From 74cbc22529f3e5de756e1b7677b7624efb28f62c Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Thu, 7 Nov 2013 15:26:12 +1100 Subject: [PATCH] - dtucker@cvs.openbsd.org 2013/11/07 03:55:41 [regress/kextype.sh] Use ssh -Q to get kex types instead of a static list. --- ChangeLog | 3 +++ regress/kextype.sh | 15 ++------------- 2 files changed, 5 insertions(+), 13 deletions(-) diff --git a/ChangeLog b/ChangeLog index e07776512..3a6e7b512 100644 --- a/ChangeLog +++ b/ChangeLog @@ -37,6 +37,9 @@ - dtucker@cvs.openbsd.org 2013/11/07 02:48:38 [regress/integrity.sh regress/cipher-speed.sh regress/try-ciphers.sh] Use ssh -Q instead of hardcoding lists of ciphers or MACs. + - dtucker@cvs.openbsd.org 2013/11/07 03:55:41 + [regress/kextype.sh] + Use ssh -Q to get kex types instead of a static list. 20131104 - (djm) OpenBSD CVS Sync diff --git a/regress/kextype.sh b/regress/kextype.sh index 1cca12637..278c73e58 100644 --- a/regress/kextype.sh +++ b/regress/kextype.sh @@ -1,4 +1,4 @@ -# $OpenBSD: kextype.sh,v 1.2 2013/11/02 22:39:53 markus Exp $ +# $OpenBSD: kextype.sh,v 1.3 2013/11/07 03:55:41 dtucker Exp $ # Placed in the Public Domain. tid="login with different key exchange algorithms" @@ -7,19 +7,8 @@ TIME=/usr/bin/time cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak cp $OBJ/ssh_proxy $OBJ/ssh_proxy_bak -if test "$TEST_SSH_ECC" = "yes"; then - kextypes="ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521" -fi -if test "$TEST_SSH_SHA256" = "yes"; then - kextypes="$kextypes diffie-hellman-group-exchange-sha256" -fi -kextypes="$kextypes diffie-hellman-group-exchange-sha1" -kextypes="$kextypes diffie-hellman-group14-sha1" -kextypes="$kextypes diffie-hellman-group1-sha1" -kextypes="$kextypes curve25519-sha256@libssh.org" - tries="1 2 3 4" -for k in $kextypes; do +for k in `${SSH} -Q kex`; do verbose "kex $k" for i in $tries; do ${SSH} -F $OBJ/ssh_proxy -o KexAlgorithms=$k x true