summaryrefslogtreecommitdiff
path: root/regress
AgeCommit message (Collapse)Author
2015-01-20upstream commitdjm@openbsd.org
this test was broken in at least two ways, such that it wasn't checking that a KRL was not excluding valid keys
2015-01-20upstream commitdjm@openbsd.org
be a bit more careful in these tests to ensure that known_hosts is clean
2015-01-20upstream commitdjm@openbsd.org
regression test for known_host file editing using ssh-keygen (-H / -R / -F) after hostkeys_foreach() change; feedback and ok markus@
2015-01-20upstream commitdjm@openbsd.org
more and better key tests test signatures and verification test certificate generation flesh out nested cert test removes most of the XXX todo markers
2015-01-20upstream commitdjm@openbsd.org
make the signature fuzzing test much more rigorous: ensure that the fuzzed input cases do not match the original (using new fuzz_matches_original() function) and check that the verification fails in each case
2015-01-20upstream commitdjm@openbsd.org
add a fuzz_matches_original() function to the fuzzer to detect fuzz cases that are identical to the original data. Hacky implementation, but very useful when you need the fuzz to be different, e.g. when verifying signature
2015-01-20upstream commitdjm@openbsd.org
better dumps from the fuzzer (shown on errors) - include the original data as well as the fuzzed copy.
2015-01-20upstream commitdjm@openbsd.org
enable hostkey-agent.sh test
2015-01-20upstream commitdjm@openbsd.org
unit test for hostkeys in ssh-agent
2015-01-20upstream commitmarkus@openbsd.org
add kex unit tests
2015-01-15make bitmap test compileDamien Miller
2015-01-15upstream commitdjm@openbsd.org
unit tests for KRL bitmap
2015-01-15upstream commitmarkus@openbsd.org
re-add comment about full path
2015-01-15upstream commitmarkus@openbsd.org
don't reset to the installed sshd; connect before reconfigure, too
2015-01-15upstream commitdjm@openbsd.org
implement a SIGINFO handler so we can discern a stuck fuzz test from a merely glacial one; prompted by and ok markus
2015-01-15upstream commitdjm@openbsd.org
use $SSH instead of installed ssh to allow override; spotted by markus@
2015-01-15upstream commitdjm@openbsd.org
regress test for PubkeyAcceptedKeyTypes; ok markus@
2015-01-15upstream commitmarkus@openbsd.org
unbreak parsing of pubkey comments; with gerhard; ok djm/deraadt
2015-01-15upstream commitdjm@openbsd.org
fatal if soft-PKCS11 library is missing rather (rather than continue and fail with a more cryptic error)
2015-01-15upstream commitdjm@openbsd.org
let this test all supporte key types; pointed out/ok markus@
2015-01-15some systems lack SO_REUSEPORTDamien Miller
2015-01-09upstream commitdjm@openbsd.org
adjust for sshkey_load_file() API change
2014-12-23include and use OpenBSD netcat in regress/Damien Miller
2014-12-22upstream commitdjm@openbsd.org
regression test for multiple required pubkey authentication; ok markus@
2014-12-22upstream commitdjm@openbsd.org
make this slightly easier to diff against portable
2014-12-22add missing regress output fileDamien Miller
2014-12-22upstream commitdjm@openbsd.org
adjust for new SHA256 key fingerprints and slightly-different MD5 hex fingerprint format
2014-12-22upstream commitdjm@openbsd.org
poll changes to netcat (usr.bin/netcat.c r1.125) broke this test; fix it by ensuring more stdio fds are sent to devnull
2014-12-05upstream commitdjm@openbsd.org
add tests for new client RevokedHostKeys option; refactor to make it a bit more readable
2014-12-05upstream commitkrw@openbsd.org
Nuke yet more obvious #include duplications. ok deraadt@
2014-11-19upstream commitdjm@openbsd.org
fix KRL generation when multiple CAs are in use We would generate an invalid KRL when revoking certs by serial number for multiple CA keys due to a section being written out twice. Also extend the regress test to catch this case by having it produce a multi-CA KRL. Reported by peter AT pean.org
2014-08-27 - (djm) [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c]Damien Miller
[regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c] [regress/unittests/sshkey/common.c] [regress/unittests/sshkey/test_file.c] [regress/unittests/sshkey/test_fuzz.c] [regress/unittests/sshkey/test_sshkey.c] Don't include openssl/ec.h on !ECC OpenSSL systems
2014-08-21 - (djm) [regress/unittests/test_helper/test_helper.c] Fix for systems thatDamien Miller
don't set __progname. Diagnosed by Tom Christensen.
2014-08-01 - (djm) [regress/multiplex.sh] Use -d (detach stdin) flag to disassociateDamien Miller
nc from stdin, it's more portable
2014-08-01 - (djm) [regress/multiplex.sh] Instruct nc not to quit as soon as stdinDamien Miller
is closed; avoid regress failures when stdin is /dev/null
2014-08-01 - (djm) [regress/multiplex.sh] Skip test for non-OpenBSD netcat. We needDamien Miller
a better solution, but this will have to do for now.
2014-07-25 - (djm) [regress/multiplex.sh] restore incorrectly deleted line;Damien Miller
pointed out by Christian Hesse
2014-07-23 - dtucker@cvs.openbsd.org 2014/07/22 23:35:38Darren Tucker
[regress/unittests/sshkey/testdata/*] Regenerate test keys with certs signed with ed25519 instead of ecdsa. These can be used in -portable on platforms that don't support ECDSA.
2014-07-23 - dtucker@cvs.openbsd.org 2014/07/22 23:57:40Darren Tucker
[regress/unittests/sshkey/mktestdata.sh] Add $OpenBSD tag to make syncs easier
2014-07-23 - dtucker@cvs.openbsd.org 2014/07/22 23:23:22Darren Tucker
[regress/unittests/sshkey/mktestdata.sh] Sign test certs with ed25519 instead of ecdsa so that they'll work in -portable on platforms that don't have ECDSA in their OpenSSL. ok djm
2014-07-23 - djm@cvs.openbsd.org 2014/07/22 01:32:12Darren Tucker
[regress/multiplex.sh] change the test for still-open Unix domain sockets to be robust against nc implementations that produce error messages. from -portable (Id sync only)
2014-07-23 - (dtucker) [regress/unittests/sshkey/test_{file,fuzz,sshkey}.c] Wrap ecdsa-Darren Tucker
specific tests inside OPENSSL_HAS_ECC.
2014-07-22 - (djm) [regress/multiplex.sh] change the test for still-open UnixDamien Miller
domain sockets to be robust against nc implementations that produce error messages.
2014-07-22 - (djm) [regress/multiplex.sh] ssh mux master lost -N somehow;Damien Miller
put it back
2014-07-21 - (djm) [regress/multiplex.sh] Not all netcat accept the -N option.Damien Miller
2014-07-21 - millert@cvs.openbsd.org 2014/07/15 15:54:15Damien Miller
[forwarding.sh multiplex.sh] Add support for Unix domain socket forwarding. A remote TCP port may be forwarded to a local Unix domain socket and vice versa or both ends may be a Unix domain socket. This is a reimplementation of the streamlocal patches by William Ahern from: http://www.25thandclement.com/~william/projects/streamlocal.html OK djm@ markus@
2014-07-21 - (dtucker) [regress/unittests/sshkey/Darren Tucker
{common,test_file,test_fuzz,test_sshkey}.c] Wrap stdint.h includes in ifdefs.
2014-07-09 - djm@cvs.openbsd.org 2014/07/07 08:15:26Damien Miller
[multiplex.sh] remove forced-fatal that I stuck in there to test the new cleanup logic and forgot to remove...
2014-07-09 - djm@cvs.openbsd.org 2014/07/06 07:42:03Damien Miller
[multiplex.sh test-exec.sh] add a hook to the cleanup() function to kill $SSH_PID if it is set use it to kill the mux master started in multiplex.sh (it was being left around on fatal failures)
2014-07-02 - (djm) [regress/Makefile] fix execution of sshkey unit/fuzz testDamien Miller