| Age | Commit message (Collapse) | Author |
|---|
|
|
|
[regress/Makefile regress/cert-userkey.sh regress/krl.sh]
Tests for Key Revocation Lists (KRLs)
|
|
check for GCM support before testing GCM ciphers.
|
|
|
|
[regress/cipher-speed.sh regress/integrity.sh regress/try-ciphers.sh]
test AES-GCM modes; feedback markus@
|
|
|
|
|
|
work on platforms without 'jot'
|
|
[try-ciphers.sh]
add hmac-ripemd160-etm@openssh.com
|
|
[regress/Makefile regress/modpipe.c regress/integrity.sh]
test the integrity of the packets; with djm@
|
|
[regress/try-ciphers.sh]
add etm modes
|
|
[regress/keys-command.sh]
Fix some problems with the keys-command test:
- use string comparison rather than numeric comparison
- check for existing KEY_COMMAND file and don't clobber if it exists
- clean up KEY_COMMAND file if we do create it.
- check that KEY_COMMAND is executable (which it won't be if eg /var/run
is mounted noexec).
ok djm.
|
|
[Makefile regress/forward-control.sh]
regress for AllowTcpForwarding local/remote; ok markus@
|
|
[regress/Makefile regress/keys-command.sh]
regress for AuthorizedKeysCommand; hints from markus@
|
|
[regress/cert-userkey.sh]
include a serial number when generating certs
|
|
[regress/cipher-speed.sh regress/try-ciphers.sh]
Add umac-128@openssh.com to the list of MACs to be tested
|
|
[regress/multiplex.sh]
Use 'kill -0' to test for the presence of a pid since it's more portable
|
|
[regress/multiplex.sh]
use -Ocheck and waiting for completions by PID to make multiplexing test
less racy and (hopefully) more reliable on slow hardware.
|
|
[regress/multiplex.sh]
Log -O cmd output to the log file and make logging consistent with the
other tests. Test clean shutdown of an existing channel when testing
"stop".
|
|
[multiplex.sh]
Add test for ssh -Ostop
|
|
[regress/try-ciphers.sh]
Restore missing space. (Id sync only).
|
|
|
|
Move cygwin detection to test-exec and use to skip reexec test on cygwin.
|
|
[regress/connect-privsep.sh]
remove exit from end of test since it prevents reporting failure
|
|
[regress/try-ciphers.sh regress/cipher-speed.sh]
Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs since they were removed
from draft6 of the spec and will not be in the RFC when published. Patch
from mdb at juniper net via bz#2023, ok markus
|
|
[regress/connect-privsep.sh]
test sandbox with every malloc option
|
|
[regress/sftp-cmds.sh]
don't delete .* on cleanup due to unintended env expansion; pointed out in
bz#2014 by openssh AT roumenpetrov.info
|
|
[multiplex.sh forwarding.sh]
append to rather than truncate test log; bz#2013 from openssh AT
roumenpetrov.
|
|
[regress/addrmatch.sh]
Add "Match LocalAddress" and "Match LocalPort" to sshd and adjust tests
to match. Feedback and ok djm@ markus@.
|
|
platform rather than exiting early, so that we still clean up and return
status to test-exec.sh
|
|
to work. Spotted by Angel Gonzalez
|
|
regress errors for the sandbox to warnings. ok tim dtucker
|
|
MAC tests for platforms that hack EVP_SHA2 support
|
|
[regress/cipher-speed.sh regress/try-ciphers.sh]
add SHA256/SHA512 based HMAC modes
|
|
[connect-privsep.sh]
test with sandbox enabled; ok djm@
|
|
[regress/cfgmatch.sh]
use OBJ to find test configs, patch from Tim Rice
|
|
|
|
[regress/dynamic-forward.sh]
Retry establishing the port forwarding after a small delay, should make
the tests less flaky when the previous test is slow to shut down and free
up the port.
|
|
[regress/dynamic-forward.sh]
work around startup and teardown races; caught by deraadt
|
|
[regress/dynamic-forward.sh]
back out revs 1.6 and 1.5 since it's not reliable
|
|
[regress/cfgmatch.sh]
include testing of multiple/overridden AuthorizedKeysFiles
refactor to simply daemon start/stop and get rid of racy constructs
|
|
[dynamic-forward.sh]
fix dumb error in dynamic-forward test
|
|
[dynamic-forward.sh]
Prevent races in dynamic forwarding test; ok djm
|
|
[cert-hostkey.sh]
another attempt to generate a v00 ECDSA key that broke the test
ID sync only - portable already had this somehow
|
|
[regress/cert-userkey.sh]
fatal() if asked to generate a legacy ECDSA cert (these don't exist)
and fix the regress test that was trying to generate them :)
|
|
[entropy.c ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c]
[ssh-keysign.c ssh-pkcs11-helper.c ssh-rand-helper.8 ssh-rand-helper.c]
[ssh.c ssh_prng_cmds.in sshd.c contrib/aix/buildbff.sh]
[regress/README.regress] Remove ssh-rand-helper and all its
tentacles. PRNGd seeding has been rolled into entropy.c directly.
Thanks to tim@ for testing on affected platforms.
|
|
|
|
[regress/sftp-glob.sh regress/test-exec.sh] Rework how feature tests are
disabled on platforms that do not support them; add a "config_defined()"
shell function that greps for defines in config.h and use them to decide
on feature tests.
Convert a couple of existing grep's over config.h to use the new function
Add a define "FILESYSTEM_NO_BACKSLASH" for filesystem that can't represent
backslash characters in filenames, enable it for Cygwin and use it to turn
of tests for quotes backslashes in sftp-glob.sh.
based on discussion with vinschen AT redhat.com and dtucker@; ok dtucker@
|
|
ssh-add to avoid $SUDO failures on Linux
|
|
its unique snowflake of a gdb error to the ones we look for.
|
