Jakub Jelen
8e211c0689
tests: Verify various host keys can be successfully negotiated and verified
...
This verifies that all the supported host keys can be used and
verified by the client, including the SHA2 extension in RFC 8332.
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-04 07:52:50 +02:00
Andreas Schneider
3141dec632
known_hosts: Remove deprecated ssh_knownhosts_algorithms()
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-03 15:08:40 +02:00
Andreas Schneider
539d7ba249
kex: Use ssh_known_hosts_get_algorithms()
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-03 15:08:40 +02:00
Andreas Schneider
83a46c7756
tests: Add knownhosts test for detecting conflics
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-03 15:08:40 +02:00
Andreas Schneider
de44fdfd35
tests: Add knownhosts test for SSH_KNOWN_HOSTS_UNKNOWN
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-03 15:08:40 +02:00
Andreas Schneider
65a5154eff
tests: Add knownhosts test for SSH_KNOWN_HOSTS_OTHER
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-03 15:08:40 +02:00
Andreas Schneider
77e1761734
tests: Add client test for ssh_known_hosts_get_algorithms()
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-03 15:08:40 +02:00
Andreas Schneider
e73ae60e1a
tests: Use assert_ssh_return_code() in client tests
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-03 07:45:51 +02:00
Andreas Schneider
b4462bdea0
tests: Use assert_ssh_return_code() in torture_algorithms
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-02 08:03:20 +02:00
Andreas Schneider
f425ebb098
tests: Use new assert ssh return code macros in torture_connect
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-30 14:37:04 +02:00
Tilo Eckert
a4a6017e6e
tests: add algorithm tests for kex curve25519
...
Signed-off-by: Tilo Eckert <tilo.eckert@flam.de>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-29 15:57:45 +02:00
Aris Adamantiadis
23accdde1a
tests: send more packets of various sizes
...
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-28 09:06:30 +02:00
Aris Adamantiadis
27711f6a4c
tests: test for chacha20-poly1305@openssh.com
...
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-28 09:06:30 +02:00
Andreas Schneider
03b05c8a5e
tests: Add missing newline to KNOWN_HOST_ENTRY_ED25519
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-05 14:42:21 +02:00
Andreas Schneider
9e4f9a26d4
tests: Allow knownhosts verify test to validate ed25519 and ecdsa
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-05 10:50:59 +02:00
Andreas Schneider
a209f928d2
kwonhosts: Add functions to check if servers public key is known
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-04 11:20:28 +02:00
Andreas Schneider
974e1831a0
knownhosts: Add ssh_session_export_known_hosts_entry()
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-04 11:20:28 +02:00
Andreas Schneider
bcaeaf17af
tests: Fix size for bob_ssh_cert
...
Fixes a gcc8 warning.
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-04 11:12:36 +02:00
Andreas Schneider
72f6b34dbc
tests: We should only init and finalize libssh once
...
This should fix a segfault with gcrypt.
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-05-07 08:33:32 +02:00
Juraj Vijtiuk
778652460f
add mbedtls crypto support
...
Summary:
This patch adds support for mbedTLS as a crypto backend for libssh.
mbedTLS is an SSL/TLS library that has been designed to mainly be used
in embedded systems. It is loosely coupled and has a low memory
footprint. mbedTLS also provides a cryptography library (libmbedcrypto)
that can be used without the TLS modules.
The patch is unfortunately quite big, since several new files had to
be added.
DSA is disabled at compile time, since mbedTLS doesn't support DSA
Patch review and feedback would be appreciated, and if any issues or
suggestions appear, I'm willing to work on them.
Signed-off-by: Juraj Vijtiuk <juraj.vijtiuk@sartura.hr>
Test Plan:
* The patch has been tested with a Debug and MinSizeRel build, with
libssh unit tests, client tests and the pkd tests.
* All the tests have been run with valgrind's memcheck, drd and helgrind
tools.
* The examples/samplessh client works when built with the patch.
Reviewers: asn, aris
Subscribers: simonsj
Differential Revision: https://bugs.libssh.org/D1
2017-12-28 11:17:39 +01:00
Jakub Jelen
176b92a4f4
tests/client/algorithms: Respect global verbosity settings
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-12-21 11:43:19 +01:00
Jakub Jelen
b92c499626
tests: Do not test blowfish ciphers with OpenSSH 7.6 and newer
2017-12-15 11:59:19 +01:00
Andreas Schneider
7a65f7f028
test: ssh_userauth_kbdint_setanswer() does not network interaction
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-11-09 15:35:22 +01:00
Jon Simons
9d79b7629c
torture_algorithms: deduplicate kex method passes
...
Summary: Signed-off-by: Jon Simons <jon@jonsimons.org>
Test Plan: * Re-ran the `torture_algorithms` test.
Reviewers: asn
Tags: #libssh
Differential Revision: https://bugs.libssh.org/D8
2017-10-29 15:50:09 +01:00
Andreas Schneider
f0ddde4826
Fix config.h includes
...
We need stdlib.h and string.h in priv.h for free() and memset().
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-10-28 14:31:37 +02:00
Jon Simons
6252aab88a
ecdh: enable ecdh_sha2_nistp{384,521} kex methods
...
Summary:
Based on Dirkjan's original patch series here:
* https://www.libssh.org/archive/libssh/2015-08/0000029.html
Here the changes are adapted for the current master
branch, and expanded to include libgcrypt support.
Co-Authored-By: Dirkjan Bussink <d.bussink@gmail.com>
Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Test Plan:
* Ran pkd tests for libcrypto and libgcrypt builds.
* Ran client torture_algorithms.c tests for libcrypto and libgcrypt builds.
* Tested across multiple libgcrypts ("1.6.3" and "1.7.6-beta").
Reviewers: aris, asn
Tags: #libssh
Differential Revision: https://bugs.libssh.org/D7
2017-08-24 18:18:41 +02:00
Aris Adamantiadis
b0c2ca1b66
tests: fix buffer overflow in testcase
2017-06-07 18:49:56 +02:00
Andreas Schneider
f8ef200e76
tests: Fix session management of torture_knownhosts
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-08 08:16:20 +01:00
Andreas Schneider
528b9c5323
cmake: Correctly check for sys/[u]time.h
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-06 11:52:12 +01:00
Andreas Schneider
e9aebb1198
tests: Fix memory leak in torture_auth_cert
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-05 11:13:43 +01:00
Andreas Schneider
5b84772343
tests: Fix memory leak in torture_auth_cert
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-04 08:15:38 +01:00
Andreas Schneider
d8474207b6
tests: Fix memory leaks in torture_knownhosts
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-04 08:11:50 +01:00
Andreas Schneider
1ec528b048
tests: Add test for sftp_fsync()
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-10-08 13:38:56 +02:00
Andreas Schneider
2fe9c2e352
tests: Improve the torture_request_env test
...
This still doesn't work on FreeBSD
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-05-03 12:52:07 +02:00
Axel Eppe
252cd6eae9
torture_auth: Add tests for client side certificate authentication
...
- enabled TrustedUserCAKeys option in torture.c
- adds a new set of (signed) keys for bob in a separate dir
The private key used to generate the certs is included, but not required.
Signed-off-by: Axel Eppe <aeppe@google.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2016-03-15 08:38:13 +01:00
Andreas Schneider
f128ffd88b
tests: Fix running ssh-agent
...
ssh-agent needs to be executed as the local user and not a fake user or
we will not be able to add identies.
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-02-03 09:01:29 +01:00
Andreas Schneider
cbd75c3e35
tests: Switch to user bob in setup
...
This makes sure we can apply options correctly.
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-02-03 09:01:24 +01:00
Fabiano Fidêncio
77052d3a1e
cleanup: use ssh_ prefix in the agent (non-static) functions
...
Having "ssh_" prefix in the functions' name will avoid possible clashes
when compiling libssh statically.
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-19 11:31:07 +01:00
Andreas Schneider
485d78d768
tests: Turn on kbdint tests in torture_auth
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
6e7eae968a
tests: Support other openssh versions ...
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
5bb9b570f4
tests: Rename torture_sftp_static to torture_sftp_ext
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
571f547556
tests: Migrate torture_sftp_read to a cwrap test
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
af3de262b6
tests: Migrate torture_sftp_dir to cwrap test
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
4bc6af6c17
tests: Migrate torture_request_env to cwrap test
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
27834cce2c
tests: Migrate torture_session to cwrap test
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
e4653b82bd
tests: Migrate torture_proxycommand to new cwrap test
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
b65dcb3a35
tests: Migrate torture_knownhosts to new cwrap test
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
be25b58380
tests: Migrate torture_forward to a cwrap test
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
3014e3c458
tests: Migrate torture_algorithms to a cwrap test
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
112d4cc7e6
tests: Migrate torture_auth as a cwrap test
...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00