[openssh-commits] [openssh] 02/02: upstream: Better compat tests with old PuTTY.

Tue Aug 31 17:10:19 AEST 2021

This is an automated email from the git hooks/post-receive script.

dtucker pushed a commit to branch master
in repository openssh.

commit d22b299115e27606e846b23490746f69fdd4fb38
Author: dtucker at openbsd.org <dtucker at openbsd.org>
Date:   Tue Aug 31 06:13:23 2021 +0000

    upstream: Better compat tests with old PuTTY.
    
    When running PuTTY interop tests and using a PuTTY version older than
    0.76, re-enable the ssh-rsa host key algorithm (the 256 and 512 variants
    of RSA were added some time between 0.73 and 0.76).
    
    OpenBSD-Regress-ID: e6138d6987aa705fa1e4f216db0bb386e1ff38e1
---
 regress/putty-ciphers.sh  | 8 +++++++-
 regress/putty-kex.sh      | 8 +++++++-
 regress/putty-transfer.sh | 8 +++++++-
 3 files changed, 21 insertions(+), 3 deletions(-)

diff --git a/regress/putty-ciphers.sh b/regress/putty-ciphers.sh
index ace88271..71755c07 100644
--- a/regress/putty-ciphers.sh
+++ b/regress/putty-ciphers.sh
@@ -1,4 +1,4 @@
-#	$OpenBSD: putty-ciphers.sh,v 1.7 2020/01/23 03:35:07 dtucker Exp $
+#	$OpenBSD: putty-ciphers.sh,v 1.8 2021/08/31 06:13:23 dtucker Exp $
 #	Placed in the Public Domain.
 
 tid="putty ciphers"
@@ -7,6 +7,12 @@ if test "x$REGRESS_INTEROP_PUTTY" != "xyes" ; then
 	fatal "putty interop tests not enabled"
 fi
 
+# Re-enable ssh-rsa on older PuTTY versions.
+oldver="`${PLINK} --version | awk '/plink: Release/{if ($3<0.76)print "yes"}'`"
+if [ "x$oldver" = "xyes" ]; then
+	echo "HostKeyalgorithms +ssh-rsa" >> sshd_config
+fi
+
 for c in aes 3des aes128-ctr aes192-ctr aes256-ctr chacha20 ; do
 	verbose "$tid: cipher $c"
 	cp ${OBJ}/.putty/sessions/localhost_proxy \
diff --git a/regress/putty-kex.sh b/regress/putty-kex.sh
index c9214f67..ba32cf0b 100644
--- a/regress/putty-kex.sh
+++ b/regress/putty-kex.sh
@@ -1,4 +1,4 @@
-#	$OpenBSD: putty-kex.sh,v 1.5 2020/01/23 03:24:38 dtucker Exp $
+#	$OpenBSD: putty-kex.sh,v 1.6 2021/08/31 06:13:23 dtucker Exp $
 #	Placed in the Public Domain.
 
 tid="putty KEX"
@@ -7,6 +7,12 @@ if test "x$REGRESS_INTEROP_PUTTY" != "xyes" ; then
 	fatal "putty interop tests not enabled"
 fi
 
+# Re-enable ssh-rsa on older PuTTY versions.
+oldver="`${PLINK} --version | awk '/plink: Release/{if ($3<0.76)print "yes"}'`"
+if [ "x$oldver" = "xyes" ]; then
+	echo "HostKeyalgorithms +ssh-rsa" >> sshd_config
+fi
+
 for k in dh-gex-sha1 dh-group1-sha1 dh-group14-sha1 ecdh ; do
 	verbose "$tid: kex $k"
 	cp ${OBJ}/.putty/sessions/localhost_proxy \
diff --git a/regress/putty-transfer.sh b/regress/putty-transfer.sh
index e36e8284..d3e75cb5 100644
--- a/regress/putty-transfer.sh
+++ b/regress/putty-transfer.sh
@@ -1,4 +1,4 @@
-#	$OpenBSD: putty-transfer.sh,v 1.7 2020/01/23 11:19:12 dtucker Exp $
+#	$OpenBSD: putty-transfer.sh,v 1.8 2021/08/31 06:13:23 dtucker Exp $
 #	Placed in the Public Domain.
 
 tid="putty transfer data"
@@ -7,6 +7,12 @@ if test "x$REGRESS_INTEROP_PUTTY" != "xyes" ; then
 	fatal "putty interop tests not enabled"
 fi
 
+# Re-enable ssh-rsa on older PuTTY versions.
+oldver="`${PLINK} --version | awk '/plink: Release/{if ($3<0.76)print "yes"}'`"
+if [ "x$oldver" = "xyes" ]; then
+	echo "HostKeyalgorithms +ssh-rsa" >> sshd_config
+fi
+
 if [ "`${SSH} -Q compression`" = "none" ]; then
 	comp="0"
 else

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
