[openssh-commits] [openssh] 03/07: upstream: skip security-key key types for tests until we have a
git+noreply at mindrot.org
git+noreply at mindrot.org
Fri Nov 1 13:11:08 AEDT 2019
This is an automated email from the git hooks/post-receive script.
djm pushed a commit to branch master
in repository openssh.
commit afa59e26eeb44a93f36f043f60b936eaddae77c4
Author: djm at openbsd.org <djm at openbsd.org>
Date: Fri Nov 1 01:55:41 2019 +0000
upstream: skip security-key key types for tests until we have a
dummy U2F middleware to use.
OpenBSD-Regress-ID: 37200462b44334a4ad45e6a1f7ad1bd717521a95
---
regress/cert-hostkey.sh | 6 +++---
regress/cert-userkey.sh | 4 ++--
regress/hostkey-agent.sh | 6 +++---
regress/hostkey-rotate.sh | 4 ++--
regress/keygen-change.sh | 4 ++--
regress/keyscan.sh | 4 ++--
regress/krl.sh | 4 ++--
regress/limit-keytype.sh | 4 ++--
regress/principals-command.sh | 4 ++--
regress/test-exec.sh | 4 ++--
10 files changed, 22 insertions(+), 22 deletions(-)
diff --git a/regress/cert-hostkey.sh b/regress/cert-hostkey.sh
index 86ea6250..82195b11 100644
--- a/regress/cert-hostkey.sh
+++ b/regress/cert-hostkey.sh
@@ -1,4 +1,4 @@
-# $OpenBSD: cert-hostkey.sh,v 1.18 2019/07/25 08:28:15 dtucker Exp $
+# $OpenBSD: cert-hostkey.sh,v 1.19 2019/11/01 01:55:41 djm Exp $
# Placed in the Public Domain.
tid="certified host keys"
@@ -9,7 +9,7 @@ rm -f $OBJ/cert_host_key* $OBJ/host_krl_*
# Allow all hostkey/pubkey types, prefer certs for the client
rsa=0
types=""
-for i in `$SSH -Q key`; do
+for i in `$SSH -Q key | grep -v ^sk-`; do
if [ -z "$types" ]; then
types="$i"
continue
@@ -70,7 +70,7 @@ touch $OBJ/host_revoked_plain
touch $OBJ/host_revoked_cert
cat $OBJ/host_ca_key.pub $OBJ/host_ca_key2.pub > $OBJ/host_revoked_ca
-PLAIN_TYPES=`$SSH -Q key-plain | sed 's/^ssh-dss/ssh-dsa/g;s/^ssh-//'`
+PLAIN_TYPES=`$SSH -Q key-plain | grep -v ^sk- | sed 's/^ssh-dss/ssh-dsa/g;s/^ssh-//'`
if echo "$PLAIN_TYPES" | grep '^rsa$' >/dev/null 2>&1 ; then
PLAIN_TYPES="$PLAIN_TYPES rsa-sha2-256 rsa-sha2-512"
diff --git a/regress/cert-userkey.sh b/regress/cert-userkey.sh
index 38c14a69..51ac8dcb 100644
--- a/regress/cert-userkey.sh
+++ b/regress/cert-userkey.sh
@@ -1,4 +1,4 @@
-# $OpenBSD: cert-userkey.sh,v 1.21 2019/07/25 08:28:15 dtucker Exp $
+# $OpenBSD: cert-userkey.sh,v 1.22 2019/11/01 01:55:41 djm Exp $
# Placed in the Public Domain.
tid="certified user keys"
@@ -7,7 +7,7 @@ rm -f $OBJ/authorized_keys_$USER $OBJ/user_ca_key* $OBJ/cert_user_key*
cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak
cp $OBJ/ssh_proxy $OBJ/ssh_proxy_bak
-PLAIN_TYPES=`$SSH -Q key-plain | sed 's/^ssh-dss/ssh-dsa/;s/^ssh-//'`
+PLAIN_TYPES=`$SSH -Q key-plain | grep -v ^sk- | sed 's/^ssh-dss/ssh-dsa/;s/^ssh-//'`
EXTRA_TYPES=""
rsa=""
diff --git a/regress/hostkey-agent.sh b/regress/hostkey-agent.sh
index 811b6b9a..c581c7bf 100644
--- a/regress/hostkey-agent.sh
+++ b/regress/hostkey-agent.sh
@@ -1,4 +1,4 @@
-# $OpenBSD: hostkey-agent.sh,v 1.7 2017/04/30 23:34:55 djm Exp $
+# $OpenBSD: hostkey-agent.sh,v 1.8 2019/11/01 01:55:41 djm Exp $
# Placed in the Public Domain.
tid="hostkey agent"
@@ -14,7 +14,7 @@ grep -vi 'hostkey' $OBJ/sshd_proxy > $OBJ/sshd_proxy.orig
echo "HostKeyAgent $SSH_AUTH_SOCK" >> $OBJ/sshd_proxy.orig
trace "load hostkeys"
-for k in `${SSH} -Q key-plain` ; do
+for k in `${SSH} -Q key-plain | grep -v ^sk-` ; do
${SSHKEYGEN} -qt $k -f $OBJ/agent-key.$k -N '' || fatal "ssh-keygen $k"
(
printf 'localhost-with-alias,127.0.0.1,::1 '
@@ -31,7 +31,7 @@ cp $OBJ/known_hosts.orig $OBJ/known_hosts
unset SSH_AUTH_SOCK
for ps in no yes; do
- for k in `${SSH} -Q key-plain` ; do
+ for k in `${SSH} -Q key-plain | grep -v ^sk-` ; do
verbose "key type $k privsep=$ps"
cp $OBJ/sshd_proxy.orig $OBJ/sshd_proxy
echo "UsePrivilegeSeparation $ps" >> $OBJ/sshd_proxy
diff --git a/regress/hostkey-rotate.sh b/regress/hostkey-rotate.sh
index cc6bd9cf..707e3290 100644
--- a/regress/hostkey-rotate.sh
+++ b/regress/hostkey-rotate.sh
@@ -1,10 +1,10 @@
-# $OpenBSD: hostkey-rotate.sh,v 1.6 2019/08/30 05:08:28 dtucker Exp $
+# $OpenBSD: hostkey-rotate.sh,v 1.7 2019/11/01 01:55:41 djm Exp $
# Placed in the Public Domain.
tid="hostkey rotate"
# Need full names here since they are used in HostKeyAlgorithms
-HOSTKEY_TYPES="`${SSH} -Q key-plain`"
+HOSTKEY_TYPES="`${SSH} -Q key-plain | grep -v ^sk-`"
rm -f $OBJ/hkr.* $OBJ/ssh_proxy.orig
diff --git a/regress/keygen-change.sh b/regress/keygen-change.sh
index 8b8acd52..c62f2c17 100644
--- a/regress/keygen-change.sh
+++ b/regress/keygen-change.sh
@@ -1,4 +1,4 @@
-# $OpenBSD: keygen-change.sh,v 1.6 2017/04/30 23:34:55 djm Exp $
+# $OpenBSD: keygen-change.sh,v 1.7 2019/11/01 01:55:41 djm Exp $
# Placed in the Public Domain.
tid="change passphrase for key"
@@ -6,7 +6,7 @@ tid="change passphrase for key"
S1="secret1"
S2="2secret"
-KEYTYPES=`${SSH} -Q key-plain`
+KEYTYPES=`${SSH} -Q key-plain | grep -v ^sk-`
for t in $KEYTYPES; do
# generate user key for agent
diff --git a/regress/keyscan.sh b/regress/keyscan.sh
index 8940d24b..4e16ecd8 100644
--- a/regress/keyscan.sh
+++ b/regress/keyscan.sh
@@ -1,9 +1,9 @@
-# $OpenBSD: keyscan.sh,v 1.9 2019/01/28 03:50:39 dtucker Exp $
+# $OpenBSD: keyscan.sh,v 1.10 2019/11/01 01:55:41 djm Exp $
# Placed in the Public Domain.
tid="keyscan"
-KEYTYPES=`${SSH} -Q key-plain`
+KEYTYPES=`${SSH} -Q key-plain | grep -v ^sk-`
for i in $KEYTYPES; do
if [ -z "$algs" ]; then
algs="$i"
diff --git a/regress/krl.sh b/regress/krl.sh
index e18d0ec7..c9b2e67e 100644
--- a/regress/krl.sh
+++ b/regress/krl.sh
@@ -1,4 +1,4 @@
-# $OpenBSD: krl.sh,v 1.8 2019/07/25 09:17:35 dtucker Exp $
+# $OpenBSD: krl.sh,v 1.9 2019/11/01 01:55:41 djm Exp $
# Placed in the Public Domain.
tid="key revocation lists"
@@ -6,7 +6,7 @@ tid="key revocation lists"
# Use ed25519 by default since it's fast and it's supported when building
# w/out OpenSSL. Populate ktype[2-4] with the other types if supported.
ktype1=ed25519; ktype2=ed25519; ktype3=ed25519; ktype4=ed25519
-for t in `${SSH} -Q key-plain`; do
+for t in `${SSH} -Q key-plain | grep -v ^sk-`; do
case "$t" in
ecdsa*) ktype2=ecdsa ;;
ssh-rsa) ktype3=rsa ;;
diff --git a/regress/limit-keytype.sh b/regress/limit-keytype.sh
index 5c30af00..6eb255c2 100644
--- a/regress/limit-keytype.sh
+++ b/regress/limit-keytype.sh
@@ -1,4 +1,4 @@
-# $OpenBSD: limit-keytype.sh,v 1.6 2019/07/26 04:22:21 dtucker Exp $
+# $OpenBSD: limit-keytype.sh,v 1.7 2019/11/01 01:55:41 djm Exp $
# Placed in the Public Domain.
tid="restrict pubkey type"
@@ -10,7 +10,7 @@ mv $OBJ/sshd_proxy $OBJ/sshd_proxy.orig
mv $OBJ/ssh_proxy $OBJ/ssh_proxy.orig
ktype1=ed25519; ktype2=$ktype1; ktype3=$ktype1; ktype4=$ktype1
-for t in `${SSH} -Q key-plain`; do
+for t in `${SSH} -Q key-plain | grep -v ^sk-`; do
case "$t" in
ssh-rsa) ktype2=rsa ;;
ecdsa*) ktype3=ecdsa ;; # unused
diff --git a/regress/principals-command.sh b/regress/principals-command.sh
index 7d380325..005c6b7d 100644
--- a/regress/principals-command.sh
+++ b/regress/principals-command.sh
@@ -1,4 +1,4 @@
-# $OpenBSD: principals-command.sh,v 1.7 2019/09/06 04:24:06 dtucker Exp $
+# $OpenBSD: principals-command.sh,v 1.8 2019/11/01 01:55:41 djm Exp $
# Placed in the Public Domain.
tid="authorized principals command"
@@ -12,7 +12,7 @@ if [ -z "$SUDO" -a ! -w /var/run ]; then
exit 0
fi
-case "`${SSH} -Q key-plain`" in
+case "`${SSH} -Q key-plain | grep -v ^sk-`" in
*ssh-rsa*) userkeytype=rsa ;;
*) userkeytype=ed25519 ;;
esac
diff --git a/regress/test-exec.sh b/regress/test-exec.sh
index 508b9328..3f1685bb 100644
--- a/regress/test-exec.sh
+++ b/regress/test-exec.sh
@@ -1,4 +1,4 @@
-# $OpenBSD: test-exec.sh,v 1.66 2019/07/05 04:12:46 dtucker Exp $
+# $OpenBSD: test-exec.sh,v 1.67 2019/11/01 01:55:41 djm Exp $
# Placed in the Public Domain.
#SUDO=sudo
@@ -475,7 +475,7 @@ fi
rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER
-SSH_KEYTYPES=`$SSH -Q key-plain`
+SSH_KEYTYPES=`$SSH -Q key-plain | grep -v ^sk`
for t in ${SSH_KEYTYPES}; do
# generate user key
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list