upstream: test security key host keys in addition to user keys

OpenBSD-Regress-ID: 9fb45326106669a27e4bf150575c321806e275b1
author: djm@openbsd.org <djm@openbsd.org> 2019-12-16 02:39:05 +0000
committer: Damien Miller <djm@mindrot.org> 2019-12-21 13:35:42 +1100
commit: e5b7cf8edca7e843adc125621e1dab14507f430a (patch)
tree: 3b7fd4a0558e25b422d64b341f8c5fd50d15c013 /regress/cert-hostkey.sh
parent: 40be78f503277bd91c958fa25ea9ef918a2ffd3d (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/regress/cert-hostkey.sh b/regress/cert-hostkey.sh
index 67a9795d0..95d7c176a 100644
--- a/regress/cert-hostkey.sh
+++ b/regress/cert-hostkey.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: cert-hostkey.sh,v 1.21 2019/12/11 18:47:14 djm Exp $
+#       $OpenBSD: cert-hostkey.sh,v 1.22 2019/12/16 02:39:05 djm Exp $
 #       Placed in the Public Domain.
 tid="certified host keys"
@@ -9,7 +9,7 @@ rm -f $OBJ/cert_host_key* $OBJ/host_krl_*
 # Allow all hostkey/pubkey types, prefer certs for the client
 rsa=0
 types=""
-for i in `$SSH -Q key | filter_sk`; do
+for i in `$SSH -Q key | maybe_filter_sk`; do
        if [ -z "$types" ]; then
                types="$i"
                continue
@@ -70,7 +70,7 @@ touch $OBJ/host_revoked_plain
 touch $OBJ/host_revoked_cert
 cat $OBJ/host_ca_key.pub $OBJ/host_ca_key2.pub > $OBJ/host_revoked_ca
-PLAIN_TYPES=`$SSH -Q key-plain  | filter_sk | sed 's/^ssh-dss/ssh-dsa/g;s/^ssh-//'`
+PLAIN_TYPES=`echo "$SSH_KEYTYPES" | sed 's/^ssh-dss/ssh-dsa/g;s/^ssh-//'`
 if echo "$PLAIN_TYPES" | grep '^rsa$' >/dev/null 2>&1 ; then
        PLAIN_TYPES="$PLAIN_TYPES rsa-sha2-256 rsa-sha2-512"
author	djm@openbsd.org <djm@openbsd.org>	2019-12-16 02:39:05 +0000
committer	Damien Miller <djm@mindrot.org>	2019-12-21 13:35:42 +1100
commit	e5b7cf8edca7e843adc125621e1dab14507f430a (patch)
tree	3b7fd4a0558e25b422d64b341f8c5fd50d15c013 /regress/cert-hostkey.sh
parent	40be78f503277bd91c958fa25ea9ef918a2ffd3d (diff)

diff --git a/regress/cert-hostkey.sh b/regress/cert-hostkey.sh index 67a9795d0..95d7c176a 100644 --- a/regress/cert-hostkey.sh +++ b/regress/cert-hostkey.sh
@@ -1,4 +1,4 @@
1	# $OpenBSD: cert-hostkey.sh,v 1.21 2019/12/11 18:47:14 djm Exp $	1	# $OpenBSD: cert-hostkey.sh,v 1.22 2019/12/16 02:39:05 djm Exp $
2	# Placed in the Public Domain.	2	# Placed in the Public Domain.
3		3
4	tid="certified host keys"	4	tid="certified host keys"
@@ -9,7 +9,7 @@ rm -f $OBJ/cert_host_key* $OBJ/host_krl_*
9	# Allow all hostkey/pubkey types, prefer certs for the client	9	# Allow all hostkey/pubkey types, prefer certs for the client
10	rsa=0	10	rsa=0
11	types=""	11	types=""
12	for i in `$SSH -Q key \| filter_sk`; do	12	for i in `$SSH -Q key \| maybe_filter_sk`; do
13	if [ -z "$types" ]; then	13	if [ -z "$types" ]; then
14	types="$i"	14	types="$i"
15	continue	15	continue
@@ -70,7 +70,7 @@ touch $OBJ/host_revoked_plain
70	touch $OBJ/host_revoked_cert	70	touch $OBJ/host_revoked_cert
71	cat $OBJ/host_ca_key.pub $OBJ/host_ca_key2.pub > $OBJ/host_revoked_ca	71	cat $OBJ/host_ca_key.pub $OBJ/host_ca_key2.pub > $OBJ/host_revoked_ca
72		72
73	PLAIN_TYPES=`$SSH -Q key-plain \| filter_sk \| sed 's/^ssh-dss/ssh-dsa/g;s/^ssh-//'`	73	PLAIN_TYPES=`echo "$SSH_KEYTYPES" \| sed 's/^ssh-dss/ssh-dsa/g;s/^ssh-//'`
74		74
75	if echo "$PLAIN_TYPES" \| grep '^rsa$' >/dev/null 2>&1 ; then	75	if echo "$PLAIN_TYPES" \| grep '^rsa$' >/dev/null 2>&1 ; then
76	PLAIN_TYPES="$PLAIN_TYPES rsa-sha2-256 rsa-sha2-512"	76	PLAIN_TYPES="$PLAIN_TYPES rsa-sha2-256 rsa-sha2-512"