Commit Graph

1161 Commits

Author SHA1 Message Date
djm@openbsd.org
f82fa227a5
upstream: tidy and refactor PKCS#11 setup code
Replace the use of a perl script to delete the controlling TTY with a
SSH_ASKPASS script to directly load the PIN.

Move PKCS#11 setup code to functions in anticipation of it being used
elsewhere in additional tests.

Reduce stdout spam

OpenBSD-Regress-ID: 07705c31de30bab9601a95daf1ee6bef821dd262
2023-10-31 04:36:27 +11:00
dtucker@openbsd.org
1d6a878ceb
upstream: Only try to chown logfiles that exist to prevent spurious
errors.

OpenBSD-Regress-ID: f1b20a476734e885078c481f1324c9ea03af991e
2023-10-29 17:33:18 +11:00
anton@openbsd.org
e612376427
upstream: make use of bsd.regress.mk in extra and interop targets; ok
dtucker@

OpenBSD-Regress-ID: 7ea21b5f6fc4506165093b2123d88d20ff13a4f0
2023-10-29 17:32:47 +11:00
dtucker@openbsd.org
ea00391739
upstream: Skip conch interop tests when not enabled instead of fatal.
OpenBSD-Regress-ID: b0abf81c24ac6c21f367233663228ba16fa96a46
2023-10-27 00:02:26 +11:00
anton@openbsd.org
a611e4db40
upstream: ssh conch interop tests requires a controlling terminal;
ok dtucker@

OpenBSD-Regress-ID: cbf2701bc347c2f19d907f113779c666f1ecae4a
2023-10-26 23:44:53 +11:00
anton@openbsd.org
da951b5e08
upstream: Use private key that is allowed by sshd defaults in conch
interop tests.

ok dtucker@

OpenBSD-Regress-ID: 3b7f65c8f409c328bcd4b704f60cb3d31746f045
2023-10-26 23:34:29 +11:00
Darren Tucker
f993bb5835
Resync PuTTY and Conch path handling with upstream.
Now that configure finds these for us we can remove these -portable
specific changes.
2023-10-20 20:39:03 +11:00
dtucker@openbsd.org
c54a50359b
upstream: Allow overriding the locations of the Dropbear binaries
similar to what we do for the PuTTY ones.

OpenBSD-Regress-ID: 7de0e00518fb0c8fdc5f243b7f82f523c936049c
2023-10-20 20:28:20 +11:00
dtucker@openbsd.org
fbaa707d45
upstream: Add interop test with Dropbear.
Right now this is only dbclient not the Dropbear server since it won't
currently run as a ProxyCommand.

OpenBSD-Regress-ID: 8cb898c414fcdb252ca6328896b0687acdaee496
2023-10-20 18:35:32 +11:00
Damien Miller
6eee8c972d
run t-extra regress tests
This exposes the t-extra regress tests (including agent-pkcs11.sh) as
a new extra-tests target in the top level Makefile and runs them by
default. ok dtucker@
2023-10-13 15:15:05 +11:00
djm@openbsd.org
c616e64688
upstream: typos and extra debug trace calls
OpenBSD-Regress-ID: 98a2a6b9333743274359e3c0f0e65cf919a591d1
2023-10-12 14:52:46 +11:00
djm@openbsd.org
c49a3fbf10
upstream: ensure logs are owned by correct user; feedback/ok
dtucker@

OpenBSD-Regress-ID: c3297af8f07717f1d400a5d34529962f1a76b5a3
2023-10-12 14:52:45 +11:00
djm@openbsd.org
90b0d73d63
upstream: typo in error message
OpenBSD-Regress-ID: 6a8edf0dc39941298e3780b147b10c0a600b4fee
2023-10-06 14:33:37 +11:00
djm@openbsd.org
e84517f515
upstream: Perform the softhsm2 setup as discrete steps rather than
as a long shell pipeline. Makes it easier to figure out what has happened
when it breaks.

OpenBSD-Regress-ID: b3f1292115fed65765d0a95414df16e27772d81c
2023-10-06 14:31:20 +11:00
claudio@openbsd.org
cb54becff4
upstream: REGRESS_FAIL_EARLY defaults to yes now. So no need to
overload the value here anymore. OK tb@ bluhm@

OpenBSD-Regress-ID: f063330f1bebbcd373100afccebc91a965b14496
2023-10-06 14:31:13 +11:00
djm@openbsd.org
c4f9664829
upstream: regress test recursive remote-remote directories copies where
the directory contains a symlink to another directory.

also remove errant `set -x` that snuck in at some point

OpenBSD-Regress-ID: 1c94a48bdbd633ef2285954ee257725cd7bc456f
2023-09-08 16:12:05 +10:00
djm@openbsd.org
7c0ce2bf98
upstream: regress test for recursive copies of directories containing
symlinks to other directories. bz3611, ok dtucker@

OpenBSD-Regress-ID: eaa4c29cc5cddff4e72a16bcce14aeb1ecfc94b9
2023-09-08 15:59:21 +10:00
djm@openbsd.org
0e1f4401c4
upstream: regression test for override of subsystem in match blocks
OpenBSD-Regress-ID: 5f8135da3bfda71067084c048d717b0e8793e87c
2023-09-07 09:58:04 +10:00
Damien Miller
3961ed02dc
wrap poll.h include in HAVE_POLL_H 2023-08-10 09:08:49 +10:00
djm@openbsd.org
e0f91aa9c2
upstream: don't need to start a command here; use ssh -N instead.
Fixes failure on cygwin spotted by Darren

OpenBSD-Regress-ID: ff678a8cc69160a3b862733d935ec4a383f93cfb
2023-07-30 11:41:45 +10:00
djm@openbsd.org
f446a44f30
upstream: add LTESTS_FROM variable to allow skipping of tests up to
a specific point. e.g. "make LTESTS_FROM=t-sftp" will only run the sftp.sh
test and subsequent ones. ok dtucker@

OpenBSD-Regress-ID: 07f653de731def074b29293db946042706fcead3
2023-07-30 11:41:44 +10:00
djm@openbsd.org
8eb8899d61
upstream: test ChrootDirectory in Match block
OpenBSD-Regress-ID: a6150262f39065939f025e546af2a346ffe674c1
2023-07-30 11:18:09 +10:00
djm@openbsd.org
e43f43d3f1
upstream: better error messages
OpenBSD-Regress-ID: 55e4186604e80259496d841e690ea2090981bc7a
2023-07-30 11:17:43 +10:00
Darren Tucker
0fa803a1dd
Prefer OpenSSL's SHA256 in sk-dummy.so
Previously sk-dummy.so used libc's (or compat's) SHA256 since it may be
built without OpenSSL.  In many cases, however, including both libc's
and OpenSSL's headers together caused conflicting definitions.

We tried working around this (on OpenSSL <1.1 you could define
OPENSSL_NO_SHA, NetBSD had USE_LIBC_SHA2, various #define hacks) with
varying levels of success.  Since OpenSSL >=1.1 removed OPENSSL_NO_SHA
and including most OpenSSL headers would bring sha.h in, even if it
wasn't used directly this was a constant hassle.

Admit defeat and use OpenSSL's SHA256 unless we aren't using OpenSSL at
all.  ok djm@
2023-07-27 10:30:12 +10:00
Damien Miller
f3f56df8ec
agent_fuzz doesn't want stdint.h conditionalised 2023-07-19 12:07:18 +10:00
Damien Miller
750911fd31
conditionalise stdint.h inclusion on HAVE_STDINT_H
fixes build on AIX5 at least
2023-07-18 15:41:12 +10:00
dtucker@openbsd.org
b500afcf00
upstream: Remove compat code for OpenSSL 1.0.*
versions now that -portable has dropped support for those versions.

OpenBSD-Regress-ID: 82a8eacd87aec28e4aa19f17246ddde9d5ce7fe7
2023-03-28 19:03:10 +11:00
Darren Tucker
727560e601
Prevent conflicts between Solaris SHA2 and OpenSSL.
We used to prevent conflicts between native SHA2 headers and OpenSSL's
by setting OPENSSL_NO_SHA but that was removed prior to OpenSSL 1.1.0
2023-03-28 19:03:03 +11:00
Darren Tucker
46db8e14b7
Remove HEADER_SHA_H from previous...
since it causes more problems than it solves.
2023-03-28 12:44:03 +11:00
Darren Tucker
72bd68d373
Replace OPENSSL_NO_SHA with HEADER_SHA_H.
Since this test doesn't use OpenSSL's SHA2 and may cause conflicts we
don't want to include it, but OPENSSL_NO_SHA was removed beginning in
OpenSSL's 1.1 series.
2023-03-28 10:35:18 +11:00
dtucker@openbsd.org
7ebc6f060f
upstream: Add RevokedHostKeys to percent expansion test.
OpenBSD-Regress-ID: c077fd12a38005dd53d878c5b944154dec88d2ff
2023-03-27 15:04:36 +11:00
Darren Tucker
154d8baf63
Also look for gdb error message from OpenIndiana. 2023-03-27 12:22:30 +11:00
Damien Miller
9a97cd1064
BoringSSL doesn't support EC_POINT_point2bn()
so don't invoke it in unittest
2023-03-24 15:39:48 +11:00
Damien Miller
cc5969c033
another ERR_load_CRYPTO_strings() vestige 2023-03-24 15:39:47 +11:00
Damien Miller
4974293899
don't use obsolete ERR_load_CRYPTO_strings()
OpenSSL (and elsewhere in OpenSSH) uses ERR_load_crypto_strings()
2023-03-24 15:26:27 +11:00
Darren Tucker
42a06b29a4
Add header changes missed in previous. 2023-03-07 18:34:41 +11:00
dtucker@openbsd.org
03acc50d0c
upstream: Unit test for kex_proposal_populate_entries.
OpenBSD-Regress-ID: bdb211d80d572a08bf14b49fe2a58b9ff265c006
2023-03-07 17:31:57 +11:00
dtucker@openbsd.org
5fc60e8246
upstream: Remove SUDO in proxy command wrapper. Anything that needs
sudo is already run by it, and it breaks if root isn't in sudoers.

OpenBSD-Regress-ID: 6cf22fda32a89c16915f31a6ed9bbdbef2a3bac9
2023-03-02 22:33:12 +11:00
dtucker@openbsd.org
0d514659b2
upstream: Fix breakage on dhgex test.
This was due to the sshd logs being written to the wrong log file.
While there, make save_debug_logs less verbose, write the name of the
tarball to regress.log and use $SUDO to remove the old symlinks (which
shouldn't be needed, but won't hurt).  Initial problem spotted by anton@.

OpenBSD-Regress-ID: 9c44fb9cd418e6ff31165e7a6c1f9f11a6d19f5b
2023-03-02 19:32:21 +11:00
dtucker@openbsd.org
860201201d
upstream: Quote grep and log message better.
OpenBSD-Regress-ID: 3823d9063127169736aa274b1784cb28e15b64d4
2023-03-02 19:32:18 +11:00
dtucker@openbsd.org
13fe8f9785
upstream: Remove old log symlinks
before creating new ones. In -portable some platforms don't like
overwriting existing symlinks.

OpenBSD-Regress-ID: 7e7ddc0beb73e945e1c4c58d51c8a125b518120f
2023-03-02 17:43:00 +11:00
dtucker@openbsd.org
a6f4ac8a2b
upstream: Rework logging for the regression tests.
Previously we would log to ssh.log and sshd.log, but that is insufficient
for tests that have more than one concurent ssh/sshd.

Instead, we'll log to separate datestamped files in a $OBJ/log/ and
leave a symlink at the previous location pointing at the most recent
instance with an entry in regress.log showing which files were created
at each point.  This should be sufficient to reconstruct what happened
even for tests that use multiple instances of each program.  If the test
fails, tar up all of the logs for later analysis.

This will let us also capture the output from some of the other tools
which was previously sent to /dev/null although most of those will be
in future commits.

OpenBSD-Regress-ID: f802aa9e7fa51d1a01225c05fb0412d015c33e24
2023-03-01 22:02:47 +11:00
Darren Tucker
eb88d07c43
Revert explicit chmods on private keys.
This should no longer be needed on Cygwin test runners due to previous
commit.
2023-02-25 14:45:41 +11:00
Darren Tucker
0c5d4c843d
Explicitly set permissions on user and host keys.
On cygwin, the umask might not be sufficient.  Should fix tests on
Github runners.
2023-02-24 13:44:13 +11:00
Darren Tucker
17781aaa51
Wrap stdint.h inside ifdef. 2023-02-21 17:49:22 +11:00
Mayank Sharma
ef798bad38
Add includes to ptimeout test.
Fixes test failures on AIX due to type mismatches.
2023-02-20 23:24:15 +11:00
Darren Tucker
ab69dda05d
Always use the openssl binary configure tells us.
This fixes tests on platforms that do not have the openssl tool
installed at all.
2023-02-20 20:01:29 +11:00
djm@openbsd.org
6180b0fa4f
upstream: test -Ohashalg=... and that the default output contains both
specified hash algorithms; prompted by dtucker@

OpenBSD-Regress-ID: 26f309208c8d8b8fa9c5f419767b85f1e9b22f51
2023-02-10 16:13:06 +11:00
dtucker@openbsd.org
22efb01e35
upstream: Test adding terminating newline to known_hosts.
OpenBSD-Regress-ID: 5fc3010ac450195b3fbdeb68e875564968800365
2023-02-09 21:08:33 +11:00
dtucker@openbsd.org
caec6da1a5
upstream: ssh-agent doesn't actually take -v,
so the recently-added ones will result in the test not cleaning up
after itself.  Patch from cjwatson at debian.org vi bz#3536.

OpenBSD-Regress-ID: 1fc8283568f5bf2f918517c2c1e778072cf61b1a
2023-02-09 21:08:16 +11:00