1 files changed, 48 insertions, 0 deletions
diff --git a/regress/unittests/authopt/testdata/mktestdata.sh b/regress/unittests/authopt/testdata/mktestdata.sh
new file mode 100644
index 000000000..06a24e390
--- /dev/null
+++ b/regress/unittests/authopt/testdata/mktestdata.sh
@@ -0,0 +1,48 @@
+#/bin/sh
+set -xe
+rm -f ca_key ca_key.pub
+rm -f user_key user_key.pub
+rm -f *.cert
+ssh-keygen -q -f ca_key -t ed25519 -C CA -N ''
+ssh-keygen -q -f user_key -t ed25519 -C "user key" -N ''
+sign() {
+        output=$1
+        shift
+        set -xe
+        ssh-keygen -q -s ca_key -I user -n user \
+            -V 19990101:19991231 -z 1 "$@" user_key.pub
+        mv user_key-cert.pub "$output"
+}
+sign all_permit.cert -Opermit-agent-forwarding -Opermit-port-forwarding \
+    -Opermit-pty -Opermit-user-rc -Opermit-X11-forwarding
+sign no_permit.cert -Oclear
+sign no_agentfwd.cert -Ono-agent-forwarding
+sign no_portfwd.cert -Ono-port-forwarding
+sign no_pty.cert -Ono-pty
+sign no_user_rc.cert -Ono-user-rc
+sign no_x11fwd.cert -Ono-X11-forwarding
+sign only_agentfwd.cert -Oclear -Opermit-agent-forwarding
+sign only_portfwd.cert -Oclear -Opermit-port-forwarding
+sign only_pty.cert -Oclear -Opermit-pty
+sign only_user_rc.cert -Oclear -Opermit-user-rc
+sign only_x11fwd.cert -Oclear -Opermit-X11-forwarding
+sign force_command.cert -Oforce-command="foo"
+sign sourceaddr.cert -Osource-address="127.0.0.1/32,::1/128"
+# ssh-keygen won't permit generation of certs with invalid source-address
+# values, so we do it as a custom extension.
+sign bad_sourceaddr.cert -Ocritical:source-address=xxxxx
+sign unknown_critical.cert -Ocritical:blah=foo
+sign host.cert -h
+rm -f user_key ca_key user_key.pub ca_key.pub

diff --git a/regress/unittests/authopt/testdata/mktestdata.sh b/regress/unittests/authopt/testdata/mktestdata.sh new file mode 100644 index 000000000..06a24e390 --- /dev/null +++ b/regress/unittests/authopt/testdata/mktestdata.sh
@@ -0,0 +1,48 @@
	1	#/bin/sh
	2
	3	set -xe
	4
	5	rm -f ca_key ca_key.pub
	6	rm -f user_key user_key.pub
	7	rm -f *.cert
	8
	9	ssh-keygen -q -f ca_key -t ed25519 -C CA -N ''
	10	ssh-keygen -q -f user_key -t ed25519 -C "user key" -N ''
	11
	12	sign() {
	13	output=$1
	14	shift
	15	set -xe
	16	ssh-keygen -q -s ca_key -I user -n user \
	17	-V 19990101:19991231 -z 1 "$@" user_key.pub
	18	mv user_key-cert.pub "$output"
	19	}
	20
	21	sign all_permit.cert -Opermit-agent-forwarding -Opermit-port-forwarding \
	22	-Opermit-pty -Opermit-user-rc -Opermit-X11-forwarding
	23	sign no_permit.cert -Oclear
	24
	25	sign no_agentfwd.cert -Ono-agent-forwarding
	26	sign no_portfwd.cert -Ono-port-forwarding
	27	sign no_pty.cert -Ono-pty
	28	sign no_user_rc.cert -Ono-user-rc
	29	sign no_x11fwd.cert -Ono-X11-forwarding
	30
	31	sign only_agentfwd.cert -Oclear -Opermit-agent-forwarding
	32	sign only_portfwd.cert -Oclear -Opermit-port-forwarding
	33	sign only_pty.cert -Oclear -Opermit-pty
	34	sign only_user_rc.cert -Oclear -Opermit-user-rc
	35	sign only_x11fwd.cert -Oclear -Opermit-X11-forwarding
	36
	37	sign force_command.cert -Oforce-command="foo"
	38	sign sourceaddr.cert -Osource-address="127.0.0.1/32,::1/128"
	39
	40	# ssh-keygen won't permit generation of certs with invalid source-address
	41	# values, so we do it as a custom extension.
	42	sign bad_sourceaddr.cert -Ocritical:source-address=xxxxx
	43
	44	sign unknown_critical.cert -Ocritical:blah=foo
	45
	46	sign host.cert -h
	47
	48	rm -f user_key ca_key user_key.pub ca_key.pub