diff options
author | dtucker@openbsd.org <dtucker@openbsd.org> | 2019-07-25 08:28:15 +0000 |
---|---|---|
committer | Darren Tucker <dtucker@dtucker.net> | 2019-07-25 20:01:19 +1000 |
commit | 1e94afdfa8df774ab7dd3bad52912b636dc31bbd (patch) | |
tree | 0919af20d3dba4560885d709c61e202d3aace86f /regress/cert-userkey.sh | |
parent | 26bf693661a48b97b6023f702b2af643676ac21a (diff) | |
download | openssh-git-1e94afdfa8df774ab7dd3bad52912b636dc31bbd.tar.gz |
upstream: Make certificate tests work with the supported key
algorithms. Allows tests to pass when built without OpenSSL.
OpenBSD-Regress-ID: 617169a6dd9d06db3697a449d9a26c284eca20fc
Diffstat (limited to 'regress/cert-userkey.sh')
-rw-r--r-- | regress/cert-userkey.sh | 19 |
1 files changed, 15 insertions, 4 deletions
diff --git a/regress/cert-userkey.sh b/regress/cert-userkey.sh index 6849e992..38c14a69 100644 --- a/regress/cert-userkey.sh +++ b/regress/cert-userkey.sh @@ -1,4 +1,4 @@ -# $OpenBSD: cert-userkey.sh,v 1.20 2018/10/31 11:09:27 dtucker Exp $ +# $OpenBSD: cert-userkey.sh,v 1.21 2019/07/25 08:28:15 dtucker Exp $ # Placed in the Public Domain. tid="certified user keys" @@ -9,8 +9,10 @@ cp $OBJ/ssh_proxy $OBJ/ssh_proxy_bak PLAIN_TYPES=`$SSH -Q key-plain | sed 's/^ssh-dss/ssh-dsa/;s/^ssh-//'` EXTRA_TYPES="" +rsa="" if echo "$PLAIN_TYPES" | grep '^rsa$' >/dev/null 2>&1 ; then + rsa=rsa PLAIN_TYPES="$PLAIN_TYPES rsa-sha2-256 rsa-sha2-512" fi @@ -20,11 +22,20 @@ kname() { # subshell because some seds will add a newline *) n=$(echo $1 | sed 's/^dsa/ssh-dss/;s/^rsa/ssh-rsa/;s/^ed/ssh-ed/') ;; esac - echo "$n*,ssh-rsa*,ssh-ed25519*" + if [ -z "$rsa" ]; then + echo "$n*,ssh-ed25519*" + else + echo "$n*,ssh-rsa*,ssh-ed25519*" + fi } # Create a CA key -${SSHKEYGEN} -q -N '' -t rsa -f $OBJ/user_ca_key ||\ +if [ ! -z "$rsa" ]; then + catype=rsa +else + catype=ed25519 +fi +${SSHKEYGEN} -q -N '' -t $catype -f $OBJ/user_ca_key ||\ fail "ssh-keygen of user_ca_key failed" # Generate and sign user keys @@ -283,7 +294,7 @@ test_one() { fi for auth in $auth_choice ; do - for ktype in rsa ed25519 ; do + for ktype in $rsa ed25519 ; do cat $OBJ/sshd_proxy_bak > $OBJ/sshd_proxy if test "x$auth" = "xauthorized_keys" ; then # Add CA to authorized_keys |