[openssh-commits] [openssh] 03/03: upstream: test -Ohashalg=... and that the default output contains both

git+noreply at mindrot.org git+noreply at mindrot.org
Fri Feb 10 16:13:21 AEDT 2023 

This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit 6180b0fa4f7996687678702806257e661fd5931e
Author: djm at openbsd.org <djm at openbsd.org>
Date:   Fri Feb 10 05:06:03 2023 +0000

    upstream: test -Ohashalg=... and that the default output contains both
    
    specified hash algorithms; prompted by dtucker@
    
    OpenBSD-Regress-ID: 26f309208c8d8b8fa9c5f419767b85f1e9b22f51
---
 regress/keygen-sshfp.sh | 22 +++++++++++++++++++++-
 1 file changed, 21 insertions(+), 1 deletion(-)

diff --git a/regress/keygen-sshfp.sh b/regress/keygen-sshfp.sh
index 2abf9ade..0f5eb855 100644
--- a/regress/keygen-sshfp.sh
+++ b/regress/keygen-sshfp.sh
@@ -1,4 +1,4 @@
-#	$OpenBSD: keygen-sshfp.sh,v 1.2 2021/07/19 02:29:28 dtucker Exp $
+#	$OpenBSD: keygen-sshfp.sh,v 1.3 2023/02/10 05:06:03 djm Exp $
 #	Placed in the Public Domain.
 
 tid="keygen-sshfp"
@@ -16,6 +16,25 @@ if [ "$fp" != \
 	fail "keygen fingerprint sha256"
 fi
 
+# Expect two lines of output without an explicit algorithm
+fp=`${SSHKEYGEN} -r test -f ${SRC}/ed25519_openssh.pub | wc -l`
+if [ $(($fp + 0)) -ne 2 ] ; then
+	fail "incorrect number of SSHFP records $fp (expected 2)"
+fi
+
+# Test explicit algorithm selection
+exp="test IN SSHFP 4 1 8a8647a7567e202ce317e62606c799c53d4c121f"
+fp=`${SSHKEYGEN} -Ohashalg=sha1 -r test -f ${SRC}/ed25519_openssh.pub`
+if [ "x$exp" != "x$fp" ] ; then
+	fail "incorrect SHA1 SSHFP output"
+fi
+
+exp="test IN SSHFP 4 2 54a506fb849aafb9f229cf78a94436c281efcb4ae67c8a430e8c06afcb5ee18f"
+fp=`${SSHKEYGEN} -Ohashalg=sha256 -r test -f ${SRC}/ed25519_openssh.pub`
+if [ "x$exp" != "x$fp" ] ; then
+	fail "incorrect SHA256 SSHFP output"
+fi
+
 if ${SSH} -Q key-plain | grep ssh-rsa >/dev/null; then
 	fp=`${SSHKEYGEN} -r test -f ${SRC}/rsa_openssh.pub | awk '$5=="1"{print $6}'`
 	if [ "$fp" != "99c79cc09f5f81069cc017cdf9552cfc94b3b929" ]; then
@@ -27,3 +46,4 @@ if ${SSH} -Q key-plain | grep ssh-rsa >/dev/null; then
 		fail "keygen fingerprint sha256"
 	fi
 fi
+

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.

More information about the openssh-commits mailing list