Re-add AES-CBC ciphers to the default cipher list on the server.

PR:		207679

crypto/openssh/FREEBSD-upgrade

@@ -1,4 +1,3 @@
-
 	    FreeBSD maintainer's guide to OpenSSH-portable
 	    ==============================================
 
@@ -166,6 +165,13 @@
    ignore HPN-related configuration options to avoid breaking existing
    configurations.
 
+A) AES-CBC
+
+   The AES-CBC ciphers were removed from the server-side proposal list
+   in 6.7p1 due to theoretical weaknesses and the availability of
+   superior ciphers (including AES-CTR and AES-GCM).  We have re-added
+   them for compatibility with third-party clients.
+
 
 
 This port was brought to you by (in no particular order) DARPA, NAI

crypto/openssh/myproposal.h

@@ -113,10 +113,11 @@
 #define KEX_SERVER_ENCRYPT \
 	"chacha20-poly1305@openssh.com," \
 	"aes128-ctr,aes192-ctr,aes256-ctr" \
-	AESGCM_CIPHER_MODES
+	AESGCM_CIPHER_MODES \
+	",aes128-cbc,aes192-cbc,aes256-cbc"
 
 #define KEX_CLIENT_ENCRYPT KEX_SERVER_ENCRYPT "," \
-	"aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc"
+	"3des-cbc"
 
 #define KEX_SERVER_MAC \
 	"umac-64-etm@openssh.com," \

crypto/openssh/sshd_config.5

@@ -482,7 +482,8 @@ The default is:
 .Bd -literal -offset indent
 chacha20-poly1305@openssh.com,
 aes128-ctr,aes192-ctr,aes256-ctr,
-aes128-gcm@openssh.com,aes256-gcm@openssh.com
+aes128-gcm@openssh.com,aes256-gcm@openssh.com,
+aes128-cbc,aes192-cbc,aes256-cbc
 .Ed
 .Pp
 The list of available ciphers may also be obtained using the