libssh/tests/CMakeLists.txt

project(libssh-tests C)

if (BSD OR SOLARIS OR OSX)
    find_package(Argp)
endif (BSD OR SOLARIS OR OSX)

set(TORTURE_LIBRARY torture)

include_directories(
  ${LIBSSH_PUBLIC_INCLUDE_DIRS}
  ${OPENSSL_INCLUDE_DIR}
  ${CMOCKA_INCLUDE_DIR}
  ${ZLIB_INCLUDE_DIR}
  ${CMAKE_BINARY_DIR}
  ${CMAKE_SOURCE_DIR}/src
  ${CMAKE_CURRENT_SOURCE_DIR}
)

set(TORTURE_LINK_LIBRARIES
    ${CMOCKA_LIBRARY}
    ${LIBSSH_STATIC_LIBRARY}
    ${LIBSSH_LINK_LIBRARIES})

# create test library
add_library(${TORTURE_LIBRARY}
            STATIC
                cmdline.c
                torture.c
                torture_key.c
                torture_pki.c
                torture_cmocka.c)
target_link_libraries(${TORTURE_LIBRARY} ${TORTURE_LINK_LIBRARIES})
target_compile_options(${TORTURE_LIBRARY} PRIVATE
                       -DSSH_PING_EXECUTABLE="${CMAKE_CURRENT_BINARY_DIR}/ssh_ping"
)

if (ARGP_LIBRARY)
    target_link_libraries(${TORTURE_LIBRARY}
        ${ARGP_LIBRARY}
    )
endif()

set(TEST_TARGET_LIBRARIES
    ${TORTURE_LIBRARY}
    ${TORTURE_LINK_LIBRARIES}
)

add_subdirectory(unittests)

if (CLIENT_TESTING)
    find_package(socket_wrapper 1.1.5 REQUIRED)
    find_package(nss_wrapper 1.1.2 REQUIRED)
    find_package(uid_wrapper 1.2.0 REQUIRED)
    find_package(pam_wrapper 1.0.1 REQUIRED)

    find_program(SSHD_EXECUTABLE
                 NAME
                    sshd
                 PATHS
                    /sbin
                    /usr/sbin
                    /usr/local/sbin)
    if (NOT SSHD_EXECUTABLE)
        message(SEND_ERROR "Could not find sshd which is required for client testing")
    endif()

    find_program(SSH_EXECUTABLE NAMES ssh)
    if (SSH_EXECUTABLE)
        execute_process(COMMAND ${SSH_EXECUTABLE} -V ERROR_VARIABLE OPENSSH_VERSION_STR)
        string(REGEX REPLACE "^OpenSSH_([0-9]).[0-9].*$" "\\1" OPENSSH_VERSION_MAJOR "${OPENSSH_VERSION_STR}")
        string(REGEX REPLACE "^OpenSSH_[0-9].([0-9]).*$" "\\1" OPENSSH_VERSION_MINOR "${OPENSSH_VERSION_STR}")
        add_definitions(-DOPENSSH_VERSION_MAJOR=${OPENSSH_VERSION_MAJOR} -DOPENSSH_VERSION_MINOR=${OPENSSH_VERSION_MINOR})
    endif()

    set(LOCAL_USER "nobody")
    set(LOCAL_UID "65533")
    find_program(ID_EXECUTABLE NAMES id)
    find_program(WHO_EXECUTABLE NAMES whoami)
    if (ID_EXECUTABLE AND WHO_EXECUTABLE)
        execute_process(COMMAND ${WHO_EXECUTABLE} OUTPUT_VARIABLE LOCAL_USER OUTPUT_STRIP_TRAILING_WHITESPACE)
        execute_process(COMMAND ${ID_EXECUTABLE} -u OUTPUT_VARIABLE LOCAL_UID OUTPUT_STRIP_TRAILING_WHITESPACE)
    endif()

    # chroot_wrapper
    add_library(chroot_wrapper SHARED chroot_wrapper.c)
    set(CHROOT_WRAPPER_LIBRARY ${libssh_BINARY_DIR}/lib/${CMAKE_SHARED_LIBRARY_PREFIX}chroot_wrapper${CMAKE_SHARED_LIBRARY_SUFFIX})
    set(TEST_TARGET_LIBRARIES
        ${TEST_TARGET_LIBRARIES}
        chroot_wrapper
    )

    # ssh_ping
    add_executable(ssh_ping ssh_ping.c)
    target_compile_options(ssh_ping PRIVATE ${DEFAULT_C_COMPILE_FLAGS})
    target_link_libraries(ssh_ping ${LIBSSH_SHARED_LIBRARY})

    # homedir will be used in passwd
    set(HOMEDIR ${CMAKE_CURRENT_BINARY_DIR}/home)

    ### Setup nss_wrapper
    configure_file(etc/passwd.in ${CMAKE_CURRENT_BINARY_DIR}/etc/passwd @ONLY)
    configure_file(etc/shadow.in ${CMAKE_CURRENT_BINARY_DIR}/etc/shadow @ONLY)
    configure_file(etc/group.in ${CMAKE_CURRENT_BINARY_DIR}/etc/group @ONLY)
    configure_file(etc/hosts.in ${CMAKE_CURRENT_BINARY_DIR}/etc/hosts @ONLY)

    ### Setup pam_wrapper
    configure_file(etc/pam_matrix_passdb.in ${CMAKE_CURRENT_BINARY_DIR}/etc/pam_matrix_passdb @ONLY)
    configure_file(etc/pam.d/sshd.in ${CMAKE_CURRENT_BINARY_DIR}/etc/pam.d/sshd @ONLY)


    set(TORTURE_ENVIRONMENT "LD_PRELOAD=${SOCKET_WRAPPER_LIBRARY}:${NSS_WRAPPER_LIBRARY}:${UID_WRAPPER_LIBRARY}:${PAM_WRAPPER_LIBRARY}:${CHROOT_WRAPPER_LIBRARY}")
    list(APPEND TORTURE_ENVIRONMENT UID_WRAPPER=1 UID_WRAPPER_ROOT=1)
    list(APPEND TORTURE_ENVIRONMENT NSS_WRAPPER_PASSWD=${CMAKE_CURRENT_BINARY_DIR}/etc/passwd)
    list(APPEND TORTURE_ENVIRONMENT NSS_WRAPPER_SHADOW=${CMAKE_CURRENT_BINARY_DIR}/etc/shadow)
    list(APPEND TORTURE_ENVIRONMENT NSS_WRAPPER_GROUP=${CMAKE_CURRENT_BINARY_DIR}/etc/group)
    list(APPEND TORTURE_ENVIRONMENT PAM_WRAPPER_SERVICE_DIR=${CMAKE_CURRENT_BINARY_DIR}/etc/pam.d)

    # Give bob some keys
    file(COPY keys/id_rsa DESTINATION ${CMAKE_CURRENT_BINARY_DIR}/home/bob/.ssh/ FILE_PERMISSIONS OWNER_READ OWNER_WRITE)
    file(COPY keys/id_rsa.pub DESTINATION ${CMAKE_CURRENT_BINARY_DIR}/home/bob/.ssh/ FILE_PERMISSIONS OWNER_READ OWNER_WRITE)
    file(COPY keys/id_ecdsa DESTINATION ${CMAKE_CURRENT_BINARY_DIR}/home/bob/.ssh/ FILE_PERMISSIONS OWNER_READ OWNER_WRITE)
    file(COPY keys/id_ecdsa.pub DESTINATION ${CMAKE_CURRENT_BINARY_DIR}/home/bob/.ssh/ FILE_PERMISSIONS OWNER_READ OWNER_WRITE)
    file(COPY keys/id_ed25519 DESTINATION ${CMAKE_CURRENT_BINARY_DIR}/home/bob/.ssh/ FILE_PERMISSIONS OWNER_READ OWNER_WRITE)
    file(COPY keys/id_ed25519.pub DESTINATION ${CMAKE_CURRENT_BINARY_DIR}/home/bob/.ssh/ FILE_PERMISSIONS OWNER_READ OWNER_WRITE)

    # Allow to auth with bob his public keys on alice account
    configure_file(keys/id_rsa.pub ${CMAKE_CURRENT_BINARY_DIR}/home/alice/.ssh/authorized_keys @ONLY)
    # append ECDSA public key
    file(READ keys/id_ecdsa.pub CONTENTS)
    file(APPEND ${CMAKE_CURRENT_BINARY_DIR}/home/alice/.ssh/authorized_keys "${CONTENTS}")

    # append ed25519 public key
    file(READ keys/id_ed25519.pub CONTENTS)
    file(APPEND ${CMAKE_CURRENT_BINARY_DIR}/home/alice/.ssh/authorized_keys "${CONTENTS}")

    # Copy the signed key to an alternative directory in bob's homedir.
    file(COPY keys/certauth/id_rsa DESTINATION ${CMAKE_CURRENT_BINARY_DIR}/home/bob/.ssh_cert/ FILE_PERMISSIONS OWNER_READ OWNER_WRITE)
    file(COPY keys/certauth/id_rsa.pub DESTINATION ${CMAKE_CURRENT_BINARY_DIR}/home/bob/.ssh_cert/ FILE_PERMISSIONS OWNER_READ OWNER_WRITE)
    file(COPY keys/certauth/id_rsa-cert.pub DESTINATION ${CMAKE_CURRENT_BINARY_DIR}/home/bob/.ssh_cert/ FILE_PERMISSIONS OWNER_READ OWNER_WRITE)

    message(STATUS "TORTURE_ENVIRONMENT=${TORTURE_ENVIRONMENT}")

    add_subdirectory(client)
endif (CLIENT_TESTING)

if (WITH_BENCHMARKS)
    add_subdirectory(benchmarks)
endif (WITH_BENCHMARKS)

if (WITH_SERVER AND SERVER_TESTING)
    add_subdirectory(pkd)
    add_subdirectory(server)
endif (WITH_SERVER AND SERVER_TESTING)

if (FUZZ_TESTING)
    add_subdirectory(fuzz)
endif()
cmake: Do not use CMAKE_(SOURCE\|BINARY)_DIR 2015-06-24 19:04:26 +03:00			`project(libssh-tests C)`
Added unit testing support using check. 2010-03-02 15:47:14 +03:00
build: fix cmake bug introduced yesterday Compilation failed on OSX because of the missing OR OSX 2014-02-02 23:56:21 +04:00			`if (BSD OR SOLARIS OR OSX)`
cmake: Check for argp library only on bsd and solaris. 2011-08-09 21:52:26 +04:00			`find_package(Argp)`
build: fix cmake bug introduced yesterday Compilation failed on OSX because of the missing OR OSX 2014-02-02 23:56:21 +04:00			`endif (BSD OR SOLARIS OR OSX)`
Replaced argp support for platforms that support it Argp is really useful, but it's not mandatory. 2011-01-13 20:34:04 +03:00
Added unit testing support using check. 2010-03-02 15:47:14 +03:00			`set(TORTURE_LIBRARY torture)`

			`include_directories(`
			`${LIBSSH_PUBLIC_INCLUDE_DIRS}`
tests: add OpenSSL includes dir for torture tests Tests were failing to build on macOS with OpenSS installed using homebrew. Signed-off-by: Ben Toews <mastahyeti@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com> 2019-02-28 22:41:21 +03:00			`${OPENSSL_INCLUDE_DIR}`
test: Use cmocka instead of cmockery. cmocka is the successor of cmockery. http://git.cryptomilk.org/projects/cmocka.git/ 2012-10-07 13:10:27 +04:00			`${CMOCKA_INCLUDE_DIR}`
cmake: Fix zlib include directory Signed-off-by: Andreas Schneider <asn@cryptomilk.org> 2015-07-03 13:36:26 +03:00			`${ZLIB_INCLUDE_DIR}`
cmake: Added include and library deps to torture. 2010-12-29 22:17:36 +03:00			`${CMAKE_BINARY_DIR}`
build: Fixed the unit test build. 2010-09-29 13:26:16 +04:00			`${CMAKE_SOURCE_DIR}/src`
Added unit testing support using check. 2010-03-02 15:47:14 +03:00			`${CMAKE_CURRENT_SOURCE_DIR}`
			`)`

tests: Only link against threading library if available Signed-off-by: Andreas Schneider <asn@cryptomilk.org> 2015-05-05 20:09:51 +03:00			`set(TORTURE_LINK_LIBRARIES`
			`${CMOCKA_LIBRARY}`
			`${LIBSSH_STATIC_LIBRARY}`
			`${LIBSSH_LINK_LIBRARIES})`

Added unit testing support using check. 2010-03-02 15:47:14 +03:00			`# create test library`
tests: Move torture keys to own file Signed-off-by: Andreas Schneider <asn@cryptomilk.org> 2018-01-09 23:30:50 +03:00			`add_library(${TORTURE_LIBRARY}`
			`STATIC`
			`cmdline.c`
			`torture.c`
			`torture_key.c`
torture: Add assert macros for ssh return codes This allows us to print errors from ssh sessions. Signed-off-by: Andreas Schneider <asn@cryptomilk.org> 2018-06-30 14:48:17 +03:00			`torture_pki.c`
			`torture_cmocka.c)`
tests: Move torture keys to own file Signed-off-by: Andreas Schneider <asn@cryptomilk.org> 2018-01-09 23:30:50 +03:00			`target_link_libraries(${TORTURE_LIBRARY} ${TORTURE_LINK_LIBRARIES})`
tests: Wait for the server to start The previous timeout of 500 ms was not enough on slower machines or while running the tests under valgrind. On much faster machines the sleep() was bringing unnecessary overhead. This method opens simple connection to the server verifying it is ready to accept the connection from the test for 5 seconds. It the server does not start until then, it fails the tests during initialization, rather than leaving the cases to run against missing server. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> 2018-09-18 16:28:48 +03:00			`target_compile_options(${TORTURE_LIBRARY} PRIVATE`
			`-DSSH_PING_EXECUTABLE="${CMAKE_CURRENT_BINARY_DIR}/ssh_ping"`
			`)`
tests: Move torture keys to own file Signed-off-by: Andreas Schneider <asn@cryptomilk.org> 2018-01-09 23:30:50 +03:00
cmake: Fix torture build Signed-off-by: Andreas Schneider <asn@cryptomilk.org> 2016-03-17 12:45:40 +03:00			`if (ARGP_LIBRARY)`
			`target_link_libraries(${TORTURE_LIBRARY}`
cmake: Try to fix FindArgp module Signed-off-by: Andreas Schneider <asn@cryptomilk.org> 2016-03-17 12:42:52 +03:00			`${ARGP_LIBRARY}`
			`)`
			`endif()`
Added unit testing support using check. 2010-03-02 15:47:14 +03:00
cmake: Added include and library deps to torture. 2010-12-29 22:17:36 +03:00			`set(TEST_TARGET_LIBRARIES`
			`${TORTURE_LIBRARY}`
tests: Only link against threading library if available Signed-off-by: Andreas Schneider <asn@cryptomilk.org> 2015-05-05 20:09:51 +03:00			`${TORTURE_LINK_LIBRARIES}`
cmake: Added include and library deps to torture. 2010-12-29 22:17:36 +03:00			`)`
Added unit testing support using check. 2010-03-02 15:47:14 +03:00
			`add_subdirectory(unittests)`
tests: introduce pkd_hello Introduce a sample public-key testing daemon to the 'pkd' test directory, and add support code for cycling through various combinations of different key exchange, cipher, and MAC algorithms. The goal of the 'pkd_hello' test is to make it easy to test interactions between non-libssh clients and a libssh-server, and to provide a starting point for testing new implementations for key types, ciphers, MACs, and so on. The thinking is that testing a new algorithm should be as simple as adding a new line for it in the PKDTESTS_* lists. Macros are used to generate the tests and helper functions for a couple of clients -- here, OpenSSH and dropbear are included for the first cut. If binaries are found for these clients, their test lists will be enabled; when binaries are not found for a given client, those tests are skipped. Tests are run in one large batch by default, but can also be run individually to help with tracking down things like signature bugs that may take many iterations to reproduce. Each test logs its stdout and stderr to its own file, which is cleaned up when a test succeeds. For failures, those logs can be combined with verbose libssh output from pkd itself to start debugging things. Some example usages: pkd_hello Run all tests with default number of iterations. pkd_hello --list List available individual test names. pkd_hello -i 1000 -t torture_pkd_openssh_ecdsa_256_ecdh_sha2_nistp256 Run only the torture_pkd_openssh_ecdsa_256_ecdh_sha2_nistp256 testcase 1000 times. pkd_hello -v -v -v -v -e -o Run all tests with maximum libssh and pkd logging. Included in the tests are passes for all existing kex, cipher, and MAC algorithms. BUG: https://red.libssh.org/issues/144 Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> 2014-10-10 23:38:45 +04:00
cmake: Rename WITH_CLIENT_TESTING option to CLIENT_TESTING Signed-off-by: Andreas Schneider <asn@cryptomilk.org> 2018-06-29 11:31:09 +03:00			`if (CLIENT_TESTING)`
cmake: Search for cwrap and sshd. Signed-off-by: Andreas Schneider <asn@cryptomilk.org> 2014-04-15 23:12:56 +04:00			`find_package(socket_wrapper 1.1.5 REQUIRED)`
			`find_package(nss_wrapper 1.1.2 REQUIRED)`
cmake: Configure nss_wrapper and uid_wrapper Signed-off-by: Andreas Schneider <asn@cryptomilk.org> 2014-04-15 23:13:42 +04:00			`find_package(uid_wrapper 1.2.0 REQUIRED)`
tests: Require pam_wrapper 1.0.1 Signed-off-by: Andreas Schneider <asn@cryptomilk.org> 2016-01-18 14:02:45 +03:00			`find_package(pam_wrapper 1.0.1 REQUIRED)`
cmake: Configure nss_wrapper and uid_wrapper Signed-off-by: Andreas Schneider <asn@cryptomilk.org> 2014-04-15 23:13:42 +04:00
cmake: Search for cwrap and sshd. Signed-off-by: Andreas Schneider <asn@cryptomilk.org> 2014-04-15 23:12:56 +04:00			`find_program(SSHD_EXECUTABLE`
			`NAME`
			`sshd`
			`PATHS`
			`/sbin`
			`/usr/sbin`
			`/usr/local/sbin)`
			`if (NOT SSHD_EXECUTABLE)`
			`message(SEND_ERROR "Could not find sshd which is required for client testing")`
			`endif()`
cmake: Configure nss_wrapper and uid_wrapper Signed-off-by: Andreas Schneider <asn@cryptomilk.org> 2014-04-15 23:13:42 +04:00
tests: Fix running ssh-agent ssh-agent needs to be executed as the local user and not a fake user or we will not be able to add identies. Signed-off-by: Andreas Schneider <asn@cryptomilk.org> 2016-02-02 13:28:07 +03:00			`find_program(SSH_EXECUTABLE NAMES ssh)`
tests: Support other openssh versions ... Signed-off-by: Andreas Schneider <asn@cryptomilk.org> 2015-09-29 13:00:10 +03:00			`if (SSH_EXECUTABLE)`
			`execute_process(COMMAND ${SSH_EXECUTABLE} -V ERROR_VARIABLE OPENSSH_VERSION_STR)`
			`string(REGEX REPLACE "^OpenSSH_([0-9]).[0-9].*$" "\\1" OPENSSH_VERSION_MAJOR "${OPENSSH_VERSION_STR}")`
			`string(REGEX REPLACE "^OpenSSH_[0-9].([0-9]).*$" "\\1" OPENSSH_VERSION_MINOR "${OPENSSH_VERSION_STR}")`
			`add_definitions(-DOPENSSH_VERSION_MAJOR=${OPENSSH_VERSION_MAJOR} -DOPENSSH_VERSION_MINOR=${OPENSSH_VERSION_MINOR})`
			`endif()`

tests: Fix running ssh-agent ssh-agent needs to be executed as the local user and not a fake user or we will not be able to add identies. Signed-off-by: Andreas Schneider <asn@cryptomilk.org> 2016-02-02 13:28:07 +03:00			`set(LOCAL_USER "nobody")`
			`set(LOCAL_UID "65533")`
			`find_program(ID_EXECUTABLE NAMES id)`
			`find_program(WHO_EXECUTABLE NAMES whoami)`
			`if (ID_EXECUTABLE AND WHO_EXECUTABLE)`
			`execute_process(COMMAND ${WHO_EXECUTABLE} OUTPUT_VARIABLE LOCAL_USER OUTPUT_STRIP_TRAILING_WHITESPACE)`
			`execute_process(COMMAND ${ID_EXECUTABLE} -u OUTPUT_VARIABLE LOCAL_UID OUTPUT_STRIP_TRAILING_WHITESPACE)`
			`endif()`

tests: Temporarily build chroot_wrapper 2017-11-23 14:52:08 +03:00			`# chroot_wrapper`
			`add_library(chroot_wrapper SHARED chroot_wrapper.c)`
tests: Fix chroot_wrapper location Signed-off-by: Andreas Schneider <asn@cryptomilk.org> 2018-11-15 15:38:02 +03:00			`set(CHROOT_WRAPPER_LIBRARY ${libssh_BINARY_DIR}/lib/${CMAKE_SHARED_LIBRARY_PREFIX}chroot_wrapper${CMAKE_SHARED_LIBRARY_SUFFIX})`
tests: Temporarily build chroot_wrapper 2017-11-23 14:52:08 +03:00			`set(TEST_TARGET_LIBRARIES`
			`${TEST_TARGET_LIBRARIES}`
			`chroot_wrapper`
			`)`

tests: Wait for the server to start The previous timeout of 500 ms was not enough on slower machines or while running the tests under valgrind. On much faster machines the sleep() was bringing unnecessary overhead. This method opens simple connection to the server verifying it is ready to accept the connection from the test for 5 seconds. It the server does not start until then, it fails the tests during initialization, rather than leaving the cases to run against missing server. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> 2018-09-18 16:28:48 +03:00			`# ssh_ping`
			`add_executable(ssh_ping ssh_ping.c)`
			`target_compile_options(ssh_ping PRIVATE ${DEFAULT_C_COMPILE_FLAGS})`
			`target_link_libraries(ssh_ping ${LIBSSH_SHARED_LIBRARY})`

cmake: Configure nss_wrapper and uid_wrapper Signed-off-by: Andreas Schneider <asn@cryptomilk.org> 2014-04-15 23:13:42 +04:00			`# homedir will be used in passwd`
			`set(HOMEDIR ${CMAKE_CURRENT_BINARY_DIR}/home)`

			`### Setup nss_wrapper`
			`configure_file(etc/passwd.in ${CMAKE_CURRENT_BINARY_DIR}/etc/passwd @ONLY)`
			`configure_file(etc/shadow.in ${CMAKE_CURRENT_BINARY_DIR}/etc/shadow @ONLY)`
			`configure_file(etc/group.in ${CMAKE_CURRENT_BINARY_DIR}/etc/group @ONLY)`
			`configure_file(etc/hosts.in ${CMAKE_CURRENT_BINARY_DIR}/etc/hosts @ONLY)`

tests: Turn on PAM support in sshd with pam_wrapper Signed-off-by: Andreas Schneider <asn@cryptomilk.org> 2015-10-01 14:56:32 +03:00			`### Setup pam_wrapper`
			`configure_file(etc/pam_matrix_passdb.in ${CMAKE_CURRENT_BINARY_DIR}/etc/pam_matrix_passdb @ONLY)`
			`configure_file(etc/pam.d/sshd.in ${CMAKE_CURRENT_BINARY_DIR}/etc/pam.d/sshd @ONLY)`

tests: Temporarily build chroot_wrapper 2017-11-23 14:52:08 +03:00
			`set(TORTURE_ENVIRONMENT "LD_PRELOAD=${SOCKET_WRAPPER_LIBRARY}:${NSS_WRAPPER_LIBRARY}:${UID_WRAPPER_LIBRARY}:${PAM_WRAPPER_LIBRARY}:${CHROOT_WRAPPER_LIBRARY}")`
tests: Always start tests as root so we can switch to a user Signed-off-by: Andreas Schneider <asn@cryptomilk.org> 2016-02-02 11:06:00 +03:00			`list(APPEND TORTURE_ENVIRONMENT UID_WRAPPER=1 UID_WRAPPER_ROOT=1)`
cmake: Configure nss_wrapper and uid_wrapper Signed-off-by: Andreas Schneider <asn@cryptomilk.org> 2014-04-15 23:13:42 +04:00			`list(APPEND TORTURE_ENVIRONMENT NSS_WRAPPER_PASSWD=${CMAKE_CURRENT_BINARY_DIR}/etc/passwd)`
			`list(APPEND TORTURE_ENVIRONMENT NSS_WRAPPER_SHADOW=${CMAKE_CURRENT_BINARY_DIR}/etc/shadow)`
			`list(APPEND TORTURE_ENVIRONMENT NSS_WRAPPER_GROUP=${CMAKE_CURRENT_BINARY_DIR}/etc/group)`
tests: Turn on PAM support in sshd with pam_wrapper Signed-off-by: Andreas Schneider <asn@cryptomilk.org> 2015-10-01 14:56:32 +03:00			`list(APPEND TORTURE_ENVIRONMENT PAM_WRAPPER_SERVICE_DIR=${CMAKE_CURRENT_BINARY_DIR}/etc/pam.d)`
cmake: Configure nss_wrapper and uid_wrapper Signed-off-by: Andreas Schneider <asn@cryptomilk.org> 2014-04-15 23:13:42 +04:00
tests: Add public keys for bob This also allows bob to auth as alice. Signed-off-by: Andreas Schneider <asn@cryptomilk.org> 2015-09-10 15:06:05 +03:00			`# Give bob some keys`
			`file(COPY keys/id_rsa DESTINATION ${CMAKE_CURRENT_BINARY_DIR}/home/bob/.ssh/ FILE_PERMISSIONS OWNER_READ OWNER_WRITE)`
			`file(COPY keys/id_rsa.pub DESTINATION ${CMAKE_CURRENT_BINARY_DIR}/home/bob/.ssh/ FILE_PERMISSIONS OWNER_READ OWNER_WRITE)`
tests: Verify the pubkey authentication works with ECDSA keys Signed-off-by: Jakub Jelen <jjelen@redhat.com> 2018-09-17 16:20:46 +03:00			`file(COPY keys/id_ecdsa DESTINATION ${CMAKE_CURRENT_BINARY_DIR}/home/bob/.ssh/ FILE_PERMISSIONS OWNER_READ OWNER_WRITE)`
			`file(COPY keys/id_ecdsa.pub DESTINATION ${CMAKE_CURRENT_BINARY_DIR}/home/bob/.ssh/ FILE_PERMISSIONS OWNER_READ OWNER_WRITE)`
tests: Verify we can authenticate using ed25519 key Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> 2018-10-19 17:40:41 +03:00			`file(COPY keys/id_ed25519 DESTINATION ${CMAKE_CURRENT_BINARY_DIR}/home/bob/.ssh/ FILE_PERMISSIONS OWNER_READ OWNER_WRITE)`
			`file(COPY keys/id_ed25519.pub DESTINATION ${CMAKE_CURRENT_BINARY_DIR}/home/bob/.ssh/ FILE_PERMISSIONS OWNER_READ OWNER_WRITE)`
tests: Add public keys for bob This also allows bob to auth as alice. Signed-off-by: Andreas Schneider <asn@cryptomilk.org> 2015-09-10 15:06:05 +03:00
			`# Allow to auth with bob his public keys on alice account`
			`configure_file(keys/id_rsa.pub ${CMAKE_CURRENT_BINARY_DIR}/home/alice/.ssh/authorized_keys @ONLY)`
tests: Verify the pubkey authentication works with ECDSA keys Signed-off-by: Jakub Jelen <jjelen@redhat.com> 2018-09-17 16:20:46 +03:00			`# append ECDSA public key`
			`file(READ keys/id_ecdsa.pub CONTENTS)`
			`file(APPEND ${CMAKE_CURRENT_BINARY_DIR}/home/alice/.ssh/authorized_keys "${CONTENTS}")`
tests: Add public keys for bob This also allows bob to auth as alice. Signed-off-by: Andreas Schneider <asn@cryptomilk.org> 2015-09-10 15:06:05 +03:00
tests: Verify we can authenticate using ed25519 key Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> 2018-10-19 17:40:41 +03:00			`# append ed25519 public key`
			`file(READ keys/id_ed25519.pub CONTENTS)`
			`file(APPEND ${CMAKE_CURRENT_BINARY_DIR}/home/alice/.ssh/authorized_keys "${CONTENTS}")`

torture_auth: Add tests for client side certificate authentication - enabled TrustedUserCAKeys option in torture.c - adds a new set of (signed) keys for bob in a separate dir The private key used to generate the certs is included, but not required. Signed-off-by: Axel Eppe <aeppe@google.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> 2016-03-04 03:11:24 +03:00			`# Copy the signed key to an alternative directory in bob's homedir.`
			`file(COPY keys/certauth/id_rsa DESTINATION ${CMAKE_CURRENT_BINARY_DIR}/home/bob/.ssh_cert/ FILE_PERMISSIONS OWNER_READ OWNER_WRITE)`
			`file(COPY keys/certauth/id_rsa.pub DESTINATION ${CMAKE_CURRENT_BINARY_DIR}/home/bob/.ssh_cert/ FILE_PERMISSIONS OWNER_READ OWNER_WRITE)`
			`file(COPY keys/certauth/id_rsa-cert.pub DESTINATION ${CMAKE_CURRENT_BINARY_DIR}/home/bob/.ssh_cert/ FILE_PERMISSIONS OWNER_READ OWNER_WRITE)`

cmake: Configure nss_wrapper and uid_wrapper Signed-off-by: Andreas Schneider <asn@cryptomilk.org> 2014-04-15 23:13:42 +04:00			`message(STATUS "TORTURE_ENVIRONMENT=${TORTURE_ENVIRONMENT}")`

tests: Move client tests to a seperate directory. Tests which require a running sshd should go to tests/client. 2010-06-03 14:36:00 +04:00			`add_subdirectory(client)`
cmake: Rename WITH_CLIENT_TESTING option to CLIENT_TESTING Signed-off-by: Andreas Schneider <asn@cryptomilk.org> 2018-06-29 11:31:09 +03:00			`endif (CLIENT_TESTING)`
Moved benchmarks to the tests/ directory 2010-12-28 15:17:27 +03:00
			`if (WITH_BENCHMARKS)`
			`add_subdirectory(benchmarks)`
cmake: Fixed test includes and libraries. 2010-12-29 22:11:00 +03:00			`endif (WITH_BENCHMARKS)`
Moved benchmarks to the tests/ directory 2010-12-28 15:17:27 +03:00
cmake: Add SERVER_TESTING option Signed-off-by: Andreas Schneider <asn@cryptomilk.org> 2018-06-29 11:49:14 +03:00			`if (WITH_SERVER AND SERVER_TESTING)`
tests: fix pkd build breakages Fix a build breakage when '-DWITH_SERVER=OFF' is set: skip building the pkd test for that case. Add some missing includes for the OpenIndiana and FreeBSD builds. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> 2014-10-13 14:06:39 +04:00			`add_subdirectory(pkd)`
tests: Added test server The server can be configured through command line options or by providing a state structure with the desired values set. Currently supports only password based authentication. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> 2018-11-07 19:11:04 +03:00			`add_subdirectory(server)`
cmake: Add SERVER_TESTING option Signed-off-by: Andreas Schneider <asn@cryptomilk.org> 2018-06-29 11:49:14 +03:00			`endif (WITH_SERVER AND SERVER_TESTING)`
cmake: Build ssh_server_fuzzer if enabled Fixes T67 Signed-off-by: Andreas Schneider <asn@cryptomilk.org> 2018-02-04 13:49:13 +03:00
			`if (FUZZ_TESTING)`
			`add_subdirectory(fuzz)`
			`endif()`