summaryrefslogtreecommitdiff
path: root/regress/integrity.sh
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2014-10-07 12:13:50 +0100
committerColin Watson <cjwatson@debian.org>2014-10-07 12:13:50 +0100
commit487bdb3a5ef6075887b830ccb8a0b14f6da78e93 (patch)
treea2cff6fec1e6c4b4153a170a3e172cfe6bfdec46 /regress/integrity.sh
parent796ba4fd011b5d0d9d78d592ba2f30fc9d5ed2e7 (diff)
parent28453d58058a4d60c3ebe7d7f0c31a510cbf6158 (diff)
Import openssh_6.7p1.orig.tar.gz
Diffstat (limited to 'regress/integrity.sh')
-rw-r--r--regress/integrity.sh13
1 files changed, 9 insertions, 4 deletions
diff --git a/regress/integrity.sh b/regress/integrity.sh
index 852d82690..d3a489ff7 100644
--- a/regress/integrity.sh
+++ b/regress/integrity.sh
@@ -1,7 +1,8 @@
1# $OpenBSD: integrity.sh,v 1.12 2013/11/21 03:18:51 djm Exp $ 1# $OpenBSD: integrity.sh,v 1.14 2014/05/21 07:04:21 djm Exp $
2# Placed in the Public Domain. 2# Placed in the Public Domain.
3 3
4tid="integrity" 4tid="integrity"
5cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak
5 6
6# start at byte 2900 (i.e. after kex) and corrupt at different offsets 7# start at byte 2900 (i.e. after kex) and corrupt at different offsets
7# XXX the test hangs if we modify the low bytes of the packet length 8# XXX the test hangs if we modify the low bytes of the packet length
@@ -34,11 +35,15 @@ for m in $macs; do
34 # avoid modifying the high bytes of the length 35 # avoid modifying the high bytes of the length
35 continue 36 continue
36 fi 37 fi
38 cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy
37 # modify output from sshd at offset $off 39 # modify output from sshd at offset $off
38 pxy="proxycommand=$cmd | $OBJ/modpipe -wm xor:$off:1" 40 pxy="proxycommand=$cmd | $OBJ/modpipe -wm xor:$off:1"
39 if ssh -Q cipher-auth | grep "^${m}\$" >/dev/null 2>&1 ; then 41 if ssh -Q cipher-auth | grep "^${m}\$" >/dev/null 2>&1 ; then
42 echo "Ciphers=$m" >> $OBJ/sshd_proxy
40 macopt="-c $m" 43 macopt="-c $m"
41 else 44 else
45 echo "Ciphers=aes128-ctr" >> $OBJ/sshd_proxy
46 echo "MACs=$m" >> $OBJ/sshd_proxy
42 macopt="-m $m -c aes128-ctr" 47 macopt="-m $m -c aes128-ctr"
43 fi 48 fi
44 verbose "test $tid: $m @$off" 49 verbose "test $tid: $m @$off"
@@ -49,14 +54,14 @@ for m in $macs; do
49 fail "ssh -m $m succeeds with bit-flip at $off" 54 fail "ssh -m $m succeeds with bit-flip at $off"
50 fi 55 fi
51 ecnt=`expr $ecnt + 1` 56 ecnt=`expr $ecnt + 1`
52 output=$(tail -2 $TEST_SSH_LOGFILE | egrep -v "^debug" | \ 57 out=$(tail -2 $TEST_SSH_LOGFILE | egrep -v "^debug" | \
53 tr -s '\r\n' '.') 58 tr -s '\r\n' '.')
54 case "$output" in 59 case "$out" in
55 Bad?packet*) elen=`expr $elen + 1`; skip=3;; 60 Bad?packet*) elen=`expr $elen + 1`; skip=3;;
56 Corrupted?MAC* | Decryption?integrity?check?failed*) 61 Corrupted?MAC* | Decryption?integrity?check?failed*)
57 emac=`expr $emac + 1`; skip=0;; 62 emac=`expr $emac + 1`; skip=0;;
58 padding*) epad=`expr $epad + 1`; skip=0;; 63 padding*) epad=`expr $epad + 1`; skip=0;;
59 *) fail "unexpected error mac $m at $off";; 64 *) fail "unexpected error mac $m at $off: $out";;
60 esac 65 esac
61 done 66 done
62 verbose "test $tid: $ecnt errors: mac $emac padding $epad length $elen" 67 verbose "test $tid: $ecnt errors: mac $emac padding $epad length $elen"