* New upstream release (http://www.openssh.com/txt/release-6.1).

- Enable pre-auth sandboxing by default for new installs. - Allow "PermitOpen none" to refuse all port-forwarding requests (closes: #543683).
author: Colin Watson <cjwatson@debian.org> 2012-09-07 00:20:47 +0100
committer: Colin Watson <cjwatson@debian.org> 2012-09-07 00:20:47 +0100
commit: eab78da6a54225de06271d9c8da650f04a55ed88 (patch)
tree: aa258ca77515939f6d89317ff67fbcb0bca08b24 /regress/connect-privsep.sh
parent: a26f5de49df59322fde07f7be91b3e3969c9c238 (diff)
parent: c6a2c0334e45419875687d250aed9bea78480f2e (diff)
1 files changed, 12 insertions, 1 deletions
diff --git a/regress/connect-privsep.sh b/regress/connect-privsep.sh
index 11fb9aef9..94cc64acf 100644
--- a/regress/connect-privsep.sh
+++ b/regress/connect-privsep.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: connect-privsep.sh,v 1.2 2011/06/30 22:44:43 markus Exp $
+#       $OpenBSD: connect-privsep.sh,v 1.4 2012/07/02 14:37:06 dtucker Exp $
 #       Placed in the Public Domain.
 tid="proxy connect with privsep"
@@ -23,3 +23,14 @@ for p in 1 2; do
                warn "ssh privsep/sandbox+proxyconnect protocol $p failed"
        fi
 done
+# Because sandbox is sensitive to changes in libc, especially malloc, retest
+# with every malloc.conf option (and none).
+for m in '' A F G H J P R S X Z '<' '>'; do
+    for p in 1 2; do
+        env MALLOC_OPTIONS="$m" ${SSH} -$p -F $OBJ/ssh_proxy 999.999.999.999 true
+        if [ $? -ne 0 ]; then
+                fail "ssh privsep/sandbox+proxyconnect protocol $p mopt '$m' failed"
+        fi
+    done
+done
author	Colin Watson <cjwatson@debian.org>	2012-09-07 00:20:47 +0100
committer	Colin Watson <cjwatson@debian.org>	2012-09-07 00:20:47 +0100
commit	eab78da6a54225de06271d9c8da650f04a55ed88 (patch)
tree	aa258ca77515939f6d89317ff67fbcb0bca08b24 /regress/connect-privsep.sh
parent	a26f5de49df59322fde07f7be91b3e3969c9c238 (diff)
parent	c6a2c0334e45419875687d250aed9bea78480f2e (diff)

diff --git a/regress/connect-privsep.sh b/regress/connect-privsep.sh index 11fb9aef9..94cc64acf 100644 --- a/regress/connect-privsep.sh +++ b/regress/connect-privsep.sh
@@ -1,4 +1,4 @@
1	# $OpenBSD: connect-privsep.sh,v 1.2 2011/06/30 22:44:43 markus Exp $	1	# $OpenBSD: connect-privsep.sh,v 1.4 2012/07/02 14:37:06 dtucker Exp $
2	# Placed in the Public Domain.	2	# Placed in the Public Domain.
3		3
4	tid="proxy connect with privsep"	4	tid="proxy connect with privsep"
@@ -23,3 +23,14 @@ for p in 1 2; do
23	warn "ssh privsep/sandbox+proxyconnect protocol $p failed"	23	warn "ssh privsep/sandbox+proxyconnect protocol $p failed"
24	fi	24	fi
25	done	25	done
		26
		27	# Because sandbox is sensitive to changes in libc, especially malloc, retest
		28	# with every malloc.conf option (and none).
		29	for m in '' A F G H J P R S X Z '<' '>'; do
		30	for p in 1 2; do
		31	env MALLOC_OPTIONS="$m" ${SSH} -$p -F $OBJ/ssh_proxy 999.999.999.999 true
		32	if [ $? -ne 0 ]; then
		33	fail "ssh privsep/sandbox+proxyconnect protocol $p mopt '$m' failed"
		34	fi
		35	done
		36	done