1
1
Граф коммитов

127 Коммитов

Автор SHA1 Сообщение Дата
Jakub Jelen
8e211c0689 tests: Verify various host keys can be successfully negotiated and verified
This verifies that all the supported host keys can be used and
verified by the client, including the SHA2 extension in RFC 8332.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-04 07:52:50 +02:00
Andreas Schneider
3141dec632 known_hosts: Remove deprecated ssh_knownhosts_algorithms()
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-03 15:08:40 +02:00
Andreas Schneider
539d7ba249 kex: Use ssh_known_hosts_get_algorithms()
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-03 15:08:40 +02:00
Andreas Schneider
83a46c7756 tests: Add knownhosts test for detecting conflics
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-03 15:08:40 +02:00
Andreas Schneider
de44fdfd35 tests: Add knownhosts test for SSH_KNOWN_HOSTS_UNKNOWN
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-03 15:08:40 +02:00
Andreas Schneider
65a5154eff tests: Add knownhosts test for SSH_KNOWN_HOSTS_OTHER
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-03 15:08:40 +02:00
Andreas Schneider
77e1761734 tests: Add client test for ssh_known_hosts_get_algorithms()
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-03 15:08:40 +02:00
Andreas Schneider
e73ae60e1a tests: Use assert_ssh_return_code() in client tests
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-03 07:45:51 +02:00
Andreas Schneider
b4462bdea0 tests: Use assert_ssh_return_code() in torture_algorithms
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-02 08:03:20 +02:00
Andreas Schneider
f425ebb098 tests: Use new assert ssh return code macros in torture_connect
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-30 14:37:04 +02:00
Tilo Eckert
a4a6017e6e tests: add algorithm tests for kex curve25519
Signed-off-by: Tilo Eckert <tilo.eckert@flam.de>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-29 15:57:45 +02:00
Aris Adamantiadis
23accdde1a tests: send more packets of various sizes
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-28 09:06:30 +02:00
Aris Adamantiadis
27711f6a4c tests: test for chacha20-poly1305@openssh.com
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-28 09:06:30 +02:00
Andreas Schneider
03b05c8a5e tests: Add missing newline to KNOWN_HOST_ENTRY_ED25519
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-05 14:42:21 +02:00
Andreas Schneider
9e4f9a26d4 tests: Allow knownhosts verify test to validate ed25519 and ecdsa
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-05 10:50:59 +02:00
Andreas Schneider
a209f928d2 kwonhosts: Add functions to check if servers public key is known
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-04 11:20:28 +02:00
Andreas Schneider
974e1831a0 knownhosts: Add ssh_session_export_known_hosts_entry()
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-04 11:20:28 +02:00
Andreas Schneider
bcaeaf17af tests: Fix size for bob_ssh_cert
Fixes a gcc8 warning.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-04 11:12:36 +02:00
Andreas Schneider
72f6b34dbc tests: We should only init and finalize libssh once
This should fix a segfault with gcrypt.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-05-07 08:33:32 +02:00
Juraj Vijtiuk
778652460f add mbedtls crypto support
Summary:
This patch adds support for mbedTLS as a crypto backend for libssh.
mbedTLS is an SSL/TLS library that has been designed to mainly be used
in embedded systems.  It is loosely coupled and has a low memory
footprint.  mbedTLS also provides a cryptography library (libmbedcrypto)
that can be used without the TLS modules.
The patch is unfortunately quite big, since several new files had to
be added.
DSA is disabled at compile time, since mbedTLS doesn't support DSA
Patch review and feedback would be appreciated, and if any issues or
suggestions appear, I'm willing to work on them.

Signed-off-by: Juraj Vijtiuk <juraj.vijtiuk@sartura.hr>

Test Plan:
* The patch has been tested with a Debug and MinSizeRel build, with
libssh unit tests, client tests and the pkd tests.
* All the tests have been run with valgrind's memcheck, drd and helgrind
tools.
* The examples/samplessh client works when built with the patch.

Reviewers: asn, aris

Subscribers: simonsj

Differential Revision: https://bugs.libssh.org/D1
2017-12-28 11:17:39 +01:00
Jakub Jelen
176b92a4f4 tests/client/algorithms: Respect global verbosity settings
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-12-21 11:43:19 +01:00
Jakub Jelen
b92c499626 tests: Do not test blowfish ciphers with OpenSSH 7.6 and newer 2017-12-15 11:59:19 +01:00
Andreas Schneider
7a65f7f028 test: ssh_userauth_kbdint_setanswer() does not network interaction
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-11-09 15:35:22 +01:00
Jon Simons
9d79b7629c torture_algorithms: deduplicate kex method passes
Summary: Signed-off-by: Jon Simons <jon@jonsimons.org>

Test Plan:  * Re-ran the `torture_algorithms` test.

Reviewers: asn

Tags: #libssh

Differential Revision: https://bugs.libssh.org/D8
2017-10-29 15:50:09 +01:00
Andreas Schneider
f0ddde4826 Fix config.h includes
We need stdlib.h and string.h in priv.h for free() and memset().

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-10-28 14:31:37 +02:00
Jon Simons
6252aab88a ecdh: enable ecdh_sha2_nistp{384,521} kex methods
Summary:
Based on Dirkjan's original patch series here:

 * https://www.libssh.org/archive/libssh/2015-08/0000029.html

Here the changes are adapted for the current master
branch, and expanded to include libgcrypt support.

Co-Authored-By: Dirkjan Bussink <d.bussink@gmail.com>
Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>

Test Plan:
 * Ran pkd tests for libcrypto and libgcrypt builds.
 * Ran client torture_algorithms.c tests for libcrypto and libgcrypt builds.
 * Tested across multiple libgcrypts ("1.6.3" and "1.7.6-beta").

Reviewers: aris, asn

Tags: #libssh

Differential Revision: https://bugs.libssh.org/D7
2017-08-24 18:18:41 +02:00
Aris Adamantiadis
b0c2ca1b66 tests: fix buffer overflow in testcase 2017-06-07 18:49:56 +02:00
Andreas Schneider
f8ef200e76 tests: Fix session management of torture_knownhosts
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-08 08:16:20 +01:00
Andreas Schneider
528b9c5323 cmake: Correctly check for sys/[u]time.h
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-06 11:52:12 +01:00
Andreas Schneider
e9aebb1198 tests: Fix memory leak in torture_auth_cert
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-05 11:13:43 +01:00
Andreas Schneider
5b84772343 tests: Fix memory leak in torture_auth_cert
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-04 08:15:38 +01:00
Andreas Schneider
d8474207b6 tests: Fix memory leaks in torture_knownhosts
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-04 08:11:50 +01:00
Andreas Schneider
1ec528b048 tests: Add test for sftp_fsync()
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-10-08 13:38:56 +02:00
Andreas Schneider
2fe9c2e352 tests: Improve the torture_request_env test
This still doesn't work on FreeBSD

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-05-03 12:52:07 +02:00
Axel Eppe
252cd6eae9 torture_auth: Add tests for client side certificate authentication
- enabled TrustedUserCAKeys option in torture.c
 - adds a new set of (signed) keys for bob in a separate dir

 The private key used to generate the certs is included, but not required.

Signed-off-by: Axel Eppe <aeppe@google.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2016-03-15 08:38:13 +01:00
Andreas Schneider
f128ffd88b tests: Fix running ssh-agent
ssh-agent needs to be executed as the local user and not a fake user or
we will not be able to add identies.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-02-03 09:01:29 +01:00
Andreas Schneider
cbd75c3e35 tests: Switch to user bob in setup
This makes sure we can apply options correctly.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-02-03 09:01:24 +01:00
Fabiano Fidêncio
77052d3a1e cleanup: use ssh_ prefix in the agent (non-static) functions
Having "ssh_" prefix in the functions' name will avoid possible clashes
when compiling libssh statically.

Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-19 11:31:07 +01:00
Andreas Schneider
485d78d768 tests: Turn on kbdint tests in torture_auth
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
6e7eae968a tests: Support other openssh versions ...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
5bb9b570f4 tests: Rename torture_sftp_static to torture_sftp_ext
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
571f547556 tests: Migrate torture_sftp_read to a cwrap test
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
af3de262b6 tests: Migrate torture_sftp_dir to cwrap test
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
4bc6af6c17 tests: Migrate torture_request_env to cwrap test
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
27834cce2c tests: Migrate torture_session to cwrap test
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
e4653b82bd tests: Migrate torture_proxycommand to new cwrap test
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
b65dcb3a35 tests: Migrate torture_knownhosts to new cwrap test
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
be25b58380 tests: Migrate torture_forward to a cwrap test
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
3014e3c458 tests: Migrate torture_algorithms to a cwrap test
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
112d4cc7e6 tests: Migrate torture_auth as a cwrap test
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00