shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-11 10:40:27 +09:00
Code Issues Packages Projects Releases Wiki Activity

kex: Disable diffie-hellman-group-exchange-sha1 by default

Browse Source 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
This commit is contained in:
Jakub Jelen
2019-02-02 15:00:26 +01:00
committed by Andreas Schneider
parent 0833f07c53
commit a170580147
3 changed files with 59 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
src/kex.c
View File

@@ -114,15 +114,20 @@
#define ECDH "" #define ECDH ""
#endif #endif
#define GEX_SHA256 "diffie-hellman-group-exchange-sha256,"
#define GEX_SHA1 "diffie-hellman-group-exchange-sha1,"
#define CHACHA20 "chacha20-poly1305@openssh.com," #define CHACHA20 "chacha20-poly1305@openssh.com,"
#define KEY_EXCHANGE \ #define KEY_EXCHANGE \
CURVE25519 \ CURVE25519 \
ECDH \ ECDH \
"diffie-hellman-group18-sha512,diffie-hellman-group16-sha512," \ "diffie-hellman-group18-sha512,diffie-hellman-group16-sha512," \
"diffie-hellman-group-exchange-sha256," \ GEX_SHA256 \
"diffie-hellman-group14-sha1,diffie-hellman-group1-sha1," \ "diffie-hellman-group14-sha1,diffie-hellman-group1-sha1"
"diffie-hellman-group-exchange-sha1" #define KEY_EXCHANGE_SUPPORTED \
GEX_SHA1 \
KEY_EXCHANGE
#define KEX_METHODS_SIZE 10 #define KEX_METHODS_SIZE 10
/* RFC 8308 */ /* RFC 8308 */
@@ -145,7 +150,7 @@ static const char *default_methods[] = {
/* NOTE: This is a fixed API and the index is defined by ssh_kex_types_e */ /* NOTE: This is a fixed API and the index is defined by ssh_kex_types_e */
static const char *supported_methods[] = { static const char *supported_methods[] = {
KEY_EXCHANGE, KEY_EXCHANGE_SUPPORTED,
PUBLIC_KEY_ALGORITHMS, PUBLIC_KEY_ALGORITHMS,
CHACHA20 AES BLOWFISH DES_SUPPORTED, CHACHA20 AES BLOWFISH DES_SUPPORTED,
CHACHA20 AES BLOWFISH DES_SUPPORTED, CHACHA20 AES BLOWFISH DES_SUPPORTED,

26
tests/pkd/pkd_daemon.c
View File

@@ -7,6 +7,8 @@
* (c) 2014 Jon Simons * (c) 2014 Jon Simons
*/ */
#include "config.h"
#include <errno.h> #include <errno.h>
#include <netinet/in.h> #include <netinet/in.h>
#include <pthread.h> #include <pthread.h>
@@ -20,6 +22,7 @@
#include <libssh/callbacks.h> #include <libssh/callbacks.h>
#include <libssh/libssh.h> #include <libssh/libssh.h>
#include <libssh/server.h> #include <libssh/server.h>
#include <libssh/kex.h>
#include "pkd_daemon.h" #include "pkd_daemon.h"
@@ -231,7 +234,8 @@ static struct ssh_server_callbacks_struct pkd_server_cb = {
.channel_open_request_session_function = pkd_channel_openreq_cb, .channel_open_request_session_function = pkd_channel_openreq_cb,
}; };
static int pkd_exec_hello(int fd, struct pkd_daemon_args *args) { static int pkd_exec_hello(int fd, struct pkd_daemon_args *args)
{
int rc = -1; int rc = -1;
ssh_bind b = NULL; ssh_bind b = NULL;
ssh_session s = NULL; ssh_session s = NULL;
@@ -242,6 +246,9 @@ static int pkd_exec_hello(int fd, struct pkd_daemon_args *args) {
int level = args->opts.libssh_log_level; int level = args->opts.libssh_log_level;
enum pkd_hostkey_type_e type = args->type; enum pkd_hostkey_type_e type = args->type;
const char *hostkeypath = args->hostkeypath; const char *hostkeypath = args->hostkeypath;
const char *default_kex = NULL;
char *all_kex = NULL;
size_t kex_len = 0;
pkd_state.eof_received = 0; pkd_state.eof_received = 0;
pkd_state.close_received = 0; pkd_state.close_received = 0;
@@ -281,6 +288,23 @@ static int pkd_exec_hello(int fd, struct pkd_daemon_args *args) {
goto outclose; goto outclose;
} }
/* Add methods not enabled by default */
#define GEX_SHA1 "diffie-hellman-group-exchange-sha1"
default_kex = ssh_kex_get_default_methods(SSH_KEX);
kex_len = strlen(default_kex) + strlen(GEX_SHA1) + 2;
all_kex = malloc(kex_len);
if (all_kex == NULL) {
pkderr("Failed to alloc more memory.\n");
goto outclose;
}
snprintf(all_kex, kex_len, "%s," GEX_SHA1, default_kex);
rc = ssh_bind_options_set(b, SSH_BIND_OPTIONS_KEY_EXCHANGE, all_kex);
free(all_kex);
if (rc != 0) {
pkderr("ssh_bind_options_set kex methods: %s\n", ssh_get_error(b));
goto outclose;
}
s = ssh_new(); s = ssh_new();
if (s == NULL) { if (s == NULL) {
pkderr("ssh_new\n"); pkderr("ssh_new\n");

47
tests/pkd/pkd_hello.c
View File

@@ -214,6 +214,9 @@ static int torture_pkd_setup_ecdsa_521(void **state) {
/* Default passes by server key type. */ \ /* Default passes by server key type. */ \
f(client, ed25519_default, cmd, setup_ed25519, teardown) f(client, ed25519_default, cmd, setup_ed25519, teardown)
#define GEX_SHA256 "diffie-hellman-group-exchange-sha256"
#define GEX_SHA1 "diffie-hellman-group-exchange-sha1"
#ifdef HAVE_DSA #ifdef HAVE_DSA
#define PKDTESTS_KEX(f, client, kexcmd) \ #define PKDTESTS_KEX(f, client, kexcmd) \
/* Kex algorithms. */ \ /* Kex algorithms. */ \
@@ -226,8 +229,8 @@ static int torture_pkd_setup_ecdsa_521(void **state) {
f(client, rsa_diffie_hellman_group18_sha512, kexcmd("diffie-hellman-group18-sha512"), setup_rsa, teardown) \ f(client, rsa_diffie_hellman_group18_sha512, kexcmd("diffie-hellman-group18-sha512"), setup_rsa, teardown) \
f(client, rsa_diffie_hellman_group14_sha1, kexcmd("diffie-hellman-group14-sha1"), setup_rsa, teardown) \ f(client, rsa_diffie_hellman_group14_sha1, kexcmd("diffie-hellman-group14-sha1"), setup_rsa, teardown) \
f(client, rsa_diffie_hellman_group1_sha1, kexcmd("diffie-hellman-group1-sha1"), setup_rsa, teardown) \ f(client, rsa_diffie_hellman_group1_sha1, kexcmd("diffie-hellman-group1-sha1"), setup_rsa, teardown) \
f(client, rsa_diffie_hellman_group_exchange_sha256, kexcmd("diffie-hellman-group-exchange-sha256"),setup_rsa, teardown) \ f(client, rsa_diffie_hellman_group_exchange_sha256, kexcmd(GEX_SHA256), setup_rsa, teardown) \
f(client, rsa_diffie_hellman_group_exchange_sha1, kexcmd("diffie-hellman-group-exchange-sha1"),setup_rsa, teardown) \ f(client, rsa_diffie_hellman_group_exchange_sha1, kexcmd(GEX_SHA1), setup_rsa, teardown) \
f(client, dsa_curve25519_sha256, kexcmd("curve25519-sha256"), setup_dsa, teardown) \ f(client, dsa_curve25519_sha256, kexcmd("curve25519-sha256"), setup_dsa, teardown) \
f(client, dsa_curve25519_sha256_libssh_org, kexcmd("curve25519-sha256@libssh.org"), setup_dsa, teardown) \ f(client, dsa_curve25519_sha256_libssh_org, kexcmd("curve25519-sha256@libssh.org"), setup_dsa, teardown) \
f(client, dsa_ecdh_sha2_nistp256, kexcmd("ecdh-sha2-nistp256 "), setup_dsa, teardown) \ f(client, dsa_ecdh_sha2_nistp256, kexcmd("ecdh-sha2-nistp256 "), setup_dsa, teardown) \
@@ -237,8 +240,8 @@ static int torture_pkd_setup_ecdsa_521(void **state) {
f(client, dsa_diffie_hellman_group18_sha512, kexcmd("diffie-hellman-group18-sha512"), setup_dsa, teardown) \ f(client, dsa_diffie_hellman_group18_sha512, kexcmd("diffie-hellman-group18-sha512"), setup_dsa, teardown) \
f(client, dsa_diffie_hellman_group14_sha1, kexcmd("diffie-hellman-group14-sha1"), setup_dsa, teardown) \ f(client, dsa_diffie_hellman_group14_sha1, kexcmd("diffie-hellman-group14-sha1"), setup_dsa, teardown) \
f(client, dsa_diffie_hellman_group1_sha1, kexcmd("diffie-hellman-group1-sha1"), setup_dsa, teardown) \ f(client, dsa_diffie_hellman_group1_sha1, kexcmd("diffie-hellman-group1-sha1"), setup_dsa, teardown) \
f(client, dsa_diffie_hellman_group_exchange_sha256, kexcmd("diffie-hellman-group-exchange-sha256"),setup_dsa, teardown) \ f(client, dsa_diffie_hellman_group_exchange_sha256, kexcmd(GEX_SHA256), setup_dsa, teardown) \
f(client, dsa_diffie_hellman_group_exchange_sha1, kexcmd("diffie-hellman-group-exchange-sha1"),setup_dsa, teardown) \ f(client, dsa_diffie_hellman_group_exchange_sha1, kexcmd(GEX_SHA1), setup_dsa, teardown) \
f(client, ecdsa_256_curve25519_sha256, kexcmd("curve25519-sha256"), setup_ecdsa_256, teardown) \ f(client, ecdsa_256_curve25519_sha256, kexcmd("curve25519-sha256"), setup_ecdsa_256, teardown) \
f(client, ecdsa_256_curve25519_sha256_libssh_org, kexcmd("curve25519-sha256@libssh.org"), setup_ecdsa_256, teardown) \ f(client, ecdsa_256_curve25519_sha256_libssh_org, kexcmd("curve25519-sha256@libssh.org"), setup_ecdsa_256, teardown) \
f(client, ecdsa_256_ecdh_sha2_nistp256, kexcmd("ecdh-sha2-nistp256"), setup_ecdsa_256, teardown) \ f(client, ecdsa_256_ecdh_sha2_nistp256, kexcmd("ecdh-sha2-nistp256"), setup_ecdsa_256, teardown) \
@@ -248,8 +251,8 @@ static int torture_pkd_setup_ecdsa_521(void **state) {
f(client, ecdsa_256_diffie_hellman_group18_sha512,kexcmd("diffie-hellman-group18-sha512"), setup_ecdsa_256, teardown) \ f(client, ecdsa_256_diffie_hellman_group18_sha512,kexcmd("diffie-hellman-group18-sha512"), setup_ecdsa_256, teardown) \
f(client, ecdsa_256_diffie_hellman_group14_sha1, kexcmd("diffie-hellman-group14-sha1"), setup_ecdsa_256, teardown) \ f(client, ecdsa_256_diffie_hellman_group14_sha1, kexcmd("diffie-hellman-group14-sha1"), setup_ecdsa_256, teardown) \
f(client, ecdsa_256_diffie_hellman_group1_sha1, kexcmd("diffie-hellman-group1-sha1"), setup_ecdsa_256, teardown) \ f(client, ecdsa_256_diffie_hellman_group1_sha1, kexcmd("diffie-hellman-group1-sha1"), setup_ecdsa_256, teardown) \
f(client, ecdsa_256_diffie_hellman_group_exchange_sha256, kexcmd("diffie-hellman-group-exchange-sha256"),setup_ecdsa_256, teardown) \ f(client, ecdsa_256_diffie_hellman_group_exchange_sha256, kexcmd(GEX_SHA256), setup_ecdsa_256, teardown) \
f(client, ecdsa_256_diffie_hellman_group_exchange_sha1, kexcmd("diffie-hellman-group-exchange-sha1"),setup_ecdsa_256, teardown) \ f(client, ecdsa_256_diffie_hellman_group_exchange_sha1, kexcmd(GEX_SHA1), setup_ecdsa_256, teardown) \
f(client, ecdsa_384_curve25519_sha256, kexcmd("curve25519-sha256"), setup_ecdsa_384, teardown) \ f(client, ecdsa_384_curve25519_sha256, kexcmd("curve25519-sha256"), setup_ecdsa_384, teardown) \
f(client, ecdsa_384_curve25519_sha256_libssh_org, kexcmd("curve25519-sha256@libssh.org"), setup_ecdsa_384, teardown) \ f(client, ecdsa_384_curve25519_sha256_libssh_org, kexcmd("curve25519-sha256@libssh.org"), setup_ecdsa_384, teardown) \
f(client, ecdsa_384_ecdh_sha2_nistp256, kexcmd("ecdh-sha2-nistp256"), setup_ecdsa_384, teardown) \ f(client, ecdsa_384_ecdh_sha2_nistp256, kexcmd("ecdh-sha2-nistp256"), setup_ecdsa_384, teardown) \
@@ -259,8 +262,8 @@ static int torture_pkd_setup_ecdsa_521(void **state) {
f(client, ecdsa_384_diffie_hellman_group18_sha512,kexcmd("diffie-hellman-group18-sha512"), setup_ecdsa_384, teardown) \ f(client, ecdsa_384_diffie_hellman_group18_sha512,kexcmd("diffie-hellman-group18-sha512"), setup_ecdsa_384, teardown) \
f(client, ecdsa_384_diffie_hellman_group14_sha1, kexcmd("diffie-hellman-group14-sha1"), setup_ecdsa_384, teardown) \ f(client, ecdsa_384_diffie_hellman_group14_sha1, kexcmd("diffie-hellman-group14-sha1"), setup_ecdsa_384, teardown) \
f(client, ecdsa_384_diffie_hellman_group1_sha1, kexcmd("diffie-hellman-group1-sha1"), setup_ecdsa_384, teardown) \ f(client, ecdsa_384_diffie_hellman_group1_sha1, kexcmd("diffie-hellman-group1-sha1"), setup_ecdsa_384, teardown) \
f(client, ecdsa_384_diffie_hellman_group_exchange_sha256, kexcmd("diffie-hellman-group-exchange-sha256"),setup_ecdsa_384, teardown) \ f(client, ecdsa_384_diffie_hellman_group_exchange_sha256, kexcmd(GEX_SHA256), setup_ecdsa_384, teardown) \
f(client, ecdsa_384_diffie_hellman_group_exchange_sha1, kexcmd("diffie-hellman-group-exchange-sha1"),setup_ecdsa_384, teardown) \ f(client, ecdsa_384_diffie_hellman_group_exchange_sha1, kexcmd(GEX_SHA1), setup_ecdsa_384, teardown) \
f(client, ecdsa_521_curve25519_sha256, kexcmd("curve25519-sha256"), setup_ecdsa_521, teardown) \ f(client, ecdsa_521_curve25519_sha256, kexcmd("curve25519-sha256"), setup_ecdsa_521, teardown) \
f(client, ecdsa_521_curve25519_sha256_libssh_org, kexcmd("curve25519-sha256@libssh.org"), setup_ecdsa_521, teardown) \ f(client, ecdsa_521_curve25519_sha256_libssh_org, kexcmd("curve25519-sha256@libssh.org"), setup_ecdsa_521, teardown) \
f(client, ecdsa_521_ecdh_sha2_nistp256, kexcmd("ecdh-sha2-nistp256"), setup_ecdsa_521, teardown) \ f(client, ecdsa_521_ecdh_sha2_nistp256, kexcmd("ecdh-sha2-nistp256"), setup_ecdsa_521, teardown) \
@@ -270,8 +273,8 @@ static int torture_pkd_setup_ecdsa_521(void **state) {
f(client, ecdsa_521_diffie_hellman_group18_sha512,kexcmd("diffie-hellman-group18-sha512"), setup_ecdsa_521, teardown) \ f(client, ecdsa_521_diffie_hellman_group18_sha512,kexcmd("diffie-hellman-group18-sha512"), setup_ecdsa_521, teardown) \
f(client, ecdsa_521_diffie_hellman_group14_sha1, kexcmd("diffie-hellman-group14-sha1"), setup_ecdsa_521, teardown) \ f(client, ecdsa_521_diffie_hellman_group14_sha1, kexcmd("diffie-hellman-group14-sha1"), setup_ecdsa_521, teardown) \
f(client, ecdsa_521_diffie_hellman_group1_sha1, kexcmd("diffie-hellman-group1-sha1"), setup_ecdsa_521, teardown) \ f(client, ecdsa_521_diffie_hellman_group1_sha1, kexcmd("diffie-hellman-group1-sha1"), setup_ecdsa_521, teardown) \
f(client, ecdsa_521_diffie_hellman_group_exchange_sha256, kexcmd("diffie-hellman-group-exchange-sha256"),setup_ecdsa_521, teardown) \ f(client, ecdsa_521_diffie_hellman_group_exchange_sha256, kexcmd(GEX_SHA256), setup_ecdsa_521, teardown) \
f(client, ecdsa_521_diffie_hellman_group_exchange_sha1, kexcmd("diffie-hellman-group-exchange-sha1"),setup_ecdsa_521, teardown) f(client, ecdsa_521_diffie_hellman_group_exchange_sha1, kexcmd(GEX_SHA1), setup_ecdsa_521, teardown)
#else #else
#define PKDTESTS_KEX(f, client, kexcmd) \ #define PKDTESTS_KEX(f, client, kexcmd) \
@@ -285,8 +288,8 @@ static int torture_pkd_setup_ecdsa_521(void **state) {
f(client, rsa_diffie_hellman_group18_sha512, kexcmd("diffie-hellman-group18-sha512"), setup_rsa, teardown) \ f(client, rsa_diffie_hellman_group18_sha512, kexcmd("diffie-hellman-group18-sha512"), setup_rsa, teardown) \
f(client, rsa_diffie_hellman_group14_sha1, kexcmd("diffie-hellman-group14-sha1"), setup_rsa, teardown) \ f(client, rsa_diffie_hellman_group14_sha1, kexcmd("diffie-hellman-group14-sha1"), setup_rsa, teardown) \
f(client, rsa_diffie_hellman_group1_sha1, kexcmd("diffie-hellman-group1-sha1"), setup_rsa, teardown) \ f(client, rsa_diffie_hellman_group1_sha1, kexcmd("diffie-hellman-group1-sha1"), setup_rsa, teardown) \
f(client, rsa_diffie_hellman_group_exchange_sha256,kexcmd("diffie-hellman-group-exchange-sha256"),setup_rsa, teardown) \ f(client, rsa_diffie_hellman_group_exchange_sha256, kexcmd(GEX_SHA256), setup_rsa, teardown) \
f(client, rsa_diffie_hellman_group_exchange_sha1, kexcmd("diffie-hellman-group-exchange-sha1"),setup_rsa, teardown) \ f(client, rsa_diffie_hellman_group_exchange_sha1, kexcmd(GEX_SHA1), setup_rsa, teardown) \
f(client, ecdsa_256_curve25519_sha256, kexcmd("curve25519-sha256"), setup_ecdsa_256, teardown) \ f(client, ecdsa_256_curve25519_sha256, kexcmd("curve25519-sha256"), setup_ecdsa_256, teardown) \
f(client, ecdsa_256_curve25519_sha256_libssh_org, kexcmd("curve25519-sha256@libssh.org"), setup_ecdsa_256, teardown) \ f(client, ecdsa_256_curve25519_sha256_libssh_org, kexcmd("curve25519-sha256@libssh.org"), setup_ecdsa_256, teardown) \
f(client, ecdsa_256_ecdh_sha2_nistp256, kexcmd("ecdh-sha2-nistp256"), setup_ecdsa_256, teardown) \ f(client, ecdsa_256_ecdh_sha2_nistp256, kexcmd("ecdh-sha2-nistp256"), setup_ecdsa_256, teardown) \
@@ -296,8 +299,8 @@ static int torture_pkd_setup_ecdsa_521(void **state) {
f(client, ecdsa_256_diffie_hellman_group18_sha512,kexcmd("diffie-hellman-group18-sha512"), setup_ecdsa_256, teardown) \ f(client, ecdsa_256_diffie_hellman_group18_sha512,kexcmd("diffie-hellman-group18-sha512"), setup_ecdsa_256, teardown) \
f(client, ecdsa_256_diffie_hellman_group14_sha1, kexcmd("diffie-hellman-group14-sha1"), setup_ecdsa_256, teardown) \ f(client, ecdsa_256_diffie_hellman_group14_sha1, kexcmd("diffie-hellman-group14-sha1"), setup_ecdsa_256, teardown) \
f(client, ecdsa_256_diffie_hellman_group1_sha1, kexcmd("diffie-hellman-group1-sha1"), setup_ecdsa_256, teardown) \ f(client, ecdsa_256_diffie_hellman_group1_sha1, kexcmd("diffie-hellman-group1-sha1"), setup_ecdsa_256, teardown) \
f(client, ecdsa_256_diffie_hellman_group_exchange_sha256,kexcmd("diffie-hellman-group-exchange-sha256"),setup_ecdsa_256, teardown) \ f(client, ecdsa_256_diffie_hellman_group_exchange_sha256, kexcmd(GEX_SHA256), setup_ecdsa_256, teardown) \
f(client, ecdsa_256_diffie_hellman_group_exchange_sha1,kexcmd("diffie-hellman-group-exchange-sha1"),setup_ecdsa_256, teardown) \ f(client, ecdsa_256_diffie_hellman_group_exchange_sha1, kexcmd(GEX_SHA1), setup_ecdsa_256, teardown) \
f(client, ecdsa_384_curve25519_sha256, kexcmd("curve25519-sha256"), setup_ecdsa_384, teardown) \ f(client, ecdsa_384_curve25519_sha256, kexcmd("curve25519-sha256"), setup_ecdsa_384, teardown) \
f(client, ecdsa_384_curve25519_sha256_libssh_org, kexcmd("curve25519-sha256@libssh.org"), setup_ecdsa_384, teardown) \ f(client, ecdsa_384_curve25519_sha256_libssh_org, kexcmd("curve25519-sha256@libssh.org"), setup_ecdsa_384, teardown) \
f(client, ecdsa_384_ecdh_sha2_nistp256, kexcmd("ecdh-sha2-nistp256"), setup_ecdsa_384, teardown) \ f(client, ecdsa_384_ecdh_sha2_nistp256, kexcmd("ecdh-sha2-nistp256"), setup_ecdsa_384, teardown) \
@@ -307,8 +310,8 @@ static int torture_pkd_setup_ecdsa_521(void **state) {
f(client, ecdsa_384_diffie_hellman_group18_sha512,kexcmd("diffie-hellman-group18-sha512"), setup_ecdsa_384, teardown) \ f(client, ecdsa_384_diffie_hellman_group18_sha512,kexcmd("diffie-hellman-group18-sha512"), setup_ecdsa_384, teardown) \
f(client, ecdsa_384_diffie_hellman_group14_sha1, kexcmd("diffie-hellman-group14-sha1"), setup_ecdsa_384, teardown) \ f(client, ecdsa_384_diffie_hellman_group14_sha1, kexcmd("diffie-hellman-group14-sha1"), setup_ecdsa_384, teardown) \
f(client, ecdsa_384_diffie_hellman_group1_sha1, kexcmd("diffie-hellman-group1-sha1"), setup_ecdsa_384, teardown) \ f(client, ecdsa_384_diffie_hellman_group1_sha1, kexcmd("diffie-hellman-group1-sha1"), setup_ecdsa_384, teardown) \
f(client, ecdsa_384_diffie_hellman_group_exchange_sha256,kexcmd("diffie-hellman-group-exchange-sha256"),setup_ecdsa_384, teardown) \ f(client, ecdsa_384_diffie_hellman_group_exchange_sha256, kexcmd(GEX_SHA256), setup_ecdsa_384, teardown) \
f(client, ecdsa_384_diffie_hellman_group_exchange_sha1,kexcmd("diffie-hellman-group-exchange-sha1"),setup_ecdsa_384, teardown) \ f(client, ecdsa_384_diffie_hellman_group_exchange_sha1, kexcmd(GEX_SHA1), setup_ecdsa_384, teardown) \
f(client, ecdsa_521_curve25519_sha256, kexcmd("curve25519-sha256"), setup_ecdsa_521, teardown) \ f(client, ecdsa_521_curve25519_sha256, kexcmd("curve25519-sha256"), setup_ecdsa_521, teardown) \
f(client, ecdsa_521_curve25519_sha256_libssh_org, kexcmd("curve25519-sha256@libssh.org"), setup_ecdsa_521, teardown) \ f(client, ecdsa_521_curve25519_sha256_libssh_org, kexcmd("curve25519-sha256@libssh.org"), setup_ecdsa_521, teardown) \
f(client, ecdsa_521_ecdh_sha2_nistp256, kexcmd("ecdh-sha2-nistp256"), setup_ecdsa_521, teardown) \ f(client, ecdsa_521_ecdh_sha2_nistp256, kexcmd("ecdh-sha2-nistp256"), setup_ecdsa_521, teardown) \
@@ -318,8 +321,8 @@ static int torture_pkd_setup_ecdsa_521(void **state) {
f(client, ecdsa_521_diffie_hellman_group18_sha512,kexcmd("diffie-hellman-group18-sha512"), setup_ecdsa_521, teardown) \ f(client, ecdsa_521_diffie_hellman_group18_sha512,kexcmd("diffie-hellman-group18-sha512"), setup_ecdsa_521, teardown) \
f(client, ecdsa_521_diffie_hellman_group14_sha1, kexcmd("diffie-hellman-group14-sha1"), setup_ecdsa_521, teardown) \ f(client, ecdsa_521_diffie_hellman_group14_sha1, kexcmd("diffie-hellman-group14-sha1"), setup_ecdsa_521, teardown) \
f(client, ecdsa_521_diffie_hellman_group1_sha1, kexcmd("diffie-hellman-group1-sha1"), setup_ecdsa_521, teardown) \ f(client, ecdsa_521_diffie_hellman_group1_sha1, kexcmd("diffie-hellman-group1-sha1"), setup_ecdsa_521, teardown) \
f(client, ecdsa_521_diffie_hellman_group_exchange_sha256,kexcmd("diffie-hellman-group-exchange-sha256"),setup_ecdsa_521, teardown) \ f(client, ecdsa_521_diffie_hellman_group_exchange_sha256, kexcmd(GEX_SHA256), setup_ecdsa_521, teardown) \
f(client, ecdsa_521_diffie_hellman_group_exchange_sha1,kexcmd("diffie-hellman-group-exchange-sha1"),setup_ecdsa_521, teardown) f(client, ecdsa_521_diffie_hellman_group_exchange_sha1, kexcmd(GEX_SHA1), setup_ecdsa_521, teardown)
#endif #endif
@@ -335,8 +338,8 @@ static int torture_pkd_setup_ecdsa_521(void **state) {
f(client, ed25519_diffie_hellman_group18_sha512, kexcmd("diffie-hellman-group18-sha512"), setup_ed25519, teardown) \ f(client, ed25519_diffie_hellman_group18_sha512, kexcmd("diffie-hellman-group18-sha512"), setup_ed25519, teardown) \
f(client, ed25519_diffie_hellman_group14_sha1, kexcmd("diffie-hellman-group14-sha1"), setup_ed25519, teardown) \ f(client, ed25519_diffie_hellman_group14_sha1, kexcmd("diffie-hellman-group14-sha1"), setup_ed25519, teardown) \
f(client, ed25519_diffie_hellman_group1_sha1, kexcmd("diffie-hellman-group1-sha1"), setup_ed25519, teardown) \ f(client, ed25519_diffie_hellman_group1_sha1, kexcmd("diffie-hellman-group1-sha1"), setup_ed25519, teardown) \
f(client, ed25519_diffie_hellman_group_exchange_sha256,kexcmd("diffie-hellman-group-exchange-sha256"),setup_ed25519, teardown) \ f(client, ed25519_diffie_hellman_group_exchange_sha256, kexcmd(GEX_SHA256), setup_ed25519, teardown) \
f(client, ed25519_diffie_hellman_group_exchange_sha1,kexcmd("diffie-hellman-group-exchange-sha1"),setup_ed25519, teardown) f(client, ed25519_diffie_hellman_group_exchange_sha1, kexcmd(GEX_SHA1), setup_ed25519, teardown)
#else #else
#define PKDTESTS_KEX_OPENSSHONLY(f, client, kexcmd) \ #define PKDTESTS_KEX_OPENSSHONLY(f, client, kexcmd) \
/* Kex algorithms. */ \ /* Kex algorithms. */ \
@@ -348,8 +351,8 @@ static int torture_pkd_setup_ecdsa_521(void **state) {
f(client, ed25519_diffie_hellman_group16_sha512, kexcmd("diffie-hellman-group16-sha512"), setup_ed25519, teardown) \ f(client, ed25519_diffie_hellman_group16_sha512, kexcmd("diffie-hellman-group16-sha512"), setup_ed25519, teardown) \
f(client, ed25519_diffie_hellman_group18_sha512, kexcmd("diffie-hellman-group18-sha512"), setup_ed25519, teardown) \ f(client, ed25519_diffie_hellman_group18_sha512, kexcmd("diffie-hellman-group18-sha512"), setup_ed25519, teardown) \
f(client, ed25519_diffie_hellman_group1_sha1, kexcmd("diffie-hellman-group1-sha1"), setup_ed25519, teardown) \ f(client, ed25519_diffie_hellman_group1_sha1, kexcmd("diffie-hellman-group1-sha1"), setup_ed25519, teardown) \
f(client, ed25519_diffie_hellman_group_exchange_sha256,kexcmd("diffie-hellman-group-exchange-sha256"),setup_ed25519, teardown) \ f(client, ed25519_diffie_hellman_group_exchange_sha256, kexcmd(GEX_SHA256), setup_ed25519, teardown) \
f(client, ed25519_diffie_hellman_group_exchange_sha1,kexcmd("diffie-hellman-group-exchange-sha1"),setup_ed25519, teardown) f(client, ed25519_diffie_hellman_group_exchange_sha1, kexcmd(GEX_SHA1), setup_ed25519, teardown)
#endif #endif
#ifdef HAVE_DSA #ifdef HAVE_DSA