upstream: regress test for KnownHostsCommand
OpenBSD-Regress-ID: ffc77464320b6dabdcfa0a72e0df02659233a38a
This commit is contained in:
parent
0121aa87ba
commit
2873f19570
|
@ -1,4 +1,4 @@
|
||||||
# $OpenBSD: Makefile,v 1.109 2020/06/19 05:07:09 dtucker Exp $
|
# $OpenBSD: Makefile,v 1.110 2020/12/22 06:03:36 djm Exp $
|
||||||
|
|
||||||
tests: prep file-tests t-exec unit
|
tests: prep file-tests t-exec unit
|
||||||
|
|
||||||
|
@ -93,7 +93,8 @@ LTESTS= connect \
|
||||||
allow-deny-users \
|
allow-deny-users \
|
||||||
authinfo \
|
authinfo \
|
||||||
sshsig \
|
sshsig \
|
||||||
keygen-comment
|
keygen-comment \
|
||||||
|
knownhosts-command
|
||||||
|
|
||||||
|
|
||||||
INTEROP_TESTS= putty-transfer putty-ciphers putty-kex conch-ciphers
|
INTEROP_TESTS= putty-transfer putty-ciphers putty-kex conch-ciphers
|
||||||
|
@ -122,9 +123,9 @@ CLEANFILES= *.core actual agent-key.* authorized_keys_${USERNAME} \
|
||||||
rsa_ssh2_crnl.prv scp-ssh-wrapper.exe \
|
rsa_ssh2_crnl.prv scp-ssh-wrapper.exe \
|
||||||
scp-ssh-wrapper.scp setuid-allowed sftp-server.log \
|
scp-ssh-wrapper.scp setuid-allowed sftp-server.log \
|
||||||
sftp-server.sh sftp.log ssh-log-wrapper.sh ssh.log \
|
sftp-server.sh sftp.log ssh-log-wrapper.sh ssh.log \
|
||||||
ssh-rsa_oldfmt \
|
ssh-rsa_oldfmt knownhosts_command \
|
||||||
ssh_config ssh_config.* ssh_proxy ssh_proxy_bak \
|
ssh_config ssh_config.* ssh_proxy ssh_proxy_bak \
|
||||||
ssh_proxy_envpass sshd.log sshd_config sshd_config_minimal \
|
ssh_proxy_* sshd.log sshd_config sshd_config.* \
|
||||||
sshd_config.* sshd_proxy sshd_proxy.* sshd_proxy_bak \
|
sshd_config.* sshd_proxy sshd_proxy.* sshd_proxy_bak \
|
||||||
sshd_proxy_orig t10.out t10.out.pub t12.out t12.out.pub \
|
sshd_proxy_orig t10.out t10.out.pub t12.out t12.out.pub \
|
||||||
t2.out t3.out t6.out1 t6.out2 t7.out t7.out.pub \
|
t2.out t3.out t6.out1 t6.out2 t7.out t7.out.pub \
|
||||||
|
|
|
@ -0,0 +1,53 @@
|
||||||
|
# $OpenBSD: knownhosts-command.sh,v 1.1 2020/12/22 06:03:36 djm Exp $
|
||||||
|
# Placed in the Public Domain.
|
||||||
|
|
||||||
|
tid="known hosts command "
|
||||||
|
|
||||||
|
rm -f $OBJ/knownhosts_command $OBJ/ssh_proxy_khc
|
||||||
|
cp $OBJ/ssh_proxy $OBJ/ssh_proxy_orig
|
||||||
|
|
||||||
|
( grep -vi GlobalKnownHostsFile $OBJ/ssh_proxy_orig | \
|
||||||
|
grep -vi UserKnownHostsFile;
|
||||||
|
echo "GlobalKnownHostsFile none" ;
|
||||||
|
echo "UserKnownHostsFile none" ;
|
||||||
|
echo "KnownHostsCommand $OBJ/knownhosts_command '%t' '%K' '%u'" ;
|
||||||
|
) > $OBJ/ssh_proxy
|
||||||
|
|
||||||
|
verbose "simple connection"
|
||||||
|
cat > $OBJ/knownhosts_command << _EOF
|
||||||
|
#!/bin/sh
|
||||||
|
cat $OBJ/known_hosts
|
||||||
|
_EOF
|
||||||
|
chmod a+x $OBJ/knownhosts_command
|
||||||
|
${SSH} -F $OBJ/ssh_proxy x true || fail "ssh connect failed"
|
||||||
|
|
||||||
|
verbose "no keys"
|
||||||
|
cat > $OBJ/knownhosts_command << _EOF
|
||||||
|
#!/bin/sh
|
||||||
|
exit 0
|
||||||
|
_EOF
|
||||||
|
chmod a+x $OBJ/knownhosts_command
|
||||||
|
${SSH} -F $OBJ/ssh_proxy x true && fail "ssh connect succeeded with no keys"
|
||||||
|
|
||||||
|
verbose "bad exit status"
|
||||||
|
cat > $OBJ/knownhosts_command << _EOF
|
||||||
|
#!/bin/sh
|
||||||
|
cat $OBJ/known_hosts
|
||||||
|
exit 1
|
||||||
|
_EOF
|
||||||
|
chmod a+x $OBJ/knownhosts_command
|
||||||
|
${SSH} -F $OBJ/ssh_proxy x true && fail "ssh connect succeeded with bad exit"
|
||||||
|
|
||||||
|
for keytype in ${SSH_HOSTKEY_TYPES} ; do
|
||||||
|
test "x$keytype" = "xssh-dss" && continue
|
||||||
|
verbose "keytype $keytype"
|
||||||
|
cat > $OBJ/knownhosts_command << _EOF
|
||||||
|
#!/bin/sh
|
||||||
|
die() { echo "\$@" 1>&2 ; exit 1; }
|
||||||
|
test "x\$1" = "x$keytype" || die "wrong keytype \$1"
|
||||||
|
test "x\$3" = "x$LOGNAME" || die "wrong username \$3"
|
||||||
|
grep -- "\$1.*\$2" $OBJ/known_hosts
|
||||||
|
_EOF
|
||||||
|
${SSH} -F $OBJ/ssh_proxy -oHostKeyAlgorithms=$keytype x true ||
|
||||||
|
fail "ssh connect failed for keytype $x"
|
||||||
|
done
|
Loading…
Reference in New Issue