diff options
Diffstat (limited to 'crypto/openssh/regress')
| -rw-r--r-- | crypto/openssh/regress/Makefile | 3 | ||||
| -rw-r--r-- | crypto/openssh/regress/agent-ptrace.sh | 2 | ||||
| -rw-r--r-- | crypto/openssh/regress/agent.sh | 2 | ||||
| -rwxr-xr-x | crypto/openssh/regress/cert-hostkey.sh | 2 | ||||
| -rwxr-xr-x | crypto/openssh/regress/dhgex.sh | 54 | ||||
| -rwxr-xr-x | crypto/openssh/regress/host-expand.sh | 1 | ||||
| -rw-r--r-- | crypto/openssh/regress/login-timeout.sh | 4 | ||||
| -rw-r--r-- | crypto/openssh/regress/scp-ssh-wrapper.sh | 2 | ||||
| -rw-r--r-- | crypto/openssh/regress/scp.sh | 2 | ||||
| -rw-r--r-- | crypto/openssh/regress/setuid-allowed.c | 1 | ||||
| -rwxr-xr-x | crypto/openssh/regress/sftp-chroot.sh | 5 |
11 files changed, 69 insertions, 9 deletions
diff --git a/crypto/openssh/regress/Makefile b/crypto/openssh/regress/Makefile index 0c66b17..6e3b8d6 100644 --- a/crypto/openssh/regress/Makefile +++ b/crypto/openssh/regress/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.67 2013/12/06 13:52:46 markus Exp $ +# $OpenBSD: Makefile,v 1.68 2014/01/25 04:35:32 dtucker Exp $ REGRESS_TARGETS= t1 t2 t3 t4 t5 t6 t7 t8 t9 t10 t-exec tests: $(REGRESS_TARGETS) @@ -65,6 +65,7 @@ LTESTS= connect \ forward-control \ integrity \ krl +# dhgex \ INTEROP_TESTS= putty-transfer putty-ciphers putty-kex conch-ciphers #INTEROP_TESTS+=ssh-com ssh-com-client ssh-com-keygen ssh-com-sftp diff --git a/crypto/openssh/regress/agent-ptrace.sh b/crypto/openssh/regress/agent-ptrace.sh index ae15064..1912ca8 100644 --- a/crypto/openssh/regress/agent-ptrace.sh +++ b/crypto/openssh/regress/agent-ptrace.sh @@ -1,4 +1,4 @@ -# $OpenBSD: agent-ptrace.sh,v 1.1 2002/12/09 15:38:30 markus Exp $ +# $OpenBSD: agent-ptrace.sh,v 1.2 2014/02/27 21:21:25 djm Exp $ # Placed in the Public Domain. tid="disallow agent ptrace attach" diff --git a/crypto/openssh/regress/agent.sh b/crypto/openssh/regress/agent.sh index cf1a45f..caad3c8 100644 --- a/crypto/openssh/regress/agent.sh +++ b/crypto/openssh/regress/agent.sh @@ -1,4 +1,4 @@ -# $OpenBSD: agent.sh,v 1.9 2013/12/06 13:52:46 markus Exp $ +# $OpenBSD: agent.sh,v 1.10 2014/02/27 21:21:25 djm Exp $ # Placed in the Public Domain. tid="simple agent test" diff --git a/crypto/openssh/regress/cert-hostkey.sh b/crypto/openssh/regress/cert-hostkey.sh index a1318cd..1d9e0ed 100755 --- a/crypto/openssh/regress/cert-hostkey.sh +++ b/crypto/openssh/regress/cert-hostkey.sh @@ -1,4 +1,4 @@ -# $OpenBSD: cert-hostkey.sh,v 1.8 2013/12/06 13:52:46 markus Exp $ +# $OpenBSD: cert-hostkey.sh,v 1.9 2014/01/26 10:22:10 djm Exp $ # Placed in the Public Domain. tid="certified host keys" diff --git a/crypto/openssh/regress/dhgex.sh b/crypto/openssh/regress/dhgex.sh new file mode 100755 index 0000000..4c1a3d8 --- /dev/null +++ b/crypto/openssh/regress/dhgex.sh @@ -0,0 +1,54 @@ +# $OpenBSD: dhgex.sh,v 1.1 2014/01/25 04:35:32 dtucker Exp $ +# Placed in the Public Domain. + +tid="dhgex" + +LOG=${TEST_SSH_LOGFILE} +rm -f ${LOG} + +kexs=`${SSH} -Q kex | grep diffie-hellman-group-exchange` + +ssh_test_dhgex() +{ + bits="$1"; shift + cipher="$1"; shift + kex="$1"; shift + + rm -f ${LOG} + opts="-oKexAlgorithms=$kex -oCiphers=$cipher" + groupsz="1024<$bits<8192" + verbose "$tid bits $bits $kex $cipher" + ${SSH} ${opts} $@ -vvv -F ${OBJ}/ssh_proxy somehost true + if [ $? -ne 0 ]; then + fail "ssh failed ($@)" + fi + # check what we request + grep "SSH2_MSG_KEX_DH_GEX_REQUEST($groupsz) sent" ${LOG} >/dev/null + if [ $? != 0 ]; then + got=`egrep "SSH2_MSG_KEX_DH_GEX_REQUEST(.*) sent" ${LOG}` + fail "$tid unexpected GEX sizes, expected $groupsz, got $got" + fi + # check what we got (depends on contents of system moduli file) + gotbits="`awk '/bits set:/{print $4}' ${LOG} | head -1 | cut -f2 -d/`" + if [ "$gotbits" -lt "$bits" ]; then + fatal "$tid expected $bits bit group, got $gotbits" + fi +} + +check() +{ + bits="$1"; shift + + for c in $@; do + for k in $kexs; do + ssh_test_dhgex $bits $c $k + done + done +} + +#check 2048 3des-cbc +check 3072 `${SSH} -Q cipher | grep 128` +check 3072 arcfour blowfish-cbc +check 7680 `${SSH} -Q cipher | grep 192` +check 8192 `${SSH} -Q cipher | grep 256` +check 8192 rijndael-cbc@lysator.liu.se chacha20-poly1305@openssh.com diff --git a/crypto/openssh/regress/host-expand.sh b/crypto/openssh/regress/host-expand.sh index a018836..6cc0e60 100755 --- a/crypto/openssh/regress/host-expand.sh +++ b/crypto/openssh/regress/host-expand.sh @@ -1,3 +1,4 @@ +# $OpenBSD: host-expand.sh,v 1.3 2014/02/27 23:17:41 djm Exp $ # Placed in the Public Domain. tid="expand %h and %n" diff --git a/crypto/openssh/regress/login-timeout.sh b/crypto/openssh/regress/login-timeout.sh index d73923b..d9b48f3 100644 --- a/crypto/openssh/regress/login-timeout.sh +++ b/crypto/openssh/regress/login-timeout.sh @@ -1,9 +1,11 @@ -# $OpenBSD: login-timeout.sh,v 1.5 2013/05/17 10:23:52 dtucker Exp $ +# $OpenBSD: login-timeout.sh,v 1.6 2014/02/27 20:04:16 djm Exp $ # Placed in the Public Domain. tid="connect after login grace timeout" trace "test login grace with privsep" +cp $OBJ/sshd_config $OBJ/sshd_config.orig +grep -vi LoginGraceTime $OBJ/sshd_config.orig > $OBJ/sshd_config echo "LoginGraceTime 10s" >> $OBJ/sshd_config echo "MaxStartups 1" >> $OBJ/sshd_config start_sshd diff --git a/crypto/openssh/regress/scp-ssh-wrapper.sh b/crypto/openssh/regress/scp-ssh-wrapper.sh index c63bc2b..59f1ff6 100644 --- a/crypto/openssh/regress/scp-ssh-wrapper.sh +++ b/crypto/openssh/regress/scp-ssh-wrapper.sh @@ -1,5 +1,5 @@ #!/bin/sh -# $OpenBSD: scp-ssh-wrapper.sh,v 1.2 2005/12/14 04:36:39 dtucker Exp $ +# $OpenBSD: scp-ssh-wrapper.sh,v 1.3 2014/01/26 10:49:17 djm Exp $ # Placed in the Public Domain. printname () { diff --git a/crypto/openssh/regress/scp.sh b/crypto/openssh/regress/scp.sh index c2da2a8..57cc770 100644 --- a/crypto/openssh/regress/scp.sh +++ b/crypto/openssh/regress/scp.sh @@ -1,4 +1,4 @@ -# $OpenBSD: scp.sh,v 1.9 2013/05/17 10:35:43 dtucker Exp $ +# $OpenBSD: scp.sh,v 1.10 2014/01/26 10:49:17 djm Exp $ # Placed in the Public Domain. tid="scp" diff --git a/crypto/openssh/regress/setuid-allowed.c b/crypto/openssh/regress/setuid-allowed.c index 37b7dc8..676d266 100644 --- a/crypto/openssh/regress/setuid-allowed.c +++ b/crypto/openssh/regress/setuid-allowed.c @@ -23,6 +23,7 @@ # include <sys/statvfs.h> #endif #include <stdio.h> +#include <string.h> #include <errno.h> void diff --git a/crypto/openssh/regress/sftp-chroot.sh b/crypto/openssh/regress/sftp-chroot.sh index 03b9bc6..23f7456 100755 --- a/crypto/openssh/regress/sftp-chroot.sh +++ b/crypto/openssh/regress/sftp-chroot.sh @@ -1,4 +1,4 @@ -# $OpenBSD: sftp-chroot.sh,v 1.2 2013/05/17 04:29:14 dtucker Exp $ +# $OpenBSD: sftp-chroot.sh,v 1.4 2014/01/20 00:00:30 dtucker Exp $ # Placed in the Public Domain. tid="sftp in chroot" @@ -18,7 +18,8 @@ $SUDO sh -c "echo mekmitastdigoat > $PRIVDATA" || \ start_sshd -oChrootDirectory=$CHROOT -oForceCommand="internal-sftp -d /" verbose "test $tid: get" -${SFTP} -qS "$SSH" -F $OBJ/ssh_config host:/${FILENAME} $COPY || \ +${SFTP} -S "$SSH" -F $OBJ/ssh_config host:/${FILENAME} $COPY \ + >>$TEST_REGRESS_LOGFILE 2>&1 || \ fatal "Fetch ${FILENAME} failed" cmp $PRIVDATA $COPY || fail "$PRIVDATA $COPY differ" |
