[openssh-commits] [openssh] 03/04: upstream: Add simple regression test for dropbear as a server.
git+noreply at mindrot.org
git+noreply at mindrot.org
Sun Jun 29 11:15:22 AEST 2025
This is an automated email from the git hooks/post-receive script.
dtucker pushed a commit to branch master
in repository openssh.
commit bcfe7340d9b622ecd978c87dbf885c8b5a503ca2
Author: dtucker at openbsd.org <dtucker at openbsd.org>
AuthorDate: Sat Jun 28 13:34:08 2025 +0000
upstream: Add simple regression test for dropbear as a server.
OpenBSD-Regress-ID: 7abe1f6607d0cd49839918aade8f135d2462d389
---
regress/Makefile | 4 +--
regress/dropbear-server.sh | 62 ++++++++++++++++++++++++++++++++++++++++++++++
regress/test-exec.sh | 4 +--
3 files changed, 66 insertions(+), 4 deletions(-)
diff --git a/regress/Makefile b/regress/Makefile
index d0298d45e..b8787205a 100644
--- a/regress/Makefile
+++ b/regress/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.138 2025/06/24 12:28:23 dtucker Exp $
+# $OpenBSD: Makefile,v 1.139 2025/06/28 13:34:08 dtucker Exp $
tests: prep file-tests t-exec unit
@@ -116,7 +116,7 @@ LTESTS= connect \
penalty-expire
INTEROP_TESTS= putty-transfer putty-ciphers putty-kex conch-ciphers
-INTEROP_TESTS+= dropbear-ciphers dropbear-kex
+INTEROP_TESTS+= dropbear-ciphers dropbear-kex dropbear-server
#INTEROP_TESTS+=ssh-com ssh-com-client ssh-com-keygen ssh-com-sftp
EXTRA_TESTS= agent-pkcs11
diff --git a/regress/dropbear-server.sh b/regress/dropbear-server.sh
new file mode 100644
index 000000000..d3ea6dcc5
--- /dev/null
+++ b/regress/dropbear-server.sh
@@ -0,0 +1,62 @@
+# $OpenBSD: dropbear-server.sh,v 1.1 2025/06/28 13:34:08 dtucker Exp $
+# Placed in the Public Domain.
+
+tid="dropbear server"
+
+if test "x$REGRESS_INTEROP_DROPBEAR" != "xyes" ; then
+ skip "dropbear interop tests not enabled"
+fi
+
+if [ -z "$SUDO" -a ! -w /var/run ]; then
+ skip "need SUDO to create dir in /var/run, test won't work without"
+fi
+authkeydir=/var/run/dropbear-regress
+
+ciphers=`$DBCLIENT -c help hst 2>&1 | awk '/ ciphers: /{print $4}' | tr ',' ' '`
+macs=`$DBCLIENT -m help hst 2>&1 | awk '/ MACs: /{print $4}' | tr ',' ' '`
+if [ -z "$macs" ] || [ -z "$ciphers" ]; then
+ skip "dbclient query ciphers '$ciphers' or macs '$macs' failed"
+fi
+
+# Set up authorized_keys for dropbear.
+umask 077
+$SUDO mkdir -p $authkeydir
+$SUDO chown -R $USER $authkeydir
+cp $OBJ/authorized_keys_$USER $authkeydir/authorized_keys
+
+for i in `$SUDO $SSHD -f $OBJ/sshd_config -T | grep -v sk- | \
+ awk '$1=="hostkey" {print $2}'`; do
+ file=`basename "$i"`
+ file=`echo "$file" | sed s/^host\./db\./g`
+ if $SUDO $DROPBEARCONVERT openssh dropbear "$i" "$OBJ/$file" \
+ >/dev/null 2>&1; then
+ $SUDO chown $USER $OBJ/$file
+ hkeys="-r $OBJ/$file"
+ fi
+done
+
+rm -f $OBJ/dropbear.pid
+$DROPBEAR -D $authkeydir -p $PORT -P $OBJ/dropbear.pid $hkeys -E \
+ 2>$OBJ/sshd.log
+if [ $? -ne 0 ]; then
+ fatal "starting dropbear server failed"
+fi
+while [ ! -f $OBJ/dropbear.pid ]; do
+ sleep 1
+done
+
+pid=`cat $OBJ/dropbear.pid`
+trap "kill $pid; $SUDO rm -rf $authkeydir" 0
+
+for c in $ciphers; do
+ for m in $macs; do
+ trace "$tid: cipher $c mac $m hk $hk"
+ rm -f ${COPY}
+ ${SSH} -F $OBJ/ssh_config -oCiphers=$c -oMacs=$m \
+ somehost cat ${DATA} > ${COPY}
+ if [ $? -ne 0 ]; then
+ fail "connect dropbear server failed"
+ fi
+ cmp ${DATA} ${COPY} || fail "corrupted copy"
+ done
+done
diff --git a/regress/test-exec.sh b/regress/test-exec.sh
index d4d40c2ae..0ecf6c5a8 100644
--- a/regress/test-exec.sh
+++ b/regress/test-exec.sh
@@ -1,4 +1,4 @@
-# $OpenBSD: test-exec.sh,v 1.129 2025/05/24 04:40:37 djm Exp $
+# $OpenBSD: test-exec.sh,v 1.130 2025/06/28 13:34:08 dtucker Exp $
# Placed in the Public Domain.
#SUDO=sudo
@@ -101,7 +101,7 @@ SSH_REGRESS_TMP=
PLINK=/usr/local/bin/plink
PUTTYGEN=/usr/local/bin/puttygen
CONCH=/usr/local/bin/conch
-DROPBEAR=/usr/local/bin/dropbear
+DROPBEAR=/usr/local/sbin/dropbear
DBCLIENT=/usr/local/bin/dbclient
DROPBEARKEY=/usr/local/bin/dropbearkey
DROPBEARCONVERT=/usr/local/bin/dropbearconvert
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list