1d6424a6ff
upstream commit
...
this test would accidentally delete agent.sh if run without
obj/
2015-01-20 19:03:08 +11:00
1ca3e2155a
fix kex test
2015-01-20 10:11:31 +11:00
c78a578107
upstream commit
...
finally enable the KEX tests I wrote some years ago...
2015-01-20 09:50:34 +11:00
31821d7217
upstream commit
...
adapt to new error message (SSH_ERR_MAC_INVALID)
2015-01-20 09:46:48 +11:00
d3716ca19e
upstream commit
...
this test was broken in at least two ways, such that it
wasn't checking that a KRL was not excluding valid keys
2015-01-20 09:45:56 +11:00
d85e062459
upstream commit
...
be a bit more careful in these tests to ensure that
known_hosts is clean
2015-01-20 00:26:13 +11:00
7947810eab
upstream commit
...
regression test for known_host file editing using
ssh-keygen (-H / -R / -F) after hostkeys_foreach() change; feedback and ok
markus@
2015-01-20 00:26:13 +11:00
3a2b09d147
upstream commit
...
more and better key tests
test signatures and verification
test certificate generation
flesh out nested cert test
removes most of the XXX todo markers
2015-01-20 00:25:12 +11:00
589e69fd82
upstream commit
...
make the signature fuzzing test much more rigorous:
ensure that the fuzzed input cases do not match the original (using new
fuzz_matches_original() function) and check that the verification fails in
each case
2015-01-20 00:24:40 +11:00
80603c0daa
upstream commit
...
add a fuzz_matches_original() function to the fuzzer to
detect fuzz cases that are identical to the original data. Hacky
implementation, but very useful when you need the fuzz to be different, e.g.
when verifying signature
2015-01-20 00:24:39 +11:00
87d5495bd3
upstream commit
...
better dumps from the fuzzer (shown on errors) -
include the original data as well as the fuzzed copy.
2015-01-20 00:24:39 +11:00
d59ec478c4
upstream commit
...
enable hostkey-agent.sh test
2015-01-20 00:24:17 +11:00
26b3425170
upstream commit
...
unit test for hostkeys in ssh-agent
2015-01-20 00:23:43 +11:00
9e06a0fb23
upstream commit
...
add kex unit tests
2015-01-20 00:22:50 +11:00
45c0fd70bb
make bitmap test compile
2015-01-15 22:08:23 +11:00
d333f89abf
upstream commit
...
unit tests for KRL bitmap
2015-01-15 21:39:18 +11:00
7613f828f4
upstream commit
...
re-add comment about full path
2015-01-15 21:39:17 +11:00
6c43b48b30
upstream commit
...
don't reset to the installed sshd; connect before
reconfigure, too
2015-01-15 21:39:17 +11:00
771bb47a1d
upstream commit
...
implement a SIGINFO handler so we can discern a stuck
fuzz test from a merely glacial one; prompted by and ok markus
2015-01-15 21:39:16 +11:00
cfaa57962f
upstream commit
...
use $SSH instead of installed ssh to allow override;
spotted by markus@
2015-01-15 21:39:16 +11:00
0920553d0a
upstream commit
...
regress test for PubkeyAcceptedKeyTypes; ok markus@
2015-01-15 21:39:15 +11:00
27ca1a5c00
upstream commit
...
unbreak parsing of pubkey comments; with gerhard; ok
djm/deraadt
2015-01-15 21:39:15 +11:00
55358f0b4e
upstream commit
...
fatal if soft-PKCS11 library is missing rather (rather
than continue and fail with a more cryptic error)
2015-01-15 21:39:15 +11:00
c3554cdd2a
upstream commit
...
let this test all supporte key types; pointed out/ok
markus@
2015-01-15 21:39:14 +11:00
c332110291
some systems lack SO_REUSEPORT
2015-01-15 02:59:51 +11:00
c4bfafcc2a
upstream commit
...
adjust for sshkey_load_file() API change
2015-01-09 00:46:04 +11:00
293cac52dc
include and use OpenBSD netcat in regress/
2014-12-23 08:38:12 +11:00
4bea0ab329
upstream commit
...
regression test for multiple required pubkey authentication;
ok markus@
2014-12-22 19:13:38 +11:00
0d1b241a26
upstream commit
...
make this slightly easier to diff against portable
2014-12-22 17:21:51 +11:00
0715bcdddb
add missing regress output file
2014-12-22 13:47:07 +11:00
1e30483c8a
upstream commit
...
adjust for new SHA256 key fingerprints and
slightly-different MD5 hex fingerprint format
2014-12-22 13:21:07 +11:00
6b40567ed7
upstream commit
...
poll changes to netcat (usr.bin/netcat.c r1.125) broke
this test; fix it by ensuring more stdio fds are sent to devnull
2014-12-22 13:18:41 +11:00
3dfd8d93df
upstream commit
...
add tests for new client RevokedHostKeys option; refactor
to make it a bit more readable
2014-12-05 09:31:08 +11:00
a31046cad1
upstream commit
...
Nuke yet more obvious #include duplications.
ok deraadt@
2014-12-05 09:31:07 +11:00
51b64e4412
upstream commit
...
fix KRL generation when multiple CAs are in use
We would generate an invalid KRL when revoking certs by serial
number for multiple CA keys due to a section being written out
twice.
Also extend the regress test to catch this case by having it
produce a multi-CA KRL.
Reported by peter AT pean.org
2014-11-19 09:20:14 +11:00
1b215c098b
- (djm) [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c]
...
[regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c]
[regress/unittests/sshkey/common.c]
[regress/unittests/sshkey/test_file.c]
[regress/unittests/sshkey/test_fuzz.c]
[regress/unittests/sshkey/test_sshkey.c] Don't include openssl/ec.h
on !ECC OpenSSL systems
2014-08-27 04:04:40 +10:00
4f1ff1ed78
- (djm) [regress/unittests/test_helper/test_helper.c] Fix for systems that
...
don't set __progname. Diagnosed by Tom Christensen.
2014-08-21 15:54:50 +10:00
f8988fbef0
- (djm) [regress/multiplex.sh] Use -d (detach stdin) flag to disassociate
...
nc from stdin, it's more portable
2014-08-01 13:31:52 +10:00
5b3879fd4b
- (djm) [regress/multiplex.sh] Instruct nc not to quit as soon as stdin
...
is closed; avoid regress failures when stdin is /dev/null
2014-08-01 12:28:31 +10:00
a9c46746d2
- (djm) [regress/multiplex.sh] Skip test for non-OpenBSD netcat. We need
...
a better solution, but this will have to do for now.
2014-08-01 12:26:49 +10:00
56b840f2b8
- (djm) [regress/multiplex.sh] restore incorrectly deleted line;
...
pointed out by Christian Hesse
2014-07-25 08:11:30 +10:00
dd417b60d5
- dtucker@cvs.openbsd.org 2014/07/22 23:35:38
...
[regress/unittests/sshkey/testdata/*]
Regenerate test keys with certs signed with ed25519 instead of ecdsa.
These can be used in -portable on platforms that don't support ECDSA.
2014-07-23 10:41:21 +10:00
40e5021189
- dtucker@cvs.openbsd.org 2014/07/22 23:57:40
...
[regress/unittests/sshkey/mktestdata.sh]
Add $OpenBSD tag to make syncs easier
2014-07-23 10:35:45 +10:00
07e644251e
- dtucker@cvs.openbsd.org 2014/07/22 23:23:22
...
[regress/unittests/sshkey/mktestdata.sh]
Sign test certs with ed25519 instead of ecdsa so that they'll work in
-portable on platforms that don't have ECDSA in their OpenSSL. ok djm
2014-07-23 10:34:26 +10:00
cea099a7c4
- djm@cvs.openbsd.org 2014/07/22 01:32:12
...
[regress/multiplex.sh]
change the test for still-open Unix domain sockets to be robust against
nc implementations that produce error messages. from -portable
(Id sync only)
2014-07-23 10:04:02 +10:00
c4ee219a66
- (dtucker) [regress/unittests/sshkey/test_{file,fuzz,sshkey}.c] Wrap ecdsa-
...
specific tests inside OPENSSL_HAS_ECC.
2014-07-23 04:27:50 +10:00
04f4824940
- (djm) [regress/multiplex.sh] change the test for still-open Unix
...
domain sockets to be robust against nc implementations that produce
error messages.
2014-07-22 11:31:47 +10:00
5ea4fe00d5
- (djm) [regress/multiplex.sh] ssh mux master lost -N somehow;
...
put it back
2014-07-22 09:39:19 +10:00
c8f610f6cc
- (djm) [regress/multiplex.sh] Not all netcat accept the -N option.
2014-07-21 10:23:27 +10:00
0e4e95566c
- millert@cvs.openbsd.org 2014/07/15 15:54:15
...
[forwarding.sh multiplex.sh]
Add support for Unix domain socket forwarding. A remote TCP port
may be forwarded to a local Unix domain socket and vice versa or
both ends may be a Unix domain socket. This is a reimplementation
of the streamlocal patches by William Ahern from:
http://www.25thandclement.com/~william/projects/streamlocal.html
OK djm@ markus@
2014-07-21 09:52:54 +10:00
djm@openbsd.org
Damien Miller
markus@openbsd.org
Damien Miller
krw@openbsd.org
Darren Tucker