diff options
author | Colin Watson <cjwatson@debian.org> | 2018-08-30 00:58:56 +0100 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2019-10-22 11:05:47 +0100 |
commit | bbce4380e516e8bfed1ae09af0bc3661e427794a (patch) | |
tree | f35e7ea458d0519205bb702f20cc92a5b5a82dc2 | |
parent | f0c916d8008c30809fef44469bee1b74426a3071 (diff) |
Work around conch interoperability failure
Twisted Conch fails to read private keys in the new format
(https://twistedmatrix.com/trac/ticket/9515). Work around this until it
can be fixed in Twisted.
Forwarded: not-needed
Last-Update: 2019-10-09
Patch-Name: conch-old-privkey-format.patch
-rw-r--r-- | regress/Makefile | 2 | ||||
-rw-r--r-- | regress/conch-ciphers.sh | 2 | ||||
-rw-r--r-- | regress/test-exec.sh | 12 |
3 files changed, 14 insertions, 2 deletions
diff --git a/regress/Makefile b/regress/Makefile index 34c47e8cb..17e0a06e8 100644 --- a/regress/Makefile +++ b/regress/Makefile | |||
@@ -119,7 +119,7 @@ CLEANFILES= *.core actual agent-key.* authorized_keys_${USERNAME} \ | |||
119 | rsa_ssh2_crnl.prv scp-ssh-wrapper.exe \ | 119 | rsa_ssh2_crnl.prv scp-ssh-wrapper.exe \ |
120 | scp-ssh-wrapper.scp setuid-allowed sftp-server.log \ | 120 | scp-ssh-wrapper.scp setuid-allowed sftp-server.log \ |
121 | sftp-server.sh sftp.log ssh-log-wrapper.sh ssh.log \ | 121 | sftp-server.sh sftp.log ssh-log-wrapper.sh ssh.log \ |
122 | ssh-rsa_oldfmt \ | 122 | ssh-rsa_oldfmt ssh-rsa_oldfmt.pub \ |
123 | ssh_config ssh_config.* ssh_proxy ssh_proxy_bak \ | 123 | ssh_config ssh_config.* ssh_proxy ssh_proxy_bak \ |
124 | ssh_proxy_envpass sshd.log sshd_config sshd_config_minimal \ | 124 | ssh_proxy_envpass sshd.log sshd_config sshd_config_minimal \ |
125 | sshd_config.orig sshd_proxy sshd_proxy.* sshd_proxy_bak \ | 125 | sshd_config.orig sshd_proxy sshd_proxy.* sshd_proxy_bak \ |
diff --git a/regress/conch-ciphers.sh b/regress/conch-ciphers.sh index 6678813a2..6ff5da20b 100644 --- a/regress/conch-ciphers.sh +++ b/regress/conch-ciphers.sh | |||
@@ -16,7 +16,7 @@ for c in aes256-ctr aes256-cbc aes192-ctr aes192-cbc aes128-ctr aes128-cbc \ | |||
16 | rm -f ${COPY} | 16 | rm -f ${COPY} |
17 | # XXX the 2nd "cat" seems to be needed because of buggy FD handling | 17 | # XXX the 2nd "cat" seems to be needed because of buggy FD handling |
18 | # in conch | 18 | # in conch |
19 | ${CONCH} --identity $OBJ/ssh-rsa --port $PORT --user $USER -e none \ | 19 | ${CONCH} --identity $OBJ/ssh-rsa_oldfmt --port $PORT --user $USER -e none \ |
20 | --known-hosts $OBJ/known_hosts --notty --noagent --nox11 -n \ | 20 | --known-hosts $OBJ/known_hosts --notty --noagent --nox11 -n \ |
21 | 127.0.0.1 "cat ${DATA}" 2>/dev/null | cat > ${COPY} | 21 | 127.0.0.1 "cat ${DATA}" 2>/dev/null | cat > ${COPY} |
22 | if [ $? -ne 0 ]; then | 22 | if [ $? -ne 0 ]; then |
diff --git a/regress/test-exec.sh b/regress/test-exec.sh index 508b93284..5e48bfbe3 100644 --- a/regress/test-exec.sh +++ b/regress/test-exec.sh | |||
@@ -510,6 +510,18 @@ REGRESS_INTEROP_CONCH=no | |||
510 | if test -x "$CONCH" ; then | 510 | if test -x "$CONCH" ; then |
511 | REGRESS_INTEROP_CONCH=yes | 511 | REGRESS_INTEROP_CONCH=yes |
512 | fi | 512 | fi |
513 | case "$SCRIPT" in | ||
514 | *conch*) ;; | ||
515 | *) REGRESS_INTEROP_CONCH=no | ||
516 | esac | ||
517 | |||
518 | if test "$REGRESS_INTEROP_CONCH" = "yes" ; then | ||
519 | # Convert rsa key to old format to work around | ||
520 | # https://twistedmatrix.com/trac/ticket/9515 | ||
521 | cp $OBJ/ssh-rsa $OBJ/ssh-rsa_oldfmt | ||
522 | cp $OBJ/ssh-rsa.pub $OBJ/ssh-rsa_oldfmt.pub | ||
523 | ${SSHKEYGEN} -p -N '' -m PEM -f $OBJ/ssh-rsa_oldfmt >/dev/null | ||
524 | fi | ||
513 | 525 | ||
514 | # If PuTTY is present and we are running a PuTTY test, prepare keys and | 526 | # If PuTTY is present and we are running a PuTTY test, prepare keys and |
515 | # configuration | 527 | # configuration |