From 86ee3f5a00c2f5237dcbb09f80283af703ced3f5 Mon Sep 17 00:00:00 2001 From: Jakub Jelen Date: Thu, 27 Jan 2022 21:04:03 +0100 Subject: [PATCH] tests: Skip the workaround forcing SHA1 signatures In certificate authentication with OpenSSH 8.0, the SHA2 signatures were not accepted correctly [1]. This was not an issue up until the OpenSSH 8.8p1, which does no longer allow SHA1 signatures by default so this broke the CI and tests against the new OpenSSH [2]. Fixes !107 [1] https://bugzilla.mindrot.org/show_bug.cgi?id=3016 [2] https://gitlab.com/libssh/libssh-mirror/-/issues/107 Signed-off-by: Jakub Jelen Reviewed-by: Andreas Schneider --- tests/client/torture_auth.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/client/torture_auth.c b/tests/client/torture_auth.c index 29f6f5a5..d02fd6e2 100644 --- a/tests/client/torture_auth.c +++ b/tests/client/torture_auth.c @@ -642,6 +642,7 @@ static void torture_auth_cert(void **state) { static void torture_auth_agent_cert(void **state) { +#if OPENSSH_VERSION_MAJOR < 8 struct torture_state *s = *state; ssh_session session = s->ssh.session; int rc; @@ -661,6 +662,7 @@ static void torture_auth_agent_cert(void **state) "ssh-rsa-cert-v01@openssh.com"); assert_int_equal(rc, SSH_OK); } +#endif /* OPENSSH_VERSION_MAJOR < 8 */ /* Setup loads a different key, tests are exactly the same. */ torture_auth_agent(state); @@ -668,6 +670,7 @@ static void torture_auth_agent_cert(void **state) static void torture_auth_agent_cert_nonblocking(void **state) { +#if OPENSSH_VERSION_MAJOR < 8 struct torture_state *s = *state; ssh_session session = s->ssh.session; int rc; @@ -687,6 +690,7 @@ static void torture_auth_agent_cert_nonblocking(void **state) "ssh-rsa-cert-v01@openssh.com"); assert_int_equal(rc, SSH_OK); } +#endif /* OPENSSH_VERSION_MAJOR < 8 */ torture_auth_agent_nonblocking(state); } -- GitLab