| Age | Commit message (Collapse) | Author |
|---|
|
[regress/agent-timeout.sh]
Pull back some portability changes from -portable:
- TIMEOUT is a read-only variable in some shells
- not all greps have -q so redirect to /dev/null instead.
(ID sync only)
|
|
|
|
[regress/agent.sh regress/keytype.sh regress/cfgmatch.sh
regress/forcecommand.sh regress/proto-version.sh regress/test-exec.sh
regress/cipher-speed.sh regress/cert-hostkey.sh regress/cert-userkey.sh
regress/ssh-com.sh]
replace 'echo -n' with 'printf' since it's more portable
also remove "echon" hack.
|
|
methods. When the openssl version doesn't support ECDH then next one on
the list is DH group exchange, but that causes a bit more traffic which can
mean that the tests flip bits in the initial exchange rather than the MACed
traffic and we get different errors to what the tests look for.
|
|
in portable and it's long gone in openbsd.
|
|
[regress/rekey.sh]
add tests for RekeyLimit parsing
|
|
[regress/rekey.sh]
add server-side rekey test
|
|
[regress/rekey.sh]
test rekeying when there's no data being transferred
|
|
[rekey.sh]
Add test for time-based rekeying
|
|
[modpipe.c]
sync some portability changes from portable OpenSSH (id sync only)
|
|
[multiplex.sh]
Add tests for -Oforward and -Ocancel for local and remote forwards
|
|
[multiplex.sh]
Write mux master logs to regress.log instead of ssh.log to keep separate
|
|
[Makefile regress/sftp-chroot.sh]
test sshd ChrootDirectory+internal-sftp; feedback & ok dtucker@
|
|
[regress/Makefile regress/rekey.sh regress/integrity.sh
regress/sshd-log-wrapper.sh regress/forwarding.sh regress/test-exec.sh]
use -E option for ssh and sshd to write debuging logs to ssh{,d}.log and
save the output from any failing tests. If a test fails the debug output
from ssh and sshd for the failing tests (and only the failing tests) should
be available in failed-ssh{,d}.log.
|
|
[regress/rekey.sh regress/test-exec.sh regress/integrity.sh
regress/multiplex.sh Makefile regress/cfgmatch.sh]
Split the regress log into 3 parts: the debug output from ssh, the debug
log from sshd and the output from the client command (ssh, scp or sftp).
Somewhat functional now, will become more useful when ssh/sshd -E is added.
|
|
[test-exec.sh]
Only regenerate host keys if they don't exist or if ssh-keygen has changed
since they were. Reduces test runtime by 5-30% depending on machine
speed.
|
|
[regress/proxy-connect.sh]
repeat test with a style appended to the username
|
|
openbsd-compat/getopt_long.c regress/modpipe.c] Remove getopt.c, add
portability code to getopt_long.c and switch over Makefile and the ugly
hack in modpipe.c. Fixes bz#1448.
|
|
Improve portability of cipher-speed test, based mostly on a patch from
Iain Morgan.
|
|
connection to start so that the test works on slower machines.
|
|
HP/UX. Spotted by Kevin Brott
|
|
|
|
|
|
|
|
|
|
for UsePAM=yes configuration
|
|
[integrity.sh]
Add an option to modpipe that warns if the modification offset it not
reached in it's stream and turn it on for t-integrity. This should catch
cases where the session is not fuzzed for being too short (cf. my last
"oops" commit)
|
|
|
|
[regress/modpipe.c]
s/Id/OpenBSD/ in RCS tag
|
|
[regress/integrity.sh regress/modpipe.c]
Add an option to modpipe that warns if the modification offset it not
reached in it's stream and turn it on for t-integrity. This should catch
cases where the session is not fuzzed for being too short (cf. my last
"oops" commit)
|
|
err.h include from krl.c. Additional portability fixes for modpipe. OK djm
|
|
|
|
lack support for SHA2.
|
|
[integrity.sh]
oops, forgot to increase the output of the ssh command to ensure that
we actually reach $offset
|
|
[integrity.sh]
crank the offset yet again; it was still fuzzing KEX one of Darren's
portable test hosts at 2800
|
|
[integrity.sh]
make the ssh command generates some output to ensure that there are at
least offset+tries bytes in the stream.
|
|
[integrity.sh]
make sure the fuzz offset is actually past the end of KEX for all KEX
types. diffie-hellman-group-exchange-sha256 requires an offset around
2700. Noticed via test failures in portable OpenSSH on platforms that
lack ECC and this the more byte-frugal ECDH KEX algorithms.
|
|
of 2300) to avoid clobbering the end of (non-MAC'd) KEX. Verified by
Iain Morgan
|
|
|
|
|
|
|
|
[try-ciphers.sh]
remove acss here too
|
|
|
|
[regress/Makefile regress/cert-userkey.sh regress/krl.sh]
Tests for Key Revocation Lists (KRLs)
|
|
check for GCM support before testing GCM ciphers.
|
|
|
|
[regress/cipher-speed.sh regress/integrity.sh regress/try-ciphers.sh]
test AES-GCM modes; feedback markus@
|
|
|
|
|
|
work on platforms without 'jot'
|
