- dtucker@cvs.openbsd.org 2013/11/07 01:12:51
[regress/rekey.sh]
Factor out the data transfer rekey tests
+ - dtucker@cvs.openbsd.org 2013/11/07 02:48:38
+ [regress/integrity.sh regress/cipher-speed.sh regress/try-ciphers.sh]
+ Use ssh -Q instead of hardcoding lists of ciphers or MACs.
20131104
- (djm) OpenBSD CVS Sync
-# $OpenBSD: cipher-speed.sh,v 1.9 2013/05/17 04:29:14 dtucker Exp $
+# $OpenBSD: cipher-speed.sh,v 1.10 2013/11/07 02:48:38 dtucker Exp $
# Placed in the Public Domain.
tid="cipher speed"
tries="1 2"
-ciphers="aes128-cbc 3des-cbc blowfish-cbc cast128-cbc
- arcfour128 arcfour256 arcfour
- aes192-cbc aes256-cbc rijndael-cbc@lysator.liu.se
- aes128-ctr aes192-ctr aes256-ctr"
-config_defined OPENSSL_HAVE_EVPGCM && \
- ciphers="$ciphers aes128-gcm@openssh.com aes256-gcm@openssh.com"
-macs="hmac-sha1 hmac-md5 umac-64@openssh.com umac-128@openssh.com
- hmac-sha1-96 hmac-md5-96"
-config_defined HAVE_EVP_SHA256 && \
- macs="$macs hmac-sha2-256 hmac-sha2-512"
-
-for c in $ciphers; do n=0; for m in $macs; do
+for c in `${SSH} -Q cipher`; do n=0; for m in `${SSH} -Q mac`; do
trace "proto 2 cipher $c mac $m"
for x in $tries; do
printf "%-60s" "$c/$m:"
-# $OpenBSD: integrity.sh,v 1.10 2013/05/17 01:32:11 dtucker Exp $
+# $OpenBSD: integrity.sh,v 1.11 2013/11/07 02:48:38 dtucker Exp $
# Placed in the Public Domain.
tid="integrity"
# XXX and ssh tries to read...
tries=10
startoffset=2900
-macs="hmac-sha1 hmac-md5 umac-64@openssh.com umac-128@openssh.com
- hmac-sha1-96 hmac-md5-96
- hmac-sha1-etm@openssh.com hmac-md5-etm@openssh.com
- umac-64-etm@openssh.com umac-128-etm@openssh.com
- hmac-sha1-96-etm@openssh.com hmac-md5-96-etm@openssh.com"
-config_defined HAVE_EVP_SHA256 &&
- macs="$macs hmac-sha2-256 hmac-sha2-512
- hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com"
+macs=`${SSH} -Q mac`
# The following are not MACs, but ciphers with integrated integrity. They are
# handled specially below.
-config_defined OPENSSL_HAVE_EVPGCM && \
- macs="$macs aes128-gcm@openssh.com aes256-gcm@openssh.com"
+macs="$macs `${SSH} -Q cipher | grep gcm@openssh.com`"
# avoid DH group exchange as the extra traffic makes it harder to get the
# offset into the stream right.
-# $OpenBSD: try-ciphers.sh,v 1.20 2013/05/17 10:16:26 dtucker Exp $
+# $OpenBSD: try-ciphers.sh,v 1.21 2013/11/07 02:48:38 dtucker Exp $
# Placed in the Public Domain.
tid="try ciphers"
-ciphers="aes128-cbc 3des-cbc blowfish-cbc cast128-cbc
- arcfour128 arcfour256 arcfour
- aes192-cbc aes256-cbc rijndael-cbc@lysator.liu.se
- aes128-ctr aes192-ctr aes256-ctr"
-config_defined OPENSSL_HAVE_EVPGCM && \
- ciphers="$ciphers aes128-gcm@openssh.com aes256-gcm@openssh.com"
-macs="hmac-sha1 hmac-md5 umac-64@openssh.com umac-128@openssh.com
- hmac-sha1-96 hmac-md5-96
- hmac-sha1-etm@openssh.com hmac-md5-etm@openssh.com
- umac-64-etm@openssh.com umac-128-etm@openssh.com
- hmac-sha1-96-etm@openssh.com hmac-md5-96-etm@openssh.com
- hmac-ripemd160-etm@openssh.com"
-config_defined HAVE_EVP_SHA256 &&
- macs="$macs hmac-sha2-256 hmac-sha2-512
- hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com"
-
-for c in $ciphers; do
+for c in `${SSH} -Q cipher`; do
n=0
- for m in $macs; do
+ for m in `${SSH} -Q mac`; do
trace "proto 2 cipher $c mac $m"
verbose "test $tid: proto 2 cipher $c mac $m"
${SSH} -F $OBJ/ssh_proxy -2 -m $m -c $c somehost true
projects / thirdparty / openssh-portable.git / commitdiff
