upstream commit

make it possible to run tests w/o ssh1 support; ok djm@
author: markus@openbsd.org <markus@openbsd.org> 2015-03-03 22:35:19 +0000
committer: Damien Miller <djm@mindrot.org> 2015-03-05 05:59:47 +1100
commit: dad2b1892b4c1b7e58df483a8c5b983c4454e099 (patch)
tree: fa461e273ef92414c934a88cc88b2875032e616f /regress
parent: d48a22601bdd3eec054794c535f4ae8d8ae4c6e2 (diff)
27 files changed, 139 insertions, 90 deletions
diff --git a/regress/agent-timeout.sh b/regress/agent-timeout.sh
index 68826594e..9598c2032 100644
--- a/regress/agent-timeout.sh
+++ b/regress/agent-timeout.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: agent-timeout.sh,v 1.2 2013/05/17 01:16:09 dtucker Exp $
+#       $OpenBSD: agent-timeout.sh,v 1.3 2015/03/03 22:35:19 markus Exp $
 #       Placed in the Public Domain.
 tid="agent timeout test"
@@ -12,7 +12,7 @@ if [ $r -ne 0 ]; then
        fail "could not start ssh-agent: exit code $r"
 else
        trace "add keys with timeout"
-        for t in rsa rsa1; do
+        for t in ${SSH_KEYTYPES}; do
                ${SSHADD} -t ${SSHAGENT_TIMEOUT} $OBJ/$t > /dev/null 2>&1
                if [ $? -ne 0 ]; then
                        fail "ssh-add did succeed exit code 0"
diff --git a/regress/agent.sh b/regress/agent.sh
index caad3c88e..c5e2794b7 100644
--- a/regress/agent.sh
+++ b/regress/agent.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: agent.sh,v 1.10 2014/02/27 21:21:25 djm Exp $
+#       $OpenBSD: agent.sh,v 1.11 2015/03/03 22:35:19 markus Exp $
 #       Placed in the Public Domain.
 tid="simple agent test"
@@ -20,7 +20,7 @@ else
        fi
        trace "overwrite authorized keys"
        printf '' > $OBJ/authorized_keys_$USER
-        for t in ed25519 rsa rsa1; do
+        for t in ${SSH_KEYTYPES}; do
                # generate user key for agent
                rm -f $OBJ/$t-agent
                ${SSHKEYGEN} -q -N '' -t $t -f $OBJ/$t-agent ||\
@@ -46,7 +46,7 @@ else
        fi
        trace "simple connect via agent"
-        for p in 1 2; do
+        for p in ${SSH_PROTOCOLS}; do
                ${SSH} -$p -F $OBJ/ssh_proxy somehost exit 5$p
                r=$?
                if [ $r -ne 5$p ]; then
@@ -55,7 +55,7 @@ else
        done
        trace "agent forwarding"
-        for p in 1 2; do
+        for p in ${SSH_PROTOCOLS}; do
                ${SSH} -A -$p -F $OBJ/ssh_proxy somehost ${SSHADD} -l > /dev/null 2>&1
                r=$?
                if [ $r -ne 0 ]; then
diff --git a/regress/broken-pipe.sh b/regress/broken-pipe.sh
index c08c849a7..a416f7a3b 100644
--- a/regress/broken-pipe.sh
+++ b/regress/broken-pipe.sh
@@ -1,9 +1,9 @@
-#       $OpenBSD: broken-pipe.sh,v 1.4 2002/03/15 13:08:56 markus Exp $
+#       $OpenBSD: broken-pipe.sh,v 1.5 2015/03/03 22:35:19 markus Exp $
 #       Placed in the Public Domain.
 tid="broken pipe test"
-for p in 1 2; do
+for p in ${SSH_PROTOCOLS}; do
        trace "protocol $p"
        for i in 1 2 3 4; do
                ${SSH} -$p -F $OBJ/ssh_config_config nexthost echo $i 2> /dev/null | true
diff --git a/regress/cfgmatch.sh b/regress/cfgmatch.sh
index 80cf22930..056296398 100644
--- a/regress/cfgmatch.sh
+++ b/regress/cfgmatch.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: cfgmatch.sh,v 1.8 2013/05/17 00:37:40 dtucker Exp $
+#       $OpenBSD: cfgmatch.sh,v 1.9 2015/03/03 22:35:19 markus Exp $
 #       Placed in the Public Domain.
 tid="sshd_config match"
@@ -56,7 +56,7 @@ start_sshd
 #set -x
 # Test Match + PermitOpen in sshd_config.  This should be permitted
-for p in 1 2; do
+for p in ${SSH_PROTOCOLS}; do
        trace "match permitopen localhost proto $p"
        start_client -F $OBJ/ssh_config
        ${SSH} -q -$p -p $fwdport -F $OBJ/ssh_config somehost true || \
@@ -65,7 +65,7 @@ for p in 1 2; do
 done
 # Same but from different source.  This should not be permitted
-for p in 1 2; do
+for p in ${SSH_PROTOCOLS}; do
        trace "match permitopen proxy proto $p"
        start_client -F $OBJ/ssh_proxy
        ${SSH} -q -$p -p $fwdport -F $OBJ/ssh_config somehost true && \
@@ -74,11 +74,12 @@ for p in 1 2; do
 done
 # Retry previous with key option, should also be denied.
-printf 'permitopen="127.0.0.1:'$PORT'" ' >$OBJ/authorized_keys_$USER
+cp /dev/null $OBJ/authorized_keys_$USER
-cat $OBJ/rsa.pub >> $OBJ/authorized_keys_$USER
+for t in ${SSH_KEYTYPES}; do
-printf 'permitopen="127.0.0.1:'$PORT'" ' >>$OBJ/authorized_keys_$USER
+        printf 'permitopen="127.0.0.1:'$PORT'" ' >> $OBJ/authorized_keys_$USER
-cat $OBJ/rsa1.pub >> $OBJ/authorized_keys_$USER
+        cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
-for p in 1 2; do
+done
+for p in ${SSH_PROTOCOLS}; do
        trace "match permitopen proxy w/key opts proto $p"
        start_client -F $OBJ/ssh_proxy
        ${SSH} -q -$p -p $fwdport -F $OBJ/ssh_config somehost true && \
@@ -88,7 +89,7 @@ done
 # Test both sshd_config and key options permitting the same dst/port pair.
 # Should be permitted.
-for p in 1 2; do
+for p in ${SSH_PROTOCOLS}; do
        trace "match permitopen localhost proto $p"
        start_client -F $OBJ/ssh_config
        ${SSH} -q -$p -p $fwdport -F $OBJ/ssh_config somehost true || \
@@ -102,7 +103,7 @@ echo "Match User $USER" >>$OBJ/sshd_proxy
 echo "PermitOpen 127.0.0.1:1 127.0.0.1:2" >>$OBJ/sshd_proxy
 # Test that a Match overrides a PermitOpen in the global section
-for p in 1 2; do
+for p in ${SSH_PROTOCOLS}; do
        trace "match permitopen proxy w/key opts proto $p"
        start_client -F $OBJ/ssh_proxy
        ${SSH} -q -$p -p $fwdport -F $OBJ/ssh_config somehost true && \
@@ -117,7 +118,7 @@ echo "PermitOpen 127.0.0.1:1 127.0.0.1:2" >>$OBJ/sshd_proxy
 # Test that a rule that doesn't match doesn't override, plus test a
 # PermitOpen entry that's not at the start of the list
-for p in 1 2; do
+for p in ${SSH_PROTOCOLS}; do
        trace "nomatch permitopen proxy w/key opts proto $p"
        start_client -F $OBJ/ssh_proxy
        ${SSH} -q -$p -p $fwdport -F $OBJ/ssh_config somehost true || \
diff --git a/regress/cipher-speed.sh b/regress/cipher-speed.sh
index a6d53a78d..ad2f9b90b 100644
--- a/regress/cipher-speed.sh
+++ b/regress/cipher-speed.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: cipher-speed.sh,v 1.11 2013/11/21 03:18:51 djm Exp $
+#       $OpenBSD: cipher-speed.sh,v 1.12 2015/03/03 22:35:19 markus Exp $
 #       Placed in the Public Domain.
 tid="cipher speed"
@@ -31,7 +31,11 @@ for c in `${SSH} -Q cipher`; do n=0; for m in `${SSH} -Q mac`; do
        n=`expr $n + 1`
 done; done
-ciphers="3des blowfish"
+if ssh_version 1; then
+        ciphers="3des blowfish"
+else
+        ciphers=""
+fi
 for c in $ciphers; do
        trace "proto 1 cipher $c"
        for x in $tries; do
diff --git a/regress/connect-privsep.sh b/regress/connect-privsep.sh
index 41cb7af69..9a51f5690 100644
--- a/regress/connect-privsep.sh
+++ b/regress/connect-privsep.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: connect-privsep.sh,v 1.5 2014/05/04 10:40:59 logan Exp $
+#       $OpenBSD: connect-privsep.sh,v 1.6 2015/03/03 22:35:19 markus Exp $
 #       Placed in the Public Domain.
 tid="proxy connect with privsep"
@@ -6,7 +6,7 @@ tid="proxy connect with privsep"
 cp $OBJ/sshd_proxy $OBJ/sshd_proxy.orig
 echo 'UsePrivilegeSeparation yes' >> $OBJ/sshd_proxy
-for p in 1 2; do
+for p in ${SSH_PROTOCOLS}; do
        ${SSH} -$p -F $OBJ/ssh_proxy 999.999.999.999 true
        if [ $? -ne 0 ]; then
                fail "ssh privsep+proxyconnect protocol $p failed"
@@ -16,7 +16,7 @@ done
 cp $OBJ/sshd_proxy.orig $OBJ/sshd_proxy
 echo 'UsePrivilegeSeparation sandbox' >> $OBJ/sshd_proxy
-for p in 1 2; do
+for p in ${SSH_PROTOCOLS}; do
        ${SSH} -$p -F $OBJ/ssh_proxy 999.999.999.999 true
        if [ $? -ne 0 ]; then
                # XXX replace this with fail once sandbox has stabilised
@@ -27,7 +27,7 @@ done
 # Because sandbox is sensitive to changes in libc, especially malloc, retest
 # with every malloc.conf option (and none).
 for m in '' A F G H J P R S X '<' '>'; do
-    for p in 1 2; do
+    for p in ${SSH_PROTOCOLS}; do
        env MALLOC_OPTIONS="$m" ${SSH} -$p -F $OBJ/ssh_proxy 999.999.999.999 true
        if [ $? -ne 0 ]; then
                fail "ssh privsep/sandbox+proxyconnect protocol $p mopt '$m' failed"
diff --git a/regress/connect.sh b/regress/connect.sh
index 2186fa6e7..f0d55d343 100644
--- a/regress/connect.sh
+++ b/regress/connect.sh
@@ -1,11 +1,11 @@
-#       $OpenBSD: connect.sh,v 1.4 2002/03/15 13:08:56 markus Exp $
+#       $OpenBSD: connect.sh,v 1.5 2015/03/03 22:35:19 markus Exp $
 #       Placed in the Public Domain.
 tid="simple connect"
 start_sshd
-for p in 1 2; do
+for p in ${SSH_PROTOCOLS}; do
        ${SSH} -o "Protocol=$p" -F $OBJ/ssh_config somehost true
        if [ $? -ne 0 ]; then
                fail "ssh connect with protocol $p failed"
diff --git a/regress/dynamic-forward.sh b/regress/dynamic-forward.sh
index 42fa8acdc..dd67c9639 100644
--- a/regress/dynamic-forward.sh
+++ b/regress/dynamic-forward.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: dynamic-forward.sh,v 1.10 2013/05/17 04:29:14 dtucker Exp $
+#       $OpenBSD: dynamic-forward.sh,v 1.11 2015/03/03 22:35:19 markus Exp $
 #       Placed in the Public Domain.
 tid="dynamic forwarding"
@@ -17,7 +17,7 @@ trace "will use ProxyCommand $proxycmd"
 start_sshd
-for p in 1 2; do
+for p in ${SSH_PROTOCOLS}; do
        n=0
        error="1"
        trace "start dynamic forwarding, fork to background"
diff --git a/regress/exit-status.sh b/regress/exit-status.sh
index 56b78a622..397d8d732 100644
--- a/regress/exit-status.sh
+++ b/regress/exit-status.sh
@@ -1,9 +1,9 @@
-#       $OpenBSD: exit-status.sh,v 1.6 2002/03/15 13:08:56 markus Exp $
+#       $OpenBSD: exit-status.sh,v 1.7 2015/03/03 22:35:19 markus Exp $
 #       Placed in the Public Domain.
 tid="remote exit status"
-for p in 1 2; do
+for p in ${SSH_PROTOCOLS}; do
        for s in 0 1 4 5 44; do
                trace "proto $p status $s"
                verbose "test $tid: proto $p status $s"
diff --git a/regress/forcecommand.sh b/regress/forcecommand.sh
index 44d2b7ffd..8a9b090ea 100644
--- a/regress/forcecommand.sh
+++ b/regress/forcecommand.sh
@@ -1,30 +1,32 @@
-#       $OpenBSD: forcecommand.sh,v 1.2 2013/05/17 00:37:40 dtucker Exp $
+#       $OpenBSD: forcecommand.sh,v 1.3 2015/03/03 22:35:19 markus Exp $
 #       Placed in the Public Domain.
 tid="forced command"
 cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak
-printf 'command="true" ' >$OBJ/authorized_keys_$USER
+cp /dev/null $OBJ/authorized_keys_$USER
-cat $OBJ/rsa.pub >> $OBJ/authorized_keys_$USER
+for t in ${SSH_KEYTYPES}; do
-printf 'command="true" ' >>$OBJ/authorized_keys_$USER
+        printf 'command="true" ' >>$OBJ/authorized_keys_$USER
-cat $OBJ/rsa1.pub >> $OBJ/authorized_keys_$USER
+        cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
+done
-for p in 1 2; do
+for p in ${SSH_PROTOCOLS}; do
        trace "forced command in key option proto $p"
        ${SSH} -$p -F $OBJ/ssh_proxy somehost false \ ||
            fail "forced command in key proto $p"
 done
-printf 'command="false" ' >$OBJ/authorized_keys_$USER
+cp /dev/null $OBJ/authorized_keys_$USER
-cat $OBJ/rsa.pub >> $OBJ/authorized_keys_$USER
+for t in ${SSH_KEYTYPES}; do
-printf 'command="false" ' >>$OBJ/authorized_keys_$USER
+        printf 'command="false" ' >> $OBJ/authorized_keys_$USER
-cat $OBJ/rsa1.pub >> $OBJ/authorized_keys_$USER
+        cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
+done
 cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy
 echo "ForceCommand true" >> $OBJ/sshd_proxy
-for p in 1 2; do
+for p in ${SSH_PROTOCOLS}; do
        trace "forced command in sshd_config overrides key option proto $p"
        ${SSH} -$p -F $OBJ/ssh_proxy somehost false \ ||
            fail "forced command in key proto $p"
@@ -35,7 +37,7 @@ echo "ForceCommand false" >> $OBJ/sshd_proxy
 echo "Match User $USER" >> $OBJ/sshd_proxy
 echo "    ForceCommand true" >> $OBJ/sshd_proxy
-for p in 1 2; do
+for p in ${SSH_PROTOCOLS}; do
        trace "forced command with match proto $p"
        ${SSH} -$p -F $OBJ/ssh_proxy somehost false \ ||
            fail "forced command in key proto $p"
diff --git a/regress/forward-control.sh b/regress/forward-control.sh
index 7f7d105e8..91957098f 100644
--- a/regress/forward-control.sh
+++ b/regress/forward-control.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: forward-control.sh,v 1.2 2013/11/18 05:09:32 naddy Exp $
+#       $OpenBSD: forward-control.sh,v 1.3 2015/03/03 22:35:19 markus Exp $
 #       Placed in the Public Domain.
 tid="sshd control of local and remote forwarding"
@@ -99,7 +99,7 @@ cp ${OBJ}/sshd_proxy ${OBJ}/sshd_proxy.bak
 cp ${OBJ}/authorized_keys_${USER} ${OBJ}/authorized_keys_${USER}.bak
 # Sanity check: ensure the default config allows forwarding
-for p in 1 2 ; do
+for p in ${SSH_PROTOCOLS} ; do
        check_lfwd $p Y "proto $p, default configuration"
        check_rfwd $p Y "proto $p, default configuration"
 done
@@ -115,7 +115,7 @@ all_tests() {
        _permit_rfwd=$7
        _badfwd=127.0.0.1:22
        _goodfwd=127.0.0.1:${PORT}
-        for _proto in 1 2 ; do
+        for _proto in ${SSH_PROTOCOLS} ; do
                cp ${OBJ}/authorized_keys_${USER}.bak \
                    ${OBJ}/authorized_keys_${USER}
                _prefix="proto $_proto, AllowTcpForwarding=$_tcpfwd"
diff --git a/regress/forwarding.sh b/regress/forwarding.sh
index 0eee3176a..fb4f35aff 100644
--- a/regress/forwarding.sh
+++ b/regress/forwarding.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: forwarding.sh,v 1.14 2015/02/23 20:32:15 djm Exp $
+#       $OpenBSD: forwarding.sh,v 1.15 2015/03/03 22:35:19 markus Exp $
 #       Placed in the Public Domain.
 tid="local and remote forwarding"
@@ -23,8 +23,11 @@ for j in 0 1 2; do
                last=$a
        done
 done
-for p in 1 2; do
+for p in ${SSH_PROTOCOLS}; do
        q=`expr 3 - $p`
+        if ! ssh_version $q; then
+                q=$p
+        fi
        trace "start forwarding, fork to background"
        ${SSH} -$p -F $OBJ/ssh_config -f $fwd somehost sleep 10
@@ -37,7 +40,7 @@ for p in 1 2; do
        sleep 10
 done
-for p in 1 2; do
+for p in ${SSH_PROTOCOLS}; do
 for d in L R; do
        trace "exit on -$d forward failure, proto $p"
@@ -67,7 +70,7 @@ for d in L R; do
 done
 done
-for p in 1 2; do
+for p in ${SSH_PROTOCOLS}; do
        trace "simple clear forwarding proto $p"
        ${SSH} -$p -F $OBJ/ssh_config -oClearAllForwardings=yes somehost true
@@ -110,7 +113,7 @@ done
 echo "LocalForward ${base}01 127.0.0.1:$PORT" >> $OBJ/ssh_config
 echo "RemoteForward ${base}02 127.0.0.1:${base}01" >> $OBJ/ssh_config
-for p in 1 2; do
+for p in ${SSH_PROTOCOLS}; do
        trace "config file: start forwarding, fork to background"
        ${SSH} -S $CTL -M -$p -F $OBJ/ssh_config -f somehost sleep 10
diff --git a/regress/host-expand.sh b/regress/host-expand.sh
index 6cc0e6055..2a95bfe1b 100644
--- a/regress/host-expand.sh
+++ b/regress/host-expand.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: host-expand.sh,v 1.3 2014/02/27 23:17:41 djm Exp $
+#       $OpenBSD: host-expand.sh,v 1.4 2015/03/03 22:35:19 markus Exp $
 #       Placed in the Public Domain.
 tid="expand %h and %n"
@@ -11,7 +11,7 @@ somehost
 127.0.0.1
 EOE
-for p in 1 2; do
+for p in ${SSH_PROTOCOLS}; do
        verbose "test $tid: proto $p"
        ${SSH} -F $OBJ/ssh_proxy -$p somehost true >$OBJ/actual
        diff $OBJ/expect $OBJ/actual || fail "$tid proto $p"
diff --git a/regress/key-options.sh b/regress/key-options.sh
index f98d78b30..7a68ad358 100644
--- a/regress/key-options.sh
+++ b/regress/key-options.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: key-options.sh,v 1.2 2008/06/30 08:07:34 djm Exp $
+#       $OpenBSD: key-options.sh,v 1.3 2015/03/03 22:35:19 markus Exp $
 #       Placed in the Public Domain.
 tid="key options"
@@ -8,7 +8,7 @@ authkeys="$OBJ/authorized_keys_${USER}"
 cp $authkeys $origkeys
 # Test command= forced command
-for p in 1 2; do
+for p in ${SSH_PROTOCOLS}; do
    for c in 'command="echo bar"' 'no-pty,command="echo bar"'; do
        sed "s/.*/$c &/" $origkeys >$authkeys
        verbose "key option proto $p $c"
@@ -24,7 +24,7 @@ done
 # Test no-pty
 sed 's/.*/no-pty &/' $origkeys >$authkeys
-for p in 1 2; do
+for p in ${SSH_PROTOCOLS}; do
        verbose "key option proto $p no-pty"
        r=`${SSH} -$p -q -F $OBJ/ssh_proxy somehost tty`
        if [ -f "$r" ]; then
@@ -35,7 +35,7 @@ done
 # Test environment=
 echo 'PermitUserEnvironment yes' >> $OBJ/sshd_proxy
 sed 's/.*/environment="FOO=bar" &/' $origkeys >$authkeys
-for p in 1 2; do
+for p in ${SSH_PROTOCOLS}; do
        verbose "key option proto $p environment"
        r=`${SSH} -$p -q -F $OBJ/ssh_proxy somehost 'echo $FOO'`
        if [ "$r" != "bar" ]; then
@@ -45,7 +45,7 @@ done
 # Test from= restriction
 start_sshd
-for p in 1 2; do
+for p in ${SSH_PROTOCOLS}; do
    for f in 127.0.0.1 '127.0.0.0\/8'; do
        cat  $origkeys >$authkeys
        ${SSH} -$p -q -F $OBJ/ssh_proxy somehost true
diff --git a/regress/keygen-change.sh b/regress/keygen-change.sh
index 04a0d54fc..e56185050 100644
--- a/regress/keygen-change.sh
+++ b/regress/keygen-change.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: keygen-change.sh,v 1.4 2015/01/13 08:23:26 djm Exp $
+#       $OpenBSD: keygen-change.sh,v 1.5 2015/03/03 22:35:19 markus Exp $
 #       Placed in the Public Domain.
 tid="change passphrase for key"
@@ -6,7 +6,12 @@ tid="change passphrase for key"
 S1="secret1"
 S2="2secret"
-for t in `${SSH} -Q key-plain` ; do
+KEYTYPES=`${SSH} -Q key-plain`
+if ssh_version 1; then
+        KEYTYPES="${KEYTYPES} rsa1"
+fi
+for t in $KEYTYPES; do
        # generate user key for agent
        trace "generating $t key"
        rm -f $OBJ/$t-key
diff --git a/regress/keyscan.sh b/regress/keyscan.sh
index 33f14f0fc..886f3295a 100644
--- a/regress/keyscan.sh
+++ b/regress/keyscan.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: keyscan.sh,v 1.3 2002/03/15 13:08:56 markus Exp $
+#       $OpenBSD: keyscan.sh,v 1.4 2015/03/03 22:35:19 markus Exp $
 #       Placed in the Public Domain.
 tid="keyscan"
@@ -8,7 +8,12 @@ rm -f ${OBJ}/host.dsa
 start_sshd
-for t in rsa1 rsa dsa; do
+KEYTYPES="rsa dsa"
+if ssh_version 1; then
+        KEYTYPES="${KEYTYPES} rsa1"
+fi
+for t in $KEYTYPES; do
        trace "keyscan type $t"
        ${SSHKEYSCAN} -t $t -p $PORT 127.0.0.1 127.0.0.1 127.0.0.1 \
                > /dev/null 2>&1
diff --git a/regress/localcommand.sh b/regress/localcommand.sh
index 8a9b56971..220f19a4d 100644
--- a/regress/localcommand.sh
+++ b/regress/localcommand.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: localcommand.sh,v 1.2 2013/05/17 10:24:48 dtucker Exp $
+#       $OpenBSD: localcommand.sh,v 1.3 2015/03/03 22:35:19 markus Exp $
 #       Placed in the Public Domain.
 tid="localcommand"
@@ -6,7 +6,7 @@ tid="localcommand"
 echo 'PermitLocalCommand yes' >> $OBJ/ssh_proxy
 echo 'LocalCommand echo foo' >> $OBJ/ssh_proxy
-for p in 1 2; do
+for p in ${SSH_PROTOCOLS}; do
        verbose "test $tid: proto $p localcommand"
        a=`${SSH} -F $OBJ/ssh_proxy -$p somehost true`
        if [ "$a" != "foo" ] ; then
diff --git a/regress/proto-mismatch.sh b/regress/proto-mismatch.sh
index fb521f214..9e8024beb 100644
--- a/regress/proto-mismatch.sh
+++ b/regress/proto-mismatch.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: proto-mismatch.sh,v 1.3 2002/03/15 13:08:56 markus Exp $
+#       $OpenBSD: proto-mismatch.sh,v 1.4 2015/03/03 22:35:19 markus Exp $
 #       Placed in the Public Domain.
 tid="protocol version mismatch"
@@ -16,4 +16,6 @@ mismatch ()
 }
 mismatch        2       SSH-1.5-HALLO
-mismatch        1       SSH-2.0-HALLO
+if ssh_version 1; then
+        mismatch        1       SSH-2.0-HALLO
+fi
diff --git a/regress/proto-version.sh b/regress/proto-version.sh
index b876dd7ec..cf4946115 100644
--- a/regress/proto-version.sh
+++ b/regress/proto-version.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: proto-version.sh,v 1.4 2013/05/17 00:37:40 dtucker Exp $
+#       $OpenBSD: proto-version.sh,v 1.5 2015/03/03 22:35:19 markus Exp $
 #       Placed in the Public Domain.
 tid="sshd version with different protocol combinations"
@@ -28,7 +28,9 @@ check_version ()
        fi
 }
-check_version   2,1     199
-check_version   1,2     199
 check_version   2       20
-check_version   1       15
+if ssh_version 1; then
+        check_version   2,1     199
+        check_version   1,2     199
+        check_version   1       15
+fi
diff --git a/regress/proxy-connect.sh b/regress/proxy-connect.sh
index 023ba7367..f816962b5 100644
--- a/regress/proxy-connect.sh
+++ b/regress/proxy-connect.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: proxy-connect.sh,v 1.7 2014/05/03 18:46:14 dtucker Exp $
+#       $OpenBSD: proxy-connect.sh,v 1.8 2015/03/03 22:35:19 markus Exp $
 #       Placed in the Public Domain.
 tid="proxy connect"
@@ -9,7 +9,7 @@ for ps in no yes; do
  cp $OBJ/sshd_proxy.orig $OBJ/sshd_proxy
  echo "UsePrivilegeSeparation $ps" >> $OBJ/sshd_proxy
-  for p in 1 2; do
+  for p in ${SSH_PROTOCOLS}; do
    for c in no yes; do
        verbose "plain username protocol $p privsep=$ps comp=$c"
        opts="-$p -oCompression=$c -F $OBJ/ssh_proxy"
@@ -24,7 +24,7 @@ for ps in no yes; do
  done
 done
-for p in 1 2; do
+for p in ${SSH_PROTOCOLS}; do
        verbose "username with style protocol $p"
        ${SSH} -$p -F $OBJ/ssh_proxy ${USER}:style@999.999.999.999 true || \
                fail "ssh proxyconnect protocol $p failed"
diff --git a/regress/reconfigure.sh b/regress/reconfigure.sh
index e6af9eab1..eecddd3c7 100644
--- a/regress/reconfigure.sh
+++ b/regress/reconfigure.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: reconfigure.sh,v 1.4 2015/01/14 09:58:21 markus Exp $
+#       $OpenBSD: reconfigure.sh,v 1.5 2015/03/03 22:35:19 markus Exp $
 #       Placed in the Public Domain.
 tid="simple connect after reconfigure"
@@ -18,7 +18,7 @@ fi
 start_sshd
 trace "connect before restart"
-for p in 1 2; do
+for p in ${SSH_PROTOCOLS} ; do
        ${SSH} -o "Protocol=$p" -F $OBJ/ssh_config somehost true
        if [ $? -ne 0 ]; then
                fail "ssh connect with protocol $p failed before reconfigure"
@@ -39,7 +39,7 @@ done
 test -f $PIDFILE || fatal "sshd did not restart"
 trace "connect after restart"
-for p in 1 2; do
+for p in ${SSH_PROTOCOLS} ; do
        ${SSH} -o "Protocol=$p" -F $OBJ/ssh_config somehost true
        if [ $? -ne 0 ]; then
                fail "ssh connect with protocol $p failed after reconfigure"
diff --git a/regress/reexec.sh b/regress/reexec.sh
index 433573f06..5c0a7b46f 100644
--- a/regress/reexec.sh
+++ b/regress/reexec.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: reexec.sh,v 1.7 2013/05/17 10:23:52 dtucker Exp $
+#       $OpenBSD: reexec.sh,v 1.8 2015/03/03 22:35:19 markus Exp $
 #       Placed in the Public Domain.
 tid="reexec tests"
@@ -19,7 +19,7 @@ start_sshd_copy ()
 copy_tests ()
 {
        rm -f ${COPY}
-        for p in 1 2; do
+        for p in ${SSH_PROTOCOLS} ; do
                verbose "$tid: proto $p"
                ${SSH} -nqo "Protocol=$p" -F $OBJ/ssh_config somehost \
                    cat ${DATA} > ${COPY}
diff --git a/regress/stderr-data.sh b/regress/stderr-data.sh
index b0bd2355c..8c8149a73 100644
--- a/regress/stderr-data.sh
+++ b/regress/stderr-data.sh
@@ -1,10 +1,10 @@
-#       $OpenBSD: stderr-data.sh,v 1.3 2013/05/17 04:29:14 dtucker Exp $
+#       $OpenBSD: stderr-data.sh,v 1.4 2015/03/03 22:35:19 markus Exp $
 #       Placed in the Public Domain.
 tid="stderr data transfer"
 for n in '' -n; do
-for p in 1 2; do
+for p in ${SSH_PROTOCOLS}; do
        verbose "test $tid: proto $p ($n)"
        ${SSH} $n -$p -F $OBJ/ssh_proxy otherhost \
                exec sh -c \'"exec > /dev/null; sleep 3; cat ${DATA} 1>&2 $s"\' \
diff --git a/regress/test-exec.sh b/regress/test-exec.sh
index ff0768a04..12ba094a9 100644
--- a/regress/test-exec.sh
+++ b/regress/test-exec.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: test-exec.sh,v 1.48 2014/07/06 07:42:03 djm Exp $
+#       $OpenBSD: test-exec.sh,v 1.51 2015/03/03 22:35:19 markus Exp $
 #       Placed in the Public Domain.
 #SUDO=sudo
@@ -130,6 +130,11 @@ if [ "x$TEST_SSH_CONCH" != "x" ]; then
        esac
 fi
+SSH_PROTOCOLS=`$SSH -Q protocol-version`
+if [ "x$TEST_SSH_PROTOCOLS" != "x" ]; then
+        SSH_PROTOCOLS="${TEST_SSH_PROTOCOLS}"
+fi
 # Path to sshd must be absolute for rexec
 case "$SSHD" in
 /*) ;;
@@ -374,16 +379,27 @@ fatal ()
        exit $RESULT
 }
+ssh_version ()
+{
+        echo ${SSH_PROTOCOLS} | grep -q "$1"
+}
 RESULT=0
 PIDFILE=$OBJ/pidfile
 trap fatal 3 2
+if ssh_version 1; then
+        PROTO="2,1"
+else
+        PROTO="2"
+fi
 # create server config
 cat << EOF > $OBJ/sshd_config
        StrictModes             no
        Port                    $PORT
-        Protocol                2,1
+        Protocol                $PROTO
        AddressFamily           inet
        ListenAddress           127.0.0.1
        #ListenAddress          ::1
@@ -409,7 +425,7 @@ echo 'StrictModes no' >> $OBJ/sshd_proxy
 # create client config
 cat << EOF > $OBJ/ssh_config
 Host *
-        Protocol                2,1
+        Protocol                $PROTO
        Hostname                127.0.0.1
        HostKeyAlias            localhost-with-alias
        Port                    $PORT
@@ -434,8 +450,13 @@ fi
 rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER
+if ssh_version 1; then
+        SSH_KEYTYPES="rsa rsa1"
+else
+        SSH_KEYTYPES="rsa ed25519"
+fi
 trace "generate keys"
-for t in rsa rsa1; do
+for t in ${SSH_KEYTYPES}; do
        # generate user key
        if [ ! -f $OBJ/$t ] || [ ${SSHKEYGEN_BIN} -nt $OBJ/$t ]; then
                rm -f $OBJ/$t
diff --git a/regress/transfer.sh b/regress/transfer.sh
index 1ae3ef5bf..36c14634a 100644
--- a/regress/transfer.sh
+++ b/regress/transfer.sh
@@ -1,9 +1,9 @@
-#       $OpenBSD: transfer.sh,v 1.2 2013/05/17 04:29:14 dtucker Exp $
+#       $OpenBSD: transfer.sh,v 1.3 2015/03/03 22:35:19 markus Exp $
 #       Placed in the Public Domain.
 tid="transfer data"
-for p in 1 2; do
+for p in ${SSH_PROTOCOLS}; do
        verbose "$tid: proto $p"
        rm -f ${COPY}
        ${SSH} -n -q -$p -F $OBJ/ssh_proxy somehost cat ${DATA} > ${COPY}
diff --git a/regress/try-ciphers.sh b/regress/try-ciphers.sh
index 2881ce16c..4165c7b88 100644
--- a/regress/try-ciphers.sh
+++ b/regress/try-ciphers.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: try-ciphers.sh,v 1.23 2014/04/21 22:15:37 djm Exp $
+#       $OpenBSD: try-ciphers.sh,v 1.24 2015/03/03 22:35:19 markus Exp $
 #       Placed in the Public Domain.
 tid="try ciphers"
@@ -26,7 +26,11 @@ for c in `${SSH} -Q cipher`; do
        done
 done
-ciphers="3des blowfish"
+if ssh_version 1; then
+        ciphers="3des blowfish"
+else
+        ciphers=""
+fi
 for c in $ciphers; do
        trace "proto 1 cipher $c"
        verbose "test $tid: proto 1 cipher $c"
diff --git a/regress/yes-head.sh b/regress/yes-head.sh
index a8e6bc800..1fc754211 100644
--- a/regress/yes-head.sh
+++ b/regress/yes-head.sh
@@ -1,9 +1,9 @@
-#       $OpenBSD: yes-head.sh,v 1.4 2002/03/15 13:08:56 markus Exp $
+#       $OpenBSD: yes-head.sh,v 1.5 2015/03/03 22:35:19 markus Exp $
 #       Placed in the Public Domain.
 tid="yes pipe head"
-for p in 1 2; do
+for p in ${SSH_PROTOCOLS}; do
        lines=`${SSH} -$p -F $OBJ/ssh_proxy thishost 'sh -c "while true;do echo yes;done | _POSIX2_VERSION=199209 head -2000"' | (sleep 3 ; wc -l)`
        if [ $? -ne 0 ]; then
                fail "yes|head test failed"
author	markus@openbsd.org <markus@openbsd.org>	2015-03-03 22:35:19 +0000
committer	Damien Miller <djm@mindrot.org>	2015-03-05 05:59:47 +1100
commit	dad2b1892b4c1b7e58df483a8c5b983c4454e099 (patch)
tree	fa461e273ef92414c934a88cc88b2875032e616f /regress
parent	d48a22601bdd3eec054794c535f4ae8d8ae4c6e2 (diff)