b32fed86db
didn't use them. This will make future merges from the vendor tree much easier. Approved by: re (gjb)
120 lines
2.7 KiB
Bash
120 lines
2.7 KiB
Bash
# $OpenBSD: ssh-com.sh,v 1.8 2013/05/17 00:37:40 dtucker Exp $
|
|
# Placed in the Public Domain.
|
|
|
|
tid="connect to ssh.com server"
|
|
|
|
#TEST_COMBASE=/path/to/ssh/com/binaries
|
|
if [ "X${TEST_COMBASE}" = "X" ]; then
|
|
fatal '$TEST_COMBASE is not set'
|
|
fi
|
|
|
|
VERSIONS="
|
|
2.0.12
|
|
2.0.13
|
|
2.1.0
|
|
2.2.0
|
|
2.3.0
|
|
2.4.0
|
|
3.0.0
|
|
3.1.0
|
|
3.2.0
|
|
3.2.2
|
|
3.2.3
|
|
3.2.5
|
|
3.2.9
|
|
3.2.9.1
|
|
3.3.0"
|
|
# 2.0.10 does not support UserConfigDirectory
|
|
# 2.3.1 requires a config in $HOME/.ssh2
|
|
|
|
SRC=`dirname ${SCRIPT}`
|
|
|
|
# ssh.com
|
|
cat << EOF > $OBJ/sshd2_config
|
|
#*:
|
|
# Port and ListenAddress are not used.
|
|
QuietMode yes
|
|
Port 4343
|
|
ListenAddress 127.0.0.1
|
|
UserConfigDirectory ${OBJ}/%U
|
|
Ciphers AnyCipher
|
|
PubKeyAuthentication yes
|
|
#AllowedAuthentications publickey
|
|
AuthorizationFile authorization
|
|
HostKeyFile ${SRC}/dsa_ssh2.prv
|
|
PublicHostKeyFile ${SRC}/dsa_ssh2.pub
|
|
RandomSeedFile ${OBJ}/random_seed
|
|
MaxConnections 0
|
|
PermitRootLogin yes
|
|
VerboseMode no
|
|
CheckMail no
|
|
Ssh1Compatibility no
|
|
EOF
|
|
|
|
# create client config
|
|
sed "s/HostKeyAlias.*/HostKeyAlias ssh2-localhost-with-alias/" \
|
|
< $OBJ/ssh_config > $OBJ/ssh_config_com
|
|
|
|
# we need a DSA key for
|
|
rm -f ${OBJ}/dsa ${OBJ}/dsa.pub
|
|
${SSHKEYGEN} -q -N '' -t dsa -f ${OBJ}/dsa
|
|
|
|
# setup userdir, try rsa first
|
|
mkdir -p ${OBJ}/${USER}
|
|
cp /dev/null ${OBJ}/${USER}/authorization
|
|
for t in rsa dsa; do
|
|
${SSHKEYGEN} -e -f ${OBJ}/$t.pub > ${OBJ}/${USER}/$t.com
|
|
echo Key $t.com >> ${OBJ}/${USER}/authorization
|
|
echo IdentityFile ${OBJ}/$t >> ${OBJ}/ssh_config_com
|
|
done
|
|
|
|
# convert and append DSA hostkey
|
|
(
|
|
printf 'ssh2-localhost-with-alias,127.0.0.1,::1 '
|
|
${SSHKEYGEN} -if ${SRC}/dsa_ssh2.pub
|
|
) >> $OBJ/known_hosts
|
|
|
|
# go for it
|
|
for v in ${VERSIONS}; do
|
|
sshd2=${TEST_COMBASE}/${v}/sshd2
|
|
if [ ! -x ${sshd2} ]; then
|
|
continue
|
|
fi
|
|
trace "sshd2 ${v}"
|
|
PROXY="proxycommand ${sshd2} -qif ${OBJ}/sshd2_config 2> /dev/null"
|
|
${SSH} -qF ${OBJ}/ssh_config_com -o "${PROXY}" dummy exit 0
|
|
if [ $? -ne 0 ]; then
|
|
fail "ssh connect to sshd2 ${v} failed"
|
|
fi
|
|
|
|
ciphers="3des-cbc blowfish-cbc arcfour"
|
|
macs="hmac-md5"
|
|
case $v in
|
|
2.4.*)
|
|
ciphers="$ciphers cast128-cbc"
|
|
macs="$macs hmac-sha1 hmac-sha1-96 hmac-md5-96"
|
|
;;
|
|
3.*)
|
|
ciphers="$ciphers aes128-cbc cast128-cbc"
|
|
macs="$macs hmac-sha1 hmac-sha1-96 hmac-md5-96"
|
|
;;
|
|
esac
|
|
#ciphers="3des-cbc"
|
|
for m in $macs; do
|
|
for c in $ciphers; do
|
|
trace "sshd2 ${v} cipher $c mac $m"
|
|
verbose "test ${tid}: sshd2 ${v} cipher $c mac $m"
|
|
${SSH} -c $c -m $m -qF ${OBJ}/ssh_config_com -o "${PROXY}" dummy exit 0
|
|
if [ $? -ne 0 ]; then
|
|
fail "ssh connect to sshd2 ${v} with $c/$m failed"
|
|
fi
|
|
done
|
|
done
|
|
done
|
|
|
|
rm -rf ${OBJ}/${USER}
|
|
for i in sshd_config_proxy ssh_config_proxy random_seed \
|
|
sshd2_config dsa.pub dsa ssh_config_com; do
|
|
rm -f ${OBJ}/$i
|
|
done
|