upstream commit

regress test for ExposeAuthInfo Upstream-Regress-ID: 190e5b6866376f4061c411ab157ca4d4e7ae86fd
author: djm@openbsd.org <djm@openbsd.org> 2017-06-24 06:35:24 +0000
committer: Damien Miller <djm@mindrot.org> 2017-06-24 17:29:55 +1000
commit: c9cdef35524bd59007e17d5bd2502dade69e2dfb (patch)
tree: b38d6b81321f0a4df92745e3f02b3eac7be8b870 /regress
parent: f17ee61cad25d210edab69d04ed447ad55fe80c1 (diff)
2 files changed, 20 insertions, 2 deletions
diff --git a/regress/Makefile b/regress/Makefile
index f968c4161..7d50f9cfa 100644
--- a/regress/Makefile
+++ b/regress/Makefile
@@ -1,4 +1,4 @@
-#       $OpenBSD: Makefile,v 1.94 2016/12/16 03:51:19 dtucker Exp $
+#       $OpenBSD: Makefile,v 1.95 2017/06/24 06:35:24 djm Exp $
 REGRESS_TARGETS=        unit t1 t2 t3 t4 t5 t6 t7 t8 t9 t10 t11 t12 t-exec
 tests:          prep $(REGRESS_TARGETS)
@@ -79,7 +79,8 @@ LTESTS= 	connect \
                principals-command \
                cert-file \
                cfginclude \
-                allow-deny-users
+                allow-deny-users \
+                authinfo
 #               dhgex \
diff --git a/regress/authinfo.sh b/regress/authinfo.sh
new file mode 100644
index 000000000..e725296c9
--- /dev/null
+++ b/regress/authinfo.sh
@@ -0,0 +1,17 @@
+#       $OpenBSD: authinfo.sh,v 1.1 2017/06/24 06:35:24 djm Exp $
+#       Placed in the Public Domain.
+tid="authinfo"
+# Ensure the environment variable doesn't leak when ExposeAuthInfo=no.
+verbose "ExposeAuthInfo=no"
+env SSH_USER_AUTH=blah ${SSH} -F $OBJ/ssh_proxy x \
+        'test -z "$SSH_USER_AUTH"' || fail "SSH_USER_AUTH present"
+verbose "ExposeAuthInfo=yes"
+echo ExposeAuthInfo=yes >> $OBJ/sshd_proxy
+${SSH} -F $OBJ/ssh_proxy x \
+        'grep ^publickey "$SSH_USER_AUTH" /dev/null >/dev/null' ||
+        fail "ssh with ExposeAuthInfo failed"
+# XXX test multiple auth and key contents
author	djm@openbsd.org <djm@openbsd.org>	2017-06-24 06:35:24 +0000
committer	Damien Miller <djm@mindrot.org>	2017-06-24 17:29:55 +1000
commit	c9cdef35524bd59007e17d5bd2502dade69e2dfb (patch)
tree	b38d6b81321f0a4df92745e3f02b3eac7be8b870 /regress
parent	f17ee61cad25d210edab69d04ed447ad55fe80c1 (diff)

diff --git a/regress/Makefile b/regress/Makefile index f968c4161..7d50f9cfa 100644 --- a/regress/Makefile +++ b/regress/Makefile
@@ -1,4 +1,4 @@
1	# $OpenBSD: Makefile,v 1.94 2016/12/16 03:51:19 dtucker Exp $	1	# $OpenBSD: Makefile,v 1.95 2017/06/24 06:35:24 djm Exp $
2		2
3	REGRESS_TARGETS= unit t1 t2 t3 t4 t5 t6 t7 t8 t9 t10 t11 t12 t-exec	3	REGRESS_TARGETS= unit t1 t2 t3 t4 t5 t6 t7 t8 t9 t10 t11 t12 t-exec
4	tests: prep $(REGRESS_TARGETS)	4	tests: prep $(REGRESS_TARGETS)
@@ -79,7 +79,8 @@ LTESTS= connect \
79	principals-command \	79	principals-command \
80	cert-file \	80	cert-file \
81	cfginclude \	81	cfginclude \
82	allow-deny-users	82	allow-deny-users \
		83	authinfo
83		84
84		85
85	# dhgex \	86	# dhgex \


diff --git a/regress/authinfo.sh b/regress/authinfo.sh new file mode 100644 index 000000000..e725296c9 --- /dev/null +++ b/regress/authinfo.sh
@@ -0,0 +1,17 @@
		1	# $OpenBSD: authinfo.sh,v 1.1 2017/06/24 06:35:24 djm Exp $
		2	# Placed in the Public Domain.
		3
		4	tid="authinfo"
		5
		6	# Ensure the environment variable doesn't leak when ExposeAuthInfo=no.
		7	verbose "ExposeAuthInfo=no"
		8	env SSH_USER_AUTH=blah ${SSH} -F $OBJ/ssh_proxy x \
		9	'test -z "$SSH_USER_AUTH"' \|\| fail "SSH_USER_AUTH present"
		10
		11	verbose "ExposeAuthInfo=yes"
		12	echo ExposeAuthInfo=yes >> $OBJ/sshd_proxy
		13	${SSH} -F $OBJ/ssh_proxy x \
		14	'grep ^publickey "$SSH_USER_AUTH" /dev/null >/dev/null' \|\|
		15	fail "ssh with ExposeAuthInfo failed"
		16
		17	# XXX test multiple auth and key contents