diff options
author | djm@openbsd.org <djm@openbsd.org> | 2023-02-10 05:06:03 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2023-02-10 16:13:06 +1100 |
commit | 6180b0fa4f7996687678702806257e661fd5931e (patch) | |
tree | 1e3045f8d529e298a1a30f834b0a582e8b05385f /regress | |
parent | d651f5c9fe37e61491eee46c49ba9fa03dbc0e6a (diff) | |
download | openssh-git-6180b0fa4f7996687678702806257e661fd5931e.tar.gz |
upstream: test -Ohashalg=... and that the default output contains both
specified hash algorithms; prompted by dtucker@
OpenBSD-Regress-ID: 26f309208c8d8b8fa9c5f419767b85f1e9b22f51
Diffstat (limited to 'regress')
-rw-r--r-- | regress/keygen-sshfp.sh | 22 |
1 files changed, 21 insertions, 1 deletions
diff --git a/regress/keygen-sshfp.sh b/regress/keygen-sshfp.sh index 2abf9ade..0f5eb855 100644 --- a/regress/keygen-sshfp.sh +++ b/regress/keygen-sshfp.sh @@ -1,4 +1,4 @@ -# $OpenBSD: keygen-sshfp.sh,v 1.2 2021/07/19 02:29:28 dtucker Exp $ +# $OpenBSD: keygen-sshfp.sh,v 1.3 2023/02/10 05:06:03 djm Exp $ # Placed in the Public Domain. tid="keygen-sshfp" @@ -16,6 +16,25 @@ if [ "$fp" != \ fail "keygen fingerprint sha256" fi +# Expect two lines of output without an explicit algorithm +fp=`${SSHKEYGEN} -r test -f ${SRC}/ed25519_openssh.pub | wc -l` +if [ $(($fp + 0)) -ne 2 ] ; then + fail "incorrect number of SSHFP records $fp (expected 2)" +fi + +# Test explicit algorithm selection +exp="test IN SSHFP 4 1 8a8647a7567e202ce317e62606c799c53d4c121f" +fp=`${SSHKEYGEN} -Ohashalg=sha1 -r test -f ${SRC}/ed25519_openssh.pub` +if [ "x$exp" != "x$fp" ] ; then + fail "incorrect SHA1 SSHFP output" +fi + +exp="test IN SSHFP 4 2 54a506fb849aafb9f229cf78a94436c281efcb4ae67c8a430e8c06afcb5ee18f" +fp=`${SSHKEYGEN} -Ohashalg=sha256 -r test -f ${SRC}/ed25519_openssh.pub` +if [ "x$exp" != "x$fp" ] ; then + fail "incorrect SHA256 SSHFP output" +fi + if ${SSH} -Q key-plain | grep ssh-rsa >/dev/null; then fp=`${SSHKEYGEN} -r test -f ${SRC}/rsa_openssh.pub | awk '$5=="1"{print $6}'` if [ "$fp" != "99c79cc09f5f81069cc017cdf9552cfc94b3b929" ]; then @@ -27,3 +46,4 @@ if ${SSH} -Q key-plain | grep ssh-rsa >/dev/null; then fail "keygen fingerprint sha256" fi fi + |