diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2021-07-12 02:12:22 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2021-07-14 09:20:56 +1000 |
| commit | 7ae69f2628e338ba6e0eae7ee8a63bcf8fea7538 (patch) | |
| tree | f789386aeaeb394926cd3368bd01d246f79981cb /regress/sshsig.sh | |
| parent | f5fc6a4c3404bbf65c21ca6361853b33d78aa87e (diff) | |
| download | openssh-git-7ae69f2628e338ba6e0eae7ee8a63bcf8fea7538.tar.gz | |
upstream: fix some broken tests; clean up output
OpenBSD-Regress-ID: 1d5038edb511dc4ce1622344c1e724626a253566
Diffstat (limited to 'regress/sshsig.sh')
| -rw-r--r-- | regress/sshsig.sh | 13 |
1 files changed, 7 insertions, 6 deletions
diff --git a/regress/sshsig.sh b/regress/sshsig.sh index 1e2f9dda..8401b6c0 100644 --- a/regress/sshsig.sh +++ b/regress/sshsig.sh @@ -1,4 +1,4 @@ -# $OpenBSD: sshsig.sh,v 1.4 2020/03/13 03:18:45 djm Exp $ +# $OpenBSD: sshsig.sh,v 1.5 2021/07/12 02:12:22 djm Exp $ # Placed in the Public Domain. tid="sshsig" @@ -12,12 +12,13 @@ sig_namespace="test-$$" sig_principal="user-$$@example.com" # Make a "wrong key" -${SSHKEYGEN} -t ed25519 -f $OBJ/wrong-key -C "wrong trousers, Grommit" -N '' \ +${SSHKEYGEN} -q -t ed25519 -f $OBJ/wrong-key \ + -C "wrong trousers, Grommit" -N '' \ || fatal "couldn't generate key" WRONG=$OBJ/wrong-key.pub # Make a CA key. -${SSHKEYGEN} -t ed25519 -f $OBJ/sigca-key -C "CA" -N '' \ +${SSHKEYGEN} -q -t ed25519 -f $OBJ/sigca-key -C "CA" -N '' \ || fatal "couldn't generate key" CA_PRIV=$OBJ/sigca-key CA_PUB=$OBJ/sigca-key.pub @@ -116,7 +117,7 @@ for t in $SIGNKEYS; do < $DATA >/dev/null 2>&1 && \ fail "accepted signature for $t key, but key is in revoked_keys" - # public key not revoked, but other are present in revoked_keysfile + # public key not revoked, but others are present in revoked_keysfile cat $WRONG > $OBJ/revoked_keys (printf "$sig_principal " ; cat $pubkey) > $OBJ/allowed_signers ${SSHKEYGEN} -vvv -Y verify -s $sigfile -n $sig_namespace \ @@ -168,7 +169,7 @@ for t in $SIGNKEYS; do fail "failed signature for $t cert" # signing key listed as cert-authority - (printf "$sig_principal cert-authority" ; + (printf "$sig_principal cert-authority " ; cat $pubkey) > $OBJ/allowed_signers ${SSHKEYGEN} -vvv -Y verify -s $sigfile -n $sig_namespace \ -I $sig_principal -f $OBJ/allowed_signers \ @@ -183,7 +184,7 @@ for t in $SIGNKEYS; do fail "accepted signature for $t cert with CA not marked" # mismatch between cert principal and file - (printf "josef.k@example.com cert-authority" ; + (printf "josef.k@example.com cert-authority " ; cat $CA_PUB) > $OBJ/allowed_signers ${SSHKEYGEN} -vvv -Y verify -s $sigfile -n $sig_namespace \ -I $sig_principal -f $OBJ/allowed_signers \ |