upstream: test that UserKnownHostsFile correctly accepts multiple

author djm@openbsd.org <djm@openbsd.org>

Tue, 8 Jun 2021 22:30:27 +0000 (22:30 +0000)

committer Damien Miller <djm@mindrot.org>

Tue, 8 Jun 2021 22:38:51 +0000 (08:38 +1000)
author djm@openbsd.org <djm@openbsd.org>
Tue, 8 Jun 2021 22:30:27 +0000 (22:30 +0000)
committer Damien Miller <djm@mindrot.org>
Tue, 8 Jun 2021 22:38:51 +0000 (08:38 +1000)
diff --git a/regress/cert-hostkey.sh b/regress/cert-hostkey.sh

index ebf6c903925c21809d3ac60f436f2d87279d7fc1..de8652b0e5e274376cc0fda74383ed8f478b309b 100644 (file)
--- a/regress/cert-hostkey.sh
+++ b/regress/cert-hostkey.sh
@@ -1,4 +1,4 @@
-#      $OpenBSD: cert-hostkey.sh,v 1.24 2021/02/25 03:27:34 djm Exp $
+#      $OpenBSD: cert-hostkey.sh,v 1.25 2021/06/08 22:30:27 djm Exp $
  #      Placed in the Public Domain.
  
  tid="certified host keys"
@@ -283,11 +283,17 @@ for ktype in $PLAIN_TYPES ; do
         ) > $OBJ/sshd_proxy
  
         ${SSH} -oUserKnownHostsFile=$OBJ/known_hosts-cert \
-           -oGlobalKnownHostsFile=$OBJ/known_hosts-cert \
-               -F $OBJ/ssh_proxy somehost true
+           -oGlobalKnownHostsFile=none -F $OBJ/ssh_proxy somehost true
         if [ $? -ne 0 ]; then
                 fail "ssh cert connect failed"
         fi
+       # Also check that it works when the known_hosts file is not in the
+       # first array position.
+       ${SSH} -oUserKnownHostsFile="/dev/null $OBJ/known_hosts-cert" \
+           -oGlobalKnownHostsFile=none -F $OBJ/ssh_proxy somehost true
+       if [ $? -ne 0 ]; then
+               fail "ssh cert connect failed known_hosts 2nd"
+       fi
  done
  
  # Wrong certificate
author	djm@openbsd.org <djm@openbsd.org>
	Tue, 8 Jun 2021 22:30:27 +0000 (22:30 +0000)
committer	Damien Miller <djm@mindrot.org>
	Tue, 8 Jun 2021 22:38:51 +0000 (08:38 +1000)