-# $OpenBSD: putty-ciphers.sh,v 1.11 2021/09/01 03:16:06 dtucker Exp $
+# $OpenBSD: putty-ciphers.sh,v 1.12 2024/02/09 08:47:42 dtucker Exp $
# Placed in the Public Domain.
tid="putty ciphers"
-if test "x$REGRESS_INTEROP_PUTTY" != "xyes" ; then
- skip "putty interop tests not enabled"
-fi
-
-# Re-enable ssh-rsa on older PuTTY versions.
-oldver="`${PLINK} --version | awk '/plink: Release/{if ($3<0.76)print "yes"}'`"
-if [ "x$oldver" = "xyes" ]; then
- echo "HostKeyAlgorithms +ssh-rsa" >> ${OBJ}/sshd_proxy
- echo "PubkeyAcceptedKeyTypes +ssh-rsa" >> ${OBJ}/sshd_proxy
-fi
+puttysetup
for c in aes 3des aes128-ctr aes192-ctr aes256-ctr chacha20 ; do
verbose "$tid: cipher $c"
-# $OpenBSD: putty-kex.sh,v 1.9 2021/09/01 03:16:06 dtucker Exp $
+# $OpenBSD: putty-kex.sh,v 1.10 2024/02/09 08:47:42 dtucker Exp $
# Placed in the Public Domain.
tid="putty KEX"
-if test "x$REGRESS_INTEROP_PUTTY" != "xyes" ; then
- skip "putty interop tests not enabled"
-fi
-
-# Re-enable ssh-rsa on older PuTTY versions.
-oldver="`${PLINK} --version | awk '/plink: Release/{if ($3<0.76)print "yes"}'`"
-if [ "x$oldver" = "xyes" ]; then
- echo "HostKeyAlgorithms +ssh-rsa" >> ${OBJ}/sshd_proxy
- echo "PubkeyAcceptedKeyTypes +ssh-rsa" >> ${OBJ}/sshd_proxy
-fi
+puttysetup
for k in dh-gex-sha1 dh-group1-sha1 dh-group14-sha1 ecdh ; do
verbose "$tid: kex $k"
-# $OpenBSD: putty-transfer.sh,v 1.11 2021/09/01 03:16:06 dtucker Exp $
+# $OpenBSD: putty-transfer.sh,v 1.12 2024/02/09 08:47:42 dtucker Exp $
# Placed in the Public Domain.
tid="putty transfer data"
-if test "x$REGRESS_INTEROP_PUTTY" != "xyes" ; then
- skip "putty interop tests not enabled"
-fi
-
-# Re-enable ssh-rsa on older PuTTY versions.
-oldver="`${PLINK} --version | awk '/plink: Release/{if ($3<0.76)print "yes"}'`"
-if [ "x$oldver" = "xyes" ]; then
- echo "HostKeyAlgorithms +ssh-rsa" >> ${OBJ}/sshd_proxy
- echo "PubkeyAcceptedKeyTypes +ssh-rsa" >> ${OBJ}/sshd_proxy
-fi
+puttysetup
if [ "`${SSH} -Q compression`" = "none" ]; then
comp="0"
-# $OpenBSD: test-exec.sh,v 1.105 2023/10/31 04:15:40 dtucker Exp $
+# $OpenBSD: test-exec.sh,v 1.106 2024/02/09 08:47:42 dtucker Exp $
# Placed in the Public Domain.
#SUDO=sudo
esac
if test "$REGRESS_INTEROP_PUTTY" = "yes" ; then
+ puttysetup() {
+ if test "x$REGRESS_INTEROP_PUTTY" != "xyes" ; then
+ skip "putty interop tests not enabled"
+ fi
+
mkdir -p ${OBJ}/.putty
# Add a PuTTY key to authorized_keys
echo "ProxyMethod=5" >> ${OBJ}/.putty/sessions/localhost_proxy
echo "ProxyTelnetCommand=${OBJ}/sshd-log-wrapper.sh -i -f $OBJ/sshd_proxy" >> ${OBJ}/.putty/sessions/localhost_proxy
echo "ProxyLocalhost=1" >> ${OBJ}/.putty/sessions/localhost_proxy
+
+ PUTTYVER="`${PLINK} --version | awk '/plink: Release/{print $3}'`"
+ PUTTYMINORVER="`echo ${PUTTYVER} | cut -f2 -d.`"
+ verbose "plink version ${PUTTYVER} minor ${PUTTYMINORVER}"
+
+ # Re-enable ssh-rsa on older PuTTY versions since they don't do newer
+ # key types.
+ if [ "$PUTTYMINORVER" -lt "76" ]; then
+ echo "HostKeyAlgorithms +ssh-rsa" >> ${OBJ}/sshd_proxy
+ echo "PubkeyAcceptedKeyTypes +ssh-rsa" >> ${OBJ}/sshd_proxy
+ fi
+
+ if [ "$PUTTYMINORVER" -le "64" ]; then
+ echo "KexAlgorithms +diffie-hellman-group14-sha1" \
+ >>${OBJ}/sshd_proxy
+ fi
+ }
fi
REGRESS_INTEROP_DROPBEAR=no
projects / openbsd / commitdiff