fccfa239de
VALGRIND_CHECK_LEAKS logic was backwards :(
2018-07-11 10:19:56 +10:00
d20720d373
disable valgrind memleak checking by default
...
Add VALGRIND_CHECK_LEAKS knob to turn it back on.
2018-07-11 09:57:44 +10:00
120a1ec74e
Adapt portable to legacy buffer API removal
2018-07-10 19:39:52 +10:00
314908f451
upstream: deal with API rename: match_filter_list() =>
...
match_filter_blacklist()
OpenBSD-Regress-ID: 2da342be913efeb51806351af906fab01ba4367f
2018-07-04 23:52:50 +10:00
89f54cdf6b
upstream: exercise new expansion behaviour of
...
PubkeyAcceptedKeyTypes and, by proxy, test kex_assemble_names()
ok markus@
OpenBSD-Regress-ID: 292978902e14d5729aa87e492dd166c842f72736
2018-07-04 23:52:50 +10:00
187633f24c
upstream: add a comment that could have saved me 45 minutes of wild
...
goose chasing
OpenBSD-Regress-ID: d469b29ffadd3402c090e21b792d627d46fa5297
2018-07-04 23:52:50 +10:00
303af5803b
upstream: some magic for RSA-SHA2 checks
...
OpenBSD-Regress-ID: e5a9b11368ff6d86e7b25ad10ebe43359b471cd4
2018-07-04 00:07:12 +10:00
1eee79a11c
upstream: One ampersand is enough to backgroud an process. OpenBSD
...
doesn't seem to mind, but some platforms in -portable object to the second.
OpenBSD-Regress-ID: d6c3e404871764343761dc25c3bbe29c2621ff74
2018-07-03 00:45:40 +10:00
80e199d617
upstream: test PermitListen with bare port numbers
...
OpenBSD-Regress-ID: 4b50a02dfb0ccaca08247f3877c444126ba901b3
2018-06-19 13:03:03 +10:00
57379dbd01
upstream: test the correct configuration option name
...
OpenBSD-Regress-ID: 492279ea9f65657f97a970e0e7c7fd0b339fee23
2018-06-08 00:31:38 +10:00
4319f7a868
upstream: permitlisten/PermitListen unit test from Markus
...
OpenBSD-Regress-ID: ab12eb42f0e14926980441cf7c058a6d1d832ea5
2018-06-07 14:48:39 +10:00
392db2bc83
upstream: regress test for PermitOpen
...
OpenBSD-Regress-ID: ce8b5f28fc039f09bb297fc4a92319e65982ddaf
2018-06-07 04:28:25 +10:00
a1dcafc41c
upstream: Adapt to extra default verboisity from ssh-keygen when
...
searching for and hashing known_hosts entries in a single operation
(ssh-keygen -HF ...) Patch from Anton Kremenetsky
OpenBSD-Regress-ID: 519585a4de35c4611285bd6a7272766c229b19dd
2018-06-01 14:24:08 +10:00
76f314c75d
upstream: Add TEST_SSH_FAIL_FATAL variable, to force all failures
...
to instantly abort the test. Useful in capturing clean logs for individual
failure cases.
OpenBSD-Regress-ID: feba18cf338c2328b9601bd4093cabdd9baa3af1
2018-06-01 14:24:08 +10:00
065c8c055d
upstream: Clean up comment.
...
OpenBSD-Regress-ID: 6adb35f384d447e7dcb9f170d4f0d546d3973e10
2018-06-01 14:23:22 +10:00
54268d589e
fix key-options.sh on platforms without openpty(3)
...
Skip the pty tests if the platform lacks openpty(3) and has to chown(2)
the pty device explicitly. This typically requires root permissions that
this test lacks.
bz#2856 ok dtucker@
2018-05-11 14:04:40 +10:00
907da2f885
upstream: more typos spotted by Karsten Weiss using codespell
...
OpenBSD-Regress-ID: d906a2aea0663810a658b7d0bc61a1d2907d4d69
2018-04-10 10:17:56 +10:00
37e5f4a7ab
upstream: make this a bit more portable-friendly
...
OpenBSD-Regress-ID: 62f7b9e055e8dfaab92b3825f158beeb4ca3f963
2018-04-10 10:17:56 +10:00
323f66ce93
upstream: Add test for username options parsing order, prompted by
...
bz#2849.
OpenBSD-Regress-ID: 6985cd32f38596882a3ac172ff8c510693b65283
2018-04-06 14:19:51 +10:00
4b7d8acdbb
Remove authinfo.sh test dependency on printenv
...
Some platforms lack printenv in the default $PATH.
Reported by Tom G. Christensen
2018-03-26 09:38:44 +11:00
393436024d
Replace /dev/stdin with "-".
...
For some reason sftp -b doesn't work with /dev/stdin on Cygwin, as noted
and suggested by vinschen at redhat.com.
2018-03-25 09:40:46 +11:00
b5974de1a1
Provide $OBJ to paths in PuTTY interop tests.
2018-03-23 13:21:14 +11:00
dc31e79454
upstream: Tell puttygen to use /dev/urandom instead of /dev/random. On
...
OpenBSD they are both non-blocking, but on many other -portable platforms it
blocks, stalling tests.
OpenBSD-Regress-ID: 397d0d4c719c353f24d79f5b14775e0cfdf0e1cc
2018-03-23 11:05:39 +11:00
c6cb2565c9
Save $? before case statement.
...
In some shells (FreeBSD 9, ash) the case statement resets $?, so save
for later testing.
2018-03-22 17:00:28 +11:00
4c4e7f783b
upstream: rename recently-added "valid-before" key restriction to
...
"expiry-time" as the former is confusing wrt similar terminology in X.509;
pointed out by jsing@
OpenBSD-Regress-ID: ac8b41dbfd90cffd525d58350c327195b0937793
2018-03-14 18:55:47 +11:00
500396b204
upstream: check valid-before option in authorized_keys
...
OpenBSD-Regress-ID: 7e1e4a84f7f099a290e5a4cbf4196f90ff2d7e11
2018-03-14 18:55:47 +11:00
a76b5d26c2
upstream: explicitly specify RSA/SHA-2 keytype here too
...
OpenBSD-Regress-ID: 74d7b24e8c72c27af6b481198344eb077e993a62
2018-03-14 18:55:47 +11:00
3a43297ce2
upstream: exlicitly include RSA/SHA-2 keytypes in
...
PubkeyAcceptedKeyTypes here
OpenBSD-Regress-ID: 954d19e0032a74e31697fb1dc7e7d3d1b2d65fe9
2018-03-14 18:55:47 +11:00
7e4fadd324
upstream: for the pty control tests, just check that the PTY path
...
points to something in /dev (rather than checking the device node itself);
makes life easier for portable, where systems with dynamic ptys can delete
nodes before we get around to testing their existence.
OpenBSD-Regress-ID: b1e455b821e62572bccd98102f8dd9d09bb94994
2018-03-04 12:47:42 +11:00
de1920d743
upstream: unit tests for new authorized_keys options API
...
OpenBSD-Regress-ID: 820f9ec9c6301f6ca330ad4052d85f0e67d0bdc1
2018-03-03 14:39:25 +11:00
dc3e92df17
upstream: fix testing of pty option, include positive test and
...
testing of restrict keyword
OpenBSD-Regress-ID: 4268f27c2706a0a95e725d9518c5bcbec9814c6d
2018-03-03 14:38:26 +11:00
3d1edd1ebb
upstream: better testing for port-forwarding and restrict flags in
...
authorized_keys
OpenBSD-Regress-ID: ee771df8955f2735df54746872c6228aff381daa
2018-03-03 14:38:26 +11:00
a8dd6fe0aa
space before tab in previous
2018-02-23 14:19:55 +11:00
b5e9263c77
upstream: Replace fatal with exit in the case that we do not have
...
$SUDO set. Prevents test failures when neither sudo nor doas are configured.
OpenBSD-Regress-ID: 6a0464decc4f8ac7d6eded556a032b0fc521bc7b
2018-02-23 14:18:25 +11:00
73282b6118
upstream: unbreak interop test after SSHv1 purge; patch from Colin
...
Watson via bz#2823
OpenBSD-Regress-ID: 807d30a597756ed6612bdf46dfebca74f49cb31a
2018-02-23 14:07:23 +11:00
f8985dde5f
upstream: Skip sftp-chroot test when SUDO not set instead of
...
fatal().
OpenBSD-Regress-ID: cd4b5f1109b0dc09af4e5ea7d4968c43fbcbde88
2018-02-23 14:07:23 +11:00
df88551c02
upstream: Replace fatal with exit in the case that we do not have
...
$SUDO set. Prevents test failures when neither sudo nor doas are configured.
OpenBSD-Regress-ID: 6a0464decc4f8ac7d6eded556a032b0fc521bc7b
2018-02-23 14:05:33 +11:00
3b252c20b1
upstream: some helpers to check verbose/quiet mode
...
OpenBSD-Regress-ID: e736aac39e563f5360a0935080a71d5fdcb976de
2018-02-23 14:05:07 +11:00
affa6ba67f
Remove execute bit from modpipe.c.
2018-02-15 22:33:21 +11:00
265d88d4e6
Remove remaining now-obsolete cvs $Ids.
2018-02-15 20:06:19 +11:00
aee49b2a89
Set SO_REUSEADDR in regression test netcat.
...
Sometimes multiplex tests fail on Solaris with "netcat: local_listen:
Address already in use" which is likely due to previous invocations
leaving the port in TIME_WAIT. Set SO_REUSEADDR (in addition to
SO_REUSEPORT which is alread set on platforms that support it). ok djm@
2018-02-08 12:42:12 +11:00
4f29309c4c
unbreak fuzz harness
2018-01-03 19:50:43 +11:00
f6b50bf84d
upstream commit
...
another libssh casualty
OpenBSD-Regress-ID: 839b970560246de23e7c50215095fb527a5a83ec
2018-01-03 16:46:49 +11:00
5fb4fb5a01
upstream commit
...
missed one (unbreak after ssh/lib removal)
OpenBSD-Regress-ID: cfdd132143131769e2d2455e7892b5d55854c322
2018-01-03 16:46:49 +11:00
e6c4134165
upstream commit
...
unbreak unit tests after removal of src/usr.bin/ssh/lib
OpenBSD-Regress-ID: 3a79760494147b20761cbd2bd5c20e86c63dc8f9
2018-01-03 16:46:49 +11:00
c5a6cbdb79
upstream commit
...
explicitly test all key types and their certificate
counterparts
refactor a little
OpenBSD-Regress-ID: e9ecd5580821b9ef8b7106919c6980d8e45ca8c4
2017-12-19 16:19:18 +11:00
f689adb7a3
upstream commit
...
use cmp in a loop instead of diff -N to compare
directories. The former works on more platforms for Portable.
OpenBSD-Regress-ID: c3aa72807f9c488e8829a26ae50fe5bcc5b57099
2017-12-19 16:19:18 +11:00
f2ad63c071
upstream commit
...
whitespace at EOL
OpenBSD-Regress-ID: f4b5df99b28c6f63478deb916c6ed0e794685f07
2017-10-31 09:08:52 +11:00
c6415b1f8f
upstream commit
...
whitespace at EOL
OpenBSD-Regress-ID: 19b1394393deee4c8a2114a3b7d18189f27a15cd
2017-10-31 09:08:51 +11:00
e4d4ddbbba
upstream commit
...
Use printenv to test whether an SSH_USER_AUTH is set
instead of using $SSH_USER_AUTH. The latter won't work with csh which treats
unknown variables as an error when expanding them. OK markus@
OpenBSD-Regress-ID: f601e878dd8b71aa40381573dde3a8f567e6f2d1
2017-10-31 09:08:51 +11:00
116b1b4394
upstream commit
...
Add tests for URI parsing. OK markus@
OpenBSD-Regress-ID: 5d1df19874f3b916d1a2256a905526e17a98bd3b
2017-10-31 09:08:51 +11:00
d27bff293c
Fix missed RCSID merges
2017-10-20 13:22:00 +11:00
d3b6aeb546
upstream commit
...
more RCSIDs
Upstream-Regress-ID: 1aecbe3f8224793f0ec56741a86d619830eb33be
2017-10-20 13:15:40 +11:00
a66714508b
upstream commit
...
exercise PermitOpen a little more thoroughly
Upstream-Regress-ID: f41592334e227a4c1f9a983044522de4502d5eac
2017-10-05 05:51:46 +11:00
609ecc8e57
upstream commit
...
UsePrivilegeSeparation is gone, stop trying to test it.
Upstream-Regress-ID: 796a5057cfd79456a20ea935cc53f6eb80ace191
2017-10-05 05:51:46 +11:00
6a9481258a
upstream commit
...
test reverse dynamic forwarding with SOCKS
Upstream-Regress-ID: 95cf290470f7e5e2f691e4bc6ba19b91eced2f79
2017-09-26 16:56:15 +10:00
1b9f321605
sync missing changes in dynamic-forward.sh
2017-09-26 16:55:55 +10:00
09eacf856e
upstream commit
...
Print SKIPPED if sudo and doas configuration is missing.
Prevents that running the regression test with wrong environment is reported
as failure. Keep the fatal there to avoid interfering with other setups for
portable ssh. OK dtucker@
Upstream-Regress-ID: f0dc60023caef496ded341ac5aade2a606fa234e
2017-09-18 14:13:02 +10:00
cdede10899
upstream commit
...
Remove obsolete privsep=no fallback test.
Upstream-Regress-ID: 7d6e1baa1678ac6be50c2a1555662eb1047638df
2017-09-18 14:11:42 +10:00
ec218c105d
upstream commit
...
Remove non-privsep test since disabling privsep is now
deprecated.
Upstream-Regress-ID: 77ad3f3d8d52e87f514a80f285c6c1229b108ce8
2017-09-18 14:11:22 +10:00
239c57d5bc
upstream commit
...
Don't call fatal from stop_sshd since it calls cleanup
which calls stop_sshd which will probably fail in the same way. Instead,
just bail. Differentiate between sshd dying without cleanup and not shutting
down.
Upstream-Regress-ID: f97315f538618b349e2b0bea02d6b0c9196c6bc4
2017-09-18 14:11:22 +10:00
ec9d22cc25
Fuzzer harnesses for sig verify and pubkey parsing
...
These are some basic clang libfuzzer harnesses for signature
verification and public key parsing. Some assembly (metaphorical)
required.
2017-09-08 12:44:13 +10:00
c9cdef3552
upstream commit
...
regress test for ExposeAuthInfo
Upstream-Regress-ID: 190e5b6866376f4061c411ab157ca4d4e7ae86fd
2017-06-24 17:29:55 +10:00
1de5e47a85
upstream commit
...
unbreak after sshv1 purge
Upstream-Regress-ID: 8ea01a92d5f571b9fba88c1463a4254a7552d51b
2017-06-08 13:11:11 +10:00
6bdf70f01e
clean up regress files and add a .gitignore
2017-05-09 18:41:54 -07:00
d757a4b633
upstream commit
...
fix for new SSH_ERR_KEY_LENGTH error value
Upstream-Regress-ID: c38a6e6174d4c3feca3518df150d4fbae0dca8dc
2017-05-08 16:11:26 +10:00
effaf526bf
upstream commit
...
remove arcfour, blowfish and CAST here too
Upstream-Regress-ID: c613b3bcbef75df1fe84ca4dc2d3ef253dc5e920
2017-05-08 11:54:17 +10:00
dd369320d2
upstream commit
...
eliminate explicit specification of protocol in tests and
loops over protocol. We only support SSHv2 now.
Upstream-Regress-ID: 0082838a9b8a382b7ee9cbf0c1b9db727784fadd
2017-05-01 11:59:42 +10:00
557f921aad
upstream commit
...
remove SSHv1 support from unit tests
Upstream-Regress-ID: 395ca2aa48f1f7d23eefff6cb849ea733ca8bbfe
2017-05-01 10:07:19 +10:00
9504ea6b27
Merge integrity.sh rev 1.22.
...
Merge missing bits from Colin Watson's patch in bz#2658 which make integrity
tests more robust against timeouts. ok djm@
2017-04-28 14:33:43 +10:00
06ec837a34
Id sync for integrity.sh rev 1.21 which pulls in some shell portability fixes
2017-04-28 14:30:03 +10:00
e0194b471e
upstream commit
...
Change COMPILER_VERSION tests which limited additional
warnings to gcc4 to instead skip them on gcc3 as clang can handle
-Wpointer-sign and -Wold-style-definition.
Upstream-Regress-ID: e48d7dc13e48d9334b8195ef884dfbc51316012f
2017-04-28 13:28:49 +10:00
096fb65084
upstream commit
...
remove /usr/bin/time calls around tests, makes diffing test
runs harder. Based on patch from Mike Frysinger
Upstream-Regress-ID: 81c1083b14dcf473b23d2817882f40b346ebc95c
2017-03-21 09:09:59 +11:00
9165abfea3
create test mux socket in /tmp
...
Creating the socket in $OBJ could blow past the (quite limited)
path limit for Unix domain sockets. As a bandaid for bz#2660,
reported by Colin Watson; ok dtucker@
2017-03-20 10:12:18 +11:00
2fbf91684d
Include includes.h for compat bits.
2017-03-16 14:05:46 +11:00
b55f634e96
Wrap stdint.h in #ifdef HAVE_STDINT_H
2017-03-16 13:45:17 +11:00
b1b22dd0df
Plumb conversion test into makefile.
2017-03-14 14:19:36 +11:00
f57783f1dd
upstream commit
...
Add unit test for convtime().
Upstream-Regress-ID: 8717bc0ca4c21120f6dd3a1d3b7a363f707c31e1
2017-03-14 13:45:14 +11:00
8884b7247d
upstream commit
...
Add ASSERT_LONG_* helpers.
Upstream-Regress-ID: fe15beaea8f5063c7f21b0660c722648e3d76431
2017-03-14 13:45:14 +11:00
8ff3fc3f2f
upstream commit
...
regress tests for loading certificates without public keys;
bz#2617 based on patch from Adam Eijdenberg; ok markus@ dtucker@
Upstream-Regress-ID: 0145d19328ed995b73fe2d9da33596b17429d0d0
2017-03-12 10:50:54 +11:00
d549919055
upstream commit
...
add test cases for C locale; ok schwarze@
Upstream-Regress-ID: 783d75de35fbc923d46e2a5e6cee30f8f381ba87
2017-02-19 11:19:12 +11:00
0c4430a19b
upstream commit
...
Remove deprecated SSH1 options RSAAuthentication and
RhostsRSAAuthentication from regression test sshd_config.
Upstream-Regress-ID: 8066b753d9dce7cf02ff87af5c727ff680d99491
2017-02-17 14:52:25 +11:00
97c31c46ee
upstream commit
...
unit test for match_filter_list() function; still want a
better name for this...
Upstream-Regress-ID: 840ad6118552c35111f0a897af9c8d93ab8de92a
2017-02-04 10:10:07 +11:00
f25ee13b3e
upstream commit
...
fully unbreak: some $SSH invocations did not have -F
specified and could pick up the ~/.ssh/config of the user running the tests
Upstream-Regress-ID: f362d1892c0d3e66212d5d3fc02d915c58ef6b89
2017-01-30 16:23:46 +11:00
6956e21fb2
upstream commit
...
partially unbreak: was not specifying hostname on some
$SSH invocations
Upstream-Regress-ID: bc8a5e98e57bad0a92ef4f34ed91c1d18294e2cc
2017-01-30 16:23:46 +11:00
01cfaa2b1c
upstream commit
...
use correct ssh-add program; bz#2654, from Colin Watson
Upstream-Regress-ID: 7042a36e1bdaec6562f6e57e9d047efe9c7a6030
2017-01-30 11:08:36 +11:00
e5c7ec67cd
upstream commit
...
Account for timeouts in the integrity tests as failures.
If the first test in a series for a given MAC happens to modify the low
bytes of a packet length, then ssh will time out and this will be
interpreted as a test failure. Patch from cjwatson at debian.org via
bz#2658.
Upstream-Regress-ID: e7467613b0badedaa300bc6fc7495ec2f44e2fb9
2017-01-30 11:08:36 +11:00
dbaf599b61
upstream commit
...
Make forwarding test less racy by using unix domain
sockets instead of TCP ports where possible. Patch from cjwatson at
debian.org via bz#2659.
Upstream-Regress-ID: 4756375aac5916ef9d25452a1c1d5fa9e90299a9
2017-01-30 11:08:18 +11:00
c8c60f3663
upstream commit
...
use standard /bin/sh equality test; from Mike Frysinger
Upstream-Regress-ID: 7b6f0b63525f399844c8ac211003acb8e4b0bec2
2016-12-20 09:35:51 +11:00
3a8213ea0e
upstream commit
...
remove testcase that depends on exact output and
behaviour of snprintf(..., "%s", NULL)
Upstream-Regress-ID: cab4288531766bd9593cb556613b91a2eeefb56f
2016-12-19 15:59:40 +11:00
eae735a82d
upstream commit
...
Use LOGNAME to get current user and fall back to whoami if
not set. Mainly to benefit -portable since some platforms don't have whoami.
Upstream-Regress-ID: e3a16b7836a3ae24dc8f8a4e43fdf8127a60bdfa
2016-12-19 15:01:10 +11:00
0d2f884284
upstream commit
...
Add regression test for AllowUsers and DenyUsers. Patch from
Zev Weiss <zev at bewilderbeest.net>
Upstream-Regress-ID: 8f1aac24d52728398871dac14ad26ea38b533fb9
2016-12-17 09:11:41 +11:00
410681f901
upstream commit
...
revert to rev1.2; the new bits in this test depend on changes
to ssh that aren't yet committed
Upstream-Regress-ID: 828ffc2c7afcf65d50ff2cf3dfc47a073ad39123
2016-12-16 13:49:40 +11:00
2f2ffa4fbe
upstream commit
...
Move the "stop sshd" code into its own helper function.
Patch from Zev Weiss <zev at bewilderbeest.net>, ok djm@
Upstream-Regress-ID: a113dea77df5bd97fb4633ea31f3d72dbe356329
2016-12-16 13:16:34 +11:00
e15e715233
upstream commit
...
regression test for certificates along with private key
with no public half. bz#2617, mostly from Adam Eijdenberg
Upstream-Regress-ID: 2e74dc2c726f4dc839609b3ce045466b69f01115
2016-12-16 13:16:13 +11:00
9a70ec085f
upstream commit
...
Use $SUDO to read pidfile in case root's umask is
restricted. From portable.
Upstream-Regress-ID: f6b1c7ffbc5a0dfb7d430adb2883344899174a98
2016-12-16 13:16:13 +11:00
47b8c99ab3
Check for utf8 local support before testing it.
...
Check for utf8 local support and if not found, do not attempt to run the
utf8 tests. Suggested by djm@
2016-12-08 15:48:34 +11:00
85aa2efeba
upstream commit
...
test new behaviour of cert force-command restriction vs.
authorized_key/ principals
Upstream-Regress-ID: 399efa7469d40c404c0b0a295064ce75d495387c
2016-11-30 19:44:50 +11:00
79e4829ec8
upstream commit
...
Allow PuTTY interop tests to run unattended. bz#2639,
patch from cjwatson at debian.org.
Upstream-Regress-ID: 4345253558ac23b2082aebabccd48377433b6fe0
2016-11-29 17:19:57 +11:00
504c3a9a1b
upstream commit
...
Reverse args to sshd-log-wrapper. Matches change in
portable, where it allows sshd do be optionally run under Valgrind.
Upstream-Regress-ID: b438d1c6726dc5caa2a45153e6103a0393faa906
2016-11-29 17:19:21 +11:00
bd13017736
upstream commit
...
Fix typo in trace message; from portable.
Upstream-Regress-ID: 4c4a2ba0d37faf5fd230a91b4c7edb5699fbd73a
2016-11-29 17:17:19 +11:00
7da751d8b0
upstream commit
...
Clean up MALLOC_OPTIONS. For the unittests, move
MALLOC_OPTIONS and TEST_ENV to unittets/Makefile.inc.
ok otto
Upstream-Regress-ID: 890d497e0a38eeddfebb11cc429098d76cf29f12
2016-11-29 17:16:29 +11:00
36f58e6822
upstream commit
...
Remove the obsolete A and P flags from MALLOC_OPTIONS.
ok dtucker
Upstream-Regress-ID: 6cc25024c8174a87e5734a0dc830194be216dd59
2016-11-29 17:14:27 +11:00
09e6a7d835
Wrap stdint.h include in ifdef.
2016-10-24 09:06:18 +11:00
ca04de83f2
unbreak principals-command test
...
Undo inconsistetly updated variable name.
2016-10-13 18:55:25 +11:00
1723ec92eb
upstream commit
...
fix the KEX fuzzer - the previous method of obtaining the
packet contents was broken. This now uses the new per-packet input hook, so
it sees exact post-decrypt packets and doesn't have to pass packet integrity
checks. ok markus@
Upstream-Regress-ID: 402fb6ffabd97de590e8e57b25788949dce8d2fd
2016-10-13 18:55:25 +11:00
09f997893f
upstream commit
...
Move USER out of the way to unbreak the BUILDUSER
mechanism. ok tb
Upstream-Regress-ID: 74ab9687417dd071d62316eaadd20ddad1d5af3c
2016-10-13 18:55:25 +11:00
ca71c36645
upstream commit
...
Add a makefile rule to create the ssh library when
regress needs it. This allows to run the ssh regression tests without doing
a "make build" before. Discussed with dtucker@ and djm@; OK djm@
Upstream-Regress-ID: ce489bd53afcd471225a125b4b94565d4717c025
2016-10-01 06:44:43 +10:00
ce44c970f9
upstream commit
...
Allow to run ssh regression tests as root. If the user
is already root, the test should not expect that SUDO is set. If ssh needs
another user, use sudo or doas to switch from root if necessary. OK dtucker@
Upstream-Regress-ID: b464e55185ac4303529e3e6927db41683aaeace2
2016-10-01 06:44:00 +10:00
5f63ab474f
upstream commit
...
disable tests for affirmative negated match after backout of
match change
Upstream-Regress-ID: acebb8e5042f03d66d86a50405c46c4de0badcfd
2016-09-22 03:15:25 +10:00
119b7a2ca0
upstream commit
...
test all the AuthorizedPrincipalsCommand % expansions
Upstream-Regress-ID: 0a79a84dfaa59f958e46b474c3db780b454d30e3
2016-09-21 11:43:57 +10:00
920585b826
upstream commit
...
add a note on kexfuzz' limitations
Upstream-Regress-ID: 03804d4a0dbc5163e1a285a4c8cc0a76a4e864ec
2016-09-21 11:07:47 +10:00
0445ff1840
upstream commit
...
fix for newer modp DH groups
(diffie-hellman-group14-sha256 etc)
Upstream-Regress-ID: fe942c669959462b507516ae1634fde0725f1c68
2016-09-21 11:07:47 +10:00
2b939c272a
upstream commit
...
Improve test coverage of ssh-keygen -T a bit.
Upstream-Regress-ID: 8851668c721bcc2b400600cfc5a87644cc024e72
2016-09-14 11:34:59 +10:00
44d82fc83b
upstream commit
...
Add testcase for ssh-keygen -j, -J and -K options for
moduli screening. Does not currently test generation as that is extremely
slow.
Upstream-Regress-ID: 9de6ce801377ed3ce0a63a1413f1cd5fd3c2d062
2016-09-14 10:57:21 +10:00
44e5f756d2
upstream commit
...
add tests for addr_match_list()
Upstream-Regress-ID: fae2d1fef84687ece584738a924c7bf969616c8e
2016-09-14 10:55:22 +10:00
a39627134f
upstream commit
...
remove Protocol directive from client/server configs that
causes spammy deprecation warnings
hardcode SSH_PROTOCOLS=2, since that's all we support on the server
now (the client still may support both, so it could get confused)
Upstream-Regress-ID: c16662c631af51633f9fd06aca552a70535de181
2016-08-23 16:38:10 +10:00
6ee4f1c01e
hook match and utf8 unittests up to Makefile
2016-08-23 16:33:48 +10:00
114efe2bc0
upstream commit
...
add tests for matching functions
Upstream-Regress-ID: 0869d4f5c5d627c583c6a929d69c17d5dd65882c
2016-08-23 15:18:57 +10:00
eac1bbd068
Conditionally include err.h.
2016-07-18 17:12:22 +10:00
0a45414756
Remove local implementation of err, errx.
...
We now have a shared implementation in libopenbsd-compat.
2016-07-18 16:27:26 +10:00
ee67716f61
upstream commit
...
Correct equal in test.
Upstream-Regress-ID: 4e32f7a5c57a619c4e8766cb193be2a1327ec37a
2016-07-14 11:39:34 +10:00
8aaec70506
fix missing include for systems with err.h
2016-07-14 09:48:48 +10:00
6310ef27a2
Move err.h replacements into compat lib.
...
Move implementations of err.h replacement functions into their own file
in the libopenbsd-compat so we can use them in kexfuzz.c too. ok djm@
2016-07-13 14:42:35 +10:00
18813a32b6
upstream commit
...
DEBUGLIBS has been broken since the gcc4 switch, so delete
it. CFLAGS contains -g by default anyway
problem noted by Edgar Pettijohn (edgar (at) pettijohn-web.com)
ok millert@ kettenis@ deraadt@
Upstream-Regress-ID: 4a0bb72f95c63f2ae9daa8a040ac23914bddb542
2016-07-08 13:51:12 +10:00
9f919d1a32
Remove now-defunct .cvsignore files. ok djm
2016-06-14 13:51:01 +10:00
e6508898c3
upstream commit
...
Add a test for ssh(1)'s config file parsing.
Upstream-Regress-ID: 558b7f4dc45cc3761cc3d3e889b9f3c5bc91e601
2016-06-08 11:46:32 +10:00
ab0a536066
upstream commit
...
Add 'sshd' to the test ID as I'm about to add a similar
set for ssh.
Upstream-Regress-ID: aea7a9c3bac638530165c801ce836875b228ae7a
2016-06-08 11:45:39 +10:00
a5577c1ed3
upstream commit
...
stricter malloc.conf(5) options for utf8 tests
Upstream-Regress-ID: 111efe20a0fb692fa1a987f6e823310f9b25abf6
2016-06-08 11:45:05 +10:00
75f0844b4f
upstream commit
...
Fix two rare edge cases: 1. If vasprintf() returns < 0,
do not access a NULL pointer in snmprintf(), and do not free() the pointer
returned from vasprintf() because on some systems other than OpenBSD, it
might be a bogus pointer. 2. If vasprintf() returns == 0, return 0 and ""
rather than -1 and NULL.
Besides, free(dst) is pointless after failure (not a bug).
One half OK martijn@, the other half OK deraadt@;
committing quickly before people get hurt.
Upstream-Regress-ID: b164f20923812c9bac69856dbc1385eb1522cba4
2016-06-08 11:45:05 +10:00
016881eb33
upstream commit
...
test the new utf8 module
Upstream-Regress-ID: c923d05a20e84e4ef152cbec947fdc4ce6eabbe3
2016-06-08 11:45:05 +10:00
d4219028bd
upstream commit
...
Set umask to prevent "Bad owner or permissions" errors.
Upstream-Regress-ID: 8fdf2fc4eb595ccd80c443f474d639f851145417
2016-06-08 11:42:39 +10:00
07d5608bb2
upstream commit
...
support doas
Upstream-Regress-ID: 8d5572b27ea810394eeda432d8b4e9e1064a7c38
2016-06-08 11:42:39 +10:00
01cabf10ad
upstream commit
...
unit tests for sshbuf_dup_string()
Upstream-Regress-ID: 7521ff150dc7f20511d1c2c48fd3318e5850a96d
2016-06-08 11:40:38 +10:00
cca3b43958
upstream commit
...
Use a subshell for constructing key types to work around
different sed behaviours for -portable.
Upstream-Regress-ID: 0f6eb673162df229eda9a134a0f10da16151552d
2016-05-03 23:05:32 +10:00
67f1459efd
upstream commit
...
unit and regress tests for SHA256/512; ok markus
Upstream-Regress-ID: a0cd1a92dc824067076a5fcef83c18df9b0bf2c6
2016-05-02 20:59:50 +10:00
0f839e5969
upstream commit
...
missing bit of Include regress
Upstream-Regress-ID: 1063595f7f40f8489a1b7a27230b9e8acccea34f
2016-04-15 12:58:35 +10:00
12e4ac46ae
upstream commit
...
remove redundant CLEANFILES section
Upstream-Regress-ID: 29ef1b267fa56daa60a1463396635e7d53afb587
2016-04-15 12:58:09 +10:00
b1d05aa653
upstream commit
...
sync CLEANFILES with portable, sort
Upstream-Regress-ID: cb782f4f1ab3e079efbc335c6b64942f790766ed
2016-04-15 11:16:13 +10:00
35f22dad26
upstream commit
...
regression test for ssh_config Include directive
Upstream-Regress-ID: 46a38c8101f635461c506d1aac2d96af80f97f1e
2016-04-15 11:16:13 +10:00
6b8a1a8700
upstream commit
...
unbreak test for recent ssh de-duplicated forwarding
change
Upstream-Regress-ID: 6b2b115d99acd7cff13986e6739ea214cf2a3da3
2016-04-15 11:16:12 +10:00
0767877024
upstream commit
...
add test knob and warning for StrictModes
Upstream-Regress-ID: 8cd10952ce7898655ee58945904f2a0a3bdf7682
2016-04-15 11:16:12 +10:00
732b463d37
Pass supported malloc options to connect-privsep.
...
This allows us to activate only the supported options during the malloc
option portion of the connect-privsep test.
2016-03-14 16:04:23 +11:00
e960051f9a
Wrap stdint.h inside #ifdef HAVE_STDINT_H.
2016-03-09 13:14:18 +11:00
c425494d6b
unbreak kexfuzz for -Werror without __bounded__
2016-03-08 14:03:54 -08:00
331b8e07ee
upstream commit
...
Filter debug messages out of log before picking the last
two lines. Should prevent problems if any more debug output is added late in
the connection.
Upstream-Regress-ID: 345d0a9589c381e7d640a4ead06cfaadf4db1363
2016-03-04 15:12:25 +11:00
0892edaa3c
upstream commit
...
add KEX fuzzer harness; ok deraadt@
Upstream-Regress-ID: 3df5242d30551b12b828aa9ba4a4cec0846be8d1
2016-03-04 15:12:24 +11:00
ae2562c47d
upstream commit
...
Look back 3 lines for possible error messages. Changes
to the code mean that "Bad packet length" errors are 3 lines back instead of
the previous two, which meant we didn't skip some offsets that we intended
to.
Upstream-Regress-ID: 24f36912740a634d509a3144ebc8eb7c09b9c684
2016-03-04 15:12:22 +11:00
1acc058d0a
Disable tests where fs perms are incorrect
...
Some tests have strict requirements on the filesystem permissions
for certain files and directories. This adds a regress/check-perm
tool that copies the relevant logic from sshd to exactly test
the paths in question. This lets us skip tests when the local
filesystem doesn't conform to our expectations rather than
continuing and failing the test run.
ok dtucker@
2016-02-23 17:40:16 +11:00
624fd395b5
upstream commit
...
include bad $SSH_CONNECTION in failure output
Upstream-Regress-ID: b22d72edfde78c403aaec2b9c9753ef633cc0529
2016-02-17 16:37:54 +11:00
537f88ec7b
upstream commit
...
Add regression test for RekeyLimit parsing of >32bit values
(4G and 8G).
Upstream-Regress-ID: 548390350c62747b6234f522a99c319eee401328
2016-02-04 16:13:37 +11:00
da98c11d03
upstream commit
...
basic unit tests for rsa-sha2-* signature types
Upstream-Regress-ID: 7dc4b9db809d578ff104d591b4d86560c3598d3c
2015-12-07 13:21:30 +11:00
b67e2e76fc
upstream commit
...
regress test for "PubkeyAcceptedKeyTypes +..." inside a
Match block
Upstream-Regress-ID: 246c37ed64a2e5704d4c158ccdca1ff700e10647
2015-10-29 19:07:20 +11:00
abd9dbc3c0
upstream commit
...
Fix typo certopt->certopts in shell variable. This would
cause the test to hang at a host key prompt if you have an A or CNAME for
"proxy" in your local domain.
Upstream-Regress-ID: 6ea03bcd39443a83c89e2c5606392ceb9585836a
2015-10-29 19:07:19 +11:00
86c10dbbef
upstream commit
...
Update expected group sizes to match recent code changes.
Upstream-Regress-ID: 0004f0ea93428969fe75bcfff0d521c553977794
2015-10-25 14:56:09 +11:00
fdd020e864
upstream commit
...
adapt to recent sshkey_parse_private_fileblob() API
change
Upstream-Regress-ID: 5c0d818da511e33e0abf6a92a31bd7163b7ad988
2015-10-06 12:29:03 +11:00
21ae8ee3b6
upstream commit
...
fix command-line option to match what was actually
committed
Upstream-Regress-ID: 3e8c24a2044e8afd37e7ce17b69002ca817ac699
2015-10-06 12:28:41 +11:00
e14ac43b75
upstream commit
...
regress test for CertificateFile; patch from Meghana Bhat
via bz#2436
Upstream-Regress-ID: e7a6e980cbe0f8081ba2e83de40d06c17be8bd25
2015-10-06 12:28:41 +11:00
0097248f90
upstream commit
...
skip if running as root; many systems (inc OpenBSD) allow
root to ptrace arbitrary processes
Upstream-Regress-ID: be2b925df89360dff36f972951fa0fa793769038
2015-09-16 18:01:56 +10:00
9c06c814af
upstream commit
...
try all supported key types here; bz#2455 reported by
Jakub Jelen
Upstream-Regress-ID: 188cb7d9031cdbac3a0fa58b428b8fa2b2482bba
2015-09-16 18:01:08 +10:00
9e3ed9ebb1
upstream commit
...
trim junk from end of file; bz#2455 from Jakub Jelen
Upstream-Regress-ID: a4e64e8931e40d23874b047074444eff919cdfe6
2015-09-04 16:56:23 +10:00
55b263fb7c
let principals-command.sh work for noexec /var/run
2015-08-10 11:13:44 +10:00
2651e34cd1
work around echo -n / sed behaviour in tests
2015-08-06 11:43:42 +10:00
d85dad8177
upstream commit
...
adjust for RSA minimum modulus switch; ok deraadt@
Upstream-Regress-ID: 5a72c83431b96224d583c573ca281cd3a3ebfdae
2015-08-06 11:13:25 +10:00
cd7324d066
upstream commit
...
remove -u flag to diff (only used for error output) to make
things easier for -portable
Upstream-Regress-ID: a5d6777d2909540d87afec3039d9bb2414ade548
2015-07-17 13:36:30 +10:00
41e38c4d49
upstream commit
...
regen RSA1 test keys; the last batch was missing their
private parts
Upstream-Regress-ID: 7ccf437305dd63ff0b48dd50c5fd0f4d4230c10a
2015-07-15 17:25:10 +10:00
5bf0933184
upstream commit
...
Adapt tests, now that DSA if off by default; use
PubkeyAcceptedKeyTypes and PubkeyAcceptedKeyTypes to test DSA.
Upstream-Regress-ID: 0ff2a3ff5ac1ce5f92321d27aa07b98656efcc5c
2015-07-15 16:04:27 +10:00
7a6e3fd7b4
upstream commit
...
regen test data after mktestdata.sh changes
Upstream-Regress-ID: 3495ecb082b9a7c048a2d7c5c845d3bf181d25a4
2015-07-15 16:04:27 +10:00
7c8c174c69
upstream commit
...
adapt tests to new minimum RSA size and default FP format
Upstream-Regress-ID: a4b30afd174ce82b96df14eb49fb0b81398ffd0e
2015-07-15 16:04:26 +10:00
6a977a4b68
upstream commit
...
legacy v00 certificates are gone; adapt and don't try to
test them; "sure" markus@ dtucker@
Upstream-Regress-ID: c57321e69b3cd4a3b3396dfcc43f0803d047da12
2015-07-15 16:04:02 +10:00
0c4123ad5e
upstream commit
...
don't expect SSH v.1 in unittests
Upstream-Regress-ID: f8812b16668ba78e6a698646b2a652b90b653397
2015-07-15 16:04:02 +10:00
3c09984579
upstream commit
...
turn SSH1 back on to match src/usr.bin/ssh being tested
Upstream-Regress-ID: 6c4f763a2f0cc6893bf33983919e9030ae638333
2015-07-15 16:03:29 +10:00
52fb6b9b03
skip IPv6-related portions on hosts without IPv6
...
with Tim Rice
2015-06-30 16:05:40 +10:00
a170f22baf
Fix t12 rules for out of tree builds.
2015-06-09 22:41:13 -07:00
51a1c21152
skip, rather than fatal when run without SUDO set
2015-05-29 18:27:21 +10:00
db438f9285
upstream commit
...
make this work without SUDO set; ok dtucker@
Upstream-Regress-ID: bca88217b70bce2fe52b23b8e06bdeb82d98c715
2015-05-29 13:06:30 +10:00
13640798c7
upstream commit
...
regress test for AuthorizedPrincipalsCommand
Upstream-Regress-ID: c658fbf1ab6b6011dc83b73402322e396f1e1219
2015-05-21 16:46:56 +10:00
84452c5d03
upstream commit
...
regress test for AuthorizedKeysCommand arguments
Upstream-Regress-ID: bbd65c13c6b3be9a442ec115800bff9625898f12
2015-05-21 16:46:40 +10:00
0ef1de742b
upstream commit
...
Add a simple regression test for sshd's configuration
parser. Right now, all it does is run the output of sshd -T back through
itself and ensure the output is valid and invariant.
2015-05-10 11:35:16 +10:00
368f83c793
upstream commit
...
use correct key for nested certificate test
2015-05-10 11:35:12 +10:00
5ab283d001
upstream commit
...
whitespace
Upstream-Regress-ID: 6b708a3e709d5b7fd37890f874bafdff1f597519
2015-05-08 17:32:13 +10:00
8377d5008a
upstream commit
...
whitespace at EOL
Upstream-Regress-ID: 9c48911643d5b05173b36a012041bed4080b8554
2015-05-08 17:28:28 +10:00
38b8272f82
upstream commit
...
Use diff w/out -u for better portability
2015-05-08 13:33:00 +10:00
673a1c16ad
remove dependency on arpa/telnet.h
2015-04-16 11:40:35 +10:00
d9b9b43656
Fix misspellings of regress CONFOPTS env variables.
...
Patch from Bryan Drewery.
2015-04-07 09:10:00 +10:00
7da2be0cb9
upstream commit
...
adapt to recent hostfile.c change: when parsing
known_hosts without fully parsing the keys therein, hostkeys_foreach() will
now correctly identify KEY_RSA1 keys; ok markus@ miod@
2015-04-01 10:03:05 +11:00
9e1777a0d1
upstream commit
...
use ${SSH} for -Q instead of installed ssh
2015-04-01 10:02:56 +11:00
ce1b358ea4
upstream commit
...
make CLEANFILES clean up more of the tests' droppings
2015-04-01 10:02:01 +11:00
9f82e5a904
portability fix: Solaris systems may not have a grep that understands -q
2015-03-16 22:49:20 -07:00
4df590cf8d
make unit tests work for !OPENSSH_HAS_ECC
2015-03-11 10:02:39 +11:00
307bb40277
upstream commit
...
unbreak for w/SSH1 (default) case; ok markus@ deraadt@
2015-03-09 15:20:55 +11:00
b44ee0c998
unbreak hostkeys test for w/ SSH1 case
2015-03-05 18:39:20 -08:00
ac5e8acefa
upstream commit
...
make these work with !SSH1; ok markus@ deraadt@
2015-03-05 10:27:22 +11:00
a05adf95d2
netcat needs poll.h portability goop
2015-03-04 11:00:35 -08:00
dad2b1892b
upstream commit
...
make it possible to run tests w/o ssh1 support; ok djm@
2015-03-05 05:59:47 +11:00
3f7f5e6c5d
upstream commit
...
expand __unused to full __attribute__ for better portability
2015-03-04 07:59:13 +11:00
2fab9b0f87
avoid warning
2015-03-04 07:41:27 +11:00
d608a51daa
upstream commit
...
reorder logic for better portability; patch from Roumen
Petrov
2015-03-04 04:54:27 +11:00
e47536ba96
portability fixes for regress/netcat.c
...
Mostly avoiding "err(1, NULL)"
2015-02-28 08:20:11 -08:00
02973ad5f6
twiddle another test for portability
...
from Tom G. Christensen
2015-02-28 08:06:18 -08:00
f7f3116abf
twiddle test for portability
2015-02-27 15:52:49 -08:00
1ad3a77cc9
make regress/netcat.c fd passing (more) portable
2015-02-26 20:34:06 -08:00
9e1cfca7e1
create OBJ/valgrind-out before running unittests
2015-02-26 20:34:06 -08:00
bd58853102
valgrind support
2015-02-26 14:55:55 -08:00
5d5ec165c5
Restrict ECDSA and ECDH tests.
...
ifdef out some more ECDSA and ECDH tests when built against an OpenSSL
that does not have eliptic curve functionality.
2015-02-25 15:32:49 +11:00
cb030ce25f
include includes.h to avoid build failure on AIX
2015-02-24 09:23:30 -08:00
13af342458
Original portability patch from djm@ for platforms missing err.h.
...
Fix name space clash on Solaris 10. Still more to do for Solaris 10
to deal with msghdr structure differences. ok djm@
2015-02-24 07:56:47 -08:00
4c356308a8
Wrap stdint.h includes in HAVE_STDINT_H.
2015-02-24 13:49:31 +11:00
b3c19151cb
upstream commit
...
fix a race condition by using a mux socket rather than an
ineffectual wait statement
2015-02-24 07:32:35 +11:00
f81f1bbc5b
out of tree build fix
2015-02-21 18:12:10 -08:00
1a779a0dd6
upstream commit
...
correct paths to configuration files being written/updated;
they live in $OBJ not cwd; some by Roumen Petrov
2015-02-22 07:58:24 +11:00
e89c780886
hook up hostkeys unittest to portable Makefiles
2015-02-17 10:04:55 +11:00
0abf41f99a
upstream commit
...
enable hostkeys unit tests
2015-02-17 09:35:35 +11:00
68a5d647cc
upstream commit
...
check string/memory compare arguments aren't NULL
2015-02-17 09:34:48 +11:00
ef575ef20d
upstream commit
...
unit tests for hostfile.c code, just hostkeys_foreach so
far
2015-02-17 09:34:48 +11:00
8ea3365e6a
upstream commit
...
test server rekey limit
2015-02-17 09:33:19 +11:00
86936ec245
upstream commit
...
regression test for 'wildcard CA' serial/key ID revocations
2015-01-30 12:19:29 +11:00
69ff64f696
compile on systems without TCP_MD5SIG (e.g. OSX)
2015-01-27 23:07:43 +11:00
358964f308
use ssh-keygen under test rather than system's
2015-01-27 23:07:25 +11:00
ade31d7b6f
these need active_state defined to link on OSX
...
temporary measure until active_state goes away entirely
2015-01-27 23:06:23 +11:00
e56aa87502
upstream commit
...
use printf instead of echo -n to reduce diff against
-portable
2015-01-27 23:03:15 +11:00
d411d39555
upstream commit
...
regression test for host key rotation
2015-01-27 00:03:53 +11:00
fe8a3a5169
upstream commit
...
adapt to sshkey API tweaks
2015-01-27 00:03:31 +11:00
7dd355fb1f
upstream commit
...
Move -lz late in the linker commandline for things to
build on static arches.
2015-01-27 00:03:30 +11:00
0dad3b806f
upstream commit
...
-Wpointer-sign is supported by gcc 4 only.
2015-01-27 00:03:30 +11:00
2b3b1c1e4b
upstream commit
...
use SUBDIR to recuse into unit tests; makes "make obj"
actually work
2015-01-27 00:03:12 +11:00
1d6424a6ff
upstream commit
...
this test would accidentally delete agent.sh if run without
obj/
2015-01-20 19:03:08 +11:00
1ca3e2155a
fix kex test
2015-01-20 10:11:31 +11:00
c78a578107
upstream commit
...
finally enable the KEX tests I wrote some years ago...
2015-01-20 09:50:34 +11:00
31821d7217
upstream commit
...
adapt to new error message (SSH_ERR_MAC_INVALID)
2015-01-20 09:46:48 +11:00
d3716ca19e
upstream commit
...
this test was broken in at least two ways, such that it
wasn't checking that a KRL was not excluding valid keys
2015-01-20 09:45:56 +11:00
d85e062459
upstream commit
...
be a bit more careful in these tests to ensure that
known_hosts is clean
2015-01-20 00:26:13 +11:00
7947810eab
upstream commit
...
regression test for known_host file editing using
ssh-keygen (-H / -R / -F) after hostkeys_foreach() change; feedback and ok
markus@
2015-01-20 00:26:13 +11:00
3a2b09d147
upstream commit
...
more and better key tests
test signatures and verification
test certificate generation
flesh out nested cert test
removes most of the XXX todo markers
2015-01-20 00:25:12 +11:00
589e69fd82
upstream commit
...
make the signature fuzzing test much more rigorous:
ensure that the fuzzed input cases do not match the original (using new
fuzz_matches_original() function) and check that the verification fails in
each case
2015-01-20 00:24:40 +11:00
80603c0daa
upstream commit
...
add a fuzz_matches_original() function to the fuzzer to
detect fuzz cases that are identical to the original data. Hacky
implementation, but very useful when you need the fuzz to be different, e.g.
when verifying signature
2015-01-20 00:24:39 +11:00
87d5495bd3
upstream commit
...
better dumps from the fuzzer (shown on errors) -
include the original data as well as the fuzzed copy.
2015-01-20 00:24:39 +11:00
d59ec478c4
upstream commit
...
enable hostkey-agent.sh test
2015-01-20 00:24:17 +11:00
26b3425170
upstream commit
...
unit test for hostkeys in ssh-agent
2015-01-20 00:23:43 +11:00
9e06a0fb23
upstream commit
...
add kex unit tests
2015-01-20 00:22:50 +11:00
45c0fd70bb
make bitmap test compile
2015-01-15 22:08:23 +11:00
d333f89abf
upstream commit
...
unit tests for KRL bitmap
2015-01-15 21:39:18 +11:00
7613f828f4
upstream commit
...
re-add comment about full path
2015-01-15 21:39:17 +11:00
6c43b48b30
upstream commit
...
don't reset to the installed sshd; connect before
reconfigure, too
2015-01-15 21:39:17 +11:00
771bb47a1d
upstream commit
...
implement a SIGINFO handler so we can discern a stuck
fuzz test from a merely glacial one; prompted by and ok markus
2015-01-15 21:39:16 +11:00
cfaa57962f
upstream commit
...
use $SSH instead of installed ssh to allow override;
spotted by markus@
2015-01-15 21:39:16 +11:00
0920553d0a
upstream commit
...
regress test for PubkeyAcceptedKeyTypes; ok markus@
2015-01-15 21:39:15 +11:00
27ca1a5c00
upstream commit
...
unbreak parsing of pubkey comments; with gerhard; ok
djm/deraadt
2015-01-15 21:39:15 +11:00
55358f0b4e
upstream commit
...
fatal if soft-PKCS11 library is missing rather (rather
than continue and fail with a more cryptic error)
2015-01-15 21:39:15 +11:00
c3554cdd2a
upstream commit
...
let this test all supporte key types; pointed out/ok
markus@
2015-01-15 21:39:14 +11:00
c332110291
some systems lack SO_REUSEPORT
2015-01-15 02:59:51 +11:00
c4bfafcc2a
upstream commit
...
adjust for sshkey_load_file() API change
2015-01-09 00:46:04 +11:00
293cac52dc
include and use OpenBSD netcat in regress/
2014-12-23 08:38:12 +11:00
4bea0ab329
upstream commit
...
regression test for multiple required pubkey authentication;
ok markus@
2014-12-22 19:13:38 +11:00
0d1b241a26
upstream commit
...
make this slightly easier to diff against portable
2014-12-22 17:21:51 +11:00
0715bcdddb
add missing regress output file
2014-12-22 13:47:07 +11:00
1e30483c8a
upstream commit
...
adjust for new SHA256 key fingerprints and
slightly-different MD5 hex fingerprint format
2014-12-22 13:21:07 +11:00
6b40567ed7
upstream commit
...
poll changes to netcat (usr.bin/netcat.c r1.125) broke
this test; fix it by ensuring more stdio fds are sent to devnull
2014-12-22 13:18:41 +11:00
3dfd8d93df
upstream commit
...
add tests for new client RevokedHostKeys option; refactor
to make it a bit more readable
2014-12-05 09:31:08 +11:00
a31046cad1
upstream commit
...
Nuke yet more obvious #include duplications.
ok deraadt@
2014-12-05 09:31:07 +11:00
51b64e4412
upstream commit
...
fix KRL generation when multiple CAs are in use
We would generate an invalid KRL when revoking certs by serial
number for multiple CA keys due to a section being written out
twice.
Also extend the regress test to catch this case by having it
produce a multi-CA KRL.
Reported by peter AT pean.org
2014-11-19 09:20:14 +11:00
1b215c098b
- (djm) [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c]
...
[regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c]
[regress/unittests/sshkey/common.c]
[regress/unittests/sshkey/test_file.c]
[regress/unittests/sshkey/test_fuzz.c]
[regress/unittests/sshkey/test_sshkey.c] Don't include openssl/ec.h
on !ECC OpenSSL systems
2014-08-27 04:04:40 +10:00
4f1ff1ed78
- (djm) [regress/unittests/test_helper/test_helper.c] Fix for systems that
...
don't set __progname. Diagnosed by Tom Christensen.
2014-08-21 15:54:50 +10:00
f8988fbef0
- (djm) [regress/multiplex.sh] Use -d (detach stdin) flag to disassociate
...
nc from stdin, it's more portable
2014-08-01 13:31:52 +10:00
5b3879fd4b
- (djm) [regress/multiplex.sh] Instruct nc not to quit as soon as stdin
...
is closed; avoid regress failures when stdin is /dev/null
2014-08-01 12:28:31 +10:00
a9c46746d2
- (djm) [regress/multiplex.sh] Skip test for non-OpenBSD netcat. We need
...
a better solution, but this will have to do for now.
2014-08-01 12:26:49 +10:00
56b840f2b8
- (djm) [regress/multiplex.sh] restore incorrectly deleted line;
...
pointed out by Christian Hesse
2014-07-25 08:11:30 +10:00
dd417b60d5
- dtucker@cvs.openbsd.org 2014/07/22 23:35:38
...
[regress/unittests/sshkey/testdata/*]
Regenerate test keys with certs signed with ed25519 instead of ecdsa.
These can be used in -portable on platforms that don't support ECDSA.
2014-07-23 10:41:21 +10:00
40e5021189
- dtucker@cvs.openbsd.org 2014/07/22 23:57:40
...
[regress/unittests/sshkey/mktestdata.sh]
Add $OpenBSD tag to make syncs easier
2014-07-23 10:35:45 +10:00
07e644251e
- dtucker@cvs.openbsd.org 2014/07/22 23:23:22
...
[regress/unittests/sshkey/mktestdata.sh]
Sign test certs with ed25519 instead of ecdsa so that they'll work in
-portable on platforms that don't have ECDSA in their OpenSSL. ok djm
2014-07-23 10:34:26 +10:00
cea099a7c4
- djm@cvs.openbsd.org 2014/07/22 01:32:12
...
[regress/multiplex.sh]
change the test for still-open Unix domain sockets to be robust against
nc implementations that produce error messages. from -portable
(Id sync only)
2014-07-23 10:04:02 +10:00
c4ee219a66
- (dtucker) [regress/unittests/sshkey/test_{file,fuzz,sshkey}.c] Wrap ecdsa-
...
specific tests inside OPENSSL_HAS_ECC.
2014-07-23 04:27:50 +10:00
04f4824940
- (djm) [regress/multiplex.sh] change the test for still-open Unix
...
domain sockets to be robust against nc implementations that produce
error messages.
2014-07-22 11:31:47 +10:00
5ea4fe00d5
- (djm) [regress/multiplex.sh] ssh mux master lost -N somehow;
...
put it back
2014-07-22 09:39:19 +10:00
c8f610f6cc
- (djm) [regress/multiplex.sh] Not all netcat accept the -N option.
2014-07-21 10:23:27 +10:00
0e4e95566c
- millert@cvs.openbsd.org 2014/07/15 15:54:15
...
[forwarding.sh multiplex.sh]
Add support for Unix domain socket forwarding. A remote TCP port
may be forwarded to a local Unix domain socket and vice versa or
both ends may be a Unix domain socket. This is a reimplementation
of the streamlocal patches by William Ahern from:
http://www.25thandclement.com/~william/projects/streamlocal.html
OK djm@ markus@
2014-07-21 09:52:54 +10:00
93a87ab27e
- (dtucker) [regress/unittests/sshkey/
...
{common,test_file,test_fuzz,test_sshkey}.c] Wrap stdint.h includes in
ifdefs.
2014-07-21 06:30:25 +10:00
7a57eb3d10
- djm@cvs.openbsd.org 2014/07/07 08:15:26
...
[multiplex.sh]
remove forced-fatal that I stuck in there to test the new cleanup
logic and forgot to remove...
2014-07-09 13:22:31 +10:00
612f965239
- djm@cvs.openbsd.org 2014/07/06 07:42:03
...
[multiplex.sh test-exec.sh]
add a hook to the cleanup() function to kill $SSH_PID if it is set
use it to kill the mux master started in multiplex.sh (it was being left
around on fatal failures)
2014-07-09 13:22:03 +10:00
81309c857d
- (djm) [regress/Makefile] fix execution of sshkey unit/fuzz test
2014-07-02 17:45:55 +10:00
dd8b1dd793
- djm@cvs.openbsd.org 2014/06/24 01:14:17
...
[Makefile.in regress/Makefile regress/unittests/Makefile]
[regress/unittests/sshkey/Makefile]
[regress/unittests/sshkey/common.c]
[regress/unittests/sshkey/common.h]
[regress/unittests/sshkey/mktestdata.sh]
[regress/unittests/sshkey/test_file.c]
[regress/unittests/sshkey/test_fuzz.c]
[regress/unittests/sshkey/test_sshkey.c]
[regress/unittests/sshkey/tests.c]
[regress/unittests/sshkey/testdata/dsa_1]
[regress/unittests/sshkey/testdata/dsa_1-cert.fp]
[regress/unittests/sshkey/testdata/dsa_1-cert.pub]
[regress/unittests/sshkey/testdata/dsa_1.fp]
[regress/unittests/sshkey/testdata/dsa_1.fp.bb]
[regress/unittests/sshkey/testdata/dsa_1.param.g]
[regress/unittests/sshkey/testdata/dsa_1.param.priv]
[regress/unittests/sshkey/testdata/dsa_1.param.pub]
[regress/unittests/sshkey/testdata/dsa_1.pub]
[regress/unittests/sshkey/testdata/dsa_1_pw]
[regress/unittests/sshkey/testdata/dsa_2]
[regress/unittests/sshkey/testdata/dsa_2.fp]
[regress/unittests/sshkey/testdata/dsa_2.fp.bb]
[regress/unittests/sshkey/testdata/dsa_2.pub]
[regress/unittests/sshkey/testdata/dsa_n]
[regress/unittests/sshkey/testdata/dsa_n_pw]
[regress/unittests/sshkey/testdata/ecdsa_1]
[regress/unittests/sshkey/testdata/ecdsa_1-cert.fp]
[regress/unittests/sshkey/testdata/ecdsa_1-cert.pub]
[regress/unittests/sshkey/testdata/ecdsa_1.fp]
[regress/unittests/sshkey/testdata/ecdsa_1.fp.bb]
[regress/unittests/sshkey/testdata/ecdsa_1.param.curve]
[regress/unittests/sshkey/testdata/ecdsa_1.param.priv]
[regress/unittests/sshkey/testdata/ecdsa_1.param.pub]
[regress/unittests/sshkey/testdata/ecdsa_1.pub]
[regress/unittests/sshkey/testdata/ecdsa_1_pw]
[regress/unittests/sshkey/testdata/ecdsa_2]
[regress/unittests/sshkey/testdata/ecdsa_2.fp]
[regress/unittests/sshkey/testdata/ecdsa_2.fp.bb]
[regress/unittests/sshkey/testdata/ecdsa_2.param.curve]
[regress/unittests/sshkey/testdata/ecdsa_2.param.priv]
[regress/unittests/sshkey/testdata/ecdsa_2.param.pub]
[regress/unittests/sshkey/testdata/ecdsa_2.pub]
[regress/unittests/sshkey/testdata/ecdsa_n]
[regress/unittests/sshkey/testdata/ecdsa_n_pw]
[regress/unittests/sshkey/testdata/ed25519_1]
[regress/unittests/sshkey/testdata/ed25519_1-cert.fp]
[regress/unittests/sshkey/testdata/ed25519_1-cert.pub]
[regress/unittests/sshkey/testdata/ed25519_1.fp]
[regress/unittests/sshkey/testdata/ed25519_1.fp.bb]
[regress/unittests/sshkey/testdata/ed25519_1.pub]
[regress/unittests/sshkey/testdata/ed25519_1_pw]
[regress/unittests/sshkey/testdata/ed25519_2]
[regress/unittests/sshkey/testdata/ed25519_2.fp]
[regress/unittests/sshkey/testdata/ed25519_2.fp.bb]
[regress/unittests/sshkey/testdata/ed25519_2.pub]
[regress/unittests/sshkey/testdata/pw]
[regress/unittests/sshkey/testdata/rsa1_1]
[regress/unittests/sshkey/testdata/rsa1_1.fp]
[regress/unittests/sshkey/testdata/rsa1_1.fp.bb]
[regress/unittests/sshkey/testdata/rsa1_1.param.n]
[regress/unittests/sshkey/testdata/rsa1_1.pub]
[regress/unittests/sshkey/testdata/rsa1_1_pw]
[regress/unittests/sshkey/testdata/rsa1_2]
[regress/unittests/sshkey/testdata/rsa1_2.fp]
[regress/unittests/sshkey/testdata/rsa1_2.fp.bb]
[regress/unittests/sshkey/testdata/rsa1_2.param.n]
[regress/unittests/sshkey/testdata/rsa1_2.pub]
[regress/unittests/sshkey/testdata/rsa_1]
[regress/unittests/sshkey/testdata/rsa_1-cert.fp]
[regress/unittests/sshkey/testdata/rsa_1-cert.pub]
[regress/unittests/sshkey/testdata/rsa_1.fp]
[regress/unittests/sshkey/testdata/rsa_1.fp.bb]
[regress/unittests/sshkey/testdata/rsa_1.param.n]
[regress/unittests/sshkey/testdata/rsa_1.param.p]
[regress/unittests/sshkey/testdata/rsa_1.param.q]
[regress/unittests/sshkey/testdata/rsa_1.pub]
[regress/unittests/sshkey/testdata/rsa_1_pw]
[regress/unittests/sshkey/testdata/rsa_2]
[regress/unittests/sshkey/testdata/rsa_2.fp]
[regress/unittests/sshkey/testdata/rsa_2.fp.bb]
[regress/unittests/sshkey/testdata/rsa_2.param.n]
[regress/unittests/sshkey/testdata/rsa_2.param.p]
[regress/unittests/sshkey/testdata/rsa_2.param.q]
[regress/unittests/sshkey/testdata/rsa_2.pub]
[regress/unittests/sshkey/testdata/rsa_n]
[regress/unittests/sshkey/testdata/rsa_n_pw]
unit and fuzz tests for new key API
2014-07-02 17:38:31 +10:00
c1dc24b71f
- djm@cvs.openbsd.org 2014/06/24 01:04:43
...
[regress/krl.sh]
regress test for broken consecutive revoked serial number ranges
2014-07-02 17:02:03 +10:00
43d3ed2dd3
- djm@cvs.openbsd.org 2014/05/21 07:04:21
...
[regress/integrity.sh]
when failing because of unexpected output, show the offending output
2014-07-02 17:01:08 +10:00
5a96707ffc
- djm@cvs.openbsd.org 2014/04/30 05:32:00
...
[regress/Makefile]
unit tests for new buffer API; including basic fuzz testing
NB. Id sync only.
2014-07-02 15:38:05 +10:00
5e2b8894b0
- (tim) [regress/unittests/test_helper/test_helper.h] Add includes.h for
...
u_intXX_t types.
2014-06-11 18:31:10 -07:00
985ee2cbc3
- (dtucker) [regress/unittests/sshbuf/*.c regress/unittests/test_helper/*]
...
Wrap stdlib.h include an ifdef for platforms that don't have it.
2014-06-12 05:32:29 +10:00
15c254a253
- (dtucker) [regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c] ifdef
...
ECC variable too.
2014-06-11 07:38:49 +10:00
67508ac256
- (dtucker) [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c
...
regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c] Only do NISTP256
curve tests if OpenSSL has them.
2014-06-11 06:27:16 +10:00
e7429f2be8
- (djm) [regress/Makefile Makefile.in]
...
[regress/unittests/sshbuf/test_sshbuf.c
[regress/unittests/sshbuf/test_sshbuf_fixed.c]
[regress/unittests/sshbuf/test_sshbuf_fuzz.c]
[regress/unittests/sshbuf/test_sshbuf_getput_basic.c]
[regress/unittests/sshbuf/test_sshbuf_getput_crypto.c]
[regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c]
[regress/unittests/sshbuf/test_sshbuf_misc.c]
[regress/unittests/sshbuf/tests.c]
[regress/unittests/test_helper/fuzz.c]
[regress/unittests/test_helper/test_helper.c]
Hook new unit tests into the build and "make tests"
2014-05-15 18:01:01 +10:00
def1de0867
- (djm) [regress/unittests/Makefile]
...
[regress/unittests/Makefile.inc]
[regress/unittests/sshbuf/Makefile]
[regress/unittests/sshbuf/test_sshbuf.c]
[regress/unittests/sshbuf/test_sshbuf_fixed.c]
[regress/unittests/sshbuf/test_sshbuf_fuzz.c]
[regress/unittests/sshbuf/test_sshbuf_getput_basic.c]
[regress/unittests/sshbuf/test_sshbuf_getput_crypto.c]
[regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c]
[regress/unittests/sshbuf/test_sshbuf_misc.c]
[regress/unittests/sshbuf/tests.c]
[regress/unittests/test_helper/Makefile]
[regress/unittests/test_helper/fuzz.c]
[regress/unittests/test_helper/test_helper.c]
[regress/unittests/test_helper/test_helper.h]
Import new unit tests from OpenBSD; not yet hooked up to build.
2014-05-15 15:17:15 +10:00
167685756f
- logan@cvs.openbsd.org 2014/05/04 10:40:59
...
[connect-privsep.sh]
Remove the Z flag from the list of malloc options as it
was removed from malloc.c 10 days ago.
OK from miod@
2014-05-15 15:08:40 +10:00
d0b69fe904
- dtucker@cvs.openbsd.org 2014/05/03 18:46:14
...
[proxy-connect.sh]
Add tests for with and without compression, with and without privsep.
2014-05-15 15:08:19 +10:00
edb1af5044
- djm@cvs.openbsd.org 2014/04/21 22:15:37
...
[dhgex.sh integrity.sh kextype.sh rekey.sh try-ciphers.sh]
repair regress tests broken by server-side default cipher/kex/mac changes
by ensuring that the option under test is included in the server's
algorithm list
2014-05-15 15:07:53 +10:00
54343e95c7
- djm@cvs.openbsd.org 2014/03/13 20:44:49
...
[login-timeout.sh]
this test is a sorry mess of race conditions; add another sleep
to avoid a failure on slow machines (at least until I find a
better way)
2014-05-15 15:07:33 +10:00
2476c31b96
- (djm) [regress/Makefile] Disable dhgex regress test; it breaks when
...
no moduli file exists at the expected location.
2014-03-02 04:01:00 +11:00
c83fdf30e9
- (djm) [regress/host-expand.sh] Add RCS Id
2014-02-28 10:34:03 +11:00
834aeac355
- djm@cvs.openbsd.org 2014/02/27 21:21:25
...
[agent-ptrace.sh agent.sh]
keep return values that are printed in error messages;
from portable
(Id sync only)
2014-02-28 10:25:16 +11:00
4f7f1a9a0d
- djm@cvs.openbsd.org 2014/02/27 20:04:16
...
[login-timeout.sh]
remove any existing LoginGraceTime from sshd_config before adding
a specific one for the test back in
2014-02-28 10:24:11 +11:00
d705d987c2
- djm@cvs.openbsd.org 2014/01/26 10:49:17
...
[scp-ssh-wrapper.sh scp.sh]
make sure $SCP is tested on the remote end rather than whichever one
happens to be in $PATH; from portable
(Id sync only)
2014-02-28 10:23:26 +11:00
624a3ca376
- djm@cvs.openbsd.org 2014/01/26 10:22:10
...
[regress/cert-hostkey.sh]
automatically generate revoked keys from listed keys rather than
manually specifying each type; from portable
(Id sync only)
2014-02-28 10:22:37 +11:00
Damien Miller
djm@openbsd.org
dtucker@openbsd.org
Darren Tucker
djm@openbsd.org@openbsd.org
millert@openbsd.org@openbsd.org
markus@openbsd.org
bluhm@openbsd.org
Darren Tucker
jsg@openbsd.org
tb@openbsd.org
natano@openbsd.org
guenther@openbsd.org
schwarze@openbsd.org
Tim Rice
Damien Miller
miod@openbsd.org
krw@openbsd.org