upstream commit

Adapt tests, now that DSA if off by default; use PubkeyAcceptedKeyTypes and PubkeyAcceptedKeyTypes to test DSA. Upstream-Regress-ID: 0ff2a3ff5ac1ce5f92321d27aa07b98656efcc5c
author: markus@openbsd.org <markus@openbsd.org> 2015-07-10 06:23:25 +0000
committer: Damien Miller <djm@mindrot.org> 2015-07-15 16:04:27 +1000
commit: 5bf0933184cb622ca3f96d224bf3299fd2285acc (patch)
tree: 18ad0591b04a1ff98bb69265e04bc7c5b961533e /regress/cert-hostkey.sh
parent: 7a6e3fd7b41dbd3756b6bf9acd67954c0b1564cc (diff)
1 files changed, 22 insertions, 1 deletions
diff --git a/regress/cert-hostkey.sh b/regress/cert-hostkey.sh
index c99c2b1c3..3f53922c8 100644
--- a/regress/cert-hostkey.sh
+++ b/regress/cert-hostkey.sh
@@ -1,11 +1,32 @@
-#       $OpenBSD: cert-hostkey.sh,v 1.12 2015/07/03 04:39:23 djm Exp $
+#       $OpenBSD: cert-hostkey.sh,v 1.13 2015/07/10 06:23:25 markus Exp $
 #       Placed in the Public Domain.
 tid="certified host keys"
 rm -f $OBJ/known_hosts-cert* $OBJ/host_ca_key* $OBJ/host_revoked_*
 rm -f $OBJ/cert_host_key* $OBJ/host_krl_*
+# Allow all hostkey/pubkey types, prefer certs for the client
+types=""
+for i in `$SSH -Q key`; do
+        if [ -z "$types" ]; then
+                types="$i"
+                continue
+        fi
+        case "$i" in
+        *cert*) types="$i,$types";;
+        *)      types="$types,$i";;
+        esac
+done
+(
+        echo "HostKeyAlgorithms ${types}"
+        echo "PubkeyAcceptedKeyTypes *"
+) >> $OBJ/ssh_proxy
 cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak
+(
+        echo "HostKeyAlgorithms *"
+        echo "PubkeyAcceptedKeyTypes *"
+) >> $OBJ/sshd_proxy_bak
 HOSTS='localhost-with-alias,127.0.0.1,::1'
author	markus@openbsd.org <markus@openbsd.org>	2015-07-10 06:23:25 +0000
committer	Damien Miller <djm@mindrot.org>	2015-07-15 16:04:27 +1000
commit	5bf0933184cb622ca3f96d224bf3299fd2285acc (patch)
tree	18ad0591b04a1ff98bb69265e04bc7c5b961533e /regress/cert-hostkey.sh
parent	7a6e3fd7b41dbd3756b6bf9acd67954c0b1564cc (diff)

diff --git a/regress/cert-hostkey.sh b/regress/cert-hostkey.sh index c99c2b1c3..3f53922c8 100644 --- a/regress/cert-hostkey.sh +++ b/regress/cert-hostkey.sh
@@ -1,11 +1,32 @@
1	# $OpenBSD: cert-hostkey.sh,v 1.12 2015/07/03 04:39:23 djm Exp $	1	# $OpenBSD: cert-hostkey.sh,v 1.13 2015/07/10 06:23:25 markus Exp $
2	# Placed in the Public Domain.	2	# Placed in the Public Domain.
3		3
4	tid="certified host keys"	4	tid="certified host keys"
5		5
6	rm -f $OBJ/known_hosts-cert* $OBJ/host_ca_key* $OBJ/host_revoked_*	6	rm -f $OBJ/known_hosts-cert* $OBJ/host_ca_key* $OBJ/host_revoked_*
7	rm -f $OBJ/cert_host_key* $OBJ/host_krl_*	7	rm -f $OBJ/cert_host_key* $OBJ/host_krl_*
		8
		9	# Allow all hostkey/pubkey types, prefer certs for the client
		10	types=""
		11	for i in `$SSH -Q key`; do
		12	if [ -z "$types" ]; then
		13	types="$i"
		14	continue
		15	fi
		16	case "$i" in
		17	cert) types="$i,$types";;
		18	*) types="$types,$i";;
		19	esac
		20	done
		21	(
		22	echo "HostKeyAlgorithms ${types}"
		23	echo "PubkeyAcceptedKeyTypes *"
		24	) >> $OBJ/ssh_proxy
8	cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak	25	cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak
		26	(
		27	echo "HostKeyAlgorithms *"
		28	echo "PubkeyAcceptedKeyTypes *"
		29	) >> $OBJ/sshd_proxy_bak
9		30
10	HOSTS='localhost-with-alias,127.0.0.1,::1'	31	HOSTS='localhost-with-alias,127.0.0.1,::1'
11		32