diff options
| author | Damien Miller <djm@mindrot.org> | 2013-02-14 00:14:51 +0100 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2013-02-14 00:14:51 +0100 |
| commit | 2653f5c0a67c403ff14403b9aac94e6a53f6bbf9 (patch) | |
| tree | 54cbcf78c12650a479913acce35c55d8c35f6a49 /regress | |
| parent | - (djm) [regress/try-ciphers.sh] clean up CVS merge botch (diff) | |
| download | openssh-2653f5c0a67c403ff14403b9aac94e6a53f6bbf9.tar.xz openssh-2653f5c0a67c403ff14403b9aac94e6a53f6bbf9.zip | |
- (djm) [regress/krl.sh] Don't use ecdsa keys in environment that lack ECC.
Diffstat (limited to 'regress')
| -rw-r--r-- | regress/krl.sh | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/regress/krl.sh b/regress/krl.sh index 46a2ad3f9..1e767f335 100644 --- a/regress/krl.sh +++ b/regress/krl.sh @@ -3,13 +3,19 @@ tid="key revocation lists" +# If we don't support ecdsa keys then this tell will be much slower. +ECDSA=ecdsa +if test "x$TEST_SSH_ECC" != "xyes"; then + $ECDSA=rsa +fi + # Do most testing with ssh-keygen; it uses the same verification code as sshd. # Old keys will interfere with ssh-keygen. rm -f $OBJ/revoked-* $OBJ/krl-* # Generate a CA key -$SSHKEYGEN -t ecdsa -f $OBJ/revoked-ca -C "" -N "" > /dev/null || +$SSHKEYGEN -t $ECDSA -f $OBJ/revoked-ca -C "" -N "" > /dev/null || fatal "$SSHKEYGEN CA failed" # A specification that revokes some certificates by serial numbers @@ -48,7 +54,7 @@ keygen() { N=$1 f=$OBJ/revoked-`printf "%04d" $N` # Vary the keytype. We use mostly ECDSA since this is fastest by far. - keytype=ecdsa + keytype=$ECDSA case $N in 2 | 10 | 510 | 1001) keytype=rsa;; 4 | 30 | 520 | 1002) keytype=dsa;; |