upstream: penalty test is still a bit racy

author djm@openbsd.org <djm@openbsd.org>

Sun, 16 Jun 2024 08:18:06 +0000 (08:18 +0000)

committer Damien Miller <djm@mindrot.org>

Sun, 16 Jun 2024 08:18:43 +0000 (18:18 +1000)
author djm@openbsd.org <djm@openbsd.org>
Sun, 16 Jun 2024 08:18:06 +0000 (08:18 +0000)
committer Damien Miller <djm@mindrot.org>
Sun, 16 Jun 2024 08:18:43 +0000 (18:18 +1000)
diff --git a/regress/penalty.sh b/regress/penalty.sh

index 9556b31f707e663bf07bcdc05b571f35cd064a55..8b83532381118b8418665e7ce8b4b2a0bdd4a629 100644 (file)
--- a/regress/penalty.sh
+++ b/regress/penalty.sh
@@ -25,14 +25,17 @@ verbose "penalty for authentication failure"
  cat /dev/null > $OBJ/authorized_keys_${USER}
  ${SSH} -F $OBJ/ssh_config somehost true && fatal "noauth connect succeeded"
  cp $OBJ/authorized_keys_${USER}.bak $OBJ/authorized_keys_${USER}
+sleep 2
  
  # Should be below penalty threshold
  ${SSH} -F $OBJ/ssh_config somehost true || fatal "authfail not expired"
+sleep 2
  
  # Fail authentication again; penalty should activate
  cat /dev/null > $OBJ/authorized_keys_${USER}
  ${SSH} -F $OBJ/ssh_config somehost true && fatal "noauth connect succeeded"
  cp $OBJ/authorized_keys_${USER}.bak $OBJ/authorized_keys_${USER}
+sleep 2
  
  # These should be refused by the active penalty
  ${SSH} -F $OBJ/ssh_config somehost true && fail "authfail not rejected"
@@ -42,6 +45,7 @@ conf "noauth:100s"
  ${SSH} -F $OBJ/ssh_config somehost true || fatal "basic connect failed"
  verbose "penalty for no authentication"
  ${SSHKEYSCAN} -t ssh-ed25519 -p $PORT 127.0.0.1 >/dev/null || fatal "keyscan failed"
+sleep 2
  
  # Repeat attempt should be penalised
  ${SSHKEYSCAN} -t ssh-ed25519 -p $PORT 127.0.0.1 >/dev/null 2>&1 && fail "keyscan not rejected"
author	djm@openbsd.org <djm@openbsd.org>
	Sun, 16 Jun 2024 08:18:06 +0000 (08:18 +0000)
committer	Damien Miller <djm@mindrot.org>
	Sun, 16 Jun 2024 08:18:43 +0000 (18:18 +1000)