regress test for each of the key exchange algorithms that we support

2 files changed, 29 insertions, 1 deletions

diff --git a/regress/usr.bin/ssh/Makefile b/regress/usr.bin/ssh/Makefile
index 6f38a8c4004..c3e1bb9186d 100644
--- a/regress/usr.bin/ssh/Makefile
+++ b/regress/usr.bin/ssh/Makefile
@@ -1,4 +1,4 @@
-#	$OpenBSD: Makefile,v 1.56 2010/09/02 16:12:55 markus Exp $
+#	$OpenBSD: Makefile,v 1.57 2010/09/22 12:26:05 djm Exp $
 
 REGRESS_TARGETS=	t1 t2 t3 t4 t5 t6 t7 t8 t9
 
@@ -47,12 +47,14 @@ LTESTS= 	connect \
 		forcecommand \
 		portnum \
 		keytype \
+		kextype \
 		cert-hostkey \
 		cert-userkey
 
 INTEROP_TESTS=	putty-transfer putty-ciphers putty-kex conch-ciphers
 #INTEROP_TESTS+=ssh-com ssh-com-client ssh-com-keygen ssh-com-sftp
 
+#LTESTS= 	cipher-speed
 
 USER!=		id -un
 CLEANFILES+=	authorized_keys_${USER} known_hosts pidfile \
diff --git a/regress/usr.bin/ssh/kextype.sh b/regress/usr.bin/ssh/kextype.sh
new file mode 100644
index 00000000000..ba6fd950942
--- /dev/null
+++ b/regress/usr.bin/ssh/kextype.sh
@@ -0,0 +1,26 @@
+#	$OpenBSD: kextype.sh,v 1.1 2010/09/22 12:26:05 djm Exp $
+#	Placed in the Public Domain.
+
+tid="login with different key exchange algorithms"
+
+TIME=/usr/bin/time
+cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak
+cp $OBJ/ssh_proxy $OBJ/ssh_proxy_bak
+
+kextypes="ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521"
+kextypes="$kextypes diffie-hellman-group-exchange-sha256"
+kextypes="$kextypes diffie-hellman-group-exchange-sha1"
+kextypes="$kextypes diffie-hellman-group14-sha1"
+kextypes="$kextypes diffie-hellman-group1-sha1"
+
+tries="1 2 3 4"
+for k in $kextypes; do 
+	verbose "kex $k"
+	for i in $tries; do
+		${SSH} -F $OBJ/ssh_proxy -o KexAlgorithms=$k x true
+		if [ $? -ne 0 ]; then
+			fail "ssh kex $k"
+		fi
+	done
+done
+