From: Darren Tucker <dtucker@dtucker.net>
Date: Wed, 10 Aug 2022 07:35:52 +0000 (+1000)
Subject: Test hostbased auth on github runners.
X-Git-Tag: V_9_1_P1~65
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=fdbd5bf507fc271ff813714fab8a72ff2c6cb5ca;p=thirdparty%2Fopenssh-portable.git

Test hostbased auth on github runners.
---

diff --git a/.github/run_test.sh b/.github/run_test.sh
index adf2568ad..7ea216b8c 100755
--- a/.github/run_test.sh
+++ b/.github/run_test.sh
@@ -6,6 +6,20 @@
 
 set -ex
 
+# If we want to test hostbased auth, set up the host for it.
+if [ ! -z "$SUDO" ] && [ ! -x "$TEST_SSH_HOSTBASED_AUTH" ]; then
+    sshconf=/usr/local/etc
+    hostname | $SUDO tee $sshconf/shosts.equiv >/dev/null
+    echo "EnableSSHKeysign yes" | $SUDO tee $sshconf/ssh_config >/dev/null
+    $SUDO mkdir -p $sshconf
+    $SUDO cp -p /etc/ssh/ssh_host*key* $sshconf
+    $SUDO make install
+    for key in $sshconf/ssh_host*key*.pub; do
+        echo `hostname` `cat $key` | \
+            $SUDO tee -a $sshconf/ssh_known_hosts >/dev/null
+    done
+fi
+
 output_failed_logs() {
     for i in regress/failed*; do
         if [ -f "$i" ]; then
diff --git a/.github/workflows/c-cpp.yml b/.github/workflows/c-cpp.yml
index 8f6bd75e4..0ff56f03c 100644
--- a/.github/workflows/c-cpp.yml
+++ b/.github/workflows/c-cpp.yml
@@ -99,6 +99,7 @@ jobs:
       run: ./.github/run_test.sh ${{ matrix.configs }}
       env:
         TEST_SSH_UNSAFE_PERMISSIONS: 1
+        TEST_SSH_HOSTBASED_AUTH: yes
     - name: save logs
       if: failure()
       uses: actions/upload-artifact@v2