[openssh-commits] [openssh] 03/07: upstream: skip security-key key types for tests until we have a

git+noreply at mindrot.org git+noreply at mindrot.org
Fri Nov 1 13:11:08 AEDT 2019


This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit afa59e26eeb44a93f36f043f60b936eaddae77c4
Author: djm at openbsd.org <djm at openbsd.org>
Date:   Fri Nov 1 01:55:41 2019 +0000

    upstream: skip security-key key types for tests until we have a
    
    dummy U2F middleware to use.
    
    OpenBSD-Regress-ID: 37200462b44334a4ad45e6a1f7ad1bd717521a95
---
 regress/cert-hostkey.sh       | 6 +++---
 regress/cert-userkey.sh       | 4 ++--
 regress/hostkey-agent.sh      | 6 +++---
 regress/hostkey-rotate.sh     | 4 ++--
 regress/keygen-change.sh      | 4 ++--
 regress/keyscan.sh            | 4 ++--
 regress/krl.sh                | 4 ++--
 regress/limit-keytype.sh      | 4 ++--
 regress/principals-command.sh | 4 ++--
 regress/test-exec.sh          | 4 ++--
 10 files changed, 22 insertions(+), 22 deletions(-)

diff --git a/regress/cert-hostkey.sh b/regress/cert-hostkey.sh
index 86ea6250..82195b11 100644
--- a/regress/cert-hostkey.sh
+++ b/regress/cert-hostkey.sh
@@ -1,4 +1,4 @@
-#	$OpenBSD: cert-hostkey.sh,v 1.18 2019/07/25 08:28:15 dtucker Exp $
+#	$OpenBSD: cert-hostkey.sh,v 1.19 2019/11/01 01:55:41 djm Exp $
 #	Placed in the Public Domain.
 
 tid="certified host keys"
@@ -9,7 +9,7 @@ rm -f $OBJ/cert_host_key* $OBJ/host_krl_*
 # Allow all hostkey/pubkey types, prefer certs for the client
 rsa=0
 types=""
-for i in `$SSH -Q key`; do
+for i in `$SSH -Q key | grep -v ^sk-`; do
 	if [ -z "$types" ]; then
 		types="$i"
 		continue
@@ -70,7 +70,7 @@ touch $OBJ/host_revoked_plain
 touch $OBJ/host_revoked_cert
 cat $OBJ/host_ca_key.pub $OBJ/host_ca_key2.pub > $OBJ/host_revoked_ca
 
-PLAIN_TYPES=`$SSH -Q key-plain | sed 's/^ssh-dss/ssh-dsa/g;s/^ssh-//'`
+PLAIN_TYPES=`$SSH -Q key-plain  | grep -v ^sk- | sed 's/^ssh-dss/ssh-dsa/g;s/^ssh-//'`
 
 if echo "$PLAIN_TYPES" | grep '^rsa$' >/dev/null 2>&1 ; then
 	PLAIN_TYPES="$PLAIN_TYPES rsa-sha2-256 rsa-sha2-512"
diff --git a/regress/cert-userkey.sh b/regress/cert-userkey.sh
index 38c14a69..51ac8dcb 100644
--- a/regress/cert-userkey.sh
+++ b/regress/cert-userkey.sh
@@ -1,4 +1,4 @@
-#	$OpenBSD: cert-userkey.sh,v 1.21 2019/07/25 08:28:15 dtucker Exp $
+#	$OpenBSD: cert-userkey.sh,v 1.22 2019/11/01 01:55:41 djm Exp $
 #	Placed in the Public Domain.
 
 tid="certified user keys"
@@ -7,7 +7,7 @@ rm -f $OBJ/authorized_keys_$USER $OBJ/user_ca_key* $OBJ/cert_user_key*
 cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak
 cp $OBJ/ssh_proxy $OBJ/ssh_proxy_bak
 
-PLAIN_TYPES=`$SSH -Q key-plain | sed 's/^ssh-dss/ssh-dsa/;s/^ssh-//'`
+PLAIN_TYPES=`$SSH -Q key-plain | grep -v ^sk- | sed 's/^ssh-dss/ssh-dsa/;s/^ssh-//'`
 EXTRA_TYPES=""
 rsa=""
 
diff --git a/regress/hostkey-agent.sh b/regress/hostkey-agent.sh
index 811b6b9a..c581c7bf 100644
--- a/regress/hostkey-agent.sh
+++ b/regress/hostkey-agent.sh
@@ -1,4 +1,4 @@
-#	$OpenBSD: hostkey-agent.sh,v 1.7 2017/04/30 23:34:55 djm Exp $
+#	$OpenBSD: hostkey-agent.sh,v 1.8 2019/11/01 01:55:41 djm Exp $
 #	Placed in the Public Domain.
 
 tid="hostkey agent"
@@ -14,7 +14,7 @@ grep -vi 'hostkey' $OBJ/sshd_proxy > $OBJ/sshd_proxy.orig
 echo "HostKeyAgent $SSH_AUTH_SOCK" >> $OBJ/sshd_proxy.orig
 
 trace "load hostkeys"
-for k in `${SSH} -Q key-plain` ; do
+for k in `${SSH} -Q key-plain | grep -v ^sk-` ; do
 	${SSHKEYGEN} -qt $k -f $OBJ/agent-key.$k -N '' || fatal "ssh-keygen $k"
 	(
 		printf 'localhost-with-alias,127.0.0.1,::1 '
@@ -31,7 +31,7 @@ cp $OBJ/known_hosts.orig $OBJ/known_hosts
 unset SSH_AUTH_SOCK
 
 for ps in no yes; do
-	for k in `${SSH} -Q key-plain` ; do
+	for k in `${SSH} -Q key-plain | grep -v ^sk-` ; do
 		verbose "key type $k privsep=$ps"
 		cp $OBJ/sshd_proxy.orig $OBJ/sshd_proxy
 		echo "UsePrivilegeSeparation $ps" >> $OBJ/sshd_proxy
diff --git a/regress/hostkey-rotate.sh b/regress/hostkey-rotate.sh
index cc6bd9cf..707e3290 100644
--- a/regress/hostkey-rotate.sh
+++ b/regress/hostkey-rotate.sh
@@ -1,10 +1,10 @@
-#	$OpenBSD: hostkey-rotate.sh,v 1.6 2019/08/30 05:08:28 dtucker Exp $
+#	$OpenBSD: hostkey-rotate.sh,v 1.7 2019/11/01 01:55:41 djm Exp $
 #	Placed in the Public Domain.
 
 tid="hostkey rotate"
 
 # Need full names here since they are used in HostKeyAlgorithms
-HOSTKEY_TYPES="`${SSH} -Q key-plain`"
+HOSTKEY_TYPES="`${SSH} -Q key-plain | grep -v ^sk-`"
 
 rm -f $OBJ/hkr.* $OBJ/ssh_proxy.orig
 
diff --git a/regress/keygen-change.sh b/regress/keygen-change.sh
index 8b8acd52..c62f2c17 100644
--- a/regress/keygen-change.sh
+++ b/regress/keygen-change.sh
@@ -1,4 +1,4 @@
-#	$OpenBSD: keygen-change.sh,v 1.6 2017/04/30 23:34:55 djm Exp $
+#	$OpenBSD: keygen-change.sh,v 1.7 2019/11/01 01:55:41 djm Exp $
 #	Placed in the Public Domain.
 
 tid="change passphrase for key"
@@ -6,7 +6,7 @@ tid="change passphrase for key"
 S1="secret1"
 S2="2secret"
 
-KEYTYPES=`${SSH} -Q key-plain`
+KEYTYPES=`${SSH} -Q key-plain | grep -v ^sk-`
 
 for t in $KEYTYPES; do
 	# generate user key for agent
diff --git a/regress/keyscan.sh b/regress/keyscan.sh
index 8940d24b..4e16ecd8 100644
--- a/regress/keyscan.sh
+++ b/regress/keyscan.sh
@@ -1,9 +1,9 @@
-#	$OpenBSD: keyscan.sh,v 1.9 2019/01/28 03:50:39 dtucker Exp $
+#	$OpenBSD: keyscan.sh,v 1.10 2019/11/01 01:55:41 djm Exp $
 #	Placed in the Public Domain.
 
 tid="keyscan"
 
-KEYTYPES=`${SSH} -Q key-plain`
+KEYTYPES=`${SSH} -Q key-plain | grep -v ^sk-`
 for i in $KEYTYPES; do
 	if [ -z "$algs" ]; then
 		algs="$i"
diff --git a/regress/krl.sh b/regress/krl.sh
index e18d0ec7..c9b2e67e 100644
--- a/regress/krl.sh
+++ b/regress/krl.sh
@@ -1,4 +1,4 @@
-#	$OpenBSD: krl.sh,v 1.8 2019/07/25 09:17:35 dtucker Exp $
+#	$OpenBSD: krl.sh,v 1.9 2019/11/01 01:55:41 djm Exp $
 #	Placed in the Public Domain.
 
 tid="key revocation lists"
@@ -6,7 +6,7 @@ tid="key revocation lists"
 # Use ed25519 by default since it's fast and it's supported when building
 # w/out OpenSSL.  Populate ktype[2-4] with the other types if supported.
 ktype1=ed25519; ktype2=ed25519; ktype3=ed25519; ktype4=ed25519
-for t in `${SSH} -Q key-plain`; do
+for t in `${SSH} -Q key-plain | grep -v ^sk-`; do
 	case "$t" in
 		ecdsa*)		ktype2=ecdsa ;;
 		ssh-rsa)	ktype3=rsa ;;
diff --git a/regress/limit-keytype.sh b/regress/limit-keytype.sh
index 5c30af00..6eb255c2 100644
--- a/regress/limit-keytype.sh
+++ b/regress/limit-keytype.sh
@@ -1,4 +1,4 @@
-#	$OpenBSD: limit-keytype.sh,v 1.6 2019/07/26 04:22:21 dtucker Exp $
+#	$OpenBSD: limit-keytype.sh,v 1.7 2019/11/01 01:55:41 djm Exp $
 #	Placed in the Public Domain.
 
 tid="restrict pubkey type"
@@ -10,7 +10,7 @@ mv $OBJ/sshd_proxy $OBJ/sshd_proxy.orig
 mv $OBJ/ssh_proxy $OBJ/ssh_proxy.orig
 
 ktype1=ed25519; ktype2=$ktype1; ktype3=$ktype1; ktype4=$ktype1
-for t in `${SSH} -Q key-plain`; do
+for t in `${SSH} -Q key-plain | grep -v ^sk-`; do
 	case "$t" in
 		ssh-rsa)	ktype2=rsa ;;
 		ecdsa*)		ktype3=ecdsa ;;  # unused
diff --git a/regress/principals-command.sh b/regress/principals-command.sh
index 7d380325..005c6b7d 100644
--- a/regress/principals-command.sh
+++ b/regress/principals-command.sh
@@ -1,4 +1,4 @@
-#	$OpenBSD: principals-command.sh,v 1.7 2019/09/06 04:24:06 dtucker Exp $
+#	$OpenBSD: principals-command.sh,v 1.8 2019/11/01 01:55:41 djm Exp $
 #	Placed in the Public Domain.
 
 tid="authorized principals command"
@@ -12,7 +12,7 @@ if [ -z "$SUDO" -a ! -w /var/run ]; then
 	exit 0
 fi
 
-case "`${SSH} -Q key-plain`" in
+case "`${SSH} -Q key-plain | grep -v ^sk-`" in
 	*ssh-rsa*)	userkeytype=rsa ;;
 	*)		userkeytype=ed25519 ;;
 esac
diff --git a/regress/test-exec.sh b/regress/test-exec.sh
index 508b9328..3f1685bb 100644
--- a/regress/test-exec.sh
+++ b/regress/test-exec.sh
@@ -1,4 +1,4 @@
-#	$OpenBSD: test-exec.sh,v 1.66 2019/07/05 04:12:46 dtucker Exp $
+#	$OpenBSD: test-exec.sh,v 1.67 2019/11/01 01:55:41 djm Exp $
 #	Placed in the Public Domain.
 
 #SUDO=sudo
@@ -475,7 +475,7 @@ fi
 
 rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER
 
-SSH_KEYTYPES=`$SSH -Q key-plain`
+SSH_KEYTYPES=`$SSH -Q key-plain | grep -v ^sk`
 
 for t in ${SSH_KEYTYPES}; do
 	# generate user key

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.


More information about the openssh-commits mailing list