summaryrefslogtreecommitdiffstats
path: root/regress/unittests/authopt/testdata/mktestdata.sh
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 14:40:04 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 14:40:04 +0000
commit25505898530a333011f4fd5cbc841ad6b26c089c (patch)
tree333a33fdd60930bcccc3f177ed9467d535e9bac6 /regress/unittests/authopt/testdata/mktestdata.sh
parentInitial commit. (diff)
downloadopenssh-b503b34536f98116d1873eb2dc80dddf75554e63.tar.xz
openssh-b503b34536f98116d1873eb2dc80dddf75554e63.zip
Adding upstream version 1:9.2p1.upstream/1%9.2p1upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'regress/unittests/authopt/testdata/mktestdata.sh')
-rw-r--r--regress/unittests/authopt/testdata/mktestdata.sh48
1 files changed, 48 insertions, 0 deletions
diff --git a/regress/unittests/authopt/testdata/mktestdata.sh b/regress/unittests/authopt/testdata/mktestdata.sh
new file mode 100644
index 0000000..06a24e3
--- /dev/null
+++ b/regress/unittests/authopt/testdata/mktestdata.sh
@@ -0,0 +1,48 @@
+#/bin/sh
+
+set -xe
+
+rm -f ca_key ca_key.pub
+rm -f user_key user_key.pub
+rm -f *.cert
+
+ssh-keygen -q -f ca_key -t ed25519 -C CA -N ''
+ssh-keygen -q -f user_key -t ed25519 -C "user key" -N ''
+
+sign() {
+ output=$1
+ shift
+ set -xe
+ ssh-keygen -q -s ca_key -I user -n user \
+ -V 19990101:19991231 -z 1 "$@" user_key.pub
+ mv user_key-cert.pub "$output"
+}
+
+sign all_permit.cert -Opermit-agent-forwarding -Opermit-port-forwarding \
+ -Opermit-pty -Opermit-user-rc -Opermit-X11-forwarding
+sign no_permit.cert -Oclear
+
+sign no_agentfwd.cert -Ono-agent-forwarding
+sign no_portfwd.cert -Ono-port-forwarding
+sign no_pty.cert -Ono-pty
+sign no_user_rc.cert -Ono-user-rc
+sign no_x11fwd.cert -Ono-X11-forwarding
+
+sign only_agentfwd.cert -Oclear -Opermit-agent-forwarding
+sign only_portfwd.cert -Oclear -Opermit-port-forwarding
+sign only_pty.cert -Oclear -Opermit-pty
+sign only_user_rc.cert -Oclear -Opermit-user-rc
+sign only_x11fwd.cert -Oclear -Opermit-X11-forwarding
+
+sign force_command.cert -Oforce-command="foo"
+sign sourceaddr.cert -Osource-address="127.0.0.1/32,::1/128"
+
+# ssh-keygen won't permit generation of certs with invalid source-address
+# values, so we do it as a custom extension.
+sign bad_sourceaddr.cert -Ocritical:source-address=xxxxx
+
+sign unknown_critical.cert -Ocritical:blah=foo
+
+sign host.cert -h
+
+rm -f user_key ca_key user_key.pub ca_key.pub