find-principals
- adds generic find-principals tests (this command had none before)
- tests certs with a timeboxed validity both with and without a
restriced lifetime for the CA
- test for a revoked CA cert
by Fabian Stelzer
OpenBSD-Regress-ID: 9704b2c6df5b8ccfbdf2c06c5431f5f8cad280c9
We don't use SHA256 from OpenSSL in the sk-dummy module and the
definitions can conflict with system sha2.h (eg on NetBSD) so define
OPENSSL_NO_SHA so we don't attempt to redefine them.
This removes several do..while loops but does not change the
indentation of the now-shallower loops, which will be done in a separate
whitespace-only commit to keep changes of style and substance separate.
OpenBSD-Regress-ID: 4bed1a0249df7b4a87c965066ce689e79472a8f7
if SUDO isn't set for the *-command tests. This means running "make tests"
without SUDO set will perform all of the tests that it can instead of
failing on the ones it cannot run.
OpenBSD-Regress-ID: bd4dbbb02f34b2e8c890558ad4a696248def763a
GNU (f)grep <=2.18, as shipped by FreeBSD<=12 and NetBSD<=9 will
occasionally fail to find ssh host keys in the hostkey-rotate test.
If we have those versions, use awk instead.
Many tests skip tests for various reasons but not in a consistent way and
don't always clean up, so add that and switch the tests that do that over.
OpenBSD-Regress-ID: 72d2ec90a3ee8849486956a808811734281af735
Portable needs this and it makes no difference on OpenBSD, so resync
them. (Id sync only, Portable already had this.)
OpenBSD-Regress-ID: 33f6f66744455886d148527af8368811e4264162
When running PuTTY interop tests and using a PuTTY version older than
0.76, re-enable the ssh-rsa host key algorithm (the 256 and 512 variants
of RSA were added some time between 0.73 and 0.76).
OpenBSD-Regress-ID: e6138d6987aa705fa1e4f216db0bb386e1ff38e1
Specify host key algorithms in sshd's default set for the SSHFP test,
from djm@. Make the reason for when the test is skipped a bit clearer.
OpenBSD-Regress-ID: 4f923dfc761480d5411de17ea6f0b30de3e32cea
we have to change this and having it in the same hunk as the CVS Id string
means applying changes fails every. single. time.
OpenBSD-Regress-ID: 87cd603eb6db58c9b430bf90adacb7f90864429b
scp and sftp like to add -q to the command line passed to ssh which
overrides the LogLevel we set in the config files and suppresses output
to the debug logs so drop any "-q" from the invoked ssh. In the one
case where we actually want to use -q in the banner test, call the ssh
binary directly bypassing the logging wrapper.
OpenBSD-Regress-ID: e2c97d3c964bda33a751374c56f65cdb29755b75
POSIX does not require diff to have -N, so compare in both directions
with just -r, which should catch missing files in either directory.
OpenBSD-Regress-ID: 0e2ec8594556a6f369ed5a0a90c6806419b845f7
openssl binary with OPENSSL_BIN. This will allow us to use the OPENSSL
variable from mk.conf or the make(1) command line indicating if we're
building with our without OpenSSL, and ultimately get the regress tests
working in the OPENSSL=no configuration.
OpenBSD-Regress-ID: 2d788fade3264d7803e5b54cae8875963f688c4e
djm@openbsd.org
Damien Miller
Darren Tucker
dtucker@openbsd.org
anton@openbsd.org