From 839ed84e59357bd3e0cff7752fbca7aebd3e2f9b Mon Sep 17 00:00:00 2001
From: Simon Tatham <anakin@pobox.com>
Date: Tue, 1 May 2018 07:41:01 +0100
Subject: [PATCH] Revert KEX_MAX_CONF system from the GSS kex patch.

Commit d515e4f1a went through a lot of very different shapes before it
was finally pushed. In some of them, GSS kex had its own value in the
kex enumeration, but it was used in ssh.c but not in config.c
(because, as in the final version, it wasn't configured by the same
drag-list system as the rest of them). So we had to distinguish the
set of key exchange ids known to the program as a whole from the set
controllable in the configuration.

In the final version, GSS kex ended up even more separated from the
kex enumeration than that: the enum value KEX_GSS_SHA1_K5 isn't used
at all. Instead, GSS key exchange appears in the list at the point of
translation from the list of enum values into the list of pointers to
data structures full of kex methods.

But after all the changes, everyone involved forgot to revert the part
of the patch which split KEX_MAX in two and introduced the pointless
value KEX_GSS_SHA1_K5! Better late than never: I'm reverting it now,
to avoid confusion, and because I don't have any reason to think the
distinction will be useful for any other purpose.
---
 config.c   | 6 +++---
 putty.h    | 8 --------
 settings.c | 6 +++---
 ssh.c      | 4 ++--
 4 files changed, 8 insertions(+), 16 deletions(-)

diff --git a/config.c b/config.c
index c949cf39..fb392212 100644
--- a/config.c
+++ b/config.c
@@ -442,7 +442,7 @@ static void kexlist_handler(union control *ctrl, void *dlg,
 	/* (kexlist assumed to contain all algorithms) */
 	dlg_update_start(ctrl, dlg);
 	dlg_listbox_clear(ctrl, dlg);
-        for (i = 0; i < KEX_MAX_CONF; i++) {
+        for (i = 0; i < KEX_MAX; i++) {
 	    int k = conf_get_int_int(conf, CONF_ssh_kexlist, i);
 	    int j;
 	    const char *kstr = NULL;
@@ -460,7 +460,7 @@ static void kexlist_handler(union control *ctrl, void *dlg,
 	int i;
 
 	/* Update array to match the list box. */
-        for (i=0; i < KEX_MAX_CONF; i++)
+        for (i=0; i < KEX_MAX; i++)
 	    conf_set_int_int(conf, CONF_ssh_kexlist, i,
 			     dlg_listbox_getid(ctrl, dlg, i));
     }
@@ -2402,7 +2402,7 @@ void setup_config_box(struct controlbox *b, int midsession,
 	    c = ctrl_draglist(s, "Algorithm selection policy:", 's',
 			      HELPCTX(ssh_kexlist),
 			      kexlist_handler, P(NULL));
-            c->listbox.height = KEX_MAX_CONF;
+            c->listbox.height = KEX_MAX;
 	    ctrl_checkbox(s, "Attempt GSSAPI key exchange",
 			  'k', HELPCTX(ssh_gssapi),
 			  conf_checkbox_handler,
diff --git a/putty.h b/putty.h
index e53adf10..e75d4405 100644
--- a/putty.h
+++ b/putty.h
@@ -271,14 +271,6 @@ enum {
     KEX_DHGEX,
     KEX_RSA,
     KEX_ECDH,
-    /*
-     * KEX_MAX_CONF is a boundary between statically and dynamically configured
-     * KEXes, without creating a gap in the numbering, allowing easy addition
-     * of vaues on either side
-     */
-    KEX_MAX_CONF, KEX_DUMMY = KEX_MAX_CONF-1,
-    /* Kexes from here to KEX_MAX are not explicitly configurable */
-    KEX_GSS_SHA1_K5,
     KEX_MAX
 };
 
diff --git a/settings.c b/settings.c
index 1d8c95d2..901ca015 100644
--- a/settings.c
+++ b/settings.c
@@ -571,7 +571,7 @@ void save_open_settings(void *sesskey, Conf *conf)
     write_setting_i(sesskey, "GssapiFwd", conf_get_int(conf, CONF_gssapifwd));
     write_setting_i(sesskey, "ChangeUsername", conf_get_int(conf, CONF_change_username));
     wprefs(sesskey, "Cipher", ciphernames, CIPHER_MAX, conf, CONF_ssh_cipherlist);
-    wprefs(sesskey, "KEX", kexnames, KEX_MAX_CONF, conf, CONF_ssh_kexlist);
+    wprefs(sesskey, "KEX", kexnames, KEX_MAX, conf, CONF_ssh_kexlist);
     wprefs(sesskey, "HostKey", hknames, HK_MAX, conf, CONF_ssh_hklist);
     write_setting_i(sesskey, "RekeyTime", conf_get_int(conf, CONF_ssh_rekey_time));
     write_setting_i(sesskey, "GssapiRekey", conf_get_int(conf, CONF_gssapirekey));
@@ -953,8 +953,8 @@ void load_open_settings(void *sesskey, Conf *conf)
 	 * over from a pre-commit version of GSS key exchange.
 	 * Mentioned here as it is remotely possible that it will turn
 	 * up in someone's saved settings in future.) */
-	
-        gprefs_from_str(raw, kexnames, KEX_MAX_CONF, conf, CONF_ssh_kexlist);
+
+        gprefs_from_str(raw, kexnames, KEX_MAX, conf, CONF_ssh_kexlist);
 	sfree(raw);
     }
     gprefs(sesskey, "HostKey", "ed25519,ecdsa,rsa,dsa,WARN",
diff --git a/ssh.c b/ssh.c
index f461b5b5..3d35827c 100644
--- a/ssh.c
+++ b/ssh.c
@@ -6534,7 +6534,7 @@ static void do_ssh2_transport(Ssh ssh, const void *vin, int inlen,
         int can_gssapi_keyex;
         int need_gss_transient_hostkey;
         int warned_about_no_gss_transient_hostkey;
-	const struct ssh_kexes *preferred_kex[KEX_MAX];
+        const struct ssh_kexes *preferred_kex[KEX_MAX + 1]; /* +1 for GSSAPI */
 	int n_preferred_hk;
 	int preferred_hk[HK_MAX];
 	int n_preferred_ciphers;
@@ -6645,7 +6645,7 @@ static void do_ssh2_transport(Ssh ssh, const void *vin, int inlen,
 	s->n_preferred_kex = 0;
         if (s->can_gssapi_keyex)
             s->preferred_kex[s->n_preferred_kex++] = &ssh_gssk5_sha1_kex;
-        for (i = 0; i < KEX_MAX_CONF; i++) {
+        for (i = 0; i < KEX_MAX; i++) {
 	    switch (conf_get_int_int(ssh->conf, CONF_ssh_kexlist, i)) {
 	      case KEX_DHGEX:
 		s->preferred_kex[s->n_preferred_kex++] =