summaryrefslogtreecommitdiff
path: root/regress/cert-hostkey.sh
diff options
context:
space:
mode:
authormarkus@openbsd.org <markus@openbsd.org>2015-07-10 06:23:25 +0000
committerDamien Miller <djm@mindrot.org>2015-07-15 16:04:27 +1000
commit5bf0933184cb622ca3f96d224bf3299fd2285acc (patch)
tree18ad0591b04a1ff98bb69265e04bc7c5b961533e /regress/cert-hostkey.sh
parent7a6e3fd7b41dbd3756b6bf9acd67954c0b1564cc (diff)
upstream commit
Adapt tests, now that DSA if off by default; use PubkeyAcceptedKeyTypes and PubkeyAcceptedKeyTypes to test DSA. Upstream-Regress-ID: 0ff2a3ff5ac1ce5f92321d27aa07b98656efcc5c
Diffstat (limited to 'regress/cert-hostkey.sh')
-rw-r--r--regress/cert-hostkey.sh23
1 files changed, 22 insertions, 1 deletions
diff --git a/regress/cert-hostkey.sh b/regress/cert-hostkey.sh
index c99c2b1c..3f53922c 100644
--- a/regress/cert-hostkey.sh
+++ b/regress/cert-hostkey.sh
@@ -1,11 +1,32 @@
-# $OpenBSD: cert-hostkey.sh,v 1.12 2015/07/03 04:39:23 djm Exp $
+# $OpenBSD: cert-hostkey.sh,v 1.13 2015/07/10 06:23:25 markus Exp $
# Placed in the Public Domain.
tid="certified host keys"
rm -f $OBJ/known_hosts-cert* $OBJ/host_ca_key* $OBJ/host_revoked_*
rm -f $OBJ/cert_host_key* $OBJ/host_krl_*
+
+# Allow all hostkey/pubkey types, prefer certs for the client
+types=""
+for i in `$SSH -Q key`; do
+ if [ -z "$types" ]; then
+ types="$i"
+ continue
+ fi
+ case "$i" in
+ *cert*) types="$i,$types";;
+ *) types="$types,$i";;
+ esac
+done
+(
+ echo "HostKeyAlgorithms ${types}"
+ echo "PubkeyAcceptedKeyTypes *"
+) >> $OBJ/ssh_proxy
cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak
+(
+ echo "HostKeyAlgorithms *"
+ echo "PubkeyAcceptedKeyTypes *"
+) >> $OBJ/sshd_proxy_bak
HOSTS='localhost-with-alias,127.0.0.1,::1'