Darren Tucker | 9468ba3 | 2004-02-29 20:38:26 +1100 | [diff] [blame] | 1 | # $OpenBSD: try-ciphers.sh,v 1.9 2004/02/28 13:44:45 dtucker Exp $ |
Damien Miller | 38cd435 | 2002-05-01 13:17:33 +1000 | [diff] [blame] | 2 | # Placed in the Public Domain. |
| 3 | |
| 4 | tid="try ciphers" |
| 5 | |
| 6 | ciphers="aes128-cbc 3des-cbc blowfish-cbc cast128-cbc arcfour |
Darren Tucker | 7643760 | 2003-06-18 22:43:13 +1000 | [diff] [blame] | 7 | aes192-cbc aes256-cbc rijndael-cbc@lysator.liu.se |
| 8 | aes128-ctr aes192-ctr aes256-ctr" |
Damien Miller | 38cd435 | 2002-05-01 13:17:33 +1000 | [diff] [blame] | 9 | macs="hmac-sha1 hmac-md5 hmac-sha1-96 hmac-md5-96" |
| 10 | |
| 11 | for c in $ciphers; do |
| 12 | for m in $macs; do |
| 13 | trace "proto 2 cipher $c mac $m" |
| 14 | verbose "test $tid: proto 2 cipher $c mac $m" |
| 15 | ${SSH} -F $OBJ/ssh_proxy -2 -m $m -c $c somehost true |
| 16 | if [ $? -ne 0 ]; then |
| 17 | fail "ssh -2 failed with mac $m cipher $c" |
| 18 | fi |
| 19 | done |
| 20 | done |
| 21 | |
| 22 | ciphers="3des blowfish" |
| 23 | for c in $ciphers; do |
| 24 | trace "proto 1 cipher $c" |
| 25 | verbose "test $tid: proto 1 cipher $c" |
| 26 | ${SSH} -F $OBJ/ssh_proxy -1 -c $c somehost true |
| 27 | if [ $? -ne 0 ]; then |
| 28 | fail "ssh -1 failed with cipher $c" |
| 29 | fi |
| 30 | done |
Darren Tucker | 9468ba3 | 2004-02-29 20:38:26 +1100 | [diff] [blame] | 31 | |
Tim Rice | af4ab6c | 2004-06-22 20:53:02 -0700 | [diff] [blame] | 32 | if ${SSH} -oCiphers=acss@openssh.org 2>&1 | grep "Bad SSH2 cipher" >/dev/null |
Darren Tucker | b099d85 | 2004-02-29 21:30:05 +1100 | [diff] [blame] | 33 | then |
Tim Rice | af4ab6c | 2004-06-22 20:53:02 -0700 | [diff] [blame] | 34 | : |
| 35 | else |
Darren Tucker | b099d85 | 2004-02-29 21:30:05 +1100 | [diff] [blame] | 36 | |
Darren Tucker | 9468ba3 | 2004-02-29 20:38:26 +1100 | [diff] [blame] | 37 | echo "Ciphers acss@openssh.org" >> $OBJ/sshd_proxy |
| 38 | c=acss@openssh.org |
| 39 | for m in $macs; do |
| 40 | trace "proto 2 $c mac $m" |
| 41 | verbose "test $tid: proto 2 cipher $c mac $m" |
| 42 | ${SSH} -F $OBJ/ssh_proxy -2 -m $m -c $c somehost true |
| 43 | if [ $? -ne 0 ]; then |
| 44 | fail "ssh -2 failed with mac $m cipher $c" |
| 45 | fi |
| 46 | done |
Darren Tucker | b099d85 | 2004-02-29 21:30:05 +1100 | [diff] [blame] | 47 | |
| 48 | fi |