From 5c1198fd3834088c08657d5ca7205e5649de9dc6 Mon Sep 17 00:00:00 2001 From: djm Date: Wed, 5 Jan 2022 08:25:05 +0000 Subject: [PATCH] select all RSA hostkey algorithms for UpdateHostkeys tests, not just RSA-SHA1 --- regress/usr.bin/ssh/hostkey-rotate.sh | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/regress/usr.bin/ssh/hostkey-rotate.sh b/regress/usr.bin/ssh/hostkey-rotate.sh index 2852c457c25..deb0d8aaaa1 100644 --- a/regress/usr.bin/ssh/hostkey-rotate.sh +++ b/regress/usr.bin/ssh/hostkey-rotate.sh @@ -1,4 +1,4 @@ -# $OpenBSD: hostkey-rotate.sh,v 1.9 2020/10/07 06:38:16 djm Exp $ +# $OpenBSD: hostkey-rotate.sh,v 1.10 2022/01/05 08:25:05 djm Exp $ # Placed in the Public Domain. tid="hostkey rotate" @@ -25,9 +25,14 @@ for k in $SSH_HOSTKEY_TYPES; do echo "Hostkey $OBJ/hkr.${k}" >> $OBJ/sshd_proxy.orig nkeys=`expr $nkeys + 1` test "x$all_algs" = "x" || all_algs="${all_algs}," - all_algs="${all_algs}$k" case "$k" in - ssh-rsa) secondary="ssh-rsa" ;; + ssh-rsa) + secondary="ssh-rsa" + all_algs="${all_algs}rsa-sha2-256,rsa-sha2-512,$k" + ;; + *) + all_algs="${all_algs}$k" + ;; esac done @@ -73,8 +78,12 @@ done # Check each key type for k in $SSH_HOSTKEY_TYPES; do + case "$k" in + ssh-rsa) alg="rsa-sha2-256,rsa-sha2-512,ssh-rsa" ;; + *) alg="$k" ;; + esac verbose "learn additional hostkeys, type=$k" - dossh -oStrictHostKeyChecking=yes -oHostKeyAlgorithms=$k,$all_algs + dossh -oStrictHostKeyChecking=yes -oHostKeyAlgorithms=$alg,$all_algs expect_nkeys $nkeys "learn hostkeys $k" check_key_present $k || fail "didn't learn $k correctly" done -- 2.20.1