upstream commit

regress test for ExposeAuthInfo

Upstream-Regress-ID: 190e5b6866376f4061c411ab157ca4d4e7ae86fd

diff --git a/regress/Makefile b/regress/Makefile
index f968c4161fdfa428e0db4f36588e3202a9693149..7d50f9cfa4377e99411ea356d7ea78043023b482 100644 (file)
--- a/regress/Makefile
+++ b/regress/Makefile
@@ -1,4 +1,4 @@
-#      $OpenBSD: Makefile,v 1.94 2016/12/16 03:51:19 dtucker Exp $
+#      $OpenBSD: Makefile,v 1.95 2017/06/24 06:35:24 djm Exp $
 
 REGRESS_TARGETS=       unit t1 t2 t3 t4 t5 t6 t7 t8 t9 t10 t11 t12 t-exec
 tests:         prep $(REGRESS_TARGETS)
@@ -79,7 +79,8 @@ LTESTS=       connect \
                principals-command \
                cert-file \
                cfginclude \
-               allow-deny-users
+               allow-deny-users \
+               authinfo
 
 
 #              dhgex \

diff --git a/regress/authinfo.sh b/regress/authinfo.sh
new file mode 100644 (file)
index 0000000..e725296
--- /dev/null
+++ b/regress/authinfo.sh
@@ -0,0 +1,17 @@
+#      $OpenBSD: authinfo.sh,v 1.1 2017/06/24 06:35:24 djm Exp $
+#      Placed in the Public Domain.
+
+tid="authinfo"
+
+# Ensure the environment variable doesn't leak when ExposeAuthInfo=no.
+verbose "ExposeAuthInfo=no"
+env SSH_USER_AUTH=blah ${SSH} -F $OBJ/ssh_proxy x \
+       'test -z "$SSH_USER_AUTH"' || fail "SSH_USER_AUTH present"
+
+verbose "ExposeAuthInfo=yes"
+echo ExposeAuthInfo=yes >> $OBJ/sshd_proxy
+${SSH} -F $OBJ/ssh_proxy x \
+       'grep ^publickey "$SSH_USER_AUTH" /dev/null >/dev/null' ||
+       fail "ssh with ExposeAuthInfo failed"
+
+# XXX test multiple auth and key contents