mirror of
git://anongit.mindrot.org/openssh.git
synced 2024-11-23 18:23:25 +08:00
- dtucker@cvs.openbsd.org 2013/05/17 00:37:40
[regress/agent.sh regress/keytype.sh regress/cfgmatch.sh
regress/forcecommand.sh regress/proto-version.sh regress/test-exec.sh
regress/cipher-speed.sh regress/cert-hostkey.sh regress/cert-userkey.sh
regress/ssh-com.sh]
replace 'echo -n' with 'printf' since it's more portable
also remove "echon" hack.
This commit is contained in:
Darren Tucker
parent
91af05c516
commit
56347efe79
@ -42,6 +42,13 @@
|
||||
- dtucker@cvs.openbsd.org 2013/05/16 05:48:31
|
||||
[regress/rekey.sh]
|
||||
add tests for RekeyLimit parsing
|
||||
- dtucker@cvs.openbsd.org 2013/05/17 00:37:40
|
||||
[regress/agent.sh regress/keytype.sh regress/cfgmatch.sh
|
||||
regress/forcecommand.sh regress/proto-version.sh regress/test-exec.sh
|
||||
regress/cipher-speed.sh regress/cert-hostkey.sh regress/cert-userkey.sh
|
||||
regress/ssh-com.sh]
|
||||
replace 'echo -n' with 'printf' since it's more portable
|
||||
also remove "echon" hack.
|
||||
- (dtucker) [regress/bsd.regress.mk] Remove unused file. We've never used it
|
||||
in portable and it's long gone in openbsd.
|
||||
- (dtucker) [regress/integrity.sh]. Force fixed Diffie-Hellman key exchange
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
# $OpenBSD: agent.sh,v 1.7 2007/11/25 15:35:09 jmc Exp $
|
||||
# $OpenBSD: agent.sh,v 1.8 2013/05/17 00:37:40 dtucker Exp $
|
||||
# Placed in the Public Domain.
|
||||
|
||||
tid="simple agent test"
|
||||
@ -19,7 +19,7 @@ else
|
||||
fail "ssh-add -l did not fail with exit code 1"
|
||||
fi
|
||||
trace "overwrite authorized keys"
|
||||
echon > $OBJ/authorized_keys_$USER
|
||||
printf '' > $OBJ/authorized_keys_$USER
|
||||
for t in rsa rsa1; do
|
||||
# generate user key for agent
|
||||
rm -f $OBJ/$t-agent
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
# $OpenBSD: cert-hostkey.sh,v 1.6 2011/05/20 02:43:36 djm Exp $
|
||||
# $OpenBSD: cert-hostkey.sh,v 1.7 2013/05/17 00:37:40 dtucker Exp $
|
||||
# Placed in the Public Domain.
|
||||
|
||||
tid="certified host keys"
|
||||
@ -18,8 +18,8 @@ HOSTS='localhost-with-alias,127.0.0.1,::1'
|
||||
${SSHKEYGEN} -q -N '' -t rsa -f $OBJ/host_ca_key ||\
|
||||
fail "ssh-keygen of host_ca_key failed"
|
||||
(
|
||||
echon '@cert-authority '
|
||||
echon "$HOSTS "
|
||||
printf '@cert-authority '
|
||||
printf "$HOSTS "
|
||||
cat $OBJ/host_ca_key.pub
|
||||
) > $OBJ/known_hosts-cert
|
||||
|
||||
@ -66,25 +66,25 @@ done
|
||||
|
||||
# Revoked certificates with key present
|
||||
(
|
||||
echon '@cert-authority '
|
||||
echon "$HOSTS "
|
||||
printf '@cert-authority '
|
||||
printf "$HOSTS "
|
||||
cat $OBJ/host_ca_key.pub
|
||||
echon '@revoked '
|
||||
echon "* "
|
||||
printf '@revoked '
|
||||
printf "* "
|
||||
cat $OBJ/cert_host_key_rsa.pub
|
||||
if test "x$TEST_SSH_ECC" = "xyes"; then
|
||||
echon '@revoked '
|
||||
echon "* "
|
||||
printf '@revoked '
|
||||
printf "* "
|
||||
cat $OBJ/cert_host_key_ecdsa.pub
|
||||
fi
|
||||
echon '@revoked '
|
||||
echon "* "
|
||||
printf '@revoked '
|
||||
printf "* "
|
||||
cat $OBJ/cert_host_key_dsa.pub
|
||||
echon '@revoked '
|
||||
echon "* "
|
||||
printf '@revoked '
|
||||
printf "* "
|
||||
cat $OBJ/cert_host_key_rsa_v00.pub
|
||||
echon '@revoked '
|
||||
echon "* "
|
||||
printf '@revoked '
|
||||
printf "* "
|
||||
cat $OBJ/cert_host_key_dsa_v00.pub
|
||||
) > $OBJ/known_hosts-cert
|
||||
for privsep in yes no ; do
|
||||
@ -108,11 +108,11 @@ done
|
||||
|
||||
# Revoked CA
|
||||
(
|
||||
echon '@cert-authority '
|
||||
echon "$HOSTS "
|
||||
printf '@cert-authority '
|
||||
printf "$HOSTS "
|
||||
cat $OBJ/host_ca_key.pub
|
||||
echon '@revoked '
|
||||
echon "* "
|
||||
printf '@revoked '
|
||||
printf "* "
|
||||
cat $OBJ/host_ca_key.pub
|
||||
) > $OBJ/known_hosts-cert
|
||||
for ktype in rsa dsa $ecdsa rsa_v00 dsa_v00 ; do
|
||||
@ -132,8 +132,8 @@ done
|
||||
|
||||
# Create a CA key and add it to known hosts
|
||||
(
|
||||
echon '@cert-authority '
|
||||
echon "$HOSTS "
|
||||
printf '@cert-authority '
|
||||
printf "$HOSTS "
|
||||
cat $OBJ/host_ca_key.pub
|
||||
) > $OBJ/known_hosts-cert
|
||||
|
||||
@ -200,7 +200,7 @@ for v in v01 v00 ; do
|
||||
-n $HOSTS $OBJ/cert_host_key_${ktype} ||
|
||||
fail "couldn't sign cert_host_key_${ktype}"
|
||||
(
|
||||
echon "$HOSTS "
|
||||
printf "$HOSTS "
|
||||
cat $OBJ/cert_host_key_${ktype}.pub
|
||||
) > $OBJ/known_hosts-cert
|
||||
(
|
||||
@ -220,8 +220,8 @@ done
|
||||
|
||||
# Wrong certificate
|
||||
(
|
||||
echon '@cert-authority '
|
||||
echon "$HOSTS "
|
||||
printf '@cert-authority '
|
||||
printf "$HOSTS "
|
||||
cat $OBJ/host_ca_key.pub
|
||||
) > $OBJ/known_hosts-cert
|
||||
for v in v01 v00 ; do
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
# $OpenBSD: cert-userkey.sh,v 1.10 2013/01/18 00:45:29 djm Exp $
|
||||
# $OpenBSD: cert-userkey.sh,v 1.11 2013/05/17 00:37:40 dtucker Exp $
|
||||
# Placed in the Public Domain.
|
||||
|
||||
tid="certified user keys"
|
||||
@ -126,7 +126,7 @@ for ktype in rsa dsa $ecdsa rsa_v00 dsa_v00 ; do
|
||||
# Wrong principals list
|
||||
verbose "$tid: ${_prefix} wrong principals key option"
|
||||
(
|
||||
echon 'cert-authority,principals="gregorsamsa" '
|
||||
printf 'cert-authority,principals="gregorsamsa" '
|
||||
cat $OBJ/user_ca_key.pub
|
||||
) > $OBJ/authorized_keys_$USER
|
||||
${SSH} -2i $OBJ/cert_user_key_${ktype} \
|
||||
@ -138,7 +138,7 @@ for ktype in rsa dsa $ecdsa rsa_v00 dsa_v00 ; do
|
||||
# Correct principals list
|
||||
verbose "$tid: ${_prefix} correct principals key option"
|
||||
(
|
||||
echon 'cert-authority,principals="mekmitasdigoat" '
|
||||
printf 'cert-authority,principals="mekmitasdigoat" '
|
||||
cat $OBJ/user_ca_key.pub
|
||||
) > $OBJ/authorized_keys_$USER
|
||||
${SSH} -2i $OBJ/cert_user_key_${ktype} \
|
||||
@ -154,7 +154,7 @@ basic_tests() {
|
||||
if test "x$auth" = "xauthorized_keys" ; then
|
||||
# Add CA to authorized_keys
|
||||
(
|
||||
echon 'cert-authority '
|
||||
printf 'cert-authority '
|
||||
cat $OBJ/user_ca_key.pub
|
||||
) > $OBJ/authorized_keys_$USER
|
||||
else
|
||||
@ -264,7 +264,7 @@ test_one() {
|
||||
if test "x$auth" = "xauthorized_keys" ; then
|
||||
# Add CA to authorized_keys
|
||||
(
|
||||
echon "cert-authority${auth_opt} "
|
||||
printf "cert-authority${auth_opt} "
|
||||
cat $OBJ/user_ca_key.pub
|
||||
) > $OBJ/authorized_keys_$USER
|
||||
else
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
# $OpenBSD: cfgmatch.sh,v 1.7 2013/04/06 06:00:22 dtucker Exp $
|
||||
# $OpenBSD: cfgmatch.sh,v 1.8 2013/05/17 00:37:40 dtucker Exp $
|
||||
# Placed in the Public Domain.
|
||||
|
||||
tid="sshd_config match"
|
||||
@ -75,9 +75,9 @@ for p in 1 2; do
|
||||
done
|
||||
|
||||
# Retry previous with key option, should also be denied.
|
||||
echon 'permitopen="127.0.0.1:'$PORT'" ' >$OBJ/authorized_keys_$USER
|
||||
printf 'permitopen="127.0.0.1:'$PORT'" ' >$OBJ/authorized_keys_$USER
|
||||
cat $OBJ/rsa.pub >> $OBJ/authorized_keys_$USER
|
||||
echon 'permitopen="127.0.0.1:'$PORT'" ' >>$OBJ/authorized_keys_$USER
|
||||
printf 'permitopen="127.0.0.1:'$PORT'" ' >>$OBJ/authorized_keys_$USER
|
||||
cat $OBJ/rsa1.pub >> $OBJ/authorized_keys_$USER
|
||||
for p in 1 2; do
|
||||
trace "match permitopen proxy w/key opts proto $p"
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
# $OpenBSD: cipher-speed.sh,v 1.7 2013/01/12 11:23:53 djm Exp $
|
||||
# $OpenBSD: cipher-speed.sh,v 1.8 2013/05/17 00:37:40 dtucker Exp $
|
||||
# Placed in the Public Domain.
|
||||
|
||||
tid="cipher speed"
|
||||
|
||||
@ -5,9 +5,9 @@ tid="forced command"
|
||||
|
||||
cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak
|
||||
|
||||
echon 'command="true" ' >$OBJ/authorized_keys_$USER
|
||||
printf 'command="true" ' >$OBJ/authorized_keys_$USER
|
||||
cat $OBJ/rsa.pub >> $OBJ/authorized_keys_$USER
|
||||
echon 'command="true" ' >>$OBJ/authorized_keys_$USER
|
||||
printf 'command="true" ' >>$OBJ/authorized_keys_$USER
|
||||
cat $OBJ/rsa1.pub >> $OBJ/authorized_keys_$USER
|
||||
|
||||
for p in 1 2; do
|
||||
@ -16,9 +16,9 @@ for p in 1 2; do
|
||||
fail "forced command in key proto $p"
|
||||
done
|
||||
|
||||
echon 'command="false" ' >$OBJ/authorized_keys_$USER
|
||||
printf 'command="false" ' >$OBJ/authorized_keys_$USER
|
||||
cat $OBJ/rsa.pub >> $OBJ/authorized_keys_$USER
|
||||
echon 'command="false" ' >>$OBJ/authorized_keys_$USER
|
||||
printf 'command="false" ' >>$OBJ/authorized_keys_$USER
|
||||
cat $OBJ/rsa1.pub >> $OBJ/authorized_keys_$USER
|
||||
|
||||
cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
# $OpenBSD: keytype.sh,v 1.1 2010/09/02 16:12:55 markus Exp $
|
||||
# $OpenBSD: keytype.sh,v 1.2 2013/05/17 00:37:40 dtucker Exp $
|
||||
# Placed in the Public Domain.
|
||||
|
||||
tid="login with different key types"
|
||||
@ -40,7 +40,7 @@ for ut in $ktypes; do
|
||||
echo IdentityFile $OBJ/key.$ut
|
||||
) > $OBJ/ssh_proxy
|
||||
(
|
||||
echon 'localhost-with-alias,127.0.0.1,::1 '
|
||||
printf 'localhost-with-alias,127.0.0.1,::1 '
|
||||
cat $OBJ/key.$ht.pub
|
||||
) > $OBJ/known_hosts
|
||||
cat $OBJ/key.$ut.pub > $OBJ/authorized_keys_$USER
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
# $OpenBSD: proto-version.sh,v 1.3 2002/03/15 13:08:56 markus Exp $
|
||||
# $OpenBSD: proto-version.sh,v 1.4 2013/05/17 00:37:40 dtucker Exp $
|
||||
# Placed in the Public Domain.
|
||||
|
||||
tid="sshd version with different protocol combinations"
|
||||
@ -8,7 +8,7 @@ check_version ()
|
||||
{
|
||||
version=$1
|
||||
expect=$2
|
||||
banner=`echon | ${SSHD} -o "Protocol=${version}" -i -f ${OBJ}/sshd_proxy`
|
||||
banner=`printf '' | ${SSHD} -o "Protocol=${version}" -i -f ${OBJ}/sshd_proxy`
|
||||
case ${banner} in
|
||||
SSH-1.99-*)
|
||||
proto=199
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
# $OpenBSD: ssh-com.sh,v 1.7 2004/02/24 17:06:52 markus Exp $
|
||||
# $OpenBSD: ssh-com.sh,v 1.8 2013/05/17 00:37:40 dtucker Exp $
|
||||
# Placed in the Public Domain.
|
||||
|
||||
tid="connect to ssh.com server"
|
||||
@ -70,7 +70,7 @@ done
|
||||
|
||||
# convert and append DSA hostkey
|
||||
(
|
||||
echon 'ssh2-localhost-with-alias,127.0.0.1,::1 '
|
||||
printf 'ssh2-localhost-with-alias,127.0.0.1,::1 '
|
||||
${SSHKEYGEN} -if ${SRC}/dsa_ssh2.pub
|
||||
) >> $OBJ/known_hosts
|
||||
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
# $OpenBSD: test-exec.sh,v 1.40 2013/04/07 02:16:03 dtucker Exp $
|
||||
# $OpenBSD: test-exec.sh,v 1.41 2013/05/17 00:37:40 dtucker Exp $
|
||||
# Placed in the Public Domain.
|
||||
|
||||
#SUDO=sudo
|
||||
@ -172,18 +172,6 @@ SSH="$SSHLOGWRAP"
|
||||
export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER SCP
|
||||
#echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER $SCP
|
||||
|
||||
# helper
|
||||
echon()
|
||||
{
|
||||
if [ "x`echo -n`" = "x" ]; then
|
||||
echo -n "$@"
|
||||
elif [ "x`echo '\c'`" = "x" ]; then
|
||||
echo "$@\c"
|
||||
else
|
||||
fatal "Don't know how to echo without newline."
|
||||
fi
|
||||
}
|
||||
|
||||
have_prog()
|
||||
{
|
||||
saved_IFS="$IFS"
|
||||
@ -273,7 +261,7 @@ fail ()
|
||||
fatal ()
|
||||
{
|
||||
save_debug_log "FATAL: $@"
|
||||
echo -n "FATAL: "
|
||||
printf "FATAL: "
|
||||
fail "$@"
|
||||
cleanup
|
||||
exit $RESULT
|
||||
@ -360,7 +348,7 @@ for t in rsa rsa1; do
|
||||
|
||||
# known hosts file for client
|
||||
(
|
||||
echon 'localhost-with-alias,127.0.0.1,::1 '
|
||||
printf 'localhost-with-alias,127.0.0.1,::1 '
|
||||
cat $OBJ/$t.pub
|
||||
) >> $OBJ/known_hosts
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user