Uppity: enable the des-cbc cipher.

There was no way to enable it for testing purposes at all until now.
Overriding the server KEX string to mention it doesn't help when it
was prevented from getting into the list that scan_kexinit_lists will
go through afterwards to find pointers to algorithm structures.

sshserver.c

@@ -216,6 +216,19 @@ void ssh_conn_processed_data(Ssh *ssh)
      * around a peculiarity of the GUI event loop, I haven't yet. */
 }
 
+Conf *make_ssh_server_conf(void)
+{
+    Conf *conf = conf_new();
+    load_open_settings(NULL, conf);
+    /* In Uppity, we support even the legacy des-cbc cipher by
+     * default, so that it will be available if the user forces it by
+     * overriding the KEXINIT strings. If the user wants it _not_
+     * supported, of course, they can override KEXINIT in the other
+     * direction. */
+    conf_set_bool(conf, CONF_ssh2_des_cbc, true);
+    return conf;
+}
+
 static const PlugVtable ssh_server_plugvt = {
     server_socket_log,
     server_closing,

sshserver.h

@@ -119,3 +119,5 @@ int platform_make_x11_server(Plug *plug, const char *progname, int mindisp,
                              const char *screen_number_suffix,
                              ptrlen authproto, ptrlen authdata,
                              Socket **sockets, Conf *conf);
+
+Conf *make_ssh_server_conf(void);

unix/uxserver.c

@@ -489,8 +489,7 @@ int main(int argc, char **argv)
     AuthPolicy ap;
     SshServerConfig ssc;
 
-    Conf *conf = conf_new();
-    load_open_settings(NULL, conf);
+    Conf *conf = make_ssh_server_conf();
 
     ap.kbdint_state = 0;
     ap.ssh1keys = NULL;