mirror of
https://github.com/freebsd/freebsd-src
synced 2024-07-21 10:19:04 +00:00
![Ed Maste](/assets/img/avatar_default.png)
OpenSSH v8.8p1 was motivated primarily by a security update and deprecation of RSA/SHA1 signatures. It also has a few minor bug fixes. The security update was already applied to FreeBSD as an independent change, and the RSA/SHA1 deprecation is excluded from this commit but will immediately follow. MFC after: 1 month Relnotes: Yes Sponsored by: The FreeBSD Foundation
29 lines
829 B
Bash
29 lines
829 B
Bash
# $OpenBSD: putty-kex.sh,v 1.9 2021/09/01 03:16:06 dtucker Exp $
|
|
# Placed in the Public Domain.
|
|
|
|
tid="putty KEX"
|
|
|
|
if test "x$REGRESS_INTEROP_PUTTY" != "xyes" ; then
|
|
skip "putty interop tests not enabled"
|
|
fi
|
|
|
|
# Re-enable ssh-rsa on older PuTTY versions.
|
|
oldver="`${PLINK} --version | awk '/plink: Release/{if ($3<0.76)print "yes"}'`"
|
|
if [ "x$oldver" = "xyes" ]; then
|
|
echo "HostKeyAlgorithms +ssh-rsa" >> ${OBJ}/sshd_proxy
|
|
echo "PubkeyAcceptedKeyTypes +ssh-rsa" >> ${OBJ}/sshd_proxy
|
|
fi
|
|
|
|
for k in dh-gex-sha1 dh-group1-sha1 dh-group14-sha1 ecdh ; do
|
|
verbose "$tid: kex $k"
|
|
cp ${OBJ}/.putty/sessions/localhost_proxy \
|
|
${OBJ}/.putty/sessions/kex_$k
|
|
echo "KEX=$k" >> ${OBJ}/.putty/sessions/kex_$k
|
|
|
|
env HOME=$PWD ${PLINK} -load kex_$k -batch -i ${OBJ}/putty.rsa2 true
|
|
if [ $? -ne 0 ]; then
|
|
fail "KEX $k failed"
|
|
fi
|
|
done
|
|
|