-# $OpenBSD: cert-hostkey.sh,v 1.30 2025/12/22 03:36:43 djm Exp $
+# $OpenBSD: cert-hostkey.sh,v 1.31 2026/02/11 22:58:23 djm Exp $
# Placed in the Public Domain.
tid="certified host keys"
attempt_connect "$ktype basic connect" "yes"
attempt_connect "$ktype empty KRL" "yes" \
-oRevokedHostKeys=$OBJ/host_krl_empty
+ attempt_connect "$ktype multiple KRL files" "no" \
+ -oRevokedHostKeys="/dev/null $OBJ/host_krl_plain"
attempt_connect "$ktype KRL w/ plain key revoked" "no" \
-oRevokedHostKeys=$OBJ/host_krl_plain
attempt_connect "$ktype KRL w/ cert revoked" "no" \
-# $OpenBSD: cert-userkey.sh,v 1.31 2025/12/22 01:50:46 djm Exp $
+# $OpenBSD: cert-userkey.sh,v 1.32 2026/02/11 22:58:23 djm Exp $
# Placed in the Public Domain.
tid="certified user keys"
verbose "$tid: ${_prefix} revoked key"
(
cat $OBJ/sshd_proxy_bak
- echo "RevokedKeys $OBJ/cert_user_key_revoked"
+ # Also test multiple RevokedKeys files.
+ echo "RevokedKeys /dev/null $OBJ/cert_user_key_revoked"
echo "PubkeyAcceptedAlgorithms ${t}"
echo "$extra_sshd"
) > $OBJ/sshd_proxy
projects / thirdparty / openssh-portable.git / commitdiff
