1 files changed, 24 insertions, 16 deletions

diff --git a/regress/putty-kex.sh b/regress/putty-kex.sh
index c75802a..22f8bd7 100644
--- a/regress/putty-kex.sh
+++ b/regress/putty-kex.sh
@@ -1,28 +1,36 @@
-#	$OpenBSD: putty-kex.sh,v 1.9 2021/09/01 03:16:06 dtucker Exp $
+#	$OpenBSD: putty-kex.sh,v 1.11 2024/02/09 08:56:59 dtucker Exp $
 #	Placed in the Public Domain.
 
 tid="putty KEX"
 
-if test "x$REGRESS_INTEROP_PUTTY" != "xyes" ; then
-	skip "putty interop tests not enabled"
-fi
+puttysetup
 
-# Re-enable ssh-rsa on older PuTTY versions.
-oldver="`${PLINK} --version | awk '/plink: Release/{if ($3<0.76)print "yes"}'`"
-if [ "x$oldver" = "xyes" ]; then
-	echo "HostKeyAlgorithms +ssh-rsa" >> ${OBJ}/sshd_proxy
-	echo "PubkeyAcceptedKeyTypes +ssh-rsa" >> ${OBJ}/sshd_proxy
-fi
+cp ${OBJ}/sshd_proxy ${OBJ}/sshd_proxy_bak
 
-for k in dh-gex-sha1 dh-group1-sha1 dh-group14-sha1 ecdh ; do
+# Enable group1, which PuTTY now disables by default
+echo "KEX=dh-group1-sha1" >>${OBJ}/.putty/sessions/localhost_proxy
+
+# Grepping algos out of the binary is pretty janky, but AFAIK there's no way
+# to query supported algos.
+kex=""
+for k in `$SSH -Q kex`; do
+	if strings "${PLINK}" | grep -E "^${k}$" >/dev/null; then
+		kex="${kex} ${k}"
+	else
+		trace "omitting unsupported KEX ${k}"
+	fi
+done
+
+for k in ${kex}; do
 	verbose "$tid: kex $k"
-	cp ${OBJ}/.putty/sessions/localhost_proxy \
-	    ${OBJ}/.putty/sessions/kex_$k
-	echo "KEX=$k" >> ${OBJ}/.putty/sessions/kex_$k
+	cp ${OBJ}/sshd_proxy_bak ${OBJ}/sshd_proxy
+	echo "KexAlgorithms ${k}" >>${OBJ}/sshd_proxy
 
-	env HOME=$PWD ${PLINK} -load kex_$k -batch -i ${OBJ}/putty.rsa2 true
+	env HOME=$PWD ${PLINK} -v -load localhost_proxy -batch -i ${OBJ}/putty.rsa2 true \
+	    2>${OBJ}/log/putty-kex-$k.log
 	if [ $? -ne 0 ]; then
 		fail "KEX $k failed"
 	fi
+	kexmsg=`grep -E '^Doing.* key exchange' ${OBJ}/log/putty-kex-$k.log`
+	trace putty: ${kexmsg}
 done
-