upstream commit

regress test for ExposeAuthInfo

Upstream-Regress-ID: 190e5b6866376f4061c411ab157ca4d4e7ae86fd

2 files changed, 20 insertions, 2 deletions

diff --git a/regress/Makefile b/regress/Makefile
index f968c416..7d50f9cf 100644
--- a/regress/Makefile
+++ b/regress/Makefile
@@ -1,4 +1,4 @@
-#	$OpenBSD: Makefile,v 1.94 2016/12/16 03:51:19 dtucker Exp $
+#	$OpenBSD: Makefile,v 1.95 2017/06/24 06:35:24 djm Exp $
 
 REGRESS_TARGETS=	unit t1 t2 t3 t4 t5 t6 t7 t8 t9 t10 t11 t12 t-exec
 tests:		prep $(REGRESS_TARGETS)
@@ -79,7 +79,8 @@ LTESTS= 	connect \
 		principals-command \
 		cert-file \
 		cfginclude \
-		allow-deny-users
+		allow-deny-users \
+		authinfo
 
 
 #		dhgex \
diff --git a/regress/authinfo.sh b/regress/authinfo.sh
new file mode 100644
index 00000000..e725296c
--- /dev/null
+++ b/regress/authinfo.sh
@@ -0,0 +1,17 @@
+#	$OpenBSD: authinfo.sh,v 1.1 2017/06/24 06:35:24 djm Exp $
+#	Placed in the Public Domain.
+
+tid="authinfo"
+
+# Ensure the environment variable doesn't leak when ExposeAuthInfo=no.
+verbose "ExposeAuthInfo=no"
+env SSH_USER_AUTH=blah ${SSH} -F $OBJ/ssh_proxy x \
+	'test -z "$SSH_USER_AUTH"' || fail "SSH_USER_AUTH present"
+
+verbose "ExposeAuthInfo=yes"
+echo ExposeAuthInfo=yes >> $OBJ/sshd_proxy
+${SSH} -F $OBJ/ssh_proxy x \
+	'grep ^publickey "$SSH_USER_AUTH" /dev/null >/dev/null' ||
+	fail "ssh with ExposeAuthInfo failed"
+
+# XXX test multiple auth and key contents