upstream: Add test for ssh -Oconninfo mux command.

daztucker · daztucker · commit b7dc1d95ee83 · 2025-12-05T18:05:57.000+11:00
OpenBSD-Regress-ID: e939edc41caad8b6ad00ff294f33b61ed32a1edd
diff --git a/regress/multiplex.sh b/regress/multiplex.sh
@@ -1,12 +1,12 @@
-#	$OpenBSD: multiplex.sh,v 1.37 2024/07/19 04:33:36 djm Exp $
+#	$OpenBSD: multiplex.sh,v 1.38 2025/12/05 06:55:22 dtucker Exp $
 #	Placed in the Public Domain.
 
-make_tmpdir
 CTL=${SSH_REGRESS_TMP}/ctl-sock
 
 tid="connection multiplexing"
 
 trace "will use ProxyCommand $proxycmd"
+make_tmpdir
 if config_defined DISABLE_FD_PASSING ; then
 	skip "not supported on this platform (FD passing disabled)"
 fi
@@ -24,6 +24,7 @@ wait_for_mux_master_ready()
 }
 
 maybe_add_scp_path_to_sshd
+enable_all_kexes_in_sshd
 start_sshd
 
 start_mux_master()
@@ -180,6 +181,13 @@ N=$(echo "xyzzy" | $NC -U $OBJ/unix-1.fwd 2>&1 | grep "xyzzy" | wc -l)
 test ${N} -eq 0 || fail "remote forward path still listening"
 rm -f $OBJ/unix-1.fwd
 
+verbose "test $tid: cmd conninfo"
+conninfo=`${SSH} -F $OBJ/ssh_config -S $CTL -Oconninfo otherhost` \
+     || fail "request remote forward failed"
+if echo "$conninfo" | ! egrep -- "-> 127.0.0.1:$port" >/dev/null; then
+       fail "conninfo"
+fi
+
 verbose "test $tid: cmd exit"
 ${SSH} -F $OBJ/ssh_config -S $CTL -Oexit otherhost >>$TEST_REGRESS_LOGFILE 2>&1 \
     || fail "send exit command failed" 
@@ -188,11 +196,28 @@ ${SSH} -F $OBJ/ssh_config -S $CTL -Oexit otherhost >>$TEST_REGRESS_LOGFILE 2>&1
 wait $SSH_PID
 kill -0 $SSH_PID >/dev/null 2>&1 && fail "exit command failed"
 
+# Enable compression and alternative kex for next conninfo test.
+if $SSH -Q compression | grep zlib@openssh.com >/dev/null; then
+       echo compression yes >>$OBJ/ssh_config
+       echo kexalgorithms curve25519-sha256 >>$OBJ/ssh_config
+       echo ciphers aes128-ctr >>$OBJ/ssh_config
+fi
+
 # Restart master and test -O stop command with master using -N
 verbose "test $tid: cmd stop"
 trace "restart master, fork to background"
 start_mux_master
 
+verbose "test $tid: cmd conninfo compression"
+conninfo=`${SSH} -F $OBJ/ssh_config -S $CTL -Oconninfo otherhost` \
+     || fail "request remote forward failed"
+if ! echo "$conninfo" | grep "compression zlib" >/dev/null ||
+    ! echo "$conninfo" | grep "compressed" >/dev/null ||
+    ! echo "$conninfo" | grep "kexalgorithm curve25519-sha256" >/dev/null ||
+    ! echo "$conninfo" | grep "cipher aes128-ctr" >/dev/null; then
+       fail "conninfo compression"
+fi
+
 # start a long-running command then immediately request a stop
 ${SSH} -F $OBJ/ssh_config -S $CTL otherhost "sleep 10; exit 0" \
      >>$TEST_REGRESS_LOGFILE 2>&1 &
diff --git a/regress/test-exec.sh b/regress/test-exec.sh
@@ -1,4 +1,4 @@
-#	$OpenBSD: test-exec.sh,v 1.135 2025/11/24 23:56:58 djm Exp $
+#	$OpenBSD: test-exec.sh,v 1.136 2025/12/05 06:55:22 dtucker Exp $
 #	Placed in the Public Domain.
 
 #SUDO=sudo
@@ -910,6 +910,12 @@ start_sshd ()
 	test -f $PIDFILE || fatal "no sshd running on port $PORT"
 }
 
+enable_all_kexes_in_sshd ()
+{
+       kexs=`$SSH -Q KexAlgorithms | tr '\n' , | sed 's/,$//'`
+       echo KexAlgorithms $kexs >>$OBJ/sshd_config
+}
+
 # Find a PKCS#11 library.
 p11_find_lib() {
 	TEST_SSH_PKCS11=""
