[openssh-commits] [openssh] 03/04: upstream: Add simple regression test for dropbear as a server.

git+noreply at mindrot.org git+noreply at mindrot.org
Sun Jun 29 11:15:22 AEST 2025


This is an automated email from the git hooks/post-receive script.

dtucker pushed a commit to branch master
in repository openssh.

commit bcfe7340d9b622ecd978c87dbf885c8b5a503ca2
Author: dtucker at openbsd.org <dtucker at openbsd.org>
AuthorDate: Sat Jun 28 13:34:08 2025 +0000

    upstream: Add simple regression test for dropbear as a server.
    
    OpenBSD-Regress-ID: 7abe1f6607d0cd49839918aade8f135d2462d389
---
 regress/Makefile           |  4 +--
 regress/dropbear-server.sh | 62 ++++++++++++++++++++++++++++++++++++++++++++++
 regress/test-exec.sh       |  4 +--
 3 files changed, 66 insertions(+), 4 deletions(-)

diff --git a/regress/Makefile b/regress/Makefile
index d0298d45e..b8787205a 100644
--- a/regress/Makefile
+++ b/regress/Makefile
@@ -1,4 +1,4 @@
-#	$OpenBSD: Makefile,v 1.138 2025/06/24 12:28:23 dtucker Exp $
+#	$OpenBSD: Makefile,v 1.139 2025/06/28 13:34:08 dtucker Exp $
 
 tests:		prep file-tests t-exec unit
 
@@ -116,7 +116,7 @@ LTESTS= 	connect \
 		penalty-expire
 
 INTEROP_TESTS=	putty-transfer putty-ciphers putty-kex conch-ciphers
-INTEROP_TESTS+=	dropbear-ciphers dropbear-kex
+INTEROP_TESTS+=	dropbear-ciphers dropbear-kex dropbear-server
 #INTEROP_TESTS+=ssh-com ssh-com-client ssh-com-keygen ssh-com-sftp
 
 EXTRA_TESTS=	agent-pkcs11
diff --git a/regress/dropbear-server.sh b/regress/dropbear-server.sh
new file mode 100644
index 000000000..d3ea6dcc5
--- /dev/null
+++ b/regress/dropbear-server.sh
@@ -0,0 +1,62 @@
+#	$OpenBSD: dropbear-server.sh,v 1.1 2025/06/28 13:34:08 dtucker Exp $
+#	Placed in the Public Domain.
+
+tid="dropbear server"
+
+if test "x$REGRESS_INTEROP_DROPBEAR" != "xyes" ; then
+	skip "dropbear interop tests not enabled"
+fi
+
+if [ -z "$SUDO" -a ! -w /var/run ]; then
+	skip "need SUDO to create dir in /var/run, test won't work without"
+fi
+authkeydir=/var/run/dropbear-regress
+
+ciphers=`$DBCLIENT -c help hst 2>&1 | awk '/ ciphers: /{print $4}' | tr ',' ' '`
+macs=`$DBCLIENT -m help hst 2>&1 | awk '/ MACs: /{print $4}' | tr ',' ' '`
+if [ -z "$macs" ] || [ -z "$ciphers" ]; then
+	skip "dbclient query ciphers '$ciphers' or macs '$macs' failed"
+fi
+
+# Set up authorized_keys for dropbear.
+umask 077
+$SUDO mkdir -p $authkeydir
+$SUDO chown -R $USER $authkeydir
+cp $OBJ/authorized_keys_$USER $authkeydir/authorized_keys
+
+for i in `$SUDO $SSHD -f $OBJ/sshd_config -T | grep -v sk- | \
+    awk '$1=="hostkey" {print $2}'`; do
+	file=`basename "$i"`
+	file=`echo "$file" | sed s/^host\./db\./g`
+	if $SUDO $DROPBEARCONVERT openssh dropbear "$i" "$OBJ/$file" \
+	    >/dev/null 2>&1; then
+		$SUDO chown $USER $OBJ/$file
+		hkeys="-r $OBJ/$file"
+	fi
+done
+
+rm -f $OBJ/dropbear.pid
+$DROPBEAR -D $authkeydir -p $PORT -P $OBJ/dropbear.pid $hkeys -E \
+    2>$OBJ/sshd.log
+if [ $? -ne 0 ]; then
+	fatal "starting dropbear server failed"
+fi
+while [ ! -f $OBJ/dropbear.pid ]; do
+	sleep 1
+done
+
+pid=`cat $OBJ/dropbear.pid`
+trap "kill $pid; $SUDO rm -rf $authkeydir" 0
+
+for c in $ciphers; do
+  for m in $macs; do
+	trace "$tid: cipher $c mac $m hk $hk"
+	rm -f ${COPY}
+	${SSH} -F $OBJ/ssh_config -oCiphers=$c -oMacs=$m \
+	   somehost cat ${DATA} > ${COPY}
+	if [ $? -ne 0 ]; then
+		fail "connect dropbear server failed"
+	fi
+	cmp ${DATA} ${COPY}		|| fail "corrupted copy"
+  done
+done
diff --git a/regress/test-exec.sh b/regress/test-exec.sh
index d4d40c2ae..0ecf6c5a8 100644
--- a/regress/test-exec.sh
+++ b/regress/test-exec.sh
@@ -1,4 +1,4 @@
-#	$OpenBSD: test-exec.sh,v 1.129 2025/05/24 04:40:37 djm Exp $
+#	$OpenBSD: test-exec.sh,v 1.130 2025/06/28 13:34:08 dtucker Exp $
 #	Placed in the Public Domain.
 
 #SUDO=sudo
@@ -101,7 +101,7 @@ SSH_REGRESS_TMP=
 PLINK=/usr/local/bin/plink
 PUTTYGEN=/usr/local/bin/puttygen
 CONCH=/usr/local/bin/conch
-DROPBEAR=/usr/local/bin/dropbear
+DROPBEAR=/usr/local/sbin/dropbear
 DBCLIENT=/usr/local/bin/dbclient
 DROPBEARKEY=/usr/local/bin/dropbearkey
 DROPBEARCONVERT=/usr/local/bin/dropbearconvert

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.


More information about the openssh-commits mailing list