From 29ae6bbdbe85f97463886e0324d4d3bca63339dd Mon Sep 17 00:00:00 2001
From: djm <djm@openbsd.org>
Date: Tue, 9 Jan 2024 21:39:14 +0000
Subject: [PATCH] adapt ssh_api.c code for kex-strict

from markus@ ok me
---
 usr.bin/ssh/ssh_api.c | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/usr.bin/ssh/ssh_api.c b/usr.bin/ssh/ssh_api.c
index eae3e6f848b..54f82cfb7c8 100644
--- a/usr.bin/ssh/ssh_api.c
+++ b/usr.bin/ssh/ssh_api.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh_api.c,v 1.27 2021/04/03 06:18:41 djm Exp $ */
+/* $OpenBSD: ssh_api.c,v 1.28 2024/01/09 21:39:14 djm Exp $ */
 /*
  * Copyright (c) 2012 Markus Friedl.  All rights reserved.
  *
@@ -78,6 +78,7 @@ int
 ssh_init(struct ssh **sshp, int is_server, struct kex_params *kex_params)
 {
 	char *myproposal[PROPOSAL_MAX] = { KEX_CLIENT };
+	char *populated[PROPOSAL_MAX];
 	struct ssh *ssh;
 	char **proposal;
 	static int called;
@@ -97,10 +98,19 @@ ssh_init(struct ssh **sshp, int is_server, struct kex_params *kex_params)
 
 	/* Initialize key exchange */
 	proposal = kex_params ? kex_params->proposal : myproposal;
-	if ((r = kex_ready(ssh, proposal)) != 0) {
+	kex_proposal_populate_entries(ssh, populated,
+	    proposal[PROPOSAL_KEX_ALGS],
+	    proposal[PROPOSAL_ENC_ALGS_CTOS],
+	    proposal[PROPOSAL_MAC_ALGS_CTOS],
+	    proposal[PROPOSAL_COMP_ALGS_CTOS],
+	    proposal[PROPOSAL_SERVER_HOST_KEY_ALGS]);
+	r = kex_ready(ssh, populated);
+	kex_proposal_free_entries(populated);
+	if (r != 0) {
 		ssh_free(ssh);
 		return r;
 	}
+
 	ssh->kex->server = is_server;
 	if (is_server) {
 #ifdef WITH_OPENSSL
-- 
2.20.1