diff options
author | Colin Watson <cjwatson@debian.org> | 2014-10-07 12:13:50 +0100 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2014-10-07 12:13:50 +0100 |
commit | 487bdb3a5ef6075887b830ccb8a0b14f6da78e93 (patch) | |
tree | a2cff6fec1e6c4b4153a170a3e172cfe6bfdec46 /regress/integrity.sh | |
parent | 796ba4fd011b5d0d9d78d592ba2f30fc9d5ed2e7 (diff) | |
parent | 28453d58058a4d60c3ebe7d7f0c31a510cbf6158 (diff) |
Import openssh_6.7p1.orig.tar.gz
Diffstat (limited to 'regress/integrity.sh')
-rw-r--r-- | regress/integrity.sh | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/regress/integrity.sh b/regress/integrity.sh index 852d82690..d3a489ff7 100644 --- a/regress/integrity.sh +++ b/regress/integrity.sh | |||
@@ -1,7 +1,8 @@ | |||
1 | # $OpenBSD: integrity.sh,v 1.12 2013/11/21 03:18:51 djm Exp $ | 1 | # $OpenBSD: integrity.sh,v 1.14 2014/05/21 07:04:21 djm Exp $ |
2 | # Placed in the Public Domain. | 2 | # Placed in the Public Domain. |
3 | 3 | ||
4 | tid="integrity" | 4 | tid="integrity" |
5 | cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak | ||
5 | 6 | ||
6 | # start at byte 2900 (i.e. after kex) and corrupt at different offsets | 7 | # start at byte 2900 (i.e. after kex) and corrupt at different offsets |
7 | # XXX the test hangs if we modify the low bytes of the packet length | 8 | # XXX the test hangs if we modify the low bytes of the packet length |
@@ -34,11 +35,15 @@ for m in $macs; do | |||
34 | # avoid modifying the high bytes of the length | 35 | # avoid modifying the high bytes of the length |
35 | continue | 36 | continue |
36 | fi | 37 | fi |
38 | cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy | ||
37 | # modify output from sshd at offset $off | 39 | # modify output from sshd at offset $off |
38 | pxy="proxycommand=$cmd | $OBJ/modpipe -wm xor:$off:1" | 40 | pxy="proxycommand=$cmd | $OBJ/modpipe -wm xor:$off:1" |
39 | if ssh -Q cipher-auth | grep "^${m}\$" >/dev/null 2>&1 ; then | 41 | if ssh -Q cipher-auth | grep "^${m}\$" >/dev/null 2>&1 ; then |
42 | echo "Ciphers=$m" >> $OBJ/sshd_proxy | ||
40 | macopt="-c $m" | 43 | macopt="-c $m" |
41 | else | 44 | else |
45 | echo "Ciphers=aes128-ctr" >> $OBJ/sshd_proxy | ||
46 | echo "MACs=$m" >> $OBJ/sshd_proxy | ||
42 | macopt="-m $m -c aes128-ctr" | 47 | macopt="-m $m -c aes128-ctr" |
43 | fi | 48 | fi |
44 | verbose "test $tid: $m @$off" | 49 | verbose "test $tid: $m @$off" |
@@ -49,14 +54,14 @@ for m in $macs; do | |||
49 | fail "ssh -m $m succeeds with bit-flip at $off" | 54 | fail "ssh -m $m succeeds with bit-flip at $off" |
50 | fi | 55 | fi |
51 | ecnt=`expr $ecnt + 1` | 56 | ecnt=`expr $ecnt + 1` |
52 | output=$(tail -2 $TEST_SSH_LOGFILE | egrep -v "^debug" | \ | 57 | out=$(tail -2 $TEST_SSH_LOGFILE | egrep -v "^debug" | \ |
53 | tr -s '\r\n' '.') | 58 | tr -s '\r\n' '.') |
54 | case "$output" in | 59 | case "$out" in |
55 | Bad?packet*) elen=`expr $elen + 1`; skip=3;; | 60 | Bad?packet*) elen=`expr $elen + 1`; skip=3;; |
56 | Corrupted?MAC* | Decryption?integrity?check?failed*) | 61 | Corrupted?MAC* | Decryption?integrity?check?failed*) |
57 | emac=`expr $emac + 1`; skip=0;; | 62 | emac=`expr $emac + 1`; skip=0;; |
58 | padding*) epad=`expr $epad + 1`; skip=0;; | 63 | padding*) epad=`expr $epad + 1`; skip=0;; |
59 | *) fail "unexpected error mac $m at $off";; | 64 | *) fail "unexpected error mac $m at $off: $out";; |
60 | esac | 65 | esac |
61 | done | 66 | done |
62 | verbose "test $tid: $ecnt errors: mac $emac padding $epad length $elen" | 67 | verbose "test $tid: $ecnt errors: mac $emac padding $epad length $elen" |