tests: use OpenSSH-provided ciphers
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Этот коммит содержится в:
Aris Adamantiadis
Andreas Schneider
родитель
177e76f753
Коммит
7ec67011c5
@ -472,8 +472,7 @@ static void torture_algorithms_3des_cbc_hmac_sha2_512_etm(void **state) {
|
||||
test_algorithm(s->ssh.session, NULL/*kex*/, "3des-cbc", "hmac-sha2-512-etm@openssh.com");
|
||||
}
|
||||
|
||||
#ifdef WITH_BLOWFISH_CIPHER
|
||||
#if ((OPENSSH_VERSION_MAJOR == 7 && OPENSSH_VERSION_MINOR < 6) || OPENSSH_VERSION_MAJOR <= 6)
|
||||
#if defined(WITH_BLOWFISH_CIPHER) && defined(OPENSSH_BLOWFISH_CBC)
|
||||
static void torture_algorithms_blowfish_cbc_hmac_sha1(void **state) {
|
||||
struct torture_state *s = *state;
|
||||
|
||||
@ -533,9 +532,9 @@ static void torture_algorithms_blowfish_cbc_hmac_sha2_512_etm(void **state) {
|
||||
|
||||
test_algorithm(s->ssh.session, NULL/*kex*/, "blowfish-cbc", "hmac-sha2-512-etm@openssh.com");
|
||||
}
|
||||
#endif
|
||||
#endif /* WITH_BLOWFISH_CIPHER */
|
||||
|
||||
#ifdef OPENSSH_CHACHA20_POLY1305_OPENSSH_COM
|
||||
static void torture_algorithms_chacha20_poly1305(void **state)
|
||||
{
|
||||
struct torture_state *s = *state;
|
||||
@ -549,6 +548,7 @@ static void torture_algorithms_chacha20_poly1305(void **state)
|
||||
"chacha20-poly1305@openssh.com",
|
||||
NULL);
|
||||
}
|
||||
#endif /* OPENSSH_CHACHA20_POLY1305_OPENSSH_COM */
|
||||
|
||||
static void torture_algorithms_zlib(void **state) {
|
||||
struct torture_state *s = *state;
|
||||
@ -647,7 +647,7 @@ static void torture_algorithms_ecdh_sha2_nistp521(void **state) {
|
||||
}
|
||||
#endif
|
||||
|
||||
#if ((OPENSSH_VERSION_MAJOR == 7 && OPENSSH_VERSION_MINOR >= 3) || OPENSSH_VERSION_MAJOR > 7)
|
||||
#ifdef OPENSSH_CURVE25519_SHA256
|
||||
static void torture_algorithms_ecdh_curve25519_sha256(void **state) {
|
||||
struct torture_state *s = *state;
|
||||
|
||||
@ -657,9 +657,9 @@ static void torture_algorithms_ecdh_curve25519_sha256(void **state) {
|
||||
|
||||
test_algorithm(s->ssh.session, "curve25519-sha256", NULL/*cipher*/, NULL/*hmac*/);
|
||||
}
|
||||
#endif
|
||||
#endif /* OPENSSH_CURVE25519_SHA256 */
|
||||
|
||||
#if ((OPENSSH_VERSION_MAJOR == 6 && OPENSSH_VERSION_MINOR >= 5) || OPENSSH_VERSION_MAJOR > 6)
|
||||
#ifdef OPENSSH_CURVE25519_SHA256_LIBSSH_ORG
|
||||
static void torture_algorithms_ecdh_curve25519_sha256_libssh_org(void **state) {
|
||||
struct torture_state *s = *state;
|
||||
|
||||
@ -669,7 +669,7 @@ static void torture_algorithms_ecdh_curve25519_sha256_libssh_org(void **state) {
|
||||
|
||||
test_algorithm(s->ssh.session, "curve25519-sha256@libssh.org", NULL/*cipher*/, NULL/*hmac*/);
|
||||
}
|
||||
#endif
|
||||
#endif /* OPENSSH_CURVE25519_SHA256_LIBSSH_ORG */
|
||||
|
||||
static void torture_algorithms_dh_group1(void **state) {
|
||||
struct torture_state *s = *state;
|
||||
@ -864,8 +864,7 @@ int torture_run_tests(void) {
|
||||
cmocka_unit_test_setup_teardown(torture_algorithms_3des_cbc_hmac_sha2_512_etm,
|
||||
session_setup,
|
||||
session_teardown),
|
||||
#ifdef WITH_BLOWFISH_CIPHER
|
||||
#if ((OPENSSH_VERSION_MAJOR == 7 && OPENSSH_VERSION_MINOR < 6) || OPENSSH_VERSION_MAJOR <= 6)
|
||||
#if defined(WITH_BLOWFISH_CIPHER) && defined(OPENSSH_BLOWFISH_CBC)
|
||||
cmocka_unit_test_setup_teardown(torture_algorithms_blowfish_cbc_hmac_sha1,
|
||||
session_setup,
|
||||
session_teardown),
|
||||
@ -884,11 +883,12 @@ int torture_run_tests(void) {
|
||||
cmocka_unit_test_setup_teardown(torture_algorithms_blowfish_cbc_hmac_sha2_512_etm,
|
||||
session_setup,
|
||||
session_teardown),
|
||||
#endif
|
||||
#endif /* WITH_BLOWFISH_CIPHER */
|
||||
#ifdef OPENSSH_CHACHA20_POLY1305_OPENSSH_COM
|
||||
cmocka_unit_test_setup_teardown(torture_algorithms_chacha20_poly1305,
|
||||
session_setup,
|
||||
session_teardown),
|
||||
#endif /* OPENSSH_CHACHA20_POLY1305_OPENSSH_COM */
|
||||
cmocka_unit_test_setup_teardown(torture_algorithms_zlib,
|
||||
session_setup,
|
||||
session_teardown),
|
||||
@ -915,16 +915,16 @@ int torture_run_tests(void) {
|
||||
session_setup,
|
||||
session_teardown),
|
||||
#endif /* WITH_GEX */
|
||||
#if ((OPENSSH_VERSION_MAJOR == 7 && OPENSSH_VERSION_MINOR >= 3) || OPENSSH_VERSION_MAJOR > 7)
|
||||
#ifdef OPENSSH_CURVE25519_SHA256
|
||||
cmocka_unit_test_setup_teardown(torture_algorithms_ecdh_curve25519_sha256,
|
||||
session_setup,
|
||||
session_teardown),
|
||||
#endif
|
||||
#if ((OPENSSH_VERSION_MAJOR == 6 && OPENSSH_VERSION_MINOR >= 5) || OPENSSH_VERSION_MAJOR > 6)
|
||||
#endif /* OPENSSH_CURVE25519_SHA256 */
|
||||
#ifdef OPENSSH_CURVE25519_SHA256_LIBSSH_ORG
|
||||
cmocka_unit_test_setup_teardown(torture_algorithms_ecdh_curve25519_sha256_libssh_org,
|
||||
session_setup,
|
||||
session_teardown),
|
||||
#endif
|
||||
#endif /* OPENSSH_CURVE25519_SHA256_LIBSSH_ORG */
|
||||
#if defined(HAVE_ECC)
|
||||
cmocka_unit_test_setup_teardown(torture_algorithms_ecdh_sha2_nistp256,
|
||||
session_setup,
|
||||
|
||||
@ -604,20 +604,15 @@ static void torture_setup_create_sshd_config(void **state, bool pam)
|
||||
"/usr/libexec/openssh/sftp-server",
|
||||
"/usr/lib/openssh/sftp-server", /* Debian */
|
||||
};
|
||||
#ifndef OPENSSH_VERSION_MAJOR
|
||||
#warning "OPENSSH_VERSION_MAJOR undefined, using default"
|
||||
#define OPENSSH_VERSION_MAJOR 7U
|
||||
#define OPENSSH_VERSION_MINOR 0U
|
||||
#endif /* OPENSSH_VERSION_MAJOR */
|
||||
const char config_string[]=
|
||||
"Port 22\n"
|
||||
"ListenAddress 127.0.0.10\n"
|
||||
"%s %s\n"
|
||||
"%s %s\n" /* ed25519 HostKey */
|
||||
#ifdef HAVE_DSA
|
||||
"%s %s\n"
|
||||
"%s %s\n" /* DSA HostKey */
|
||||
#endif /* HAVE_DSA */
|
||||
"%s %s\n"
|
||||
"%s %s\n"
|
||||
"%s %s\n" /* RSA HostKey */
|
||||
"%s %s\n" /* ECDSA HostKey */
|
||||
"\n"
|
||||
"TrustedUserCAKeys %s\n"
|
||||
"\n"
|
||||
@ -631,33 +626,11 @@ static void torture_setup_create_sshd_config(void **state, bool pam)
|
||||
"\n"
|
||||
"%s" /* Here comes UsePam */
|
||||
"\n"
|
||||
#if (OPENSSH_VERSION_MAJOR == 6 && OPENSSH_VERSION_MINOR >= 7) || (OPENSSH_VERSION_MAJOR >= 7)
|
||||
# ifdef HAVE_DSA
|
||||
"HostKeyAlgorithms +ssh-dss\n"
|
||||
# else /* HAVE_DSA */
|
||||
"HostKeyAlgorithms +ssh-rsa\n"
|
||||
# endif /* HAVE_DSA */
|
||||
# if (OPENSSH_VERSION_MAJOR == 7 && OPENSSH_VERSION_MINOR < 6)
|
||||
"Ciphers +3des-cbc,aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc\n"
|
||||
# else /* OPENSSH_VERSION 7.0 - 7.5 */
|
||||
"Ciphers +3des-cbc,aes128-cbc,aes192-cbc,aes256-cbc\n"
|
||||
# endif /* OPENSSH_VERSION 7.0 - 7.6 */
|
||||
"KexAlgorithms +diffie-hellman-group1-sha1,"
|
||||
"diffie-hellman-group-exchange-sha1"
|
||||
#else /* OPENSSH_VERSION >= 6.7 */
|
||||
"Ciphers 3des-cbc,aes128-cbc,aes192-cbc,aes256-cbc,aes128-ctr,"
|
||||
"aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,"
|
||||
"aes256-gcm@openssh.com,arcfour128,arcfour256,arcfour,"
|
||||
"blowfish-cbc,cast128-cbc,chacha20-poly1305@openssh.com\n"
|
||||
"KexAlgorithms curve25519-sha256@libssh.org,ecdh-sha2-nistp256,"
|
||||
"ecdh-sha2-nistp384,ecdh-sha2-nistp521,"
|
||||
"diffie-hellman-group-exchange-sha256,"
|
||||
"diffie-hellman-group-exchange-sha1,"
|
||||
"diffie-hellman-group16-sha512,"
|
||||
"diffie-hellman-group18-sha512,"
|
||||
"diffie-hellman-group14-sha1,"
|
||||
"diffie-hellman-group1-sha1\n"
|
||||
#endif /* OPENSSH_VERSION >= 6.7 */
|
||||
/* add all supported algorithms */
|
||||
"HostKeyAlgorithms " OPENSSH_KEYS "\n"
|
||||
"Ciphers " OPENSSH_CIPHERS "\n"
|
||||
"KexAlgorithms " OPENSSH_KEX "\n"
|
||||
"MACs " OPENSSH_MACS "\n"
|
||||
"\n"
|
||||
"AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES\n"
|
||||
"AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT\n"
|
||||
@ -669,8 +642,8 @@ static void torture_setup_create_sshd_config(void **state, bool pam)
|
||||
const char fips_config_string[]=
|
||||
"Port 22\n"
|
||||
"ListenAddress 127.0.0.10\n"
|
||||
"%s %s\n" /* HostKey */
|
||||
"%s %s\n" /* HostKey */
|
||||
"%s %s\n" /* RSA HostKey */
|
||||
"%s %s\n" /* ECDSA HostKey */
|
||||
"\n"
|
||||
"TrustedUserCAKeys %s\n" /* Trusted CA */
|
||||
"\n"
|
||||
|
||||
Загрузка…
x
Ссылка в новой задаче
Block a user