mh->listbox = ctrl_listbox(s, NULL, NO_SHORTCUT,
+ HELPCTX(ssh_kex_manual_hostkeys),
+ manual_hostkey_handler, P(mh));
+ /* This list box can't be very tall, because there's not
+ * much room in the pane on Windows at least. This makes
+ * it become really unhelpful if a horizontal scrollbar
+ * appears, so we suppress that. */
+ mh->listbox->listbox.height = 2;
+ mh->listbox->listbox.hscroll = FALSE;
+ ctrl_tabdelay(s, mh->rembutton);
+ mh->keybox = ctrl_editbox(s, "Key", 'k', 80,
+ HELPCTX(ssh_kex_manual_hostkeys),
+ manual_hostkey_handler, P(mh), P(NULL));
+ mh->keybox->generic.column = 0;
+ mh->addbutton = ctrl_pushbutton(s, "Add key", 'y',
+ HELPCTX(ssh_kex_manual_hostkeys),
+ manual_hostkey_handler, P(mh));
+ mh->addbutton->generic.column = 1;
+ ctrl_columns(s, 1, 100);
+ }
+
+ if (!midsession || !(protcfginfo == 1 || protcfginfo == -1)) {
+ /*
+ * The Connection/SSH/Cipher panel.
+ */
+ ctrl_settitle(b, "Connection/SSH/Cipher",
+ "Options controlling SSH encryption");
+
+ s = ctrl_getset(b, "Connection/SSH/Cipher",
+ "encryption", "Encryption options");
+ c = ctrl_draglist(s, "Encryption cipher selection policy:", 's',
+ HELPCTX(ssh_ciphers),
+ cipherlist_handler, P(NULL));
+ c->listbox.height = 6;
+
+ ctrl_checkbox(s, "Enable legacy use of single-DES in SSH-2", 'i',
+ HELPCTX(ssh_ciphers),
+ conf_checkbox_handler,
+ I(CONF_ssh2_des_cbc));
+ }
+