From 2a87860e84932dc8736af5da0c9121af3b0c358e Mon Sep 17 00:00:00 2001
From: Joe Testa <jtesta@positronsecurity.com>
Date: Tue, 29 Sep 2020 15:03:41 -0400
Subject: [PATCH] Added 1 new cipher: des-cbc@ssh.com.  Bumped version.

---
 README.md    | 3 +++
 ssh-audit.py | 3 ++-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index df0f592..8f2e4b3 100644
--- a/README.md
+++ b/README.md
@@ -150,6 +150,9 @@ $ brew install ssh-audit
 For convenience, a web front-end on top of the command-line tool is available at [https://www.ssh-audit.com/](https://www.ssh-audit.com/).
 
 ## ChangeLog
+### v2.3.1-dev (???)
+ - Added 1 new cipher: `des-cbc@ssh.com`.
+
 ### v2.3.0 (2020-09-27)
  - Added new policy auditing functionality to test adherence to a hardening guide/standard configuration (see `-L`/`--list-policies`, `-M`/`--make-policy` and `-P`/`--policy`).  For an in-depth tutorial, see <https://www.positronsecurity.com/blog/2020-09-27-ssh-policy-configuration-checks-with-ssh-audit/>.
  - Created new man page (see `ssh-audit.1` file).
diff --git a/ssh-audit.py b/ssh-audit.py
index 3884996..efcf2c3 100755
--- a/ssh-audit.py
+++ b/ssh-audit.py
@@ -44,7 +44,7 @@ import traceback
 from typing import Dict, List, Set, Sequence, Tuple, Iterable
 from typing import Callable, Optional, Union, Any
 
-VERSION = 'v2.3.0'
+VERSION = 'v2.3.1-dev'
 SSH_HEADER = 'SSH-{0}-OpenSSH_8.2'  # SSH software to impersonate
 GITHUB_ISSUES_URL = 'https://github.com/jtesta/ssh-audit/issues'  # The URL to the Github issues tracker.
 
@@ -1000,6 +1000,7 @@ class SSH2:  # pylint: disable=too-few-public-methods
                 'none': [['1.2.2,d2013.56,l10.2'], [FAIL_PLAINTEXT]],
                 'des': [[], [FAIL_WEAK_CIPHER], [WARN_CIPHER_MODE, WARN_BLOCK_SIZE]],
                 'des-cbc': [[], [FAIL_WEAK_CIPHER], [WARN_CIPHER_MODE, WARN_BLOCK_SIZE]],
+                'des-cbc@ssh.com': [[], [FAIL_WEAK_CIPHER], [WARN_CIPHER_MODE, WARN_BLOCK_SIZE]],
                 'des-cbc-ssh1': [[], [FAIL_WEAK_CIPHER], [WARN_CIPHER_MODE, WARN_BLOCK_SIZE]],
                 '3des': [[], [FAIL_OPENSSH67_UNSAFE], [WARN_OPENSSH74_UNSAFE, WARN_CIPHER_WEAK, WARN_CIPHER_MODE, WARN_BLOCK_SIZE]],
                 '3des-cbc': [['1.2.2,d0.28,l10.2', '6.6', None], [FAIL_OPENSSH67_UNSAFE], [WARN_OPENSSH74_UNSAFE, WARN_CIPHER_WEAK, WARN_CIPHER_MODE, WARN_BLOCK_SIZE]],