From 0b6b94e6b6152f15cf4c2247c5974f539aae28cd Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Wed, 10 Apr 2024 21:49:46 +0200
Subject: Adding upstream version 1:9.6p1.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 regress/connect-privsep.sh | 34 ++++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)
 create mode 100644 regress/connect-privsep.sh

(limited to 'regress/connect-privsep.sh')

diff --git a/regress/connect-privsep.sh b/regress/connect-privsep.sh
new file mode 100644
index 0000000..8970340
--- /dev/null
+++ b/regress/connect-privsep.sh
@@ -0,0 +1,34 @@
+#	$OpenBSD: connect-privsep.sh,v 1.9 2017/04/30 23:34:55 djm Exp $
+#	Placed in the Public Domain.
+
+tid="proxy connect with privsep"
+
+cp $OBJ/sshd_proxy $OBJ/sshd_proxy.orig
+echo 'UsePrivilegeSeparation yes' >> $OBJ/sshd_proxy
+
+${SSH} -F $OBJ/ssh_proxy 999.999.999.999 true
+if [ $? -ne 0 ]; then
+	fail "ssh privsep+proxyconnect failed"
+fi
+
+cp $OBJ/sshd_proxy.orig $OBJ/sshd_proxy
+echo 'UsePrivilegeSeparation sandbox' >> $OBJ/sshd_proxy
+
+${SSH} -F $OBJ/ssh_proxy 999.999.999.999 true
+if [ $? -ne 0 ]; then
+	fail "ssh privsep/sandbox+proxyconnect failed"
+fi
+
+# Because sandbox is sensitive to changes in libc, especially malloc, retest
+# with every malloc.conf option (and none).
+if [ -z "$TEST_MALLOC_OPTIONS" ]; then
+	mopts="C F G J R S U X < >"
+else
+	mopts=`echo $TEST_MALLOC_OPTIONS | sed 's/./& /g'`
+fi
+for m in '' $mopts ; do
+	env MALLOC_OPTIONS="$m" ${SSH} -F $OBJ/ssh_proxy 999.999.999.999 true
+	if [ $? -ne 0 ]; then
+		fail "ssh privsep/sandbox+proxyconnect mopt '$m' failed"
+	fi
+done
-- 
cgit v1.2.3