diff options
Diffstat (limited to 'regress/cert-userkey.sh')
-rw-r--r-- | regress/cert-userkey.sh | 15 |
1 files changed, 11 insertions, 4 deletions
diff --git a/regress/cert-userkey.sh b/regress/cert-userkey.sh index 01f3b40a4..a7760a2f6 100644 --- a/regress/cert-userkey.sh +++ b/regress/cert-userkey.sh | |||
@@ -3,6 +3,13 @@ | |||
3 | 3 | ||
4 | tid="certified user keys" | 4 | tid="certified user keys" |
5 | 5 | ||
6 | # used to disable ECC based tests on platforms without ECC | ||
7 | ecdsa="" | ||
8 | if grep "#define.*OPENSSL_HAS_ECC" ${BUILDDIR}/config.h >/dev/null 2>&1 | ||
9 | then | ||
10 | ecdsa=ecdsa | ||
11 | fi | ||
12 | |||
6 | rm -f $OBJ/authorized_keys_$USER $OBJ/user_ca_key* $OBJ/cert_user_key* | 13 | rm -f $OBJ/authorized_keys_$USER $OBJ/user_ca_key* $OBJ/cert_user_key* |
7 | cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak | 14 | cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak |
8 | 15 | ||
@@ -11,7 +18,7 @@ ${SSHKEYGEN} -q -N '' -t rsa -f $OBJ/user_ca_key ||\ | |||
11 | fail "ssh-keygen of user_ca_key failed" | 18 | fail "ssh-keygen of user_ca_key failed" |
12 | 19 | ||
13 | # Generate and sign user keys | 20 | # Generate and sign user keys |
14 | for ktype in rsa dsa ecdsa ; do | 21 | for ktype in rsa dsa $ecdsa ; do |
15 | verbose "$tid: sign user ${ktype} cert" | 22 | verbose "$tid: sign user ${ktype} cert" |
16 | ${SSHKEYGEN} -q -N '' -t ${ktype} \ | 23 | ${SSHKEYGEN} -q -N '' -t ${ktype} \ |
17 | -f $OBJ/cert_user_key_${ktype} || \ | 24 | -f $OBJ/cert_user_key_${ktype} || \ |
@@ -31,7 +38,7 @@ for ktype in rsa dsa ecdsa ; do | |||
31 | done | 38 | done |
32 | 39 | ||
33 | # Test explicitly-specified principals | 40 | # Test explicitly-specified principals |
34 | for ktype in rsa dsa ecdsa rsa_v00 dsa_v00 ; do | 41 | for ktype in rsa dsa $ecdsa rsa_v00 dsa_v00 ; do |
35 | for privsep in yes no ; do | 42 | for privsep in yes no ; do |
36 | _prefix="${ktype} privsep $privsep" | 43 | _prefix="${ktype} privsep $privsep" |
37 | 44 | ||
@@ -157,7 +164,7 @@ basic_tests() { | |||
157 | extra_sshd="TrustedUserCAKeys $OBJ/user_ca_key.pub" | 164 | extra_sshd="TrustedUserCAKeys $OBJ/user_ca_key.pub" |
158 | fi | 165 | fi |
159 | 166 | ||
160 | for ktype in rsa dsa ecdsa rsa_v00 dsa_v00 ; do | 167 | for ktype in rsa dsa $ecdsa rsa_v00 dsa_v00 ; do |
161 | for privsep in yes no ; do | 168 | for privsep in yes no ; do |
162 | _prefix="${ktype} privsep $privsep $auth" | 169 | _prefix="${ktype} privsep $privsep $auth" |
163 | # Simple connect | 170 | # Simple connect |
@@ -309,7 +316,7 @@ test_one "principals key option no principals" failure "" \ | |||
309 | 316 | ||
310 | # Wrong certificate | 317 | # Wrong certificate |
311 | cat $OBJ/sshd_proxy_bak > $OBJ/sshd_proxy | 318 | cat $OBJ/sshd_proxy_bak > $OBJ/sshd_proxy |
312 | for ktype in rsa dsa ecdsa rsa_v00 dsa_v00 ; do | 319 | for ktype in rsa dsa $ecdsa rsa_v00 dsa_v00 ; do |
313 | case $ktype in | 320 | case $ktype in |
314 | *_v00) args="-t v00" ;; | 321 | *_v00) args="-t v00" ;; |
315 | *) args="" ;; | 322 | *) args="" ;; |