diff options
author | Colin Watson <cjwatson@debian.org> | 2019-10-09 22:59:48 +0100 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2019-10-09 23:39:39 +0100 |
commit | 767ee84d3465b6d244a9108de5c167a9ab866df9 (patch) | |
tree | 69b14ef6a62d7f133298a21d2ad6046f130b7801 /regress/cert-userkey.sh | |
parent | ddeaf9ee7d5c6612b88f1c4a83fc6fbccb93bf60 (diff) | |
parent | efef12825b9582c1710da3b7e50135870963d4f4 (diff) |
New upstream release (8.1p1)
Diffstat (limited to 'regress/cert-userkey.sh')
-rw-r--r-- | regress/cert-userkey.sh | 19 |
1 files changed, 15 insertions, 4 deletions
diff --git a/regress/cert-userkey.sh b/regress/cert-userkey.sh index 6849e9922..38c14a698 100644 --- a/regress/cert-userkey.sh +++ b/regress/cert-userkey.sh | |||
@@ -1,4 +1,4 @@ | |||
1 | # $OpenBSD: cert-userkey.sh,v 1.20 2018/10/31 11:09:27 dtucker Exp $ | 1 | # $OpenBSD: cert-userkey.sh,v 1.21 2019/07/25 08:28:15 dtucker Exp $ |
2 | # Placed in the Public Domain. | 2 | # Placed in the Public Domain. |
3 | 3 | ||
4 | tid="certified user keys" | 4 | tid="certified user keys" |
@@ -9,8 +9,10 @@ cp $OBJ/ssh_proxy $OBJ/ssh_proxy_bak | |||
9 | 9 | ||
10 | PLAIN_TYPES=`$SSH -Q key-plain | sed 's/^ssh-dss/ssh-dsa/;s/^ssh-//'` | 10 | PLAIN_TYPES=`$SSH -Q key-plain | sed 's/^ssh-dss/ssh-dsa/;s/^ssh-//'` |
11 | EXTRA_TYPES="" | 11 | EXTRA_TYPES="" |
12 | rsa="" | ||
12 | 13 | ||
13 | if echo "$PLAIN_TYPES" | grep '^rsa$' >/dev/null 2>&1 ; then | 14 | if echo "$PLAIN_TYPES" | grep '^rsa$' >/dev/null 2>&1 ; then |
15 | rsa=rsa | ||
14 | PLAIN_TYPES="$PLAIN_TYPES rsa-sha2-256 rsa-sha2-512" | 16 | PLAIN_TYPES="$PLAIN_TYPES rsa-sha2-256 rsa-sha2-512" |
15 | fi | 17 | fi |
16 | 18 | ||
@@ -20,11 +22,20 @@ kname() { | |||
20 | # subshell because some seds will add a newline | 22 | # subshell because some seds will add a newline |
21 | *) n=$(echo $1 | sed 's/^dsa/ssh-dss/;s/^rsa/ssh-rsa/;s/^ed/ssh-ed/') ;; | 23 | *) n=$(echo $1 | sed 's/^dsa/ssh-dss/;s/^rsa/ssh-rsa/;s/^ed/ssh-ed/') ;; |
22 | esac | 24 | esac |
23 | echo "$n*,ssh-rsa*,ssh-ed25519*" | 25 | if [ -z "$rsa" ]; then |
26 | echo "$n*,ssh-ed25519*" | ||
27 | else | ||
28 | echo "$n*,ssh-rsa*,ssh-ed25519*" | ||
29 | fi | ||
24 | } | 30 | } |
25 | 31 | ||
26 | # Create a CA key | 32 | # Create a CA key |
27 | ${SSHKEYGEN} -q -N '' -t rsa -f $OBJ/user_ca_key ||\ | 33 | if [ ! -z "$rsa" ]; then |
34 | catype=rsa | ||
35 | else | ||
36 | catype=ed25519 | ||
37 | fi | ||
38 | ${SSHKEYGEN} -q -N '' -t $catype -f $OBJ/user_ca_key ||\ | ||
28 | fail "ssh-keygen of user_ca_key failed" | 39 | fail "ssh-keygen of user_ca_key failed" |
29 | 40 | ||
30 | # Generate and sign user keys | 41 | # Generate and sign user keys |
@@ -283,7 +294,7 @@ test_one() { | |||
283 | fi | 294 | fi |
284 | 295 | ||
285 | for auth in $auth_choice ; do | 296 | for auth in $auth_choice ; do |
286 | for ktype in rsa ed25519 ; do | 297 | for ktype in $rsa ed25519 ; do |
287 | cat $OBJ/sshd_proxy_bak > $OBJ/sshd_proxy | 298 | cat $OBJ/sshd_proxy_bak > $OBJ/sshd_proxy |
288 | if test "x$auth" = "xauthorized_keys" ; then | 299 | if test "x$auth" = "xauthorized_keys" ; then |
289 | # Add CA to authorized_keys | 300 | # Add CA to authorized_keys |