tests: HostkeyAlgorithms passed from config to options

Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-11-13 12:03:52 +01:00 · 2017-11-13 12:03:52 +01:00 · 5c7b8802f2
--- a/tests/unittests/torture_config.c
+++ b/tests/unittests/torture_config.c
@ -18,6 +18,7 @@
 #define PROXYCMD "ssh -q -W %h:%p gateway.example.com"
 #define ID_FILE "/etc/xxx"
 #define KEXALGORITHMS "ecdh-sha2-nistp521,diffie-hellman-group14-sha1"
+#define HOSTKEYALGORITHMS "ssh-ed25519,ecdsa-sha2-nistp521,ssh-rsa"
 #define MACS "hmac-sha1,hmac-sha2-256"

 static int setup_config_files(void **state)
@ -39,6 +40,7 @@ static int setup_config_files(void **state)
    torture_write_file(LIBSSH_TESTCONFIG3,
                       "\n\nIdentityFile "ID_FILE"\n"
                       "\n\nKexAlgorithms "KEXALGORITHMS"\n"
+                       "\n\nHostKeyAlgorithms "HOSTKEYALGORITHMS"\n"
                       "\n\nMACs "MACS"\n");

    /* Multiple Port settings -> parsing returns early. */
@ -106,6 +108,8 @@ static void torture_config_from_file(void **state) {

    assert_string_equal(session->opts.wanted_methods[SSH_KEX], KEXALGORITHMS);

+    assert_string_equal(session->opts.wanted_methods[SSH_HOSTKEYS], HOSTKEYALGORITHMS);
+
    assert_string_equal(session->opts.wanted_methods[SSH_MAC_C_S], MACS);
    assert_string_equal(session->opts.wanted_methods[SSH_MAC_S_C], MACS);
 }
--- a/tests/unittests/torture_options.c
+++ b/tests/unittests/torture_options.c
@ -87,6 +87,33 @@ static void torture_options_set_key_exchange(void **state)
    assert_false(rc == 0);
 }

+static void torture_options_set_hostkey(void **state) {
+    ssh_session session = *state;
+    int rc;
+
+    /* Test known host keys */
+    rc = ssh_options_set(session,
+                         SSH_OPTIONS_HOSTKEYS,
+                         "ssh-ed25519,ecdsa-sha2-nistp384,ssh-rsa");
+    assert_true(rc == 0);
+    assert_string_equal(session->opts.wanted_methods[SSH_HOSTKEYS],
+                        "ssh-ed25519,ecdsa-sha2-nistp384,ssh-rsa");
+
+    /* Test one unknown kex */
+    rc = ssh_options_set(session,
+                         SSH_OPTIONS_HOSTKEYS,
+                         "ssh-ed25519,unknown-crap@example.com,ssh-rsa");
+    assert_true(rc == 0);
+    assert_string_equal(session->opts.wanted_methods[SSH_HOSTKEYS],
+                        "ssh-ed25519,ssh-rsa");
+
+    /* Test all unknown kexes */
+    rc = ssh_options_set(session,
+                         SSH_OPTIONS_HOSTKEYS,
+                         "unknown-crap@example.com,more-crap@example.com");
+    assert_false(rc == 0);
+}
+
 static void torture_options_set_macs(void **state) {
    ssh_session session = *state;
    int rc;
@ -368,6 +395,7 @@ int torture_run_tests(void) {
        cmocka_unit_test_setup_teardown(torture_options_proxycommand, setup, teardown),
        cmocka_unit_test_setup_teardown(torture_options_set_ciphers, setup, teardown),
        cmocka_unit_test_setup_teardown(torture_options_set_key_exchange, setup, teardown),
+        cmocka_unit_test_setup_teardown(torture_options_set_hostkey, setup, teardown),
        cmocka_unit_test_setup_teardown(torture_options_set_macs, setup, teardown),
        cmocka_unit_test_setup_teardown(torture_options_config_host, setup, teardown)
    };