diff options
| author | Colin Watson <cjwatson@debian.org> | 2010-03-31 10:46:28 +0100 |
|---|---|---|
| committer | Colin Watson <cjwatson@debian.org> | 2010-03-31 10:46:28 +0100 |
| commit | efd3d4522636ae029488c2e9730b60c88e257d2e (patch) | |
| tree | 31e02ac3f16090ce8c53448677356b2b7f423683 /regress/Makefile | |
| parent | bbec4db36d464ea1d464a707625125f9fd5c7b5e (diff) | |
| parent | d1a87e462e1db89f19cd960588d0c6b287cb5ccc (diff) | |
* New upstream release (LP: #535029).
- After a transition period of about 10 years, this release disables SSH
protocol 1 by default. Clients and servers that need to use the
legacy protocol must explicitly enable it in ssh_config / sshd_config
or on the command-line.
- Remove the libsectok/OpenSC-based smartcard code and add support for
PKCS#11 tokens. This support is enabled by default in the Debian
packaging, since it now doesn't involve additional library
dependencies (closes: #231472, LP: #16918).
- Add support for certificate authentication of users and hosts using a
new, minimal OpenSSH certificate format (closes: #482806).
- Added a 'netcat mode' to ssh(1): "ssh -W host:port ...".
- Add the ability to revoke keys in sshd(8) and ssh(1). (For the Debian
package, this overlaps with the key blacklisting facility added in
openssh 1:4.7p1-9, but with different file formats and slightly
different scopes; for the moment, I've roughly merged the two.)
- Various multiplexing improvements, including support for requesting
port-forwardings via the multiplex protocol (closes: #360151).
- Allow setting an explicit umask on the sftp-server(8) commandline to
override whatever default the user has (closes: #496843).
- Many sftp client improvements, including tab-completion, more options,
and recursive transfer support for get/put (LP: #33378). The old
mget/mput commands never worked properly and have been removed
(closes: #270399, #428082).
- Do not prompt for a passphrase if we fail to open a keyfile, and log
the reason why the open failed to debug (closes: #431538).
- Prevent sftp from crashing when given a "-" without a command. Also,
allow whitespace to follow a "-" (closes: #531561).
Diffstat (limited to 'regress/Makefile')
| -rw-r--r-- | regress/Makefile | 18 |
1 files changed, 13 insertions, 5 deletions
diff --git a/regress/Makefile b/regress/Makefile index 3b8ea245b..d25a64555 100644 --- a/regress/Makefile +++ b/regress/Makefile | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | # $OpenBSD: Makefile,v 1.48 2008/06/28 13:57:25 djm Exp $ | 1 | # $OpenBSD: Makefile,v 1.52 2010/02/26 20:33:21 djm Exp $ |
| 2 | 2 | ||
| 3 | REGRESS_TARGETS= t1 t2 t3 t4 t5 t6 t7 t-exec | 3 | REGRESS_TARGETS= t1 t2 t3 t4 t5 t6 t7 t-exec |
| 4 | tests: $(REGRESS_TARGETS) | 4 | tests: $(REGRESS_TARGETS) |
| @@ -34,6 +34,7 @@ LTESTS= connect \ | |||
| 34 | agent-ptrace \ | 34 | agent-ptrace \ |
| 35 | keyscan \ | 35 | keyscan \ |
| 36 | keygen-change \ | 36 | keygen-change \ |
| 37 | keygen-convert \ | ||
| 37 | key-options \ | 38 | key-options \ |
| 38 | scp \ | 39 | scp \ |
| 39 | sftp \ | 40 | sftp \ |
| @@ -50,7 +51,10 @@ LTESTS= connect \ | |||
| 50 | cfgmatch \ | 51 | cfgmatch \ |
| 51 | addrmatch \ | 52 | addrmatch \ |
| 52 | localcommand \ | 53 | localcommand \ |
| 53 | forcecommand | 54 | forcecommand \ |
| 55 | portnum \ | ||
| 56 | cert-hostkey \ | ||
| 57 | cert-userkey | ||
| 54 | 58 | ||
| 55 | INTEROP_TESTS= putty-transfer putty-ciphers putty-kex conch-ciphers | 59 | INTEROP_TESTS= putty-transfer putty-ciphers putty-kex conch-ciphers |
| 56 | #INTEROP_TESTS+=ssh-com ssh-com-client ssh-com-keygen ssh-com-sftp | 60 | #INTEROP_TESTS+=ssh-com ssh-com-client ssh-com-keygen ssh-com-sftp |
| @@ -64,7 +68,11 @@ CLEANFILES= t2.out t6.out1 t6.out2 t7.out t7.out.pub copy.1 copy.2 \ | |||
| 64 | ls.copy banner.in banner.out empty.in \ | 68 | ls.copy banner.in banner.out empty.in \ |
| 65 | scp-ssh-wrapper.scp ssh_proxy_envpass remote_pid \ | 69 | scp-ssh-wrapper.scp ssh_proxy_envpass remote_pid \ |
| 66 | sshd_proxy_bak rsa_ssh2_cr.prv rsa_ssh2_crnl.prv \ | 70 | sshd_proxy_bak rsa_ssh2_cr.prv rsa_ssh2_crnl.prv \ |
| 67 | putty.rsa2 | 71 | known_hosts-cert host_ca_key* cert_host_key* \ |
| 72 | putty.rsa2 sshd_proxy_orig | ||
| 73 | |||
| 74 | # Enable all malloc(3) randomisations and checks | ||
| 75 | TEST_ENV= "MALLOC_OPTIONS=AFGJPRX" | ||
| 68 | 76 | ||
| 69 | t1: | 77 | t1: |
| 70 | ssh-keygen -if ${.CURDIR}/rsa_ssh2.prv | diff - ${.CURDIR}/rsa_openssh.prv | 78 | ssh-keygen -if ${.CURDIR}/rsa_ssh2.prv | diff - ${.CURDIR}/rsa_openssh.prv |
| @@ -104,13 +112,13 @@ t-exec: ${LTESTS:=.sh} | |||
| 104 | @if [ "x$?" = "x" ]; then exit 0; fi; \ | 112 | @if [ "x$?" = "x" ]; then exit 0; fi; \ |
| 105 | for TEST in ""$?; do \ | 113 | for TEST in ""$?; do \ |
| 106 | echo "run test $${TEST}" ... 1>&2; \ | 114 | echo "run test $${TEST}" ... 1>&2; \ |
| 107 | (env SUDO=${SUDO} sh ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/$${TEST}) || exit $$?; \ | 115 | (env SUDO=${SUDO} TEST_ENV=${TEST_ENV} sh ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/$${TEST}) || exit $$?; \ |
| 108 | done | 116 | done |
| 109 | 117 | ||
| 110 | t-exec-interop: ${INTEROP_TESTS:=.sh} | 118 | t-exec-interop: ${INTEROP_TESTS:=.sh} |
| 111 | @if [ "x$?" = "x" ]; then exit 0; fi; \ | 119 | @if [ "x$?" = "x" ]; then exit 0; fi; \ |
| 112 | for TEST in ""$?; do \ | 120 | for TEST in ""$?; do \ |
| 113 | echo "run test $${TEST}" ... 1>&2; \ | 121 | echo "run test $${TEST}" ... 1>&2; \ |
| 114 | (env SUDO=${SUDO} sh ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/$${TEST}) || exit $$?; \ | 122 | (env SUDO=${SUDO} TEST_ENV=${TEST_ENV} sh ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/$${TEST}) || exit $$?; \ |
| 115 | done | 123 | done |
| 116 | 124 | ||