upstream: Test for empty result in expected bits. Remove CRs from log
as they confuse tools on some platforms. Re-enable the 3des-cbc test. OpenBSD-Regress-ID: edf536d4f29fc1ba412889b37247a47f1b49d250
This commit is contained in:
dtucker@openbsd.org
Darren Tucker
parent
7c817d129e
commit
4d59f7a516
|
|
@ -1,4 +1,4 @@
|
|||
# $OpenBSD: dhgex.sh,v 1.4 2017/05/08 01:52:49 djm Exp $
|
||||
# $OpenBSD: dhgex.sh,v 1.5 2019/09/27 05:25:12 dtucker Exp $
|
||||
# Placed in the Public Domain.
|
||||
|
||||
tid="dhgex"
|
||||
|
|
@ -28,15 +28,19 @@ ssh_test_dhgex()
|
|||
if [ $? -ne 0 ]; then
|
||||
fail "ssh failed ($@)"
|
||||
fi
|
||||
# Remove CRs.
|
||||
sed 's/\r//' ${LOG} >${LOG}.new
|
||||
mv ${LOG}.new ${LOG}
|
||||
# check what we request
|
||||
grep "SSH2_MSG_KEX_DH_GEX_REQUEST($groupsz) sent" ${LOG} >/dev/null
|
||||
if [ $? != 0 ]; then
|
||||
got=`egrep "SSH2_MSG_KEX_DH_GEX_REQUEST(.*) sent" ${LOG}`
|
||||
fail "$tid unexpected GEX sizes, expected $groupsz, got $got"
|
||||
fi
|
||||
# check what we got (depends on contents of system moduli file)
|
||||
# check what we got.
|
||||
gotbits="`awk '/bits set:/{print $4}' ${LOG} | head -1 | cut -f2 -d/`"
|
||||
if [ "$gotbits" -lt "$bits" ]; then
|
||||
trace "expected '$bits' got '$gotbits'"
|
||||
if [ -z "$gotbits" ] || [ "$gotbits" -lt "$bits" ]; then
|
||||
fatal "$tid expected $bits bit group, got $gotbits"
|
||||
fi
|
||||
}
|
||||
|
|
@ -52,7 +56,7 @@ check()
|
|||
done
|
||||
}
|
||||
|
||||
#check 2048 3des-cbc
|
||||
check 3072 3des-cbc # 112 bits.
|
||||
check 3072 `${SSH} -Q cipher | grep 128`
|
||||
check 7680 `${SSH} -Q cipher | grep 192`
|
||||
check 8192 `${SSH} -Q cipher | grep 256`
|
||||
|
|
|
|||
Loading…
Reference in New Issue