openssh-portable

Commit Graph

Author	SHA1	Message	Date
Tim Rice	c31db8cd6e	- (tim) [krl.c Makefile.in regress/Makefile regress/modpipe.c] remove unneeded err.h include from krl.c. Additional portability fixes for modpipe. OK djm	2013-02-19 19:01:51 -08:00
Tim Rice	c08b3ef6f4	- (tim) [regress/cipher-speed.sh regress/try-ciphers.sh] shell portability fix.	2013-02-19 11:53:29 -08:00
Damien Miller	dae85cc3ad	- (djm) [regress/integrity.sh] Skip SHA2-based MACs on configurations that lack support for SHA2.	2013-02-19 14:27:44 +11:00
Damien Miller	b3764e1202	- djm@cvs.openbsd.org 2013/02/19 02:14:09 [integrity.sh] oops, forgot to increase the output of the ssh command to ensure that we actually reach $offset	2013-02-19 13:15:01 +11:00
Damien Miller	0dc3bc908e	- djm@cvs.openbsd.org 2013/02/18 22:26:47 [integrity.sh] crank the offset yet again; it was still fuzzing KEX one of Darren's portable test hosts at 2800	2013-02-19 09:28:32 +11:00
Damien Miller	33d52566bc	- djm@cvs.openbsd.org 2013/02/17 23:16:55 [integrity.sh] make the ssh command generates some output to ensure that there are at least offset+tries bytes in the stream.	2013-02-18 10:18:05 +11:00
Damien Miller	5d7b9565bc	- djm@cvs.openbsd.org 2013/02/16 06:08:45 [integrity.sh] make sure the fuzz offset is actually past the end of KEX for all KEX types. diffie-hellman-group-exchange-sha256 requires an offset around 2700. Noticed via test failures in portable OpenSSH on platforms that lack ECC and this the more byte-frugal ECDH KEX algorithms.	2013-02-16 17:32:31 +11:00
Damien Miller	57f9218528	- (djm) [regress/integrity.sh] Start fuzzing from offset 2500 (instead of 2300) to avoid clobbering the end of (non-MAC'd) KEX. Verified by Iain Morgan	2013-02-14 10:32:33 +11:00
Damien Miller	6d77d6ea2b	- (djm) [regress/krl.sh] typo; found by Iain Morgan	2013-02-14 10:31:03 +11:00
Damien Miller	2653f5c0a6	- (djm) [regress/krl.sh] Don't use ecdsa keys in environment that lack ECC.	2013-02-14 10:14:51 +11:00
Damien Miller	2f20de5e3f	- (djm) [regress/try-ciphers.sh] clean up CVS merge botch	2013-02-12 11:31:38 +11:00
Damien Miller	58e2c5b394	- djm@cvs.openbsd.org 2013/02/11 23:58:51 [try-ciphers.sh] remove acss here too	2013-02-12 11:16:57 +11:00
Damien Miller	dc75d1fc04	- (djm) [regress/krl.sh] replacement for jot; most platforms lack it	2013-01-20 22:58:51 +11:00
Damien Miller	ebafebda85	- djm@cvs.openbsd.org 2013/01/18 00:45:29 [regress/Makefile regress/cert-userkey.sh regress/krl.sh] Tests for Key Revocation Lists (KRLs)	2013-01-18 11:51:56 +11:00
Damien Miller	b26699bbad	- (djm) [regress/cipher-speed.sh regress/integrity.sh regress/try-ciphers.sh] check for GCM support before testing GCM ciphers.	2013-01-17 14:31:57 +11:00
Damien Miller	efa1c95092	- (djm) [regress/integrity.sh] repair botched merge	2013-01-12 23:10:47 +11:00
Damien Miller	846dc7f21c	- djm@cvs.openbsd.org 2013/01/12 11:23:53 [regress/cipher-speed.sh regress/integrity.sh regress/try-ciphers.sh] test AES-GCM modes; feedback markus@	2013-01-12 22:46:26 +11:00
Damien Miller	faabeb6b36	- (djm) [regress/Makefile] fix t-exec rule	2012-12-12 12:51:54 +11:00
Damien Miller	37461d7391	- (djm) [regress/integrity.sh] Fix awk quoting, packet length skip	2012-12-12 12:37:32 +11:00
Damien Miller	9fec296b0a	- (djm) [regress/Makefile regress/integrity.sh] Make the integrity.sh test work on platforms without 'jot'	2012-12-12 12:10:10 +11:00
Damien Miller	ec7ce9ace4	- markus@cvs.openbsd.org 2012/12/11 23:12:13 [try-ciphers.sh] add hmac-ripemd160-etm@openssh.com	2012-12-12 10:55:32 +11:00
Damien Miller	1fb593a3f1	- markus@cvs.openbsd.org 2012/12/11 22:42:11 [regress/Makefile regress/modpipe.c regress/integrity.sh] test the integrity of the packets; with djm@	2012-12-12 10:54:37 +11:00
Damien Miller	1a45b63d7b	- markus@cvs.openbsd.org 2012/12/11 22:32:56 [regress/try-ciphers.sh] add etm modes	2012-12-12 10:52:07 +11:00
Darren Tucker	3dfb877046	- dtucker@cvs.openbsd.org 2012/12/06 06:06:54 [regress/keys-command.sh] Fix some problems with the keys-command test: - use string comparison rather than numeric comparison - check for existing KEY_COMMAND file and don't clobber if it exists - clean up KEY_COMMAND file if we do create it. - check that KEY_COMMAND is executable (which it won't be if eg /var/run is mounted noexec). ok djm.	2012-12-07 13:03:10 +11:00
Damien Miller	999bd2d259	- djm@cvs.openbsd.org 2012/12/02 20:47:48 [Makefile regress/forward-control.sh] regress for AllowTcpForwarding local/remote; ok markus@	2012-12-03 10:13:39 +11:00
Damien Miller	771c43cee6	- djm@cvs.openbsd.org 2012/11/22 22:49:30 [regress/Makefile regress/keys-command.sh] regress for AuthorizedKeysCommand; hints from markus@	2012-12-03 10:12:13 +11:00
Damien Miller	6618e92509	- djm@cvs.openbsd.org 2012/10/19 05:10:42 [regress/cert-userkey.sh] include a serial number when generating certs	2012-12-03 10:09:04 +11:00
Damien Miller	fa51d8b6b2	- dtucker@cvs.openbsd.org 2012/10/05 02:20:48 [regress/cipher-speed.sh regress/try-ciphers.sh] Add umac-128@openssh.com to the list of MACs to be tested	2012-12-03 10:08:25 +11:00
Damien Miller	d27a026ab7	- dtucker@cvs.openbsd.org 2012/10/05 02:05:30 [regress/multiplex.sh] Use 'kill -0' to test for the presence of a pid since it's more portable	2012-12-03 10:06:37 +11:00
Darren Tucker	ee4ad778d7	- dtucker@cvs.openbsd.org 2012/09/10 01:51:19 [regress/multiplex.sh] use -Ocheck and waiting for completions by PID to make multiplexing test less racy and (hopefully) more reliable on slow hardware.	2012-10-05 12:04:10 +10:00
Darren Tucker	9b2c0360cf	- dtucker@cvs.openbsd.org 2012/09/10 00:49:21 [regress/multiplex.sh] Log -O cmd output to the log file and make logging consistent with the other tests. Test clean shutdown of an existing channel when testing "stop".	2012-10-05 11:45:39 +10:00
Darren Tucker	6fc5aa8b2e	- dtucker@cvs.openbsd.org 2012/09/09 11:51:25 [multiplex.sh] Add test for ssh -Ostop	2012-10-05 11:43:57 +10:00
Darren Tucker	189e5bad5c	- dtucker@cvs.openbsd.org 2012/09/06 04:11:07 [regress/try-ciphers.sh] Restore missing space. (Id sync only).	2012-10-05 11:41:52 +10:00
Darren Tucker	6ea5dc6bb8	- (dtucker) [regress/test-exec.sh] Correct uname for cygwin/w2k.	2012-07-03 01:11:28 +10:00
Darren Tucker	ec1e15d51a	- (dtucker) [regress/reexec.sh regress/sftp-cmds.sh regress/test-exec.sh] Move cygwin detection to test-exec and use to skip reexec test on cygwin.	2012-07-03 01:06:49 +10:00
Darren Tucker	369ceedce2	- dtucker@cvs.openbsd.org 2012/07/02 14:37:06 [regress/connect-privsep.sh] remove exit from end of test since it prevents reporting failure	2012-07-03 00:53:18 +10:00
Darren Tucker	a08c20763a	- dtucker@cvs.openbsd.org 2012/06/28 05:07:45 [regress/try-ciphers.sh regress/cipher-speed.sh] Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs since they were removed from draft6 of the spec and will not be in the RFC when published. Patch from mdb at juniper net via bz#2023, ok markus	2012-06-30 15:08:53 +10:00
Darren Tucker	2920bc145c	- dtucker@cvs.openbsd.org 2012/06/26 12:06:59 [regress/connect-privsep.sh] test sandbox with every malloc option	2012-06-30 15:06:28 +10:00
Darren Tucker	ff32d7c9d2	- djm@cvs.openbsd.org 2012/06/01 00:52:52 [regress/sftp-cmds.sh] don't delete .* on cleanup due to unintended env expansion; pointed out in bz#2014 by openssh AT roumenpetrov.info	2012-06-30 15:04:13 +10:00
Darren Tucker	4430a86c14	- djm@cvs.openbsd.org 2012/06/01 00:47:35 [multiplex.sh forwarding.sh] append to rather than truncate test log; bz#2013 from openssh AT roumenpetrov.	2012-06-30 15:03:28 +10:00
Darren Tucker	301390316c	- dtucker@cvs.openbsd.org 2012/05/13 01:42:32 [regress/addrmatch.sh] Add "Match LocalAddress" and "Match LocalPort" to sshd and adjust tests to match. Feedback and ok djm@ markus@.	2012-06-30 15:01:22 +10:00
Darren Tucker	d0d3fff483	- (dtucker) [regress/addrmatch.sh] skip tests when running on a non-ipv6 platform rather than exiting early, so that we still clean up and return status to test-exec.sh	2012-04-27 10:55:39 +10:00
Tim Rice	a3f297de91	- (tim) [regress/keytype.sh] stderr redirection needs to be inside back quote to work. Spotted by Angel Gonzalez	2012-02-14 23:01:42 -08:00
Damien Miller	6efd94f32e	- (djm) [regress/connect-privsep.sh regress/test-exec.sh] demote fatal regress errors for the sandbox to warnings. ok tim dtucker	2011-09-04 19:04:16 +10:00
Damien Miller	2df1bec086	- (djm) [regress/cipher-speed.sh regress/try-ciphers.sh] disable HMAC-SHA2 MAC tests for platforms that hack EVP_SHA2 support	2011-08-17 12:25:46 +10:00
Damien Miller	062fa30532	- djm@cvs.openbsd.org 2011/08/02 01:23:41 [regress/cipher-speed.sh regress/try-ciphers.sh] add SHA256/SHA512 based HMAC modes	2011-08-17 12:10:02 +10:00
Damien Miller	faf4d80420	- markus@cvs.openbsd.org 2011/06/30 22:44:43 [connect-privsep.sh] test with sandbox enabled; ok djm@	2011-08-17 12:09:19 +10:00
Damien Miller	9231c8bde4	- dtucker@cvs.openbsd.org 2011/06/03 05:35:10 [regress/cfgmatch.sh] use OBJ to find test configs, patch from Tim Rice	2011-08-17 12:08:15 +10:00
Tim Rice	bc481570d1	- (tim) [regress/cfgmatch.sh] Build/test out of tree fix.	2011-06-02 22:26:19 -07:00
Darren Tucker	bf4d05a37c	- dtucker@cvs.openbsd.org 2011/06/03 00:29:52 [regress/dynamic-forward.sh] Retry establishing the port forwarding after a small delay, should make the tests less flaky when the previous test is slow to shut down and free up the port.	2011-06-03 14:19:02 +10:00
Darren Tucker	75e035c34e	- dtucker@cvs.openbsd.org 2011/05/31 02:03:34 [regress/dynamic-forward.sh] work around startup and teardown races; caught by deraadt	2011-06-03 14:18:17 +10:00
Darren Tucker	260c8fbc4d	- dtucker@cvs.openbsd.org 2011/05/31 02:01:58 [regress/dynamic-forward.sh] back out revs 1.6 and 1.5 since it's not reliable	2011-06-03 14:17:27 +10:00
Damien Miller	8cb3587336	- djm@cvs.openbsd.org 2011/05/23 03:31:31 [regress/cfgmatch.sh] include testing of multiple/overridden AuthorizedKeysFiles refactor to simply daemon start/stop and get rid of racy constructs	2011-05-29 21:59:10 +10:00
Damien Miller	acacced70b	- dtucker@cvs.openbsd.org 2011/05/20 06:32:30 [dynamic-forward.sh] fix dumb error in dynamic-forward test	2011-05-20 19:08:40 +10:00
Damien Miller	7b9451f382	- dtucker@cvs.openbsd.org 2011/05/20 05:19:50 [dynamic-forward.sh] Prevent races in dynamic forwarding test; ok djm	2011-05-20 19:08:11 +10:00
Damien Miller	3045b45a03	- djm@cvs.openbsd.org 2011/05/20 02:43:36 [cert-hostkey.sh] another attempt to generate a v00 ECDSA key that broke the test ID sync only - portable already had this somehow	2011-05-20 19:07:45 +10:00
Damien Miller	f67188fe13	- djm@cvs.openbsd.org 2011/05/17 07:13:31 [regress/cert-userkey.sh] fatal() if asked to generate a legacy ECDSA cert (these don't exist) and fix the regress test that was trying to generate them :)	2011-05-20 19:06:48 +10:00
Damien Miller	f22019bdbf	- (djm) [Makefile.in WARNING.RNG aclocal.m4 buildpkg.sh.in configure.ac] [entropy.c ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c] [ssh-keysign.c ssh-pkcs11-helper.c ssh-rand-helper.8 ssh-rand-helper.c] [ssh.c ssh_prng_cmds.in sshd.c contrib/aix/buildbff.sh] [regress/README.regress] Remove ssh-rand-helper and all its tentacles. PRNGd seeding has been rolled into entropy.c directly. Thanks to tim@ for testing on affected platforms.	2011-05-05 13:48:37 +10:00
Tim Rice	6dfcd34042	- (tim) [regress/agent-getpeereid.sh] shell portability fix.	2011-01-16 22:53:56 -08:00
Damien Miller	58497780ab	- (djm) [configure.ac regress/agent-getpeereid.sh regress/multiplex.sh] [regress/sftp-glob.sh regress/test-exec.sh] Rework how feature tests are disabled on platforms that do not support them; add a "config_defined()" shell function that greps for defines in config.h and use them to decide on feature tests. Convert a couple of existing grep's over config.h to use the new function Add a define "FILESYSTEM_NO_BACKSLASH" for filesystem that can't represent backslash characters in filenames, enable it for Cygwin and use it to turn of tests for quotes backslashes in sftp-glob.sh. based on discussion with vinschen AT redhat.com and dtucker@; ok dtucker@	2011-01-17 16:17:09 +11:00
Damien Miller	1ccbfa88b1	- (djm) [regress/agent-getpeereid.sh] leave stdout attached when running ssh-add to avoid $SUDO failures on Linux	2011-01-17 11:52:40 +11:00
Damien Miller	fd3669eb26	- (djm) [regress/agent-ptrace.sh] Fix false failure on OS X by adding its unique snowflake of a gdb error to the ones we look for.	2011-01-17 11:20:18 +11:00
Damien Miller	369c0e8eef	- (djm) [regress/Makefile] use $TEST_SSH_KEYGEN instead of the one in $PATH, fix cleanup of droppings; reported by openssh AT roumenpetrov.info; ok dtucker@	2011-01-17 10:51:40 +11:00
Darren Tucker	50c61f88ab	- (dtucker) [Makefile.in configure.ac regress/kextype.sh] Skip sha256-based on configurations that don't have it.	2011-01-16 18:28:09 +11:00
Tim Rice	c5c346b101	- (tim) [regress/cert-hostkey.sh] Add missing TEST_SSH_ECC guard around some ecdsa bits.	2011-01-13 22:36:14 -08:00
Tim Rice	02d99da976	- (tim) [regress/cert-hostkey.sh] Typo. Missing $ on variable name.	2011-01-13 22:20:27 -08:00
Damien Miller	5278806e39	- (djm) [regress/kextype.sh] Testing diffie-hellman-group-exchange-sha256 should not depend on ECC support	2011-01-13 22:05:14 +11:00
Damien Miller	cbaf8e6ec1	- (djm) [regress/Makefile] add a few more generated files to the clean target	2011-01-13 21:08:27 +11:00
Tim Rice	076a3b9ced	- (tim) [regress/host-expand.sh] Fix for building outside of read only source tree.	2011-01-10 12:56:26 -08:00
Damien Miller	996384d500	- (djm) [regress/keytype.sh] s/echo -n/echon/ to repair failing regress test on OSX and others. Reported by imorgan AT nas.nasa.gov	2011-01-08 21:58:20 +11:00
Damien Miller	7d06b00032	- djm@cvs.openbsd.org 2011/01/06 22:46:21 [regress/Makefile regress/host-expand.sh] regress test for LocalCommand %n expansion from bert.wesarg AT googlemail.com; ok markus@	2011-01-07 09:54:20 +11:00
Damien Miller	322125b960	- (djm) [regress/cert-hostkey.sh regress/cert-userkey.sh] fix shell test for no-ECC case. Patch from cristian.ionescu-idbohrn AT axis.com	2011-01-07 09:50:08 +11:00
Darren Tucker	bf5fec1bc6	Id sync	2010-12-05 10:34:08 +11:00
Darren Tucker	4288c53d04	- djm@cvs.openbsd.org 2010/12/04 00:21:19 [regress/sftp-cmds.sh] adjust for hard-link support	2010-12-05 09:45:50 +11:00
Darren Tucker	7e1a5a4e1b	- (dtucker) [regress/Makefile] Id sync.	2010-12-05 09:29:31 +11:00
Tim Rice	e426f5e932	- (tim) [regress/kextype.sh] Not all platforms have time in /usr/bin. Feedback from dtucker@	2010-11-08 09:15:14 -08:00
Tim Rice	c10aeaa8f2	- (tim) [regress/kextype.sh] Shell portability fix.	2010-11-07 13:03:11 -08:00
Tim Rice	522262f8b3	- (tim) [regress/Makefile] Fixes to allow building/testing outside source tree.	2010-11-07 13:00:27 -08:00
Darren Tucker	f619d1cad9	- (dtucker) [regress/kextype.sh] Make sha256 test depend on ECC. This is not strictly correct since while ECC requires sha256 the reverse is not true however it does prevent spurious test failures.	2010-11-05 18:41:50 +11:00
Darren Tucker	345178d951	- (dtucker) [regress/kextype.sh] Add missing "test".	2010-11-05 18:35:52 +11:00
Darren Tucker	eab5f0df90	- (dtucker) [Makefile configure.ac regress/Makefile regress/keytype.sh] Import recent changes to regress/Makefile, pass a flag to enable ECC tests from configure through to regress/Makefile and use it in the tests.	2010-11-05 18:23:38 +11:00
Darren Tucker	b69e033e67	- (dtucker) [regress/keytype.sh] Import new test.	2010-11-05 18:19:15 +11:00
Damien Miller	3a0e9f6479	- djm@cvs.openbsd.org 2010/09/22 12:26:05 [regress/Makefile regress/kextype.sh] regress test for each of the key exchange algorithms that we support	2010-11-05 10:16:34 +11:00
Darren Tucker	d633fef471	- (dtucker) [regress/cert-userkey.sh] Disable ECC-based tests on platforms which don't have ECC support in libcrypto.	2010-10-24 11:33:07 +11:00
Darren Tucker	bfd9b1be41	- (dtucker) [regress/cert-hostkey.sh] Disable ECC-based tests on platforms which don't have ECC support in libcrypto.	2010-10-24 11:19:26 +11:00
Damien Miller	6fd2d7de4b	- djm@cvs.openbsd.org 2010/08/31 12:24:09 [regress/cert-hostkey.sh regress/cert-userkey.sh] tests for ECDSA certificates	2010-10-21 15:27:14 +11:00
Damien Miller	07ad389181	- (djm) [regress/README.regress] typo	2010-08-17 07:04:28 +10:00
Tim Rice	722b8d14f1	- (tim) [regress/login-timeout.sh regress/reconfigure.sh regress/reexec.sh regress/test-exec.sh] Under certain conditions when testing with sudo tests would fail because the pidfile could not be read by a regular user. "cat: cannot open ...../regress/pidfile: Permission denied (error 13)" Make sure cat is run by $SUDO. no objection from me. djm@	2010-08-12 09:43:13 -07:00
Damien Miller	ab139cde38	- djm@cvs.openbsd.org 2010/06/29 23:59:54 [cert-userkey.sh] regress tests for key options in AuthorizedPrincipals	2010-07-02 13:42:18 +10:00
Damien Miller	527ded7f64	- phessler@cvs.openbsd.org 2010/06/27 19:19:56 [Makefile] fix how we run the tests so we can successfully use SUDO='sudo -E' in our env	2010-07-02 13:40:16 +10:00
Damien Miller	3bcce80b54	- djm@cvs.openbsd.org 2010/05/07 11:31:26 [regress/Makefile regress/cert-userkey.sh] regress tests for AuthorizedPrincipalsFile and "principals=" key option. feedback and ok markus@	2010-05-21 14:48:16 +10:00
Damien Miller	53f4bb6599	- OpenBSD CVS Sync - djm@cvs.openbsd.org 2010/04/16 01:58:45 [regress/cert-hostkey.sh regress/cert-userkey.sh] regression tests for v01 certificate format includes interop tests for v00 certs	2010-04-18 08:15:14 +10:00
Damien Miller	700dcfa3e0	- djm@cvs.openbsd.org 2010/03/04 10:38:23 [regress/cert-hostkey.sh regress/cert-userkey.sh] additional regression tests for revoked keys and TrustedUserCAKeys	2010-03-04 21:58:01 +11:00
Damien Miller	017d1e777e	- djm@cvs.openbsd.org 2010/03/03 00:47:23 [regress/cert-hostkey.sh regress/cert-userkey.sh] add an extra test to ensure that authentication with the wrong certificate fails as it should (and it does)	2010-03-04 21:57:21 +11:00
Damien Miller	e1abf4d6bc	- (djm) [regress/Makefile] Cleanup sshd_proxy_orig	2010-03-04 21:41:29 +11:00
Damien Miller	386dbc05e9	- (djm) [regress/cert-userkey.sh] s/echo -n/echon/ here too	2010-03-03 13:22:41 +11:00
Darren Tucker	c614c78c53	- (dtucker) [regress/{cert-hostkey,cfgmatch,cipher-speed}.sh} Replace "echo -n" with "echon" for portability.	2010-03-01 12:49:05 +11:00
Damien Miller	58ac6de964	- djm@cvs.openbsd.org 2010/02/26 20:33:21 [Makefile regress/cert-hostkey.sh regress/cert-userkey.sh] regression tests for certified keys	2010-02-27 07:57:12 +11:00
Damien Miller	8eff8e8f59	- dtucker@cvs.openbsd.org 2009/11/09 04:20:04 [regress/Makefile keygen-convert.sh] add regression test for ssh-keygen pubkey conversions	2010-02-24 17:33:30 +11:00
Damien Miller	cfa42d2fd2	- markus@cvs.openbsd.org 2010/02/08 10:52:47 [regress/agent-pkcs11.sh] test for PKCS#11 support (currently disabled)	2010-02-24 17:31:20 +11:00

1 2 3 4 5 ...

356 Commits