diff options
author | djm@openbsd.org <djm@openbsd.org> | 2019-11-26 23:43:10 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2019-11-27 11:02:49 +1100 |
commit | ad44ca81bea83657d558aaef5a1d789a9032bac3 (patch) | |
tree | c4143c62227e817790c3362d409cdef93b5b52da /regress/test-exec.sh | |
parent | c6efa8a91af1d4fdb43909a23a0a4ffa012155ad (diff) |
upstream: test FIDO2/U2F key types; ok markus@
OpenBSD-Regress-ID: 367e06d5a260407619b4b113ea0bd7004a435474
Diffstat (limited to 'regress/test-exec.sh')
-rw-r--r-- | regress/test-exec.sh | 48 |
1 files changed, 42 insertions, 6 deletions
diff --git a/regress/test-exec.sh b/regress/test-exec.sh index 3f1685bb0..4bf4059fc 100644 --- a/regress/test-exec.sh +++ b/regress/test-exec.sh | |||
@@ -1,4 +1,4 @@ | |||
1 | # $OpenBSD: test-exec.sh,v 1.67 2019/11/01 01:55:41 djm Exp $ | 1 | # $OpenBSD: test-exec.sh,v 1.68 2019/11/26 23:43:10 djm Exp $ |
2 | # Placed in the Public Domain. | 2 | # Placed in the Public Domain. |
3 | 3 | ||
4 | #SUDO=sudo | 4 | #SUDO=sudo |
@@ -128,6 +128,12 @@ if [ "x$TEST_SSH_CONCH" != "x" ]; then | |||
128 | *) CONCH=`which ${TEST_SSH_CONCH} 2>/dev/null` ;; | 128 | *) CONCH=`which ${TEST_SSH_CONCH} 2>/dev/null` ;; |
129 | esac | 129 | esac |
130 | fi | 130 | fi |
131 | if [ "x$TEST_SSH_PKCS11_HELPER" != "x" ]; then | ||
132 | SSH_PKCS11_HELPER="${TEST_SSH_PKCS11_HELPER}" | ||
133 | fi | ||
134 | if [ "x$TEST_SSH_SK_HELPER" != "x" ]; then | ||
135 | SSH_SK_HELPER="${TEST_SSH_SK_HELPER}" | ||
136 | fi | ||
131 | 137 | ||
132 | # Path to sshd must be absolute for rexec | 138 | # Path to sshd must be absolute for rexec |
133 | case "$SSHD" in | 139 | case "$SSHD" in |
@@ -252,6 +258,7 @@ increase_datafile_size() | |||
252 | 258 | ||
253 | # these should be used in tests | 259 | # these should be used in tests |
254 | export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER SCP | 260 | export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER SCP |
261 | export SSH_PKCS11_HELPER SSH_SK_HELPER | ||
255 | #echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER $SCP | 262 | #echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER $SCP |
256 | 263 | ||
257 | # Portable specific functions | 264 | # Portable specific functions |
@@ -475,8 +482,35 @@ fi | |||
475 | 482 | ||
476 | rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER | 483 | rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER |
477 | 484 | ||
478 | SSH_KEYTYPES=`$SSH -Q key-plain | grep -v ^sk` | 485 | SSH_SK_PROVIDER= |
486 | if [ -f "${SRC}/misc/sk-dummy/obj/sk-dummy.so" ] ; then | ||
487 | SSH_SK_PROVIDER="${SRC}/misc/sk-dummy/obj/sk-dummy.so" | ||
488 | elif [ -f "${SRC}/misc/sk-dummy/sk-dummy.so" ] ; then | ||
489 | SSH_SK_PROVIDER="${SRC}/misc/sk-dummy/sk-dummy.so" | ||
490 | fi | ||
491 | export SSH_SK_PROVIDER | ||
492 | |||
493 | if ! test -z "$SSH_SK_PROVIDER"; then | ||
494 | EXTRA_AGENT_ARGS='-P/*' # XXX want realpath(1)... | ||
495 | echo "SecurityKeyProvider $SSH_SK_PROVIDER" >> $OBJ/ssh_config | ||
496 | fi | ||
497 | export EXTRA_AGENT_ARGS | ||
498 | |||
499 | filter_sk() { | ||
500 | grep -v ^sk | ||
501 | } | ||
502 | |||
503 | maybe_filter_sk() { | ||
504 | if test -z "$SSH_SK_PROVIDER" ; then | ||
505 | filter_sk | ||
506 | else | ||
507 | cat | ||
508 | fi | ||
509 | } | ||
479 | 510 | ||
511 | SSH_KEYTYPES=`$SSH -Q key-plain | maybe_filter_sk` | ||
512 | SSH_HOSTKEY_TYPES=`$SSH -Q key-plain | filter_sk` | ||
513 | |||
480 | for t in ${SSH_KEYTYPES}; do | 514 | for t in ${SSH_KEYTYPES}; do |
481 | # generate user key | 515 | # generate user key |
482 | trace "generating key type $t" | 516 | trace "generating key type $t" |
@@ -486,16 +520,18 @@ for t in ${SSH_KEYTYPES}; do | |||
486 | fail "ssh-keygen for $t failed" | 520 | fail "ssh-keygen for $t failed" |
487 | fi | 521 | fi |
488 | 522 | ||
523 | # setup authorized keys | ||
524 | cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER | ||
525 | echo IdentityFile $OBJ/$t >> $OBJ/ssh_config | ||
526 | done | ||
527 | |||
528 | for t in ${SSH_HOSTKEY_TYPES}; do | ||
489 | # known hosts file for client | 529 | # known hosts file for client |
490 | ( | 530 | ( |
491 | printf 'localhost-with-alias,127.0.0.1,::1 ' | 531 | printf 'localhost-with-alias,127.0.0.1,::1 ' |
492 | cat $OBJ/$t.pub | 532 | cat $OBJ/$t.pub |
493 | ) >> $OBJ/known_hosts | 533 | ) >> $OBJ/known_hosts |
494 | 534 | ||
495 | # setup authorized keys | ||
496 | cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER | ||
497 | echo IdentityFile $OBJ/$t >> $OBJ/ssh_config | ||
498 | |||
499 | # use key as host key, too | 535 | # use key as host key, too |
500 | $SUDO cp $OBJ/$t $OBJ/host.$t | 536 | $SUDO cp $OBJ/$t $OBJ/host.$t |
501 | echo HostKey $OBJ/host.$t >> $OBJ/sshd_config | 537 | echo HostKey $OBJ/host.$t >> $OBJ/sshd_config |