aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJon Simons <jon@jonsimons.org>2018-06-15 18:45:43 -0400
committerJon Simons <jon@jonsimons.org>2018-06-27 19:42:33 -0700
commit787a64939035e60358c7ff25df2e8da67928a823 (patch)
tree0b5ad6f8818b35cf324bdf9832308a2ee543500b
parent54690e6cddeab1f0349f74885e4cfbc901b1ad01 (diff)
downloadlibssh-787a64939035e60358c7ff25df2e8da67928a823.tar.gz
libssh-787a64939035e60358c7ff25df2e8da67928a823.tar.xz
libssh-787a64939035e60358c7ff25df2e8da67928a823.zip
pkd: specify HostKeyAlgorithms for OpenSSH client
As of OpenSSH 6.9, support for `ssh-dss` host keys is disabled by default at runtime. Specify an explicit `-o HostKeyAlgorithms` in the pkd tests to explicitly enable each host key type being tested, including `ssh-dss`. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
-rw-r--r--tests/pkd/pkd_client.h37
1 files changed, 30 insertions, 7 deletions
diff --git a/tests/pkd/pkd_client.h b/tests/pkd/pkd_client.h
index c4a8a601..13909a66 100644
--- a/tests/pkd/pkd_client.h
+++ b/tests/pkd/pkd_client.h
@@ -2,24 +2,47 @@
* pkd_client.h -- macros for generating client-specific command
* invocations for use with pkd testing
*
- * (c) 2014 Jon Simons
+ * (c) 2014, 2018 Jon Simons <jon@jonsimons.org>
*/
#ifndef __PKD_CLIENT_H__
#define __PKD_CLIENT_H__
+#include "config.h"
+
/* OpenSSH */
#define OPENSSH_BINARY "ssh"
#define OPENSSH_KEYGEN "ssh-keygen"
+#define OPENSSH_HOSTKEY_ALGOS_DEFAULT "ssh-rsa"
+
+#if HAVE_ECC
+#define OPENSSH_HOSTKEY_ALGOS_ECDSA ",ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521"
+#else /* HAVE_ECC */
+#define OPENSSH_HOSTKEY_ALGOS_ECDSA ""
+#endif /* HAVE_ECC */
+
+#if HAVE_DSA
+#define OPENSSH_HOSTKEY_ALGOS_DSA ",ssh-dss"
+#else /* HAVE_DSA */
+#define OPENSSH_HOSTKEY_ALGOS_DSA ""
+#endif /* HAVE_DSA */
+
+#define OPENSSH_HOSTKEY_ALGOS \
+ "-o HostKeyAlgorithms=" \
+ OPENSSH_HOSTKEY_ALGOS_DEFAULT \
+ OPENSSH_HOSTKEY_ALGOS_ECDSA \
+ OPENSSH_HOSTKEY_ALGOS_DSA
+
#define OPENSSH_CMD_START \
- OPENSSH_BINARY " " \
- "-o UserKnownHostsFile=/dev/null " \
- "-o StrictHostKeyChecking=no " \
- "-i " CLIENT_ID_FILE " " \
- "1> %s.out " \
- "2> %s.err " \
+ OPENSSH_BINARY " " \
+ "-o UserKnownHostsFile=/dev/null " \
+ "-o StrictHostKeyChecking=no " \
+ OPENSSH_HOSTKEY_ALGOS " " \
+ "-i " CLIENT_ID_FILE " " \
+ "1> %s.out " \
+ "2> %s.err " \
"-vvv "
#define OPENSSH_CMD_END "-p 1234 localhost ls"