diff options
-rw-r--r-- | ChangeLog | 3 | ||||
-rw-r--r-- | regress/cert-userkey.sh | 32 |
2 files changed, 34 insertions, 1 deletions
@@ -32,6 +32,9 @@ | |||
32 | [regress/Makefile] | 32 | [regress/Makefile] |
33 | fix how we run the tests so we can successfully use SUDO='sudo -E' | 33 | fix how we run the tests so we can successfully use SUDO='sudo -E' |
34 | in our env | 34 | in our env |
35 | - djm@cvs.openbsd.org 2010/06/29 23:59:54 | ||
36 | [cert-userkey.sh] | ||
37 | regress tests for key options in AuthorizedPrincipals | ||
35 | 38 | ||
36 | 20100627 | 39 | 20100627 |
37 | - (tim) [openbsd-compat/port-uw.c] Reorder includes. auth-options.h now needs | 40 | - (tim) [openbsd-compat/port-uw.c] Reorder includes. auth-options.h now needs |
diff --git a/regress/cert-userkey.sh b/regress/cert-userkey.sh index 8fd1b48db..a41a9a9c0 100644 --- a/regress/cert-userkey.sh +++ b/regress/cert-userkey.sh | |||
@@ -1,4 +1,4 @@ | |||
1 | # $OpenBSD: cert-userkey.sh,v 1.5 2010/05/07 11:31:26 djm Exp $ | 1 | # $OpenBSD: cert-userkey.sh,v 1.6 2010/06/29 23:59:54 djm Exp $ |
2 | # Placed in the Public Domain. | 2 | # Placed in the Public Domain. |
3 | 3 | ||
4 | tid="certified user keys" | 4 | tid="certified user keys" |
@@ -79,6 +79,36 @@ for ktype in rsa dsa rsa_v00 dsa_v00 ; do | |||
79 | fail "ssh cert connect failed" | 79 | fail "ssh cert connect failed" |
80 | fi | 80 | fi |
81 | 81 | ||
82 | # authorized_principals with bad key option | ||
83 | verbose "$tid: ${_prefix} authorized_principals bad key opt" | ||
84 | echo 'blah mekmitasdigoat' > $OBJ/authorized_principals_$USER | ||
85 | ${SSH} -2i $OBJ/cert_user_key_${ktype} \ | ||
86 | -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1 | ||
87 | if [ $? -eq 0 ]; then | ||
88 | fail "ssh cert connect succeeded unexpectedly" | ||
89 | fi | ||
90 | |||
91 | # authorized_principals with command=false | ||
92 | verbose "$tid: ${_prefix} authorized_principals command=false" | ||
93 | echo 'command="false" mekmitasdigoat' > \ | ||
94 | $OBJ/authorized_principals_$USER | ||
95 | ${SSH} -2i $OBJ/cert_user_key_${ktype} \ | ||
96 | -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1 | ||
97 | if [ $? -eq 0 ]; then | ||
98 | fail "ssh cert connect succeeded unexpectedly" | ||
99 | fi | ||
100 | |||
101 | |||
102 | # authorized_principals with command=true | ||
103 | verbose "$tid: ${_prefix} authorized_principals command=true" | ||
104 | echo 'command="true" mekmitasdigoat' > \ | ||
105 | $OBJ/authorized_principals_$USER | ||
106 | ${SSH} -2i $OBJ/cert_user_key_${ktype} \ | ||
107 | -F $OBJ/ssh_proxy somehost false >/dev/null 2>&1 | ||
108 | if [ $? -ne 0 ]; then | ||
109 | fail "ssh cert connect failed" | ||
110 | fi | ||
111 | |||
82 | # Setup for principals= key option | 112 | # Setup for principals= key option |
83 | rm -f $OBJ/authorized_principals_$USER | 113 | rm -f $OBJ/authorized_principals_$USER |
84 | ( | 114 | ( |