diff --git a/tests/client/torture_algorithms.c b/tests/client/torture_algorithms.c index 247ed29d..c60e2645 100644 --- a/tests/client/torture_algorithms.c +++ b/tests/client/torture_algorithms.c @@ -472,8 +472,7 @@ static void torture_algorithms_3des_cbc_hmac_sha2_512_etm(void **state) { test_algorithm(s->ssh.session, NULL/*kex*/, "3des-cbc", "hmac-sha2-512-etm@openssh.com"); } -#ifdef WITH_BLOWFISH_CIPHER -#if ((OPENSSH_VERSION_MAJOR == 7 && OPENSSH_VERSION_MINOR < 6) || OPENSSH_VERSION_MAJOR <= 6) +#if defined(WITH_BLOWFISH_CIPHER) && defined(OPENSSH_BLOWFISH_CBC) static void torture_algorithms_blowfish_cbc_hmac_sha1(void **state) { struct torture_state *s = *state; @@ -533,9 +532,9 @@ static void torture_algorithms_blowfish_cbc_hmac_sha2_512_etm(void **state) { test_algorithm(s->ssh.session, NULL/*kex*/, "blowfish-cbc", "hmac-sha2-512-etm@openssh.com"); } -#endif #endif /* WITH_BLOWFISH_CIPHER */ +#ifdef OPENSSH_CHACHA20_POLY1305_OPENSSH_COM static void torture_algorithms_chacha20_poly1305(void **state) { struct torture_state *s = *state; @@ -549,6 +548,7 @@ static void torture_algorithms_chacha20_poly1305(void **state) "chacha20-poly1305@openssh.com", NULL); } +#endif /* OPENSSH_CHACHA20_POLY1305_OPENSSH_COM */ static void torture_algorithms_zlib(void **state) { struct torture_state *s = *state; @@ -647,7 +647,7 @@ static void torture_algorithms_ecdh_sha2_nistp521(void **state) { } #endif -#if ((OPENSSH_VERSION_MAJOR == 7 && OPENSSH_VERSION_MINOR >= 3) || OPENSSH_VERSION_MAJOR > 7) +#ifdef OPENSSH_CURVE25519_SHA256 static void torture_algorithms_ecdh_curve25519_sha256(void **state) { struct torture_state *s = *state; @@ -657,9 +657,9 @@ static void torture_algorithms_ecdh_curve25519_sha256(void **state) { test_algorithm(s->ssh.session, "curve25519-sha256", NULL/*cipher*/, NULL/*hmac*/); } -#endif +#endif /* OPENSSH_CURVE25519_SHA256 */ -#if ((OPENSSH_VERSION_MAJOR == 6 && OPENSSH_VERSION_MINOR >= 5) || OPENSSH_VERSION_MAJOR > 6) +#ifdef OPENSSH_CURVE25519_SHA256_LIBSSH_ORG static void torture_algorithms_ecdh_curve25519_sha256_libssh_org(void **state) { struct torture_state *s = *state; @@ -669,7 +669,7 @@ static void torture_algorithms_ecdh_curve25519_sha256_libssh_org(void **state) { test_algorithm(s->ssh.session, "curve25519-sha256@libssh.org", NULL/*cipher*/, NULL/*hmac*/); } -#endif +#endif /* OPENSSH_CURVE25519_SHA256_LIBSSH_ORG */ static void torture_algorithms_dh_group1(void **state) { struct torture_state *s = *state; @@ -864,8 +864,7 @@ int torture_run_tests(void) { cmocka_unit_test_setup_teardown(torture_algorithms_3des_cbc_hmac_sha2_512_etm, session_setup, session_teardown), -#ifdef WITH_BLOWFISH_CIPHER -#if ((OPENSSH_VERSION_MAJOR == 7 && OPENSSH_VERSION_MINOR < 6) || OPENSSH_VERSION_MAJOR <= 6) +#if defined(WITH_BLOWFISH_CIPHER) && defined(OPENSSH_BLOWFISH_CBC) cmocka_unit_test_setup_teardown(torture_algorithms_blowfish_cbc_hmac_sha1, session_setup, session_teardown), @@ -884,11 +883,12 @@ int torture_run_tests(void) { cmocka_unit_test_setup_teardown(torture_algorithms_blowfish_cbc_hmac_sha2_512_etm, session_setup, session_teardown), -#endif #endif /* WITH_BLOWFISH_CIPHER */ +#ifdef OPENSSH_CHACHA20_POLY1305_OPENSSH_COM cmocka_unit_test_setup_teardown(torture_algorithms_chacha20_poly1305, session_setup, session_teardown), +#endif /* OPENSSH_CHACHA20_POLY1305_OPENSSH_COM */ cmocka_unit_test_setup_teardown(torture_algorithms_zlib, session_setup, session_teardown), @@ -915,16 +915,16 @@ int torture_run_tests(void) { session_setup, session_teardown), #endif /* WITH_GEX */ -#if ((OPENSSH_VERSION_MAJOR == 7 && OPENSSH_VERSION_MINOR >= 3) || OPENSSH_VERSION_MAJOR > 7) +#ifdef OPENSSH_CURVE25519_SHA256 cmocka_unit_test_setup_teardown(torture_algorithms_ecdh_curve25519_sha256, session_setup, session_teardown), -#endif -#if ((OPENSSH_VERSION_MAJOR == 6 && OPENSSH_VERSION_MINOR >= 5) || OPENSSH_VERSION_MAJOR > 6) +#endif /* OPENSSH_CURVE25519_SHA256 */ +#ifdef OPENSSH_CURVE25519_SHA256_LIBSSH_ORG cmocka_unit_test_setup_teardown(torture_algorithms_ecdh_curve25519_sha256_libssh_org, session_setup, session_teardown), -#endif +#endif /* OPENSSH_CURVE25519_SHA256_LIBSSH_ORG */ #if defined(HAVE_ECC) cmocka_unit_test_setup_teardown(torture_algorithms_ecdh_sha2_nistp256, session_setup, diff --git a/tests/torture.c b/tests/torture.c index 62d4c396..943486c2 100644 --- a/tests/torture.c +++ b/tests/torture.c @@ -604,20 +604,15 @@ static void torture_setup_create_sshd_config(void **state, bool pam) "/usr/libexec/openssh/sftp-server", "/usr/lib/openssh/sftp-server", /* Debian */ }; -#ifndef OPENSSH_VERSION_MAJOR -#warning "OPENSSH_VERSION_MAJOR undefined, using default" -#define OPENSSH_VERSION_MAJOR 7U -#define OPENSSH_VERSION_MINOR 0U -#endif /* OPENSSH_VERSION_MAJOR */ const char config_string[]= "Port 22\n" "ListenAddress 127.0.0.10\n" - "%s %s\n" + "%s %s\n" /* ed25519 HostKey */ #ifdef HAVE_DSA - "%s %s\n" + "%s %s\n" /* DSA HostKey */ #endif /* HAVE_DSA */ - "%s %s\n" - "%s %s\n" + "%s %s\n" /* RSA HostKey */ + "%s %s\n" /* ECDSA HostKey */ "\n" "TrustedUserCAKeys %s\n" "\n" @@ -631,33 +626,11 @@ static void torture_setup_create_sshd_config(void **state, bool pam) "\n" "%s" /* Here comes UsePam */ "\n" -#if (OPENSSH_VERSION_MAJOR == 6 && OPENSSH_VERSION_MINOR >= 7) || (OPENSSH_VERSION_MAJOR >= 7) -# ifdef HAVE_DSA - "HostKeyAlgorithms +ssh-dss\n" -# else /* HAVE_DSA */ - "HostKeyAlgorithms +ssh-rsa\n" -# endif /* HAVE_DSA */ -# if (OPENSSH_VERSION_MAJOR == 7 && OPENSSH_VERSION_MINOR < 6) - "Ciphers +3des-cbc,aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc\n" -# else /* OPENSSH_VERSION 7.0 - 7.5 */ - "Ciphers +3des-cbc,aes128-cbc,aes192-cbc,aes256-cbc\n" -# endif /* OPENSSH_VERSION 7.0 - 7.6 */ - "KexAlgorithms +diffie-hellman-group1-sha1," - "diffie-hellman-group-exchange-sha1" -#else /* OPENSSH_VERSION >= 6.7 */ - "Ciphers 3des-cbc,aes128-cbc,aes192-cbc,aes256-cbc,aes128-ctr," - "aes192-ctr,aes256-ctr,aes128-gcm@openssh.com," - "aes256-gcm@openssh.com,arcfour128,arcfour256,arcfour," - "blowfish-cbc,cast128-cbc,chacha20-poly1305@openssh.com\n" - "KexAlgorithms curve25519-sha256@libssh.org,ecdh-sha2-nistp256," - "ecdh-sha2-nistp384,ecdh-sha2-nistp521," - "diffie-hellman-group-exchange-sha256," - "diffie-hellman-group-exchange-sha1," - "diffie-hellman-group16-sha512," - "diffie-hellman-group18-sha512," - "diffie-hellman-group14-sha1," - "diffie-hellman-group1-sha1\n" -#endif /* OPENSSH_VERSION >= 6.7 */ + /* add all supported algorithms */ + "HostKeyAlgorithms " OPENSSH_KEYS "\n" + "Ciphers " OPENSSH_CIPHERS "\n" + "KexAlgorithms " OPENSSH_KEX "\n" + "MACs " OPENSSH_MACS "\n" "\n" "AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES\n" "AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT\n" @@ -669,8 +642,8 @@ static void torture_setup_create_sshd_config(void **state, bool pam) const char fips_config_string[]= "Port 22\n" "ListenAddress 127.0.0.10\n" - "%s %s\n" /* HostKey */ - "%s %s\n" /* HostKey */ + "%s %s\n" /* RSA HostKey */ + "%s %s\n" /* ECDSA HostKey */ "\n" "TrustedUserCAKeys %s\n" /* Trusted CA */ "\n"