diff options
| -rw-r--r-- | ChangeLog | 3 | ||||
| -rw-r--r-- | regress/cipher-speed.sh | 15 | ||||
| -rw-r--r-- | regress/integrity.sh | 14 | ||||
| -rw-r--r-- | regress/try-ciphers.sh | 22 |
4 files changed, 11 insertions, 43 deletions
| @@ -34,6 +34,9 @@ | |||
| 34 | - dtucker@cvs.openbsd.org 2013/11/07 01:12:51 | 34 | - dtucker@cvs.openbsd.org 2013/11/07 01:12:51 |
| 35 | [regress/rekey.sh] | 35 | [regress/rekey.sh] |
| 36 | Factor out the data transfer rekey tests | 36 | Factor out the data transfer rekey tests |
| 37 | - dtucker@cvs.openbsd.org 2013/11/07 02:48:38 | ||
| 38 | [regress/integrity.sh regress/cipher-speed.sh regress/try-ciphers.sh] | ||
| 39 | Use ssh -Q instead of hardcoding lists of ciphers or MACs. | ||
| 37 | 40 | ||
| 38 | 20131104 | 41 | 20131104 |
| 39 | - (djm) OpenBSD CVS Sync | 42 | - (djm) OpenBSD CVS Sync |
diff --git a/regress/cipher-speed.sh b/regress/cipher-speed.sh index 489d9f5fa..8ff9b3220 100644 --- a/regress/cipher-speed.sh +++ b/regress/cipher-speed.sh | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | # $OpenBSD: cipher-speed.sh,v 1.9 2013/05/17 04:29:14 dtucker Exp $ | 1 | # $OpenBSD: cipher-speed.sh,v 1.10 2013/11/07 02:48:38 dtucker Exp $ |
| 2 | # Placed in the Public Domain. | 2 | # Placed in the Public Domain. |
| 3 | 3 | ||
| 4 | tid="cipher speed" | 4 | tid="cipher speed" |
| @@ -11,18 +11,7 @@ getbytes () | |||
| 11 | 11 | ||
| 12 | tries="1 2" | 12 | tries="1 2" |
| 13 | 13 | ||
| 14 | ciphers="aes128-cbc 3des-cbc blowfish-cbc cast128-cbc | 14 | for c in `${SSH} -Q cipher`; do n=0; for m in `${SSH} -Q mac`; do |
| 15 | arcfour128 arcfour256 arcfour | ||
| 16 | aes192-cbc aes256-cbc rijndael-cbc@lysator.liu.se | ||
| 17 | aes128-ctr aes192-ctr aes256-ctr" | ||
| 18 | config_defined OPENSSL_HAVE_EVPGCM && \ | ||
| 19 | ciphers="$ciphers aes128-gcm@openssh.com aes256-gcm@openssh.com" | ||
| 20 | macs="hmac-sha1 hmac-md5 umac-64@openssh.com umac-128@openssh.com | ||
| 21 | hmac-sha1-96 hmac-md5-96" | ||
| 22 | config_defined HAVE_EVP_SHA256 && \ | ||
| 23 | macs="$macs hmac-sha2-256 hmac-sha2-512" | ||
| 24 | |||
| 25 | for c in $ciphers; do n=0; for m in $macs; do | ||
| 26 | trace "proto 2 cipher $c mac $m" | 15 | trace "proto 2 cipher $c mac $m" |
| 27 | for x in $tries; do | 16 | for x in $tries; do |
| 28 | printf "%-60s" "$c/$m:" | 17 | printf "%-60s" "$c/$m:" |
diff --git a/regress/integrity.sh b/regress/integrity.sh index 1d17fe10a..de2b8d05a 100644 --- a/regress/integrity.sh +++ b/regress/integrity.sh | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | # $OpenBSD: integrity.sh,v 1.10 2013/05/17 01:32:11 dtucker Exp $ | 1 | # $OpenBSD: integrity.sh,v 1.11 2013/11/07 02:48:38 dtucker Exp $ |
| 2 | # Placed in the Public Domain. | 2 | # Placed in the Public Domain. |
| 3 | 3 | ||
| 4 | tid="integrity" | 4 | tid="integrity" |
| @@ -8,18 +8,10 @@ tid="integrity" | |||
| 8 | # XXX and ssh tries to read... | 8 | # XXX and ssh tries to read... |
| 9 | tries=10 | 9 | tries=10 |
| 10 | startoffset=2900 | 10 | startoffset=2900 |
| 11 | macs="hmac-sha1 hmac-md5 umac-64@openssh.com umac-128@openssh.com | 11 | macs=`${SSH} -Q mac` |
| 12 | hmac-sha1-96 hmac-md5-96 | ||
| 13 | hmac-sha1-etm@openssh.com hmac-md5-etm@openssh.com | ||
| 14 | umac-64-etm@openssh.com umac-128-etm@openssh.com | ||
| 15 | hmac-sha1-96-etm@openssh.com hmac-md5-96-etm@openssh.com" | ||
| 16 | config_defined HAVE_EVP_SHA256 && | ||
| 17 | macs="$macs hmac-sha2-256 hmac-sha2-512 | ||
| 18 | hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com" | ||
| 19 | # The following are not MACs, but ciphers with integrated integrity. They are | 12 | # The following are not MACs, but ciphers with integrated integrity. They are |
| 20 | # handled specially below. | 13 | # handled specially below. |
| 21 | config_defined OPENSSL_HAVE_EVPGCM && \ | 14 | macs="$macs `${SSH} -Q cipher | grep gcm@openssh.com`" |
| 22 | macs="$macs aes128-gcm@openssh.com aes256-gcm@openssh.com" | ||
| 23 | 15 | ||
| 24 | # avoid DH group exchange as the extra traffic makes it harder to get the | 16 | # avoid DH group exchange as the extra traffic makes it harder to get the |
| 25 | # offset into the stream right. | 17 | # offset into the stream right. |
diff --git a/regress/try-ciphers.sh b/regress/try-ciphers.sh index e17c9f5e9..485843299 100644 --- a/regress/try-ciphers.sh +++ b/regress/try-ciphers.sh | |||
| @@ -1,27 +1,11 @@ | |||
| 1 | # $OpenBSD: try-ciphers.sh,v 1.20 2013/05/17 10:16:26 dtucker Exp $ | 1 | # $OpenBSD: try-ciphers.sh,v 1.21 2013/11/07 02:48:38 dtucker Exp $ |
| 2 | # Placed in the Public Domain. | 2 | # Placed in the Public Domain. |
| 3 | 3 | ||
| 4 | tid="try ciphers" | 4 | tid="try ciphers" |
| 5 | 5 | ||
| 6 | ciphers="aes128-cbc 3des-cbc blowfish-cbc cast128-cbc | 6 | for c in `${SSH} -Q cipher`; do |
| 7 | arcfour128 arcfour256 arcfour | ||
| 8 | aes192-cbc aes256-cbc rijndael-cbc@lysator.liu.se | ||
| 9 | aes128-ctr aes192-ctr aes256-ctr" | ||
| 10 | config_defined OPENSSL_HAVE_EVPGCM && \ | ||
| 11 | ciphers="$ciphers aes128-gcm@openssh.com aes256-gcm@openssh.com" | ||
| 12 | macs="hmac-sha1 hmac-md5 umac-64@openssh.com umac-128@openssh.com | ||
| 13 | hmac-sha1-96 hmac-md5-96 | ||
| 14 | hmac-sha1-etm@openssh.com hmac-md5-etm@openssh.com | ||
| 15 | umac-64-etm@openssh.com umac-128-etm@openssh.com | ||
| 16 | hmac-sha1-96-etm@openssh.com hmac-md5-96-etm@openssh.com | ||
| 17 | hmac-ripemd160-etm@openssh.com" | ||
| 18 | config_defined HAVE_EVP_SHA256 && | ||
| 19 | macs="$macs hmac-sha2-256 hmac-sha2-512 | ||
| 20 | hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com" | ||
| 21 | |||
| 22 | for c in $ciphers; do | ||
| 23 | n=0 | 7 | n=0 |
| 24 | for m in $macs; do | 8 | for m in `${SSH} -Q mac`; do |
| 25 | trace "proto 2 cipher $c mac $m" | 9 | trace "proto 2 cipher $c mac $m" |
| 26 | verbose "test $tid: proto 2 cipher $c mac $m" | 10 | verbose "test $tid: proto 2 cipher $c mac $m" |
| 27 | ${SSH} -F $OBJ/ssh_proxy -2 -m $m -c $c somehost true | 11 | ${SSH} -F $OBJ/ssh_proxy -2 -m $m -c $c somehost true |