| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2024-12-06 | use glob(3) wildcards in AuthorizedKeys/PrincipalsFile tests to | Damien Miller | |
| exercise this feature; ok dtucker | |||
| 2024-12-06 | implement attestation verification for ED25519 keys | Damien Miller | |
| 2024-12-06 | Expand $SSH to absolute path if it's not already. Prevents problem | Darren Tucker | |
| later in increase_datafile_size if ssh is not in the path. Patch from quaresmajose via GHPR#510. | |||
| 2024-12-05 | Add key expiry test in the 64bit time_t range for additional coverage. | Darren Tucker | |
| From Alexander Kanavin via bz#3684. | |||
| 2024-12-04 | add a work-in-progress tool to verify FIDO attestation blobs | Damien Miller | |
| that ssh-keygen can write when enrolling FIDO keys. | |||
| 2024-12-04 | Don't assume existence of SK provider in test. | Darren Tucker | |
| Patch from balu.gajjala at gmail via bz#3402. | |||
| 2024-11-26 | regression test for UpdateHostkeys with multiple keys backed by | Damien Miller | |
| ssh-agent. Patch from Maxime Rey. | |||
| 2024-10-24 | test SIGUSR1 dropping all keys from ssh-agent | Damien Miller | |
| 2024-10-22 | Remove sshd logfile in start_sshd, and ssh and sshd log wrappers before | Darren Tucker | |
| recreating them. Prevents "can't create" errors during tests when running tests without SUDO after having run them with SUDO. | |||
| 2024-10-14 | regress support for split sshd-auth binary | Damien Miller | |
| 2024-09-27 | test some more Match syntax, including criteria=arg and negations | Damien Miller | |
| 2024-09-09 | test mlkem768x25519-sha256 | Damien Miller | |
| 2024-09-03 | regression test for Include variable expansion | Damien Miller | |
| 2024-08-28 | fix test: -F is the argument to specify a non-default ssh_config, | Damien Miller | |
| not -f (this is sadly not a new bug) | |||
| 2024-08-22 | Use aes128-ctr for MAC tests since default has implicit MAC. | Darren Tucker | |
| Also verify that the Cipher or MAC we intended to use is actually the one selected during the test. | |||
| 2024-08-21 | Some awks won't match on the \r so delete it instead. | Darren Tucker | |
| Fixes regress in portable on, eg Solaris. | |||
| 2024-08-21 | Use curve25519-sha256 kex where possible. Except where we're explicitly | Darren Tucker | |
| testing a different kex, use curve25519-sha256 since it's faster than the default and supported even when configured without OpenSSL. Add a check to ensure that the kex we intended to test is the one we actually tested. Speeds test up by ~5%. | |||
| 2024-08-20 | Send only as much data as needed to trigger rekeying. | Darren Tucker | |
| Speeds up tests by about 10% in the common case, hopefully more when instrumented with something like valgrind. | |||
| 2024-08-20 | Merge AEAD test into main test loop. Removes 3 duplicate tests and | Darren Tucker | |
| speeds overall test up by about 1%. | |||
| 2024-08-20 | Set a default RekeyLimit of 256k. Used unless overridden by a | Darren Tucker | |
| command-line flag, which simplifies some of the ssh command lines. | |||
| 2024-08-20 | Add Compression=no to default ssh_config. All of the rekey tests use it | Darren Tucker | |
| (otherwise the encrypted byte counts would not match) so this lets us simplify the command lines. | |||
| 2024-08-20 | Remove duplicate curve25519-sha256 kex. curve25519-sha256@libssh.org | Darren Tucker | |
| is the pre-standardization name for the same thing, so remove it as a duplicate. Speeds up test by a tiny amount. | |||
| 2024-08-20 | Unnest rekey param parsing test and use ssh not sshd. ssh uses the same | Darren Tucker | |
| parsing code, now has "-G" to dump its config and is slightly faster to start up. This speeds up the test slightly (~5%) in the common case but should help more during instrumented tests, eg under valgrind, where startup costs are magnified. | |||
| 2024-08-15 | adapt to EVP_PKEY conversion | Damien Miller | |
| 2024-07-19 | test transfers in mux proxy mode too | Damien Miller | |
| 2024-07-01 | use "lcd" to change directory before "lls" rather then "cd", since | Damien Miller | |
| the directory we're trying to list is local. Spotted by Corinna Vinschen | |||
| 2024-06-20 | Work around dbclient cipher and mac query bug. | Darren Tucker | |
| Unlike earlier versions, recent Dropbear (at least v2024.85) requires a host arg when querying supported ciphers and macs via "-c/-m help". Earlier versions accept but do not require it, so always provide it. If these queries fail, skip the test with a warning. | |||
| 2024-06-20 | Remove dropbear key types not supported by current OpenSSH. | Darren Tucker | |
| Allows subsequent test runs to work if OpenSSH is rebuilt w/out OpenSSL. | |||
| 2024-06-19 | Provide defaults for ciphers and macs if querying for them fails since | Darren Tucker | |
| on some versions of Dropbear (at least v2024.85) "-m help" doesn't seem to work. Enable all supported pubkey algorithms in the server. | |||
| 2024-06-19 | Use ed25519 keys for kex tests since that's supported by OpenSSH even when | Darren Tucker | |
| built without OpenSSL. Only test diffie-hellman kex if OpenSSH is compiled with support for it. | |||
| 2024-06-19 | Rework dropbear key setup to always generate ed25519 keys, other types | Darren Tucker | |
| only if OpenSSH has support for the corresponding key type. | |||
| 2024-06-18 | Re-enable ssh-dss tests if ssh is compiled with DSA support | Darren Tucker | |
| 2024-06-18 | Stop using DSA in dropbear interop tests. | Anton Lindqvist | |
| 2024-06-16 | same treatment for this test | Damien Miller | |
| 2024-06-16 | penalty test is still a bit racy | Damien Miller | |
| 2024-06-15 | crank up penalty timeouts so this should work on even the slowest of | Damien Miller | |
| test builders | |||
| 2024-06-14 | split the PerSourcePenalties test in two: one tests penalty enforcement | Damien Miller | |
| but not penalty expiry, the other tests penalty expiry. This lets us disable the expiry testing in certain CI test environments. | |||
| 2024-06-14 | don't redirect stderr for ssh-keyscan we expect to succeed | Damien Miller | |
| 2024-06-14 | specify an algorithm for ssh-keyscan, otherwise it will make | Damien Miller | |
| multiple attempts simultaneously and confuse the test | |||
| 2024-06-11 | fix PIDFILE handling, broken for SUDO=doas in last commit here | Damien Miller | |
| 2024-06-06 | regress test for PerSourcePenalties | Damien Miller | |
| 2024-06-06 | make sure logs are saved from sshd run via start_sshd | Damien Miller | |
| 2024-06-06 | simplify | Damien Miller | |
| 2024-06-06 | prepare for PerSourcePenalties being enabled by default in future | Damien Miller | |
| 2024-05-22 | this test has been broken since 2014, and has been testing the same | Damien Miller | |
| key exchange algorithm repeatedly instead of testing all of them. Spotted by nreilly AT blackberry.com in bz3692 Who broke the test? me. | |||
| 2024-05-19 | Add missing kex-names.c source file required since the ssh split. | Anton Lindqvist | |
| 2024-05-17 | allow overriding the sshd-session binary path | Damien Miller | |
| 2024-04-03 | Since ssh-agent(1) is only readable by root by now, use ssh(1) while | Anton Lindqvist | |
| generating data in tests. | |||
| 2024-03-29 | Use egrep instead of grep -E. Some plaforms don't have the latter so this | Darren Tucker | |
| makes things easier in -portable. | |||
| 2024-03-26 | test -h is the POSIXly way of testing for a symlink. Reduces diff vs | Darren Tucker | |
| Portable. | |||
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |