From 65c6b5057f8a9da32361d82e66be0572c8fadb0a Mon Sep 17 00:00:00 2001
From: Johannes Schindelin <johannes.schindelin@gmx.de>
Date: Wed, 1 Jun 2022 14:59:45 +0200
Subject: [PATCH] git-extra: disable CBC ciphers in ssh_config again

We had to re-enable them in b46fba6f4 (git-extra: re-enable some SSHv1
protocols, 2017-10-12) after an OpenSSH upgrade disabled them.

The reason why we had to re-enable those ciphers is gone now, though:
Azure Repos understand newer (safer) ciphers.

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
---
 git-extra/git-extra.install.in | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/git-extra/git-extra.install.in b/git-extra/git-extra.install.in
index 1d69d86cb9..04b4af751a 100644
--- a/git-extra/git-extra.install.in
+++ b/git-extra/git-extra.install.in
@@ -187,11 +187,9 @@ test -d "$TMPDIR" || test ! -d "$TMP" || {\
 		! grep -q '^Ciphers [a-z].*cbc' /etc/ssh/ssh_config ||
 		sed -i -e 's/^Ciphers [a-z].*cbc/#   &/' /etc/ssh/ssh_config
 
-		grep -q '^Ciphers\s\++' /etc/ssh/ssh_config ||
-		printf '%s\n%s\n' \
-			'# Added by git-extra' \
-			'Ciphers +aes128-cbc,3des-cbc,aes256-cbc,aes192-cbc' \
-			>>/etc/ssh/ssh_config
+		# Revert change by prior versions of git-extra.
+		! grep -q '^Ciphers\s\++' /etc/ssh/ssh_config ||
+		sed -i -e '/^# Added by git-extra/{N;/^\(.*\n\)\?Ciphers +[a-z].*cbc/d}' /etc/ssh/ssh_config
 
 		grep -q '^Host\s\+ssh\.dev\.azure\.com' /etc/ssh/ssh_config ||
 		printf '%s\n%s\n\t%s\n\t%s\n' \