diff --git a/ChangeLog b/ChangeLog index bed73463a..2e7f92c94 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,9 @@ +20101105 + - OpenBSD CVS Sync + - djm@cvs.openbsd.org 2010/09/22 12:26:05 + [regress/Makefile regress/kextype.sh] + regress test for each of the key exchange algorithms that we support + 20101025 - (tim) [openbsd-compat/glob.h] Remove sys/cdefs.h include that came with 1.12 to unbreak Solaris build. diff --git a/regress/Makefile b/regress/Makefile index 9762ab204..f51307f02 100644 --- a/regress/Makefile +++ b/regress/Makefile @@ -1,6 +1,6 @@ -# $OpenBSD: Makefile,v 1.54 2010/06/27 19:19:56 phessler Exp $ +# $OpenBSD: Makefile,v 1.55 2010/08/31 12:24:25 djm Exp $ -REGRESS_TARGETS= t1 t2 t3 t4 t5 t6 t7 t-exec +REGRESS_TARGETS= t1 t2 t3 t4 t5 t6 t7 t8 t9 t-exec tests: $(REGRESS_TARGETS) # Interop tests are not run by default @@ -61,6 +61,7 @@ INTEROP_TESTS= putty-transfer putty-ciphers putty-kex conch-ciphers USER!= id -un CLEANFILES= t2.out t6.out1 t6.out2 t7.out t7.out.pub copy.1 copy.2 \ + t8.out t8.out.pub t9.out t9.out.pub \ authorized_keys_${USER} known_hosts pidfile \ ssh_config sshd_config.orig ssh_proxy sshd_config sshd_proxy \ rsa.pub rsa rsa1.pub rsa1 host.rsa host.rsa1 \ diff --git a/regress/kextype.sh b/regress/kextype.sh new file mode 100644 index 000000000..ba6fd9509 --- /dev/null +++ b/regress/kextype.sh @@ -0,0 +1,26 @@ +# $OpenBSD: kextype.sh,v 1.1 2010/09/22 12:26:05 djm Exp $ +# Placed in the Public Domain. + +tid="login with different key exchange algorithms" + +TIME=/usr/bin/time +cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak +cp $OBJ/ssh_proxy $OBJ/ssh_proxy_bak + +kextypes="ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521" +kextypes="$kextypes diffie-hellman-group-exchange-sha256" +kextypes="$kextypes diffie-hellman-group-exchange-sha1" +kextypes="$kextypes diffie-hellman-group14-sha1" +kextypes="$kextypes diffie-hellman-group1-sha1" + +tries="1 2 3 4" +for k in $kextypes; do + verbose "kex $k" + for i in $tries; do + ${SSH} -F $OBJ/ssh_proxy -o KexAlgorithms=$k x true + if [ $? -ne 0 ]; then + fail "ssh kex $k" + fi + done +done +