openssh: applied upstream fix for "cert not yet valid" test

applied upstream fix for openssh's "cert not yet valid" test Upstream Status: Backport: ff31f15773 (From OE-Core rev: f0a949fe33da47fd0a587abb942ff60f0a56ed0d) Signed-off-by: Mingde (Matthew) Zeng<matthew.zeng@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2026-03-19 21:59:42 +01:00 · 2020-01-20 18:24:57 +01:00
parent 9896be8f75
commit ca9a8fb991
2 changed files with 61 additions and 0 deletions
--- a/meta/recipes-connectivity/openssh/openssh/0001-Manually-applied-upstream-fix-for-openssh-test.patch
+++ b/meta/recipes-connectivity/openssh/openssh/0001-Manually-applied-upstream-fix-for-openssh-test.patch
@@ -0,0 +1,60 @@
+From 0a68d6cfe255f8bcdd5f9db0d008a8f0a60b237a Mon Sep 17 00:00:00 2001
+From: "Mingde (Matthew) Zeng" <matthew.zeng@windriver.com>
+Date: Wed, 15 Jan 2020 15:51:42 -0500
+Subject: [PATCH] Manually applied upstream fix for openssh test
+
+Upstream Status: Backport:
+    https://github.com/openssh/openssh-portable/commit/ff31f15773ee173502eec4d7861ec56f26bba381
+
+Signed-off-by: Mingde (Matthew) Zeng<matthew.zeng@windriver.com>
+---
+ regress/cert-hostkey.sh | 4 ++--
+ regress/cert-userkey.sh | 5 ++---
+ 2 files changed, 4 insertions(+), 5 deletions(-)
+
+diff --git a/regress/cert-hostkey.sh b/regress/cert-hostkey.sh
+index 86ea6250..60e3ec02 100644
+--- a/regress/cert-hostkey.sh
+++ b/regress/cert-hostkey.sh
+@@ -1,4 +1,4 @@
+-#	$OpenBSD: cert-hostkey.sh,v 1.18 2019/07/25 08:28:15 dtucker Exp $
+#	$OpenBSD: cert-hostkey.sh,v 1.23 2020/01/03 03:02:26 djm Exp $
+ #	Placed in the Public Domain.
+
+ tid="certified host keys"
+@@ -252,7 +252,7 @@ test_one() {
+ test_one "user-certificate"	failure "-n $HOSTS"
+ test_one "empty principals"	success "-h"
+ test_one "wrong principals"	failure "-h -n foo"
+-test_one "cert not yet valid"	failure "-h -V20200101:20300101"
+test_one "cert not yet valid"	failure "-h -V20300101:20320101"
+ test_one "cert expired"		failure "-h -V19800101:19900101"
+ test_one "cert valid interval"	success "-h -V-1w:+2w"
+ test_one "cert has constraints"	failure "-h -Oforce-command=false"
+diff --git a/regress/cert-userkey.sh b/regress/cert-userkey.sh
+index 38c14a69..f0e30945 100644
+--- a/regress/cert-userkey.sh
+++ b/regress/cert-userkey.sh
+@@ -1,4 +1,4 @@
+-#	$OpenBSD: cert-userkey.sh,v 1.21 2019/07/25 08:28:15 dtucker Exp $
+#	$OpenBSD: cert-userkey.sh,v 1.25 2020/01/03 03:02:26 djm Exp $
+ #	Placed in the Public Domain.
+
+ tid="certified user keys"
+@@ -338,7 +338,7 @@ test_one() {
+ test_one "correct principal"	success "-n ${USER}"
+ test_one "host-certificate"	failure "-n ${USER} -h"
+ test_one "wrong principals"	failure "-n foo"
+-test_one "cert not yet valid"	failure "-n ${USER} -V20200101:20300101"
+test_one "cert not yet valid"	failure "-n ${USER} -V20300101:20320101"
+ test_one "cert expired"		failure "-n ${USER} -V19800101:19900101"
+ test_one "cert valid interval"	success "-n ${USER} -V-1w:+2w"
+ test_one "wrong source-address"	failure "-n ${USER} -Osource-address=10.0.0.0/8"
+@@ -399,4 +399,3 @@ done
+
+ rm -f $OBJ/authorized_keys_$USER $OBJ/user_ca_key* $OBJ/cert_user_key*
+ rm -f $OBJ/authorized_principals_$USER
+-
+--
+2.24.1
+
--- a/meta/recipes-connectivity/openssh/openssh_8.1p1.bb
+++ b/meta/recipes-connectivity/openssh/openssh_8.1p1.bb
@@ -26,6 +26,7 @@ SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar
           file://add-test-support-for-busybox.patch \
           file://openssh-8.1p1-seccomp-nanosleep.patch \
           file://0001-seccomp-Allow-clock_gettime64-in-sandbox.patch \
+           file://0001-Manually-applied-upstream-fix-for-openssh-test.patch \
           "
 SRC_URI[md5sum] = "513694343631a99841e815306806edf0"
 SRC_URI[sha256sum] = "02f5dbef3835d0753556f973cd57b4c19b6b1f6cd24c03445e23ac77ca1b93ff"