Call for testing: OpenSSH-6.5

[Damien Miller]

On Mon, 20 Jan 2014, Darren Tucker wrote:

> cat: /root/openssh/regress/cert_host_key_ecdsa-sha2-nistp521.pub: No
> such file or directory
> certified host keys: host rsa revoked cert privsep yes
> certified host keys: host dsa revoked cert privsep yes
> certified host keys: host ed25519 revoked cert privsep yes
> ssh cert connect succeeded unexpectedly

Does this help? (my centos 6.5 is still installing)

Index: regress/cert-hostkey.sh
===================================================================
RCS file: /var/cvs/openssh/regress/cert-hostkey.sh,v
retrieving revision 1.15
diff -u -p -r1.15 cert-hostkey.sh
--- regress/cert-hostkey.sh	7 Dec 2013 06:07:16 -0000	1.15
+++ regress/cert-hostkey.sh	20 Jan 2014 06:00:39 -0000
@@ -72,32 +72,10 @@ done
 	printf '@cert-authority '
 	printf "$HOSTS "
 	cat $OBJ/host_ca_key.pub
-	printf '@revoked '
-	printf "* "
-	cat $OBJ/cert_host_key_rsa.pub
-	if test "x$TEST_SSH_ECC" = "xyes"; then
-		printf '@revoked '
-		printf "* "
-		cat $OBJ/cert_host_key_ecdsa-sha2-nistp256.pub
-		printf '@revoked '
-		printf "* "
-		cat $OBJ/cert_host_key_ecdsa-sha2-nistp384.pub
-		printf '@revoked '
-		printf "* "
-		cat $OBJ/cert_host_key_ecdsa-sha2-nistp521.pub
-	fi
-	printf '@revoked '
-	printf "* "
-	cat $OBJ/cert_host_key_ed25519.pub
-	printf '@revoked '
-	printf "* "
-	cat $OBJ/cert_host_key_dsa.pub
-	printf '@revoked '
-	printf "* "
-	cat $OBJ/cert_host_key_rsa_v00.pub
-	printf '@revoked '
-	printf "* "
-	cat $OBJ/cert_host_key_dsa_v00.pub
+	for ktype in $PLAIN_TYPES rsa_v00 dsa_v00; do
+		test -f "$OBJ/cert_host_key_${ktype}.pub" || fatal "no pubkey"
+		printf "@revoked * `cat $OBJ/cert_host_key_${ktype}.pub`\n"
+	done
 ) > $OBJ/known_hosts-cert
 for privsep in yes no ; do
 	for ktype in $PLAIN_TYPES rsa_v00 dsa_v00; do