From 6f1a9c6796a74f04601ae2bea8d77409cb09a232 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Tue, 23 Jul 2019 13:32:49 +0000 Subject: Only use DSA key type in tests if binaries support it. --- regress/usr.bin/ssh/sshcfgparse.sh | 29 +++++++++++++++++++---------- 1 file changed, 19 insertions(+), 10 deletions(-) (limited to 'regress/usr.bin/ssh') diff --git a/regress/usr.bin/ssh/sshcfgparse.sh b/regress/usr.bin/ssh/sshcfgparse.sh index e0ce568d71c..2c00b64efc0 100644 --- a/regress/usr.bin/ssh/sshcfgparse.sh +++ b/regress/usr.bin/ssh/sshcfgparse.sh @@ -1,8 +1,15 @@ -# $OpenBSD: sshcfgparse.sh,v 1.4 2018/07/04 13:51:12 djm Exp $ +# $OpenBSD: sshcfgparse.sh,v 1.5 2019/07/23 13:32:48 dtucker Exp $ # Placed in the Public Domain. tid="ssh config parse" +dsa=0 +for t in $SSH_KEYTYPES; do + case "$t" in + ssh-dss) dsa=1 ;; + esac +done + expect_result_present() { _str="$1" ; shift for _expect in "$@" ; do @@ -75,15 +82,17 @@ f=`${SSH} -GF none -opubkeyacceptedkeytypes=-ssh-ed25519 host | \ expect_result_present "$f" "ssh-ed25519-cert-v01.*" expect_result_absent "$f" "ssh-ed25519" "ssh-dss" # Append to default set. -# XXX this will break for !WITH_OPENSSL -f=`${SSH} -GF none -opubkeyacceptedkeytypes=+ssh-dss-cert* host | \ - awk '/^pubkeyacceptedkeytypes /{print $2}'` -expect_result_present "$f" "ssh-ed25519" "ssh-dss-cert-v01.*" -expect_result_absent "$f" "ssh-dss" -f=`${SSH} -GF none -opubkeyacceptedkeytypes=+ssh-dss host | \ - awk '/^pubkeyacceptedkeytypes /{print $2}'` -expect_result_present "$f" "ssh-ed25519" "ssh-ed25519-cert-v01.*" "ssh-dss" -expect_result_absent "$f" "ssh-dss-cert-v01.*" +# This is not tested when built !WITH_OPENSSL +if [ "$dsa" = "1" ]; then + f=`${SSH} -GF none -opubkeyacceptedkeytypes=+ssh-dss-cert* host | \ + awk '/^pubkeyacceptedkeytypes /{print $2}'` + expect_result_present "$f" "ssh-ed25519" "ssh-dss-cert-v01.*" + expect_result_absent "$f" "ssh-dss" + f=`${SSH} -GF none -opubkeyacceptedkeytypes=+ssh-dss host | \ + awk '/^pubkeyacceptedkeytypes /{print $2}'` + expect_result_present "$f" "ssh-ed25519" "ssh-ed25519-cert-v01.*" "ssh-dss" + expect_result_absent "$f" "ssh-dss-cert-v01.*" +fi # cleanup rm -f $OBJ/ssh_config.[012] -- cgit v1.2.3