blob: ff5be43d830f55bcbf1806e0868030fa7560bd8c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
|
From 38966b4afedee3bb57d3b1b0a7df4ff438fb9fd0 Mon Sep 17 00:00:00 2001
From: Colin Watson <cjwatson@debian.org>
Date: Thu, 30 Aug 2018 00:58:56 +0100
Subject: Work around conch interoperability failure
Twisted Conch fails to read private keys in the new format
(https://twistedmatrix.com/trac/ticket/9515). Work around this until it
can be fixed in Twisted.
Forwarded: not-needed
Last-Update: 2018-08-30
Patch-Name: conch-old-privkey-format.patch
---
regress/Makefile | 5 +++--
regress/conch-ciphers.sh | 2 +-
regress/test-exec.sh | 12 ++++++++++++
3 files changed, 16 insertions(+), 3 deletions(-)
diff --git a/regress/Makefile b/regress/Makefile
index 647b4a049..6e462a4f6 100644
--- a/regress/Makefile
+++ b/regress/Makefile
@@ -110,8 +110,9 @@ CLEANFILES= *.core actual agent-key.* authorized_keys_${USERNAME} \
modpipe netcat no_identity_config \
pidfile putty.rsa2 ready regress.log \
remote_pid revoked-* rsa rsa-agent rsa-agent.pub rsa.pub \
- rsa1 rsa1-agent rsa1-agent.pub rsa1.pub rsa_ssh2_cr.prv \
- rsa_ssh2_crnl.prv scp-ssh-wrapper.exe \
+ rsa1 rsa1-agent rsa1-agent.pub rsa1.pub \
+ rsa_oldfmt rsa_oldfmt.pub \
+ rsa_ssh2_cr.prv rsa_ssh2_crnl.prv scp-ssh-wrapper.exe \
scp-ssh-wrapper.scp setuid-allowed sftp-server.log \
sftp-server.sh sftp.log ssh-log-wrapper.sh ssh.log \
ssh_config ssh_config.* ssh_proxy ssh_proxy_bak \
diff --git a/regress/conch-ciphers.sh b/regress/conch-ciphers.sh
index 199d863a0..c7df19fd4 100644
--- a/regress/conch-ciphers.sh
+++ b/regress/conch-ciphers.sh
@@ -16,7 +16,7 @@ for c in aes256-ctr aes256-cbc aes192-ctr aes192-cbc aes128-ctr aes128-cbc \
rm -f ${COPY}
# XXX the 2nd "cat" seems to be needed because of buggy FD handling
# in conch
- ${CONCH} --identity $OBJ/rsa --port $PORT --user $USER -e none \
+ ${CONCH} --identity $OBJ/rsa_oldfmt --port $PORT --user $USER -e none \
--known-hosts $OBJ/known_hosts --notty --noagent --nox11 -n \
127.0.0.1 "cat ${DATA}" 2>/dev/null | cat > ${COPY}
if [ $? -ne 0 ]; then
diff --git a/regress/test-exec.sh b/regress/test-exec.sh
index 40d46e3cd..1bbd47f25 100644
--- a/regress/test-exec.sh
+++ b/regress/test-exec.sh
@@ -504,6 +504,18 @@ REGRESS_INTEROP_CONCH=no
if test -x "$CONCH" ; then
REGRESS_INTEROP_CONCH=yes
fi
+case "$SCRIPT" in
+*conch*) ;;
+*) REGRESS_INTEROP_CONCH=no
+esac
+
+if test "$REGRESS_INTEROP_CONCH" = "yes" ; then
+ # Convert rsa key to old format to work around
+ # https://twistedmatrix.com/trac/ticket/9515
+ cp $OBJ/rsa $OBJ/rsa_oldfmt
+ cp $OBJ/rsa.pub $OBJ/rsa_oldfmt.pub
+ ${SSHKEYGEN} -p -N '' -m PEM -f $OBJ/rsa_oldfmt >/dev/null
+fi
# If PuTTY is present and we are running a PuTTY test, prepare keys and
# configuration
|