... and ssh and sshd log wrappers before recreating them. Prevents "can't
create" errors during tests when running tests without SUDO after having
run them with SUDO.
OpenBSD-Regress-ID: 2f0a83532e3dccd673a9bf0291090277268c69a6
The ML-KEM implementation we uses need the compiler to support
C99-style named struct initialisers (e.g foo = {.bar = 1}). We
still support (barely) building OpenSSH with older compilers, so
add a configure test for this.
Also verify that the Cipher or MAC we intended to use is actually the one
selected during the test.
OpenBSD-Regress-ID: ff43fed30552afe23d1364526fe8cf88cbfafe1d
Except where we're explicitly testing a different kex, use
curve25519-sha256 since it's faster than the default and supported even
when configured without OpenSSL. Add a check to ensure that the kex we
intended to test is the one we actually tested. Speeds test up by ~5%.
OpenBSD-Regress-ID: 3b27fcc2ae953cb08fd82a0d3155c498b226d6e0
up tests by about 10% in the common case, hopefully more when instrumented
with something like valgrind.
OpenBSD-Regress-ID: 7bf9292b4803357efcf0baf7cfbdc8521f212da1
Used unless overridden by a command-line flag, which simplifies some of
the ssh command lines.
OpenBSD-Regress-ID: e7cffa57027088e10336e412b34113969f88cb87
All of the rekey tests use it (otherwise the encrypted byte counts would
not match) so this lets us simplify the command lines.
OpenBSD-Regress-ID: dab7ce10f4cf6c68827eb8658141272aab3ea262
curve25519-sha256@libssh.org is the pre-standardization name for the same
thing, so remove it as a duplicate. Speeds up test by a tiny amount.
OpenBSD-Regress-ID: 5a5ee5fa1595a6e140b1cc16040bedf5996a5715
ssh uses the same parsing code, now has "-G" to dump its config and is
slightly faster to start up. This speeds up the test slightly (~5%) in the
common case but should help more during instrumented tests, eg under
valgrind, where startup costs are magnified.
OpenBSD-Regress-ID: 07c3acaf4c728e641033071f4441afc88141b0d0
Unlike earlier versions, recent Dropbear (at least v2024.85) requires
a host arg when querying supported ciphers and macs via "-c/-m
help". Earlier versions accept but do not require it, so always
provide it. If these queries fail, skip the test with a warning.
OpenBSD-Regress-ID: 98eb863a3f0363416922efb273885e6b3c7f68d4
by current OpenSSH. Allows subsequent test runs to work if OpenSSH is
rebuilt w/out OpenSSL.
OpenBSD-Regress-ID: e0129eb2b1d31771105903a8055216fbba20a770
if querying for them fails since on some versions of Dropbear (at least
v2024.85) "-m help" doesn't seem to work. Enable all supported pubkey
algorithms in the server.
OpenBSD-Regress-ID: 4f95556a49ee9f621789f25217c367a33d2745ca
since that's supported by OpenSSH even when built without OpenSSL.
Only test diffie-hellman kex if OpenSSH is compiled with support for it.
OpenBSD-Regress-ID: a5d09ef9bbd171f9e4ec73ed0d9eeb49a8878e97
to always generate ed25519 keys, other types only if OpenSSH has support
for the corresponding key type.
OpenBSD-Regress-ID: 8f91f12604cddb9f8d93aa34f3f93a3f6074395d
enforcement but not penalty expiry, the other tests penalty expiry.
This lets us disable the expiry testing in certain CI test environments.
OpenBSD-Regress-ID: f56811064f3e3cb52ee73a206b8c2a06af1c8791
testing the same key exchange algorithm repeatedly instead of testing all of
them. Spotted by nreilly AT blackberry.com in bz3692
Who broke the test? me.
OpenBSD-Regress-ID: 48f4f5946276f975667141957d25441b3c9a50e2
