2015-06-24 19:04:26 +03:00
|
|
|
project(libssh-tests C)
|
2010-03-02 15:47:14 +03:00
|
|
|
|
2014-02-02 23:56:21 +04:00
|
|
|
if (BSD OR SOLARIS OR OSX)
|
2011-08-09 21:52:26 +04:00
|
|
|
find_package(Argp)
|
2014-02-02 23:56:21 +04:00
|
|
|
endif (BSD OR SOLARIS OR OSX)
|
2011-01-13 20:34:04 +03:00
|
|
|
|
2010-03-02 15:47:14 +03:00
|
|
|
set(TORTURE_LIBRARY torture)
|
|
|
|
|
2019-11-06 11:43:49 +03:00
|
|
|
include_directories(${OPENSSL_INCLUDE_DIR}
|
|
|
|
${CMOCKA_INCLUDE_DIR}
|
|
|
|
${ZLIB_INCLUDE_DIR}
|
2020-04-15 10:14:23 +03:00
|
|
|
${libssh_BINARY_DIR}/include
|
2019-11-06 11:43:49 +03:00
|
|
|
${libssh_BINARY_DIR}
|
|
|
|
${libssh_SOURCE_DIR}/src
|
2020-12-15 15:35:06 +03:00
|
|
|
${CMAKE_SOURCE_DIR}/include
|
2019-10-16 12:16:17 +03:00
|
|
|
${CMAKE_CURRENT_SOURCE_DIR}
|
|
|
|
${CMAKE_BINARY_DIR}/tests)
|
2010-03-02 15:47:14 +03:00
|
|
|
|
2015-05-05 20:09:51 +03:00
|
|
|
set(TORTURE_LINK_LIBRARIES
|
|
|
|
${CMOCKA_LIBRARY}
|
2019-11-06 11:06:05 +03:00
|
|
|
ssh::static)
|
2015-05-05 20:09:51 +03:00
|
|
|
|
2010-03-02 15:47:14 +03:00
|
|
|
# create test library
|
2018-01-09 23:30:50 +03:00
|
|
|
add_library(${TORTURE_LIBRARY}
|
|
|
|
STATIC
|
|
|
|
cmdline.c
|
|
|
|
torture.c
|
|
|
|
torture_key.c
|
2018-06-30 14:48:17 +03:00
|
|
|
torture_pki.c
|
|
|
|
torture_cmocka.c)
|
2018-01-09 23:30:50 +03:00
|
|
|
target_link_libraries(${TORTURE_LIBRARY} ${TORTURE_LINK_LIBRARIES})
|
2018-09-18 16:28:48 +03:00
|
|
|
target_compile_options(${TORTURE_LIBRARY} PRIVATE
|
|
|
|
-DSSH_PING_EXECUTABLE="${CMAKE_CURRENT_BINARY_DIR}/ssh_ping"
|
|
|
|
)
|
2018-01-09 23:30:50 +03:00
|
|
|
|
2020-12-15 15:35:06 +03:00
|
|
|
# The shared version of the library is only useful when client testing is
|
|
|
|
# enabled
|
|
|
|
if (CLIENT_TESTING)
|
|
|
|
# create shared test library
|
|
|
|
set(TORTURE_SHARED_LIBRARY torture_shared)
|
|
|
|
|
|
|
|
if (MINGW)
|
|
|
|
set(USE_ATTRIBUTE_WEAK "-DUSE_ATTRIBUTE_WEAK")
|
|
|
|
endif ()
|
|
|
|
|
|
|
|
# Create a list of symbols that should be wrapped for override test
|
|
|
|
set(WRAP_SYMBOLS "")
|
|
|
|
list(APPEND WRAP_SYMBOLS
|
|
|
|
"-Wl,--wrap=chacha_keysetup"
|
|
|
|
"-Wl,--wrap=chacha_ivsetup"
|
|
|
|
"-Wl,--wrap=chacha_encrypt_bytes")
|
|
|
|
list(APPEND WRAP_SYMBOLS "-Wl,--wrap=poly1305_auth")
|
|
|
|
list(APPEND WRAP_SYMBOLS
|
|
|
|
"-Wl,--wrap=crypto_sign_ed25519_keypair"
|
|
|
|
"-Wl,--wrap=crypto_sign_ed25519"
|
|
|
|
"-Wl,--wrap=crypto_sign_ed25519_open")
|
|
|
|
list(APPEND WRAP_SYMBOLS
|
|
|
|
"-Wl,--wrap=crypto_scalarmult_base"
|
|
|
|
"-Wl,--wrap=crypto_scalarmult")
|
|
|
|
|
|
|
|
add_library(${TORTURE_SHARED_LIBRARY}
|
|
|
|
SHARED
|
|
|
|
cmdline.c
|
|
|
|
torture.c
|
|
|
|
torture_key.c
|
|
|
|
torture_pki.c
|
|
|
|
torture_cmocka.c
|
|
|
|
)
|
|
|
|
target_link_libraries(${TORTURE_SHARED_LIBRARY}
|
|
|
|
${CMOCKA_LIBRARY}
|
|
|
|
ssh::static
|
|
|
|
${WRAP_SYMBOLS}
|
|
|
|
)
|
|
|
|
target_compile_options(${TORTURE_SHARED_LIBRARY} PRIVATE
|
|
|
|
-DSSH_PING_EXECUTABLE="${CMAKE_CURRENT_BINARY_DIR}/ssh_ping"
|
|
|
|
${USE_ATTRIBUTE_WEAK}
|
|
|
|
)
|
|
|
|
endif ()
|
|
|
|
|
2016-03-17 12:45:40 +03:00
|
|
|
if (ARGP_LIBRARY)
|
|
|
|
target_link_libraries(${TORTURE_LIBRARY}
|
2016-03-17 12:42:52 +03:00
|
|
|
${ARGP_LIBRARY}
|
|
|
|
)
|
|
|
|
endif()
|
2010-03-02 15:47:14 +03:00
|
|
|
|
2010-12-29 22:17:36 +03:00
|
|
|
set(TEST_TARGET_LIBRARIES
|
|
|
|
${TORTURE_LIBRARY}
|
2015-05-05 20:09:51 +03:00
|
|
|
${TORTURE_LINK_LIBRARIES}
|
2010-12-29 22:17:36 +03:00
|
|
|
)
|
2010-03-02 15:47:14 +03:00
|
|
|
|
|
|
|
add_subdirectory(unittests)
|
tests: introduce pkd_hello
Introduce a sample public-key testing daemon to the 'pkd' test directory,
and add support code for cycling through various combinations of different
key exchange, cipher, and MAC algorithms.
The goal of the 'pkd_hello' test is to make it easy to test interactions
between non-libssh clients and a libssh-server, and to provide a starting
point for testing new implementations for key types, ciphers, MACs, and
so on. The thinking is that testing a new algorithm should be as simple
as adding a new line for it in the PKDTESTS_* lists.
Macros are used to generate the tests and helper functions for a couple of
clients -- here, OpenSSH and dropbear are included for the first cut. If
binaries are found for these clients, their test lists will be enabled;
when binaries are not found for a given client, those tests are skipped.
Tests are run in one large batch by default, but can also be run individually
to help with tracking down things like signature bugs that may take many
iterations to reproduce.
Each test logs its stdout and stderr to its own file, which is cleaned up
when a test succeeds. For failures, those logs can be combined with verbose
libssh output from pkd itself to start debugging things.
Some example usages:
pkd_hello
Run all tests with default number of iterations.
pkd_hello --list
List available individual test names.
pkd_hello -i 1000 -t torture_pkd_openssh_ecdsa_256_ecdh_sha2_nistp256
Run only the torture_pkd_openssh_ecdsa_256_ecdh_sha2_nistp256
testcase 1000 times.
pkd_hello -v -v -v -v -e -o
Run all tests with maximum libssh and pkd logging.
Included in the tests are passes for all existing kex, cipher, and MAC
algorithms.
BUG: https://red.libssh.org/issues/144
Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2014-10-10 23:38:45 +04:00
|
|
|
|
2019-10-11 18:07:32 +03:00
|
|
|
# OpenSSH Capabilities are required for all unit tests
|
|
|
|
find_program(SSH_EXECUTABLE NAMES ssh)
|
|
|
|
if (SSH_EXECUTABLE)
|
|
|
|
execute_process(COMMAND ${SSH_EXECUTABLE} -V ERROR_VARIABLE OPENSSH_VERSION_STR)
|
|
|
|
string(REGEX REPLACE "^.*OpenSSH_([0-9]).[0-9].*$" "\\1" OPENSSH_VERSION_MAJOR "${OPENSSH_VERSION_STR}")
|
|
|
|
string(REGEX REPLACE "^.*OpenSSH_[0-9].([0-9]).*$" "\\1" OPENSSH_VERSION_MINOR "${OPENSSH_VERSION_STR}")
|
|
|
|
set(OPENSSH_VERSION "${OPENSSH_VERSION_MAJOR}.${OPENSSH_VERSION_MINOR}")
|
|
|
|
if("${OPENSSH_VERSION}" VERSION_LESS "6.3")
|
|
|
|
# ssh - Q was introduced in 6.3
|
|
|
|
message("Version less than 6.3, hardcoding cipher list")
|
|
|
|
set(OPENSSH_CIPHERS "aes128-ctr\naes192-ctr\naes256-ctr\narcfour256\narcfour128\naes128-gcm@openssh.com\naes256-gcm@openssh.com\naes128-cbc\n3des-cbc\nblowfish-cbc\ncast128-cbc\naes192-cbc\naes256-cbc\narcfour\nrijndael-cbc@lysator.liu.se\n")
|
|
|
|
set(OPENSSH_MACS "hmac-md5-etm@openssh.com\nhmac-sha1-etm@openssh.com\numac-64-etm@openssh.com\numac-128-etm@openssh.com\nhmac-sha2-256-etm@openssh.com\nhmac-sha2-512-etm@openssh.com\nhmac-ripemd160-etm@openssh.com\nhmac-sha1-96-etm@openssh.com\nhmac-md5-96-etm@openssh.com\nhmac-md5\nhmac-sha1\numac-64@openssh.com\numac-128@openssh.com\nhmac-sha2-256\nhmac-sha2-512\nhmac-ripemd160\nhmac-ripemd160@openssh.com\nhmac-sha1-96\nhmac-md5-96\n")
|
|
|
|
set(OPENSSH_KEX "ecdh-sha2-nistp256\necdh-sha2-nistp384\necdh-sha2-nistp521\ndiffie-hellman-group-exchange-sha256\ndiffie-hellman-group-exchange-sha1\ndiffie-hellman-group14-sha1\ndiffie-hellman-group1-sha1\n")
|
|
|
|
set(OPENSSH_KEYS "ssh-rsa\nssh-dss\necdsa-sha2-nistp256\n")
|
|
|
|
else()
|
|
|
|
execute_process(COMMAND ${SSH_EXECUTABLE} -Q cipher OUTPUT_VARIABLE OPENSSH_CIPHERS)
|
|
|
|
execute_process(COMMAND ${SSH_EXECUTABLE} -Q mac OUTPUT_VARIABLE OPENSSH_MACS)
|
|
|
|
execute_process(COMMAND ${SSH_EXECUTABLE} -Q kex OUTPUT_VARIABLE OPENSSH_KEX)
|
|
|
|
execute_process(COMMAND ${SSH_EXECUTABLE} -Q key OUTPUT_VARIABLE OPENSSH_KEYS)
|
|
|
|
execute_process(COMMAND ${SSH_EXECUTABLE} -Q sig OUTPUT_VARIABLE OPENSSH_SIGS ERROR_QUIET)
|
2019-12-17 13:22:50 +03:00
|
|
|
|
|
|
|
# We need both of them, but lets get rid of duplicate items presented in both lists
|
|
|
|
# to avoid processing too long arguments in pkd
|
2019-10-11 18:07:32 +03:00
|
|
|
set(OPENSSH_KEYS "${OPENSSH_KEYS}${OPENSSH_SIGS}")
|
2019-12-17 13:22:50 +03:00
|
|
|
string(REPLACE "\n" ";" OPENSSH_KEYS "${OPENSSH_KEYS}")
|
|
|
|
list(REMOVE_DUPLICATES OPENSSH_KEYS)
|
|
|
|
string(REPLACE ";" "\n" OPENSSH_KEYS "${OPENSSH_KEYS}")
|
2019-10-11 18:07:32 +03:00
|
|
|
endif()
|
|
|
|
|
|
|
|
set(SSH_ALGORITHMS
|
|
|
|
3des-cbc aes128-cbc aes192-cbc aes256-cbc rijndael-cbc@lysator.liu.se aes128-ctr aes192-ctr
|
|
|
|
aes256-ctr aes128-gcm@openssh.com aes256-gcm@openssh.com chacha20-poly1305@openssh.com
|
|
|
|
hmac-sha1 hmac-sha1-96 hmac-sha2-256 hmac-sha2-512 hmac-md5 hmac-md5-96 umac-64@openssh.com
|
|
|
|
umac-128@openssh.com hmac-sha1-etm@openssh.com hmac-sha1-96-etm@openssh.com
|
|
|
|
hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com hmac-md5-etm@openssh.com
|
|
|
|
hmac-md5-96-etm@openssh.com umac-64-etm@openssh.com umac-128-etm@openssh.com
|
|
|
|
diffie-hellman-group1-sha1 diffie-hellman-group14-sha1 diffie-hellman-group14-sha256
|
|
|
|
diffie-hellman-group16-sha512 diffie-hellman-group18-sha512 diffie-hellman-group-exchange-sha1
|
|
|
|
diffie-hellman-group-exchange-sha256 ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521
|
|
|
|
curve25519-sha256 curve25519-sha256@libssh.org
|
|
|
|
ssh-ed25519 ssh-ed25519-cert-v01@openssh.com ssh-rsa ssh-dss
|
|
|
|
ecdsa-sha2-nistp256 ecdsa-sha2-nistp384 ecdsa-sha2-nistp521
|
|
|
|
ssh-rsa-cert-v01@openssh.com ssh-dss-cert-v01@openssh.com
|
|
|
|
ecdsa-sha2-nistp256-cert-v01@openssh.com ecdsa-sha2-nistp384-cert-v01@openssh.com
|
|
|
|
ecdsa-sha2-nistp521-cert-v01@openssh.com
|
|
|
|
)
|
|
|
|
foreach(ALGORITHM ${SSH_ALGORITHMS})
|
|
|
|
string(TOUPPER ${ALGORITHM} VARNAME)
|
|
|
|
string(REGEX REPLACE "[-@.]" "_" VARNAME "OPENSSH_${VARNAME}")
|
|
|
|
|
|
|
|
# Match the current algorithm into the complete list of OpenSSH supported algorithms.
|
|
|
|
# If matching, create an OPENSSH_CIPHER_NAME variable.
|
|
|
|
string(REGEX MATCH ".*${ALGORITHM}\n" "${VARNAME}" "${OPENSSH_CIPHERS}${OPENSSH_MACS}${OPENSSH_KEX}${OPENSSH_KEYS}")
|
|
|
|
endforeach(ALGORITHM)
|
|
|
|
|
|
|
|
string(STRIP "${OPENSSH_CIPHERS}" OPENSSH_CIPHERS)
|
|
|
|
string(STRIP "${OPENSSH_MACS}" OPENSSH_MACS)
|
|
|
|
string(STRIP "${OPENSSH_KEX}" OPENSSH_KEX)
|
|
|
|
string(STRIP "${OPENSSH_KEYS}" OPENSSH_KEYS)
|
|
|
|
string(REPLACE "\n" "," OPENSSH_CIPHERS "${OPENSSH_CIPHERS}")
|
|
|
|
string(REPLACE "\n" "," OPENSSH_MACS "${OPENSSH_MACS}")
|
|
|
|
string(REPLACE "\n" "," OPENSSH_KEX "${OPENSSH_KEX}")
|
|
|
|
string(REPLACE "\n" "," OPENSSH_KEYS "${OPENSSH_KEYS}")
|
|
|
|
|
|
|
|
endif()
|
|
|
|
|
2019-10-20 01:52:47 +03:00
|
|
|
find_program(SSHD_EXECUTABLE
|
|
|
|
NAME
|
|
|
|
sshd
|
|
|
|
PATHS
|
|
|
|
/sbin
|
|
|
|
/usr/sbin
|
|
|
|
/usr/local/sbin)
|
|
|
|
|
2019-11-06 20:44:21 +03:00
|
|
|
if (CLIENT_TESTING OR SERVER_TESTING)
|
2014-04-15 23:12:56 +04:00
|
|
|
find_package(socket_wrapper 1.1.5 REQUIRED)
|
|
|
|
find_package(nss_wrapper 1.1.2 REQUIRED)
|
2014-04-15 23:13:42 +04:00
|
|
|
find_package(uid_wrapper 1.2.0 REQUIRED)
|
2016-01-18 14:02:45 +03:00
|
|
|
find_package(pam_wrapper 1.0.1 REQUIRED)
|
2014-04-15 23:13:42 +04:00
|
|
|
|
2014-04-15 23:12:56 +04:00
|
|
|
if (NOT SSHD_EXECUTABLE)
|
|
|
|
message(SEND_ERROR "Could not find sshd which is required for client testing")
|
|
|
|
endif()
|
2022-08-29 11:21:57 +03:00
|
|
|
find_program(NCAT_EXECUTABLE
|
2019-10-11 18:07:32 +03:00
|
|
|
NAME
|
2022-08-29 11:21:57 +03:00
|
|
|
ncat
|
2019-10-11 18:07:32 +03:00
|
|
|
PATHS
|
|
|
|
/bin
|
|
|
|
/usr/bin
|
|
|
|
/usr/local/bin)
|
|
|
|
|
2019-12-10 22:58:56 +03:00
|
|
|
if (WITH_PKCS11_URI)
|
|
|
|
find_package(softhsm)
|
|
|
|
if (NOT SOFTHSM_FOUND)
|
|
|
|
message(SEND_ERROR "Could not find softhsm module!")
|
|
|
|
endif (NOT SOFTHSM_FOUND)
|
|
|
|
endif (WITH_PKCS11_URI)
|
|
|
|
|
2016-02-02 13:28:07 +03:00
|
|
|
find_program(SSH_EXECUTABLE NAMES ssh)
|
2015-09-29 13:00:10 +03:00
|
|
|
if (SSH_EXECUTABLE)
|
|
|
|
execute_process(COMMAND ${SSH_EXECUTABLE} -V ERROR_VARIABLE OPENSSH_VERSION_STR)
|
2019-06-20 18:45:49 +03:00
|
|
|
string(REGEX REPLACE "^.*OpenSSH_([0-9]).[0-9].*$" "\\1" OPENSSH_VERSION_MAJOR "${OPENSSH_VERSION_STR}")
|
|
|
|
string(REGEX REPLACE "^.*OpenSSH_[0-9].([0-9]).*$" "\\1" OPENSSH_VERSION_MINOR "${OPENSSH_VERSION_STR}")
|
2015-09-29 13:00:10 +03:00
|
|
|
add_definitions(-DOPENSSH_VERSION_MAJOR=${OPENSSH_VERSION_MAJOR} -DOPENSSH_VERSION_MINOR=${OPENSSH_VERSION_MINOR})
|
|
|
|
endif()
|
|
|
|
|
2016-02-02 13:28:07 +03:00
|
|
|
set(LOCAL_USER "nobody")
|
|
|
|
set(LOCAL_UID "65533")
|
|
|
|
find_program(ID_EXECUTABLE NAMES id)
|
|
|
|
find_program(WHO_EXECUTABLE NAMES whoami)
|
|
|
|
if (ID_EXECUTABLE AND WHO_EXECUTABLE)
|
|
|
|
execute_process(COMMAND ${WHO_EXECUTABLE} OUTPUT_VARIABLE LOCAL_USER OUTPUT_STRIP_TRAILING_WHITESPACE)
|
|
|
|
execute_process(COMMAND ${ID_EXECUTABLE} -u OUTPUT_VARIABLE LOCAL_UID OUTPUT_STRIP_TRAILING_WHITESPACE)
|
|
|
|
endif()
|
|
|
|
|
2019-08-16 19:13:12 +03:00
|
|
|
find_program(TIMEOUT_EXECUTABLE
|
|
|
|
NAME
|
|
|
|
timeout
|
|
|
|
PATHS
|
|
|
|
/bin
|
|
|
|
/usr/bin
|
|
|
|
/usr/local/bin)
|
|
|
|
if (TIMEOUT_EXECUTABLE)
|
|
|
|
set(WITH_TIMEOUT "1")
|
|
|
|
endif()
|
|
|
|
|
2017-11-23 14:52:08 +03:00
|
|
|
# chroot_wrapper
|
|
|
|
add_library(chroot_wrapper SHARED chroot_wrapper.c)
|
2018-11-15 15:38:02 +03:00
|
|
|
set(CHROOT_WRAPPER_LIBRARY ${libssh_BINARY_DIR}/lib/${CMAKE_SHARED_LIBRARY_PREFIX}chroot_wrapper${CMAKE_SHARED_LIBRARY_SUFFIX})
|
2017-11-23 14:52:08 +03:00
|
|
|
set(TEST_TARGET_LIBRARIES
|
|
|
|
${TEST_TARGET_LIBRARIES}
|
|
|
|
chroot_wrapper
|
|
|
|
)
|
|
|
|
|
2018-09-18 16:28:48 +03:00
|
|
|
# ssh_ping
|
|
|
|
add_executable(ssh_ping ssh_ping.c)
|
|
|
|
target_compile_options(ssh_ping PRIVATE ${DEFAULT_C_COMPILE_FLAGS})
|
2020-04-14 15:39:19 +03:00
|
|
|
target_link_libraries(ssh_ping ssh::static)
|
2018-09-18 16:28:48 +03:00
|
|
|
|
2014-04-15 23:13:42 +04:00
|
|
|
# homedir will be used in passwd
|
|
|
|
set(HOMEDIR ${CMAKE_CURRENT_BINARY_DIR}/home)
|
|
|
|
|
|
|
|
### Setup nss_wrapper
|
|
|
|
configure_file(etc/passwd.in ${CMAKE_CURRENT_BINARY_DIR}/etc/passwd @ONLY)
|
|
|
|
configure_file(etc/shadow.in ${CMAKE_CURRENT_BINARY_DIR}/etc/shadow @ONLY)
|
|
|
|
configure_file(etc/group.in ${CMAKE_CURRENT_BINARY_DIR}/etc/group @ONLY)
|
|
|
|
configure_file(etc/hosts.in ${CMAKE_CURRENT_BINARY_DIR}/etc/hosts @ONLY)
|
|
|
|
|
2015-10-01 14:56:32 +03:00
|
|
|
### Setup pam_wrapper
|
|
|
|
configure_file(etc/pam_matrix_passdb.in ${CMAKE_CURRENT_BINARY_DIR}/etc/pam_matrix_passdb @ONLY)
|
|
|
|
configure_file(etc/pam.d/sshd.in ${CMAKE_CURRENT_BINARY_DIR}/etc/pam.d/sshd @ONLY)
|
|
|
|
|
2017-11-23 14:52:08 +03:00
|
|
|
|
|
|
|
set(TORTURE_ENVIRONMENT "LD_PRELOAD=${SOCKET_WRAPPER_LIBRARY}:${NSS_WRAPPER_LIBRARY}:${UID_WRAPPER_LIBRARY}:${PAM_WRAPPER_LIBRARY}:${CHROOT_WRAPPER_LIBRARY}")
|
2016-02-02 11:06:00 +03:00
|
|
|
list(APPEND TORTURE_ENVIRONMENT UID_WRAPPER=1 UID_WRAPPER_ROOT=1)
|
2014-04-15 23:13:42 +04:00
|
|
|
list(APPEND TORTURE_ENVIRONMENT NSS_WRAPPER_PASSWD=${CMAKE_CURRENT_BINARY_DIR}/etc/passwd)
|
|
|
|
list(APPEND TORTURE_ENVIRONMENT NSS_WRAPPER_SHADOW=${CMAKE_CURRENT_BINARY_DIR}/etc/shadow)
|
|
|
|
list(APPEND TORTURE_ENVIRONMENT NSS_WRAPPER_GROUP=${CMAKE_CURRENT_BINARY_DIR}/etc/group)
|
2015-10-01 14:56:32 +03:00
|
|
|
list(APPEND TORTURE_ENVIRONMENT PAM_WRAPPER_SERVICE_DIR=${CMAKE_CURRENT_BINARY_DIR}/etc/pam.d)
|
2022-07-08 12:10:39 +03:00
|
|
|
list(APPEND TORTURE_ENVIRONMENT LSAN_OPTIONS=suppressions=${CMAKE_CURRENT_SOURCE_DIR}/suppressions/lsan.supp)
|
2014-04-15 23:13:42 +04:00
|
|
|
|
2015-09-10 15:06:05 +03:00
|
|
|
# Give bob some keys
|
|
|
|
file(COPY keys/id_rsa DESTINATION ${CMAKE_CURRENT_BINARY_DIR}/home/bob/.ssh/ FILE_PERMISSIONS OWNER_READ OWNER_WRITE)
|
|
|
|
file(COPY keys/id_rsa.pub DESTINATION ${CMAKE_CURRENT_BINARY_DIR}/home/bob/.ssh/ FILE_PERMISSIONS OWNER_READ OWNER_WRITE)
|
2020-09-02 15:41:00 +03:00
|
|
|
# Same as id_rsa, protected with passphrase "secret"
|
|
|
|
file(COPY keys/id_rsa_protected DESTINATION ${CMAKE_CURRENT_BINARY_DIR}/home/bob/.ssh/ FILE_PERMISSIONS OWNER_READ OWNER_WRITE)
|
|
|
|
file(COPY keys/id_rsa_protected.pub DESTINATION ${CMAKE_CURRENT_BINARY_DIR}/home/bob/.ssh/ FILE_PERMISSIONS OWNER_READ OWNER_WRITE)
|
2018-09-17 16:20:46 +03:00
|
|
|
file(COPY keys/id_ecdsa DESTINATION ${CMAKE_CURRENT_BINARY_DIR}/home/bob/.ssh/ FILE_PERMISSIONS OWNER_READ OWNER_WRITE)
|
|
|
|
file(COPY keys/id_ecdsa.pub DESTINATION ${CMAKE_CURRENT_BINARY_DIR}/home/bob/.ssh/ FILE_PERMISSIONS OWNER_READ OWNER_WRITE)
|
2018-10-19 17:40:41 +03:00
|
|
|
file(COPY keys/id_ed25519 DESTINATION ${CMAKE_CURRENT_BINARY_DIR}/home/bob/.ssh/ FILE_PERMISSIONS OWNER_READ OWNER_WRITE)
|
|
|
|
file(COPY keys/id_ed25519.pub DESTINATION ${CMAKE_CURRENT_BINARY_DIR}/home/bob/.ssh/ FILE_PERMISSIONS OWNER_READ OWNER_WRITE)
|
2015-09-10 15:06:05 +03:00
|
|
|
|
2019-09-13 17:59:17 +03:00
|
|
|
# Allow to auth with bob's public keys on alice account
|
2015-09-10 15:06:05 +03:00
|
|
|
configure_file(keys/id_rsa.pub ${CMAKE_CURRENT_BINARY_DIR}/home/alice/.ssh/authorized_keys @ONLY)
|
2019-12-10 22:58:56 +03:00
|
|
|
|
2018-09-17 16:20:46 +03:00
|
|
|
# append ECDSA public key
|
|
|
|
file(READ keys/id_ecdsa.pub CONTENTS)
|
|
|
|
file(APPEND ${CMAKE_CURRENT_BINARY_DIR}/home/alice/.ssh/authorized_keys "${CONTENTS}")
|
2015-09-10 15:06:05 +03:00
|
|
|
|
2018-10-19 17:40:41 +03:00
|
|
|
# append ed25519 public key
|
|
|
|
file(READ keys/id_ed25519.pub CONTENTS)
|
|
|
|
file(APPEND ${CMAKE_CURRENT_BINARY_DIR}/home/alice/.ssh/authorized_keys "${CONTENTS}")
|
|
|
|
|
2019-12-10 22:58:56 +03:00
|
|
|
# Allow to auth with bob his public keys on charlie account
|
|
|
|
configure_file(keys/pkcs11/id_pkcs11_rsa_openssh.pub ${CMAKE_CURRENT_BINARY_DIR}/home/charlie/.ssh/authorized_keys @ONLY)
|
|
|
|
|
|
|
|
# append ECDSA public key
|
|
|
|
file(READ keys/pkcs11/id_pkcs11_ecdsa_256_openssh.pub CONTENTS)
|
|
|
|
file(APPEND ${CMAKE_CURRENT_BINARY_DIR}/home/charlie/.ssh/authorized_keys "${CONTENTS}")
|
|
|
|
|
|
|
|
file(READ keys/pkcs11/id_pkcs11_ecdsa_384_openssh.pub CONTENTS)
|
|
|
|
file(APPEND ${CMAKE_CURRENT_BINARY_DIR}/home/charlie/.ssh/authorized_keys "${CONTENTS}")
|
|
|
|
|
|
|
|
file(READ keys/pkcs11/id_pkcs11_ecdsa_521_openssh.pub CONTENTS)
|
|
|
|
file(APPEND ${CMAKE_CURRENT_BINARY_DIR}/home/charlie/.ssh/authorized_keys "${CONTENTS}")
|
|
|
|
|
2016-03-04 03:11:24 +03:00
|
|
|
# Copy the signed key to an alternative directory in bob's homedir.
|
|
|
|
file(COPY keys/certauth/id_rsa DESTINATION ${CMAKE_CURRENT_BINARY_DIR}/home/bob/.ssh_cert/ FILE_PERMISSIONS OWNER_READ OWNER_WRITE)
|
|
|
|
file(COPY keys/certauth/id_rsa.pub DESTINATION ${CMAKE_CURRENT_BINARY_DIR}/home/bob/.ssh_cert/ FILE_PERMISSIONS OWNER_READ OWNER_WRITE)
|
|
|
|
file(COPY keys/certauth/id_rsa-cert.pub DESTINATION ${CMAKE_CURRENT_BINARY_DIR}/home/bob/.ssh_cert/ FILE_PERMISSIONS OWNER_READ OWNER_WRITE)
|
|
|
|
|
2019-12-10 22:58:56 +03:00
|
|
|
#Copy the script to setup PKCS11 tokens
|
|
|
|
file(COPY pkcs11/setup-softhsm-tokens.sh DESTINATION ${CMAKE_CURRENT_BINARY_DIR}/pkcs11 FILE_PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE)
|
|
|
|
|
2014-04-15 23:13:42 +04:00
|
|
|
message(STATUS "TORTURE_ENVIRONMENT=${TORTURE_ENVIRONMENT}")
|
2019-11-06 20:44:21 +03:00
|
|
|
endif ()
|
2010-12-28 15:17:27 +03:00
|
|
|
|
2019-10-11 18:07:32 +03:00
|
|
|
configure_file(tests_config.h.cmake ${CMAKE_CURRENT_BINARY_DIR}/tests_config.h)
|
|
|
|
|
2010-12-28 15:17:27 +03:00
|
|
|
if (WITH_BENCHMARKS)
|
|
|
|
add_subdirectory(benchmarks)
|
2019-11-06 20:44:21 +03:00
|
|
|
endif ()
|
|
|
|
|
|
|
|
if (CLIENT_TESTING)
|
|
|
|
add_subdirectory(client)
|
2020-12-15 15:35:06 +03:00
|
|
|
|
|
|
|
# Only add override testing if testing the client
|
|
|
|
add_subdirectory(external_override)
|
2019-11-06 20:44:21 +03:00
|
|
|
endif ()
|
2010-12-28 15:17:27 +03:00
|
|
|
|
2018-06-29 11:49:14 +03:00
|
|
|
if (WITH_SERVER AND SERVER_TESTING)
|
2014-10-13 14:06:39 +04:00
|
|
|
add_subdirectory(pkd)
|
2018-11-07 19:11:04 +03:00
|
|
|
add_subdirectory(server)
|
2019-11-06 20:44:21 +03:00
|
|
|
endif ()
|
2018-02-04 13:49:13 +03:00
|
|
|
|
|
|
|
if (FUZZ_TESTING)
|
|
|
|
add_subdirectory(fuzz)
|
|
|
|
endif()
|