diff options
| author | Colin Watson <cjwatson@debian.org> | 2020-02-21 11:57:14 +0000 |
|---|---|---|
| committer | Colin Watson <cjwatson@debian.org> | 2020-02-21 14:27:02 +0000 |
| commit | 886e47e745586c34e81cfd5c5fb9b5dbc8e84d04 (patch) | |
| tree | dd6c3b4dc64a17c520af7aaf213163f8a0a63e56 /regress/cert-hostkey.sh | |
| parent | ac2b4c0697fcac554041ab95f81736887eadf6ec (diff) | |
| parent | a2dabf35ce0228c86a288d11cc847a9d9801604f (diff) | |
New upstream release (8.2p1)
Diffstat (limited to 'regress/cert-hostkey.sh')
| -rw-r--r-- | regress/cert-hostkey.sh | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/regress/cert-hostkey.sh b/regress/cert-hostkey.sh index 844adabcc..097bf8463 100644 --- a/regress/cert-hostkey.sh +++ b/regress/cert-hostkey.sh | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | # $OpenBSD: cert-hostkey.sh,v 1.18 2019/07/25 08:28:15 dtucker Exp $ | 1 | # $OpenBSD: cert-hostkey.sh,v 1.23 2020/01/03 03:02:26 djm Exp $ |
| 2 | # Placed in the Public Domain. | 2 | # Placed in the Public Domain. |
| 3 | 3 | ||
| 4 | tid="certified host keys" | 4 | tid="certified host keys" |
| @@ -9,7 +9,7 @@ rm -f $OBJ/cert_host_key* $OBJ/host_krl_* | |||
| 9 | # Allow all hostkey/pubkey types, prefer certs for the client | 9 | # Allow all hostkey/pubkey types, prefer certs for the client |
| 10 | rsa=0 | 10 | rsa=0 |
| 11 | types="" | 11 | types="" |
| 12 | for i in `$SSH -Q key`; do | 12 | for i in `$SSH -Q key | maybe_filter_sk`; do |
| 13 | if [ -z "$types" ]; then | 13 | if [ -z "$types" ]; then |
| 14 | types="$i" | 14 | types="$i" |
| 15 | continue | 15 | continue |
| @@ -70,7 +70,7 @@ touch $OBJ/host_revoked_plain | |||
| 70 | touch $OBJ/host_revoked_cert | 70 | touch $OBJ/host_revoked_cert |
| 71 | cat $OBJ/host_ca_key.pub $OBJ/host_ca_key2.pub > $OBJ/host_revoked_ca | 71 | cat $OBJ/host_ca_key.pub $OBJ/host_ca_key2.pub > $OBJ/host_revoked_ca |
| 72 | 72 | ||
| 73 | PLAIN_TYPES=`$SSH -Q key-plain | sed 's/^ssh-dss/ssh-dsa/g;s/^ssh-//'` | 73 | PLAIN_TYPES=`echo "$SSH_KEYTYPES" | sed 's/^ssh-dss/ssh-dsa/g;s/^ssh-//'` |
| 74 | 74 | ||
| 75 | if echo "$PLAIN_TYPES" | grep '^rsa$' >/dev/null 2>&1 ; then | 75 | if echo "$PLAIN_TYPES" | grep '^rsa$' >/dev/null 2>&1 ; then |
| 76 | PLAIN_TYPES="$PLAIN_TYPES rsa-sha2-256 rsa-sha2-512" | 76 | PLAIN_TYPES="$PLAIN_TYPES rsa-sha2-256 rsa-sha2-512" |
| @@ -131,7 +131,7 @@ attempt_connect() { | |||
| 131 | } | 131 | } |
| 132 | 132 | ||
| 133 | # Basic connect and revocation tests. | 133 | # Basic connect and revocation tests. |
| 134 | for privsep in yes sandbox ; do | 134 | for privsep in yes ; do |
| 135 | for ktype in $PLAIN_TYPES ; do | 135 | for ktype in $PLAIN_TYPES ; do |
| 136 | verbose "$tid: host ${ktype} cert connect privsep $privsep" | 136 | verbose "$tid: host ${ktype} cert connect privsep $privsep" |
| 137 | ( | 137 | ( |
| @@ -169,7 +169,7 @@ for ktype in $PLAIN_TYPES ; do | |||
| 169 | kh_revoke cert_host_key_${ktype}.pub >> $OBJ/known_hosts-cert.orig | 169 | kh_revoke cert_host_key_${ktype}.pub >> $OBJ/known_hosts-cert.orig |
| 170 | done | 170 | done |
| 171 | cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert | 171 | cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert |
| 172 | for privsep in yes sandbox ; do | 172 | for privsep in yes ; do |
| 173 | for ktype in $PLAIN_TYPES ; do | 173 | for ktype in $PLAIN_TYPES ; do |
| 174 | verbose "$tid: host ${ktype} revoked cert privsep $privsep" | 174 | verbose "$tid: host ${ktype} revoked cert privsep $privsep" |
| 175 | ( | 175 | ( |