[openssh-commits] [openssh] 01/01: upstream: s/PubkeyAcceptedKeyTypes/PubkeyAcceptedAlgorithms/

git+noreply at mindrot.org git+noreply at mindrot.org
Thu Feb 25 15:15:54 AEDT 2021


This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit 9beeab8a37a49a9e3ffb1972fff6621ee5bd7a71
Author: djm at openbsd.org <djm at openbsd.org>
Date:   Thu Feb 25 03:27:34 2021 +0000

    upstream: s/PubkeyAcceptedKeyTypes/PubkeyAcceptedAlgorithms/
    
    OpenBSD-Regress-ID: 3dbc005fa29f69dc23d97e433b6dffed6fe7cb69
---
 regress/agent.sh         |  6 +++---
 regress/cert-hostkey.sh  |  6 +++---
 regress/cert-userkey.sh  | 22 +++++++++++-----------
 regress/keytype.sh       |  6 +++---
 regress/limit-keytype.sh | 18 +++++++++---------
 5 files changed, 29 insertions(+), 29 deletions(-)

diff --git a/regress/agent.sh b/regress/agent.sh
index a3ad1385..f187b675 100644
--- a/regress/agent.sh
+++ b/regress/agent.sh
@@ -1,4 +1,4 @@
-#	$OpenBSD: agent.sh,v 1.19 2020/07/15 04:55:47 dtucker Exp $
+#	$OpenBSD: agent.sh,v 1.20 2021/02/25 03:27:34 djm Exp $
 #	Placed in the Public Domain.
 
 tid="simple agent test"
@@ -87,8 +87,8 @@ fi
 for t in ${SSH_KEYTYPES}; do
 	trace "connect via agent using $t key"
 	if [ "$t" = "ssh-dss" ]; then
-		echo "PubkeyAcceptedKeyTypes +ssh-dss" >> $OBJ/ssh_proxy
-		echo "PubkeyAcceptedKeyTypes +ssh-dss" >> $OBJ/sshd_proxy
+		echo "PubkeyAcceptedAlgorithms +ssh-dss" >> $OBJ/ssh_proxy
+		echo "PubkeyAcceptedAlgorithms +ssh-dss" >> $OBJ/sshd_proxy
 	fi
 	${SSH} -F $OBJ/ssh_proxy -i $OBJ/$t-agent.pub -oIdentitiesOnly=yes \
 		somehost exit 52
diff --git a/regress/cert-hostkey.sh b/regress/cert-hostkey.sh
index 097bf846..ebf6c903 100644
--- a/regress/cert-hostkey.sh
+++ b/regress/cert-hostkey.sh
@@ -1,4 +1,4 @@
-#	$OpenBSD: cert-hostkey.sh,v 1.23 2020/01/03 03:02:26 djm Exp $
+#	$OpenBSD: cert-hostkey.sh,v 1.24 2021/02/25 03:27:34 djm Exp $
 #	Placed in the Public Domain.
 
 tid="certified host keys"
@@ -29,12 +29,12 @@ for i in `$SSH -Q key | maybe_filter_sk`; do
 done
 (
 	echo "HostKeyAlgorithms ${types}"
-	echo "PubkeyAcceptedKeyTypes *"
+	echo "PubkeyAcceptedAlgorithms *"
 ) >> $OBJ/ssh_proxy
 cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak
 (
 	echo "HostKeyAlgorithms *"
-	echo "PubkeyAcceptedKeyTypes *"
+	echo "PubkeyAcceptedAlgorithms *"
 ) >> $OBJ/sshd_proxy_bak
 
 HOSTS='localhost-with-alias,127.0.0.1,::1'
diff --git a/regress/cert-userkey.sh b/regress/cert-userkey.sh
index 91596fa7..baa6903e 100644
--- a/regress/cert-userkey.sh
+++ b/regress/cert-userkey.sh
@@ -1,4 +1,4 @@
-#	$OpenBSD: cert-userkey.sh,v 1.25 2020/01/03 03:02:26 djm Exp $
+#	$OpenBSD: cert-userkey.sh,v 1.26 2021/02/25 03:27:34 djm Exp $
 #	Placed in the Public Domain.
 
 tid="certified user keys"
@@ -71,11 +71,11 @@ for ktype in $EXTRA_TYPES $PLAIN_TYPES ; do
 			echo "AuthorizedPrincipalsFile " \
 			    "$OBJ/authorized_principals_%u"
 			echo "TrustedUserCAKeys $OBJ/user_ca_key.pub"
-			echo "PubkeyAcceptedKeyTypes ${t}"
+			echo "PubkeyAcceptedAlgorithms ${t}"
 		) > $OBJ/sshd_proxy
 		(
 			cat $OBJ/ssh_proxy_bak
-			echo "PubkeyAcceptedKeyTypes ${t}"
+			echo "PubkeyAcceptedAlgorithms ${t}"
 		) > $OBJ/ssh_proxy
 
 		# Missing authorized_principals
@@ -149,11 +149,11 @@ for ktype in $EXTRA_TYPES $PLAIN_TYPES ; do
 		(
 			cat $OBJ/sshd_proxy_bak
 			echo "UsePrivilegeSeparation $privsep"
-			echo "PubkeyAcceptedKeyTypes ${t}"
+			echo "PubkeyAcceptedAlgorithms ${t}"
 		) > $OBJ/sshd_proxy
 		(
 			cat $OBJ/ssh_proxy_bak
-			echo "PubkeyAcceptedKeyTypes ${t}"
+			echo "PubkeyAcceptedAlgorithms ${t}"
 		) > $OBJ/ssh_proxy
 
 		# Wrong principals list
@@ -204,12 +204,12 @@ basic_tests() {
 			(
 				cat $OBJ/sshd_proxy_bak
 				echo "UsePrivilegeSeparation $privsep"
-				echo "PubkeyAcceptedKeyTypes ${t}"
+				echo "PubkeyAcceptedAlgorithms ${t}"
 				echo "$extra_sshd"
 			) > $OBJ/sshd_proxy
 			(
 				cat $OBJ/ssh_proxy_bak
-				echo "PubkeyAcceptedKeyTypes ${t}"
+				echo "PubkeyAcceptedAlgorithms ${t}"
 			) > $OBJ/ssh_proxy
 
 			${SSH} -i $OBJ/cert_user_key_${ktype} \
@@ -224,7 +224,7 @@ basic_tests() {
 				cat $OBJ/sshd_proxy_bak
 				echo "UsePrivilegeSeparation $privsep"
 				echo "RevokedKeys $OBJ/cert_user_key_revoked"
-				echo "PubkeyAcceptedKeyTypes ${t}"
+				echo "PubkeyAcceptedAlgorithms ${t}"
 				echo "$extra_sshd"
 			) > $OBJ/sshd_proxy
 			cp $OBJ/cert_user_key_${ktype}.pub \
@@ -257,7 +257,7 @@ basic_tests() {
 		(
 			cat $OBJ/sshd_proxy_bak
 			echo "RevokedKeys $OBJ/user_ca_key.pub"
-			echo "PubkeyAcceptedKeyTypes ${t}"
+			echo "PubkeyAcceptedAlgorithms ${t}"
 			echo "$extra_sshd"
 		) > $OBJ/sshd_proxy
 		${SSH} -i $OBJ/cert_user_key_${ktype} -F $OBJ/ssh_proxy \
@@ -270,7 +270,7 @@ basic_tests() {
 	verbose "$tid: $auth CA does not authenticate"
 	(
 		cat $OBJ/sshd_proxy_bak
-		echo "PubkeyAcceptedKeyTypes ${t}"
+		echo "PubkeyAcceptedAlgorithms ${t}"
 		echo "$extra_sshd"
 	) > $OBJ/sshd_proxy
 	verbose "$tid: ensure CA key does not authenticate user"
@@ -308,7 +308,7 @@ test_one() {
 				echo > $OBJ/authorized_keys_$USER
 				echo "TrustedUserCAKeys $OBJ/user_ca_key.pub" \
 				    >> $OBJ/sshd_proxy
-				echo "PubkeyAcceptedKeyTypes ${t}*" \
+				echo "PubkeyAcceptedAlgorithms ${t}*" \
 				    >> $OBJ/sshd_proxy
 				if test "x$auth_opt" != "x" ; then
 					echo $auth_opt >> $OBJ/sshd_proxy
diff --git a/regress/keytype.sh b/regress/keytype.sh
index 20a8ceaf..f1c04518 100644
--- a/regress/keytype.sh
+++ b/regress/keytype.sh
@@ -1,4 +1,4 @@
-#	$OpenBSD: keytype.sh,v 1.10 2019/12/16 02:39:05 djm Exp $
+#	$OpenBSD: keytype.sh,v 1.11 2021/02/25 03:27:34 djm Exp $
 #	Placed in the Public Domain.
 
 tid="login with different key types"
@@ -58,13 +58,13 @@ for ut in $ktypes; do
 		(
 			grep -v HostKey $OBJ/sshd_proxy_bak
 			echo HostKey $OBJ/key.$ht
-			echo PubkeyAcceptedKeyTypes $user_type
+			echo PubkeyAcceptedAlgorithms $user_type
 			echo HostKeyAlgorithms $host_type
 		) > $OBJ/sshd_proxy
 		(
 			grep -v IdentityFile $OBJ/ssh_proxy_bak
 			echo IdentityFile $OBJ/key.$ut
-			echo PubkeyAcceptedKeyTypes $user_type
+			echo PubkeyAcceptedAlgorithms $user_type
 			echo HostKeyAlgorithms $host_type
 		) > $OBJ/ssh_proxy
 		(
diff --git a/regress/limit-keytype.sh b/regress/limit-keytype.sh
index 010a88cd..7127de00 100644
--- a/regress/limit-keytype.sh
+++ b/regress/limit-keytype.sh
@@ -1,4 +1,4 @@
-#	$OpenBSD: limit-keytype.sh,v 1.9 2019/12/16 02:39:05 djm Exp $
+#	$OpenBSD: limit-keytype.sh,v 1.10 2021/02/25 03:27:34 djm Exp $
 #	Placed in the Public Domain.
 
 tid="restrict pubkey type"
@@ -69,7 +69,7 @@ prepare_config() {
  	) > $OBJ/sshd_proxy
 }
 
-# Return the required parameter for PubkeyAcceptedKeyTypes corresponding to
+# Return the required parameter for PubkeyAcceptedAlgorithms corresponding to
 # the supplied key type.
 keytype() {
 	case "$1" in
@@ -92,14 +92,14 @@ ${SSH} $opts -i $OBJ/user_key2 proxy true || fatal "key2 failed"
 # Allow plain Ed25519 and RSA. The certificate should fail.
 verbose "allow $ktype2,$ktype1"
 prepare_config \
-	"PubkeyAcceptedKeyTypes `keytype $ktype2`,`keytype $ktype1`"
+	"PubkeyAcceptedAlgorithms `keytype $ktype2`,`keytype $ktype1`"
 ${SSH} $certopts proxy true && fatal "cert succeeded"
 ${SSH} $opts -i $OBJ/user_key1 proxy true || fatal "key1 failed"
 ${SSH} $opts -i $OBJ/user_key2 proxy true || fatal "key2 failed"
 
 # Allow Ed25519 only.
 verbose "allow $ktype1"
-prepare_config "PubkeyAcceptedKeyTypes `keytype $ktype1`"
+prepare_config "PubkeyAcceptedAlgorithms `keytype $ktype1`"
 ${SSH} $certopts proxy true && fatal "cert succeeded"
 ${SSH} $opts -i $OBJ/user_key1 proxy true || fatal "key1 failed"
 if [ "$ktype1" != "$ktype2" ]; then
@@ -108,15 +108,15 @@ fi
 
 # Allow all certs. Plain keys should fail.
 verbose "allow cert only"
-prepare_config "PubkeyAcceptedKeyTypes *-cert-v01 at openssh.com"
+prepare_config "PubkeyAcceptedAlgorithms *-cert-v01 at openssh.com"
 ${SSH} $certopts proxy true || fatal "cert failed"
 ${SSH} $opts -i $OBJ/user_key1 proxy true && fatal "key1 succeeded"
 ${SSH} $opts -i $OBJ/user_key2 proxy true && fatal "key2 succeeded"
 
 # Allow RSA in main config, Ed25519 for non-existent user.
 verbose "match w/ no match"
-prepare_config "PubkeyAcceptedKeyTypes `keytype $ktype2`" \
-	"Match user x$USER" "PubkeyAcceptedKeyTypes +`keytype $ktype1`"
+prepare_config "PubkeyAcceptedAlgorithms `keytype $ktype2`" \
+	"Match user x$USER" "PubkeyAcceptedAlgorithms +`keytype $ktype1`"
 ${SSH} $certopts proxy true && fatal "cert succeeded"
 if [ "$ktype1" != "$ktype2" ]; then
 	${SSH} $opts -i $OBJ/user_key1 proxy true && fatal "key1 succeeded"
@@ -125,8 +125,8 @@ ${SSH} $opts -i $OBJ/user_key2 proxy true || fatal "key2 failed"
 
 # Allow only DSA in main config, Ed25519 for user.
 verbose "match w/ matching"
-prepare_config "PubkeyAcceptedKeyTypes `keytype $ktype4`" \
-	"Match user $USER" "PubkeyAcceptedKeyTypes +`keytype $ktype1`"
+prepare_config "PubkeyAcceptedAlgorithms `keytype $ktype4`" \
+	"Match user $USER" "PubkeyAcceptedAlgorithms +`keytype $ktype1`"
 ${SSH} $certopts proxy true || fatal "cert failed"
 ${SSH} $opts -i $OBJ/user_key1 proxy true || fatal "key1 failed"
 ${SSH} $opts -i $OBJ/user_key4 proxy true && fatal "key4 succeeded"

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.


More information about the openssh-commits mailing list