+ {
+ /* Backward-compatibility: we used to have an option to
+ * disable gex under the "bugs" panel after one report of
+ * a server which offered it then choked, but we never got
+ * a server version string or any other reports. */
+ char *default_kexes;
+ gppi(sesskey, "BugDHGEx2", 0, &i); i = 2-i;
+ if (i == FORCE_ON)
+ default_kexes = "dh-group14-sha1,dh-group1-sha1,WARN,dh-gex-sha1";
+ else
+ default_kexes = "dh-gex-sha1,dh-group14-sha1,dh-group1-sha1,WARN";
+ gprefs(sesskey, "KEX", default_kexes,
+ kexnames, KEX_MAX, cfg->ssh_kexlist);
+ }
+ gppi(sesskey, "RekeyTime", 60, &cfg->ssh_rekey_time);
+ gpps(sesskey, "RekeyBytes", "1G", cfg->ssh_rekey_data,
+ sizeof(cfg->ssh_rekey_data));