libssh/tests/pkd/CMakeLists.txt

project(pkd C)

if (WITH_SERVER AND UNIX AND NOT WIN32)

include_directories(
  ${LIBSSH_PUBLIC_INCLUDE_DIRS}
  ${CMOCKA_INCLUDE_DIR}
  ${OPENSSL_INCLUDE_DIR}
  ${GCRYPT_INCLUDE_DIR}
  ${ZLIB_INCLUDE_DIR}
  ${CMAKE_BINARY_DIR}
  ${CMAKE_SOURCE_DIR}/src
  ${CMAKE_CURRENT_SOURCE_DIR}
)

set(pkd_hello_src
  pkd_daemon.c
  pkd_hello.c
  pkd_keyutil.c
  pkd_util.c
)

set(pkd_libs
    ${CMOCKA_LIBRARY}
    ${LIBSSH_STATIC_LIBRARY}
    ${LIBSSH_LINK_LIBRARIES}
    ${ARGP_LIBRARIES}
    pthread
)

add_executable(pkd_hello ${pkd_hello_src})
target_compile_options(pkd_hello PRIVATE ${DEFAULT_C_COMPILE_FLAGS})
target_link_libraries(pkd_hello ${pkd_libs})

#
# pkd_hello_i1 runs only one iteration per algorithm combination for
# sake of speeding up overall test run time.  More iterations can be
# specified with `-i` and may be helpful for chasing down bugs that
# are not 100% reproducible.
#
add_test(pkd_hello_i1 ${CMAKE_CURRENT_BINARY_DIR}/pkd_hello -e -o -i1 -w /tmp/pkd_socket_wrapper_XXXXXX)

#
# Configure environment for cwrap socket wrapper.
#
find_package(socket_wrapper 1.1.5 REQUIRED)
if (OSX)
    set(PKD_ENVIRONMENT "DYLD_FORCE_FLAT_NAMESPACE=1;DYLD_INSERT_LIBRARIES=${SOCKET_WRAPPER_LIBRARY}")
else ()
    set(PKD_ENVIRONMENT "LD_PRELOAD=${SOCKET_WRAPPER_LIBRARY}")
endif ()
message(STATUS "PKD_ENVIRONMENT=${PKD_ENVIRONMENT}")
set_property(TEST pkd_hello_i1 PROPERTY ENVIRONMENT ${PKD_ENVIRONMENT})

endif (WITH_SERVER AND UNIX AND NOT WIN32)
tests: introduce pkd_hello Introduce a sample public-key testing daemon to the 'pkd' test directory, and add support code for cycling through various combinations of different key exchange, cipher, and MAC algorithms. The goal of the 'pkd_hello' test is to make it easy to test interactions between non-libssh clients and a libssh-server, and to provide a starting point for testing new implementations for key types, ciphers, MACs, and so on. The thinking is that testing a new algorithm should be as simple as adding a new line for it in the PKDTESTS_* lists. Macros are used to generate the tests and helper functions for a couple of clients -- here, OpenSSH and dropbear are included for the first cut. If binaries are found for these clients, their test lists will be enabled; when binaries are not found for a given client, those tests are skipped. Tests are run in one large batch by default, but can also be run individually to help with tracking down things like signature bugs that may take many iterations to reproduce. Each test logs its stdout and stderr to its own file, which is cleaned up when a test succeeds. For failures, those logs can be combined with verbose libssh output from pkd itself to start debugging things. Some example usages: pkd_hello Run all tests with default number of iterations. pkd_hello --list List available individual test names. pkd_hello -i 1000 -t torture_pkd_openssh_ecdsa_256_ecdh_sha2_nistp256 Run only the torture_pkd_openssh_ecdsa_256_ecdh_sha2_nistp256 testcase 1000 times. pkd_hello -v -v -v -v -e -o Run all tests with maximum libssh and pkd logging. Included in the tests are passes for all existing kex, cipher, and MAC algorithms. BUG: https://red.libssh.org/issues/144 Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> 2014-10-10 23:38:45 +04:00			`project(pkd C)`

tests: fix pkd build breakages Fix a build breakage when '-DWITH_SERVER=OFF' is set: skip building the pkd test for that case. Add some missing includes for the OpenIndiana and FreeBSD builds. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> 2014-10-13 14:06:39 +04:00			`if (WITH_SERVER AND UNIX AND NOT WIN32)`
tests: introduce pkd_hello Introduce a sample public-key testing daemon to the 'pkd' test directory, and add support code for cycling through various combinations of different key exchange, cipher, and MAC algorithms. The goal of the 'pkd_hello' test is to make it easy to test interactions between non-libssh clients and a libssh-server, and to provide a starting point for testing new implementations for key types, ciphers, MACs, and so on. The thinking is that testing a new algorithm should be as simple as adding a new line for it in the PKDTESTS_* lists. Macros are used to generate the tests and helper functions for a couple of clients -- here, OpenSSH and dropbear are included for the first cut. If binaries are found for these clients, their test lists will be enabled; when binaries are not found for a given client, those tests are skipped. Tests are run in one large batch by default, but can also be run individually to help with tracking down things like signature bugs that may take many iterations to reproduce. Each test logs its stdout and stderr to its own file, which is cleaned up when a test succeeds. For failures, those logs can be combined with verbose libssh output from pkd itself to start debugging things. Some example usages: pkd_hello Run all tests with default number of iterations. pkd_hello --list List available individual test names. pkd_hello -i 1000 -t torture_pkd_openssh_ecdsa_256_ecdh_sha2_nistp256 Run only the torture_pkd_openssh_ecdsa_256_ecdh_sha2_nistp256 testcase 1000 times. pkd_hello -v -v -v -v -e -o Run all tests with maximum libssh and pkd logging. Included in the tests are passes for all existing kex, cipher, and MAC algorithms. BUG: https://red.libssh.org/issues/144 Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> 2014-10-10 23:38:45 +04:00
			`include_directories(`
			`${LIBSSH_PUBLIC_INCLUDE_DIRS}`
			`${CMOCKA_INCLUDE_DIR}`
cmake: Fix zlib include directory Signed-off-by: Andreas Schneider <asn@cryptomilk.org> 2015-07-03 13:36:26 +03:00			`${OPENSSL_INCLUDE_DIR}`
			`${GCRYPT_INCLUDE_DIR}`
			`${ZLIB_INCLUDE_DIR}`
tests: introduce pkd_hello Introduce a sample public-key testing daemon to the 'pkd' test directory, and add support code for cycling through various combinations of different key exchange, cipher, and MAC algorithms. The goal of the 'pkd_hello' test is to make it easy to test interactions between non-libssh clients and a libssh-server, and to provide a starting point for testing new implementations for key types, ciphers, MACs, and so on. The thinking is that testing a new algorithm should be as simple as adding a new line for it in the PKDTESTS_* lists. Macros are used to generate the tests and helper functions for a couple of clients -- here, OpenSSH and dropbear are included for the first cut. If binaries are found for these clients, their test lists will be enabled; when binaries are not found for a given client, those tests are skipped. Tests are run in one large batch by default, but can also be run individually to help with tracking down things like signature bugs that may take many iterations to reproduce. Each test logs its stdout and stderr to its own file, which is cleaned up when a test succeeds. For failures, those logs can be combined with verbose libssh output from pkd itself to start debugging things. Some example usages: pkd_hello Run all tests with default number of iterations. pkd_hello --list List available individual test names. pkd_hello -i 1000 -t torture_pkd_openssh_ecdsa_256_ecdh_sha2_nistp256 Run only the torture_pkd_openssh_ecdsa_256_ecdh_sha2_nistp256 testcase 1000 times. pkd_hello -v -v -v -v -e -o Run all tests with maximum libssh and pkd logging. Included in the tests are passes for all existing kex, cipher, and MAC algorithms. BUG: https://red.libssh.org/issues/144 Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> 2014-10-10 23:38:45 +04:00			`${CMAKE_BINARY_DIR}`
			`${CMAKE_SOURCE_DIR}/src`
			`${CMAKE_CURRENT_SOURCE_DIR}`
			`)`

			`set(pkd_hello_src`
			`pkd_daemon.c`
			`pkd_hello.c`
			`pkd_keyutil.c`
			`pkd_util.c`
			`)`

			`set(pkd_libs`
			`${CMOCKA_LIBRARY}`
			`${LIBSSH_STATIC_LIBRARY}`
			`${LIBSSH_LINK_LIBRARIES}`
			`${ARGP_LIBRARIES}`
threads: Automatically call ssh_init on load This makes unnecessary to call ssh_init() when the library is dynamically loaded. Also removes the threads shared library. The used threads implementation is chosen in configuration time, changing the ssh_threads_get_default() depending on the available threads library. Internally, it is expected a threads implementation providing: - void ssh_mutex_lock(void mutex); - void ssh_mutex_unlock(void mutex); - struct ssh_threads_callbacks_struct ssh_threads_get_default(void); and a crypto implementation providing: - int crypto_thread_init(struct ssh_threads_callbacks_struct user_callbacks); - void crypto_thread_finalize(void); This adds internal threads implementation for pthreads and noop. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> 2018-07-02 14:03:12 +03:00			`pthread`
tests: introduce pkd_hello Introduce a sample public-key testing daemon to the 'pkd' test directory, and add support code for cycling through various combinations of different key exchange, cipher, and MAC algorithms. The goal of the 'pkd_hello' test is to make it easy to test interactions between non-libssh clients and a libssh-server, and to provide a starting point for testing new implementations for key types, ciphers, MACs, and so on. The thinking is that testing a new algorithm should be as simple as adding a new line for it in the PKDTESTS_* lists. Macros are used to generate the tests and helper functions for a couple of clients -- here, OpenSSH and dropbear are included for the first cut. If binaries are found for these clients, their test lists will be enabled; when binaries are not found for a given client, those tests are skipped. Tests are run in one large batch by default, but can also be run individually to help with tracking down things like signature bugs that may take many iterations to reproduce. Each test logs its stdout and stderr to its own file, which is cleaned up when a test succeeds. For failures, those logs can be combined with verbose libssh output from pkd itself to start debugging things. Some example usages: pkd_hello Run all tests with default number of iterations. pkd_hello --list List available individual test names. pkd_hello -i 1000 -t torture_pkd_openssh_ecdsa_256_ecdh_sha2_nistp256 Run only the torture_pkd_openssh_ecdsa_256_ecdh_sha2_nistp256 testcase 1000 times. pkd_hello -v -v -v -v -e -o Run all tests with maximum libssh and pkd logging. Included in the tests are passes for all existing kex, cipher, and MAC algorithms. BUG: https://red.libssh.org/issues/144 Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> 2014-10-10 23:38:45 +04:00			`)`

			`add_executable(pkd_hello ${pkd_hello_src})`
cmake: Improve compiler flag detection Signed-off-by: Andreas Schneider <asn@cryptomilk.org> 2018-08-20 16:17:09 +03:00			`target_compile_options(pkd_hello PRIVATE ${DEFAULT_C_COMPILE_FLAGS})`
tests: introduce pkd_hello Introduce a sample public-key testing daemon to the 'pkd' test directory, and add support code for cycling through various combinations of different key exchange, cipher, and MAC algorithms. The goal of the 'pkd_hello' test is to make it easy to test interactions between non-libssh clients and a libssh-server, and to provide a starting point for testing new implementations for key types, ciphers, MACs, and so on. The thinking is that testing a new algorithm should be as simple as adding a new line for it in the PKDTESTS_* lists. Macros are used to generate the tests and helper functions for a couple of clients -- here, OpenSSH and dropbear are included for the first cut. If binaries are found for these clients, their test lists will be enabled; when binaries are not found for a given client, those tests are skipped. Tests are run in one large batch by default, but can also be run individually to help with tracking down things like signature bugs that may take many iterations to reproduce. Each test logs its stdout and stderr to its own file, which is cleaned up when a test succeeds. For failures, those logs can be combined with verbose libssh output from pkd itself to start debugging things. Some example usages: pkd_hello Run all tests with default number of iterations. pkd_hello --list List available individual test names. pkd_hello -i 1000 -t torture_pkd_openssh_ecdsa_256_ecdh_sha2_nistp256 Run only the torture_pkd_openssh_ecdsa_256_ecdh_sha2_nistp256 testcase 1000 times. pkd_hello -v -v -v -v -e -o Run all tests with maximum libssh and pkd logging. Included in the tests are passes for all existing kex, cipher, and MAC algorithms. BUG: https://red.libssh.org/issues/144 Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> 2014-10-10 23:38:45 +04:00			`target_link_libraries(pkd_hello ${pkd_libs})`

pkd: add_test pkd_hello_i1 for `make test` Add an entry for a `pkd_hello_i1` test which runs one iteration through each of the pkd algorithm combinations. Testing done: now `make test` will run `pkd_hello -i1` which completes in ~25 seconds on my local machine. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> 2018-05-25 14:35:04 +03:00			`#`
			`# pkd_hello_i1 runs only one iteration per algorithm combination for`
			`# sake of speeding up overall test run time. More iterations can be`
			# specified with `-i` and may be helpful for chasing down bugs that
			`# are not 100% reproducible.`
			`#`
pkd: Produce more useful logs Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> 2018-08-29 21:14:47 +03:00			`add_test(pkd_hello_i1 ${CMAKE_CURRENT_BINARY_DIR}/pkd_hello -e -o -i1 -w /tmp/pkd_socket_wrapper_XXXXXX)`
pkd: run with SOCKET_WRAPPER_LIBRARY Use the socket_wrapper preload shim when running the `pkd_hello` test with `make test`. The end goal here is to get this test running alongside normal tests in regular CI. Changes to do this: * Configure PKD_ENVIRONMENT for the `pkd_hello_i1` test in the CMakeLists.txt file. * Add a `--socket-wrapper-dir\|-w` flag that is used to opt-in to initializing a SOCKET_WRAPPER_DIR as expected by the socket_wrapper library. A runtime flag is used here to make it easy to run `pkd_hello` with the socket_wrapper library while avoiding a hard dependency. Testing done: observed socker_wrapper in effect with `strace`; running `make test` uses the wrapper correctly on my local machine. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> 2018-05-25 16:09:03 +03:00
			`#`
			`# Configure environment for cwrap socket wrapper.`
			`#`
			`find_package(socket_wrapper 1.1.5 REQUIRED)`
			`if (OSX)`
			`set(PKD_ENVIRONMENT "DYLD_FORCE_FLAT_NAMESPACE=1;DYLD_INSERT_LIBRARIES=${SOCKET_WRAPPER_LIBRARY}")`
			`else ()`
			`set(PKD_ENVIRONMENT "LD_PRELOAD=${SOCKET_WRAPPER_LIBRARY}")`
			`endif ()`
			`message(STATUS "PKD_ENVIRONMENT=${PKD_ENVIRONMENT}")`
			`set_property(TEST pkd_hello_i1 PROPERTY ENVIRONMENT ${PKD_ENVIRONMENT})`
pkd: add_test pkd_hello_i1 for `make test` Add an entry for a `pkd_hello_i1` test which runs one iteration through each of the pkd algorithm combinations. Testing done: now `make test` will run `pkd_hello -i1` which completes in ~25 seconds on my local machine. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> 2018-05-25 14:35:04 +03:00
tests: fix pkd build breakages Fix a build breakage when '-DWITH_SERVER=OFF' is set: skip building the pkd test for that case. Add some missing includes for the OpenIndiana and FreeBSD builds. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> 2014-10-13 14:06:39 +04:00			`endif (WITH_SERVER AND UNIX AND NOT WIN32)`