diff options
author | Colin Watson <cjwatson@debian.org> | 2020-02-21 11:57:14 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2020-02-21 14:27:02 +0000 |
commit | 886e47e745586c34e81cfd5c5fb9b5dbc8e84d04 (patch) | |
tree | dd6c3b4dc64a17c520af7aaf213163f8a0a63e56 /regress/cert-hostkey.sh | |
parent | ac2b4c0697fcac554041ab95f81736887eadf6ec (diff) | |
parent | a2dabf35ce0228c86a288d11cc847a9d9801604f (diff) |
New upstream release (8.2p1)
Diffstat (limited to 'regress/cert-hostkey.sh')
-rw-r--r-- | regress/cert-hostkey.sh | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/regress/cert-hostkey.sh b/regress/cert-hostkey.sh index 844adabcc..097bf8463 100644 --- a/regress/cert-hostkey.sh +++ b/regress/cert-hostkey.sh | |||
@@ -1,4 +1,4 @@ | |||
1 | # $OpenBSD: cert-hostkey.sh,v 1.18 2019/07/25 08:28:15 dtucker Exp $ | 1 | # $OpenBSD: cert-hostkey.sh,v 1.23 2020/01/03 03:02:26 djm Exp $ |
2 | # Placed in the Public Domain. | 2 | # Placed in the Public Domain. |
3 | 3 | ||
4 | tid="certified host keys" | 4 | tid="certified host keys" |
@@ -9,7 +9,7 @@ rm -f $OBJ/cert_host_key* $OBJ/host_krl_* | |||
9 | # Allow all hostkey/pubkey types, prefer certs for the client | 9 | # Allow all hostkey/pubkey types, prefer certs for the client |
10 | rsa=0 | 10 | rsa=0 |
11 | types="" | 11 | types="" |
12 | for i in `$SSH -Q key`; do | 12 | for i in `$SSH -Q key | maybe_filter_sk`; do |
13 | if [ -z "$types" ]; then | 13 | if [ -z "$types" ]; then |
14 | types="$i" | 14 | types="$i" |
15 | continue | 15 | continue |
@@ -70,7 +70,7 @@ touch $OBJ/host_revoked_plain | |||
70 | touch $OBJ/host_revoked_cert | 70 | touch $OBJ/host_revoked_cert |
71 | cat $OBJ/host_ca_key.pub $OBJ/host_ca_key2.pub > $OBJ/host_revoked_ca | 71 | cat $OBJ/host_ca_key.pub $OBJ/host_ca_key2.pub > $OBJ/host_revoked_ca |
72 | 72 | ||
73 | PLAIN_TYPES=`$SSH -Q key-plain | sed 's/^ssh-dss/ssh-dsa/g;s/^ssh-//'` | 73 | PLAIN_TYPES=`echo "$SSH_KEYTYPES" | sed 's/^ssh-dss/ssh-dsa/g;s/^ssh-//'` |
74 | 74 | ||
75 | if echo "$PLAIN_TYPES" | grep '^rsa$' >/dev/null 2>&1 ; then | 75 | if echo "$PLAIN_TYPES" | grep '^rsa$' >/dev/null 2>&1 ; then |
76 | PLAIN_TYPES="$PLAIN_TYPES rsa-sha2-256 rsa-sha2-512" | 76 | PLAIN_TYPES="$PLAIN_TYPES rsa-sha2-256 rsa-sha2-512" |
@@ -131,7 +131,7 @@ attempt_connect() { | |||
131 | } | 131 | } |
132 | 132 | ||
133 | # Basic connect and revocation tests. | 133 | # Basic connect and revocation tests. |
134 | for privsep in yes sandbox ; do | 134 | for privsep in yes ; do |
135 | for ktype in $PLAIN_TYPES ; do | 135 | for ktype in $PLAIN_TYPES ; do |
136 | verbose "$tid: host ${ktype} cert connect privsep $privsep" | 136 | verbose "$tid: host ${ktype} cert connect privsep $privsep" |
137 | ( | 137 | ( |
@@ -169,7 +169,7 @@ for ktype in $PLAIN_TYPES ; do | |||
169 | kh_revoke cert_host_key_${ktype}.pub >> $OBJ/known_hosts-cert.orig | 169 | kh_revoke cert_host_key_${ktype}.pub >> $OBJ/known_hosts-cert.orig |
170 | done | 170 | done |
171 | cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert | 171 | cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert |
172 | for privsep in yes sandbox ; do | 172 | for privsep in yes ; do |
173 | for ktype in $PLAIN_TYPES ; do | 173 | for ktype in $PLAIN_TYPES ; do |
174 | verbose "$tid: host ${ktype} revoked cert privsep $privsep" | 174 | verbose "$tid: host ${ktype} revoked cert privsep $privsep" |
175 | ( | 175 | ( |