diff options
| author | Darren Tucker <dtucker@dtucker.net> | 2022-07-13 13:17:47 +1000 |
|---|---|---|
| committer | Darren Tucker <dtucker@dtucker.net> | 2022-07-13 13:17:47 +1000 |
| commit | 76f4e48631d7b09fb243b47d7b393d100d3741b7 (patch) | |
| tree | 55d488c1e7fc3ea317257c04a5944330cfe5e24b /regress/keyscan.sh | |
| parent | e75bbc1d88491fa85e61b2cc8783d4bbd00cd131 (diff) | |
| download | openssh-git-76f4e48631d7b09fb243b47d7b393d100d3741b7.tar.gz | |
Only refuse to use OpenSSL 3.0.4 on x86_64.
The potential RCE only impacts x86_64, so only refuse to use it if we're
targetting a potentially impacted architecture. ok djm@
Diffstat (limited to 'regress/keyscan.sh')
| -rw-r--r-- | regress/keyscan.sh | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/regress/keyscan.sh b/regress/keyscan.sh index 75a14ee0..0b8c33aa 100644 --- a/regress/keyscan.sh +++ b/regress/keyscan.sh @@ -23,3 +23,16 @@ for t in $SSH_KEYTYPES; do fail "ssh-keyscan -t $t failed with: $r" fi done + +stop_sshd +sleep 1 + +trace "keyscan banner length" +banner="" +for i in `seq 245 256`; do + trace "keyscan length $i" + banner=`perl -le "print 'A'x$i"` + (printf "SSH-2.0-${banner}" | ${NC} -N -l $PORT >/dev/null) & + ${SSHKEYSCAN} -p $PORT 127.0.0.1 + sleep 3 +done |