Call for testing: OpenSSH-5.7

[Damien Miller]

On Sat, 15 Jan 2011, Roumen Petrov wrote:

> Damien Miller wrote:
> > Hi,
> > 
> > OpenSSH 5.7 is almost ready for release,
> [SNIP]
> As this version adds new key type the test case expose but not fixed by
> previous releases.
> 
> The make tXXX targets in file regress/Makefile use command ssh-keygen instead
> macro TEST_SSH_SSHKEYGEN as result tests use program from host system and t9
> cannot pass on system with ecc sypport.
> 
> CLEANFILES in same make file lack new keys key.ecdsa-*
> 
> The target t3 use own output file rsa_secsh.pub with name not compatible with
> other tXXX tests . More expected is t3.out.  The file created by this test is
> not removed properly and is not listed in CLEANFILES.
> 
> What about to add t3.out to CLEANFILES and to rewrite this particular tests
> to:
> t3:
>     $(TEST_SSH_SSHKEYGEN) -ef ${.CURDIR}/rsa_openssh.pub >$(OBJ)/t3.out
>     $(TEST_SSH_SSHKEYGEN) -if $(OBJ)/t3.out | diff -
> ${.CURDIR}/rsa_openssh.pub

thanks for the report. Here's a diff:

Index: Makefile
===================================================================
RCS file: /var/cvs/openssh/regress/Makefile,v
retrieving revision 1.46
diff -u -p -r1.46 Makefile
--- Makefile	13 Jan 2011 10:08:30 -0000	1.46
+++ Makefile	16 Jan 2011 12:33:43 -0000
@@ -65,7 +65,7 @@ INTEROP_TESTS=	putty-transfer putty-ciph
 #LTESTS= 	cipher-speed
 
 USER!=		id -un
-CLEANFILES=	t2.out t6.out1 t6.out2 t7.out t7.out.pub copy.1 copy.2 \
+CLEANFILES=	t2.out t3.out t6.out1 t6.out2 t7.out t7.out.pub copy.1 copy.2 \
 		t8.out t8.out.pub t9.out t9.out.pub \
 		authorized_keys_${USER} known_hosts pidfile \
 		ssh_config sshd_config.orig ssh_proxy sshd_config sshd_proxy \
@@ -75,66 +75,68 @@ CLEANFILES=	t2.out t6.out1 t6.out2 t7.ou
 		scp-ssh-wrapper.scp ssh_proxy_envpass remote_pid \
 		sshd_proxy_bak rsa_ssh2_cr.prv rsa_ssh2_crnl.prv \
 		known_hosts-cert host_ca_key* cert_host_key* \
-		putty.rsa2 sshd_proxy_orig ssh_proxy_bak key.[rd]sa-* \
+		putty.rsa2 sshd_proxy_orig ssh_proxy_bak \
+		key.rsa-* key.dsa-* key.ecdsa-* \
 		authorized_principals_${USER} expect actual
 
 # Enable all malloc(3) randomisations and checks
 TEST_ENV=      "MALLOC_OPTIONS=AFGJPRX"
 
+TEST_SSH_SSHKEYGEN?=ssh-keygen
+
 t1:
-	ssh-keygen -if ${.CURDIR}/rsa_ssh2.prv | diff - ${.CURDIR}/rsa_openssh.prv
+	${TEST_SSH_SSHKEYGEN} -if ${.CURDIR}/rsa_ssh2.prv | diff - ${.CURDIR}/rsa_openssh.prv
 	tr '\n' '\r' <${.CURDIR}/rsa_ssh2.prv > ${.OBJDIR}/rsa_ssh2_cr.prv
-	ssh-keygen -if ${.OBJDIR}/rsa_ssh2_cr.prv | diff - ${.CURDIR}/rsa_openssh.prv
+	${TEST_SSH_SSHKEYGEN} -if ${.OBJDIR}/rsa_ssh2_cr.prv | diff - ${.CURDIR}/rsa_openssh.prv
 	awk '{print $$0 "\r"}' ${.CURDIR}/rsa_ssh2.prv > ${.OBJDIR}/rsa_ssh2_crnl.prv
-	ssh-keygen -if ${.OBJDIR}/rsa_ssh2_crnl.prv | diff - ${.CURDIR}/rsa_openssh.prv
+	${TEST_SSH_SSHKEYGEN} -if ${.OBJDIR}/rsa_ssh2_crnl.prv | diff - ${.CURDIR}/rsa_openssh.prv
 
 t2:
 	cat ${.CURDIR}/rsa_openssh.prv > $(OBJ)/t2.out
 	chmod 600 $(OBJ)/t2.out
-	ssh-keygen -yf $(OBJ)/t2.out | diff - ${.CURDIR}/rsa_openssh.pub
+	${TEST_SSH_SSHKEYGEN} -yf $(OBJ)/t2.out | diff - ${.CURDIR}/rsa_openssh.pub
 
 t3:
-	ssh-keygen -ef ${.CURDIR}/rsa_openssh.pub >$(OBJ)/rsa_secsh.pub
-	ssh-keygen -if $(OBJ)/rsa_secsh.pub | diff - ${.CURDIR}/rsa_openssh.pub
-	rm -f ${.CURDIR}/rsa_secsh.pub
+	${TEST_SSH_SSHKEYGEN} -ef ${.CURDIR}/rsa_openssh.pub >$(OBJ)/t3.out
+	${TEST_SSH_SSHKEYGEN} -if $(OBJ)/t3.out | diff - ${.CURDIR}/rsa_openssh.pub
 
 t4:
-	ssh-keygen -lf ${.CURDIR}/rsa_openssh.pub |\
+	${TEST_SSH_SSHKEYGEN} -lf ${.CURDIR}/rsa_openssh.pub |\
 		awk '{print $$2}' | diff - ${.CURDIR}/t4.ok
 
 t5:
-	ssh-keygen -Bf ${.CURDIR}/rsa_openssh.pub |\
+	${TEST_SSH_SSHKEYGEN} -Bf ${.CURDIR}/rsa_openssh.pub |\
 		awk '{print $$2}' | diff - ${.CURDIR}/t5.ok
 
 t6:
-	ssh-keygen -if ${.CURDIR}/dsa_ssh2.prv > $(OBJ)/t6.out1
-	ssh-keygen -if ${.CURDIR}/dsa_ssh2.pub > $(OBJ)/t6.out2
+	${TEST_SSH_SSHKEYGEN} -if ${.CURDIR}/dsa_ssh2.prv > $(OBJ)/t6.out1
+	${TEST_SSH_SSHKEYGEN} -if ${.CURDIR}/dsa_ssh2.pub > $(OBJ)/t6.out2
 	chmod 600 $(OBJ)/t6.out1
-	ssh-keygen -yf $(OBJ)/t6.out1 | diff - $(OBJ)/t6.out2
+	${TEST_SSH_SSHKEYGEN} -yf $(OBJ)/t6.out1 | diff - $(OBJ)/t6.out2
 
 $(OBJ)/t7.out:
-	ssh-keygen -q -t rsa -N '' -f $@
+	${TEST_SSH_SSHKEYGEN} -q -t rsa -N '' -f $@
 
 t7: $(OBJ)/t7.out
-	ssh-keygen -lf $(OBJ)/t7.out > /dev/null
-	ssh-keygen -Bf $(OBJ)/t7.out > /dev/null
+	${TEST_SSH_SSHKEYGEN} -lf $(OBJ)/t7.out > /dev/null
+	${TEST_SSH_SSHKEYGEN} -Bf $(OBJ)/t7.out > /dev/null
 
 $(OBJ)/t8.out:
-	ssh-keygen -q -t dsa -N '' -f $@
+	${TEST_SSH_SSHKEYGEN} -q -t dsa -N '' -f $@
 
 t8: $(OBJ)/t8.out
-	ssh-keygen -lf $(OBJ)/t8.out > /dev/null
-	ssh-keygen -Bf $(OBJ)/t8.out > /dev/null
+	${TEST_SSH_SSHKEYGEN} -lf $(OBJ)/t8.out > /dev/null
+	${TEST_SSH_SSHKEYGEN} -Bf $(OBJ)/t8.out > /dev/null
 
 $(OBJ)/t9.out:
 	test "${TEST_SSH_ECC}" != yes || \
-	ssh-keygen -q -t ecdsa -N '' -f $@
+	${TEST_SSH_SSHKEYGEN} -q -t ecdsa -N '' -f $@
 
 t9: $(OBJ)/t9.out
 	test "${TEST_SSH_ECC}" != yes || \
-	ssh-keygen -lf $(OBJ)/t9.out > /dev/null
+	${TEST_SSH_SSHKEYGEN} -lf $(OBJ)/t9.out > /dev/null
 	test "${TEST_SSH_ECC}" != yes || \
-	ssh-keygen -Bf $(OBJ)/t9.out > /dev/null
+	${TEST_SSH_SSHKEYGEN} -Bf $(OBJ)/t9.out > /dev/null
 
 t-exec:	${LTESTS:=.sh}
 	@if [ "x$?" = "x" ]; then exit 0; fi; \