upstream: Use curve25519-sha256 kex where possible.

Except where we're explicitly testing a different kex, use curve25519-sha256 since it's faster than the default and supported even when configured without OpenSSL. Add a check to ensure that the kex we intended to test is the one we actually tested. Speeds test up by ~5%. OpenBSD-Regress-ID: 3b27fcc2ae953cb08fd82a0d3155c498b226d6e0
2025-02-09 10:27:12 +00:00 · 2024-08-21 06:59:08 +00:00 · 2024-08-21 06:59:08 +00:00 · 25c52f37a8
commit 25c52f37a8
parent 3eb62b7ba4
1 changed files with 13 additions and 2 deletions
--- a/regress/rekey.sh
+++ b/regress/rekey.sh
@ -1,4 +1,4 @@
-#	$OpenBSD: rekey.sh,v 1.26 2024/08/20 12:36:59 dtucker Exp $
+#	$OpenBSD: rekey.sh,v 1.27 2024/08/21 06:59:08 dtucker Exp $
 #	Placed in the Public Domain.

 tid="rekey"
@ -11,6 +11,7 @@ cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak

 echo "Compression no" >> $OBJ/ssh_proxy
 echo "RekeyLimit 256k" >> $OBJ/ssh_proxy
+echo "KexAlgorithms curve25519-sha256" >> ssh_proxy

 # Test rekeying based on data volume only.
 # Arguments: rekeylimit, kex method, optional remaining opts are passed to ssh.
@ -31,7 +32,7 @@ ssh_data_rekeying()
 	rm -f ${COPY} ${COPY2} ${LOG}
 	# Create data file just big enough to reach rekey threshold.
 	dd if=${DATA} of=${COPY} bs=$_bytes count=1 2>/dev/null
-	${SSH} <${COPY} $_opts -v \
+	${SSH} <${COPY} $_opts -vv \
 	    -oRekeyLimit=$_bytes -F $OBJ/ssh_proxy somehost "cat >${COPY2}"
 	if [ $? -ne 0 ]; then
 		fail "ssh failed ($@)"
@ -39,6 +40,16 @@ ssh_data_rekeying()
 	cmp ${COPY} ${COPY2}		|| fail "corrupted copy ($@)"
 	n=`grep 'NEWKEYS sent' ${LOG} | wc -l`
 	n=`expr $n - 1`
+	case "$_kexopt" in
+	KexAlgorithms*)
+		_want=`echo $_kexopt | cut -f2 -d=`
+		_got=`awk 'BEGIN{FS="[ \r]+"} /kex: algorithm: /{print $4}' \
+		    ${LOG} | sort -u`
+		if [ "$_want" != "$_got" ]; then
+			fail "expected kex $_want, got $_got"
+		fi
+		 ;;
+	esac
 	trace "$n rekeying(s)"
 	if [ $n -lt 1 ]; then
 		fail "no rekeying occurred ($@)"