diff options
| author | Damien Miller <djm@cvs.openbsd.org> | 2016-11-30 03:01:34 +0000 |
|---|---|---|
| committer | Damien Miller <djm@cvs.openbsd.org> | 2016-11-30 03:01:34 +0000 |
| commit | 1391dbe0b2abca92d9ba65702fa2ba9f6f83ab26 (patch) | |
| tree | 412c0b6f409a9cf585b4fa3b0777dc707dda66fb | |
| parent | f68122ed5e10bc376402c2317dc2aebc1533abbb (diff) | |
test new behaviour of cert force-command restriction vs. authorized_key/
principals
| -rw-r--r-- | regress/usr.bin/ssh/cert-userkey.sh | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/regress/usr.bin/ssh/cert-userkey.sh b/regress/usr.bin/ssh/cert-userkey.sh index 31974639591..7005fd55eb6 100644 --- a/regress/usr.bin/ssh/cert-userkey.sh +++ b/regress/usr.bin/ssh/cert-userkey.sh @@ -1,4 +1,4 @@ -# $OpenBSD: cert-userkey.sh,v 1.16 2016/05/03 12:15:49 dtucker Exp $ +# $OpenBSD: cert-userkey.sh,v 1.17 2016/11/30 03:01:33 djm Exp $ # Placed in the Public Domain. tid="certified user keys" @@ -354,6 +354,20 @@ test_one "principals key option principals" success "-n mekmitasdigoat" \ test_one "principals key option no principals" failure "" \ authorized_keys ',principals="mekmitasdigoat"' +# command= options vs. force-command in key +test_one "force-command match true" success \ + "-n ${USER} -Oforce-command=true" \ + authorized_keys ',command="true"' +test_one "force-command match true" failure \ + "-n ${USER} -Oforce-command=false" \ + authorized_keys ',command="false"' +test_one "force-command mismatch 1" failure \ + "-n ${USER} -Oforce-command=false" \ + authorized_keys ',command="true"' +test_one "force-command mismatch 2" failure \ + "-n ${USER} -Oforce-command=true" \ + authorized_keys ',command="false"' + # Wrong certificate cat $OBJ/sshd_proxy_bak > $OBJ/sshd_proxy for ktype in $PLAIN_TYPES ; do |