diff options
| author | Darren Tucker <dtucker@cvs.openbsd.org> | 2020-08-28 03:17:14 +0000 |
|---|---|---|
| committer | Darren Tucker <dtucker@cvs.openbsd.org> | 2020-08-28 03:17:14 +0000 |
| commit | 87144a8b760ccbaf098a9cef4018a9c78b84d616 (patch) | |
| tree | 8b93e8da54035927c94e83ce3b4ca44ec9ed1a65 /regress | |
| parent | e9e415a6678d11b6f2e08f8b3ebc619ed6d0716f (diff) | |
Ensure that address/mask mismatches are flagged at config-check time.
ok djm@
Diffstat (limited to 'regress')
| -rw-r--r-- | regress/usr.bin/ssh/addrmatch.sh | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/regress/usr.bin/ssh/addrmatch.sh b/regress/usr.bin/ssh/addrmatch.sh index 0f53ce2a11b..f753a4e2655 100644 --- a/regress/usr.bin/ssh/addrmatch.sh +++ b/regress/usr.bin/ssh/addrmatch.sh @@ -1,4 +1,4 @@ -# $OpenBSD: addrmatch.sh,v 1.5 2020/03/13 03:18:45 djm Exp $ +# $OpenBSD: addrmatch.sh,v 1.6 2020/08/28 03:17:13 dtucker Exp $ # Placed in the Public Domain. tid="address match" @@ -50,5 +50,17 @@ run_trial user 2001::1 somehost ::2 1234 nomatch "IP6 network" run_trial user ::5 somehost ::1 1234 match3 "IP6 localaddress" run_trial user ::5 somehost ::2 5678 match4 "IP6 localport" +# +# Check that we catch invalid address/mask in Match Address/Localaddress +# +for i in 10.0.1.0/8 10.0.0.1/24 2000:aa:bb:01::/56; do + for a in address localaddress; do + verbose "test invalid Match $a $i" + echo "Match $a $i" > $OBJ/sshd_proxy + ${SUDO} ${SSHD} -f $OBJ/sshd_proxy -t >/dev/null 2>&1 && \ + fail "accepted invalid match $a $i" + done +done + cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy rm $OBJ/sshd_proxy_bak |