upstream: UsePrivilegeSeparation no is deprecated
test "yes" and "sandbox". OpenBSD-Regress-ID: 80e685ed8990766527dc629b1affc09a75bfe2da
This commit is contained in:
parent
35d0e5fefc
commit
f72d0f52ef
|
@ -1,4 +1,4 @@
|
||||||
# $OpenBSD: cert-hostkey.sh,v 1.16 2018/07/03 11:43:49 djm Exp $
|
# $OpenBSD: cert-hostkey.sh,v 1.17 2018/10/31 11:09:27 dtucker Exp $
|
||||||
# Placed in the Public Domain.
|
# Placed in the Public Domain.
|
||||||
|
|
||||||
tid="certified host keys"
|
tid="certified host keys"
|
||||||
|
@ -127,7 +127,7 @@ attempt_connect() {
|
||||||
}
|
}
|
||||||
|
|
||||||
# Basic connect and revocation tests.
|
# Basic connect and revocation tests.
|
||||||
for privsep in yes no ; do
|
for privsep in yes sandbox ; do
|
||||||
for ktype in $PLAIN_TYPES ; do
|
for ktype in $PLAIN_TYPES ; do
|
||||||
verbose "$tid: host ${ktype} cert connect privsep $privsep"
|
verbose "$tid: host ${ktype} cert connect privsep $privsep"
|
||||||
(
|
(
|
||||||
|
@ -165,7 +165,7 @@ for ktype in $PLAIN_TYPES ; do
|
||||||
kh_revoke cert_host_key_${ktype}.pub >> $OBJ/known_hosts-cert.orig
|
kh_revoke cert_host_key_${ktype}.pub >> $OBJ/known_hosts-cert.orig
|
||||||
done
|
done
|
||||||
cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert
|
cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert
|
||||||
for privsep in yes no ; do
|
for privsep in yes sandbox ; do
|
||||||
for ktype in $PLAIN_TYPES ; do
|
for ktype in $PLAIN_TYPES ; do
|
||||||
verbose "$tid: host ${ktype} revoked cert privsep $privsep"
|
verbose "$tid: host ${ktype} revoked cert privsep $privsep"
|
||||||
(
|
(
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
# $OpenBSD: cert-userkey.sh,v 1.19 2018/03/12 00:54:04 djm Exp $
|
# $OpenBSD: cert-userkey.sh,v 1.20 2018/10/31 11:09:27 dtucker Exp $
|
||||||
# Placed in the Public Domain.
|
# Placed in the Public Domain.
|
||||||
|
|
||||||
tid="certified user keys"
|
tid="certified user keys"
|
||||||
|
@ -47,7 +47,7 @@ done
|
||||||
# Test explicitly-specified principals
|
# Test explicitly-specified principals
|
||||||
for ktype in $EXTRA_TYPES $PLAIN_TYPES ; do
|
for ktype in $EXTRA_TYPES $PLAIN_TYPES ; do
|
||||||
t=$(kname $ktype)
|
t=$(kname $ktype)
|
||||||
for privsep in yes no ; do
|
for privsep in yes sandbox ; do
|
||||||
_prefix="${ktype} privsep $privsep"
|
_prefix="${ktype} privsep $privsep"
|
||||||
|
|
||||||
# Setup for AuthorizedPrincipalsFile
|
# Setup for AuthorizedPrincipalsFile
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
# $OpenBSD: multipubkey.sh,v 1.1 2014/12/22 08:06:03 djm Exp $
|
# $OpenBSD: multipubkey.sh,v 1.2 2018/10/31 11:09:27 dtucker Exp $
|
||||||
# Placed in the Public Domain.
|
# Placed in the Public Domain.
|
||||||
|
|
||||||
tid="multiple pubkey"
|
tid="multiple pubkey"
|
||||||
|
@ -31,7 +31,7 @@ grep -v IdentityFile $OBJ/ssh_proxy.orig > $OBJ/ssh_proxy
|
||||||
opts="-oProtocol=2 -F $OBJ/ssh_proxy -oIdentitiesOnly=yes"
|
opts="-oProtocol=2 -F $OBJ/ssh_proxy -oIdentitiesOnly=yes"
|
||||||
opts="$opts -i $OBJ/cert_user_key1 -i $OBJ/user_key1 -i $OBJ/user_key2"
|
opts="$opts -i $OBJ/cert_user_key1 -i $OBJ/user_key1 -i $OBJ/user_key2"
|
||||||
|
|
||||||
for privsep in no yes; do
|
for privsep in yes sandbox ; do
|
||||||
(
|
(
|
||||||
grep -v "Protocol" $OBJ/sshd_proxy.orig
|
grep -v "Protocol" $OBJ/sshd_proxy.orig
|
||||||
echo "Protocol 2"
|
echo "Protocol 2"
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
# $OpenBSD: principals-command.sh,v 1.4 2017/04/30 23:34:55 djm Exp $
|
# $OpenBSD: principals-command.sh,v 1.5 2018/10/31 11:09:27 dtucker Exp $
|
||||||
# Placed in the Public Domain.
|
# Placed in the Public Domain.
|
||||||
|
|
||||||
tid="authorized principals command"
|
tid="authorized principals command"
|
||||||
|
@ -57,7 +57,7 @@ fi
|
||||||
|
|
||||||
if [ -x $PRINCIPALS_COMMAND ]; then
|
if [ -x $PRINCIPALS_COMMAND ]; then
|
||||||
# Test explicitly-specified principals
|
# Test explicitly-specified principals
|
||||||
for privsep in yes no ; do
|
for privsep in yes sandbox ; do
|
||||||
_prefix="privsep $privsep"
|
_prefix="privsep $privsep"
|
||||||
|
|
||||||
# Setup for AuthorizedPrincipalsCommand
|
# Setup for AuthorizedPrincipalsCommand
|
||||||
|
|
Loading…
Reference in New Issue