#
1.28 |
|
30-Sep-2021 |
dtucker |
Fix up whitespace left by previous change removing privsep. No other changes.
|
#
1.27 |
|
30-Sep-2021 |
dtucker |
Remove (almost all) references to privsep. This removes several do..while loops but does not change the indentation of the now-shallower loops, which will be done in a separate whitespace-only commit to keep changes of style and substance separate.
|
Revision tags: OPENBSD_6_9_BASE OPENBSD_7_0_BASE
|
#
1.26 |
|
25-Feb-2021 |
djm |
s/PubkeyAcceptedKeyTypes/PubkeyAcceptedAlgorithms/
|
Revision tags: OPENBSD_6_7_BASE OPENBSD_6_8_BASE
|
#
1.25 |
|
03-Jan-2020 |
djm |
what bozo decided to use 2020 as a future date in a regress test?
|
#
1.24 |
|
11-Dec-2019 |
djm |
it's no longer possible to disable privilege separation in sshd, so don't double the tests' work by trying both off/on
|
#
1.23 |
|
26-Nov-2019 |
djm |
test FIDO2/U2F key types; ok markus@
|
#
1.22 |
|
01-Nov-2019 |
djm |
skip security-key key types for tests until we have a dummy U2F middleware to use.
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.21 |
|
25-Jul-2019 |
dtucker |
Make certificate tests work with the supported key algorithms. Allows tests to pass when built without OpenSSL.
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.20 |
|
31-Oct-2018 |
dtucker |
UsePrivilegeSeparation no is deprecated, test "yes" and "sandbox". rCVS: ----------------------------------------------------------------------
|
Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.19 |
|
12-Mar-2018 |
djm |
explicitly specify RSA/SHA-2 keytype here too
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.18 |
|
30-Apr-2017 |
djm |
eliminate explicit specification of protocol in tests and loops over protocol. We only support SSHv2 now.
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.17 |
|
30-Nov-2016 |
djm |
test new behaviour of cert force-command restriction vs. authorized_key/ principals
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.16 |
|
03-May-2016 |
dtucker |
Use a subshell for constructing key types to work around different sed behaviours for -portable.
|
#
1.15 |
|
02-May-2016 |
djm |
unit and regress tests for SHA256/512; ok markus
|
Revision tags: OPENBSD_5_8_BASE OPENBSD_5_9_BASE
|
#
1.14 |
|
10-Jul-2015 |
markus |
Adapt tests, now that DSA if off by default; use PubkeyAcceptedKeyTypes and PubkeyAcceptedKeyTypes to test DSA.
|
#
1.13 |
|
03-Jul-2015 |
djm |
legacy v00 certificates are gone; adapt and don't try to test them; "sure" markus@ dtucker@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE OPENBSD_5_7_BASE
|
#
1.12 |
|
06-Dec-2013 |
markus |
test ed25519 support; from djm@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.11 |
|
17-May-2013 |
dtucker |
replace 'echo -n' with 'printf' since it's more portable
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.10 |
|
18-Jan-2013 |
djm |
Tests for Key Revocation Lists (KRLs)
|
#
1.9 |
|
19-Oct-2012 |
djm |
include a serial number when generating certs
|
Revision tags: OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE
|
#
1.8 |
|
17-May-2011 |
djm |
fatal() if asked to generate a legacy ECDSA cert (these don't exist) and fix the regress test that was trying to generate them :)
|
Revision tags: OPENBSD_4_9_BASE
|
#
1.7 |
|
31-Aug-2010 |
djm |
tests for ECDSA certificates
|
Revision tags: OPENBSD_4_8_BASE
|
#
1.6 |
|
29-Jun-2010 |
djm |
regress tests for key options in AuthorizedPrincipals
|
#
1.5 |
|
07-May-2010 |
djm |
regress tests for AuthorizedPrincipalsFile and "principals=" key option. feedback and ok markus@
|
#
1.4 |
|
16-Apr-2010 |
djm |
regression tests for v01 certificate format includes interop tests for v00 certs
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.3 |
|
04-Mar-2010 |
djm |
additional regression tests for revoked keys and TrustedUserCAKeys
|
#
1.2 |
|
03-Mar-2010 |
djm |
add an extra test to ensure that authentication with the wrong certificate fails as it should (and it does)
|
#
1.1 |
|
26-Feb-2010 |
djm |
regression tests for certified keys
|
#
1.26 |
|
25-Feb-2021 |
djm |
s/PubkeyAcceptedKeyTypes/PubkeyAcceptedAlgorithms/
|
Revision tags: OPENBSD_6_7_BASE OPENBSD_6_8_BASE
|
#
1.25 |
|
03-Jan-2020 |
djm |
what bozo decided to use 2020 as a future date in a regress test?
|
#
1.24 |
|
11-Dec-2019 |
djm |
it's no longer possible to disable privilege separation in sshd, so don't double the tests' work by trying both off/on
|
#
1.23 |
|
26-Nov-2019 |
djm |
test FIDO2/U2F key types; ok markus@
|
#
1.22 |
|
01-Nov-2019 |
djm |
skip security-key key types for tests until we have a dummy U2F middleware to use.
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.21 |
|
25-Jul-2019 |
dtucker |
Make certificate tests work with the supported key algorithms. Allows tests to pass when built without OpenSSL.
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.20 |
|
31-Oct-2018 |
dtucker |
UsePrivilegeSeparation no is deprecated, test "yes" and "sandbox". rCVS: ----------------------------------------------------------------------
|
Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.19 |
|
12-Mar-2018 |
djm |
explicitly specify RSA/SHA-2 keytype here too
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.18 |
|
30-Apr-2017 |
djm |
eliminate explicit specification of protocol in tests and loops over protocol. We only support SSHv2 now.
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.17 |
|
30-Nov-2016 |
djm |
test new behaviour of cert force-command restriction vs. authorized_key/ principals
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.16 |
|
03-May-2016 |
dtucker |
Use a subshell for constructing key types to work around different sed behaviours for -portable.
|
#
1.15 |
|
02-May-2016 |
djm |
unit and regress tests for SHA256/512; ok markus
|
Revision tags: OPENBSD_5_8_BASE OPENBSD_5_9_BASE
|
#
1.14 |
|
10-Jul-2015 |
markus |
Adapt tests, now that DSA if off by default; use PubkeyAcceptedKeyTypes and PubkeyAcceptedKeyTypes to test DSA.
|
#
1.13 |
|
03-Jul-2015 |
djm |
legacy v00 certificates are gone; adapt and don't try to test them; "sure" markus@ dtucker@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE OPENBSD_5_7_BASE
|
#
1.12 |
|
06-Dec-2013 |
markus |
test ed25519 support; from djm@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.11 |
|
17-May-2013 |
dtucker |
replace 'echo -n' with 'printf' since it's more portable
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.10 |
|
18-Jan-2013 |
djm |
Tests for Key Revocation Lists (KRLs)
|
#
1.9 |
|
19-Oct-2012 |
djm |
include a serial number when generating certs
|
Revision tags: OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE
|
#
1.8 |
|
17-May-2011 |
djm |
fatal() if asked to generate a legacy ECDSA cert (these don't exist) and fix the regress test that was trying to generate them :)
|
Revision tags: OPENBSD_4_9_BASE
|
#
1.7 |
|
31-Aug-2010 |
djm |
tests for ECDSA certificates
|
Revision tags: OPENBSD_4_8_BASE
|
#
1.6 |
|
29-Jun-2010 |
djm |
regress tests for key options in AuthorizedPrincipals
|
#
1.5 |
|
07-May-2010 |
djm |
regress tests for AuthorizedPrincipalsFile and "principals=" key option. feedback and ok markus@
|
#
1.4 |
|
16-Apr-2010 |
djm |
regression tests for v01 certificate format includes interop tests for v00 certs
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.3 |
|
04-Mar-2010 |
djm |
additional regression tests for revoked keys and TrustedUserCAKeys
|
#
1.2 |
|
03-Mar-2010 |
djm |
add an extra test to ensure that authentication with the wrong certificate fails as it should (and it does)
|
#
1.1 |
|
26-Feb-2010 |
djm |
regression tests for certified keys
|
#
1.25 |
|
03-Jan-2020 |
djm |
what bozo decided to use 2020 as a future date in a regress test?
|
#
1.24 |
|
11-Dec-2019 |
djm |
it's no longer possible to disable privilege separation in sshd, so don't double the tests' work by trying both off/on
|
#
1.23 |
|
26-Nov-2019 |
djm |
test FIDO2/U2F key types; ok markus@
|
#
1.22 |
|
01-Nov-2019 |
djm |
skip security-key key types for tests until we have a dummy U2F middleware to use.
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.21 |
|
25-Jul-2019 |
dtucker |
Make certificate tests work with the supported key algorithms. Allows tests to pass when built without OpenSSL.
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.20 |
|
31-Oct-2018 |
dtucker |
UsePrivilegeSeparation no is deprecated, test "yes" and "sandbox". rCVS: ----------------------------------------------------------------------
|
Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.19 |
|
12-Mar-2018 |
djm |
explicitly specify RSA/SHA-2 keytype here too
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.18 |
|
30-Apr-2017 |
djm |
eliminate explicit specification of protocol in tests and loops over protocol. We only support SSHv2 now.
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.17 |
|
30-Nov-2016 |
djm |
test new behaviour of cert force-command restriction vs. authorized_key/ principals
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.16 |
|
03-May-2016 |
dtucker |
Use a subshell for constructing key types to work around different sed behaviours for -portable.
|
#
1.15 |
|
02-May-2016 |
djm |
unit and regress tests for SHA256/512; ok markus
|
Revision tags: OPENBSD_5_8_BASE OPENBSD_5_9_BASE
|
#
1.14 |
|
10-Jul-2015 |
markus |
Adapt tests, now that DSA if off by default; use PubkeyAcceptedKeyTypes and PubkeyAcceptedKeyTypes to test DSA.
|
#
1.13 |
|
03-Jul-2015 |
djm |
legacy v00 certificates are gone; adapt and don't try to test them; "sure" markus@ dtucker@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE OPENBSD_5_7_BASE
|
#
1.12 |
|
06-Dec-2013 |
markus |
test ed25519 support; from djm@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.11 |
|
17-May-2013 |
dtucker |
replace 'echo -n' with 'printf' since it's more portable
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.10 |
|
18-Jan-2013 |
djm |
Tests for Key Revocation Lists (KRLs)
|
#
1.9 |
|
19-Oct-2012 |
djm |
include a serial number when generating certs
|
Revision tags: OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE
|
#
1.8 |
|
17-May-2011 |
djm |
fatal() if asked to generate a legacy ECDSA cert (these don't exist) and fix the regress test that was trying to generate them :)
|
Revision tags: OPENBSD_4_9_BASE
|
#
1.7 |
|
31-Aug-2010 |
djm |
tests for ECDSA certificates
|
Revision tags: OPENBSD_4_8_BASE
|
#
1.6 |
|
29-Jun-2010 |
djm |
regress tests for key options in AuthorizedPrincipals
|
#
1.5 |
|
07-May-2010 |
djm |
regress tests for AuthorizedPrincipalsFile and "principals=" key option. feedback and ok markus@
|
#
1.4 |
|
16-Apr-2010 |
djm |
regression tests for v01 certificate format includes interop tests for v00 certs
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.3 |
|
04-Mar-2010 |
djm |
additional regression tests for revoked keys and TrustedUserCAKeys
|
#
1.2 |
|
03-Mar-2010 |
djm |
add an extra test to ensure that authentication with the wrong certificate fails as it should (and it does)
|
#
1.1 |
|
26-Feb-2010 |
djm |
regression tests for certified keys
|
#
1.24 |
|
11-Dec-2019 |
djm |
it's no longer possible to disable privilege separation in sshd, so don't double the tests' work by trying both off/on
|
#
1.23 |
|
26-Nov-2019 |
djm |
test FIDO2/U2F key types; ok markus@
|
#
1.22 |
|
01-Nov-2019 |
djm |
skip security-key key types for tests until we have a dummy U2F middleware to use.
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.21 |
|
25-Jul-2019 |
dtucker |
Make certificate tests work with the supported key algorithms. Allows tests to pass when built without OpenSSL.
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.20 |
|
31-Oct-2018 |
dtucker |
UsePrivilegeSeparation no is deprecated, test "yes" and "sandbox". rCVS: ----------------------------------------------------------------------
|
Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.19 |
|
12-Mar-2018 |
djm |
explicitly specify RSA/SHA-2 keytype here too
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.18 |
|
30-Apr-2017 |
djm |
eliminate explicit specification of protocol in tests and loops over protocol. We only support SSHv2 now.
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.17 |
|
30-Nov-2016 |
djm |
test new behaviour of cert force-command restriction vs. authorized_key/ principals
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.16 |
|
03-May-2016 |
dtucker |
Use a subshell for constructing key types to work around different sed behaviours for -portable.
|
#
1.15 |
|
02-May-2016 |
djm |
unit and regress tests for SHA256/512; ok markus
|
Revision tags: OPENBSD_5_8_BASE OPENBSD_5_9_BASE
|
#
1.14 |
|
10-Jul-2015 |
markus |
Adapt tests, now that DSA if off by default; use PubkeyAcceptedKeyTypes and PubkeyAcceptedKeyTypes to test DSA.
|
#
1.13 |
|
03-Jul-2015 |
djm |
legacy v00 certificates are gone; adapt and don't try to test them; "sure" markus@ dtucker@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE OPENBSD_5_7_BASE
|
#
1.12 |
|
06-Dec-2013 |
markus |
test ed25519 support; from djm@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.11 |
|
17-May-2013 |
dtucker |
replace 'echo -n' with 'printf' since it's more portable
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.10 |
|
18-Jan-2013 |
djm |
Tests for Key Revocation Lists (KRLs)
|
#
1.9 |
|
19-Oct-2012 |
djm |
include a serial number when generating certs
|
Revision tags: OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE
|
#
1.8 |
|
17-May-2011 |
djm |
fatal() if asked to generate a legacy ECDSA cert (these don't exist) and fix the regress test that was trying to generate them :)
|
Revision tags: OPENBSD_4_9_BASE
|
#
1.7 |
|
31-Aug-2010 |
djm |
tests for ECDSA certificates
|
Revision tags: OPENBSD_4_8_BASE
|
#
1.6 |
|
29-Jun-2010 |
djm |
regress tests for key options in AuthorizedPrincipals
|
#
1.5 |
|
07-May-2010 |
djm |
regress tests for AuthorizedPrincipalsFile and "principals=" key option. feedback and ok markus@
|
#
1.4 |
|
16-Apr-2010 |
djm |
regression tests for v01 certificate format includes interop tests for v00 certs
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.3 |
|
04-Mar-2010 |
djm |
additional regression tests for revoked keys and TrustedUserCAKeys
|
#
1.2 |
|
03-Mar-2010 |
djm |
add an extra test to ensure that authentication with the wrong certificate fails as it should (and it does)
|
#
1.1 |
|
26-Feb-2010 |
djm |
regression tests for certified keys
|
#
1.23 |
|
26-Nov-2019 |
djm |
test FIDO2/U2F key types; ok markus@
|
#
1.22 |
|
01-Nov-2019 |
djm |
skip security-key key types for tests until we have a dummy U2F middleware to use.
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.21 |
|
25-Jul-2019 |
dtucker |
Make certificate tests work with the supported key algorithms. Allows tests to pass when built without OpenSSL.
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.20 |
|
31-Oct-2018 |
dtucker |
UsePrivilegeSeparation no is deprecated, test "yes" and "sandbox". rCVS: ----------------------------------------------------------------------
|
Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.19 |
|
12-Mar-2018 |
djm |
explicitly specify RSA/SHA-2 keytype here too
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.18 |
|
30-Apr-2017 |
djm |
eliminate explicit specification of protocol in tests and loops over protocol. We only support SSHv2 now.
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.17 |
|
30-Nov-2016 |
djm |
test new behaviour of cert force-command restriction vs. authorized_key/ principals
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.16 |
|
03-May-2016 |
dtucker |
Use a subshell for constructing key types to work around different sed behaviours for -portable.
|
#
1.15 |
|
02-May-2016 |
djm |
unit and regress tests for SHA256/512; ok markus
|
Revision tags: OPENBSD_5_8_BASE OPENBSD_5_9_BASE
|
#
1.14 |
|
10-Jul-2015 |
markus |
Adapt tests, now that DSA if off by default; use PubkeyAcceptedKeyTypes and PubkeyAcceptedKeyTypes to test DSA.
|
#
1.13 |
|
03-Jul-2015 |
djm |
legacy v00 certificates are gone; adapt and don't try to test them; "sure" markus@ dtucker@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE OPENBSD_5_7_BASE
|
#
1.12 |
|
06-Dec-2013 |
markus |
test ed25519 support; from djm@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.11 |
|
17-May-2013 |
dtucker |
replace 'echo -n' with 'printf' since it's more portable
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.10 |
|
18-Jan-2013 |
djm |
Tests for Key Revocation Lists (KRLs)
|
#
1.9 |
|
19-Oct-2012 |
djm |
include a serial number when generating certs
|
Revision tags: OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE
|
#
1.8 |
|
17-May-2011 |
djm |
fatal() if asked to generate a legacy ECDSA cert (these don't exist) and fix the regress test that was trying to generate them :)
|
Revision tags: OPENBSD_4_9_BASE
|
#
1.7 |
|
31-Aug-2010 |
djm |
tests for ECDSA certificates
|
Revision tags: OPENBSD_4_8_BASE
|
#
1.6 |
|
29-Jun-2010 |
djm |
regress tests for key options in AuthorizedPrincipals
|
#
1.5 |
|
07-May-2010 |
djm |
regress tests for AuthorizedPrincipalsFile and "principals=" key option. feedback and ok markus@
|
#
1.4 |
|
16-Apr-2010 |
djm |
regression tests for v01 certificate format includes interop tests for v00 certs
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.3 |
|
04-Mar-2010 |
djm |
additional regression tests for revoked keys and TrustedUserCAKeys
|
#
1.2 |
|
03-Mar-2010 |
djm |
add an extra test to ensure that authentication with the wrong certificate fails as it should (and it does)
|
#
1.1 |
|
26-Feb-2010 |
djm |
regression tests for certified keys
|
#
1.22 |
|
01-Nov-2019 |
djm |
skip security-key key types for tests until we have a dummy U2F middleware to use.
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.21 |
|
25-Jul-2019 |
dtucker |
Make certificate tests work with the supported key algorithms. Allows tests to pass when built without OpenSSL.
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.20 |
|
31-Oct-2018 |
dtucker |
UsePrivilegeSeparation no is deprecated, test "yes" and "sandbox". rCVS: ----------------------------------------------------------------------
|
Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.19 |
|
12-Mar-2018 |
djm |
explicitly specify RSA/SHA-2 keytype here too
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.18 |
|
30-Apr-2017 |
djm |
eliminate explicit specification of protocol in tests and loops over protocol. We only support SSHv2 now.
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.17 |
|
30-Nov-2016 |
djm |
test new behaviour of cert force-command restriction vs. authorized_key/ principals
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.16 |
|
03-May-2016 |
dtucker |
Use a subshell for constructing key types to work around different sed behaviours for -portable.
|
#
1.15 |
|
02-May-2016 |
djm |
unit and regress tests for SHA256/512; ok markus
|
Revision tags: OPENBSD_5_8_BASE OPENBSD_5_9_BASE
|
#
1.14 |
|
10-Jul-2015 |
markus |
Adapt tests, now that DSA if off by default; use PubkeyAcceptedKeyTypes and PubkeyAcceptedKeyTypes to test DSA.
|
#
1.13 |
|
03-Jul-2015 |
djm |
legacy v00 certificates are gone; adapt and don't try to test them; "sure" markus@ dtucker@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE OPENBSD_5_7_BASE
|
#
1.12 |
|
06-Dec-2013 |
markus |
test ed25519 support; from djm@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.11 |
|
17-May-2013 |
dtucker |
replace 'echo -n' with 'printf' since it's more portable
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.10 |
|
18-Jan-2013 |
djm |
Tests for Key Revocation Lists (KRLs)
|
#
1.9 |
|
19-Oct-2012 |
djm |
include a serial number when generating certs
|
Revision tags: OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE
|
#
1.8 |
|
17-May-2011 |
djm |
fatal() if asked to generate a legacy ECDSA cert (these don't exist) and fix the regress test that was trying to generate them :)
|
Revision tags: OPENBSD_4_9_BASE
|
#
1.7 |
|
31-Aug-2010 |
djm |
tests for ECDSA certificates
|
Revision tags: OPENBSD_4_8_BASE
|
#
1.6 |
|
29-Jun-2010 |
djm |
regress tests for key options in AuthorizedPrincipals
|
#
1.5 |
|
07-May-2010 |
djm |
regress tests for AuthorizedPrincipalsFile and "principals=" key option. feedback and ok markus@
|
#
1.4 |
|
16-Apr-2010 |
djm |
regression tests for v01 certificate format includes interop tests for v00 certs
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.3 |
|
04-Mar-2010 |
djm |
additional regression tests for revoked keys and TrustedUserCAKeys
|
#
1.2 |
|
03-Mar-2010 |
djm |
add an extra test to ensure that authentication with the wrong certificate fails as it should (and it does)
|
#
1.1 |
|
26-Feb-2010 |
djm |
regression tests for certified keys
|
#
1.21 |
|
25-Jul-2019 |
dtucker |
Make certificate tests work with the supported key algorithms. Allows tests to pass when built without OpenSSL.
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.20 |
|
31-Oct-2018 |
dtucker |
UsePrivilegeSeparation no is deprecated, test "yes" and "sandbox". rCVS: ----------------------------------------------------------------------
|
Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.19 |
|
12-Mar-2018 |
djm |
explicitly specify RSA/SHA-2 keytype here too
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.18 |
|
30-Apr-2017 |
djm |
eliminate explicit specification of protocol in tests and loops over protocol. We only support SSHv2 now.
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.17 |
|
30-Nov-2016 |
djm |
test new behaviour of cert force-command restriction vs. authorized_key/ principals
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.16 |
|
03-May-2016 |
dtucker |
Use a subshell for constructing key types to work around different sed behaviours for -portable.
|
#
1.15 |
|
02-May-2016 |
djm |
unit and regress tests for SHA256/512; ok markus
|
Revision tags: OPENBSD_5_8_BASE OPENBSD_5_9_BASE
|
#
1.14 |
|
10-Jul-2015 |
markus |
Adapt tests, now that DSA if off by default; use PubkeyAcceptedKeyTypes and PubkeyAcceptedKeyTypes to test DSA.
|
#
1.13 |
|
03-Jul-2015 |
djm |
legacy v00 certificates are gone; adapt and don't try to test them; "sure" markus@ dtucker@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE OPENBSD_5_7_BASE
|
#
1.12 |
|
06-Dec-2013 |
markus |
test ed25519 support; from djm@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.11 |
|
17-May-2013 |
dtucker |
replace 'echo -n' with 'printf' since it's more portable
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.10 |
|
18-Jan-2013 |
djm |
Tests for Key Revocation Lists (KRLs)
|
#
1.9 |
|
19-Oct-2012 |
djm |
include a serial number when generating certs
|
Revision tags: OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE
|
#
1.8 |
|
17-May-2011 |
djm |
fatal() if asked to generate a legacy ECDSA cert (these don't exist) and fix the regress test that was trying to generate them :)
|
Revision tags: OPENBSD_4_9_BASE
|
#
1.7 |
|
31-Aug-2010 |
djm |
tests for ECDSA certificates
|
Revision tags: OPENBSD_4_8_BASE
|
#
1.6 |
|
29-Jun-2010 |
djm |
regress tests for key options in AuthorizedPrincipals
|
#
1.5 |
|
07-May-2010 |
djm |
regress tests for AuthorizedPrincipalsFile and "principals=" key option. feedback and ok markus@
|
#
1.4 |
|
16-Apr-2010 |
djm |
regression tests for v01 certificate format includes interop tests for v00 certs
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.3 |
|
04-Mar-2010 |
djm |
additional regression tests for revoked keys and TrustedUserCAKeys
|
#
1.2 |
|
03-Mar-2010 |
djm |
add an extra test to ensure that authentication with the wrong certificate fails as it should (and it does)
|
#
1.1 |
|
26-Feb-2010 |
djm |
regression tests for certified keys
|
#
1.20 |
|
31-Oct-2018 |
dtucker |
UsePrivilegeSeparation no is deprecated, test "yes" and "sandbox". rCVS: ----------------------------------------------------------------------
|
Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.19 |
|
12-Mar-2018 |
djm |
explicitly specify RSA/SHA-2 keytype here too
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.18 |
|
30-Apr-2017 |
djm |
eliminate explicit specification of protocol in tests and loops over protocol. We only support SSHv2 now.
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.17 |
|
30-Nov-2016 |
djm |
test new behaviour of cert force-command restriction vs. authorized_key/ principals
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.16 |
|
03-May-2016 |
dtucker |
Use a subshell for constructing key types to work around different sed behaviours for -portable.
|
#
1.15 |
|
02-May-2016 |
djm |
unit and regress tests for SHA256/512; ok markus
|
Revision tags: OPENBSD_5_8_BASE OPENBSD_5_9_BASE
|
#
1.14 |
|
10-Jul-2015 |
markus |
Adapt tests, now that DSA if off by default; use PubkeyAcceptedKeyTypes and PubkeyAcceptedKeyTypes to test DSA.
|
#
1.13 |
|
03-Jul-2015 |
djm |
legacy v00 certificates are gone; adapt and don't try to test them; "sure" markus@ dtucker@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE OPENBSD_5_7_BASE
|
#
1.12 |
|
06-Dec-2013 |
markus |
test ed25519 support; from djm@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.11 |
|
17-May-2013 |
dtucker |
replace 'echo -n' with 'printf' since it's more portable
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.10 |
|
18-Jan-2013 |
djm |
Tests for Key Revocation Lists (KRLs)
|
#
1.9 |
|
19-Oct-2012 |
djm |
include a serial number when generating certs
|
Revision tags: OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE
|
#
1.8 |
|
17-May-2011 |
djm |
fatal() if asked to generate a legacy ECDSA cert (these don't exist) and fix the regress test that was trying to generate them :)
|
Revision tags: OPENBSD_4_9_BASE
|
#
1.7 |
|
31-Aug-2010 |
djm |
tests for ECDSA certificates
|
Revision tags: OPENBSD_4_8_BASE
|
#
1.6 |
|
29-Jun-2010 |
djm |
regress tests for key options in AuthorizedPrincipals
|
#
1.5 |
|
07-May-2010 |
djm |
regress tests for AuthorizedPrincipalsFile and "principals=" key option. feedback and ok markus@
|
#
1.4 |
|
16-Apr-2010 |
djm |
regression tests for v01 certificate format includes interop tests for v00 certs
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.3 |
|
04-Mar-2010 |
djm |
additional regression tests for revoked keys and TrustedUserCAKeys
|
#
1.2 |
|
03-Mar-2010 |
djm |
add an extra test to ensure that authentication with the wrong certificate fails as it should (and it does)
|
#
1.1 |
|
26-Feb-2010 |
djm |
regression tests for certified keys
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.19 |
|
12-Mar-2018 |
djm |
explicitly specify RSA/SHA-2 keytype here too
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.18 |
|
30-Apr-2017 |
djm |
eliminate explicit specification of protocol in tests and loops over protocol. We only support SSHv2 now.
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.17 |
|
30-Nov-2016 |
djm |
test new behaviour of cert force-command restriction vs. authorized_key/ principals
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.16 |
|
03-May-2016 |
dtucker |
Use a subshell for constructing key types to work around different sed behaviours for -portable.
|
#
1.15 |
|
02-May-2016 |
djm |
unit and regress tests for SHA256/512; ok markus
|
Revision tags: OPENBSD_5_8_BASE OPENBSD_5_9_BASE
|
#
1.14 |
|
10-Jul-2015 |
markus |
Adapt tests, now that DSA if off by default; use PubkeyAcceptedKeyTypes and PubkeyAcceptedKeyTypes to test DSA.
|
#
1.13 |
|
03-Jul-2015 |
djm |
legacy v00 certificates are gone; adapt and don't try to test them; "sure" markus@ dtucker@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE OPENBSD_5_7_BASE
|
#
1.12 |
|
06-Dec-2013 |
markus |
test ed25519 support; from djm@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.11 |
|
17-May-2013 |
dtucker |
replace 'echo -n' with 'printf' since it's more portable
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.10 |
|
18-Jan-2013 |
djm |
Tests for Key Revocation Lists (KRLs)
|
#
1.9 |
|
19-Oct-2012 |
djm |
include a serial number when generating certs
|
Revision tags: OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE
|
#
1.8 |
|
17-May-2011 |
djm |
fatal() if asked to generate a legacy ECDSA cert (these don't exist) and fix the regress test that was trying to generate them :)
|
Revision tags: OPENBSD_4_9_BASE
|
#
1.7 |
|
31-Aug-2010 |
djm |
tests for ECDSA certificates
|
Revision tags: OPENBSD_4_8_BASE
|
#
1.6 |
|
29-Jun-2010 |
djm |
regress tests for key options in AuthorizedPrincipals
|
#
1.5 |
|
07-May-2010 |
djm |
regress tests for AuthorizedPrincipalsFile and "principals=" key option. feedback and ok markus@
|
#
1.4 |
|
16-Apr-2010 |
djm |
regression tests for v01 certificate format includes interop tests for v00 certs
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.3 |
|
04-Mar-2010 |
djm |
additional regression tests for revoked keys and TrustedUserCAKeys
|
#
1.2 |
|
03-Mar-2010 |
djm |
add an extra test to ensure that authentication with the wrong certificate fails as it should (and it does)
|
#
1.1 |
|
26-Feb-2010 |
djm |
regression tests for certified keys
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.18 |
|
30-Apr-2017 |
djm |
eliminate explicit specification of protocol in tests and loops over protocol. We only support SSHv2 now.
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.17 |
|
30-Nov-2016 |
djm |
test new behaviour of cert force-command restriction vs. authorized_key/ principals
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.16 |
|
03-May-2016 |
dtucker |
Use a subshell for constructing key types to work around different sed behaviours for -portable.
|
#
1.15 |
|
02-May-2016 |
djm |
unit and regress tests for SHA256/512; ok markus
|
Revision tags: OPENBSD_5_8_BASE OPENBSD_5_9_BASE
|
#
1.14 |
|
10-Jul-2015 |
markus |
Adapt tests, now that DSA if off by default; use PubkeyAcceptedKeyTypes and PubkeyAcceptedKeyTypes to test DSA.
|
#
1.13 |
|
03-Jul-2015 |
djm |
legacy v00 certificates are gone; adapt and don't try to test them; "sure" markus@ dtucker@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE OPENBSD_5_7_BASE
|
#
1.12 |
|
06-Dec-2013 |
markus |
test ed25519 support; from djm@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.11 |
|
17-May-2013 |
dtucker |
replace 'echo -n' with 'printf' since it's more portable
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.10 |
|
18-Jan-2013 |
djm |
Tests for Key Revocation Lists (KRLs)
|
#
1.9 |
|
19-Oct-2012 |
djm |
include a serial number when generating certs
|
Revision tags: OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE
|
#
1.8 |
|
17-May-2011 |
djm |
fatal() if asked to generate a legacy ECDSA cert (these don't exist) and fix the regress test that was trying to generate them :)
|
Revision tags: OPENBSD_4_9_BASE
|
#
1.7 |
|
31-Aug-2010 |
djm |
tests for ECDSA certificates
|
Revision tags: OPENBSD_4_8_BASE
|
#
1.6 |
|
29-Jun-2010 |
djm |
regress tests for key options in AuthorizedPrincipals
|
#
1.5 |
|
07-May-2010 |
djm |
regress tests for AuthorizedPrincipalsFile and "principals=" key option. feedback and ok markus@
|
#
1.4 |
|
16-Apr-2010 |
djm |
regression tests for v01 certificate format includes interop tests for v00 certs
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.3 |
|
04-Mar-2010 |
djm |
additional regression tests for revoked keys and TrustedUserCAKeys
|
#
1.2 |
|
03-Mar-2010 |
djm |
add an extra test to ensure that authentication with the wrong certificate fails as it should (and it does)
|
#
1.1 |
|
26-Feb-2010 |
djm |
regression tests for certified keys
|