Lines Matching +full:- +full:- +full:exit +full:- +full:code
1 # $OpenBSD: cert-file.sh,v 1.5 2017/03/11 23:44:16 djm Exp $
6 rm -f $OBJ/user_ca_key* $OBJ/user_key*
7 rm -f $OBJ/cert_user_key*
10 ${SSHKEYGEN} -q -N '' -t ed25519 -f $OBJ/user_ca_key1 ||\
11 fatal "ssh-keygen failed"
12 ${SSHKEYGEN} -q -N '' -t ed25519 -f $OBJ/user_ca_key2 ||\
13 fatal "ssh-keygen failed"
16 ${SSHKEYGEN} -q -N '' -t ed25519 -f $OBJ/user_key1 || \
17 fatal "ssh-keygen failed"
18 ${SSHKEYGEN} -q -N '' -t ed25519 -f $OBJ/user_key2 || \
19 fatal "ssh-keygen failed"
20 ${SSHKEYGEN} -q -N '' -t ed25519 -f $OBJ/user_key3 || \
21 fatal "ssh-keygen failed"
22 ${SSHKEYGEN} -q -N '' -t ed25519 -f $OBJ/user_key4 || \
23 fatal "ssh-keygen failed"
24 ${SSHKEYGEN} -q -N '' -t ed25519 -f $OBJ/user_key5 || \
25 fatal "ssh-keygen failed"
29 ${SSHKEYGEN} -q -s $OBJ/user_ca_key1 -I "regress user key for $USER" \
30 -z $$ -n ${USER} $OBJ/user_key1 ||
32 mv $OBJ/user_key1-cert.pub $OBJ/cert_user_key1_1.pub
33 ${SSHKEYGEN} -q -s $OBJ/user_ca_key2 -I "regress user key for $USER" \
34 -z $$ -n ${USER} $OBJ/user_key1 ||
36 mv $OBJ/user_key1-cert.pub $OBJ/cert_user_key1_2.pub
37 ${SSHKEYGEN} -q -s $OBJ/user_ca_key1 -I "regress user key for $USER" \
38 -z $$ -n ${USER} $OBJ/user_key3 ||
41 ${SSHKEYGEN} -q -s $OBJ/user_ca_key1 -I "regress user key for $USER" \
42 -z $$ -n ${USER} $OBJ/user_key4 ||
47 opts="-F $OBJ/ssh_proxy -oIdentitiesOnly=yes"
48 opts2="$opts -i $OBJ/user_key1 -i $OBJ/user_key2"
49 echo "cert-authority $(cat $OBJ/user_ca_key1.pub)" > $OBJ/authorized_keys_$USER
51 # Make a clean config that doesn't have any pre-added identities.
52 cat $OBJ/ssh_proxy | grep -v IdentityFile > $OBJ/no_identity_config
58 # Key with no .pub should work - finding the equivalent *-cert.pub.
60 ${SSH} -F $OBJ/no_identity_config -oIdentitiesOnly=yes \
61 -i $OBJ/user_key3 somehost exit 5$p
62 [ $? -ne 5$p ] && fail "ssh failed"
66 ${SSH} -F $OBJ/no_identity_config -oIdentitiesOnly=yes \
67 -oCertificateFile=$OBJ/user_key3-cert.pub \
68 -i $OBJ/user_key3 somehost exit 5$p
69 [ $? -ne 5$p ] && fail "ssh failed"
73 ${SSH} $opts2 somehost exit 5$p
75 if [ $r -eq 5$p ]; then
81 opts3="$opts2 -oCertificateFile=$OBJ/cert_user_key1_2.pub"
82 ${SSH} $opts3 somehost exit 5$p
84 if [ $r -eq 5$p ]; then
90 opts3="$opts -i $OBJ/user_key2"
91 opts3="$opts3 -oCertificateFile=$OBJ/cert_user_key1_1.pub"
92 ${SSH} $opts3 somehost exit 5$p
94 if [ $r -eq 5$p ]; then
100 opts3="$opts2 -oCertificateFile=$OBJ/cert_user_key1_1.pub"
101 ${SSH} $opts3 somehost exit 5$p
103 if [ $r -ne 5$p ]; then
109 opts3="$opts2 -oCertificateFile=$OBJ/cert_user_key1_2.pub"
110 opts3="$opts3 -oCertificateFile=$OBJ/cert_user_key1_1.pub"
111 ${SSH} $opts3 somehost exit 5$p
113 if [ $r -ne 5$p ]; then
119 SSH_AUTH_SOCK=/nonexistent ${SSHADD} -l > /dev/null 2>&1
120 if [ $? -ne 2 ]; then
121 fatal "ssh-add -l did not fail with exit code 2"
125 eval `${SSHAGENT} -s` > /dev/null
127 if [ $r -ne 0 ]; then
128 fatal "could not start ssh-agent: exit code $r"
132 ${SSHADD} -k $OBJ/user_key2 > /dev/null 2>&1
133 if [ $? -ne 0 ]; then
134 fatal "ssh-add did not succeed with exit code 0"
136 ${SSHADD} -k $OBJ/user_key1 > /dev/null 2>&1
137 if [ $? -ne 0 ]; then
138 fatal "ssh-add did not succeed with exit code 0"
143 opts="-F $OBJ/ssh_proxy"
145 ${SSH} -2 $opts somehost exit 52
146 if [ $? -eq 52 ]; then
151 opts="$opts -oCertificateFile=$OBJ/cert_user_key1_2.pub"
152 ${SSH} -2 $opts somehost exit 52
153 if [ $? -eq 52 ]; then
158 opts="$opts -oCertificateFile=$OBJ/cert_user_key1_1.pub"
159 ${SSH} -2 $opts somehost exit 52
160 if [ $? -ne 52 ]; then
165 ${SSHAGENT} -k > /dev/null
168 rm -f $OBJ/user_ca_key* $OBJ/user_key*
169 rm -f $OBJ/cert_user_key*