tests/sshserver.pl: use RSA instead of DSA for host auth
DSA is no longer supported by OpenSSH 7.0, which causes all SCP/SFTP test cases to be skipped. Using RSA for host authentication works with both old and new versions of OpenSSH. Reported-by: Karlson2k Closes #676 Upstream-commit: effa575fc7f028ee71fda16209d3d81af336b730 Signed-off-by: Kamil Dudka <kdudka@redhat.com>
This commit is contained in:
Kamil Dudka
parent
0c9fbb7ebe
commit
88c54d8197
|
|
@ -0,0 +1,73 @@
|
|||
From d4211b7d47747af9d36796517167cce14ad5e47b Mon Sep 17 00:00:00 2001
|
||||
From: Kamil Dudka <kdudka@redhat.com>
|
||||
Date: Tue, 23 Feb 2016 10:31:52 +0100
|
||||
Subject: [PATCH] tests/sshserver.pl: use RSA instead of DSA for host auth
|
||||
|
||||
DSA is no longer supported by OpenSSH 7.0, which causes all SCP/SFTP
|
||||
test cases to be skipped. Using RSA for host authentication works with
|
||||
both old and new versions of OpenSSH.
|
||||
|
||||
Reported-by: Karlson2k
|
||||
|
||||
Closes #676
|
||||
|
||||
Upstream-commit: effa575fc7f028ee71fda16209d3d81af336b730
|
||||
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
|
||||
---
|
||||
tests/sshhelp.pm | 4 ++--
|
||||
tests/sshserver.pl | 12 ++++++------
|
||||
2 files changed, 8 insertions(+), 8 deletions(-)
|
||||
|
||||
diff --git a/tests/sshhelp.pm b/tests/sshhelp.pm
|
||||
index 914879b..6719f9f 100644
|
||||
--- a/tests/sshhelp.pm
|
||||
+++ b/tests/sshhelp.pm
|
||||
@@ -120,8 +120,8 @@ $sshlog = undef; # ssh client log file
|
||||
$sftplog = undef; # sftp client log file
|
||||
$sftpcmds = 'curl_sftp_cmds'; # sftp client commands batch file
|
||||
$knownhosts = 'curl_client_knownhosts'; # ssh knownhosts file
|
||||
-$hstprvkeyf = 'curl_host_dsa_key'; # host private key file
|
||||
-$hstpubkeyf = 'curl_host_dsa_key.pub'; # host public key file
|
||||
+$hstprvkeyf = 'curl_host_rsa_key'; # host private key file
|
||||
+$hstpubkeyf = 'curl_host_rsa_key.pub'; # host public key file
|
||||
$cliprvkeyf = 'curl_client_key'; # client private key file
|
||||
$clipubkeyf = 'curl_client_key.pub'; # client public key file
|
||||
|
||||
diff --git a/tests/sshserver.pl b/tests/sshserver.pl
|
||||
index d8c2d6f..a99731a 100755
|
||||
--- a/tests/sshserver.pl
|
||||
+++ b/tests/sshserver.pl
|
||||
@@ -371,12 +371,12 @@ if((! -e $hstprvkeyf) || (! -s $hstprvkeyf) ||
|
||||
# Make sure all files are gone so ssh-keygen doesn't complain
|
||||
unlink($hstprvkeyf, $hstpubkeyf, $cliprvkeyf, $clipubkeyf);
|
||||
logmsg 'generating host keys...' if($verbose);
|
||||
- if(system "\"$sshkeygen\" -q -t dsa -f $hstprvkeyf -C 'curl test server' -N ''") {
|
||||
+ if(system "\"$sshkeygen\" -q -t rsa -f $hstprvkeyf -C 'curl test server' -N ''") {
|
||||
logmsg 'Could not generate host key';
|
||||
exit 1;
|
||||
}
|
||||
logmsg 'generating client keys...' if($verbose);
|
||||
- if(system "\"$sshkeygen\" -q -t dsa -f $cliprvkeyf -C 'curl test client' -N ''") {
|
||||
+ if(system "\"$sshkeygen\" -q -t rsa -f $cliprvkeyf -C 'curl test client' -N ''") {
|
||||
logmsg 'Could not generate client key';
|
||||
exit 1;
|
||||
}
|
||||
@@ -729,11 +729,11 @@ if(system "\"$sshd\" -t -f $sshdconfig > $sshdlog 2>&1") {
|
||||
if((! -e $knownhosts) || (! -s $knownhosts)) {
|
||||
logmsg 'generating ssh client known hosts file...' if($verbose);
|
||||
unlink($knownhosts);
|
||||
- if(open(DSAKEYFILE, "<$hstpubkeyf")) {
|
||||
- my @dsahostkey = do { local $/ = ' '; <DSAKEYFILE> };
|
||||
- if(close(DSAKEYFILE)) {
|
||||
+ if(open(RSAKEYFILE, "<$hstpubkeyf")) {
|
||||
+ my @rsahostkey = do { local $/ = ' '; <RSAKEYFILE> };
|
||||
+ if(close(RSAKEYFILE)) {
|
||||
if(open(KNOWNHOSTS, ">$knownhosts")) {
|
||||
- print KNOWNHOSTS "$listenaddr ssh-dss $dsahostkey[1]\n";
|
||||
+ print KNOWNHOSTS "$listenaddr ssh-rsa $rsahostkey[1]\n";
|
||||
if(!close(KNOWNHOSTS)) {
|
||||
$error = "Error: cannot close file $knownhosts";
|
||||
}
|
||||
--
|
||||
2.5.0
|
||||
|
||||
|
|
@ -22,6 +22,9 @@ Patch4: 0004-curl-7.43.0-CVE-2016-0755.patch
|
|||
# cookie: fix bug in export if any-domain cookie is present (#1311907)
|
||||
Patch5: 0005-curl-7.43.0-ef0fdb83.patch
|
||||
|
||||
# tests/sshserver.pl: use RSA instead of DSA for host auth
|
||||
Patch6: 0006-curl-7.43.0-effa575f.patch
|
||||
|
||||
# patch making libcurl multilib ready
|
||||
Patch101: 0101-curl-7.32.0-multilib.patch
|
||||
|
||||
|
|
@ -137,6 +140,7 @@ documentation of the library, too.
|
|||
%patch3 -p1
|
||||
%patch4 -p1
|
||||
%patch5 -p1
|
||||
%patch6 -p1
|
||||
|
||||
# Fedora patches
|
||||
%patch101 -p1
|
||||
|
|
|
|||
Loading…
Reference in New Issue