2024-01-12 01:27:06 +00:00
|
|
|
# $OpenBSD: Makefile,v 1.133 2024/01/11 04:50:28 djm Exp $
|
2023-04-30 01:15:27 +00:00
|
|
|
|
|
|
|
|
OPENSSL?= yes
|
|
|
|
|
|
|
|
|
|
# Unit tests require OpenSSL.
|
|
|
|
|
.if !defined(SKIP_UNIT) && ${OPENSSL:L} == yes
|
|
|
|
|
SUBDIR= unittests
|
|
|
|
|
.endif
|
|
|
|
|
SUBDIR+= misc
|
|
|
|
|
|
|
|
|
|
REGRESS_SETUP_ONCE=misc # For sk-dummy.so
|
|
|
|
|
|
|
|
|
|
# Key conversion operations are not supported when built w/out OpenSSL.
|
2023-05-17 13:56:02 +00:00
|
|
|
.if !defined(LTESTS_FROM) && ${OPENSSL:L} != no
|
2023-04-30 01:15:27 +00:00
|
|
|
REGRESS_TARGETS= t1 t2 t3 t4 t5 t6 t7 t8 t9 t10 t11 t12
|
|
|
|
|
.endif
|
|
|
|
|
|
|
|
|
|
LTESTS= connect \
|
|
|
|
|
proxy-connect \
|
|
|
|
|
sshfp-connect \
|
|
|
|
|
connect-privsep \
|
|
|
|
|
connect-uri \
|
|
|
|
|
proto-version \
|
|
|
|
|
proto-mismatch \
|
|
|
|
|
exit-status \
|
|
|
|
|
exit-status-signal \
|
|
|
|
|
envpass \
|
|
|
|
|
transfer \
|
|
|
|
|
banner \
|
|
|
|
|
rekey \
|
|
|
|
|
dhgex \
|
|
|
|
|
stderr-data \
|
|
|
|
|
stderr-after-eof \
|
|
|
|
|
broken-pipe \
|
|
|
|
|
try-ciphers \
|
|
|
|
|
yes-head \
|
|
|
|
|
login-timeout \
|
|
|
|
|
agent \
|
|
|
|
|
agent-getpeereid \
|
|
|
|
|
agent-timeout \
|
|
|
|
|
agent-ptrace \
|
|
|
|
|
agent-subprocess \
|
|
|
|
|
keyscan \
|
|
|
|
|
keygen-change \
|
|
|
|
|
keygen-comment \
|
|
|
|
|
keygen-convert \
|
|
|
|
|
keygen-knownhosts \
|
|
|
|
|
keygen-moduli \
|
|
|
|
|
keygen-sshfp \
|
|
|
|
|
key-options \
|
|
|
|
|
scp \
|
|
|
|
|
scp3 \
|
|
|
|
|
scp-uri \
|
|
|
|
|
sftp \
|
|
|
|
|
sftp-chroot \
|
|
|
|
|
sftp-cmds \
|
|
|
|
|
sftp-badcmds \
|
|
|
|
|
sftp-batch \
|
|
|
|
|
sftp-glob \
|
|
|
|
|
sftp-perm \
|
|
|
|
|
sftp-uri \
|
|
|
|
|
reconfigure \
|
|
|
|
|
dynamic-forward \
|
|
|
|
|
forwarding \
|
|
|
|
|
multiplex \
|
|
|
|
|
reexec \
|
|
|
|
|
brokenkeys \
|
|
|
|
|
sshcfgparse \
|
|
|
|
|
cfgparse \
|
|
|
|
|
cfgmatch \
|
|
|
|
|
cfgmatchlisten \
|
|
|
|
|
percent \
|
|
|
|
|
addrmatch \
|
|
|
|
|
localcommand \
|
|
|
|
|
forcecommand \
|
|
|
|
|
portnum \
|
|
|
|
|
keytype \
|
|
|
|
|
kextype \
|
|
|
|
|
cert-hostkey \
|
|
|
|
|
cert-userkey \
|
|
|
|
|
host-expand \
|
|
|
|
|
keys-command \
|
|
|
|
|
forward-control \
|
|
|
|
|
integrity \
|
|
|
|
|
krl \
|
|
|
|
|
multipubkey \
|
|
|
|
|
limit-keytype \
|
|
|
|
|
hostkey-agent \
|
|
|
|
|
hostkey-rotate \
|
|
|
|
|
principals-command \
|
|
|
|
|
cert-file \
|
|
|
|
|
cfginclude \
|
|
|
|
|
servcfginclude \
|
|
|
|
|
allow-deny-users \
|
|
|
|
|
authinfo \
|
|
|
|
|
sshsig \
|
|
|
|
|
knownhosts \
|
|
|
|
|
knownhosts-command \
|
|
|
|
|
agent-restrict \
|
|
|
|
|
hostbased \
|
|
|
|
|
channel-timeout \
|
2023-09-07 01:24:24 +00:00
|
|
|
connection-timeout \
|
2023-12-18 23:55:01 +00:00
|
|
|
match-subsystem \
|
|
|
|
|
agent-pkcs11-restrict \
|
|
|
|
|
agent-pkcs11-cert
|
2023-04-30 01:15:27 +00:00
|
|
|
|
|
|
|
|
INTEROP_TESTS= putty-transfer putty-ciphers putty-kex conch-ciphers
|
2023-11-11 01:29:48 +00:00
|
|
|
INTEROP_TESTS+= dropbear-ciphers dropbear-kex
|
2023-04-30 01:15:27 +00:00
|
|
|
#INTEROP_TESTS+=ssh-com ssh-com-client ssh-com-keygen ssh-com-sftp
|
|
|
|
|
|
|
|
|
|
EXTRA_TESTS= agent-pkcs11
|
|
|
|
|
#EXTRA_TESTS+= cipher-speed
|
|
|
|
|
|
|
|
|
|
USERNAME!= id -un
|
|
|
|
|
CLEANFILES+= *.core actual agent-key.* authorized_keys_${USERNAME} \
|
|
|
|
|
authorized_keys_${USERNAME}.* authorized_principals_${USERNAME} \
|
|
|
|
|
banner.in banner.out cert_host_key* cert_user_key* \
|
|
|
|
|
copy.1 copy.2 data ed25519-agent ed25519-agent* \
|
|
|
|
|
ed25519-agent.pub empty.in expect failed-regress.log \
|
|
|
|
|
failed-ssh.log failed-sshd.log hkr.* host.ecdsa-sha2-nistp256 \
|
|
|
|
|
host.ecdsa-sha2-nistp384 host.ecdsa-sha2-nistp521 \
|
|
|
|
|
host.ssh-dss host.ssh-ed25519 host.ssh-rsa \
|
|
|
|
|
host_* host_ca_key* host_krl_* host_revoked_* key.* \
|
|
|
|
|
key.dsa-* key.ecdsa-* key.ed25519-512 key.ed25519-512.pub \
|
|
|
|
|
key.rsa-* keys-command-args kh.* known_hosts askpass \
|
|
|
|
|
known_hosts-cert known_hosts.* krl-* ls.copy modpipe \
|
|
|
|
|
netcat pidfile putty.rsa2 ready regress.log remote_pid \
|
|
|
|
|
revoked-* rsa rsa-agent rsa-agent.pub rsa.pub rsa_ssh2_cr.prv \
|
|
|
|
|
rsa_ssh2_crnl.prv scp-ssh-wrapper.exe \
|
|
|
|
|
scp-ssh-wrapper.scp setuid-allowed sftp-server.log \
|
|
|
|
|
sftp-server.sh sftp.log ssh-log-wrapper.sh ssh.log \
|
|
|
|
|
ssh-agent.log ssh-add.log slow-sftp-server.sh \
|
|
|
|
|
ssh-rsa_oldfmt knownhosts_command \
|
|
|
|
|
ssh_config ssh_config.* ssh_proxy ssh_proxy_bak \
|
|
|
|
|
ssh_proxy_* sshd.log sshd_config sshd_config.* \
|
|
|
|
|
sshd_proxy sshd_proxy.* sshd_proxy_bak sshd_proxy_orig \
|
|
|
|
|
t10.out t10.out.pub t12.out t12.out.pub t2.out t3.out \
|
|
|
|
|
t6.out1 t6.out2 t7.out t7.out.pub t8.out t8.out.pub \
|
|
|
|
|
t9.out t9.out.pub \
|
|
|
|
|
timestamp testdata user_*key* user_ca* user_key*
|
|
|
|
|
|
|
|
|
|
# Enable all malloc(3) randomisations and checks
|
|
|
|
|
TEST_ENV= "MALLOC_OPTIONS=CFGJRSUX"
|
|
|
|
|
|
|
|
|
|
t1:
|
|
|
|
|
ssh-keygen -if ${.CURDIR}/rsa_ssh2.prv | diff - ${.CURDIR}/rsa_openssh.prv
|
|
|
|
|
tr '\n' '\r' <${.CURDIR}/rsa_ssh2.prv > ${.OBJDIR}/rsa_ssh2_cr.prv
|
|
|
|
|
ssh-keygen -if ${.OBJDIR}/rsa_ssh2_cr.prv | diff - ${.CURDIR}/rsa_openssh.prv
|
|
|
|
|
awk '{print $$0 "\r"}' ${.CURDIR}/rsa_ssh2.prv > ${.OBJDIR}/rsa_ssh2_crnl.prv
|
|
|
|
|
ssh-keygen -if ${.OBJDIR}/rsa_ssh2_crnl.prv | diff - ${.CURDIR}/rsa_openssh.prv
|
|
|
|
|
|
|
|
|
|
t2:
|
|
|
|
|
cat ${.CURDIR}/rsa_openssh.prv > t2.out
|
|
|
|
|
chmod 600 t2.out
|
|
|
|
|
ssh-keygen -yf t2.out | diff - ${.CURDIR}/rsa_openssh.pub
|
|
|
|
|
|
|
|
|
|
t3:
|
|
|
|
|
ssh-keygen -ef ${.CURDIR}/rsa_openssh.pub |\
|
|
|
|
|
ssh-keygen -if /dev/stdin |\
|
|
|
|
|
diff - ${.CURDIR}/rsa_openssh.pub
|
|
|
|
|
|
|
|
|
|
t4:
|
|
|
|
|
ssh-keygen -E md5 -lf ${.CURDIR}/rsa_openssh.pub |\
|
|
|
|
|
awk '{print $$2}' | diff - ${.CURDIR}/t4.ok
|
|
|
|
|
|
|
|
|
|
t5:
|
|
|
|
|
ssh-keygen -Bf ${.CURDIR}/rsa_openssh.pub |\
|
|
|
|
|
awk '{print $$2}' | diff - ${.CURDIR}/t5.ok
|
|
|
|
|
|
|
|
|
|
t6:
|
2024-01-12 01:27:06 +00:00
|
|
|
set -xe ; if ssh -Q key | grep -q ^ssh-dss ; then \
|
|
|
|
|
ssh-keygen -if ${.CURDIR}/dsa_ssh2.prv > t6.out1 ; \
|
|
|
|
|
ssh-keygen -if ${.CURDIR}/dsa_ssh2.pub > t6.out2 ; \
|
|
|
|
|
chmod 600 t6.out1 ; \
|
|
|
|
|
ssh-keygen -yf t6.out1 | diff - t6.out2 ; \
|
|
|
|
|
fi
|
2023-04-30 01:15:27 +00:00
|
|
|
|
|
|
|
|
t7.out:
|
2024-01-12 01:27:06 +00:00
|
|
|
ssh-keygen -q -t rsa -N '' -f $@ ; \
|
2023-04-30 01:15:27 +00:00
|
|
|
|
|
|
|
|
t7: t7.out
|
|
|
|
|
ssh-keygen -lf t7.out > /dev/null
|
|
|
|
|
ssh-keygen -Bf t7.out > /dev/null
|
|
|
|
|
|
|
|
|
|
t8.out:
|
2024-01-12 01:27:06 +00:00
|
|
|
set -xe ; if ssh -Q key | grep -q ^ssh-dss ; then \
|
|
|
|
|
ssh-keygen -q -t dsa -N '' -f $@ ; \
|
|
|
|
|
fi
|
2023-04-30 01:15:27 +00:00
|
|
|
|
|
|
|
|
t8: t8.out
|
2024-01-12 01:27:06 +00:00
|
|
|
set -xe ; if ssh -Q key | grep -q ^ssh-dss ; then \
|
|
|
|
|
ssh-keygen -lf t8.out > /dev/null ; \
|
|
|
|
|
ssh-keygen -Bf t8.out > /dev/null ; \
|
|
|
|
|
fi
|
2023-04-30 01:15:27 +00:00
|
|
|
|
|
|
|
|
t9.out:
|
|
|
|
|
ssh-keygen -q -t ecdsa -N '' -f $@
|
|
|
|
|
|
|
|
|
|
t9: t9.out
|
|
|
|
|
ssh-keygen -lf t9.out > /dev/null
|
|
|
|
|
ssh-keygen -Bf t9.out > /dev/null
|
|
|
|
|
|
|
|
|
|
t10.out:
|
|
|
|
|
ssh-keygen -q -t ed25519 -N '' -f $@
|
|
|
|
|
|
|
|
|
|
t10: t10.out
|
|
|
|
|
ssh-keygen -lf t10.out > /dev/null
|
|
|
|
|
ssh-keygen -Bf t10.out > /dev/null
|
|
|
|
|
|
|
|
|
|
t11:
|
|
|
|
|
ssh-keygen -E sha256 -lf ${.CURDIR}/rsa_openssh.pub |\
|
|
|
|
|
awk '{print $$2}' | diff - ${.CURDIR}/t11.ok
|
|
|
|
|
|
|
|
|
|
t12.out:
|
|
|
|
|
ssh-keygen -q -t ed25519 -N '' -C 'test-comment-1234' -f $@
|
|
|
|
|
|
|
|
|
|
t12: t12.out
|
|
|
|
|
ssh-keygen -lf t12.out.pub | grep -q test-comment-1234
|
|
|
|
|
|
|
|
|
|
modpipe: modpipe.c
|
|
|
|
|
|
|
|
|
|
timestamp: timestamp.c
|
|
|
|
|
|
|
|
|
|
t-integrity: modpipe
|
|
|
|
|
|
|
|
|
|
.for t in ${LTESTS} ${INTEROP_TESTS} ${EXTRA_TESTS}
|
|
|
|
|
t-${t}: timestamp
|
|
|
|
|
env SUDO="${SUDO}" ${TEST_ENV} \
|
|
|
|
|
sh ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/${t}.sh
|
|
|
|
|
.endfor
|
|
|
|
|
|
2023-05-17 13:56:02 +00:00
|
|
|
.undef LTESTS_STARTED
|
2023-04-30 01:15:27 +00:00
|
|
|
.for t in ${LTESTS}
|
2023-05-17 13:56:02 +00:00
|
|
|
.if defined(LTESTS_FROM) && ${LTESTS_FROM} == t-${t}
|
|
|
|
|
LTESTS_STARTED=yes
|
|
|
|
|
.endif
|
|
|
|
|
.if !defined(LTESTS_FROM) || defined(LTESTS_STARTED)
|
2023-04-30 01:15:27 +00:00
|
|
|
REGRESS_TARGETS+=t-${t}
|
2023-05-17 13:56:02 +00:00
|
|
|
.endif
|
2023-04-30 01:15:27 +00:00
|
|
|
.endfor
|
|
|
|
|
|
2023-11-11 01:29:48 +00:00
|
|
|
# Not run by default
|
|
|
|
|
.if make(interop)
|
|
|
|
|
|
2023-04-30 01:15:27 +00:00
|
|
|
.for t in ${INTEROP_TESTS}
|
|
|
|
|
INTEROP_TARGETS+=t-${t}
|
|
|
|
|
.endfor
|
|
|
|
|
|
2023-11-11 01:29:48 +00:00
|
|
|
REGRESS_TARGETS=${INTEROP_TARGETS}
|
|
|
|
|
SUBDIR=
|
|
|
|
|
|
|
|
|
|
interop: regress
|
|
|
|
|
|
|
|
|
|
.endif
|
|
|
|
|
|
2023-04-30 01:15:27 +00:00
|
|
|
# Not run by default
|
2023-11-11 01:29:48 +00:00
|
|
|
.if make(extra)
|
2023-04-30 01:15:27 +00:00
|
|
|
|
|
|
|
|
.for t in ${EXTRA_TESTS}
|
|
|
|
|
EXTRA_TARGETS+=t-${t}
|
|
|
|
|
.endfor
|
|
|
|
|
|
2023-11-11 01:29:48 +00:00
|
|
|
REGRESS_TARGETS=${EXTRA_TARGETS}
|
|
|
|
|
SUBDIR=
|
|
|
|
|
|
|
|
|
|
extra: regress
|
|
|
|
|
|
|
|
|
|
.endif
|
2023-04-30 01:15:27 +00:00
|
|
|
|
|
|
|
|
.for s in ${SUBDIR}
|
|
|
|
|
CLEAN_SUBDIR+=c-${s}
|
|
|
|
|
c-${s}:
|
|
|
|
|
${MAKE} -C ${.CURDIR}/${s} clean
|
|
|
|
|
.endfor
|
|
|
|
|
|
|
|
|
|
clean: ${CLEAN_SUBDIR}
|
|
|
|
|
rm -f ${CLEANFILES}
|
|
|
|
|
rm -rf .putty
|
2023-11-11 01:29:48 +00:00
|
|
|
rm -rf .dropbear
|
2023-04-30 01:15:27 +00:00
|
|
|
|
|
|
|
|
.include <bsd.regress.mk>
|
