upstream: Only use DSA key type in tests if binaries support it.
OpenBSD-Regress-ID: 770e31fe61dc33ed8eea9c04ce839b33ddb4dc96
This commit is contained in:
parent
159e987a54
commit
773c55b3d1
|
@ -1,8 +1,15 @@
|
||||||
# $OpenBSD: sshcfgparse.sh,v 1.4 2018/07/04 13:51:12 djm Exp $
|
# $OpenBSD: sshcfgparse.sh,v 1.5 2019/07/23 13:32:48 dtucker Exp $
|
||||||
# Placed in the Public Domain.
|
# Placed in the Public Domain.
|
||||||
|
|
||||||
tid="ssh config parse"
|
tid="ssh config parse"
|
||||||
|
|
||||||
|
dsa=0
|
||||||
|
for t in $SSH_KEYTYPES; do
|
||||||
|
case "$t" in
|
||||||
|
ssh-dss) dsa=1 ;;
|
||||||
|
esac
|
||||||
|
done
|
||||||
|
|
||||||
expect_result_present() {
|
expect_result_present() {
|
||||||
_str="$1" ; shift
|
_str="$1" ; shift
|
||||||
for _expect in "$@" ; do
|
for _expect in "$@" ; do
|
||||||
|
@ -75,7 +82,8 @@ f=`${SSH} -GF none -opubkeyacceptedkeytypes=-ssh-ed25519 host | \
|
||||||
expect_result_present "$f" "ssh-ed25519-cert-v01.*"
|
expect_result_present "$f" "ssh-ed25519-cert-v01.*"
|
||||||
expect_result_absent "$f" "ssh-ed25519" "ssh-dss"
|
expect_result_absent "$f" "ssh-ed25519" "ssh-dss"
|
||||||
# Append to default set.
|
# Append to default set.
|
||||||
# XXX this will break for !WITH_OPENSSL
|
# This is not tested when built !WITH_OPENSSL
|
||||||
|
if [ "$dsa" = "1" ]; then
|
||||||
f=`${SSH} -GF none -opubkeyacceptedkeytypes=+ssh-dss-cert* host | \
|
f=`${SSH} -GF none -opubkeyacceptedkeytypes=+ssh-dss-cert* host | \
|
||||||
awk '/^pubkeyacceptedkeytypes /{print $2}'`
|
awk '/^pubkeyacceptedkeytypes /{print $2}'`
|
||||||
expect_result_present "$f" "ssh-ed25519" "ssh-dss-cert-v01.*"
|
expect_result_present "$f" "ssh-ed25519" "ssh-dss-cert-v01.*"
|
||||||
|
@ -84,6 +92,7 @@ f=`${SSH} -GF none -opubkeyacceptedkeytypes=+ssh-dss host | \
|
||||||
awk '/^pubkeyacceptedkeytypes /{print $2}'`
|
awk '/^pubkeyacceptedkeytypes /{print $2}'`
|
||||||
expect_result_present "$f" "ssh-ed25519" "ssh-ed25519-cert-v01.*" "ssh-dss"
|
expect_result_present "$f" "ssh-ed25519" "ssh-ed25519-cert-v01.*" "ssh-dss"
|
||||||
expect_result_absent "$f" "ssh-dss-cert-v01.*"
|
expect_result_absent "$f" "ssh-dss-cert-v01.*"
|
||||||
|
fi
|
||||||
|
|
||||||
# cleanup
|
# cleanup
|
||||||
rm -f $OBJ/ssh_config.[012]
|
rm -f $OBJ/ssh_config.[012]
|
||||||
|
|
Loading…
Reference in New Issue