diff options
author | Colin Watson <cjwatson@debian.org> | 2012-09-07 00:20:47 +0100 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2012-09-07 00:20:47 +0100 |
commit | eab78da6a54225de06271d9c8da650f04a55ed88 (patch) | |
tree | aa258ca77515939f6d89317ff67fbcb0bca08b24 /regress/connect-privsep.sh | |
parent | a26f5de49df59322fde07f7be91b3e3969c9c238 (diff) | |
parent | c6a2c0334e45419875687d250aed9bea78480f2e (diff) |
* New upstream release (http://www.openssh.com/txt/release-6.1).
- Enable pre-auth sandboxing by default for new installs.
- Allow "PermitOpen none" to refuse all port-forwarding requests
(closes: #543683).
Diffstat (limited to 'regress/connect-privsep.sh')
-rw-r--r-- | regress/connect-privsep.sh | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/regress/connect-privsep.sh b/regress/connect-privsep.sh index 11fb9aef9..94cc64acf 100644 --- a/regress/connect-privsep.sh +++ b/regress/connect-privsep.sh | |||
@@ -1,4 +1,4 @@ | |||
1 | # $OpenBSD: connect-privsep.sh,v 1.2 2011/06/30 22:44:43 markus Exp $ | 1 | # $OpenBSD: connect-privsep.sh,v 1.4 2012/07/02 14:37:06 dtucker Exp $ |
2 | # Placed in the Public Domain. | 2 | # Placed in the Public Domain. |
3 | 3 | ||
4 | tid="proxy connect with privsep" | 4 | tid="proxy connect with privsep" |
@@ -23,3 +23,14 @@ for p in 1 2; do | |||
23 | warn "ssh privsep/sandbox+proxyconnect protocol $p failed" | 23 | warn "ssh privsep/sandbox+proxyconnect protocol $p failed" |
24 | fi | 24 | fi |
25 | done | 25 | done |
26 | |||
27 | # Because sandbox is sensitive to changes in libc, especially malloc, retest | ||
28 | # with every malloc.conf option (and none). | ||
29 | for m in '' A F G H J P R S X Z '<' '>'; do | ||
30 | for p in 1 2; do | ||
31 | env MALLOC_OPTIONS="$m" ${SSH} -$p -F $OBJ/ssh_proxy 999.999.999.999 true | ||
32 | if [ $? -ne 0 ]; then | ||
33 | fail "ssh privsep/sandbox+proxyconnect protocol $p mopt '$m' failed" | ||
34 | fi | ||
35 | done | ||
36 | done | ||