diff options
| author | Colin Watson <cjwatson@debian.org> | 2018-08-30 00:58:56 +0100 |
|---|---|---|
| committer | Colin Watson <cjwatson@debian.org> | 2018-10-20 22:54:09 +0100 |
| commit | 1d2a55436d4b556269f42ad5f7e16608b5a8ed74 (patch) | |
| tree | a0e031c2e9ab78b7bc2d8a26b29e74d756ba4926 | |
| parent | 9ce189b9f22890421b7f8d3f49a39186d3ce3e14 (diff) | |
Work around conch interoperability failure
Twisted Conch fails to read private keys in the new format
(https://twistedmatrix.com/trac/ticket/9515). Work around this until it
can be fixed in Twisted.
Forwarded: not-needed
Last-Update: 2018-08-30
Patch-Name: conch-old-privkey-format.patch
| -rw-r--r-- | regress/Makefile | 5 | ||||
| -rw-r--r-- | regress/conch-ciphers.sh | 2 | ||||
| -rw-r--r-- | regress/test-exec.sh | 12 |
3 files changed, 16 insertions, 3 deletions
diff --git a/regress/Makefile b/regress/Makefile index 647b4a049..6e462a4f6 100644 --- a/regress/Makefile +++ b/regress/Makefile | |||
| @@ -110,8 +110,9 @@ CLEANFILES= *.core actual agent-key.* authorized_keys_${USERNAME} \ | |||
| 110 | modpipe netcat no_identity_config \ | 110 | modpipe netcat no_identity_config \ |
| 111 | pidfile putty.rsa2 ready regress.log \ | 111 | pidfile putty.rsa2 ready regress.log \ |
| 112 | remote_pid revoked-* rsa rsa-agent rsa-agent.pub rsa.pub \ | 112 | remote_pid revoked-* rsa rsa-agent rsa-agent.pub rsa.pub \ |
| 113 | rsa1 rsa1-agent rsa1-agent.pub rsa1.pub rsa_ssh2_cr.prv \ | 113 | rsa1 rsa1-agent rsa1-agent.pub rsa1.pub \ |
| 114 | rsa_ssh2_crnl.prv scp-ssh-wrapper.exe \ | 114 | rsa_oldfmt rsa_oldfmt.pub \ |
| 115 | rsa_ssh2_cr.prv rsa_ssh2_crnl.prv scp-ssh-wrapper.exe \ | ||
| 115 | scp-ssh-wrapper.scp setuid-allowed sftp-server.log \ | 116 | scp-ssh-wrapper.scp setuid-allowed sftp-server.log \ |
| 116 | sftp-server.sh sftp.log ssh-log-wrapper.sh ssh.log \ | 117 | sftp-server.sh sftp.log ssh-log-wrapper.sh ssh.log \ |
| 117 | ssh_config ssh_config.* ssh_proxy ssh_proxy_bak \ | 118 | ssh_config ssh_config.* ssh_proxy ssh_proxy_bak \ |
diff --git a/regress/conch-ciphers.sh b/regress/conch-ciphers.sh index 199d863a0..c7df19fd4 100644 --- a/regress/conch-ciphers.sh +++ b/regress/conch-ciphers.sh | |||
| @@ -16,7 +16,7 @@ for c in aes256-ctr aes256-cbc aes192-ctr aes192-cbc aes128-ctr aes128-cbc \ | |||
| 16 | rm -f ${COPY} | 16 | rm -f ${COPY} |
| 17 | # XXX the 2nd "cat" seems to be needed because of buggy FD handling | 17 | # XXX the 2nd "cat" seems to be needed because of buggy FD handling |
| 18 | # in conch | 18 | # in conch |
| 19 | ${CONCH} --identity $OBJ/rsa --port $PORT --user $USER -e none \ | 19 | ${CONCH} --identity $OBJ/rsa_oldfmt --port $PORT --user $USER -e none \ |
| 20 | --known-hosts $OBJ/known_hosts --notty --noagent --nox11 -n \ | 20 | --known-hosts $OBJ/known_hosts --notty --noagent --nox11 -n \ |
| 21 | 127.0.0.1 "cat ${DATA}" 2>/dev/null | cat > ${COPY} | 21 | 127.0.0.1 "cat ${DATA}" 2>/dev/null | cat > ${COPY} |
| 22 | if [ $? -ne 0 ]; then | 22 | if [ $? -ne 0 ]; then |
diff --git a/regress/test-exec.sh b/regress/test-exec.sh index 40d46e3cd..1bbd47f25 100644 --- a/regress/test-exec.sh +++ b/regress/test-exec.sh | |||
| @@ -504,6 +504,18 @@ REGRESS_INTEROP_CONCH=no | |||
| 504 | if test -x "$CONCH" ; then | 504 | if test -x "$CONCH" ; then |
| 505 | REGRESS_INTEROP_CONCH=yes | 505 | REGRESS_INTEROP_CONCH=yes |
| 506 | fi | 506 | fi |
| 507 | case "$SCRIPT" in | ||
| 508 | *conch*) ;; | ||
| 509 | *) REGRESS_INTEROP_CONCH=no | ||
| 510 | esac | ||
| 511 | |||
| 512 | if test "$REGRESS_INTEROP_CONCH" = "yes" ; then | ||
| 513 | # Convert rsa key to old format to work around | ||
| 514 | # https://twistedmatrix.com/trac/ticket/9515 | ||
| 515 | cp $OBJ/rsa $OBJ/rsa_oldfmt | ||
| 516 | cp $OBJ/rsa.pub $OBJ/rsa_oldfmt.pub | ||
| 517 | ${SSHKEYGEN} -p -N '' -m PEM -f $OBJ/rsa_oldfmt >/dev/null | ||
| 518 | fi | ||
| 507 | 519 | ||
| 508 | # If PuTTY is present and we are running a PuTTY test, prepare keys and | 520 | # If PuTTY is present and we are running a PuTTY test, prepare keys and |
| 509 | # configuration | 521 | # configuration |