62 lines
2.0 KiB
Diff
62 lines
2.0 KiB
Diff
|
From 86ee3f5a00c2f5237dcbb09f80283af703ced3f5 Mon Sep 17 00:00:00 2001
|
||
|
From: Jakub Jelen <jjelen@redhat.com>
|
||
|
Date: Thu, 27 Jan 2022 21:04:03 +0100
|
||
|
Subject: [PATCH] tests: Skip the workaround forcing SHA1 signatures
|
||
|
|
||
|
In certificate authentication with OpenSSH 8.0, the SHA2 signatures were
|
||
|
not accepted correctly [1]. This was not an issue up until the OpenSSH
|
||
|
8.8p1, which does no longer allow SHA1 signatures by default so this
|
||
|
broke the CI and tests against the new OpenSSH [2].
|
||
|
|
||
|
Fixes !107
|
||
|
|
||
|
[1] https://bugzilla.mindrot.org/show_bug.cgi?id=3016
|
||
|
[2] https://gitlab.com/libssh/libssh-mirror/-/issues/107
|
||
|
|
||
|
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
|
||
|
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
|
||
|
---
|
||
|
tests/client/torture_auth.c | 4 ++++
|
||
|
1 file changed, 4 insertions(+)
|
||
|
|
||
|
diff --git a/tests/client/torture_auth.c b/tests/client/torture_auth.c
|
||
|
index 29f6f5a5..d02fd6e2 100644
|
||
|
--- a/tests/client/torture_auth.c
|
||
|
+++ b/tests/client/torture_auth.c
|
||
|
@@ -642,6 +642,7 @@ static void torture_auth_cert(void **state) {
|
||
|
|
||
|
static void torture_auth_agent_cert(void **state)
|
||
|
{
|
||
|
+#if OPENSSH_VERSION_MAJOR < 8
|
||
|
struct torture_state *s = *state;
|
||
|
ssh_session session = s->ssh.session;
|
||
|
int rc;
|
||
|
@@ -661,6 +662,7 @@ static void torture_auth_agent_cert(void **state)
|
||
|
"ssh-rsa-cert-v01@openssh.com");
|
||
|
assert_int_equal(rc, SSH_OK);
|
||
|
}
|
||
|
+#endif /* OPENSSH_VERSION_MAJOR < 8 */
|
||
|
|
||
|
/* Setup loads a different key, tests are exactly the same. */
|
||
|
torture_auth_agent(state);
|
||
|
@@ -668,6 +670,7 @@ static void torture_auth_agent_cert(void **state)
|
||
|
|
||
|
static void torture_auth_agent_cert_nonblocking(void **state)
|
||
|
{
|
||
|
+#if OPENSSH_VERSION_MAJOR < 8
|
||
|
struct torture_state *s = *state;
|
||
|
ssh_session session = s->ssh.session;
|
||
|
int rc;
|
||
|
@@ -687,6 +690,7 @@ static void torture_auth_agent_cert_nonblocking(void **state)
|
||
|
"ssh-rsa-cert-v01@openssh.com");
|
||
|
assert_int_equal(rc, SSH_OK);
|
||
|
}
|
||
|
+#endif /* OPENSSH_VERSION_MAJOR < 8 */
|
||
|
|
||
|
torture_auth_agent_nonblocking(state);
|
||
|
}
|
||
|
--
|
||
|
GitLab
|
||
|
|
||
|
|